Commit Graph

134 Commits (10b2833e7c96cfd2237b89555d3074405a0abfae)

Author SHA1 Message Date
Brent Cook b13f4e25e1 thanks for making this well-known 2017-12-04 18:32:31 -06:00
Brent Cook a27bb38d51 add authors 2017-12-04 18:25:18 -06:00
Tim W 58897bf2fc msftidy 2017-11-29 16:36:50 +08:00
Tim W 7f1f7281f1 add local exploit for osx root login with no password 2017-11-29 16:06:02 +08:00
h00die 00c593e0a2 55 pages of spelling done 2017-09-07 21:18:50 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
OJ 1d617ae389
Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
jvoisin 2272e15ca2 Remove some anti-patterns, in the same spirit than #7372 2016-09-29 00:15:01 +02:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references"
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
2016-07-15 12:00:31 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
HD Moore 16d0d53150 Update Shellshock modules, add Advantech coverage 2015-12-01 10:40:46 -06:00
Sam H 5fcc70bea4 Fixed issue w/ msf payloads + added timeout rescue
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
2015-10-25 23:38:48 -07:00
Sam H 348a0f9e3d Cleaned up "cleanup" method and crontab check
The script now searches for the full line "ALL ALL=(ALL) NOPASSWD: ALL" written in the crontab file to ensure that it is successful rather than just "NOPASSWD". Additionally, the required argument used in the cleanup method was removed and simply turned into an instance method so it could be accessed without needing to call it with any arguments.
2015-10-21 22:53:32 -07:00
Sam H 712f9f2c83 Deleted extra reference to exploit DB 2015-10-18 19:10:47 -07:00
Sam Handelman b03c3be46d Fixed some styling errors in the initializer. Switched the calls to sleep(1) to use the Rex API (Rex.sleep(1) instead). 2015-10-18 02:13:03 -07:00
Sam Handelman 3757f2e8de Changed my author name to make sure it matches my GitHub username inside the module information. 2015-10-16 14:54:34 -07:00
Sam Handelman 95d5e5831e Adding the updated version of the module to submit a pull request. Changes were made to ensure that the OS version check correctly determines which systems are vulnerable, giving only a warning message if not. 2015-10-16 14:39:07 -07:00
wchen-r7 4275a65407 Update local exploit checks to follow the guidelines.
Please see wiki "How to write a check() method" to learn how
these checkcodes are determined.
2015-09-01 23:26:45 -05:00
wchen-r7 9364982467
Land #5665, Add osx rootpipe entitlements exploit for 10.10.3 2015-08-28 13:33:16 -05:00
wchen-r7 e45347e745 Explain why vulnerable 2015-08-28 13:26:01 -05:00
wchen-r7 423d52476d Normal options should be all caps 2015-08-28 13:24:23 -05:00
William Vu 26165ea93f Add tpwn module 2015-08-17 17:11:11 -05:00
William Vu 50c9293aab
Land #5758, OS X DYLD_PRINT_TO_FILE privesc 2015-07-23 13:21:23 -05:00
William Vu c1a9628332 Fix some fixes
So you can fix while you fix.
2015-07-23 12:59:20 -05:00
Tod Beardsley 6ededbd7a7
Un-ticking the output 2015-07-23 12:23:56 -05:00
Tod Beardsley 9d8dd2f8bd
FIxup pr #5758 2015-07-23 12:21:36 -05:00
joev 165cb195bf Remove python dependency, add credit URL. 2015-07-21 22:48:23 -05:00
joev 3013ab4724 Add osx root privilege escalation. 2015-07-21 21:50:55 -05:00
joev 133e221dcd Remove unnecessary steps. 2015-07-05 19:00:58 -05:00
joev c993c70006 Remove sleep(), clean up WritableDir usage. 2015-07-05 18:59:00 -05:00
joev 72a1e9ad99 Add module for rootpipe+entitlements exploit for 10.10.3. 2015-07-05 18:19:46 -05:00
jvazquez-r7 d98d2ffd4d
Update setuid_viscosity
* Use cmd_exec
2015-06-22 14:04:04 -05:00
jvazquez-r7 60bdc10aed
Update setuid_tunnelblick
* Use cmd_exec
2015-06-22 13:57:33 -05:00
Christian Mehlmauer 352e170624
more failure reasons 2015-04-16 22:04:11 +02:00
Christian Mehlmauer 8c5890d506
more fixes 2015-04-16 21:56:42 +02:00
Christian Mehlmauer b4b8ac0849
moar fail_with's 2015-04-16 21:26:37 +02:00
William Vu 13da15e434 Add default PAYLOAD again
PrependSetreuid doesn't work with generic/shell_reverse_tcp.
2015-04-16 02:07:02 -05:00
William Vu e114c85044
Land #5127, x64 OS X prepend stubs 'n' stuff 2015-04-14 01:25:39 -05:00
William Vu e324819feb Add Privileged to info hash
Also remove default payload. Was set for CMD.
2015-04-13 15:23:30 -05:00
Tod Beardsley bd3b6514fa
Dubbed. Whump whump. 2015-04-13 10:52:32 -05:00