adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,088 Commits 27 Branches 1,043 Tags
0cae369a455a1a60ac1265509b849162694de4bc
Commit Graph

228 Commits

Author SHA1 Message Date
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
Jack Heysel 8717e66b14 Land #18280, Add Maltrail Unauth RCE Module 
This PR adds a module for an unauthenticated RCE vulnerability
in Maltrail, a malicious traffic detection system. This vuln
does not have a CVE associated with it.
 2023-08-16 17:29:05 -04:00
Ege Balcı a91f928d62 Update documentation/modules/exploit/unix/http/maltrail_rce.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-16 18:45:37 +00:00
Jack Heysel 99e78a4c00 Update documentaion file 2023-08-14 21:01:10 -04:00
Ege Balcı 4b7d98df07 Add Maltrail Unauthenticated RCE exploit 2023-08-10 23:02:20 +02:00
Ege Balcı da9200819d Update scenarios for new targets 2023-08-10 00:55:52 +02:00
Ege Balcı 41f0c30855 Add RaspAP Unauthenticated Command Injection (CVE-2022-39986) Exploit 2023-08-04 21:22:07 +02:00
emirpolatt 34f25fbb65 pfSense Config Data Remote Command Execution as root (CVE-2023-27253) Module 2023-07-12 13:27:02 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
bcoles 69daea95d6 exploit/unix/ftp/proftpd_modcopy_exec: Add docs and resolve RuboCop violations 2023-03-23 18:13:20 +11:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Christophe De La Fuente 2a28af208d Land #16992, Syncovery For Linux - Auth. RCE (CVE-2022-36534) 2022-12-14 13:43:00 +01:00
whoot 04e5aa3033 apply suggestions 2022-12-02 16:05:01 +01:00
Grant Willcox a3e32ffafa Add TARGET 0 to documentation 2022-10-12 20:00:33 -05:00
Grant Willcox e9f54aa5b8 Update documentation with better wording, and add randomization of parameter name to module along with cleanup code for deleting uploaded files 2022-10-12 19:16:52 -05:00
Jack Heysel 9652823393 Reverted check method to upload shell 2022-10-12 19:16:44 -05:00
Jack Heysel 3c27c8e5aa Condensed payload, changed base64 encoding to hex 2022-10-12 19:12:35 -05:00
Jack Heysel e4eac96b4b Add Module for pfSense pfBlockerNG unauth RCE as root 2022-10-12 19:12:22 -05:00
jrude 01556b22d5 Syncovery For Linux - Auth. RCE (CVE-2022-36534) 2022-09-07 13:34:48 +02:00
kalba-security b56242c7a2 enable MeterpreterTryToFork by default for aerohive_netconfig_lfi_log_poison_rce 2022-07-01 06:15:13 -04:00
space-r7 dd0b124e84 fix typo in docs, check some responses 2022-05-04 17:28:37 -05:00
krastanoel 0f5e31d593 Apply suggestions from code review 
Update documentation common default options

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-05-03 15:43:38 +07:00
krastanoel bb8c130740 Fix docs typo 2022-04-28 21:57:18 +07:00
krastanoel eba436dd99 Add Zoneminder Language rce module docs 2022-04-28 21:01:00 +07:00
Jake Baines 65e16a1a72 Initial implementation of pfSense auth file creation bug (CVE-2021-41282) 2022-02-27 18:12:54 -08:00
bwatters 4505d7e834 Land #15700, Add Aerohive NetConfig <= 10.0r8a RCE (CVE-2020-16152) module 
Merge branch 'land-15700' into upstream-master
 2021-11-11 17:03:54 -06:00
bwatters 5e670638f3 Add a line suggesting TryToFork on Meterpreter might prevent the hang after exploitation 2021-11-11 16:59:09 -06:00
kalba-security 728965b3c6 fix typos in docs 2021-11-02 20:04:06 -04:00
kalba-security f778f5f00a add cleanup, add new info and warning messages, update docs, small improvements 2021-11-02 19:58:16 -04:00
space-r7 8185b26a12 change should to must in referring to id option 2021-11-02 09:15:59 -05:00
h00die b970e38edb spell betterer 2021-10-11 16:44:32 -04:00
h00die 441c1966e2 fix IPs 2021-10-11 15:33:07 -04:00
h00die 0745bbe4d8 pie-register on wordpress 2021-10-11 15:25:07 -04:00
kalba-security 6b4aa25490 Add Meterpreter support via Linux target with ARCH_ARMLE and cmdstager 2021-09-23 18:26:13 -04:00
kalba-security 0d42c36655 Specify that newer versions may still be vulnerable as no patch has been confirmed by the vendor 2021-09-23 05:19:07 -04:00
kalba-security b81d44020a Add Aerohive NetConfig 10.0r8a LFI and log poisoning to RCE module and docs 2021-09-23 04:57:48 -04:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
Shelby Pace 6d13f0627e formatting changes 2021-06-25 16:20:42 +02:00
Shelby Pace 1194e7d0f3 add guards, adjust formatting, add docs 2021-06-25 16:20:42 +02:00
Florian CASAGRANDE 6e3e27984b Update wp_admin_shell_upload.md 2021-06-13 13:53:08 +02:00
Shelby Pace 598f925fd3 remove extra spaces 2021-06-01 11:37:45 -05:00
h00die 0c3a693bef working exploit and docs 2021-05-30 14:37:11 -04:00
h00die 825cc9d284 upgraded to meterp 2021-05-29 15:55:24 -04:00
h00die 721a47ad7f cacti 1.2.12 sql to rce 2021-05-29 15:55:24 -04:00
Justin Steven fa73c0af3e Add CVE-2021-22204 ExifTool ANT perl injection 2021-05-11 12:02:12 +10:00
Alan Foster 9a92ac87a1 Ensure documentation files have md extension 2021-03-15 10:24:50 +00:00
William Vu 7ce10f68ae RuboCop for great justice 
And update docs.
 2021-01-21 10:44:18 -06:00
William Vu a336ee483a Update exploit/unix/smtp/opensmtpd_mail_from_rce 
Failure was caused by POSIX read requiring an argument.
 2021-01-21 03:56:19 -06:00
Grant Willcox efdc7f062e Land #14241, OpenMediaVault 5.5.11 Authenticated Remote Code Execution 2020-11-24 13:42:53 -06:00
Grant Willcox 34697ecc11 Apply further fixes from the review process 2020-11-09 12:11:25 -06:00