adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,542 Commits 27 Branches 1,043 Tags
19c7cf04e05614b257500a43375b06ae237e8064
Commit Graph

6933 Commits

Author SHA1 Message Date
Christophe De La Fuente d4fd890fed Add the smb_to_ldap relay module and documentation 2025-03-14 15:28:39 +01:00
msutovsky-r7 9961bfbc58 Land #19950, module for InvoiceShelf unauthenticated PHP deserialization 
InvoiceShelf unauthenticated PHP deserialization vulnerability [CVE-2024-55556]
 2025-03-14 10:21:56 +01:00
h00die-gr3y e341398871 small update on module and documentation 2025-03-10 19:35:37 +00:00
H00die.Gr3y 44bdc5b44f Update documentation/modules/exploit/linux/http/invoiceshelf_unauth_rce_cve_2024_55556.md 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-03-10 19:29:12 +01:00
h00die-gr3y 281b728000 initial module and documentation 2025-03-07 17:34:22 +00:00
Martin Sutovsky 8d7bbdd84f Sonicwall module 2025-03-04 08:20:22 +01:00
jheysel-r7 b1d0eedc26 Merge pull request #19712 from smashery/naa_creds 
NAA creds from SCCM
 2025-03-03 13:50:31 -08:00
msutovsky-r7 3c4d0aae2f Land #19899, D-Tale remote code execution module 
Add D-Tale RCE module (CVE-2024-3408, CVE-2025-0655)
 2025-03-03 13:04:45 +01:00
Takah1ro 47351e4959 Use FETCH_DELETE as default 2025-03-03 20:52:55 +09:00
Takah1ro 65d2b6380b Update vulnerable version 2025-03-02 12:14:25 +09:00
Takah1ro 77c3ce52e0 Improve: 
* Support the prior to 3.13.0 versions
* CVE-2024-3408 bypass for authentication
 2025-03-01 11:58:28 +09:00
Jack Heysel d2dd9a6d8f Add docs for ESC4,13 and 15 vulnerable template configuration 2025-02-27 22:54:24 -08:00
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
Diego Ledda 1c27e2a958 docs: update docs for rubocop 2025-02-25 12:15:52 +01:00
Diego Ledda f046e70b76 Land #19894, SimpleHelp Path Traversal CVE-2024-57727 
Land #19894, SimpleHelp Path Traversal CVE-2024-57727
 2025-02-25 12:00:34 +01:00
msutovsky-r7 576ff2fb5c Land #19878, MyScada MyPro Manager Credential Harverster Module 
mySCADA MyPRO Manager Credential Harvester (CVE-2025-24865 & CVE-2025-22896) Module
 2025-02-25 11:35:59 +01:00
Diego Ledda 33d0c0c9fd Land #19881, NetAlertX File Read (CVE-2024-48766) 
Land #19881, NetAlertX File Read (CVE-2024-48766)
 2025-02-25 10:42:52 +01:00
Jack Heysel e4ee651c9b Updated docs, fixed Notes 2025-02-24 10:26:01 -08:00
Martin Sutovsky fae3d8390a Calling check method fix & Additional documentation 2025-02-24 15:52:00 +01:00
H00die.Gr3y 2d55f5c16e Update documentation/modules/exploit/linux/http/invoiceninja_unauth_rce_cve_2024_55555.md 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-02-24 15:51:06 +01:00
h00die-gr3y 41e690445e simplified some code sections 2025-02-23 12:59:52 +00:00
h00die-gr3y ece33ee8ec added documentation 2025-02-23 09:54:26 +00:00
Takah1ro 4d4b88c94e Add D-Tale unauth RCE module (CVE-2025-0655) 2025-02-23 09:33:42 +09:00
Jack Heysel fc25e177fc SimpleHelp Path Traversal CVE-2024-57727 2025-02-21 08:15:46 -08:00
h00die-gr3y 215957465c added default options and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 15c20272ea removed linux dropper code and tested with PR 19850 2025-02-20 13:19:41 -06:00
h00die-gr3y fcc929e228 updated documentation with Linux Dropper (x86_64) target scenario 2025-02-20 13:19:41 -06:00
h00die-gr3y f857e5fe67 fixed code review and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 682be79920 first release module and documentation 2025-02-20 13:19:41 -06:00
msutovsky-r7 27120235d4 Merge branch 'rapid7:master' into netalert_file_read 2025-02-20 19:47:55 +01:00
Martin Sutovsky bd42b23ef0 Land #19883, module for unauthenticated RCE in InvokeAI 2025-02-18 14:01:11 +01:00
msutovsky-r7 f132b8ffe1 Update documentation/modules/auxiliary/scanner/http/netalertx_file_read.md 
Co-authored-by: Takahiro Yokoyama <tkhr.y0k0yama@gmail.com>
 2025-02-18 13:44:26 +01:00
msutovsky-r7 05c9550d43 Land #19877, BeyondTrust Privileged Remote Access & Remote Support RCE Module 
Exploit module for BeyondTrust Privileged Remote Access & Remote Support (CVE-2024-12356, CVE-2025-1094)
 2025-02-17 17:43:15 +01:00
Takah1ro 611556571f Update document 2025-02-17 20:32:43 +09:00
Takah1ro b454a32f3c Fix typo and update document 2025-02-17 12:52:50 +09:00
Takah1ro 0945fbba81 Add InvokeAI unauth RCE module (CVE-2024-12029) 2025-02-16 15:49:56 +09:00
Martin Sutovsky 00d4feb2b5 Adding documentation, file renaming 2025-02-14 14:43:43 +01:00
sfewer-r7 d93a99c504 rename the module 2025-02-13 12:51:46 +00:00
sfewer-r7 37276446a6 improve the description for this option 2025-02-12 17:22:43 +00:00
sfewer-r7 c9be9b65ec fix typos in docs 2025-02-12 17:22:17 +00:00
Martin Sutovsky 984f0dbb15 Land #19868, NetAlertX RCE module 2025-02-11 08:23:57 +01:00
msutovsky-r7 d96d980a24 Land #19846, module for CVE-2024-47407 MySCADA MyPro Manager 
mySCADA MyPRO Manager Command Injection (CVE-2024-47407) Module
 2025-02-10 16:25:32 +01:00
Takah1ro 9f43fcc7ad Update FETCH_COMMAND default to curl 2025-02-10 22:00:52 +09:00
Takah1ro 8d59201447 Update document 2025-02-10 21:38:14 +09:00
Takah1ro 7149d3f332 Leave cleanup as an option 2025-02-10 21:31:50 +09:00
Takah1ro b02838a8dd NetAlertx -> NetAlertX 2025-02-10 12:52:26 +09:00
Takah1ro 00f4f80530 Add NetAlertx rce module (CVE-2024-46506) 2025-02-08 14:40:31 +09:00
h4x-x0r 41a0e089ea CVE-2025-24865 & CVE-2025-22896 
CVE-2025-24865 & CVE-2025-22896
 2025-02-08 02:22:11 +00:00
bwatters-r7 7e8c35257e Update docs, fix space in module 2025-02-04 15:41:33 -06:00
Diego Ledda ba8d5b7f5a Land #19844, Add Ivanti Connect Secure HTTP Login Module 
Land #19844, Add Ivanti Connect Secure HTTP Login Module
 2025-02-03 18:17:36 +01:00