adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71,649 Commits 27 Branches 1,043 Tags
1efb3f733f8113a00a6d82b292dcf19febca6cf3
Commit Graph

691 Commits

Author SHA1 Message Date
Jack Heysel 46832abd49 Land #18358, Add a Thrift RPC client 
This PR adds a Thrift RPC client and updates
two modules to make use of the new addition.
 2023-09-14 19:01:13 -04:00
cgranleese-r7 e82bff37e1 Land #18330, Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-09-13 10:15:59 +01:00
Jack Heysel b83a49e573 Thanks to Spencer improved execute_command method 2023-09-12 15:14:10 -04:00
Spencer McIntyre fbf95ecd92 Add and use a Thrift client object 2023-09-11 14:37:38 -04:00
Spencer McIntyre f1aea836f3 Land #18273, Add VMware vRealize Log Insight RCE 
Add VMware vRealize Log Insight unauthenticated RCE exploit
 2023-09-08 17:17:23 -04:00
Spencer McIntyre 21dde19511 Make some final tweaks 
Change strings to reference `VMware` using the proper case. Don't
include CmdStager (because it's unnecessary). Set PrependFork to fix
shell payloads. Move CamelCase options to advanced.
 2023-09-08 16:55:42 -04:00
Simon Janusz 57f3b8a352 Land #18350, Add opentsdb_key_cmd_injection exploit module and docs 2023-09-08 16:50:46 +01:00
Simon Janusz 18103b032d Add docs for opentsdb_key_cmd_injection 2023-09-08 16:08:18 +01:00
Simon Janusz 7302394ffa Land #18316, Kibana Timelion Prototype Pollution RCE (CVE-2019-7609) 2023-09-08 11:50:47 +01:00
Ege Balcı 2cda3fab50 Update options 2023-09-07 19:50:10 +02:00
Jack Heysel 15908b9721 Merge branch 'ivanti-sentry-misc-log-service' of github.com:jheysel-r7/metasploit-framework into ivanti-sentry-misc-log-service 2023-09-07 12:40:26 -04:00
Jack Heysel fd6a2fa64a Updated docs 2023-09-07 12:19:11 -04:00
jheysel-r7 7944df2b87 Apply suggestions from code review 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-09-07 11:46:24 -04:00
Jack Heysel 482fdefb2c Land #18313, SolarView Compact unauth RCE module 
This PR adds a SolarView Compact unauth RCE module.
 2023-09-05 17:49:28 -04:00
jheysel-r7 03ccb3cce0 Apply grammatical suggestions from code review 2023-09-05 17:06:01 -04:00
Christophe De La Fuente 8217745a85 Land #18257, Apache nifi h2 rce (CVE-2023-34468) 2023-08-30 13:37:37 +02:00
Jack Heysel fe8cb3398f Another docs update 2023-08-29 17:33:51 -04:00
Jack Heysel 47f621106c Updated docs 2023-08-29 17:11:33 -04:00
Jack Heysel a3a7454f74 Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-08-29 15:24:04 -04:00
h00die-gr3y 77a1bbef79 Second release module and documentation 2023-08-28 07:49:40 +00:00
Ege Balcı eaeb2024d3 Merge branch 'master' into vmware_vrli_rce 
Merge for ThriftMessageType
 2023-08-26 22:42:25 +02:00
h00die 5382eb22d1 kibana exploit 2023-08-24 16:08:08 -04:00
Christophe De La Fuente a037d16b66 Land #18233, Chamilo unauthenticed RCE [CVE-2023-34960] 2023-08-24 11:49:40 +02:00
h00die-gr3y f64b67968f Final minor updates 2023-08-23 11:38:07 +00:00
H00die.Gr3y 1db284dcaa Apply suggestions from code review 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-08-22 18:46:25 +02:00
Jack Heysel 900e418796 Land #18226, H2 Web Interface RCE 
This PR adds a module to exploit an RCE feature in
the H2 databases Web Interface.
 2023-08-15 16:23:09 -04:00
h00die 7b024f21bd apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die 9516592eb6 metabase setup token rce 2023-08-08 17:16:56 -04:00
h00die ec5317a789 h2 doc addition 2023-08-08 17:15:22 -04:00
h00die 97daf47269 h2 web interface shell 2023-08-08 17:15:22 -04:00
Ege Balcı d1f9f540c6 Add VMware vRealize Log Insight RCE exploit 2023-08-08 20:32:38 +02:00
h00die-gr3y 19ef0cc4f9 Added documentation and fixed a typo in the module description 2023-07-28 21:30:24 +00:00
ErikWynter 40ef9d496a add docs for wd_mycloud_unauthenticated_cmd_injection 2023-07-28 10:16:50 +03:00
Christophe De La Fuente c7f8ce5acd Land #18199, VMWare vRealize Network Insight pre-authenticated RCE CVE-2023-20887 2023-07-25 17:45:30 +02:00
Jack Heysel 586971c1fd Fix incomplete copy pasta in docs 2023-07-21 14:38:07 -04:00
Jack Heysel ee26e7f926 Rubocop fixes 2023-07-20 16:40:28 -04:00
Jack Heysel 421b06119f Update docs 2023-07-20 14:55:27 -04:00
Jack Heysel d03157fcc1 Installation instructions 2023-07-19 14:23:17 -04:00
h00die 530934f78a review comments 2023-07-19 11:42:47 -04:00
space-r7 7af22bfd41 Land #18077, add Symmetricom unauth cmd injection 2023-06-13 17:07:16 -05:00
space-r7 0d85c9e380 add module documentation 2023-06-13 13:14:51 -05:00
h00die-gr3y 4479d94658 Updates based on review comments from space-r7 and jvoisin 2023-06-12 19:28:08 +00:00
h00die-gr3y 7cd3854208 Removed Webshell upload and updated documentation 2023-06-12 13:58:59 +00:00
h00die-gr3y db8a49cc99 Updated documentation 2023-06-10 12:14:05 +00:00
h00die-gr3y 417c9fa591 init commit module and documentation 2023-06-10 09:42:32 +00:00
space-r7 c9af514be4 Land #18063, add TerraMaster webshell upload 2023-06-09 17:55:32 -05:00
h00die-gr3y 0bcd930f61 Updated NAS model and version check 2023-06-08 09:12:45 +00:00
h00die-gr3y b3b0cb4ccf Updates based on space-r7 comments 2023-06-08 07:39:44 +00:00
h00die-gr3y 46fcdb76d5 Updates based on jvoisin comments 2023-06-07 08:27:55 +00:00
h00die-gr3y 2e34d69133 Added documentation 2023-06-06 12:18:59 +00:00