dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
63,653 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

63653 Commits

Author SHA1 Message Date
Spencer McIntyre 146859dc12 Use bash instead of netcat as a default payload 
Bash is more likely to be installed than netcat and therefore should be
more reliable.
 2022-03-02 10:41:57 -05:00
bwatters 06e897436c
Add Fedora results to docs and some minor final cleanup 2022-03-02 09:12:01 -06:00
Tim W 9d1c919094
Land #16257, add warning for older apktool versions 2022-03-02 10:28:31 +00:00
Brendan Coles ef135a8440 Msf::Payload::Apk: Print warning if apktool version < 2.5.1 2022-03-02 06:31:43 +00:00
Ashley Donaldson 4c4b0b4f8c
Fix race condition in jobs cleanup that could allow it to clean up twice simultaneously 2022-03-02 14:43:06 +11:00
Heyder Andrade 7aa9547e05
WIP - improvements on the request body 2022-03-02 01:43:04 +01:00
adfoster-r7 9c1b0d197b
Land #16255, Update metasploit-payloads gem to 2.0.77 - Fix issue with kiwi_cmd arguments 2022-03-01 22:31:08 +00:00
Spencer McIntyre fa89295fe3 Update metasploit-payloads gem to 2.0.77 2022-03-01 16:17:45 -05:00
bwatters 58aed837b2
Update docs and options 2022-03-01 14:48:48 -06:00
Heyder Andrade bb2a2e458b
shodan_search default user-agent overwirte - fix #16189 and #16223 
As the Shodan is checking the UserAgent to decide which content-type it
will deliver, the default user-agent is causing it to reply a html page.
This commit overwrite the default user-agent the the module shodan_search
to 'Wget' that works in on the shodan API.
 2022-03-01 21:31:35 +01:00
bwatters 0516badd8e
Change the way we cd after new session is created 2022-03-01 14:20:07 -06:00
space-r7 0c3f0e38f7
Land #16228, validate payload size if not encoded 2022-03-01 14:04:01 -06:00
adfoster-r7 9694b9ff1d
Add explicit Github action permissions 2022-03-01 19:48:33 +00:00
Heyder Andrade abd03d592e
WIP - adding bypass the IP restriction (CVE-2022-24112) 2022-03-01 19:00:59 +01:00
Heyder Andrade ea2b29661f
Fix typo 2022-03-01 17:13:20 +01:00
Metasploit 88888ed2af
automatic module_metadata_base.json update 2022-03-01 10:12:33 -06:00
adfoster-r7 7be128b9d2
Land #16251, Fix Python Meterpreter race condition when executing subcommands 2022-03-01 15:53:41 +00:00
Jake Baines e19a92e7a6
Fix disclosure date 2022-03-01 07:12:22 -08:00
Spencer McIntyre 5e5c207864 Update metasploit-payloads gem to 2.0.76 2022-03-01 10:01:07 -05:00
Jake Baines fbdb6614bc
Initial version of CVE-2021-4191 GitLab user enumeration 2022-03-01 06:57:39 -08:00
sjanusz 869f073a1b
Add setg option to log TLV packets to console or file 2022-03-01 12:50:35 +00:00
Heyder Andrade a6d33ea98e
Add module documentation 2022-03-01 12:54:17 +01:00
Metasploit 239308824a
automatic module_metadata_base.json update 2022-02-28 14:58:50 -06:00
bwatters 0081811c52
Land #16185, Firefox CVE-2020-26950 use after free browser exploit 
Merge branch 'land-16185' into upstream-master
 2022-02-28 14:38:23 -06:00
Metasploit 8e32809fcc
automatic module_metadata_base.json update 2022-02-28 12:48:53 -06:00
space-r7 0d10409d67
Land #16131, add modern events calendar sqli 2022-02-28 12:27:45 -06:00
sjanusz 04ecb347a4
rjust command output 2022-02-28 18:26:31 +00:00
Heyder Andrade ad7bd6d623
Added Apache APISIX default API Token RCE module 
Added module that laverage the default admin API token for Apache APISIX
to add malicious route which leads to the remote LUA code execution
through the script parameter added in the 2.x version.
 2022-02-28 18:09:18 +01:00
Simon Janusz 6c19b93840
Land #16225, Add option to ignore loading metasploit during tests 
Add option to ignore loading metasploit during tests
 2022-02-28 14:22:12 +00:00
Simon Janusz bd1df9109c
Land #16224, Ignore reload lib spec helper file 
Ignore reload lib spec helper file
 2022-02-28 12:23:04 +00:00
Jake Baines 65e16a1a72
Initial implementation of pfSense auth file creation bug (CVE-2021-41282) 2022-02-27 18:12:54 -08:00
Tim W da8dcbb563
Land #16235, fix apk injection for apktool with malformed version string 2022-02-27 07:33:22 +00:00
Brendan Coles 4fe7375341 Msf::Payload::Apk: Fix apktool version check 2022-02-27 05:33:00 +00:00
Tim W 579811418f update documentation with note about Firefox 82.0.1 2022-02-26 12:35:38 +00:00
space-r7 40bb5e2afa
correct return val for definition, add module 2022-02-25 18:13:49 -06:00
Metasploit f3228b4af7
automatic module_metadata_base.json update 2022-02-25 16:56:54 -06:00
bwatters ecaf8b1ba9
Land #16204, Hikvision Unauthenticated RCE (CVE-2021-36260) 
Merge branch 'land-16204' into upstream-master
 2022-02-25 16:37:08 -06:00
Spencer McIntyre 147837e9b6 Validate payload size even when not encoding 2022-02-25 17:21:59 -05:00
Metasploit 0ac48ea147
automatic module_metadata_base.json update 2022-02-25 16:15:27 -06:00
h00die 9799d87ec9 update exploitable plugins 2022-02-25 17:00:34 -05:00
bwatters b69db83398
Land #16202, Add exploit for CVE-2022-21882 (Win32k LPE) 
Merge branch 'land-16202' into upstream-master
 2022-02-25 15:55:48 -06:00
h00die 2195edbb8d masterstudy privesc 2022-02-25 16:36:47 -05:00
Metasploit 65626bedd4
automatic module_metadata_base.json update 2022-02-25 11:55:20 -06:00
Grant Willcox 217afa0f3b
Land #16190, Axis Camera App RCE (No CVE) 2022-02-25 11:35:03 -06:00
Grant Willcox 1e0db45f1d
Add small note about ARMLE stager for future travelers 2022-02-25 11:34:31 -06:00
Spencer McIntyre 9f6e3ba543 Set the cached size for adapated payloads 2022-02-25 11:55:48 -05:00
Jake Baines 2bec5c425f
Change CheckCode to Appears 2022-02-25 08:32:06 -08:00
adfoster-r7 09129f086d
Add option to ignore loading metasploit during tests 2022-02-25 12:59:10 +00:00
adfoster-r7 5ee44bcdb7
Ignore reload lib spec helper file 2022-02-25 12:38:03 +00:00
Jake Baines 1facfe4a2f
Alter upload filename. 2022-02-25 02:53:52 -08:00