dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
73,055 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

2950 Commits

Author SHA1 Message Date
Spencer McIntyre a75013e51a
Land #18616, Fix aarch64 elf shared SIGBUS error 
Fix aarch64 elf shared object bus error
 2024-02-14 13:30:29 -05:00
Christophe De La Fuente b8aa55c322
Land #18633, WordPress Backup Migration Plugin PHP Filter Chain RCE (CVE-2023-6553) 2024-01-17 18:42:52 +01:00
adfoster-r7 1ba704b1cb
Land #18398, Update deprecated report_auth_info in various modules 2024-01-16 19:30:56 +00:00
Christophe De La Fuente fb26c93291
Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Jack Heysel b86df4820c Responded to comments from jvoisin 2023-12-19 13:50:09 -05:00
Jack Heysel 2ed3b771ed Updated python exploit 2023-12-19 00:26:54 -05:00
Jack Heysel c895364675 Initial commit, files created 2023-12-18 19:26:14 -05:00
Christophe De La Fuente 45d2c7f4e0
Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
Gaurav Jain e9ff2e55dc Remove useless include of Report mixin in psnuffle.rb 2023-12-17 22:53:19 +05:30
Gaurav Jain a58f7f0558 Minor fixes to modules to use report_cred 2023-12-16 23:40:30 +05:30
Jack Heysel d9aa7f914e Added newline to PoC and removed empty file 2023-12-14 18:42:09 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
adfoster-r7 4e106c2a73 Fix aarch64 elf shared object bus error 2023-12-13 00:26:53 +00:00
Jack Heysel 7b74b758ad Removed unnecessary files in zip backup 2023-12-11 18:23:22 -05:00
Jack Heysel 3bad98afc6
Land #18488, add kerberos_tickets post module 
Adds a module to manage kerberos tickets from a compromised
host. This PR also includes rail gun enhancements.
 2023-12-07 19:12:48 -05:00
adfoster-r7 02c892c3fc Add hierarchical search table support 2023-11-30 16:32:29 +00:00
Balgogan 65ea1188e2
Add suggested changes 2023-11-23 18:22:36 +01:00
Jack Heysel c0be4c2f72 working end to end unix confluence 7.18 2023-11-22 19:49:38 -05:00
Jack Heysel e6e2106140 Auth bypass, auth, shell upload, working 2023-11-21 22:14:27 -05:00
Spencer McIntyre 54bce7fcb5 Add module docs 2023-10-27 12:47:19 -04:00
h00die b3b1595ef4 vmware aria ssh keys exploit 2023-10-16 13:06:17 -04:00
Spencer McIntyre 5a6dc7f9a6 Initial commit of CVE-2023-43654 2023-10-12 09:27:26 -04:00
Christophe De La Fuente 1058291af9
Land #18314, Windows Error Reporting RCE (CVE-2023-36874) 2023-09-27 15:25:06 +02:00
errorxyz f5d5541e73 Update deprecated report_auth_info method call in various modules in data/exploits/psnuffle/ 2023-09-25 02:51:08 +05:30
errorxyz 9f10f9402c Update deprecated report_auth_info method call in data/exploits/psnuffle/smb.rb module 2023-09-25 02:06:48 +05:30
bwatters be731f330e
Add error checking and randomize the report directory 2023-09-22 14:43:21 -05:00
bwatters b4a1bb8fa2
Add docs and support for shell sessions; update exe to work without runtime lib. 2023-09-19 17:50:18 -05:00
Simon Janusz 8b56dc0117
Land #18250, CVE-2023-28252: Windows CLFS Driver Privilege Escalation 2023-09-14 10:18:29 +01:00
h00die 94657d317b another round of review comments 2023-09-11 14:29:20 -04:00
bwatters 91e7af4370 Added check, some stealth, and cleaned code 2023-09-05 14:29:13 -05:00
bwatters ccba494e61
Exploit working, still needs to be cleaned up 2023-08-29 18:01:44 -05:00
bwatters c69e983b30
Add module to create directory structures and upload/run exploit 2023-08-25 15:41:25 -05:00
Jack Heysel 97dd22032c Responded to comments, improved stability 2023-08-21 19:20:25 -04:00
cgranleese-r7 89f8deb672
Land #18253, Add CVE-2023-34634, Greenshot Fileformat exploit 2023-08-17 15:30:02 +01:00
Jack Heysel bcfc892195 General code clean up 2023-08-04 14:27:14 -04:00
bwatters 59e3760509
First attempt at CVE-2023-34634 2023-08-03 10:58:07 -05:00
adfoster-r7 9a40e2612b
Land #17129, Add OSX Aarch64 Payload support 2023-08-02 18:37:56 +01:00
adfoster-r7 89cd524acb
Update osx templates makefile and compile binaries 2023-08-02 01:26:18 +01:00
Jack Heysel 416124705f Working in metasploit 2023-07-28 03:43:37 -04:00
h00die-gr3y a3daab88e6
Added documentation and updated exploitable plugins list 2023-07-25 14:06:42 +01:00
bwatters 297c484a1c
Land #18173, Add Openfire Authentication Bypass RCE [CVE-2023-32315] 
Merge branch 'land-18173' into upstream-master
 2023-07-18 18:13:20 -05:00
bwatters b15d595de2
Adjust files to be better shared 2023-07-14 12:47:04 -05:00
h00die-gr3y 8edbf73b6f first release exploit module 2023-07-08 09:48:17 +00:00
h00die 375a315b3d woocommerce payments auth bypass 2023-07-04 13:05:07 -04:00
Ashley Donaldson 6772740f86
Fix bug in HostingCLR relating to the first argument passed to a dotnet assembly. 2023-06-28 09:24:33 +10:00
Spencer McIntyre 67f7a33d77 Land #18114, .NET assembly execution enhancements 
Allow .NET assembly execution within the meterpreter process
 2023-06-27 09:32:43 -04:00
Spencer McIntyre 767b22f7ef Recompile the DLL 2023-06-27 09:31:24 -04:00
Ashley Donaldson 65a4dd3c39
Change ETW bypass method, so that CLR memory can be freed. 
Fixed a crash and broken logic in hosting clr code.
 2023-06-26 09:54:00 +10:00
Ashley Donaldson 977f8732c6
Fix cleanup code. 
The _AppDomainPtr, _AssemblyPtr and _MethodInfoPtr variables are COM smart pointers which will auto-Release() when they go out of scope, so we should not directly Release() them.
 2023-06-23 14:01:45 +10:00
Ashley Donaldson a7ce4c7fa8
Free memory from the C++ side, rather than the Ruby side. 2023-06-23 09:57:53 +10:00