adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,090 Commits 27 Branches 1,043 Tags
167e33dac0e98e59e6ecb4fc0ee701152f4eaba3
Commit Graph

31050 Commits

Author SHA1 Message Date
Alexandre ZANNI 167e33dac0 safe navigation operator on res 2021-06-25 17:09:20 +02:00
Shelby Pace 6d13f0627e formatting changes 2021-06-25 16:20:42 +02:00
Shelby Pace 1194e7d0f3 add guards, adjust formatting, add docs 2021-06-25 16:20:42 +02:00
Alexandre ZANNI 67406e71e4 WordPress wpDiscuz Unauthenticated File Upload Vulnerability 2021-06-15 14:15:30 +02:00
Grant Willcox 464dcdf578 Land #15239, ipfire <= 2.25 Core Update 156 pakfire.cgi Authenticated RCE 2021-06-14 18:01:24 -05:00
Spencer McIntyre f58bbc236f Land #15319, Fix a localization issue 2021-06-14 16:42:19 -04:00
Grant Willcox 537a7763f5 Land #15337, Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests 2021-06-14 15:28:40 -05:00
Grant Willcox 5b274770ef Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall 2021-06-14 15:02:38 -05:00
pingport80 7c597b4ca2 define error_token as a random alphanumeric string 2021-06-14 23:32:44 +05:30
Gaurav Purswani 622e82cf44 Update modules/post/windows/gather/enum_hyperv_vms.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-06-14 23:23:12 +05:30
Gaurav Purswani 59928bf941 Update modules/post/windows/gather/enum_hyperv_vms.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-06-14 23:23:04 +05:30
adfoster-r7 fb0e0f88a9 Land #15215, HashiCorp Nomad exec RCE 2021-06-14 17:49:36 +01:00
Wyatt Dahlenburg 1789c7b070 Adding notes to Nomad Module 2021-06-14 10:39:23 -05:00
pingport80 9929d1c11d fix new rubocop errors 2021-06-14 18:25:22 +05:30
pingport80 beba2a6e46 add error_token in case the command fails and remove regexp from psh_exec 2021-06-14 15:02:39 +05:30
0xShoreditch 8eddecc858 Update apache_activemq_upload_jsp.rb 
Corrected a minor error where the URI and filesystem path were not separated.
 2021-06-13 07:27:56 +01:00
h00die 0f16c1a633 Land #14836, emby ssrf module and scanner for cve-2020-26948 2021-06-12 15:18:12 -04:00
h00die d58eb309e6 update module location 2021-06-12 15:07:03 -04:00
Grant Willcox e3a0228f79 Adjust exploit module title for rubocop compliance 2021-06-10 16:54:35 -05:00
Grant Willcox de8180b666 Update module title to correct state affected versions 2021-06-10 09:42:26 -05:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
Grant Willcox 038d0b1334 Add in autocheck compatability, update the documentation and output to be clearer, minimize traffic sent, fix up invalid scoping of variables, randomize data where possible, and add in exploit notes 2021-06-10 09:34:52 -05:00
MucahitSaratar 83caaccc6a adding backup 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:47 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
btnz-k f684955537 updated documentation, modified var type 2021-06-09 15:26:29 -07:00
pingport80 669586a3ed fix localization issue in windows/enum_hyperv_vms and chomp extra data from psh_exec method 2021-06-09 23:35:27 +05:30
agalway-r7 1858b574ec Land #15305, Authenticated RCE module for NSClient++ 2021-06-09 15:38:34 +01:00
Yann Castel c7b7b871c9 missing variable e for rescue 2021-06-09 11:13:39 +02:00
Yann Castel 674eb51f86 add scenario + small changes 2021-06-09 08:59:35 +02:00
Hakyac dc40cddb04 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:38:01 +02:00
Hakyac d2bf8ae912 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:34:40 +02:00
Yann Castel 2df710158e conflict fixed 2021-06-08 15:29:38 +02:00
Yann Castel 31515faccb various changes 2021-06-08 15:26:50 +02:00
Hakyac ce0c699213 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:11:25 +02:00
Hakyac 1f2f04b0d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:10:08 +02:00
Yann Castel cf5848ab3e add comment for second token generation 2021-06-08 14:31:03 +02:00
Hakyac 9e0b7cb171 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:21:04 +02:00
Hakyac 21bfa629d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:52 +02:00
Hakyac 38c63a6966 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:32 +02:00
Yann Castel e9305dc622 rubocop ok 2021-06-08 09:32:51 +02:00
btnz-k 93f0f62b05 MSFTIDY 2021-06-07 08:40:11 -07:00
Yann Castel bf96b88446 add default port + set ssl to true 2021-06-07 16:48:16 +02:00
Yann Castel 212039fa6b rubocop ok 2021-06-07 16:30:42 +02:00
Yann Castel 6a7e30749d initial commit 2021-06-07 14:39:10 +02:00
btnz-k 3b14151bda Post-'rubocop -a' job. 2021-06-06 14:56:55 -07:00
Grant Willcox 69690ef09e Fix RuboCop issues with sudo_baron_samedit.rb that were causing failures in some builds 2021-06-04 12:03:13 -05:00
Spencer McIntyre 1d003e9dee Land #15293, Redis extractor improvements 2021-06-04 10:23:07 -04:00
Spencer McIntyre eea2f10f2e Use ALL_CAPS for normal datastore options 2021-06-04 10:22:42 -04:00
Spencer McIntyre 0903fc8b37 Land #15284, fix a localization issue 2021-06-04 09:39:49 -04:00