adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,573 Commits 27 Branches 1,043 Tags
0df07d7693e0d16bf54f2d3ee150f3241f2e2829
Commit Graph

3830 Commits

Author SHA1 Message Date
dledda-r7 35da4662ed Land #19351, DIAEnergie SQL Injection 2024-08-21 09:44:15 -04:00
dwelch-r7 f3a220518a Land #19394, SPIP Unauthenticated RCE Exploit 2024-08-21 13:58:26 +01:00
Chocapikk 62ab17b14d Update documentation and Docker Compose for SPIP, remove Rex.sleep() in Metasploit module due to stable payload. 2024-08-20 19:41:05 +02:00
Chocapikk c7d20853d6 Update documentation 2024-08-19 19:51:36 +02:00
Chocapikk 3d90eb0f43 Add spip_porte_plume_previsu_rce 2024-08-16 10:50:23 +02:00
cgranleese-r7 dbc51d1cd4 Land #19347, OpenMetadata authentication bypass and SpEL injection exploit chain[CVE-2024-28255 and CVE-2024-28254] 2024-08-14 16:06:10 +01:00
dledda-r7 f211fcb6a6 Land #19370, LG Simple Editor Command Injection 2024-08-14 10:22:29 -04:00
cgranleese-r7 36322ff274 Land #19348, Apache HugeGraph Gremlin RCE (CVE-2024-27348) 2024-08-14 10:06:21 +01:00
h4x-x0r 8732d7cd58 LG Simple Editor Command Injection (CVE-2023-40504) Module 
Exploit Module and Documentation for the LG Simple Editor Command Injection (CVE-2023-40504)
 2024-08-07 05:16:25 +01:00
h00die-gr3y 8f0d22ded4 Fourth release module and documentation 2024-08-02 21:04:50 +00:00
Jack Heysel 75c737dabe Responded to comments 2024-08-02 10:47:53 -07:00
h4x-x0r 2ce0a7a3fd v7.15 Support added 
Updated to work with v7.15 too.
 2024-08-02 15:43:26 +01:00
h4x-x0r c8eb919af8 rm calibre 
rm calibre
 2024-08-02 06:18:34 +01:00
h4x-x0r 6dbb264a0d Calibre Python Code Injection (CVE-2024-6782) 
New Exploit Module for Calibre Python Code Injection (CVE-2024-6782)
 2024-08-02 06:03:15 +01:00
h4x-x0r 025354b0ef Calibre Python Code Injection (CVE-2024-6782) 
Exploit Module for Calibre Python Code Injection (CVE-2024-6782)
 2024-08-02 05:56:46 +01:00
h4x-x0r 6e3f95fd3a Delete documentation/modules/exploit/multi/misc/calibre_exec.md 2024-08-01 23:29:34 -05:00
h4x-x0r 80961b0fef Merge branch 'rapid7:master' into my_awesome_branch 2024-08-01 22:57:36 -05:00
h4x-x0r 6aa4d2e806 Documentation for Exploit Module Calibre Python Code Injection (CVE-2024-6782) 2024-08-01 23:56:33 -04:00
h00die-gr3y 75b3afb0ce Third release module and documentation 2024-07-31 14:34:44 +00:00
dledda-r7 48c69b99fb Land #19344, FortiClient EMS FCTID SQLi to RCE fix for 7.2.x 2024-07-31 09:43:19 -04:00
Christophe De La Fuente 24c8a2bf5f Land #19331, Update empire_skywalker module 2024-07-31 12:27:06 +02:00
Takah1ro 4f061c87fb Update document 2024-07-31 15:43:03 +09:00
h4x-x0r 2d9aed7ec3 fixed typo 2024-07-30 13:39:03 -04:00
h4x-x0r cd1c100bd8 DIAEnergie SQL Injection (CVE-2024-4548) Module Documentation 2024-07-30 13:21:34 -04:00
Jack Heysel d7ae1b5463 Minor fixes 2024-07-30 09:19:12 -07:00
Christophe De La Fuente ba7c7b6456 Land #19298, OpenMediaVault authenticated RCE [CVE-2013-3632] 2024-07-30 17:40:39 +02:00
Jack Heysel 464f0b2d48 Apache HugeGraph Gremlin RCE (CVE-2024-27348) 2024-07-29 14:08:38 -07:00
h00die-gr3y b3ce0ad4ed Second release module and documentation 2024-07-29 16:15:17 +00:00
Takahiro Yokoyama 598498832c Merge branch 'rapid7:master' into master 2024-07-27 09:21:28 +09:00
h4x-x0r 14945679ba Updated email generation part. 2024-07-25 23:54:27 -04:00
h4x-x0r c8feb5c5e6 Updated formatting 2024-07-24 22:40:00 -04:00
Jack Heysel c05aebe248 Formatting 2024-07-24 11:16:26 -07:00
Jack Heysel e9cbb9287c Add support for 7.2.x 2024-07-24 10:45:38 -07:00
Takah1ro 0f6e2a62b5 Fix numbering 2024-07-24 19:27:11 +09:00
Takah1ro 86ae938b1f Add # 2024-07-24 18:55:52 +09:00
Takah1ro b023ebfb7d Add space at EOL 2024-07-24 18:51:23 +09:00
Takah1ro dc60fe8025 Update skywalker.md 2024-07-24 18:49:09 +09:00
h4x-x0r 9bfaf6343a Updated the module to take advantage of the check method 2024-07-23 23:48:32 -04:00
h4x-x0r 2bdba1a48d Documentation for the MyPRO Command Injection (CVE-2023-28384) Module. 2024-07-22 16:46:37 -04:00
Takahiro Yokoyama a18ce36459 Update empire_skywalker.md 2024-07-21 09:36:45 +09:00
h00die-gr3y b65c7ecb08 added support for all openmediavault versions (0.1 - 7.4.2-2) 2024-07-20 20:55:33 +00:00
Takahiro Yokoyama 48ea314138 Update empire_skywalker.md 2024-07-20 14:44:15 +09:00
Takahiro Yokoyama ec45763f05 Add empire_skywalker module documentation 2024-07-20 14:10:00 +09:00
bwatters 636c72965c Land #19084, Add CVE-2022-1373 and CVE-2022-2334 exploit chain 
Merge branch 'land-19084' into upstream-master
 2024-07-19 12:22:25 -05:00
bwatters 9b7b1fd16e Land #19313, Ghostscript Command Execution via Format String (CVE-2024-29510) 
Merge branch 'land-19313' into upstream-master
 2024-07-19 11:24:11 -05:00
h00die-gr3y a9f8475bf5 moved module + doc to exploit/unix/webapp 2024-07-16 15:50:20 +00:00
Christophe De La Fuente e9c511c979 Add documentation and some updates 2024-07-16 16:34:28 +02:00
Jack Heysel f7449ea850 Land #19311, Add GeoServer unauth RCE module 
This adds an exploit module for CVE-2024-36401, an unauthenticated RCE
vulnerability in GeoServer versions prior to 2.23.6, between version
2.24.0 and 2.24.3 and in version 2.25.0, 2.25.1.
 2024-07-12 11:07:36 -07:00
H00die.Gr3y 292c177b74 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-07-12 19:20:46 +02:00
Jack Heysel 5d210b548b added windows support 2024-07-11 16:34:07 -07:00