dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
69,605 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

69605 Commits

Author SHA1 Message Date
Spencer McIntyre 0cbac03f91 Update ruby_smb gem to 3.2.5 2023-03-09 11:58:49 -05:00
Spencer McIntyre 6dbf22a5e7 Automatically rebind on STATUS_PIPE_DISCONNECTED 2023-02-21 15:51:10 -05:00
Spencer McIntyre fa3baa40e6 Add three new petitpotam methods 2023-02-21 14:38:52 -05:00
Metasploit 71cecfb1d4
Bump version of framework to 6.3.4 2023-02-16 12:12:20 -06:00
Grant Willcox e7da4c4612
Land #17594, Add larger DLL templates 2023-02-15 19:35:37 -06:00
Metasploit 5a2ab6edd4
automatic module_metadata_base.json update 2023-02-15 15:32:23 -06:00
Grant Willcox a8d2073eee
Land #17646, Link Hadoop YARN exploit to documentation 2023-02-15 15:09:05 -06:00
Arnout Engelen 5d8b1dc4a6
Link Hadoop YARN exploit to documentation 
This exploit scans for misconfigured installations, link to the documentation
that describes how to properly secure it.
 2023-02-15 21:17:26 +01:00
Grant Willcox b89602bb7b
Land #17645, Fix bootup git warnings on arch 2023-02-15 11:49:57 -06:00
Spencer McIntyre 301d25ddfa Raise more explicit errors for invalid arguments 2023-02-15 09:07:01 -05:00
adfoster-r7 a98368cfc5
Fix bootup git warnings on arch 2023-02-15 11:18:02 +00:00
Spencer McIntyre 5725dd2ded Fix an off by one size error 2023-02-14 18:01:14 -05:00
Metasploit 165b0f8d61
automatic module_metadata_base.json update 2023-02-14 16:23:51 -06:00
Spencer McIntyre ac9d60ce9e
Land #17281, Added module for CVE-2022-2992 
Added module for CVE-2022-2992 - Gitlab Remote Command Execution via Github import
 2023-02-14 16:57:29 -05:00
Spencer McIntyre 5d254cc36b Land heyder#2, Refactor namespaces 2023-02-14 16:44:29 -05:00
space-r7 78ae5f49ce
add gitlab prefix back to methods 2023-02-14 15:26:01 -06:00
space-r7 304b90ecc8
split mixins between forms and v4 api used 2023-02-14 12:37:43 -06:00
Metasploit 0e86cfa6c7
automatic module_metadata_base.json update 2023-02-13 18:13:40 -06:00
Grant Willcox d012145726
Land #17599, Cisco RV LAN Exploit - CVE-2022-20705 and CVE-2022-20707 2023-02-13 17:50:06 -06:00
Stephen Wildow 96fecb6048
Modified BadChars and FailWith codes 2023-02-13 17:49:09 -05:00
Grant Willcox 45e453d687
Fix up remaining review comments 2023-02-13 15:07:25 -06:00
space-r7 9605b4bb91
Merge branch 'heyder-pr-1' into heyder-cve-2022-2992 2023-02-13 14:59:45 -06:00
Spencer McIntyre c3fa924cfa Remove the NGROK_URL option 2023-02-13 14:31:44 -05:00
Spencer McIntyre 210b7a3254 Use #get_json_document instead of JSON.parse 
Also fix typos
 2023-02-13 14:00:13 -05:00
Stephen Wildow 79b1801a4f
Rewrote check method to only abuse authentication bypass. Added additional status checks. 2023-02-11 17:43:33 -05:00
Stephen Wildow 036ed7f467
Removed /etc/password. Modified check code and fail_with. Added proper checking for non-vulnerable versions of firmware. 2023-02-09 21:55:40 -05:00
Metasploit 86fc617259
automatic module_metadata_base.json update 2023-02-09 17:53:04 -06:00
Grant Willcox 0cf7dd850f
Land #17626, Fix Frycos author name in fortra_goanywhere_rce_cve_2023_0669.rb 2023-02-09 17:38:34 -06:00
Frycos e963582e18
Update fortra_goanywhere_rce_cve_2023_0669.rb 
Name typo
 2023-02-09 23:06:59 +01:00
Grant Willcox f2a86327d0
Minor fixes from review 2023-02-09 15:34:25 -06:00
Metasploit 6343fc8f7c
automatic module_metadata_base.json update 2023-02-09 14:27:19 -06:00
Spencer McIntyre fd6cd82f30 Upgrade DLL template size automatically 2023-02-09 15:09:50 -05:00
Spencer McIntyre 025ba6775d Add a README file with some basic information 2023-02-09 15:09:50 -05:00
Spencer McIntyre 126e3a9c9a Add larger 256KiB DLL templates 2023-02-09 15:09:50 -05:00
Spencer McIntyre 2608852d8c Consolidate gdiplus build code 
This references the main dll/template.c code as the mixed-mode variant
already does. This will make future changes easier as we won't need to
copy them from the main to this one.

See https://github.com/rapid7/metasploit-framework/pull/8509 for the
origin of these files.
 2023-02-09 15:09:50 -05:00
Grant Willcox aa9b3df6b3
Land #17625, Add credit for CVE-2023-0669; fix path in docs 2023-02-09 14:02:52 -06:00
Metasploit e420dc123d
Bump version of framework to 6.3.3 2023-02-09 12:10:37 -06:00
Spencer McIntyre c7279e9a0a Add credit for CVE-2023-0669; fix path in docs 2023-02-09 13:02:40 -05:00
Metasploit 73567cfbf6
automatic module_metadata_base.json update 2023-02-09 11:57:08 -06:00
Grant Willcox 43b4ee268c
Land #17592, Fix bypassuac_injection_winsxs for x64 2023-02-09 11:41:51 -06:00
Spencer McIntyre e6f4e96544 Close hFindFile 2023-02-09 11:43:20 -05:00
adfoster-r7 139ad4a4be
Land #17623, Move fortra_goanywhere_rce_cve_2023_0669 module documentation to documentation directory 2023-02-09 13:21:10 +00:00
bcoles de8a6e1445
Move fortra_goanywhere_rce_cve_2023_0669 module documentation to documentation directory 2023-02-09 23:12:45 +11:00
Metasploit 2f20c9836f
automatic module_metadata_base.json update 2023-02-09 04:25:48 -06:00
cgranleese-r7 508f5c7e52
Land #17619, Run rubocop on exploit modules 2023-02-09 10:11:53 +00:00
Stephen Wildow 4b05ba6189
Update description and vulnerability listings. Cleaned up references. More randomization. Removed first unnecessary request in exploit portion of code. Added rescue section around json grabbing. 2023-02-08 21:26:18 -05:00
Stephen Wildow 427c181e9a
Utilized msftidy_docs.rb to clean up missing sections, excessively long lines, spaces at EOL, and space end of file. Removed credit section. Expanded on installation procedure. Modified steps procedure to include Verify options and removed failure status. Removed Targets section. Scenarios have device, target, and architecture. 2023-02-08 19:18:14 -05:00
Metasploit a9bd7e9f46
automatic module_metadata_base.json update 2023-02-08 13:31:52 -06:00
bwatters 01a78f972c
Land #17567, ManageEngine Endpoint Central RCE (CVE-2022-47966) 
Merge branch 'land-17567' into upstream-master
 2023-02-08 13:06:53 -06:00
Metasploit 79a5481d9c
automatic module_metadata_base.json update 2023-02-08 12:10:30 -06:00