666c7ce362
Merge pull request #20865 from rajyavardhan01/docs/dect-scanner-documentation
...
Add documentation for auxiliary/scanner/dect modules
2026-01-16 00:00:22 +00:00
ade984aead
Merge pull request #20793 from Chocapikk/avideo-v2
...
Add AVideo notify.ffmpeg.json.php unauthenticated RCE exploit (CVE-2025-34433)
2026-01-15 17:36:07 -06:00
b466371b46
Update DECT reference link to archive.org (dedected.org is offline)
2026-01-15 14:13:00 -08:00
bb473b6019
Merge pull request #20797 from h00die/remove_persistence_exe
...
persistence modules cleanup
2026-01-14 14:43:33 -08:00
658c251b66
Merge pull request #20472 from jheysel-r7/feat/mod/badsuccessor
...
Add BadSuccessor dMSA Privilege Escalation in Windows 2025
2026-01-14 15:43:35 -05:00
c1023fd62a
Add BadSuccessor dMSA Privilege Escalation in Windows 2025
2026-01-14 12:34:45 -08:00
f4a195b88a
persistence modules cleanup
2026-01-14 13:49:29 -05:00
7b092aeedb
Land #20806 , adds module for unauthenticated command injection in Control Web Panel API (CVE-2025-67888)
...
Adds module for Control Web Panel API Command Injection (CVE-2025-67888)
2026-01-14 15:44:25 +01:00
e4f8d4fb13
Merge pull request #20706 from h00die/windows_wmi_persistence
...
Update windows wmi to persistence mixin
2026-01-14 09:37:20 -05:00
42b50b759f
Add documentation for auxiliary/scanner/dect modules
...
Add module documentation (KB articles) for the DECT scanner modules:
- station_scanner.md: Documents the DECT base station scanner
- call_scanner.md: Documents the DECT active call scanner
Both documents include hardware requirements (COM-ON-AIR cards),
verification steps, options descriptions, and usage scenarios.
2026-01-13 18:40:47 -08:00
b2abdb21de
Fix AVideo lab documentation: update file editing instructions
...
Updated the note to provide a working method to edit configuration.php. Users can enter the container shell or copy the file out for editing.
2026-01-14 00:35:39 +01:00
ae4babbcf1
Fix AVideo lab documentation: remove broken sed command
...
Removed the broken sed command that doesn't work correctly. Updated note to specify editing /var/www/html/AVideo/videos/configuration.php manually with an editor instead.
2026-01-14 00:34:35 +01:00
37f9802b83
Update AVideo lab documentation: remove automatic sed fix, specify file to edit
...
Removed mention of automatic sed fix in docker-entrypoint. Updated note to specify that users should manually edit /var/www/html/AVideo/videos/configuration.php if they encounter redirect issues with webSiteRootURL.
2026-01-14 00:34:10 +01:00
733455eb53
Change port to 80 in AVideo lab documentation
...
Changed HTTP_PORT from 9999 to 80 in the documentation to use the correct URL directly. This fixes the webSiteRootURL issue where AVideo was generating incorrect URLs with the mapped port instead of the container's internal port.
2026-01-14 00:32:43 +01:00
f6430ee093
Fix MariaDB tc.log corruption issue in AVideo lab setup
...
The MariaDB container fails to start with 'Bad magic header in tc log' error
when the data directory has incorrect permissions or was previously corrupted.
This occurs during first-time setup of the AVideo lab environment.
The fix:
- Creates a custom entrypoint script that detects and removes corrupted tc.log
files by checking the magic header (should be 01 00 00 00)
- Modifies Dockerfile.mariadb to integrate the fix script into the original
MariaDB entrypoint using sed
- Ensures the fix runs automatically before MariaDB initialization
This allows the lab to start successfully on first run without manual intervention.
Co-authored-by: bwatters-r7 <bwatters-r7@users.noreply.github.com >
2026-01-13 22:31:38 +01:00
eae97b314a
Land #20810 , adds module for authenticated RCE in n8n (CVE-2025-68613)
...
Adds module for n8n workflow expression RCE (CVE-2025-68613)
2026-01-13 16:51:06 +01:00
10d12570c0
Merge pull request #20791 from Chocapikk/webcheck
...
Add Web-Check screenshot API command injection RCE exploit (CVE-2025-32778)
2026-01-12 17:14:04 -06:00
defa2b1337
Adds reference to protocol, fixes formatting
2026-01-12 14:54:46 +01:00
2f62e7c031
Add documentation for ipv6_neighbor_router_advertisement.rb see https://github.com/rapid7/metasploit-framework/issues/12389
2026-01-12 14:54:46 +01:00
6491f74d9d
wmi persistence improvements
2026-01-11 07:25:13 -05:00
d45e91b130
typo
2026-01-09 10:48:30 -05:00
472016b753
Land #20796 , moves udev module into persistence category
...
update udev to persistence mixin
2026-01-09 16:14:08 +01:00
b9be6ac259
Merge pull request #20785 from Chocapikk/react2shell-clean
...
Update react2shell module: Add Waku framework support
2026-01-08 17:58:48 -08:00
bb98e855e1
Merge pull request #20751 from h00die/sticky_keys
...
update windows sticky keys to persistence mixin
2026-01-08 16:44:04 -08:00
da89d98b1e
Merge pull request #20847 from dwelch-r7/fix-ssh-login-print-and-docs
...
Fix extra characters in print and merge docs for ssh_login/ssh_login_pubkey
2026-01-08 16:17:43 -05:00
2867729808
Fix extra characters in print and merge docs for ssh_login/ssh_login_pubkey
2026-01-08 13:57:22 +00:00
c289ff44b9
Land #20811 , adds module for Prison Management System 1.0 RCE (CVE-2024-48594)
...
Add Prison Management System 1.0 auth RCE (CVE-2024-48594)
2026-01-08 12:33:00 +01:00
b39e781500
Land #20700 , adds module for Taiga.io RCE (CVE-2025-62368)
...
Adds exploit module for authenticated deserialization vulnerability in Taiga.io (CVE-2025-62368)
2026-01-07 11:53:32 +01:00
0d21fd4cc9
Merge pull request #20692 from msutovsky-r7/persistence/multi/python-site-specific-config-hook
...
Adds module for python site-specific hook persistence
2026-01-06 16:19:31 -08:00
428f31fdd3
review for wmi persistence
2026-01-06 16:36:05 -05:00
bfec7c378b
Update documentation/modules/exploit/windows/persistence/accessibility_features_debugger.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2026-01-06 14:00:39 -05:00
be9b2c9491
Add documentation for prison_management_rce
2026-01-06 12:33:49 +02:00
2f4db3bd5f
review for wmi persistence
2026-01-05 17:06:17 -05:00
acc206b2dc
Merge pull request #20833 from xaitax/CVE-2025-14847_Mongobleed
...
Add MongoDB memory disclosure module (CVE-2025-14847)
2025-12-30 08:49:30 -05:00
cd83a441b9
Merge pull request #20767 from Chocapikk/geoserver
...
Add GeoServer WMS GetMap XXE file read module (CVE-2025-58360)
2025-12-30 08:39:00 -05:00
44b2adafa7
Add MongoDB memory disclosure module (CVE-2025-14847)
2025-12-30 13:04:25 +01:00
2cadcfe6ab
add CVE-2025-68613
2025-12-25 11:21:28 -05:00
455275d087
add module for CVE-2025-67888
2025-12-23 19:21:34 -05:00
3ea866c41d
udev persistence
2025-12-21 07:50:48 -05:00
3015c9f962
Merge pull request #20792 from sfewer-r7/hpe_oneview_rce
...
Add unauth RCE exploit module for HPE OneView (CVE-2025-37164)
2025-12-19 17:41:51 -06:00
b12ebc95c0
Merge pull request #20754 from h00die/assist_tech
...
assistive technology persistence
2025-12-19 16:33:21 -06:00
8df7347791
Add AVideo notify.ffmpeg.json.php unauthenticated RCE exploit (CVE-2025-34433)
2025-12-19 21:51:41 +01:00
d40a35acdb
the version logic changes, update the docs
2025-12-19 15:48:07 +00:00
a4dba96712
add in the HPE OneView exploit
2025-12-19 15:30:53 +00:00
6c4a61fa42
Merge pull request #20761 from Chocapikk/acf-extended-rce
...
Add WordPress ACF Extended unauthenticated RCE exploit (CVE-2025-13486)
2025-12-18 16:03:06 -06:00
080f74f862
Update Web-Check documentation with docker-compose.yml setup instructions
2025-12-18 19:19:17 +01:00
5178cdee42
Update Web-Check documentation with git clone command
2025-12-18 18:56:18 +01:00
13f102eb5b
Add Web-Check screenshot API command injection RCE exploit (CVE-2025-32778)
2025-12-18 18:51:12 +01:00
3b407575fa
Update react2shell module: Add Waku framework support
2025-12-17 23:07:01 +01:00
46f87e0f6e
Add GeoServer WMS GetMap XXE file read module (CVE-2025-58360)
2025-12-12 16:11:15 +01:00
adfoster-r7