d523124faf
Land #10965 , Add the macOS LPE from pwn2own2018 (CVE-2018-4237)
2018-11-27 14:00:35 -06:00
44b1b6fe31
fix forking
2018-11-20 15:58:55 +08:00
90b9204703
Update DisclosureDate to ISO 8601 in my modules
...
Basic msftidy fixer:
diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
# Check disclosure date format
if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
d = $1 #Captured date
+ File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+ fixed('Probably updated traditional DisclosureDate to ISO 8601')
# Flag if overall format is wrong
if d =~ /^... (?:\d{1,2},? )?\d{4}$/
# Flag if month format is wrong
2018-11-16 12:18:28 -06:00
420be60900
add CVE-2018-4237
2018-11-15 08:48:10 +08:00
c3080d69f2
Use writable? method for local modules
2018-11-04 05:28:32 +00:00
eb17d9b198
Refactor AKA references for modules
2018-08-31 16:56:05 -05:00
1a3a4ef5e4
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
641ffca98c
use base_dir
2018-06-08 14:53:21 +08:00
9c14bddd93
Cleanup OSX local exploit modules
2018-05-31 12:26:33 +00:00
45481f26b6
Add Msf::Post::OSX::Priv mixin
2018-05-22 22:25:39 +00:00
aa033bf5c1
Fix cleanup
2018-05-20 16:19:25 +00:00
b13f4e25e1
thanks for making this well-known
2017-12-04 18:32:31 -06:00
a27bb38d51
add authors
2017-12-04 18:25:18 -06:00
58897bf2fc
msftidy
2017-11-29 16:36:50 +08:00
7f1f7281f1
add local exploit for osx root login with no password
2017-11-29 16:06:02 +08:00
00c593e0a2
55 pages of spelling done
2017-09-07 21:18:50 -04:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
4720d1a31e
OCD fixes - Spaces
2017-07-14 08:46:59 +01:00
d20036e0fb
revise spelling, add heartbleed and tidy checks
2017-06-28 18:50:20 -04:00
461ab4501d
add 'Also known as', AKA 'AKA', to module references
2017-06-28 15:53:00 -04:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
2272e15ca2
Remove some anti-patterns, in the same spirit than #7372
2016-09-29 00:15:01 +02:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
16d0d53150
Update Shellshock modules, add Advantech coverage
2015-12-01 10:40:46 -06:00
5fcc70bea4
Fixed issue w/ msf payloads + added timeout rescue
...
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
2015-10-25 23:38:48 -07:00
348a0f9e3d
Cleaned up "cleanup" method and crontab check
...
The script now searches for the full line "ALL ALL=(ALL) NOPASSWD: ALL" written in the crontab file to ensure that it is successful rather than just "NOPASSWD". Additionally, the required argument used in the cleanup method was removed and simply turned into an instance method so it could be accessed without needing to call it with any arguments.
2015-10-21 22:53:32 -07:00
712f9f2c83
Deleted extra reference to exploit DB
2015-10-18 19:10:47 -07:00
b03c3be46d
Fixed some styling errors in the initializer. Switched the calls to sleep(1) to use the Rex API (Rex.sleep(1) instead).
2015-10-18 02:13:03 -07:00
3757f2e8de
Changed my author name to make sure it matches my GitHub username inside the module information.
2015-10-16 14:54:34 -07:00
95d5e5831e
Adding the updated version of the module to submit a pull request. Changes were made to ensure that the OS version check correctly determines which systems are vulnerable, giving only a warning message if not.
2015-10-16 14:39:07 -07:00
4275a65407
Update local exploit checks to follow the guidelines.
...
Please see wiki "How to write a check() method" to learn how
these checkcodes are determined.
2015-09-01 23:26:45 -05:00
9364982467
Land #5665 , Add osx rootpipe entitlements exploit for 10.10.3
2015-08-28 13:33:16 -05:00
e45347e745
Explain why vulnerable
2015-08-28 13:26:01 -05:00
423d52476d
Normal options should be all caps
2015-08-28 13:24:23 -05:00
26165ea93f
Add tpwn module
2015-08-17 17:11:11 -05:00
50c9293aab
Land #5758 , OS X DYLD_PRINT_TO_FILE privesc
2015-07-23 13:21:23 -05:00
c1a9628332
Fix some fixes
...
So you can fix while you fix.
2015-07-23 12:59:20 -05:00
6ededbd7a7
Un-ticking the output
2015-07-23 12:23:56 -05:00
9d8dd2f8bd
FIxup pr #5758
2015-07-23 12:21:36 -05:00
165cb195bf
Remove python dependency, add credit URL.
2015-07-21 22:48:23 -05:00
3013ab4724
Add osx root privilege escalation.
2015-07-21 21:50:55 -05:00
133e221dcd
Remove unnecessary steps.
2015-07-05 19:00:58 -05:00
Wei Chen
Tim W
William Vu
Brendan Coles
Erin Bleiweiss
asoto-r7
Brent Cook
h00die
Brent Cook
g0tmi1k
OJ
jvoisin
Christian Mehlmauer
HD Moore
Sam H
Sam Handelman
Tod Beardsley
joev