adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,143 Commits 27 Branches 1,043 Tags
08deb21ae32fd4b72ca7e6fa64409440ccbdc1df
Commit Graph

2986 Commits

Author SHA1 Message Date
h00die 08deb21ae3 update remote mouse version checks 2022-10-17 15:29:10 -04:00
Grant Willcox a3e32ffafa Add TARGET 0 to documentation 2022-10-12 20:00:33 -05:00
Grant Willcox e9f54aa5b8 Update documentation with better wording, and add randomization of parameter name to module along with cleanup code for deleting uploaded files 2022-10-12 19:16:52 -05:00
Jack Heysel 9652823393 Reverted check method to upload shell 2022-10-12 19:16:44 -05:00
Jack Heysel 3c27c8e5aa Condensed payload, changed base64 encoding to hex 2022-10-12 19:12:35 -05:00
Jack Heysel e4eac96b4b Add Module for pfSense pfBlockerNG unauth RCE as root 2022-10-12 19:12:22 -05:00
Grant Willcox f92d913f0c Land #17116, Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 2022-10-12 11:53:47 -05:00
Grant Willcox 487a26ee0f Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs 2022-10-12 11:19:47 -05:00
Ayantaker 9abaa00b9e Adding some changes to documentation as per review comments 2022-10-12 11:36:35 -04:00
Ayantaker e75438d0b2 Documentation fix and minor fixes 
Fixed the documentation according to msftidy's suggestion and removed a few unessary parts of code
 2022-10-11 18:17:52 -04:00
Grant Willcox 45aa09411e First round of edits from review 2022-10-11 15:46:04 -05:00
JustAnda7 412a07df54 Fixed #16674 2022-10-07 14:35:21 -04:00
Ayantaker c8cd6a7864 Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 
CVE-2022-22947 exploits Spring Cloud Gateway. The module has been tested with Spring Cloud gateway version 3.1.0 on Linux kali 5.18.0-kali5-amd64
 2022-10-06 15:48:36 -04:00
Jack Heysel 0145264046 Land #17093, add Enlightenment priv esc module 
This PR adds a local priv esc for Enlightenment on Ubuntu
which exploit a simple cmd injection
 2022-10-04 14:09:18 -04:00
space-r7 63af4e3702 Land #17067, add remote mouse rce 2022-10-04 11:40:33 -05:00
h00die b7073df1e0 review comments 2022-10-03 16:53:14 -04:00
h00die 68b2aec6fb review comments 2022-10-03 15:25:53 -04:00
h00die c6e18ee469 cve-2022-1329 2022-10-02 15:59:58 -04:00
h00die e78babea90 cve-2022-37706 2022-10-01 11:24:29 -04:00
bwatters 76c6632305 Land #16673, qdPM 9.1 - Authenticated Remote Code Execution (CVE-2020-7246) 
Merge branch 'land-16673' into upstream-master
 2022-09-29 09:46:27 -05:00
Jack Heysel 379f303ea8 Land #17061, Mobile Mouse Server RCE 
This PR includes a module that uses default
configuration in Unified Remote to spawn a
run prompt and return a shell.
 2022-09-28 10:48:41 -04:00
bwatters e27dbd2787 Land #16794,Add exploit for CVE-2022-34918 
Merge branch 'land-16794' into upstream-master
 2022-09-27 16:37:52 -05:00
h00die 391a27b08c remote mouse rce 2022-09-27 16:37:42 -04:00
h00die a39b1c9fe5 msftidy_docs 2022-09-26 15:56:43 -04:00
h00die 61f576d3e1 mobile mouse server exploit 2022-09-26 15:45:42 -04:00
Grant Willcox 0908006466 Land #16985, wifi mouse rce - CVE-2022-3218 2022-09-23 14:46:49 -05:00
Grant Willcox b62f163696 Update documentation on module and exploit a little more to make things a bit clearer 2022-09-23 14:08:18 -05:00
Jack Heysel 2b5e85cd27 Land #17012, Veritas Backup Agent RCE 
This module exploits a chain of the vulnerabilities CVE-2021-27876,
CVE-2021-27877 and CVE-2021-27878 in Veritas Backup Exec Agent which
leads to remote code execution with privileges of system or root user
 2022-09-23 12:31:46 -04:00
alex d5dcca899d Fix description scenario 2022-09-23 10:51:36 +03:00
h00die eb516f402e wifi mouse doc updates 2022-09-21 16:38:50 -04:00
h00die 32402c0e6d wifi mouse doc updates 2022-09-21 16:35:08 -04:00
Grant Willcox 605db0160d Fix up documentation 2022-09-21 15:02:04 -05:00
Spencer McIntyre 415383b48d Land #17042, Add exploit for CVE-2022-36804 2022-09-21 13:07:32 -04:00
Christophe De La Fuente 4943d86ec6 Land #16989, Unified Remote RCE 2022-09-21 14:06:33 +02:00
space-r7 f2e003cdb0 add documentation 2022-09-20 18:45:48 -05:00
h00die 271171f6d2 unified now with invisible feature 2022-09-18 19:02:59 -04:00
Christophe De La Fuente 52ff168c5e Land #16914, Add PAN-OS auth command injection module (CVE-2020-2038) 2022-09-15 17:58:07 +02:00
Jack Heysel 1c99daa836 Updated error handling 2022-09-13 12:40:59 -04:00
c0rs efbe06f944 Add module Veritas Backup Exec Agent Remote Code Execution 2022-09-13 18:18:52 +03:00
h00die 66bbe98f5f wifi remote with better cmd stagers 2022-09-09 05:57:36 -04:00
h00die ae91cfa9c5 unified_remote exploit 2022-09-08 17:09:31 -04:00
bwatters 2af5b22272 Land #16983, firefox_xpi_bootstrapped_addon: Add notes, description, references, docs 
Merge branch 'alnd-16983' into upstream-master
 2022-09-08 08:23:32 -05:00
space-r7 a11569fc53 Land #16944, add Apach Spark RCE 2022-09-07 13:02:27 -05:00
h00die-gr3y f71ec84f9e updated documentation 2022-09-06 19:36:11 +00:00
h00die c6d453f5b9 fix docs 2022-09-05 08:23:40 -04:00
h00die 3f7e0667f6 wifi mouse rce 2022-09-05 08:16:49 -04:00
bcoles a7d2145e8d firefox_xpi_bootstrapped_addon: Add notes, description, references, docs 2022-09-05 02:23:37 +10:00
Christophe De La Fuente 8ba621a291 Land #16923, Cisco ASA-X with FirePOWER Services Authenticated Command Injection (CVE-2022-20828) 2022-09-02 18:37:37 +02:00
Spencer McIntyre 6965115c8e Land #16786, Zyxel Firewall LPE (CVE-2022-30526) 2022-08-31 08:40:23 -04:00
h00die-gr3y e8083c6fb1 commit module and documentation 2022-08-26 15:39:18 +00:00