adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,366 Commits 27 Branches 1,043 Tags
11818c2812626be6b6eaeb63c8cc2342eaf38ff2
Commit Graph

7774 Commits

Author SHA1 Message Date
h4x-x0r 21b3315229 updated 
updated
 2025-01-29 20:18:05 +00:00
h4x-x0r 37c148cc7c CVE-2024-47407 
CVE-2024-47407
 2024-11-13 03:55:17 +00:00
h00die 3513c6c4db fix nsfw link 2025-01-09 20:58:40 -05:00
Ashley Donaldson 40f2eaaab1 Recognise broken SMB sessions and close them 2024-12-16 19:52:19 +11:00
bwatters-r7 48ed31f323 Fix version check 2024-12-12 17:11:53 -06:00
Diego Ledda 58702f238c Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230) 
Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
 2024-12-04 16:39:43 +01:00
jheysel-r7 05cbd1d9a3 Land #19593 Add exploit for CVE-2023-28324 (Unauthenticated RCE in Ivanti EPM) 
This exploits an unauthenticated RCE in Ivanti's EPM where a .NET remoting client can invoke a method that results in an OS command being executed in the context of NT AUTHORITY\SYSTEM.
 2024-11-20 11:18:58 -08:00
Spencer McIntyre e52edf447c Implement feedback from the PR 2024-11-20 13:51:39 -05:00
Jack Heysel 81b83f2fd6 Updated docs and check 2024-11-06 09:13:51 -08:00
Jack Heysel 5bc3e046eb Update check 2024-11-05 15:34:25 -08:00
Jack Heysel 7a5bc60aab Windows Access Mode Mismatch LPE in ks.sys [CVE-2024-35250] 2024-11-05 15:31:44 -08:00
Spencer McIntyre 5550e073dd Implement suggested changes 2024-10-31 11:29:34 -04:00
Spencer McIntyre 9f41937c7a Finish up the exploit module 2024-10-28 17:20:35 -04:00
Spencer McIntyre 27d5c95323 Refactor into an SMB server relay mixin 2024-10-24 16:25:40 -04:00
Spencer McIntyre 8ba0019ca0 Refactor the existing relay target client code 2024-10-24 16:25:40 -04:00
Jack Heysel cf85992531 Placeholder commit 2024-10-18 16:11:06 -07:00
Spencer McIntyre 77f63442d7 Add the initial higher level client 2024-10-17 12:54:25 -04:00
Spencer McIntyre 619620733d Add the initial Ivanti Agent Portal RCE 2024-10-17 12:54:25 -04:00
dledda-r7 0bf524482c Land #19345, Post module Windows LPE CVE-2024-30088 2024-09-17 08:13:21 -04:00
Jack Heysel 9fad484029 Land #19439, Update bypassuac_comhijack supported arch 
This explicitly defines x86 and x64 as supported architectures for the
bypassuac_comhijack module. Prior to this change there were no defined
architectures and if you tried to use an x64 based payload the module
would fail.
 2024-09-05 09:41:41 -07:00
Jack Heysel 152710403d Land #19330, Add SSL opt in start_service 
The start_service method now allows users to specify their SSL
preferences directly through the opts parameter. If the ssl option is
not provided in opts, it will default to the value in datastore["SSL"]
 2024-09-05 09:08:07 -07:00
Jack Heysel 434593dcb4 Suggestion and rubocop fixes 2024-09-05 08:49:32 -07:00
Jack Heysel 05c3c9ac65 Updated reliability comment 2024-09-04 14:09:04 -07:00
Jack Heysel 2da95ebc6a Remove SLEEP datastore option 2024-09-04 13:39:01 -07:00
bcoles b1ec86ebc5 bypassuac_comhijack: Specify x86/x64 as supported payload architectures 2024-09-04 23:49:33 +10:00
Jack Heysel 9ad5b41064 Rubocop 2024-08-30 12:56:10 -07:00
Jack Heysel 7bfd814297 Removed memory polling 2024-08-30 12:52:18 -07:00
bwatters 6b83f09312 Land #19421, Updates to adobe_pdf_embedded_exe 
Merge branch 'land-19421' into upstream-master
 2024-08-28 18:40:55 -05:00
adfoster-r7 fabb5d1f78 Land #19422, pgAdmin 8.4 RCE / CVE-2024-3116 2024-08-28 18:54:53 +01:00
adfoster-r7 aaf95f9134 Apply suggestions from code review 2024-08-28 18:46:08 +01:00
igomeow d0d4c3083a Fixing error message 2024-08-28 18:33:31 +02:00
igomeow 2b7cf76fc8 Fixing wrong SideEffects and Reliability values 2024-08-28 18:20:20 +02:00
igomeow 251c1c0c1e Adding check for host operating system 2024-08-28 18:17:36 +02:00
igomeow 6326cac8d4 Fixing nil safe issue 2024-08-26 23:23:43 +02:00
igomeow 7e9f52dd0b Github release 2024-08-26 23:02:53 +02:00
Spencer McIntyre db7dc6596f Fix rubocop complaints 2024-08-26 16:59:04 -04:00
Spencer McIntyre b61e6b1cc2 Add ARCH_X64 and test it, refactor to drop EXENAME 2024-08-26 16:25:03 -04:00
igomeow d1ce041fd0 Inital commit and Rubocop fixes 2024-08-26 19:27:20 +02:00
Jack Heysel 6689614d8f Responded to comments 2024-08-22 13:06:29 -07:00
Jack Heysel 31348dac33 Windows LPE CVE-2024-30088 2024-08-21 23:16:37 -07:00
dledda-r7 35da4662ed Land #19351, DIAEnergie SQL Injection 2024-08-21 09:44:15 -04:00
h4x-x0r 362b2427dc Error handling and code cleanup 
Error handling and code cleanup
 2024-08-19 22:47:19 +01:00
h4x-x0r 39d615e8d2 Added TARGETURI option 
Added TARGETURI option
 2024-08-13 20:29:30 +01:00
h4x-x0r 8e4503061a Removed debugging code 
Removed debugging code
 2024-08-07 15:23:15 +01:00
h4x-x0r 8732d7cd58 LG Simple Editor Command Injection (CVE-2023-40504) Module 
Exploit Module and Documentation for the LG Simple Editor Command Injection (CVE-2023-40504)
 2024-08-07 05:16:25 +01:00
h4x-x0r 35cbf63890 Minor fixes 
Specified a default payload
Randomized date and time
Wrapped cleanup in an ensure block
 2024-08-02 16:58:24 +01:00
h4x-x0r 80961b0fef Merge branch 'rapid7:master' into my_awesome_branch 2024-08-01 22:57:36 -05:00
dledda-r7 48c69b99fb Land #19344, FortiClient EMS FCTID SQLi to RCE fix for 7.2.x 2024-07-31 09:43:19 -04:00
h4x-x0r 341142dc23 DIAEnergie SQL Injection (CVE-2024-4548) Module 2024-07-30 13:28:10 -04:00
redwaysecurity.com a812617fee Removed "ssl_restore = true" 2024-07-26 17:30:25 +02:00