adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,366 Commits 27 Branches 1,043 Tags
11818c2812626be6b6eaeb63c8cc2342eaf38ff2
Commit Graph

76366 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Spencer McIntyre 11818c2812 Switch to using Rex's Crypto module 2025-02-27 10:52:09 -05:00
Spencer McIntyre e159ea5300 Add the NIST SP 800 108 key derivation function 2025-02-26 18:09:36 -05:00
Spencer McIntyre c9afd440f8 Add the NIST SP 800 38f key wrap function 2025-02-26 18:09:23 -05:00
jenkins-metasploit 5bb99d120f automatic module_metadata_base.json update 6.4.51 2025-02-26 19:30:51 +00:00
Spencer McIntyre c49b49bdcd Merge pull request #19893 from bwatters-r7/fix/loadmaster_priv_esc_cve 
Remove errant CVE reference.
 2025-02-26 14:24:09 -05:00
jenkins-metasploit 0cbd4d1db2 automatic module_metadata_base.json update 2025-02-25 12:20:54 +00:00
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
Diego Ledda 1c27e2a958 docs: update docs for rubocop 2025-02-25 12:15:52 +01:00
jenkins-metasploit b0cd258540 automatic module_metadata_base.json update 2025-02-25 11:10:14 +00:00
Diego Ledda f046e70b76 Land #19894, SimpleHelp Path Traversal CVE-2024-57727 
Land #19894, SimpleHelp Path Traversal CVE-2024-57727
 2025-02-25 12:00:34 +01:00
jenkins-metasploit 458d086fa6 automatic module_metadata_base.json update 2025-02-25 10:42:49 +00:00
msutovsky-r7 576ff2fb5c Land #19878, MyScada MyPro Manager Credential Harverster Module 
mySCADA MyPRO Manager Credential Harvester (CVE-2025-24865 & CVE-2025-22896) Module
 2025-02-25 11:35:59 +01:00
Spencer McIntyre 3487b485e9 Fix an API change from an old commit (#19880) 2025-02-25 10:15:33 +00:00
jenkins-metasploit b55a945669 automatic module_metadata_base.json update 2025-02-25 09:50:00 +00:00
Diego Ledda 33d0c0c9fd Land #19881, NetAlertX File Read (CVE-2024-48766) 
Land #19881, NetAlertX File Read (CVE-2024-48766)
 2025-02-25 10:42:52 +01:00
Martin Sutovsky 183d5823cc Rollback of fix for check method 2025-02-25 10:21:31 +01:00
Jack Heysel e4ee651c9b Updated docs, fixed Notes 2025-02-24 10:26:01 -08:00
h00die-gr3y 79411eace8 added code sugesstions from dledda-r7 2025-02-24 15:51:32 +00:00
Martin Sutovsky fae3d8390a Calling check method fix & Additional documentation 2025-02-24 15:52:00 +01:00
H00die.Gr3y 2d55f5c16e Update documentation/modules/exploit/linux/http/invoiceninja_unauth_rce_cve_2024_55555.md 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-02-24 15:51:06 +01:00
Martin Sutovsky e883da86cc Adding report_vuln 2025-02-24 12:19:59 +01:00
Martin Sutovsky f7342139b4 Code refactor based on PR 2025-02-24 12:05:04 +01:00
h00die-gr3y 41e690445e simplified some code sections 2025-02-23 12:59:52 +00:00
h00die-gr3y ece33ee8ec added documentation 2025-02-23 09:54:26 +00:00
H00die.Gr3y b3a5da976b Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-22 10:35:45 +01:00
h00die-gr3y 47a2079d19 initial module and laravel crypto killer mixin 2025-02-21 18:09:28 +00:00
Jack Heysel fc25e177fc SimpleHelp Path Traversal CVE-2024-57727 2025-02-21 08:15:46 -08:00
jenkins-metasploit e7ed432159 automatic module_metadata_base.json update 2025-02-21 01:30:23 +00:00
Brendan e9fc6e3b27 Merge pull request #19841 from h00die-gr3y/raspberrymatic-unauth-rce 
RaspberryMatic unauthenticated RCE (Zip Slip) [CVE-2024-24578]
 2025-02-20 19:22:30 -06:00
h00die-gr3y 215957465c added default options and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 15c20272ea removed linux dropper code and tested with PR 19850 2025-02-20 13:19:41 -06:00
h00die-gr3y fcc929e228 updated documentation with Linux Dropper (x86_64) target scenario 2025-02-20 13:19:41 -06:00
h00die-gr3y f857e5fe67 fixed code review and updated documentation 2025-02-20 13:19:41 -06:00
H00die.Gr3y 38b3741a15 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-20 13:19:41 -06:00
h00die-gr3y 682be79920 first release module and documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y baac1fc9d0 init commit module 2025-02-20 13:19:40 -06:00
Martin Sutovsky 2cdaf98c74 Fixing descriptions, filename, adding correct CVE and code reformat 2025-02-20 19:48:36 +01:00
msutovsky-r7 27120235d4 Merge branch 'rapid7:master' into netalert_file_read 2025-02-20 19:47:55 +01:00
Metasploit 3613013938 Bump version of framework to 6.4.51 2025-02-20 11:47:22 -06:00
jenkins-metasploit 42a7ff093d automatic module_metadata_base.json update 6.4.50 2025-02-20 16:20:32 +00:00
Brendan c7d59ce829 Merge pull request #19875 from dledda-r7/fix/aarch64-sigill-raspberrypi 
Fix SIGILL on staged meterpreter on RaspberryPi4
 2025-02-20 10:14:07 -06:00
h4x-x0r 0aad255e13 updated 
updated
 2025-02-20 15:40:05 +00:00
bwatters-r7 c8aea65c7a Remove errant CVE reference. 2025-02-20 08:19:23 -06:00
jenkins-metasploit 0b0b9bb68a automatic module_metadata_base.json update 2025-02-20 10:51:07 +00:00
Diego Ledda 4374484147 Land #19850, Add fetch payloads for aarch64, armbe, armle, mipsbe, mipsle, ppc, ppc64, ppc64le 
Land #19850, Add fetch payloads for aarch64, armbe, armle, mipsbe, mipsle, ppc, ppc64, ppc64le
 2025-02-20 11:43:17 +01:00
bwatters-r7 8cbcdd1f6c Add PPC64LE Fetch payloads 2025-02-19 18:10:55 -06:00
bwatters-r7 87ec9ee137 Remove CBEA64 arch values so PPC64 arches have only 1 arch value 
Multiple arches broke payload adaptyers and we do not use them, anyway
 2025-02-19 17:57:39 -06:00
dledda-r7 cdac13550b fix: sync syscall comment 2025-02-19 03:58:11 -05:00
jenkins-metasploit d626e56089 automatic module_metadata_base.json update 2025-02-19 01:40:04 +00:00
Brendan 66d657f385 Merge pull request #19810 from h00die/fix_loadmaster_2024 
Fix loadmaster privesc check method and refs
 2025-02-18 19:34:00 -06:00