adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,214 Commits 27 Branches 1,043 Tags
04df1ef7e8e73fb60dcff2ce1da33cbf2f3be05f
Commit Graph

34311 Commits

Author SHA1 Message Date
cgranleese-r7 896058a147 Land #17908, Update ftp login connect timeout option name 2023-04-20 16:23:42 +01:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
adfoster-r7 34a6980e5e Land #17907, Add VMware Workspace RCE added missing require statement 2023-04-19 00:12:59 +01:00
adfoster-r7 246de78f85 Update ftp login connect timeout option name 2023-04-18 23:44:58 +01:00
Jack Heysel 9563466037 Land #17873, add ensure disconnect to ftp login 
Add ensure disconnect to ftp login module and ftp timeout configuration
 2023-04-18 18:31:12 -04:00
Jack Heysel bd286dd147 Added missing require builder statement 2023-04-18 18:10:46 -04:00
Jack Heysel de18ed438a Removed unnecessary require statement 2023-04-18 18:05:11 -04:00
Zach Goldman 898a9f2f3d add user mutability to connection timeout 2023-04-18 16:31:05 -05:00
Jack Heysel a2c23d18ef Added require builder statement 2023-04-18 16:01:14 -04:00
cgranleese-r7 b65d3252e9 Land #17883, Fix crash for lotus domino hashes module when database not active 2023-04-18 16:38:47 +01:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel db853f9a68 Land #17711, SPIP unauth RCE module 
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
 2023-04-17 15:30:03 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
h00die 4b176c8ef5 fix unified_remote_rce docs 2023-04-16 10:11:01 -04:00
adfoster-r7 71a058b555 Fix crash for lotus domino hashes module when database not active 2023-04-14 23:28:32 +01:00
Jack Heysel cda2e9610b Land #17820, optimising the nagiosxi modules 
This PR refactors the authenticated nagiosxi modules and mixins..
 2023-04-14 16:21:26 -04:00
Jack Heysel ace2f42387 Changed ranking to Good 2023-04-14 15:15:40 -04:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
dwelch-r7 f9d5459a9c Land #17872, Ensure identify hashes helper is accessible to modules 2023-04-13 16:20:20 +01:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Grant Willcox d19c9e7732 Land #17867, fix always vulnerable in Auxiliary module surgenews_user_creds 2023-04-12 19:32:39 -05:00
Grant Willcox 0ed25cd2cc Fix RuboCop issues 2023-04-12 19:05:30 -05:00
Grant Willcox 0e3a341ac9 Land #17864, Correct incorrect log format 2023-04-12 17:05:35 -05:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Zach Goldman 87c0faa73a Add ensure disconnect to ftp login module, ftp timeout configuration 2023-04-12 11:18:50 -05:00
adfoster-r7 8e2169ed47 Ensure identify hashes helper is accessible to modules 2023-04-12 13:28:56 +01:00
adfoster-r7 e8365aba85 Land #17870, Fixes linting errors on SCTP payloads 2023-04-12 13:24:01 +01:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
cgranleese-r7 a313e36c1d Fixes linting errors on SCTP payloads 2023-04-12 10:24:19 +01:00
cgranleese-r7 e6c1aecd26 Land #17502, Adds SCTP Sessions 2023-04-12 10:15:43 +01:00
Ryuuuuu 585479474b fix bug which prints always vulnerable (change code suggested code by @bcoles) 2023-04-12 08:25:34 +00:00
Ryuuuuu e3983eac1f Correct incorrect log format 2023-04-12 13:04:13 +09:00
Ryuuuuu 29c24438a6 Correct incorrect log format when no files found 2023-04-12 13:01:49 +09:00
Ron Bowes 7dc1faa689 Better error handling, and fix version detection 2023-04-11 09:34:24 -07:00
Jack Heysel a2d2946007 Rubocop 2023-04-07 13:53:12 -04:00
Jack Heysel 18170babc2 Fix RCE payloads and add autorunscript 2023-04-07 13:35:16 -04:00
Ron Bowes 1a8671311d Move the offsets into a field separate from 'targets' 2023-04-07 10:26:56 -07:00
Ron Bowes 02072418f0 Expand the comment about why we're checking for \xff (since it can't appear in the payload) 2023-04-07 10:10:13 -07:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
adfoster-r7 42902bb5e5 Land #17851, fix check function which always prints vulnerable 2023-04-07 14:24:45 +01:00
Jack Heysel 665ba4aece Add additional target 2023-04-06 23:41:36 -04:00
Ryuuuuu 9985538846 Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb 
fix nil exception

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-04-07 09:55:00 +09:00
Jack Heysel 79d4021f31 Replaced janky XML building 2023-04-06 14:58:05 -04:00
Jack Heysel 544fb8ead6 Removed unecessary start_service proc 2023-04-06 14:26:02 -04:00
Ron Bowes ce111f158a Better error handling 2023-04-06 10:35:33 -07:00
Jack Heysel d92fc41d29 Print out what command fails when attempting RCE 2023-04-06 13:31:17 -04:00
Jack Heysel 4984a3e2d3 Edit check method to raise errors instead of returning boolean 2023-04-06 13:25:20 -04:00
Steve E f0189cc886 revert another get_once 2023-04-06 11:43:50 +01:00
Steve E 656c562816 Added notes, revert to get_once 2023-04-06 11:01:32 +01:00