adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,872 Commits 27 Branches 1,043 Tags
0ba93b6ae317cbb7ff77b5ab1ae973542e80daab
Commit Graph

7756 Commits

Author SHA1 Message Date
madefourit 0ba93b6ae3 module docs and description 2026-04-14 09:45:45 -04:00
h00die 14cd7fad47 module docs 2026-04-14 09:45:44 -04:00
h00die 9e506cc5a0 update pshell module 2026-04-14 09:45:43 -04:00
Brendan a90ec1071c Merge pull request #21075 from Chocapikk/avideo-catname-sqli 
Add AVideo catName blind SQLi credential dump (CVE-2026-28501)
 2026-04-09 16:22:45 -05:00
h00die 475f203760 windows telemetry persistence 2026-04-09 15:02:42 +02:00
adfoster-r7 3de026b88c Merge pull request #21221 from cgranleese-r7/update-module-doc-template-with-example 
Adds examples to module template markdown
 2026-04-08 10:51:49 +01:00
cgranleese-r7 db9f98e704 Adds examples to module template markdown 2026-04-08 09:25:08 +01:00
jheysel-r7 94ccd8bd20 Merge pull request #20948 from ArkaprabhaChakraborty/osticket 
Add initial osticket arbitraray file read auxiliary module
 2026-04-07 09:39:01 -07:00
Diego Ledda 08e29e833d Merge pull request #20814 from h00die/s4u 
s4u persistence updates
 2026-04-07 05:22:01 -04:00
Spencer McIntyre a0852387fc Merge pull request #20752 from bwatters-r7/feature/certificate-web-enrollment 
Add Authenticating Web Enrollment module for AD/CS
 2026-04-06 15:27:28 -04:00
jheysel-r7 0f156364eb Merge pull request #21158 from sfewer-r7/CVE-2026-20127 
Add auxiliary module for Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability (CVE-2026-20127)
 2026-04-02 09:50:22 -07:00
Spencer McIntyre 1d41776cf8 Merge pull request #21032 from Nayeraneru/UserInitMprLogon 
windows persistence userinit_mpr_logon
 2026-04-01 14:59:36 -04:00
Spencer McIntyre 34c7a18ef4 Merge pull request #21217 from dineshg0pal/fix/small-typo-fixes 
Fix: small typo's in Documentation
 2026-04-01 12:38:25 -04:00
Dinesh b668069682 fix: corrected SHA12 to SHA512 2026-04-01 21:32:28 +05:30
Dinesh 7bdfdf9703 fix: removed extra "use" in cmd lines 2026-04-01 21:29:21 +05:30
Dinesh fe0c7e4e97 fix: removed "are" duplicate 2026-04-01 21:25:00 +05:30
Dinesh 2d4c3e748e fix: removed duplicate "which" 2026-04-01 21:22:38 +05:30
Nayeraneru 609866dc94 add doc 2026-03-31 23:46:09 +02:00
Christophe De La Fuente 09a59af789 Merge pull request #21069 from Chocapikk/add-module-freescout-htaccess-rce 2026-03-31 18:09:30 +02:00
msutovsky-r7 6d4b268f9f Land #21029, adds module for Grav CMS (CVE-2025-50286) 
Adds exploit module for Grav CMS (CVE-2025-50286)
 2026-03-31 14:47:44 +02:00
cgranleese-r7 e5e18383a2 Merge pull request #21187 from Devansh7006/patch-1 
Improve HTTP PUT module documentation
 2026-03-31 13:03:56 +01:00
cgranleese-r7 55152da83a Merge pull request #21186 from Devansh7006/add-wordpress-pingback-doc 
Add documentation for wordpress_pingback_access module
 2026-03-31 11:40:24 +01:00
Devansh7006 b9666f5f0e Improve formatting and clarity of WordPress pingback module 
Reformatted the verification steps and options for clarity. Removed redundant lines and added example usage.
 2026-03-31 12:40:19 +05:30
Devansh7006 d3a1bdaa88 Fix HTTP PUT module documentation formatting and structure 
Updated example usage and added details for the PUT action.
 2026-03-31 12:28:17 +05:30
bcoles b17a5727b5 Improve post/linux/gather/enum_protections module 
* Add system hardening checks
* Add detection for modern security tools
* Add module documentaiton
 2026-03-29 15:07:56 +11:00
adfoster-r7 20bb912515 Merge pull request #21023 from g0tmi1k/os_cmd_exec 
Add: exploits/multi/http/os_cmd_exec
 2026-03-27 16:38:03 +00:00
Devansh7006 bccbf35950 Enhance documentation for WordPress pingback module 
Updated verification steps and added example run for clarity.
 2026-03-27 17:07:24 +05:30
Devansh7006 e56610b530 Enhance documentation for HTTP PUT scanner module 
Added verification steps and detailed options for HTTP PUT scanner.
 2026-03-27 16:45:55 +05:30
Devansh7006 63ad9b06bf Refactor WordPress Pingback Access documentation 
Removed redundant sections and improved formatting for clarity.
 2026-03-27 16:39:37 +05:30
cgranleese-r7 ab4f24db5d Merge pull request #21149 from Adithyadspawar/add-auxiliary-scanner-docs 
Add documentation for auxiliary scanner modules
 2026-03-27 11:02:43 +00:00
Devansh7006 8e2e293062 Improve HTTP PUT module documentation 
Updated the documentation for the HTTP PUT File Upload Scanner module to clarify usage and options.
 2026-03-27 15:33:23 +05:30
Devansh7006 93fb3b464b Add WordPress Pingback Access Scanner documentation 
This document outlines the WordPress Pingback Access Scanner module, its verification steps, options, and scenarios for use in security assessments.
 2026-03-27 15:04:49 +05:30
x1o3 d12e3945fe plugin version parsing and check logic improvement, msftidy & rubocop compliant 2026-03-27 11:47:30 +05:30
x1o3 de81c5f0dc plugin version parsing and check logic improvement, msftidy & rubocop compliant 2026-03-27 11:45:20 +05:30
arkaprabhachakraborty 26a73b060d Resolve rubocop errors and warnings. Address copilot comments on docs and code quality. 
Signed-off-by: arkaprabhachakraborty <chakrabortyarkaprabha998@gmail.com>
 2026-03-27 00:43:23 +05:30
sfewer-r7 aa84007608 dont mix vprint_status and teh slient flag. improve some of the print message for better consistency 2026-03-26 15:08:29 +00:00
sfewer-r7 f857ea77c9 get rid of STORE_SSH_KEY_FILES as the private key will be in loot anyway 2026-03-26 14:53:25 +00:00
msutovsky-r7 0976f88058 Land #20835, adds module unauthenticated command injection Eclipse Che machine-exec (CVE-2025-12548) 
Add Eclipse Che machine-exec unauthenticated RCE (CVE-2025-12548)
 2026-03-25 14:39:01 +01:00
g0t mi1k 51f36982c7 Add: exploits/multi/http/os_cmd_exec 
A lot of this was based on: exploits/unix/webapp/php_eval
 2026-03-24 20:01:30 +00:00
Brendan 7ea60dd7d1 Merge pull request #20478 from futileskills/escpos-injector-module 
Create escpos_tcp_command_injector.rb
 2026-03-24 14:40:27 -05:00
jheysel-r7 81faae13ca Merge pull request #21033 from Alpenlol/barracuda-esg-cve-2023-2868 
Add exploit for CVE-2023-2868 Barracuda ESG command injection
 2026-03-23 13:18:34 -07:00
arkaprabhachakraborty ae71513ce1 Add feature to create tickets and grab ticket number when TICKET_NUMBER is not specified 
Signed-off-by: arkaprabhachakraborty <chakrabortyarkaprabha998@gmail.com>
 2026-03-21 19:02:39 +05:30
sfewer-r7 f822f98438 add in aux module for CVE-2026-20127 2026-03-20 12:33:24 +00:00
Adithyadspawar 6326f14768 Add documentation for 5 auxiliary scanner modules 2026-03-19 22:59:00 +05:30
Adithyadspawar 20c265dc32 Add documentation for 5 auxiliary scanner modules 
Add module documentation for:
- auxiliary/scanner/http/apache_activemq_traversal
- auxiliary/scanner/http/drupal_views_user_enum
- auxiliary/scanner/http/coldfusion_version
- auxiliary/scanner/http/elasticsearch_traversal
- auxiliary/scanner/ftp/bison_ftp_traversal

Fixes #12389
 2026-03-19 20:19:26 +05:30
Brendan 5b5d1dbfaa Merge pull request #21076 from Chocapikk/avideo-encoder-getimage-cmd-injection 
Add AVideo Encoder getImage.php command injection (CVE-2026-29058)
 2026-03-18 18:46:32 -05:00
Valentin Lobstein 3414611a3d Refactor: Use inherited SSL option from HttpClient instead of HTTPSSL 2026-03-14 00:07:28 +01:00
Valentin Lobstein c5c6c34232 Refactor: Remove HTTPSSL option, auto-detect SSL from port 443 2026-03-14 00:04:49 +01:00
Valentin Lobstein db3654eebf Fix: Address Copilot review feedback and fix cmd/dropper targets 
- Fix http_send: use standalone Rex::Proto::Http::Client to avoid
  SMTPDeliver/HttpClient connect() method conflict
- Fix cmd/dropper PHP stub: remove double $$ variable (vars[:cmd_varname]
  already includes $ prefix)
- Fix cmd/dropper unlink: use cleanup POST param instead of inline
  @unlink to preserve shell across multiple stager requests
- Fix wait_for_cron: use .to_i % fetch for correct modulo calculation
- Fix dir_exists?: use res&.redirect? instead of res&.code == 301
- Fix docs: RHOSTS -> RHOST (SMTPDeliver registers singular RHOST)
- Remove manual Date header (SMTPDeliver handles it)
- Update scan_paths comment to reflect MD5 digit extraction
- Replace php_exec_cmd with manual preamble + system_block stub
 2026-03-13 23:38:30 +01:00
Valentin Lobstein 8ad5924bf1 Fix: Use parent of fix commit (78178d1~1) for vulnerable Encoder checkout 2026-03-13 22:59:51 +01:00