Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
James Lee
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
Brent Cook
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
.
2016-03-07 13:19:55 -06:00
Brent Cook
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
HD Moore
16d0d53150
Update Shellshock modules, add Advantech coverage
2015-12-01 10:40:46 -06:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
wchen-r7
f4abc16c66
Land #6102 , Add rsh/libmalloc privilege escalation exploit module
2015-10-26 10:54:05 -05:00
Sam H
5fcc70bea4
Fixed issue w/ msf payloads + added timeout rescue
...
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
2015-10-25 23:38:48 -07:00
wchen-r7
360f40249c
Land #6122 , user-assisted Safari applescript:// module (CVE-2015-7007)
2015-10-22 15:07:42 -05:00
wchen-r7
9d2e2df1f1
Update description
2015-10-22 15:07:11 -05:00
joev
35578c7292
Add refs.
2015-10-22 09:48:11 -05:00
joev
6a87e7cd77
Add osx safari cmd-R applescript exploit.
2015-10-22 09:46:56 -05:00
Sam H
348a0f9e3d
Cleaned up "cleanup" method and crontab check
...
The script now searches for the full line "ALL ALL=(ALL) NOPASSWD: ALL" written in the crontab file to ensure that it is successful rather than just "NOPASSWD". Additionally, the required argument used in the cleanup method was removed and simply turned into an instance method so it could be accessed without needing to call it with any arguments.
2015-10-21 22:53:32 -07:00
Sam H
712f9f2c83
Deleted extra reference to exploit DB
2015-10-18 19:10:47 -07:00
Sam Handelman
b03c3be46d
Fixed some styling errors in the initializer. Switched the calls to sleep(1) to use the Rex API (Rex.sleep(1) instead).
2015-10-18 02:13:03 -07:00
Sam Handelman
3757f2e8de
Changed my author name to make sure it matches my GitHub username inside the module information.
2015-10-16 14:54:34 -07:00
Sam Handelman
95d5e5831e
Adding the updated version of the module to submit a pull request. Changes were made to ensure that the OS version check correctly determines which systems are vulnerable, giving only a warning message if not.
2015-10-16 14:39:07 -07:00
wchen-r7
4275a65407
Update local exploit checks to follow the guidelines.
...
Please see wiki "How to write a check() method" to learn how
these checkcodes are determined.
2015-09-01 23:26:45 -05:00
Brent Cook
d670a62000
Land #5822 , migrate obsolete payload compatibility options
2015-08-31 15:20:20 -05:00
wchen-r7
9364982467
Land #5665 , Add osx rootpipe entitlements exploit for 10.10.3
2015-08-28 13:33:16 -05:00
wchen-r7
e45347e745
Explain why vulnerable
2015-08-28 13:26:01 -05:00
wchen-r7
423d52476d
Normal options should be all caps
2015-08-28 13:24:23 -05:00
William Vu
26165ea93f
Add tpwn module
2015-08-17 17:11:11 -05:00
jvazquez-r7
203c231b74
Fix #5659 : Update CMD exploits payload compatibility options
2015-08-10 17:12:59 -05:00
William Vu
50c9293aab
Land #5758 , OS X DYLD_PRINT_TO_FILE privesc
2015-07-23 13:21:23 -05:00
William Vu
c1a9628332
Fix some fixes
...
So you can fix while you fix.
2015-07-23 12:59:20 -05:00
Tod Beardsley
6ededbd7a7
Un-ticking the output
2015-07-23 12:23:56 -05:00
Tod Beardsley
9d8dd2f8bd
FIxup pr #5758
2015-07-23 12:21:36 -05:00
joev
165cb195bf
Remove python dependency, add credit URL.
2015-07-21 22:48:23 -05:00
joev
3013ab4724
Add osx root privilege escalation.
2015-07-21 21:50:55 -05:00
joev
133e221dcd
Remove unnecessary steps.
2015-07-05 19:00:58 -05:00
joev
c993c70006
Remove sleep(), clean up WritableDir usage.
2015-07-05 18:59:00 -05:00
joev
72a1e9ad99
Add module for rootpipe+entitlements exploit for 10.10.3.
2015-07-05 18:19:46 -05:00
jvazquez-r7
d98d2ffd4d
Update setuid_viscosity
...
* Use cmd_exec
2015-06-22 14:04:04 -05:00
jvazquez-r7
60bdc10aed
Update setuid_tunnelblick
...
* Use cmd_exec
2015-06-22 13:57:33 -05:00
Christian Mehlmauer
352e170624
more failure reasons
2015-04-16 22:04:11 +02:00
Christian Mehlmauer
8c5890d506
more fixes
2015-04-16 21:56:42 +02:00
Christian Mehlmauer
b4b8ac0849
moar fail_with's
2015-04-16 21:26:37 +02:00
William Vu
13da15e434
Add default PAYLOAD again
...
PrependSetreuid doesn't work with generic/shell_reverse_tcp.
2015-04-16 02:07:02 -05:00
William Vu
e114c85044
Land #5127 , x64 OS X prepend stubs 'n' stuff
2015-04-14 01:25:39 -05:00
William Vu
e324819feb
Add Privileged to info hash
...
Also remove default payload. Was set for CMD.
2015-04-13 15:23:30 -05:00
Tod Beardsley
bd3b6514fa
Dubbed. Whump whump.
2015-04-13 10:52:32 -05:00
Tod Beardsley
d87483b28d
Squashed commit of the following:
...
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:42:13 2015 -0500
Fix funny punctuation on rootpipe exploit title
See #5119
commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:37:39 2015 -0500
Fix vendor caps
Trusting the github repo README at
https://github.com/embedthis/goahead
See #5101
2015-04-13 10:46:47 -05:00
joev
c132a3fb0a
Fix OSX prepends and implement x64 setreuid.
2015-04-11 20:04:21 -05:00
William Vu
fc814a17ae
Add admin check
...
Also break out version check.
2015-04-10 11:24:49 -05:00