adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,569 Commits 27 Branches 1,043 Tags
ffc49ccf83ae06ce8a720cb8a3e4fa62ebfc3a6b
Commit Graph

28762 Commits

Author SHA1 Message Date
SecurityBytesMe ffc49ccf83 General cleanup 2020-06-14 15:10:41 -07:00
SecurityBytesMe 34e3e3c9e8 Removal of Exploit:: on CheckCode 2020-06-14 15:06:42 -07:00
SecurityBytesMe ff402ea9ac applied linting and cleaning return checks 
rubocop and msftidy applied
modified check return codes
 2020-06-14 14:55:43 -07:00
ChristopherAnders 63713de14c fix self.class msftidy warning and minor syntax 2020-05-31 18:39:50 -07:00
ChristopherAnders 5ef76ff232 Merge branch 'master' into upstream-master 2020-05-31 16:52:03 -07:00
William Vu f60e569c1b Add Cisco CML and VIRL-PE advisory to Salt modules 
Hat tip @brudis-r7!
 2020-05-29 15:24:00 -05:00
Alan Foster f1c492fa2d Land #13470, Pi-Hole < 4.3.3 dhcp static address RCE 2020-05-28 16:57:22 +01:00
h00die 695f212d26 pihole default payload fix 2020-05-28 09:55:04 -04:00
h00die 513b430f19 no leading 0s on IPs 2020-05-28 08:56:08 -04:00
h00die 2e32c7981d encode token in final stage 2020-05-28 08:22:41 -04:00
h00die 504cd0b4db encode token in final stage 2020-05-28 08:22:04 -04:00
Alan Foster b5f41636b1 Land #13488, Fix memory leak in ms01_026_dbldecode 2020-05-28 10:23:10 +01:00
William Vu 924a8b8297 Fix incorrect title in auxiliary/dos/dns/bind_tsig 
Copypasta. I missed this in f9a2c3406f86469190222ac52dc57556f472e6c9...
for nearly three damn years.
 2020-05-27 21:47:37 -05:00
Spencer McIntyre d51e9dab2f Update the author and add a reference to CVE-2020-8617 2020-05-27 09:24:47 -04:00
Spencer McIntyre 9df00cd536 Land #13511, Update TinyIdentD 2.2 Stack Buffer Overflow module 2020-05-26 15:56:59 -04:00
Adam Cammack a1f2820673 Land #13477, Fix syntax in wmiexec.py for Python 3 2020-05-26 13:07:01 -05:00
Spencer McIntyre 1c19225fd4 Land #13518, Adding DoS exploit for BIND [CVE-2020-8617] 2020-05-26 12:26:32 -04:00
Spencer McIntyre 6218817034 Make some minor markdown and grammar changes 2020-05-26 12:10:49 -04:00
shutingrz 517a6c9cb3 Remove space 2020-05-26 12:36:05 +09:00
shutingrz 7ce125f182 Adding DoS exploit for CVE-2020-8617 2020-05-26 11:36:18 +09:00
Brendan Coles ad05cf7870 Update TinyIdentD 2.2 Stack Buffer Overflow module 2020-05-23 04:43:44 +00:00
William Vu d6aea635c7 Update authors in Netsweeper/myLittleAdmin modules 
Edits for accuracy and precision.
 2020-05-22 17:05:12 -05:00
bwatters-r7 cb06a4e731 Land #13455, Pi-Hole < 3.3 whitelist RCE 
Merge branch 'land-13455' into upstream-master
 2020-05-22 15:35:16 -05:00
William Vu 06f9099d7f Add BASE_DN and ROOT_KEY to vmdir and Salt modules 2020-05-22 11:16:58 -05:00
Spencer McIntyre b49dd37614 Land #13494, Add Plesk/myLittleAdmin ViewState .NET deserialization pre-auth RCE 2020-05-22 11:53:41 -04:00
bwatters-r7 2d56931663 Land #13287, CVE-2017-15889 Synology DSM < 5.2-5967-5 authenticated root exploit 
Merge branch 'land-13487' into upstream-master
 2020-05-22 10:07:50 -05:00
William Vu afe7ef5d9a Bump WfsDelay for first exploit attempt 2020-05-22 09:32:22 -05:00
William Vu e471efa399 Whitelist :certutil and :vbs CmdStagers 
These worked for @smcintyre-r7 on Windows Server 2019.
 2020-05-22 09:24:16 -05:00
William Vu 16886fa41e Move generate_viewstate_payload to mixin 2020-05-21 18:37:13 -05:00
William Vu d1a07e9403 Use ViewState mixin in module 2020-05-21 18:37:13 -05:00
William Vu 11030dff84 Add CVE references (they weren't there before) 2020-05-21 18:12:57 -05:00
William Vu 889a4cd6e0 Add Plesk/myLittleAdmin ViewState deserialization 2020-05-21 18:12:57 -05:00
h00die c1996d58ed add forcexploit 2020-05-21 17:39:54 -04:00
bwatters-r7 25fed982f3 Land #13498, CVE-2017-9554 Synology Username Enumerator 
Merge branch 'land-13498' into upstream-master
 2020-05-21 16:38:52 -05:00
Spencer McIntyre ffb681cb79 Land #13485, Update eyesofnetwork_autodiscovery_rce with SQLi auth bypass 2020-05-21 17:24:23 -04:00
Spencer McIntyre ecd3c0f820 Minor doc changes, add module notes and SQLi progress output 2020-05-21 16:31:45 -04:00
h00die e095bb496f 36 > 31 2020-05-21 10:08:04 -04:00
h00die 354b94f7d8 rubocop and tidy 2020-05-21 08:30:06 -04:00
h00die faed681fca msg 3 2020-05-21 08:25:01 -04:00
h00die c9f344ee5d synology un enum 2020-05-21 08:10:00 -04:00
William Vu 8473662e32 Land #13463, Oracle WebLogic CVE-2020-2555 exploit 2020-05-20 23:21:07 -05:00
William Vu 12d4ad68e3 Fix things in ThinkPHP and ManageEngine exploits 
Current pattern is print_good instead of vprint_good for this particular
message directly or indirectly called by execute_command.

CmdStagerFlavor is checked at the top level, but it is also checked per
target. Moving this to where it's more appropriate.
 2020-05-20 22:47:03 -05:00
kalba-security 7c2c227ea0 Improve version checks, remove comments from previous testing 2020-05-20 18:06:42 -04:00
William Vu 655088bb0d Fix punctuation typo in exchange_ecp_viewstate 2020-05-20 09:47:11 -05:00
h00die 4721e605d0 5.2 root exploit 2020-05-19 20:19:51 -04:00
Alan Foster bfe47302cf Fix memory leak in ms01_026_dbldecode 2020-05-20 00:48:26 +01:00
h00die e5da35d579 commit for help 2020-05-19 18:40:29 -04:00
h00die cbd0943024 commit for help 2020-05-19 18:39:49 -04:00
Shelby Pace abff1cd731 change true to false 2020-05-19 14:59:47 -05:00
Shelby Pace 378fe767b5 randomize class name 2020-05-19 14:35:36 -05:00