adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71,116 Commits 27 Branches 1,043 Tags
1db284dcaa4cb6547795b4e22f50401a4fe6cd5b
Commit Graph

1120 Commits

Author SHA1 Message Date
H00die.Gr3y 1db284dcaa Apply suggestions from code review 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-08-22 18:46:25 +02:00
h00die-gr3y 19ef0cc4f9 Added documentation and fixed a typo in the module description 2023-07-28 21:30:24 +00:00
space-r7 7af22bfd41 Land #18077, add Symmetricom unauth cmd injection 2023-06-13 17:07:16 -05:00
space-r7 0d85c9e380 add module documentation 2023-06-13 13:14:51 -05:00
h00die-gr3y 4479d94658 Updates based on review comments from space-r7 and jvoisin 2023-06-12 19:28:08 +00:00
h00die-gr3y 7cd3854208 Removed Webshell upload and updated documentation 2023-06-12 13:58:59 +00:00
h00die-gr3y db8a49cc99 Updated documentation 2023-06-10 12:14:05 +00:00
h00die-gr3y 417c9fa591 init commit module and documentation 2023-06-10 09:42:32 +00:00
space-r7 c9af514be4 Land #18063, add TerraMaster webshell upload 2023-06-09 17:55:32 -05:00
space-r7 c8609d7983 Land #18070, add TerraMaster chained exp module 2023-06-09 12:29:47 -05:00
sfewer-r7 27f5a789c9 rework the exploit to use the new MIPS64 fetch payload adapters. Removed the seperate command and dropper targets in favor of a single default target which can do both thanks to fetch payloads. Removed the redundant IO select() call which was bad copy pasta on my part. 2023-06-09 09:47:57 +01:00
Stephen Fewer a1528556e0 Merge branch 'rapid7:master' into CVE-2023-28771 2023-06-09 09:42:19 +01:00
h00die-gr3y 0bcd930f61 Updated NAS model and version check 2023-06-08 09:12:45 +00:00
h00die-gr3y b3b0cb4ccf Updates based on space-r7 comments 2023-06-08 07:39:44 +00:00
h00die-gr3y 46fcdb76d5 Updates based on jvoisin comments 2023-06-07 08:27:55 +00:00
h00die-gr3y 2e34d69133 Added documentation 2023-06-06 12:18:59 +00:00
h00die-gr3y 52745a96d7 Added documentation 2023-06-05 17:18:57 +00:00
Spencer McIntyre 9e38ed4459 Land #17929, Linux sudoedit LPE (CVE-2023-22809) 
Linux sudoedit priv esc (CVE-2023-22809)
 2023-05-23 09:30:18 -04:00
sfewer-r7 6b101b5a4d make rubocop happy 2023-05-22 18:03:58 +01:00
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
h00die e692e927dc review fixes 2023-05-05 16:43:47 -04:00
h00die 95562e04aa sudoedit work 2023-05-02 18:39:59 -04:00
h00die d454b2e195 cve-2023-22809 2023-04-25 20:54:48 -04:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel 78e80f8e32 docs fix 2023-04-17 16:41:35 -04:00
Jack Heysel 162fe21659 Documentation copy pasta correction 2023-04-17 16:39:57 -04:00
jheysel-r7 d4b668e27b Update documentation/modules/exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-04-17 16:36:31 -04:00
h00die 37130e5a3d move asan docs 2023-04-16 10:19:43 -04:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Ron Bowes 6119330e29 Update documentation to match current version of modules 2023-04-11 09:48:53 -07:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
Ron Bowes c22c2904c2 Fix msftidy_docs stuff 2023-04-05 10:53:58 -07:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
h00die-gr3y bcef7ee357 updated module and documentation with SUDO option 2023-03-26 18:31:25 +00:00
h00die-gr3y 0c87b0b7cf removed Windows reference from documentation 2023-03-23 10:34:51 +00:00
h00die-gr3y 820e625baa updated documentation 2023-03-22 21:17:54 +00:00
h00die-gr3y 8226fb9022 fixed small typos documentation 2023-03-22 20:04:34 +00:00
h00die-gr3y 28459c286a init commit module and documentation 2023-03-22 18:40:50 +00:00
Jack Heysel 1f2a889d0c Land #17388, Zyxel router RCE 
This module adds a new exploit module for a buffer
overflow in roughly 45 different Zyxel router and VPN models.
 2023-03-21 15:07:04 -04:00
Jack Heysel 31a32ccd9b linting and srvhost check fix 2023-03-17 14:39:02 -04:00
jheysel-r7 764abaf087 Update documentation/modules/exploit/linux/misc/zyxel_multiple_devices_zhttp_lan_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-03-17 12:59:48 -04:00
Grant Willcox c53a22d3fb Land #17750, FortiNAC keyUpload.jsp arbitrary file write CVE-2022-39952 2023-03-14 11:09:40 -05:00