adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,922 Commits 27 Branches 1,043 Tags
1e4527d8338b4f431cdc8011c052d3744e29d7ed
Commit Graph

1048 Commits

Author SHA1 Message Date
h00die a0222d0783 rework windows service persistence 2025-11-17 19:02:53 -05:00
h00die 92e1720ad5 fix docs 2025-11-17 19:02:53 -05:00
h00die 450e1df340 windows service now with persistence mixin 2025-11-17 19:02:50 -05:00
Diego Ledda c007d3a89f Merge pull request #20674 from msutovsky-r7/exploit/win/cve-2025-59287 
Adds module for unauthenticated deserialization in WSUS (CVE-2025-59287)
 2025-11-12 12:40:32 +01:00
Diego Ledda 29088b4712 Merge pull request #20576 from msutovsky-r7/modules/persistence/linqpad_deserialization 
Moves LINQPad module into persistence category
 2025-11-11 16:41:12 +01:00
Martin Sutovsky 6aeb81a499 Adds MITRE reference, updates docs 2025-11-10 18:32:13 +01:00
h00die fb02ec4554 remove 4 space indents in options 2025-11-07 15:42:27 -05:00
h00die caa2873a14 more adjustments 2025-11-07 15:42:27 -05:00
h00die d8c73f6684 replace bold options with h3 2025-11-07 15:42:23 -05:00
Martin Sutovsky 5ad76f82d1 Adds more docs, adds description 2025-11-04 13:49:43 +01:00
Martin Sutovsky 98467f3a21 Adds msf payload to module, adds docs 2025-11-04 12:28:03 +01:00
msutovsky-r7 af5baeb3c6 Land #20660, adds windows task scheduler persistence module 
Windows task scheduler persistence
 2025-10-31 10:16:19 +01:00
msutovsky-r7 09f1d1ae57 Land #20650, adds module for NCR Command Center Agent unauthenticated RCE (CVE-2021-3122) 
Add NCR Command Center Agent Unauthenticated RCE (CVE-2021-3122)
 2025-10-30 08:26:42 +01:00
msutovsky-r7 56480df99f Land #20662, adds windows startup folder persistence module 
windows persistence: startup folder
 2025-10-29 13:23:35 +01:00
Martin Sutovsky 44c3d9b5db Fixes documentation, removes unused parameters, code cleanup 2025-10-29 07:58:47 +01:00
Martin Sutovsky 5bf842c15e Moves module to persistence category, docs reformat 2025-10-29 07:57:19 +01:00
h00die fd04f465eb windows persistence: startup folder 2025-10-27 15:35:52 -04:00
msutovsky-r7 d839a84a12 Land #20631, moves windows registry module into persistence category 
update windows registry to persistence mixin
 2025-10-27 14:57:48 +01:00
h00die c210a897ac windows persistence: task scheduler 2025-10-26 16:17:16 -04:00
Muhammad Daffa af2b2cc40f Add documentation for NCR Command Center Agent RCE 2025-10-24 16:15:11 +07:00
h00die 0f26c9316a registry persistence peer review 2025-10-23 17:44:22 -04:00
h00die 8490ce844d linqpad persistence cleanup 2025-10-19 10:08:33 -04:00
h00die 287cba7436 linqpad persistence cleanup 2025-10-19 10:05:36 -04:00
h00die 2575a9ad03 windows registry persistence doc update 2025-10-19 09:45:06 -04:00
h00die bc9bd4b62c windows registry persistence mixin conversion 2025-10-19 09:36:59 -04:00
jheysel-r7 dbf84abec3 Merge pull request #20586 from bcoles/windows_script_host_wsf 
Add Malicious Windows Script Host Script File (.wsf) module
 2025-10-06 13:21:56 -07:00
bcoles 9a8d1473d8 Add Malicious Windows Script Host Script File (.wsf) module 2025-10-05 20:16:00 +11:00
h00die 915cad72b5 modern persistence for windows image_exec_options 2025-09-23 17:25:27 -04:00
remmons-r7 eddc81f10c Update commvault_rce_cve_2025_57790_cve_2025_57791.md 
Update the example usage terminal output to reflect module changes.
 2025-09-15 11:37:57 -05:00
remmons-r7 b754b7027c Merge branch 'rapid7:master' into commvault_rce_cve_2025_57790_cve_2025_57791 2025-09-15 10:47:38 -05:00
jheysel-r7 a3a1e146f0 Apply suggestions from code review 2025-09-11 09:40:34 -07:00
Martin Sutovsky 00bd70751c Updates docs 2025-09-11 10:41:28 +02:00
remmons-r7 8ffc9a3db4 Update commvault_rce_cve_2025_57790_cve_2025_57791.md 
Updating module type from "multi" to "windows" in documentation :)
 2025-09-05 23:13:10 -05:00
remmons-r7 e661388ce6 Revise and move commvault_rce_cve_2025_57790_cve_2025_57791.md 
New documentation for the Commvault CVE-2025-57790/CVE-2025-57791 RCE module, updated to reflect module changes.
 2025-09-05 23:06:16 -05:00
Martin Sutovsky a8e97e034c Adds docs 2025-08-26 13:06:57 +02:00
Martin Sutovsky b43b4c9f37 Updates library, addressing comments 2025-08-25 17:49:34 +02:00
Martin Sutovsky da5b20faa4 Creating lib file for shared functionality, adding more reliable check method for CVE-2025-34511, docs init 2025-08-20 10:59:22 +02:00
Brendan b6dc0860e7 Merge pull request #20409 from sfewer-r7/sharepoint-hax 
Exploit module for Microsoft SharePoint ToolPane Unauthenticated RCE (CVE-2025-53770 and CVE-2025-53771)
 2025-08-06 14:24:28 -05:00
sfewer-r7 0a923a611d reword the language around our usage of CVE-2025-53770 to make it clear that this module is leveraging the authentication bypass for both CVE-2025-49706 and CVE-2025-53771, and the unsafe deserialization for CVE-2025-49704. 2025-08-06 15:33:57 +01:00
msutovsky-r7 f4622d802e Land #20406, adds malicious Windows Script Host VBScript fileformat module 
Add Malicious Windows Script Host VBScript (.vbs) File module
 2025-07-28 13:58:07 +02:00
msutovsky-r7 12340ef6b5 Land #20398, adds malicious Windows Script Host JScript fileformat module 
Add Malicious Windows Script Host JScript (.js) File module
 2025-07-28 13:51:26 +02:00
sfewer-r7 3237151512 add in the documentation 2025-07-25 14:40:12 +01:00
bcoles cbc03eaeeb Add Malicious Windows Script Host VBScript (.vbs) File module 2025-07-25 18:46:47 +10:00
bcoles 44c61a7e4d Add Malicious Windows Script Host JScript (.js) File module 2025-07-25 18:43:33 +10:00
msutovsky-r7 afeded56aa Land #20384, adds module for malicious Windows Registration Entries files 
Add Malicious Windows Registration Entries (.reg) File module
 2025-07-24 12:29:34 +02:00
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
bcoles c5ec45452a Add Malicious Windows Registration Entries (.reg) File module 2025-07-13 23:41:59 +10:00
msutovsky-r7 fde78bf73f Land #20324, adds exploit for UNC path in .url files (CVE-2025-33053) 
Adds exploit module for Internet Shortcut UNC path vulnerability (CVE-2025-33053)
 2025-06-25 11:23:23 +02:00
Martin Sutovsky 13cd2d2e51 Minor code changes, updates documentation 2025-06-24 16:22:42 +02:00