adfoster-r7
1ba704b1cb
Land #18398 , Update deprecated report_auth_info in various modules
2024-01-16 19:30:56 +00:00
Christophe De La Fuente
fb26c93291
Land #18541 , Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables)
2023-12-20 20:04:21 +01:00
Jack Heysel
b86df4820c
Responded to comments from jvoisin
2023-12-19 13:50:09 -05:00
Jack Heysel
2ed3b771ed
Updated python exploit
2023-12-19 00:26:54 -05:00
Gaurav Jain
e9ff2e55dc
Remove useless include of Report mixin in psnuffle.rb
2023-12-17 22:53:19 +05:30
Gaurav Jain
a58f7f0558
Minor fixes to modules to use report_cred
2023-12-16 23:40:30 +05:30
Jack Heysel
d9aa7f914e
Added newline to PoC and removed empty file
2023-12-14 18:42:09 -05:00
Jack Heysel
df111afb06
Glibc Tunables Exploit
2023-12-14 18:28:43 -05:00
Jack Heysel
7b74b758ad
Removed unnecessary files in zip backup
2023-12-11 18:23:22 -05:00
Jack Heysel
c0be4c2f72
working end to end unix confluence 7.18
2023-11-22 19:49:38 -05:00
Jack Heysel
e6e2106140
Auth bypass, auth, shell upload, working
2023-11-21 22:14:27 -05:00
h00die
b3b1595ef4
vmware aria ssh keys exploit
2023-10-16 13:06:17 -04:00
Spencer McIntyre
5a6dc7f9a6
Initial commit of CVE-2023-43654
2023-10-12 09:27:26 -04:00
Christophe De La Fuente
1058291af9
Land #18314 , Windows Error Reporting RCE (CVE-2023-36874)
2023-09-27 15:25:06 +02:00
errorxyz
f5d5541e73
Update deprecated report_auth_info method call in various modules in data/exploits/psnuffle/
2023-09-25 02:51:08 +05:30
errorxyz
9f10f9402c
Update deprecated report_auth_info method call in data/exploits/psnuffle/smb.rb module
2023-09-25 02:06:48 +05:30
bwatters
be731f330e
Add error checking and randomize the report directory
2023-09-22 14:43:21 -05:00
bwatters
b4a1bb8fa2
Add docs and support for shell sessions; update exe to work without runtime lib.
2023-09-19 17:50:18 -05:00
Simon Janusz
8b56dc0117
Land #18250 , CVE-2023-28252: Windows CLFS Driver Privilege Escalation
2023-09-14 10:18:29 +01:00
bwatters
91e7af4370
Added check, some stealth, and cleaned code
2023-09-05 14:29:13 -05:00
bwatters
ccba494e61
Exploit working, still needs to be cleaned up
2023-08-29 18:01:44 -05:00
bwatters
c69e983b30
Add module to create directory structures and upload/run exploit
2023-08-25 15:41:25 -05:00
Jack Heysel
97dd22032c
Responded to comments, improved stability
2023-08-21 19:20:25 -04:00
Jack Heysel
bcfc892195
General code clean up
2023-08-04 14:27:14 -04:00
bwatters
59e3760509
First attempt at CVE-2023-34634
2023-08-03 10:58:07 -05:00
Jack Heysel
416124705f
Working in metasploit
2023-07-28 03:43:37 -04:00
bwatters
b15d595de2
Adjust files to be better shared
2023-07-14 12:47:04 -05:00
h00die-gr3y
8edbf73b6f
first release exploit module
2023-07-08 09:48:17 +00:00
Grant Willcox
7ca7c6aee1
Slight efficiency improvements
2023-05-24 17:36:39 -05:00
Grant Willcox
9e8d1ed2ea
Add in Java class file, raw source code, and tidy up the module a bit
2023-05-24 13:17:48 -05:00
Christophe De La Fuente
6d4ee0c071
Add exploit for CVE-2023-21768
2023-03-27 20:08:22 +02:00
h00die
34b1e66f90
tomcat 8 priv esc on ubuntu prebuilt so file
2023-02-04 18:17:41 -05:00
h00die
2b09af78e1
tomcat 8 priv esc on ubuntu
2023-02-04 18:17:41 -05:00
cgranleese-r7
80dbbca020
Land #17371 , Lenovo Diagnostics Driver Privilege Escalation (CVE-2022-3699)
2023-02-03 13:43:04 +00:00
Jack Heysel
1f224fd2d3
Rapid7 compiled binary
2023-02-02 11:11:06 -05:00
Jack Heysel
690d22f759
Rapid7 compiled binary
2023-02-01 10:08:13 -05:00
h00die
2c72cc145a
updates to module
2023-01-31 20:05:33 -05:00
h00die
fa687d3614
argv instead of hardcoded payload path
2023-01-31 16:02:25 -05:00
h00die
8d58eb6279
cve-2022-1043
2023-01-31 16:02:25 -05:00
Jack Heysel
e99407fe26
Updated pre_compiled binary
2023-01-31 13:37:45 -05:00
Jack Heysel
4da94325f3
Rubocop
2023-01-19 13:52:58 -05:00
Jack Heysel
63d9445911
Fix for Win Server 2022 and 2019
2023-01-19 00:52:38 -05:00
Jack Heysel
2c2bfec4a0
Tested on Windows Build 19044, 19045 and 22000
2023-01-18 01:41:30 -05:00
bwatters
0dbb0dc8c9
Fix margins for readability and delete file
2023-01-17 17:28:27 -05:00
h00die
be7ca91a8f
cve-2022-22942
2023-01-17 15:30:36 -05:00
Jack Heysel
145589f7a2
Add GetPteBaseW10
2023-01-12 01:15:23 -05:00
Christophe De La Fuente
d6a5590c06
Land #17265 , Add Exploit for CVE-2020-25736
2022-12-13 18:49:56 +01:00
Jack Heysel
2fa7e7b2d5
Lenovo Diagnostics Driver Privilege Escaltion (CVE-2022-3699)
2022-12-12 21:53:53 -05:00
space-r7
cf9e54909c
use 2021 helper name in objective-c code too
2022-12-12 15:55:36 -06:00
Spencer McIntyre
96da805014
Fix enumerating emails via ProxyShell
...
The ResolveNames endpoint used to gather emails addresses for targeting
only returns 100 at a time. This updates the module to check if the
search result contains all entries and when it does, it recurses into
itself with a refined search prefix. All results are returned to match
the original functionality instead of enumerating and halting once one
that's suitable for exploitation has been found.
2022-12-02 15:58:50 -05:00