adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,922 Commits 27 Branches 1,043 Tags
1e4527d8338b4f431cdc8011c052d3744e29d7ed
Commit Graph

1622 Commits

Author SHA1 Message Date
Martin Sutovsky 6aeb81a499 Adds MITRE reference, updates docs 2025-11-10 18:32:13 +01:00
Martin Sutovsky fc434414d3 Randomizes XML paramater 2025-11-10 16:54:49 +01:00
Martin Sutovsky 5ea47e5ac3 Adds formatting to XML data, adds automatic plugin ID extraction 2025-11-06 16:46:58 +01:00
Martin Sutovsky 570c7c0bf4 Changes CheckCode to Detected 2025-11-06 16:21:42 +01:00
Martin Sutovsky b0afe5e24b Randomizes parameters that can be randomized 2025-11-06 15:06:30 +01:00
Martin Sutovsky 904e752662 Code refactor 2025-11-06 14:52:49 +01:00
Martin Sutovsky cb0011649c Adds SCREEN_EFFECTS to SideEffects 2025-11-06 14:50:31 +01:00
Martin Sutovsky f586fff090 Adds clear message if exploit fails 2025-11-06 14:46:02 +01:00
Martin Sutovsky 5ad76f82d1 Adds more docs, adds description 2025-11-04 13:49:43 +01:00
Martin Sutovsky f195ebd453 Code refactor 2025-11-04 13:36:33 +01:00
Martin Sutovsky 98467f3a21 Adds msf payload to module, adds docs 2025-11-04 12:28:03 +01:00
Martin Sutovsky e885da1f0b Add rce for wsus 2025-11-03 20:47:28 +01:00
Martin Sutovsky 96edf7bad4 Updates 2025-11-03 14:25:39 +01:00
Martin Sutovsky 103e3d5044 Module init 2025-10-21 16:48:23 +02:00
Spencer McIntyre fd21209e4d Add missing CVEs from VulnCheck 2025-10-07 13:59:13 -04:00
Spencer McIntyre 17c5b3707a Add missing module notes 2025-10-07 13:59:13 -04:00
remmons-r7 12b78c086d Update commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Remove an empty line that msftidy doesn't like
 2025-09-15 11:19:49 -05:00
remmons-r7 ddc5abf20c Update commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Remove a commented out line that isn't needed.
 2025-09-15 10:56:30 -05:00
remmons-r7 bb3a26cff1 Implement peer review suggestions for Commvault module 
Implementing commvault_rce_cve_2025_57790_cve_2025_57791.rb changes from peer review.
 2025-09-15 10:54:34 -05:00
remmons-r7 b754b7027c Merge branch 'rapid7:master' into commvault_rce_cve_2025_57790_cve_2025_57791 2025-09-15 10:47:38 -05:00
Martin Sutovsky 5ab864b9b1 Uses between? for version check, clearer webshell upload 2025-09-11 11:04:34 +02:00
remmons-r7 be546af7c0 Revise and move commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Revised initial module and moved it to windows instead of multi.
 2025-09-05 23:04:02 -05:00
Martin Sutovsky d056164d89 Removes redundant definitions 2025-09-01 15:53:14 +02:00
Martin Sutovsky 2533ddf441 Rubocoping 2025-08-26 12:42:28 +02:00
Martin Sutovsky b43b4c9f37 Updates library, addressing comments 2025-08-25 17:49:34 +02:00
Martin Sutovsky da5b20faa4 Creating lib file for shared functionality, adding more reliable check method for CVE-2025-34511, docs init 2025-08-20 10:59:22 +02:00
Martin Sutovsky 8c28c7dbae Code changes for 34510, adds module for CVE-2025-34511 2025-08-20 09:58:26 +02:00
Martin Sutovsky 7ab12460f1 Fixing payloads 2025-08-19 16:11:25 +02:00
Martin Sutovsky 96791403db Adds malicious zip upload 2025-08-19 09:56:23 +02:00
Martin Sutovsky 52efe8d6de Module init 2025-08-15 14:37:09 +02:00
sfewer-r7 0a923a611d reword the language around our usage of CVE-2025-53770 to make it clear that this module is leveraging the authentication bypass for both CVE-2025-49706 and CVE-2025-53771, and the unsafe deserialization for CVE-2025-49704. 2025-08-06 15:33:57 +01:00
sfewer-r7 228a066521 add a reference to the Kaspersky analysis which covers all 4 CVEs 2025-07-25 12:26:55 +01:00
sfewer-r7 36fff14466 fix a comment typo 2025-07-25 11:04:18 +01:00
sfewer-r7 f16f7bf2ad add in reference to teh LeakIX blog, which shows CVE-2025-53771 2025-07-25 11:02:55 +01:00
sfewer-r7 ae95d3d4e8 add a comment to clarify what CVE-2025-53771 is 2025-07-25 11:02:08 +01:00
sfewer-r7 8df7f64e79 add some comments to clarify what CVE-2025-49704 is 2025-07-25 11:01:41 +01:00
sfewer-r7 6d9d9a70d4 add some comments to clarify what CVE-2025-49706 is 2025-07-25 11:01:22 +01:00
sfewer-r7 a81710486e add in a reference to the new technical analysis from the origional finder 2025-07-24 12:15:24 +01:00
Stephen Fewer 899e275155 Make the double quotes optional, reports of Server 2016 not using these, but Server 2019 is. Thanks @w0rk3r for the bug report and fix. 
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
 2025-07-23 23:51:42 +01:00
sfewer-r7 b8cf458706 the check routine was getting the /_layouts/15/error.aspx page, this will not be accessable unless Forms Based Authentication (FBA) is enabled on the site. A better choice is /_layouts/15/start.aspx as this is accessible regardless of FBA being enabled. Thanks @alexey-at-work-bc for identifying this and sugesting a fix. 2025-07-23 23:03:43 +01:00
sfewer-r7 7838e06f4f reimplement the gadget chain using the Metasploit Msf::Util::DotNetDeserialization routines 2025-07-23 17:36:56 +01:00
sfewer-r7 d2a1f7bae9 add in exploit for CVE-2025-53770 and CVE-2025-53771, Microsoft SharePoint Server ToolPane Unauthenticated Remote Code Execution (aka ToolShell) 2025-07-23 12:40:14 +01:00
adfoster-r7 a0bb2d8c89 Merge pull request #20298 from bcoles/modules-SSL 
Modules: Convert SSL default option to Boolean in several modules
 2025-06-26 15:00:59 +01:00
cgranleese-r7 04a18fb3ca Updates modules to remove non-printable chars 2025-06-25 14:19:56 +01:00
cgranleese-r7 a454217bd4 Update info -d markdown 2025-06-24 11:21:49 +01:00
cgranleese-r7 37388ca1be Adds sentinel values to modules missing notes 2025-06-23 12:24:58 +01:00
bcoles b483312eca Modules: Convert SSL default option to Boolean in several modules 2025-06-23 19:38:36 +10:00
cgranleese-r7 a4b14d8b64 Runs Rubocop to fix layout in modules 2025-06-20 15:18:01 +01:00
cgranleese-r7 42f31c0fce Fixes some conditionals in modules 2025-06-20 14:57:03 +01:00
bcoles 3272ee0f28 Modules: Convert DisableNops property to Boolean in several modules 2025-06-10 23:57:52 +10:00