adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,599 Commits 27 Branches 1,043 Tags
03bb062c2e0ff3cb33dbd52dcd80dda965943239
Commit Graph

3048 Commits

Author SHA1 Message Date
Christophe De La Fuente d3057f15b2 Land #17275, Add Exploit For CVE-2022-41082 (ProxyNotShell) 2022-11-30 18:16:19 +01:00
bwatters 3462dc6bf4 Land #17087, remote control collection rce 
Merge branch 'land-17087' into upstream-master
 2022-11-28 14:29:52 -06:00
Spencer McIntyre 009c6c5350 Add the MaxBackendRetries datastore option 2022-11-28 09:45:04 -05:00
adfoster-r7 0aa0884e26 Land #17296, add warning about external links 2022-11-24 10:30:44 +00:00
Spencer McIntyre 6350daf2d8 Land #17273, F5 exploit module CVE-2022-41800 
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
 2022-11-23 17:57:18 -05:00
Jeffrey Martin 453cfc5939 spelling change per review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-11-23 13:26:19 -06:00
Jeffrey Martin cb8e023734 add warning about external links 
Links to external resources not controlled by the project maintainers
are subject to bitrot and malicious take over. Warnings seem appropriate.
 2022-11-23 12:08:05 -06:00
Spencer McIntyre 3f58bfe11e Check that the target is Exchange Server 2019 2022-11-23 10:47:10 -05:00
h00die 181b8e4eea review comments 2022-11-21 15:53:37 -05:00
h00die d4536b24a6 remote control collection rce 2022-11-21 15:53:37 -05:00
Spencer McIntyre ed99f2f67f Bypass EEMS M1 2022-11-21 11:13:16 -05:00
Grant Willcox 8ca7550062 Land #17257, Adding exploit for ChurchInfo 1.2.13-1.3.0 RCE (CVE-2021-43258) 2022-11-18 19:27:10 -06:00
Grant Willcox 237eb904d4 Add in fixes for documentation examples and then update the code to fix some bugs 2022-11-18 18:30:07 -06:00
Grant Willcox 713323f2cb Add in Docker setup documentation 2022-11-18 18:22:11 -06:00
Grant Willcox 85a6770973 Add additional checks, a check method, and fix up some doc errors 2022-11-18 18:22:06 -06:00
m4lwhere b9ecdb3bc2 Use TARGETURI, registered cleanup, implment cookie_jar, and perform response checks and documentation 2022-11-18 18:21:27 -06:00
m4lwhere a33a313544 Adding exploit for ChurchInfo 1.3.0 2022-11-18 18:21:08 -06:00
Spencer McIntyre bc89721d7a Add module docs, fix ProxyShell versions 2022-11-18 17:42:27 -05:00
space-r7 3d5708e3e6 Land #17271, add f5 big-ip csrf exploit 2022-11-18 16:19:09 -06:00
Christophe De La Fuente d1a7170020 Land #17021, Gitea Git fetch RCE module - CVE-2022-30781 2022-11-17 12:28:29 +01:00
Ron Bowes d0e109b842 Check in exploit module for CVE-2022-41800 2022-11-16 12:04:18 -08:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
Grant Willcox c4c4e736d9 Land #17142, Apache CouchDB Erlang RCE module CVE-2022-24706 2022-11-01 12:26:49 -05:00
Grant Willcox 11095c8789 Documentation touchups 2022-11-01 11:43:01 -05:00
jheysel-r7 757c0da639 Review updates 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-11-01 10:55:20 -05:00
Jack Heysel 434cb21d27 Docs update 2022-11-01 10:54:37 -05:00
Jack Heysel b31c0f6987 Added check method, refactored, updated docs 2022-11-01 10:54:27 -05:00
Jack Heysel a0babb354a Apache CouchDB Erlang module initial commit 2022-11-01 10:54:19 -05:00
jheysel-r7 cf27c34917 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
jheysel-r7 6a1af915f6 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
Jack Heysel d79515c3fe Fix file cleanup 2022-11-01 10:40:00 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
Jack Heysel 3346ddec2c Land #17155, Remote mouse version updates 
Also add a vulnerable download link to the docs
 2022-10-27 16:32:23 -04:00
Jack Heysel 9c5d82e00f Land #17147, add Vargrant Breakout module 
This PR adds a module that exploits a default
Vagrant shared folder to append a Ruby payload
to the Vagrant project Vagrantfile config file.
 2022-10-26 17:11:03 -04:00
bcoles 01fa2e1041 Add Vagrant Synced Folder Vagrantfile Breakout module 2022-10-26 17:33:44 +11:00
space-r7 35e4d829d8 Land #17164, add THEME_DIR option to wp_crop_rce 2022-10-25 12:23:50 -05:00
space-r7 7c64b0ba93 add option in documentation and add notes 2022-10-25 12:22:00 -05:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
h00die-gr3y c1aed2d274 Fixed typos documentation 2022-10-21 13:20:37 +00:00
h00die-gr3y 1c393dc596 init commit module and documentation 2022-10-21 12:50:46 +00:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
Christophe De La Fuente c89569d88c Fix the doc to make msftidy_docs.rb happy 2022-10-20 14:33:40 +02:00
bwatters 73c879a854 Add docs 2022-10-19 17:59:54 -05:00
Ron Bowes d8a5629cf4 Add Zimbra-installation notes 2022-10-19 10:05:20 -07:00
Ron Bowes 56d6f7747b Remove some old code and update documentation with version info 2022-10-19 10:02:29 -07:00
Christophe De La Fuente c43272985e Land #17141, Zimbra Postfix priv esc 2022-10-19 10:33:37 +02:00