adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,051 Commits 27 Branches 1,043 Tags
052d233bd973e6a7e8b39da038962ceffa4cc6de
Commit Graph

3383 Commits

Author SHA1 Message Date
bcoles 5f92d9418d Modules: Fix Stability/SideEffects/Reliability notes for several modules 2022-10-01 17:54:59 +10:00
bwatters 89ef91c9cd Update ranking for nft_set_elem_init 2022-09-30 09:57:54 -05:00
bwatters e27dbd2787 Land #16794,Add exploit for CVE-2022-34918 
Merge branch 'land-16794' into upstream-master
 2022-09-27 16:37:52 -05:00
space-r7 dd11156922 add new reference to bitbucket module 2022-09-22 16:14:18 -05:00
Redouane NIBOUCHA 8b601c9b17 If ForceExploit is set, skip calling module_check 2022-09-22 17:33:24 +02:00
Niboucha Redouane 93cad400e8 Update error message if the kernel offsets are not supported 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-09-22 17:28:36 +02:00
space-r7 8d2b182c7b add cmd stager flavors and bad characters 2022-09-21 10:54:32 -05:00
space-r7 77d1328c43 add module description 2022-09-21 08:38:18 -05:00
space-r7 34a6671c2d update module to support auth & additional target 2022-09-20 18:45:14 -05:00
space-r7 9738f23b51 add cmdstager 2022-09-20 10:37:10 -05:00
space-r7 391e5cc891 add check method, repo search 2022-09-19 17:28:17 -05:00
Christophe De La Fuente 52ff168c5e Land #16914, Add PAN-OS auth command injection module (CVE-2020-2038) 2022-09-15 17:58:07 +02:00
Jack Heysel b37b91c233 Responded to comments 2022-09-15 10:45:11 -04:00
jheysel-r7 49cc431660 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-15 10:29:28 -04:00
jheysel-r7 2fcea3763f Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-14 12:59:56 -04:00
jheysel-r7 9b6b70cbf3 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-14 12:50:07 -04:00
jheysel-r7 d001bf079e Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-14 12:49:52 -04:00
Jack Heysel 89fadf69a7 Remove require pry 2022-09-13 13:42:26 -04:00
Jack Heysel f11e5c162b Rubocop 2022-09-13 13:21:18 -04:00
Jack Heysel 1c99daa836 Updated error handling 2022-09-13 12:40:59 -04:00
jheysel-r7 8a6c2dc896 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-12 17:35:25 -04:00
jheysel-r7 92068e3c02 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-12 17:34:57 -04:00
space-r7 a11569fc53 Land #16944, add Apach Spark RCE 2022-09-07 13:02:27 -05:00
space-r7 65906bbb87 add curl cmd stager flavor 2022-09-07 12:45:13 -05:00
space-r7 1a9e33265a fix typos 2022-09-07 11:27:56 -05:00
h00die-gr3y 6c1f7c2d8c removed unnecessary code 2022-09-07 09:40:11 +00:00
h00die-gr3y 797e450f4a updated timer code 2022-09-06 19:08:27 +00:00
H00die.Gr3y 19a396304d Update modules/exploits/linux/http/apache_spark_rce_cve_2022_33891.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-03 20:28:49 +04:00
Christophe De La Fuente 8ba621a291 Land #16923, Cisco ASA-X with FirePOWER Services Authenticated Command Injection (CVE-2022-20828) 2022-09-02 18:37:37 +02:00
Jake Baines 320bd944f0 Updated default creds. Properly used fail_with. Set meterpreter to fork. Some wording and code cleanup. 2022-09-02 08:44:04 -07:00
Spencer McIntyre 6965115c8e Land #16786, Zyxel Firewall LPE (CVE-2022-30526) 2022-08-31 08:40:23 -04:00
h00die-gr3y d38494498a added linux dropper and code review suggestions 2022-08-27 17:45:47 +00:00
H00die.Gr3y b8a514bb55 Update modules/exploits/linux/http/apache_spark_rce_cve_2022_33891.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-08-27 11:08:32 +04:00
H00die.Gr3y 3164967e07 Update modules/exploits/linux/http/apache_spark_rce_cve_2022_33891.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-08-27 10:39:43 +04:00
h00die-gr3y 21c4e3ce3d commit module and documentation 2022-08-26 15:05:39 +00:00
Grant Willcox 6a71daac44 Land #16918, End the session when an HTTP/200 is received 2022-08-25 16:55:54 -05:00
h00die-gr3y 14aad14b57 rubocop fix update 2022-08-25 17:54:53 +00:00
Ron Bowes abd392c372 Add in changes from review 2022-08-23 11:44:03 -05:00
Ron Bowes 97f8ec9367 Documentation, output cleanup 2022-08-23 11:43:51 -05:00
Ron Bowes 24460efb77 Iniital import of working exploit 2022-08-23 11:43:51 -05:00
Ron Bowes 13d8c41f98 Clean up and better documentation 2022-08-22 11:46:50 -07:00
Ron Bowes c7ba5dde00 Append a newline and NUL byte to the payload, to make sure shellscripts (and other scripts) parse properly 2022-08-22 11:03:07 -07:00
Ron Bowes 82bf8b5a22 Add a setting for a custom payload, and encode default payloads as executables 2022-08-22 10:09:53 -07:00
Ron Bowes f90b6464ad Remove the Payload section from linux/fileformat/unrar_cve_2022_30333 2022-08-19 14:23:51 -07:00
Jake Baines b4fe31757d Added module for CVE-2022-20828 2022-08-19 12:29:37 -07:00
Jack Heysel 6c09cc8c9d Responded to PR comments 2022-08-18 16:20:03 -04:00
jheysel-r7 c4abda67c1 Update modules/exploits/linux/http/panos_auth_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-08-18 16:15:21 -04:00
jheysel-r7 1f6c52923b Update modules/exploits/linux/http/panos_auth_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-08-18 15:19:14 -04:00
jheysel-r7 4f95df6ee6 Update modules/exploits/linux/http/panos_auth_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-08-18 15:19:04 -04:00
Jack Heysel f01f4c08a4 Randomize payload + rubocop 2022-08-17 17:43:16 -04:00