adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,482 Commits 27 Branches 1,043 Tags
ffe4dbcc19def7a2e5e6140b83b514b1f30ded98
Commit Graph

24358 Commits

Author SHA1 Message Date
Wei Chen 28e3f3a5f0 Land #10327, Add CMS Made Simple Upload/Rename Authenticated RCE 2018-07-19 12:18:12 -05:00
Wei Chen c5ac4c791f Make changes based on community feedback 2018-07-19 12:17:02 -05:00
Brent Cook 08290b81c0 Land #10282, Add support for running external modules outside of msfconsole 2018-07-18 17:38:40 -05:00
Brent Cook b90583d07c don't throw an exception in haraka checks if we cannot connect 2018-07-18 17:17:45 -05:00
Adam Cammack 0024cca3bf Land #10328, Log errors in Python ETERNALBLUE 2018-07-18 14:50:40 -05:00
Tim W 70a1df70a1 Land #9753, Linux BPF sign extension local privesc 2018-07-18 18:44:14 +08:00
Jacob Robles 08e33cad0c Spelling fix 2018-07-17 20:12:37 -05:00
William Vu e5efa4faac Make failures consistent 2018-07-17 17:35:52 -05:00
William Vu 96f9e60e84 Swap return for sys.exit(1) 2018-07-17 17:25:38 -05:00
William Vu 09d347ca33 Add missed sys.exit(1) 2018-07-17 16:31:57 -05:00
William Vu e1be94e568 Pass RPORT to sess_port in Impacket 2018-07-17 13:49:38 -05:00
William Vu 0bdaa0e23a Catch connection errors and module.log them 2018-07-17 13:49:34 -05:00
William Vu 5650412cc2 Land #10317, nil fix for enum_dns 2018-07-17 13:03:06 -05:00
Jacob Robles 677b22698d Land #10273, [clean up] iis_webdav_scstoragepathfromurl 2018-07-17 09:33:32 -05:00
Jacob Robles 1e004769ca CMS Made Simple Upload/Rename Authenticated RCE 2018-07-17 09:00:39 -05:00
Brendan Coles 6bf184dbcf Update tested versions 2018-07-17 06:24:16 +00:00
William Vu 9a7c34e6e9 Land #10064, Claymore Dual Miner API RCE 2018-07-16 18:02:20 -05:00
Brendan Coles 7524af35ec Check if IPRANGE was supplied - Fix #10316 2018-07-15 15:38:56 +00:00
Jacob Robles 134417b598 Account for nil 2018-07-14 10:44:09 -05:00
Jacob Robles 6e450973b9 Land #10295, Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-14 10:09:46 -05:00
Jacob Robles 18e65abc54 Fix link 2018-07-14 10:03:01 -05:00
Brendan Coles 9bdec97b2e Fix bpf_sign_extension_priv_esc 2018-07-13 23:01:17 +00:00
Brent Cook 72e5b94eb8 Land #10293, fixup php/base64 and add docs for cmd/unix/reverse_bash 2018-07-13 17:15:22 -05:00
Brendan Coles 4e72dff791 Update module references 2018-07-14 05:03:13 +10:00
Wei Chen b40a146723 Land #10297, Add priv escalation mod for CVE-2018-8897 2018-07-13 10:54:25 -05:00
bwatters-r7 f33d12676f Added License, make msftidy happy, and include original cve project 
readme document.
 2018-07-13 10:19:41 -05:00
bwatters-r7 4fa2a4775d Update the target check and added cleanup 2018-07-13 09:27:41 -05:00
Wei Chen 9ba0a72ea1 Rename file 2018-07-13 01:11:37 -05:00
Wei Chen e1e8444188 Clean up ruby code for CVE-2018-8897 2018-07-13 01:06:21 -05:00
Brendan Coles a020d48caf Move module documentation to documentation directory 2018-07-13 04:46:25 +00:00
Wei Chen f02c05e530 This one is the same as cve_2018_8897_exe.rb 2018-07-12 22:09:44 -05:00
William Vu c9001699cd Land #10027, Hadoop unauthed command execution 2018-07-12 21:58:49 -05:00
William Vu 50252c75d6 Clean up module 
With a little rubocop -a.
 2018-07-12 21:58:00 -05:00
William Vu 2f37482535 Land #10278, gitlist_arg_injection fixes 2018-07-12 19:03:52 -05:00
Wei Chen e613b2570a Land #10299, Add 88 CVEs to various auxiliary and exploit modules 2018-07-12 18:26:07 -05:00
William Vu 88bbc50104 Utilize uniq to make char array more readable 
Hat tip @bcoles.
 2018-07-12 17:59:12 -05:00
bwatters-r7 cfcb77afd0 Rename to please msftidy 2018-07-12 17:41:06 -05:00
William Vu 3546286049 Add missed ARCH_CMD to top-level Arch array 
It's not necessary because of targets, but it's required for printing.
 2018-07-12 17:37:06 -05:00
asoto-r7 1a3a4ef5e4 Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
bwatters-r7 156b822401 First stab at cve-2018-8897 2018-07-12 17:31:53 -05:00
Brendan Coles 4b62f41369 Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-12 20:00:17 +00:00
William Vu 3dda19f3c6 Update documentation in cmd/unix/reverse_bash 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=146464
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/215034
 2018-07-12 13:29:33 -05:00
William Vu 1f0535618d Document bareword string deprecation in php/base64 2018-07-12 13:29:33 -05:00
William Vu 378930e5f4 Prefer %w array over quoted array in php/base64 
irb(main):001:0> ["(",")",".","_","c","h","r","e","v","a","l","b","s","6","4","d","o"] == %w{( ) . _ c h r e v a l b s 6 4 d o}
=> true
irb(main):002:0>
 2018-07-12 13:29:33 -05:00
Brendan Coles 904de2dd09 Land #10238, Add ManageEngine Exchange Reporter Plus RCE exploit 2018-07-12 16:07:32 +00:00
Kacper Szurek 486225c2a8 Code review changes 
Use target_uri, split url inside normalize function, replace print with vprint, return CheckCode::Appears
 2018-07-12 14:27:28 +02:00
William Vu acb20e5a29 Land #9780, CouchDB auth bypass and RCE 2018-07-12 03:36:17 -05:00
William Vu a08420e0d0 Land #10286, Docker server version scanner 2018-07-12 03:08:41 -05:00
William Vu cce3b6f369 Clean up module 2018-07-12 02:57:14 -05:00
William Vu f53080ee60 Fix exploit and do final cleanup 2018-07-12 02:13:30 -05:00