adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,164 Commits 27 Branches 1,043 Tags
15268366e1ab19e6b7f2cc0f2bf424fd8347ebfc
Commit Graph

2490 Commits

Author SHA1 Message Date
Shelby Pace a2a1b91a69 Land #15341, add wpdiscuz exploit 2021-06-25 16:22:02 -05:00
Shelby Pace 6d13f0627e formatting changes 2021-06-25 16:20:42 +02:00
Shelby Pace 1194e7d0f3 add guards, adjust formatting, add docs 2021-06-25 16:20:42 +02:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
Grant Willcox 62f9d15ba3 Land #15314, Add Exploit for CVE-2021-31181 (SharePoint RCE) 2021-06-16 10:39:49 -05:00
Grant Willcox 464dcdf578 Land #15239, ipfire <= 2.25 Core Update 156 pakfire.cgi Authenticated RCE 2021-06-14 18:01:24 -05:00
Grant Willcox 537a7763f5 Land #15337, Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests 2021-06-14 15:28:40 -05:00
Grant Willcox 5b274770ef Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall 2021-06-14 15:02:38 -05:00
adfoster-r7 e40fcafbf1 Land #15339, fix typo in wp_admin_shell_upload.md 2021-06-14 18:04:30 +01:00
adfoster-r7 fb0e0f88a9 Land #15215, HashiCorp Nomad exec RCE 2021-06-14 17:49:36 +01:00
Spencer McIntyre d1be69eae6 Implement changes based on PR feedback 2021-06-14 10:15:27 -04:00
Florian CASAGRANDE 6e3e27984b Update wp_admin_shell_upload.md 2021-06-13 13:53:08 +02:00
Spencer McIntyre edee95bbb2 Update the check to not fail if a COOKIE is used 2021-06-10 11:29:07 -04:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
agalway-r7 1858b574ec Land #15305, Authenticated RCE module for NSClient++ 2021-06-09 15:38:34 +01:00
Yann Castel 14c5924044 rubocop for documentation is ok 2021-06-09 09:08:19 +02:00
Yann Castel 674eb51f86 add scenario + small changes 2021-06-09 08:59:35 +02:00
Spencer McIntyre 3afe3ebfa3 Add the module docs 2021-06-08 15:23:24 -04:00
Hakyac fd988f7f29 Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:35:10 +02:00
Hakyac e1030226de Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:17:53 +02:00
Hakyac 0834fa122d Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:17:34 +02:00
Hakyac e53ca42570 Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:16:12 +02:00
Yann Castel bf96b88446 add default port + set ssl to true 2021-06-07 16:48:16 +02:00
Yann Castel 6a7e30749d initial commit 2021-06-07 14:39:10 +02:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
Shelby Pace 8b737c2c60 Land #15231, add SuiteCRM log file rce 2021-06-03 09:11:00 -05:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
William Vu 6498554084 Clean up NetMotion Mobility exploit and docs 
Refactor target selection once again.
 2021-06-02 23:47:01 -05:00
Shelby Pace 598f925fd3 remove extra spaces 2021-06-01 11:37:45 -05:00
h00die 825cc9d284 upgraded to meterp 2021-05-29 15:55:24 -04:00
h00die 721a47ad7f cacti 1.2.12 sql to rce 2021-05-29 15:55:24 -04:00
Wyatt Dahlenburg eb76aae2a7 Merge branch 'master' of github.com:rapid7/metasploit-framework into hashicorp_nomad 2021-05-25 15:56:13 -05:00
Shelby Pace 8e4a33f2a2 Land #15223, move TokenMagic validation logic 2021-05-24 14:51:13 -05:00
M. Cory Billington e62efe0690 Added module and documentation for SuiteCRM Log File RCE 2021-05-22 00:11:19 -05:00
bwatters 8e1391f098 Land #15216, Fix targeting for CVE-2021-21551 
Merge branch 'land-15216' into upstream-master
 2021-05-21 14:56:08 -05:00
bwatters 72375d1f67 Land #15024, Add RCE Exploit For CVE-2020-0796 (SMBGhost) 
Merge branch 'land-15024' into upstream-master
 2021-05-20 17:02:04 -05:00
Spencer McIntyre a6f650a1a3 Add a clear warning about instability due to KPP 2021-05-20 17:28:14 -04:00
bwatters a89fffade1 Update check method and move it to earlier in the module to prevent crashing 
on windows 7 sp0 targets.
 2021-05-19 15:58:40 -05:00
Spencer McIntyre 56388cd696 Land #15146, Add support for extra OSes for CVE-2021-3156 (Baron Samedit) 2021-05-18 18:02:30 -04:00
Spencer McIntyre a8a1cf75b8 Reorder the Fedora targets to be descending 2021-05-18 18:02:12 -04:00
Grant Willcox 7a6bf2efbc Land #15210, Add ssl setup documentation for gitlab 2021-05-18 15:05:45 -05:00
Spencer McIntyre 78d47b11f2 Add targeting for Windows 10 v21H1 2021-05-18 12:56:02 -04:00
Wyatt Dahlenburg 6dccf0dd20 Adding Nomad documentation 2021-05-18 10:12:04 -05:00