adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,373 Commits 27 Branches 1,043 Tags
020ee7ca5ce3a2e0aa92eba401128e7b742fbca6
Commit Graph

244 Commits

Author SHA1 Message Date
Grant Willcox f773d348e1 Add in notes about reliability of the module, and also add documentation on 7005 test on Windows 2022 2023-05-08 12:11:01 -05:00
Grant Willcox c221edb1ec Add in ADAudit Plus build 6077 testing examples 2023-05-08 11:45:44 -05:00
Grant Willcox 19651633c4 Update the installation instructions to resolve some issues encountered during testing 2023-05-04 18:26:54 -05:00
Grant Willcox f27fc28411 Perform review updates 2023-05-04 15:12:31 -05:00
ErikWynter aede036b02 additional changes from code review 2023-05-04 15:12:30 -05:00
Grant Willcox 0fd743d851 Add in fixes from code review 2023-05-04 15:12:29 -05:00
Grant Willcox d5032f0a5d Minor touchups on documentation for review 2023-05-04 15:12:28 -05:00
ErikWynter 32796b429b add note about payload limitations for builds 7004 and 7005 2023-05-04 15:12:27 -05:00
Grant Willcox 3b0d8b850b Fix up some issues identified during review 2023-05-04 15:12:26 -05:00
ErikWynter 9f68a5f8d1 add manageengine_adaudit_plus_authenticated_rce exploit module and docs 2023-05-04 15:12:09 -05:00
bwatters 01a78f972c Land #17567, ManageEngine Endpoint Central RCE (CVE-2022-47966) 
Merge branch 'land-17567' into upstream-master
 2023-02-08 13:06:53 -06:00
h00die-gr3y d763faf245 sync documentation 2023-02-06 06:56:59 +00:00
h00die-gr3y a2f4a27614 updated module and added documentation 2023-01-29 10:06:14 +00:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Spencer McIntyre 009c6c5350 Add the MaxBackendRetries datastore option 2022-11-28 09:45:04 -05:00
Spencer McIntyre 3f58bfe11e Check that the target is Exchange Server 2019 2022-11-23 10:47:10 -05:00
Spencer McIntyre ed99f2f67f Bypass EEMS M1 2022-11-21 11:13:16 -05:00
Spencer McIntyre bc89721d7a Add module docs, fix ProxyShell versions 2022-11-18 17:42:27 -05:00
JustAnda7 412a07df54 Fixed #16674 2022-10-07 14:35:21 -04:00
Grant Willcox 97bce45e69 Land #16915, Add exploit for CVE-2022-23277 (Exchange RCE) 2022-08-19 11:11:46 -05:00
Christophe De La Fuente d49b74d164 Land #16809, Add exploit module for Advantech iView command injection - CVE-2022-2143 2022-08-18 17:19:14 +02:00
Spencer McIntyre 7c1dd17c86 Add a missing verison, fix typos 2022-08-17 17:36:31 -04:00
Spencer McIntyre 62ab42b797 Update vulnerable version numbers and docs 2022-08-17 08:55:46 -04:00
Spencer McIntyre 0e148d6ba4 Update and rename the module 2022-08-09 13:32:09 -04:00
space-r7 0334beada2 Land #16758, add ManageEngine ADAudit Plus exploit 2022-08-05 12:19:42 -05:00
space-r7 4202502992 make some prints vprints, add steps 2022-08-05 11:34:46 -05:00
Grant Willcox ada3be8f7b Update options section in documentation 2022-08-02 14:13:25 -05:00
Grant Willcox f0e62de46a Add CVE-2022-35405 docs and module 2022-08-02 11:57:56 -05:00
Ron Bowes b4b5f31c3d Add documentation 2022-07-26 10:48:18 -07:00
space-r7 e1b0e871b3 add finished module and docs 2022-07-21 18:33:56 -05:00
Jake Baines aba48a6905 Improve JSON cleanup, fix jjs specific wording, and moved JJS_PATH to defaultoptions 2022-04-20 06:27:43 -07:00
Jake Baines ae54c8c3d9 Initial implementation of authenticated RCE against ManageEngine ADSelfService Plus (CVE-2022-28810) 2022-04-19 10:33:54 -07:00
Grant Willcox fddd3f15c2 Fix up code so that it will not block on attempting to delete the configuration on the folder, just in case the configuration doesn't exist in the first place. Instead print a warning and continue. 2022-02-22 17:52:29 -06:00
Grant Willcox a7ace66b3f Use send_request_cgi and update options to use HttpUsername and HttpPassword accordingly. This simplifies code. Also update documentation accordingly 2022-02-14 18:19:00 -06:00
Grant Willcox c49591cf11 Add in changes to use targets array as per Spencer's suggestion so we can now spawn Meterpreter shells. Also remove ACCOUNT_LOCKOUTS and fix a call that should have been .get_xml_document 2022-02-14 17:38:10 -06:00
Grant Willcox 4c1b2478fa Add in exploit and documentation 2022-02-11 13:58:56 -06:00
William Vu d55af3aa00 Add module doc 2021-12-23 12:27:57 -06:00
William Vu 344bdacae4 Remove preferred payload 
We'll add it back to Framework later.
 2021-11-24 10:44:59 -06:00
William Vu d2c322e875 Revert option name styling in module doc 
Bug in our local renderer's styling. GitHub renders it just fine.
 2021-11-23 19:05:26 -06:00
William Vu 053dc70782 Add words to module doc 2021-11-23 19:05:09 -06:00
William Vu a8daed1e79 Add module doc 2021-11-23 19:05:09 -06:00
Grant Willcox 8d55b16ade Fix one more mistake and rename document and module to a more easy to find name 2021-11-11 16:42:58 -06:00
Grant Willcox 27310dc002 Add in exploit and documentation for CVE-2021-42237 2021-11-10 15:52:22 -06:00
adfoster-r7 9f0804cbfb Fix Meterpreter spelling mistake 2021-10-12 23:40:43 +01:00
Spencer McIntyre 56cd43a8b8 Land #15624, Add module for CVE-2020-27955 2021-09-15 14:54:19 -04:00
Jack Heysel abbb994dab Updated docs 2021-09-07 13:55:21 -04:00
Jack Heysel 7fe44583fe Updated docs 2021-09-07 13:32:52 -04:00
Jack Heysel 3c43bd409d Added docs an Git User-Agent FP 2021-09-03 16:15:39 -05:00
Spencer McIntyre 95015f0c2b Update the ProxyShell module docs 2021-08-27 17:50:28 -04:00
wvu bcf00a0d3a Update exchange_proxyshell_rce.md 2021-08-18 14:38:56 -05:00