adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,474 Commits 27 Branches 1,043 Tags
ffb681cb79b20d6eb44e2a8f4fcd9e8dd67b2b2f
Commit Graph

2548 Commits

Author SHA1 Message Date
Spencer McIntyre ecd3c0f820 Minor doc changes, add module notes and SQLi progress output 2020-05-21 16:31:45 -04:00
kalba-security 7c2c227ea0 Improve version checks, remove comments from previous testing 2020-05-20 18:06:42 -04:00
kalba-security 6d72fe4854 Update eyesofnetwork_autodiscovery_rce module and documentation 2020-05-19 11:48:48 -04:00
Spencer McIntyre e3e82ca17e Land #13401, Add SaltStack Salt root key disclosure and RCE 2020-05-12 14:18:50 -04:00
William Vu 235f822937 Add Netsweeper WebAdmin unixlogin.php pre-auth RCE 2020-05-12 08:34:20 -05:00
William Vu 06cae74d51 Note what CheckModule is used to provide a check 
Hat tip @ccondon-r7 for making me realize my standard comment needs to
be reapplied.
 2020-05-11 12:28:02 -05:00
William Vu 83dde571a2 Add VMware vRealize Operations Manager advisory 
Hat tip @brudis-r7!
 2020-05-11 12:05:38 -05:00
William Vu 6e8abd7a40 Add SaltStack Salt unauthenticated RCE module 2020-05-11 12:05:38 -05:00
Pedro Ribeiro d31ddadd74 Fix advisory link in Qradar sploit 2020-05-09 14:59:43 +07:00
William Vu 80b64830cc Land #13304, IBM DRM SSH exploit 2020-05-05 12:08:02 -05:00
William Vu e0a67f4fd1 Land #13300, IBM DRM RCE 2020-05-05 12:07:15 -05:00
Pedro Ribeiro 1cb91dcb42 Address review comments 
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_a3user.md

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

use fail_with
 2020-05-05 10:58:05 -05:00
Pedro Ribeiro a17d78a327 Address review comments 
Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_rce.md

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

make final changes!

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

final final final
 2020-05-05 10:53:08 -05:00
Pedro Ribeiro 5651f4ae75 break into small chunks 2020-05-05 10:01:40 +07:00
bwatters-r7 686c2f09a1 Land #13290, Cve-2014-2630 HP xglance-bin linux priv esc 
Merge branch 'land-13290' into upstream-master
 2020-05-01 10:18:21 -05:00
Pedro Ribeiro dcf9dc1189 add full disclosure URL 2020-05-01 21:02:32 +07:00
Pedro Ribeiro dbceec91af add full disclosure URL 2020-05-01 21:00:49 +07:00
Pedro Ribeiro 4b6ef4cb9e fix spaces at eol 2020-05-01 13:30:22 +07:00
Pedro Ribeiro 9d09b3a250 add cve 2020-05-01 10:18:26 +07:00
Pedro Ribeiro af88fae6f3 add CVE 2020-05-01 10:17:17 +07:00
bwatters-r7 417e3427b3 Change to cmd_exec for cleanup and warn about post-exploitation manual cleanup 2020-04-30 18:53:56 -05:00
Pedro Ribeiro c581cb390f remove CVE for merge, will add later 2020-04-30 11:16:09 +07:00
Pedro Ribeiro d28a886c51 remove CVE for merge, will add later 2020-04-30 11:15:11 +07:00
Pedro Ribeiro e79fa7ca94 Update ibm_drm_rce.rb 2020-04-28 14:12:38 +07:00
Pedro Ribeiro 714c750c04 apply rubocop changes 2020-04-24 10:23:13 +07:00
Pedro Ribeiro a29b05c453 add proper check + rubocup changes 2020-04-24 10:20:10 +07:00
William Vu 823c29a127 Update post-RuboCop style in my recent modules 
Mostly 80 columns (yeah, I know) and additional whitespace to complement
the lack of alignment.
 2020-04-22 10:52:00 -05:00
Pedro Ribeiro 0bef1757d2 Create ibm_drm_a3user.rb 2020-04-22 12:17:34 +07:00
Pedro Ribeiro 8f5d6e4fa4 Create ibm_drm_rce.rb 2020-04-21 15:49:48 +07:00
William Vu c5df5355ac Update my module documentation to the new standard 
Also update CheckModule to match current style and best practices.
 2020-04-20 20:06:52 -05:00
h00die 2e88fc2f82 more reviews 2020-04-20 21:01:15 -04:00
h00die 40095a8d05 glance variable 2020-04-19 22:54:38 -04:00
h00die e1f1ad45bc working exploit 2020-04-19 15:19:19 -04:00
h00die 58074dc6bb waiting on metasm question 2020-04-18 20:26:45 -04:00
Alan Foster f2c3fc5f00 Rubocop recently landed modules 2020-04-17 11:55:04 +01:00
gwillcox-r7 d759fbaed3 Land #13259, Miscellaneous fixes for @wvu's modules and documentation 2020-04-16 22:10:10 -05:00
William Vu 966194d2b7 Remove tested admin password from default PASSWORD 2020-04-16 21:45:44 -05:00
bwatters-r7 b5df7e8147 Land #13102, Add UnRAID 6.8.0 Authentication bypass to RCE 
Merge branch 'land-13102' into upstream-master
 2020-04-16 17:18:55 -05:00
bwatters-r7 f0f403b48e Automated Rubocop fixes 2020-04-16 17:17:02 -05:00
William Vu cd9e5260f7 Note post-auth requirements in Nexus exploit 2020-04-15 20:25:05 -05:00
William Vu 4401e3654f Merge remote-tracking branch 'upstream/master' into bug/misc 
So we can grab the Nexus files from master.
 2020-04-15 20:24:44 -05:00
William Vu 0684966dcb Make better comments for the comment god 2020-04-15 18:24:28 -05:00
William Vu b7501c1f0c Add my standard print for CmdStager 
And comment some methods used by it.
 2020-04-15 18:06:48 -05:00
William Vu 6db312636d Add Nexus Repository Manager Java EL Injection RCE 2020-04-15 15:49:33 -05:00
William Vu 66d5f51e51 Remove Nexus content from this branch 
So the remaining changes can be PR'd separately.
 2020-04-15 15:48:09 -05:00
William Vu e8840563be Comment comments 2020-04-15 15:47:51 -05:00
William Vu 65d338d00e Note tested version in module 2020-04-15 15:47:51 -05:00
William Vu 5a91a1e54f Remove res.code == 200 check again 
It really isn't necessary when we're looking for just the header.
 2020-04-15 15:47:51 -05:00
William Vu 7dd3be507f Add wget CmdStager 2020-04-15 15:47:51 -05:00
William Vu e248e2ed43 Consolidate CmdStager flavors to symbols 
As per the API. Strings are fine, but they're supposed to be symbols.
 2020-04-15 15:47:51 -05:00