aaf95f9134
Apply suggestions from code review
2024-08-28 18:46:08 +01:00
7e9f52dd0b
Github release
2024-08-26 23:02:53 +02:00
b3605bd951
Documentation
2024-08-26 19:59:17 +02:00
8732d7cd58
LG Simple Editor Command Injection (CVE-2023-40504) Module
...
Exploit Module and Documentation for the LG Simple Editor Command Injection (CVE-2023-40504)
2024-08-07 05:16:25 +01:00
48c69b99fb
Land #19344 , FortiClient EMS FCTID SQLi to RCE fix for 7.2.x
2024-07-31 09:43:19 -04:00
c05aebe248
Formatting
2024-07-24 11:16:26 -07:00
e9cbb9287c
Add support for 7.2.x
2024-07-24 10:45:38 -07:00
636c72965c
Land #19084 , Add CVE-2022-1373 and CVE-2022-2334 exploit chain
...
Merge branch 'land-19084' into upstream-master
2024-07-19 12:22:25 -05:00
ecb628eaab
Add module and documentation
2024-06-20 15:30:54 +02:00
dc70aa0896
Land #19247 , PHP CGI Arg injection RCE
...
XAMPP installs running on Windows system configured to use Japanese or
Chinese (simplified or traditional) locales are vulnerable to a PHP CGI
argument injection vulnerability. This exploit module returns a session
running in the context of the Administrator user
2024-06-17 11:27:38 -07:00
d7531ef74c
fix typo in documentation
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-06-13 15:09:56 +01:00
18fe758416
Finish up and document the deserialization RCE
2024-06-12 08:58:37 -04:00
2d63038196
Update documentation/modules/exploit/windows/http/rejetto_hfs_rce_cve_2024_23692.md
...
fix a typo in the documentation.
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2024-06-11 16:23:56 +01:00
bf9b3f1d2a
add documentation
2024-06-10 17:41:55 +01:00
c8208704be
add in exploit module for CVE-2024-23692
2024-06-06 18:04:14 +01:00
a89d418725
review of northstar c2
2024-05-16 15:17:28 -04:00
19af4ae4e6
mermaid flow chart
2024-04-24 16:54:02 -04:00
9fb217fb59
northstar c2 exploit
2024-04-24 16:54:02 -04:00
50a303a6e5
Update references and documentation
2024-04-13 18:21:05 +08:00
6268235cd3
Add CVE-2022-1373 and CVE-2022-2334 exploit chain
2024-04-13 18:10:45 +08:00
dae9657433
FortiClient EMS Exploit Module
2024-04-12 10:00:07 -07:00
e58c6b9df2
Land #18721 , SharePoint Unauth RCE Exploit Chain (CVE-2023-29357 & CVE-2023-24955)
...
Merge branch 'land-18721' into upstream-master
2024-03-26 12:42:22 -05:00
4e4303c274
Fixed backup_bdc_metadata initialization
2024-02-15 09:26:54 -05:00
326b50bd4d
Responded to comments
2024-02-06 15:22:21 -05:00
5f1fa2a678
Apply suggestions from jvoisin
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2024-01-19 20:30:53 -05:00
854ec41db1
Initial commit
2024-01-19 15:22:22 -05:00
2f3e207277
Fixed documentation for exploit
2023-12-15 13:58:10 +01:00
9f9f18c73f
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-02 10:10:26 +08:00
00ccebe8ce
Upadte documentation for AjaxPro Deserializaion RCE
2023-10-31 13:31:10 +08:00
40683ff591
Add document for AjaxPro Deserialization RCE Module
2023-10-28 01:37:34 +08:00
557a15a115
spelling fixes on docs
2023-10-10 14:46:18 -04:00
623b589fb5
When I removed the PowerShell target I forgot to update the documentation, this commit updates the documentation to reflect the changes made to the exploit module.
2023-10-04 17:03:28 +01:00
1695a12c9c
Explicitly state both the release name (e.g. 2022.0.2) and the version number (e.g. 8.8.2) in a more consistent way.
2023-10-02 17:40:11 +01:00
53ed4a632b
add in exploit module for CVE-2023-40044 - WS_FTP unauthenticated RCE via .NET deserialization.
2023-10-02 11:42:19 +01:00
48cb2db70b
Update scenario
2023-09-01 03:48:08 +02:00
1d9c7fde77
Add LG Simple Editor Unauthenticated RCE (CVE-2023-40498) Exploit
2023-08-29 17:58:43 +02:00
7fa2586e34
Land #18247 , Netgear NMS RCE CVE-2023-38096/8
2023-08-28 11:23:08 +02:00
b10d677308
Doc update.
2023-08-25 21:18:48 +02:00
0fe335aff2
Update documentation/modules/exploit/windows/http/netgear_nms_rce.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-08-24 16:10:30 +00:00
c216c5a184
Fix lines in SmarterMail RCE docs for linting with msftidy_docs
2023-08-23 23:07:07 +08:00
329920eeb2
Add Netgear NMS RCE (CVE-2023-38096/8) exploit
2023-08-02 18:03:57 +02:00
1706812099
Implemented requested changes
...
* Small fixes in Description - removed backticks
* Implemented Windows Command target
* Removed PowerShell Stager, in Targets and in exploit method
* Implemented Rex::Socket::Tcp in place of TCPSocket
* Updated TARGET section in documentation
* Added TARGET 0 - Windows Command scenario
* Removed PowerShell Stager scenario
* Replaced 'Using configured payload' lines to use Windows Command payload
for the 2nd, 3rd, and 4th scenarios. Did not rerun the scenarios, however
2023-07-07 04:14:20 -04:00
24ef4e1b90
Update documentation/modules/exploit/windows/http/smartermail_rce.md
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-07-06 18:49:49 +03:00
ad0d3e79a9
SmarterMail RCE module and documentation
2023-07-06 08:00:28 -04:00
dfd450561e
Tweak some messages and cleanup markdown table
2023-06-22 14:23:25 -04:00
5f667e1d79
Address code review
2023-06-22 10:22:43 -05:00
2adea08f67
Add documentation & code cleanup
2023-06-21 15:41:50 -05:00
f7d2cdae56
Add in ability to restore settings n documentation changes.
...
Previously there was not the ability to restore the server proxy setting.
This updates the code to do so. Additionally this also updates the documentation
to note that Fetch payloads are incompatible with this module since they
use HTTP connections that will be impacted by this module changing the server's
HTTP proxy settings. There is no way around this.
2023-06-02 09:48:03 -05:00
965311d09e
Fix documentation and fix bug in creating PARMS value
2023-06-02 09:48:02 -05:00
8577f21e52
Add in documentation and updated code
2023-06-02 09:48:01 -05:00
adfoster-r7