adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,366 Commits 27 Branches 1,043 Tags
11818c2812626be6b6eaeb63c8cc2342eaf38ff2
Commit Graph

4080 Commits

Author SHA1 Message Date
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
Diego Ledda 1c27e2a958 docs: update docs for rubocop 2025-02-25 12:15:52 +01:00
H00die.Gr3y 2d55f5c16e Update documentation/modules/exploit/linux/http/invoiceninja_unauth_rce_cve_2024_55555.md 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-02-24 15:51:06 +01:00
h00die-gr3y 41e690445e simplified some code sections 2025-02-23 12:59:52 +00:00
h00die-gr3y ece33ee8ec added documentation 2025-02-23 09:54:26 +00:00
h00die-gr3y 215957465c added default options and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 15c20272ea removed linux dropper code and tested with PR 19850 2025-02-20 13:19:41 -06:00
h00die-gr3y fcc929e228 updated documentation with Linux Dropper (x86_64) target scenario 2025-02-20 13:19:41 -06:00
h00die-gr3y f857e5fe67 fixed code review and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 682be79920 first release module and documentation 2025-02-20 13:19:41 -06:00
Martin Sutovsky bd42b23ef0 Land #19883, module for unauthenticated RCE in InvokeAI 2025-02-18 14:01:11 +01:00
msutovsky-r7 05c9550d43 Land #19877, BeyondTrust Privileged Remote Access & Remote Support RCE Module 
Exploit module for BeyondTrust Privileged Remote Access & Remote Support (CVE-2024-12356, CVE-2025-1094)
 2025-02-17 17:43:15 +01:00
Takah1ro 611556571f Update document 2025-02-17 20:32:43 +09:00
Takah1ro b454a32f3c Fix typo and update document 2025-02-17 12:52:50 +09:00
Takah1ro 0945fbba81 Add InvokeAI unauth RCE module (CVE-2024-12029) 2025-02-16 15:49:56 +09:00
sfewer-r7 d93a99c504 rename the module 2025-02-13 12:51:46 +00:00
sfewer-r7 37276446a6 improve the description for this option 2025-02-12 17:22:43 +00:00
sfewer-r7 c9be9b65ec fix typos in docs 2025-02-12 17:22:17 +00:00
Martin Sutovsky 984f0dbb15 Land #19868, NetAlertX RCE module 2025-02-11 08:23:57 +01:00
Takah1ro 9f43fcc7ad Update FETCH_COMMAND default to curl 2025-02-10 22:00:52 +09:00
Takah1ro 8d59201447 Update document 2025-02-10 21:38:14 +09:00
Takah1ro 7149d3f332 Leave cleanup as an option 2025-02-10 21:31:50 +09:00
Takah1ro b02838a8dd NetAlertx -> NetAlertX 2025-02-10 12:52:26 +09:00
Takah1ro 00f4f80530 Add NetAlertx rce module (CVE-2024-46506) 2025-02-08 14:40:31 +09:00
sfewer-r7 c6d03069a9 add in the documentation 2025-01-31 11:02:01 +00:00
Martin Sutovsky 34f3957aea Land #19772, adding module for CraftCMS FTP template exploit 2025-01-23 20:21:17 +01:00
Martin Sutovsky 159b2bb6dc Land #19805, new module for LibreNMS Authenticated RCE 2025-01-20 15:33:37 +01:00
Takah1ro 54bd55b186 Update vulnerable version 2025-01-18 10:18:10 +09:00
Takah1ro ca304ae5c4 Avoid to split payload 2025-01-17 21:21:48 +09:00
Takah1ro 4e53c967c2 Update message 2025-01-16 12:59:18 +09:00
Brendan 9bd8590b99 Merge pull request #19793 from sfewer-r7/CVE-2024-55956 
Cleo LexiCom, VLTrader, and Harmony Unauthenticated Remote Code Execution (CVE-2024-55956)
 2025-01-15 15:04:45 -06:00
Jack Heysel 2254a1f213 Responded to comments 2025-01-15 09:22:44 -08:00
msutovsky-r7 0630187870 Land #19798, fixing link and code cleanup 
Fix nsfw link in mssql_clr_payload, and rubocop the module
 2025-01-15 16:41:34 +01:00
Takah1ro 10be7a80cf Update document 2025-01-13 10:56:16 +09:00
Takah1ro 93bb7fa6c5 Add LibreNMS Authenticated RCE (CVE-2024-51092) 2025-01-12 12:28:07 +09:00
Jack Heysel 18be9fc101 Added suggestions from jvoisin 2025-01-10 11:45:40 -08:00
Chocapikk b7d922f471 Fix and enhance CraftCMS FTP exploit module 2025-01-10 18:16:11 +01:00
jheysel-r7 58c359293d Merge pull request #19796 from h00die/move_acronis 
move acronis_cyber_protect_unauth_rce_cve_2022_3405 inside the http folder
 2025-01-09 18:33:22 -08:00
h00die ce9f1b9101 fix nsfw link 2025-01-09 21:23:38 -05:00
jheysel-r7 5374c7b362 Merge pull request #19676 from h00die/needrestart 
Ubuntu needrestart LPE (CVE-2024-48990)
 2025-01-09 17:02:54 -08:00
jheysel-r7 a6ba7bf9c2 Merge pull request #19734 from h00die/runc_arch 
arch linux compatibility for runc priv esc
 2025-01-09 16:45:02 -08:00
h00die 1a839c0b33 move acronis_cyber_protect_unauth_rce_cve_2022_3405 inside the http folder 2025-01-09 16:30:51 -05:00
h00die 437c9fc99e review of ubuntu_needrestart_lpe 2025-01-09 16:23:09 -05:00
Diego Ledda 5cfaf4871d Land #19738, Pandora FMS auth RCE (CVE-2024-11320) 
Land #19738, Pandora FMS auth RCE (CVE-2024-11320)
 2025-01-09 17:16:58 +01:00
Diego Ledda fea171357a Land #19771, Add Selenium Firefox RCE module (CVE-2022-28108) 
Land #19771, Add Selenium Firefox RCE module (CVE-2022-28108)
 2025-01-08 13:44:33 +01:00
jheysel-r7 0ff2835bb7 Merge pull request #19770 from h00die-gr3y/netis-unauth-rce 
Netis Router Exploit Chain Reactor [CVE-2024-48455, CVE-2024-48456 and CVE-2024-48457]
 2025-01-07 17:24:37 -08:00
Diego Ledda 7ead96a740 Land #19769, Add Selenium Chrome RCE module (CVE-2022-28108) 
Land #19769, Add Selenium Chrome RCE module (CVE-2022-28108)
 2025-01-07 11:10:37 +01:00
H00die.Gr3y 9a6d074463 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-01-07 09:25:41 +01:00
sfewer-r7 3ff685b70e fix three typos 2025-01-06 09:42:21 +00:00
sfewer-r7 fe7334fae2 add in CVE-2024-55956 exploit 2025-01-06 09:26:44 +00:00