adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,366 Commits 27 Branches 1,043 Tags
11818c2812626be6b6eaeb63c8cc2342eaf38ff2
Commit Graph

6917 Commits

Author SHA1 Message Date
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
Diego Ledda 1c27e2a958 docs: update docs for rubocop 2025-02-25 12:15:52 +01:00
Diego Ledda f046e70b76 Land #19894, SimpleHelp Path Traversal CVE-2024-57727 
Land #19894, SimpleHelp Path Traversal CVE-2024-57727
 2025-02-25 12:00:34 +01:00
msutovsky-r7 576ff2fb5c Land #19878, MyScada MyPro Manager Credential Harverster Module 
mySCADA MyPRO Manager Credential Harvester (CVE-2025-24865 & CVE-2025-22896) Module
 2025-02-25 11:35:59 +01:00
Diego Ledda 33d0c0c9fd Land #19881, NetAlertX File Read (CVE-2024-48766) 
Land #19881, NetAlertX File Read (CVE-2024-48766)
 2025-02-25 10:42:52 +01:00
Jack Heysel e4ee651c9b Updated docs, fixed Notes 2025-02-24 10:26:01 -08:00
Martin Sutovsky fae3d8390a Calling check method fix & Additional documentation 2025-02-24 15:52:00 +01:00
H00die.Gr3y 2d55f5c16e Update documentation/modules/exploit/linux/http/invoiceninja_unauth_rce_cve_2024_55555.md 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-02-24 15:51:06 +01:00
h00die-gr3y 41e690445e simplified some code sections 2025-02-23 12:59:52 +00:00
h00die-gr3y ece33ee8ec added documentation 2025-02-23 09:54:26 +00:00
Jack Heysel fc25e177fc SimpleHelp Path Traversal CVE-2024-57727 2025-02-21 08:15:46 -08:00
h00die-gr3y 215957465c added default options and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 15c20272ea removed linux dropper code and tested with PR 19850 2025-02-20 13:19:41 -06:00
h00die-gr3y fcc929e228 updated documentation with Linux Dropper (x86_64) target scenario 2025-02-20 13:19:41 -06:00
h00die-gr3y f857e5fe67 fixed code review and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 682be79920 first release module and documentation 2025-02-20 13:19:41 -06:00
msutovsky-r7 27120235d4 Merge branch 'rapid7:master' into netalert_file_read 2025-02-20 19:47:55 +01:00
Martin Sutovsky bd42b23ef0 Land #19883, module for unauthenticated RCE in InvokeAI 2025-02-18 14:01:11 +01:00
msutovsky-r7 f132b8ffe1 Update documentation/modules/auxiliary/scanner/http/netalertx_file_read.md 
Co-authored-by: Takahiro Yokoyama <tkhr.y0k0yama@gmail.com>
 2025-02-18 13:44:26 +01:00
msutovsky-r7 05c9550d43 Land #19877, BeyondTrust Privileged Remote Access & Remote Support RCE Module 
Exploit module for BeyondTrust Privileged Remote Access & Remote Support (CVE-2024-12356, CVE-2025-1094)
 2025-02-17 17:43:15 +01:00
Takah1ro 611556571f Update document 2025-02-17 20:32:43 +09:00
Takah1ro b454a32f3c Fix typo and update document 2025-02-17 12:52:50 +09:00
Takah1ro 0945fbba81 Add InvokeAI unauth RCE module (CVE-2024-12029) 2025-02-16 15:49:56 +09:00
Martin Sutovsky 00d4feb2b5 Adding documentation, file renaming 2025-02-14 14:43:43 +01:00
sfewer-r7 d93a99c504 rename the module 2025-02-13 12:51:46 +00:00
sfewer-r7 37276446a6 improve the description for this option 2025-02-12 17:22:43 +00:00
sfewer-r7 c9be9b65ec fix typos in docs 2025-02-12 17:22:17 +00:00
Martin Sutovsky 984f0dbb15 Land #19868, NetAlertX RCE module 2025-02-11 08:23:57 +01:00
msutovsky-r7 d96d980a24 Land #19846, module for CVE-2024-47407 MySCADA MyPro Manager 
mySCADA MyPRO Manager Command Injection (CVE-2024-47407) Module
 2025-02-10 16:25:32 +01:00
Takah1ro 9f43fcc7ad Update FETCH_COMMAND default to curl 2025-02-10 22:00:52 +09:00
Takah1ro 8d59201447 Update document 2025-02-10 21:38:14 +09:00
Takah1ro 7149d3f332 Leave cleanup as an option 2025-02-10 21:31:50 +09:00
Takah1ro b02838a8dd NetAlertx -> NetAlertX 2025-02-10 12:52:26 +09:00
Takah1ro 00f4f80530 Add NetAlertx rce module (CVE-2024-46506) 2025-02-08 14:40:31 +09:00
h4x-x0r 41a0e089ea CVE-2025-24865 & CVE-2025-22896 
CVE-2025-24865 & CVE-2025-22896
 2025-02-08 02:22:11 +00:00
bwatters-r7 7e8c35257e Update docs, fix space in module 2025-02-04 15:41:33 -06:00
Diego Ledda ba8d5b7f5a Land #19844, Add Ivanti Connect Secure HTTP Login Module 
Land #19844, Add Ivanti Connect Secure HTTP Login Module
 2025-02-03 18:17:36 +01:00
Martin Sutovsky 09db1f4e72 Adding documentation 2025-02-03 15:29:49 +01:00
sfewer-r7 c6d03069a9 add in the documentation 2025-01-31 11:02:01 +00:00
TheBigStonk d67dcda2c6 Added Argus LFI Module and Docs 2025-01-31 00:23:34 +13:00
Martin Sutovsky 34f3957aea Land #19772, adding module for CraftCMS FTP template exploit 2025-01-23 20:21:17 +01:00
Martin Sutovsky 159b2bb6dc Land #19805, new module for LibreNMS Authenticated RCE 2025-01-20 15:33:37 +01:00
Takah1ro 54bd55b186 Update vulnerable version 2025-01-18 10:18:10 +09:00
Takah1ro ca304ae5c4 Avoid to split payload 2025-01-17 21:21:48 +09:00
Takah1ro 4e53c967c2 Update message 2025-01-16 12:59:18 +09:00
Brendan 9bd8590b99 Merge pull request #19793 from sfewer-r7/CVE-2024-55956 
Cleo LexiCom, VLTrader, and Harmony Unauthenticated Remote Code Execution (CVE-2024-55956)
 2025-01-15 15:04:45 -06:00
Jack Heysel 2254a1f213 Responded to comments 2025-01-15 09:22:44 -08:00
msutovsky-r7 0630187870 Land #19798, fixing link and code cleanup 
Fix nsfw link in mssql_clr_payload, and rubocop the module
 2025-01-15 16:41:34 +01:00
Takah1ro 10be7a80cf Update document 2025-01-13 10:56:16 +09:00
Takah1ro 93bb7fa6c5 Add LibreNMS Authenticated RCE (CVE-2024-51092) 2025-01-12 12:28:07 +09:00