adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,088 Commits 27 Branches 1,043 Tags
0cae369a455a1a60ac1265509b849162694de4bc
Commit Graph

35300 Commits

Author SHA1 Message Date
Zach Goldman d960aa522c Land #18348, Splunk account take over (CVE-2023-32707) leading to RCE 2023-10-26 11:34:02 -04:00
Heyder Andrade e5e58bc0be Update modules/exploits/multi/http/splunk_privilege_escalation_cve_2023_32707.rb 
Co-authored-by: Zach Goldman <106169455+zgoldman-r7@users.noreply.github.com>
 2023-10-26 14:03:06 +02:00
Christophe De La Fuente 9e5e57390f Land #18194, Useradd post module 2023-10-25 19:29:59 +02:00
Christophe De La Fuente 14a5aaab98 Fix small typo 2023-10-25 19:28:23 +02:00
Heyder Andrade c0af43c10b Update modules/exploits/multi/http/splunk_privilege_escalation_cve_2023_32707.rb 
Co-authored-by: Zach Goldman <106169455+zgoldman-r7@users.noreply.github.com>
 2023-10-25 11:02:30 +02:00
Christophe De La Fuente ff9639e6a6 Land #18460, VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE 2023-10-24 17:32:28 +02:00
Heyder Andrade 5e19c8fd88 Update splunk_privilege_escalation_cve_2023_32707.rb 2023-10-24 14:44:27 +02:00
h00die fa71d8b6e2 set all targets to dynamically build list 2023-10-23 06:54:38 -04:00
h00die 97f9edb5f7 review 2023-10-23 06:35:23 -04:00
Spencer McIntyre 15aaa90379 Land #18447, CVE-2023-22515 Confluence Auth Bypass 
CVE-2023-22515 - Atlassian Confluence Data Center and Server Authentication Bypass
 2023-10-19 17:35:17 -04:00
Spencer McIntyre ee0e5b9eda Tidy the docs, fix the username 
The username can not contain capital letters, or the operation will
fail.
 2023-10-19 17:19:55 -04:00
Emir Polat c79cc5a36b Final Checks 2023-10-19 17:19:55 -04:00
Emir Polat b3a9579e8a Update modules/auxiliary/admin/http/atlassian_confluence_auth_bypass.rb 
Implement changes proposed by Spencer McIntyre (smcintyre-r7)
 2023-10-19 17:19:30 -04:00
emirpolatt 258ac6421b Fix fail_with response code compare and documentation fixes 2023-10-19 17:19:30 -04:00
emirpolatt 7c977e07ef Remove of the X-Atlassian-Token header from server-info.action 2023-10-19 17:19:30 -04:00
emirpolatt 236a301f27 Check method fixes 
get_confluence_version inside to check method. Also new status messages
 2023-10-19 17:19:08 -04:00
Christophe De La Fuente da9d04d32d Land #18461, CVE-2023-22515 - Atlassian Confluence unauthenticated RCE 2023-10-19 10:22:57 +02:00
sfewer-r7 5e84f57ab3 set :random to true during generate_jar so we can randomize teh metasploit class path 2023-10-18 09:53:46 +01:00
sfewer-r7 fcffd36af0 no need to test for true, jsut return the value as we are waiting for done to be set to true 2023-10-18 09:37:04 +01:00
sfewer-r7 9fdbccb74f catch a JSON ParserError exception and fail_with() if needed. Also detect if the JSON data doesnt have the expected value and fail_with() if needed 2023-10-18 09:36:02 +01:00
h00die 00b534dbed review 2023-10-17 13:17:10 -04:00
sfewer-r7 34107e4f3b favod over for string concatenation. 2023-10-17 11:36:07 +01:00
sfewer-r7 0fc35bf6d3 randomize the plugins version number 2023-10-17 10:01:02 +01:00
sfewer-r7 415bd49b15 use next semantics to return from a yielded block early (note we cannot use return for this) 2023-10-17 09:43:00 +01:00
sfewer-r7 54f334479a fix another typo 2023-10-17 09:30:52 +01:00
sfewer-r7 9e6e9538e1 typo 2023-10-17 09:29:38 +01:00
sfewer-r7 d2438bad4e add a note to explain we need to concat a trailing forward slash 2023-10-17 09:28:04 +01:00
sfewer-r7 4acdaf3087 typos 2023-10-17 09:22:09 +01:00
sfewer-r7 d17f065f12 remove 'localhost' in favor of some random chars 2023-10-17 09:21:28 +01:00
sfewer-r7 3242a7009b clarify timeout is in seconds 2023-10-17 09:11:05 +01:00
sfewer-r7 b97cb9f63d remove whitespace 2023-10-17 09:10:28 +01:00
sfewer-r7 1c027ac05c add an RCE exploit for CVE-2023-22515 2023-10-16 20:50:18 +01:00
h00die b3b1595ef4 vmware aria ssh keys exploit 2023-10-16 13:06:17 -04:00
cgranleese-r7 9def455f65 Land #18449, Update mysql authbypass hashdump module to correctly close sockets 2023-10-13 11:43:59 +01:00
emirpolatt 0cb56c1de5 Some fixes 2023-10-13 02:16:17 -07:00
emirpolatt e48ead5e8c Fingerprint reduction with Rex::Text.rand_text_alpha(8) 2023-10-13 02:11:57 -07:00
emirpolatt 84f5c7321e Reducing fingerprinting via Rex::Text.rand_text_alpha(8) 2023-10-13 02:02:13 -07:00
emirpolatt 9219a3e90a Adding AttackerKB analysis URL 2023-10-13 01:56:14 -07:00
Spencer McIntyre 05dd2e1473 Land #18351, Apache Superset RCE (CVE-2023-37941) 2023-10-12 17:10:10 -04:00
Jack Heysel d31a485d63 Land #18383, improves enum_computers module 
This PR adds a variety of improvements to the
enum_computers module including shell and powershell
support as well as improvements to run on non-english
systems.
 2023-10-12 13:01:54 -04:00
adfoster-r7 075fe09c2f Fix mysql authbypass running out of sockets 2023-10-12 17:40:33 +01:00
adfoster-r7 80d2fa738d Land #18296, update more mysql modules to support newer authentication methods 2023-10-12 17:19:02 +01:00
Spencer McIntyre 86b7ec4518 Address comments from the review 2023-10-12 09:50:19 -04:00
Spencer McIntyre 4f734379d3 Add module docs and print some messages 2023-10-12 09:27:26 -04:00
Spencer McIntyre 0799f9d860 Add a check method and populate module metadata 2023-10-12 09:27:26 -04:00
Spencer McIntyre 7a226ba285 Randomize components in the MAR file 2023-10-12 09:27:26 -04:00
Spencer McIntyre 5a6dc7f9a6 Initial commit of CVE-2023-43654 2023-10-12 09:27:26 -04:00
Rory McKinley 1b172768b4 Use upstream ruby-mysql in Remote::MYSQL 
* ... and dependents
 2023-10-12 13:08:35 +02:00
cgranleese-r7 3da17d2775 Addresses PR feedback 2023-10-12 10:59:29 +01:00
emirpolatt 2b05dab554 Fix: Msftidy Warnings 2023-10-11 12:19:40 -07:00