adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,542 Commits 27 Branches 1,043 Tags
19c7cf04e05614b257500a43375b06ae237e8064
Commit Graph

2791 Commits

Author SHA1 Message Date
msutovsky-r7 741a222e9a Land #19961, fixing incorrect URL in the InvoiceNinja module 
BUGFIX invoiceninja module - fixed invalid attackerkb reference
 2025-03-14 11:15:23 +01:00
msutovsky-r7 9961bfbc58 Land #19950, module for InvoiceShelf unauthenticated PHP deserialization 
InvoiceShelf unauthenticated PHP deserialization vulnerability [CVE-2024-55556]
 2025-03-14 10:21:56 +01:00
h00die-gr3y 84012fd60c fixed invalid attackerkb reference 2025-03-14 08:23:10 +00:00
h00die-gr3y 0ca2599f48 update based on review comments 2025-03-14 08:04:22 +00:00
h00die-gr3y 1ca57c86fc added base64 encoding in php payload execution 2025-03-11 21:30:32 +00:00
h00die-gr3y e341398871 small update on module and documentation 2025-03-10 19:35:37 +00:00
h00die-gr3y 281b728000 initial module and documentation 2025-03-07 17:34:22 +00:00
msutovsky-r7 196d95b2bf Land #19944, adding dynamic session for module CVE-2025-0655 
Update dtale_rce_cve_2025_0655.rb to use dynamically generated session
 2025-03-07 14:35:51 +01:00
Takah1ro edb47d968c Update function name after applied suggestion 2025-03-07 08:05:00 +09:00
Takahiro Yokoyama 233c710d82 Update modules/exploits/linux/http/dtale_rce_cve_2025_0655.rb 
Co-authored-by: Simon Janusz <85949464+sjanusz-r7@users.noreply.github.com>
 2025-03-07 07:54:50 +09:00
adfoster-r7 8604c72ef4 Merge pull request #19895 from cgranleese-r7/update-dead-module-references 
Update dead module references
 2025-03-05 16:57:05 +00:00
Takah1ro bf5ae87a3d Use dynamically generated session 2025-03-05 12:56:01 +09:00
msutovsky-r7 3c4d0aae2f Land #19899, D-Tale remote code execution module 
Add D-Tale RCE module (CVE-2024-3408, CVE-2025-0655)
 2025-03-03 13:04:45 +01:00
Takah1ro 47351e4959 Use FETCH_DELETE as default 2025-03-03 20:52:55 +09:00
Takah1ro 65d2b6380b Update vulnerable version 2025-03-02 12:14:25 +09:00
Takah1ro 77c3ce52e0 Improve: 
* Support the prior to 3.13.0 versions
* CVE-2024-3408 bypass for authentication
 2025-03-01 11:58:28 +09:00
Takah1ro 316ecd4d04 Use FETCH_FILELESS as default 2025-03-01 11:55:43 +09:00
cgranleese-r7 df8b0de0c8 Fixes some invalid links 2025-02-28 11:29:59 +00:00
cgranleese-r7 0017fbdf56 Updates more dead links 2025-02-28 10:30:14 +00:00
cgranleese-r7 810e7c4518 Adds scripts to find and replace dead module reference links 2025-02-28 09:20:48 +00:00
Takah1ro 40726d1859 Remove unnecessary & guard operator 2025-02-26 21:13:55 +09:00
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
h00die-gr3y 79411eace8 added code sugesstions from dledda-r7 2025-02-24 15:51:32 +00:00
h00die-gr3y 41e690445e simplified some code sections 2025-02-23 12:59:52 +00:00
Takah1ro 4d4b88c94e Add D-Tale unauth RCE module (CVE-2025-0655) 2025-02-23 09:33:42 +09:00
H00die.Gr3y b3a5da976b Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-22 10:35:45 +01:00
h00die-gr3y 47a2079d19 initial module and laravel crypto killer mixin 2025-02-21 18:09:28 +00:00
h00die-gr3y 215957465c added default options and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 15c20272ea removed linux dropper code and tested with PR 19850 2025-02-20 13:19:41 -06:00
h00die-gr3y f857e5fe67 fixed code review and updated documentation 2025-02-20 13:19:41 -06:00
H00die.Gr3y 38b3741a15 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-20 13:19:41 -06:00
h00die-gr3y 682be79920 first release module and documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y baac1fc9d0 init commit module 2025-02-20 13:19:40 -06:00
Martin Sutovsky bd42b23ef0 Land #19883, module for unauthenticated RCE in InvokeAI 2025-02-18 14:01:11 +01:00
Takahiro Yokoyama 6eaae79dc2 Update modules/exploits/linux/http/invokeai_rce_cve_2024_12029.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-02-18 21:21:19 +09:00
Takah1ro 32db7ee6ae Use plain payload 2025-02-18 08:22:15 +09:00
Takah1ro 3ce313ac89 Rubocop formatting 2025-02-18 08:14:56 +09:00
Takahiro Yokoyama a26572d318 Update modules/exploits/linux/http/invokeai_rce_cve_2024_12029.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-02-18 08:09:25 +09:00
msutovsky-r7 05c9550d43 Land #19877, BeyondTrust Privileged Remote Access & Remote Support RCE Module 
Exploit module for BeyondTrust Privileged Remote Access & Remote Support (CVE-2024-12356, CVE-2025-1094)
 2025-02-17 17:43:15 +01:00
sfewer-r7 65e2a20a5d We can remove this line as it is redundant. The regex that follows will check for the same thing as part of its matching expression. Thanks msutovsky-r7 for spoting this. 2025-02-17 16:33:11 +00:00
sfewer-r7 bb9013a8ee check the frame for nil 2025-02-17 12:29:50 +00:00
sfewer-r7 6f1287d899 add in some logic to detect potentially failed exploitation due to the patch being applied, warning a user of a WebSocket getting closed unexpectadly 2025-02-17 12:17:15 +00:00
sfewer-r7 fbef2baf5c remove the uneeded parenthesis and make rubocop happy. 2025-02-17 11:44:50 +00:00
sfewer-r7 c950264a85 Add some comments in the check routine to note theres is no known lower bound version number, and the patch does not change the version number. 2025-02-17 11:35:22 +00:00
Stephen Fewer ed54130346 Explicitly close the WebSocket connection 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-02-17 11:35:03 +00:00
Stephen Fewer 130895671f Remove a duplicate work in this comment (Thanks jvoisin) 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-17 09:46:59 +00:00
Stephen Fewer 6ed60547a3 Print the actual status code in the error message (Thanks msutovsky-r7) 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-02-17 09:43:46 +00:00
Stephen Fewer eb1feba767 Fix typo in comment (Thanks jvoisin) 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-17 09:42:50 +00:00
Takah1ro b454a32f3c Fix typo and update document 2025-02-17 12:52:50 +09:00
Takah1ro 0945fbba81 Add InvokeAI unauth RCE module (CVE-2024-12029) 2025-02-16 15:49:56 +09:00