adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,405 Commits 27 Branches 1,043 Tags
1314f5d0bbb547dbceefeb8da2e01abfbc07d936
Commit Graph

1560 Commits

Author SHA1 Message Date
Diego Ledda 1314f5d0bb Merge pull request #20455 from Chocapikk/aitemi_m300_time_rce 
Add unauthenticated RCE on Shenzhen Aitemi M300 MT02 (CVE-2025-34152)
 2025-09-10 10:12:41 +02:00
Brendan da7224ed1b Merge pull request #20376 from msutovsky-r7/exploit/sudo-chroot-privesc 
Adds module for sudo chroot LPE (CVE-2025-32463)
 2025-09-03 16:53:43 -05:00
h00die 4591de4cae last changes for persistence bash module after peer review 2025-09-01 17:49:49 -04:00
h00die fa9d58bb73 update bash_profile to persistence mixin 2025-08-30 15:17:50 -04:00
Brendan f1dffd3ad6 Merge pull request #20480 from msutovsky-r7/exploit/pretalx/file-rw 
Adds modules for Pretalx File Read/Limited File Write (CVE-2023-28459, CVE-2023-28458)
 2025-08-27 15:46:39 -05:00
Martin Sutovsky f43b141886 Fine-tunning docs 2025-08-27 21:18:03 +02:00
Martin Sutovsky 61a0d68d97 Fine-tuning docs 2025-08-27 19:22:46 +02:00
Martin Sutovsky 23f486dc53 Updates docs 2025-08-27 19:16:33 +02:00
Martin Sutovsky 7196786258 Clarifies docs 2025-08-27 18:12:54 +02:00
Martin Sutovsky eef1d34506 Adds more comprehensive check, updates build instructions 2025-08-27 17:58:11 +02:00
Martin Sutovsky d49870211b Adding exceptions to exploit module, bug fix for aux module, adds documentation for exploit module 2025-08-22 15:26:46 +02:00
Martin Sutovsky 72dcc5a301 Library fix 2025-08-21 07:21:56 +02:00
Spencer McIntyre 5735a82df7 Merge pull request #20460 from msutovsky-r7/exploit/ndsudo-priv-esc 
Adds an exploit for ndsudo privilege escalation (CVE-2024-32019)
 2025-08-20 14:13:24 -04:00
Martin Sutovsky aae5356190 Updates the docs 2025-08-20 12:10:11 +02:00
Martin Sutovsky 38f81e073f Fixing documentation, adds more reliable cmd_exec 2025-08-15 07:26:56 +02:00
jheysel-r7 8251d89e92 Merge pull request #20400 from msutovsky-r7/exploit/pivotx-rce 
Adds module for PivotX RCE (CVE-2025-52367)
 2025-08-12 12:28:28 -07:00
jheysel-r7 e59a24823b Merge pull request #20387 from h00die-gr3y/wazuh-auth-rce 
Wazuh Server authenticated RCE [CVE-2025-24016]
 2025-08-12 09:22:22 -07:00
Martin Sutovsky fbd1c1767f Finish documentation, adds description and notes 2025-08-11 16:25:56 +02:00
Martin Sutovsky d219efc0ac Adds documentation, adds check method 2025-08-11 12:25:33 +02:00
Chocapikk baacd6f2bf Update CVE-ID in documentation 2025-08-07 21:54:38 +02:00
Chocapikk 87eb063460 Add unauthenticated RCE on Shenzhen Aitemi M300 MT02 (CVE-2025-34152) 2025-08-07 18:34:49 +02:00
msutovsky-r7 9caa2be9a2 Land #20399, adds module for Pandora ITSM authenticated RCE (CVE-2025-4653) 
Pandora ITSM auth RCE [CVE-2025-4653]
 2025-08-07 08:37:45 +02:00
Martin Sutovsky 162f73942c Specifies version in documentation 2025-08-07 07:35:16 +02:00
Martin Sutovsky caab87096e Addressing comments, updating docs 2025-08-07 07:35:14 +02:00
Martin Sutovsky cf0f35c8e0 Updating docs 2025-08-07 07:35:13 +02:00
Martin Sutovsky d8f0f5a0fe Adding check method, base for documentation 2025-08-07 07:35:12 +02:00
Chocapikk 6ff04da954 Add LPE suggestions in documentation 2025-08-04 18:33:28 +02:00
Chocapikk 7d744c2a45 Update documentation 2025-08-04 17:51:42 +02:00
Valentin Lobstein c8f756dd37 Update documentation/modules/exploit/linux/http/ictbroadcast_unauth_cookie.md 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-04 17:02:12 +02:00
Chocapikk 50ef5edd90 Add Unauthenticated ICTBroadcast Remote Code Execution (CVE-2025-2611) 2025-08-02 19:46:14 +02:00
msutovsky-r7 8130316de9 Removes unnecessary new line 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-08-01 10:02:46 +02:00
Martin Sutovsky 744188fb88 Updates docs 2025-08-01 09:40:08 +02:00
h00die-gr3y 3d0cfd0dfc update module + documentation based on review comments 2025-07-30 20:24:56 +00:00
h00die-gr3y 4b52708357 update module + documentation based on review comments 2025-07-30 11:39:20 +00:00
Martin Sutovsky 54c86cfc10 Addressing comments 2025-07-24 12:19:47 +02:00
jheysel-r7 05f2012ccc Merge pull request #20338 from Chocapikk/xorcom 
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)
 2025-07-22 08:19:36 -07:00
Martin Sutovsky ed5c13330f Module init 2025-07-21 12:41:38 +02:00
h00die-gr3y 58704e9eab init module + documentation 2025-07-20 19:06:01 +00:00
adfoster-r7 8fe815da6f Merge pull request #20394 from cgranleese-r7/update-docs-to-reflect-new-default-prompt 
Updates docs to reflect new default prompt
 2025-07-17 12:53:02 +01:00
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
Diego Ledda 18d61d3763 Merge pull request #20356 from msutovsky-r7/exploit/pandorafms_netflow_rce 
Add module for authenticated PandoraFMS command injection (CVE-2025-5306)
 2025-07-17 11:58:54 +02:00
Diego Ledda ca9535e39a Update pandora_fms_auth_netflow_rce.md 2025-07-17 11:29:07 +02:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
Chocapikk b06903810c feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs 2025-07-16 21:25:17 +02:00
Martin Sutovsky f773e3aef9 Updates docs 2025-07-16 12:25:28 +02:00
h00die-gr3y 7a9cd79170 small update on the documentation 2025-07-16 09:32:47 +00:00
h00die-gr3y 639315452c added attackerkb reference + documenttaion 2025-07-16 09:29:14 +00:00
msutovsky-r7 ffdfa07954 Land #20354, adds module for ISPConfig code injection (CVE-2023-46818) 
Add module for ISPConfig Code Injection (CVE-2023-46818)
 2025-07-09 07:47:56 +02:00
Martin Sutovsky ffa2152a6a Updates docs 2025-07-07 11:56:53 +02:00
Martin Sutovsky 5c8d918e3d Fixes documentation 2025-06-28 17:07:44 +02:00