adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,444 Commits 27 Branches 1,043 Tags
06f0fffc20f83f7eb31dc34cf63573c8ef36f19f
Commit Graph

930 Commits

Author SHA1 Message Date
Jack Heysel 06f0fffc20 Land #16856, Webmin package updates RCE module 
This module exploits an arbitrary command injection
in Webmin versions prior to 1.997.
 2022-08-09 16:13:19 -04:00
Christophe De La Fuente 38b845f247 Fix from code review 
- Documentation typos
- Adding ARM64 support
 2022-08-09 15:09:25 +02:00
Christophe De La Fuente 9c6a198453 Land #16796, Path traversal vulnerability in RARLAB UnRAR < 6.12 with Zimbra RCE module 2022-08-04 19:44:57 +02:00
bwatters 163d4d5b11 Land #16854, Add CVE-2022-31660 VMware Workspace ONE Access LPE 
Merge branch 'land-16854' into upstream-master
 2022-08-03 16:50:12 -05:00
Christophe De La Fuente 449a7b71d5 Add module exploit and docs for the Webmin package updates RCE 2022-08-03 12:01:41 +02:00
Spencer McIntyre 8ed4293e9c Add module docs for CVE-2022-31660 2022-08-02 16:42:08 -04:00
Jake Baines b00cadfbeb Initial commit of MobileIron Core Log4Shell exploitation (CVE-2021-44228) 2022-07-29 10:31:15 -07:00
Ron Bowes 4e4a1da4e4 Add module docs for the split-up unrar modules 2022-07-27 13:24:29 -07:00
Ron Bowes 860cd38bbb Add documentation 2022-07-26 10:23:24 -07:00
Grant Willcox 74496c1a29 Add in updated scenario documentation 2022-07-25 14:14:52 -05:00
Grant Willcox 72b1dbfeee Remove code that could cause check method to fail, fix up some documentation errors and add in scenario, and generally address some review comments 2022-07-25 13:05:04 -05:00
Nuri Çilengir 1094ce95c0 Update roxy_wi_exec.md 2022-07-25 17:14:02 +00:00
Nuri Çilengir bdf8defe53 Apply suggestions from code review 2022-07-25 16:03:09 +00:00
Nuri Çilengir bc0b27e1e2 Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:58:46 +00:00
Nuri Çilengir fc3b08fb8b Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:51:40 +00:00
Nuri Çilengir 420e67aca9 Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:24:43 +00:00
Nuri Çilengir 628f5970b1 Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:24:26 +00:00
Nuri Çilengir 135a25be4d Tested and fixed problems 2022-07-21 11:42:18 +00:00
Grant Willcox 336a1feaf7 Fix up naming of module and documentation and fix most of the RuboCop and formatting errors 2022-07-19 15:44:52 -05:00
Nuri Çilengir d2769ef82b Add Roxy-WI exec 2022-07-19 21:08:45 +03:00
Spencer McIntyre 63734832b2 Add sourcegraph RCE module docs 2022-07-08 17:27:27 -04:00
Spencer McIntyre 27ad62c964 Add a decent check method 2022-07-08 16:40:42 -04:00
Jake Baines 39567281bf Revised setup guidance 2022-05-13 13:41:05 -07:00
Grant Willcox 2eb31cf765 Add in edits from review 2022-05-13 15:32:12 -05:00
Jake Baines da133a34c8 Updated affected 2022-05-12 03:22:02 -07:00
Jake Baines 617b4ae044 Initial commit of Zyxel unauth command injection (CVE=2022-30525) 2022-05-12 01:43:59 -07:00
Grant Willcox 6354d7a055 Redo explanation of exploit in documentation to appropriately account for various nuances. Also update exploit title and description accordingly. 2022-05-11 16:43:36 -05:00
Heyder Andrade 8a6dd7152e Added tested versions reference 2022-05-11 16:43:12 -05:00
Heyder Andrade 77f60eb21e Added module and documentation for f5 icontrol RCE (CVE-2022-1388) 2022-05-11 16:43:00 -05:00
Grant Willcox 1c934b87b4 Land #16169, Add sploit for Cisco RV340 SSL VPN - CVE-2022-20699 2022-05-11 10:15:08 -05:00
Grant Willcox 68fdb103fe Add in final touch ups to documentation to fix a typo or two for formatting. Also update exploit ranking since this exploit doesn't retrieve version information before exploiting and is not 100% reliable so Excellent ranking isn't appropriate 2022-05-11 09:39:47 -05:00
William Vu 6532365dc8 Deregister VHOST 2022-05-03 11:52:50 -05:00
William Vu 8c0cd40a19 Fix VMware Workspace ONE Access CVE-2022-22954 2022-05-03 10:39:58 -05:00
William Vu 4ea72bb7a7 Add log IOC 2022-05-03 02:38:29 -05:00
William Vu 184b1b1e76 Add module doc 2022-05-02 20:41:01 -05:00
Jake Baines de453b8970 Update documentation/modules/exploit/linux/redis/redis_debian_sandbox_escape.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-04-26 14:42:57 -04:00
Jake Baines d20fd996bd Fix spelling mistakes 2022-04-26 03:38:23 -07:00
Jake Baines 71a4023c0d Initial commit of Redis sandbox escape CVE-2022-0543 2022-04-26 03:32:11 -07:00
Grant Willcox 78d4ac8592 Update module reliability and also fix issues from bcoles's review 2022-04-20 19:04:27 -05:00
bwatters d9a241defb Fix overzealous source code edit and some version copy/pasta errors 2022-04-20 14:31:32 -05:00
Grant Willcox b83a4b2a7a Add in fixes to module and documentation from final review 2022-04-14 12:45:15 -05:00
bwatters 83f4473c2a Correct Ubuntu target version 2022-04-14 12:01:38 -05:00
bwatters 03d01d2f72 Remove stray markup 2022-04-14 10:29:54 -05:00
bwatters f32443b477 Update with debug source code and options, cleanup module code per gwillcox-r7 2022-04-14 10:25:55 -05:00
bwatters 147d6e1df7 Added docs, reverted strip_comments, rubocop'd 2022-04-12 21:14:11 -05:00
space-r7 872b9c9a7c modify docs to reflect changes, remove 'return' 2022-03-10 10:39:32 -06:00
Tim W bcc9d01958 add documentation 2022-03-09 08:34:20 +00:00
Pedro Ribeiro e0c8108942 add docs for sslvpn module 2022-03-06 23:15:53 +00:00
red 23a09be333 Fix typo in document of cve_2021_4034 
ContOS => CentOS
 2022-03-05 23:58:31 +08:00
Spencer McIntyre 6be3443680 Land #16103, LPE in polkit's pkexec (CVE-2021-4034) 2022-03-03 09:24:11 -05:00