adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,220 Commits 27 Branches 1,043 Tags
26eee72512e3b490a32a05c768ea2540b2916ecc
Commit Graph

3284 Commits

Author SHA1 Message Date
Ron Bowes 26eee72512 Only print_status once, so it doesn't make a mess in the background 2022-08-04 08:02:28 -07:00
Ron Bowes a314423e81 Some changes requested by @cdelafuente-r7 2022-08-03 14:51:51 -07:00
Ron Bowes c66f98bae6 Make lint happy 2022-08-01 10:03:35 -07:00
Ron Bowes 7ee0a78ffc Change to using monotonic clock 2022-08-01 10:02:00 -07:00
Ron Bowes e7edafbcfb Throw errors in the rar-generator library rather than returning nil 2022-08-01 09:54:31 -07:00
Ron Bowes 110e9ddeee Set stance 2022-08-01 09:47:58 -07:00
Ron Bowes e76ef61452 Move a warning into the exploit function 2022-07-27 12:48:56 -07:00
Ron Bowes f279e8d6ca Split the CVE-2022-30333 unrar module into two different modules with a shared mixin to generate the file 2022-07-27 12:45:47 -07:00
Ron Bowes 7a79b8cbc2 Some fixes for Christophe's review 2022-07-26 09:24:33 -07:00
Ron Bowes e316693bdc Lint 2022-07-20 13:39:20 -07:00
Ron Bowes 09c1cf4308 Fix the CRC32 errors in the RAR file 2022-07-20 12:34:10 -07:00
Ron Bowes 2974f55126 Better description and more random 2022-07-19 14:18:11 -07:00
Ron Bowes 3401752fa7 Check in the unrar module for cve-2022-30333 2022-07-19 14:05:15 -07:00
Spencer McIntyre 439606b2ac Use a more reliable check method 
The check method will not work regardless of whether or not there is a
cloned repository. The response can be analyzed using a random,
non-existant repo.
 2022-07-11 09:48:08 -04:00
Spencer McIntyre 48cefee585 Cleanup the module based on feedback 2022-07-11 09:09:25 -04:00
Spencer McIntyre 9d979fdf4f Finish up the sourcegraph RCE module 2022-07-08 17:27:22 -04:00
Spencer McIntyre 27ad62c964 Add a decent check method 2022-07-08 16:40:42 -04:00
Spencer McIntyre a8c2b3bdff Initial exploit for CVE-2022-23642 2022-07-05 16:58:22 -04:00
Grant Willcox e4ce1c53dd Fix reference URL link 2022-06-22 15:49:43 -05:00
dwelch-r7 3f06e237b7 Correctly format the notes sections 2022-06-10 14:01:57 +01:00
Grant Willcox 133b9e307a Land #16563, Zyxel Firewall Unauthenticated Command Injection (CVE-2022-30525) 2022-05-13 18:55:30 -05:00
Grant Willcox 2eb31cf765 Add in edits from review 2022-05-13 15:32:12 -05:00
adfoster-r7 6a1fe27406 Land #16442, add vars_form_data to the HTTP client 2022-05-13 10:53:16 +01:00
Jake Baines 23f8a0b915 Added Zyxel advisory. Added AKB reference. Used xpath as requested. 2022-05-12 07:17:37 -07:00
Jake Baines f3b23c072f Added a reference to Rapid7 disclosure 2022-05-12 06:33:27 -07:00
Jake Baines 24fa9aabe0 Fixed privilege flag. Swapped 'exploit' for 'command' in a couple of places 2022-05-12 06:24:33 -07:00
Jake Baines 4af93ecfe2 Updated affected 2022-05-12 03:22:21 -07:00
Jake Baines 617b4ae044 Initial commit of Zyxel unauth command injection (CVE=2022-30525) 2022-05-12 01:43:59 -07:00
Grant Willcox 93334b56ef Properly credit Azeria and also include blog post at her request 2022-05-11 18:43:27 -05:00
Grant Willcox 8dbd6f3334 Change default target to 1 so we get benefit of avoiding some timeout issues since Unix Command may still cause server's REST API to time out at times. 2022-05-11 16:43:37 -05:00
Grant Willcox 196aac6b42 Add in PrependFork and MeterpreterTryToFork options as default to fix timeout issues and potential failure cases due to server not responding 2022-05-11 16:43:36 -05:00
Grant Willcox 27169c4ae1 Add in missing CmdStager library, add some more attribution, and add in PoC link 2022-05-11 16:43:36 -05:00
Grant Willcox 6354d7a055 Redo explanation of exploit in documentation to appropriately account for various nuances. Also update exploit title and description accordingly. 2022-05-11 16:43:36 -05:00
Heyder Andrade 1bc2616c19 Update modules/exploits/linux/http/f5_icontrol_rce.rb 
Co-authored-by: wvu <4551878+wvu@users.noreply.github.com>
 2022-05-11 16:43:13 -05:00
Heyder Andrade 208367d735 Improved check method reliability 
Extra modifications:
- Promote advanced options HttpUsername and HttpPassword
	- password is not really necessary, but if one have credential, can
	  use this module as an exec
- Fixed print statement on check
- Splitted execute_command in two, because we also send a command on the check
  methods, however we don't need the checks that are in the execute_command
 2022-05-11 16:43:12 -05:00
Heyder Andrade 55163b86d6 Improvements 
- Change module name and description
- Added author from the PoC
- Added reference
- Added payloads, targets and notes
- Removed headers used during the tests
 2022-05-11 16:43:11 -05:00
Heyder Andrade 77f60eb21e Added module and documentation for f5 icontrol RCE (CVE-2022-1388) 2022-05-11 16:43:00 -05:00
Grant Willcox 1c934b87b4 Land #16169, Add sploit for Cisco RV340 SSL VPN - CVE-2022-20699 2022-05-11 10:15:08 -05:00
Grant Willcox 68fdb103fe Add in final touch ups to documentation to fix a typo or two for formatting. Also update exploit ranking since this exploit doesn't retrieve version information before exploiting and is not 100% reliable so Excellent ranking isn't appropriate 2022-05-11 09:39:47 -05:00
adfoster-r7 94e1ad3fe5 Update form data api defaults 2022-05-10 14:12:17 +01:00
adfoster-r7 4ad4ca32e8 Fix test alignment 2022-05-09 16:51:20 +01:00
sjanusz 2e59f17439 Rename files to form_data 2022-05-06 16:41:19 +01:00
Jack Heysel 481699ed8f Land #16530, PiHole module to not wait for sudo 
Update PiHole pihole_remove_commands_lpe module
to no wait for sudo input
 2022-05-04 14:57:29 -07:00
sjanusz bc489fef91 Update PiHole module to not wait for sudo input 2022-05-04 17:24:43 +01:00
William Vu 6532365dc8 Deregister VHOST 2022-05-03 11:52:50 -05:00
William Vu 8c0cd40a19 Fix VMware Workspace ONE Access CVE-2022-22954 2022-05-03 10:39:58 -05:00
William Vu b2994aa8d8 Add words 2022-05-03 01:13:45 -05:00
William Vu 9a980d068d Link to freemarker.template.utility.Execute docs 2022-05-03 01:00:46 -05:00
William Vu 612e3d6f13 Add another tested SSTI param 2022-05-03 00:30:12 -05:00
William Vu 333681b6da Add other tested SSTI URIs 2022-05-03 00:02:21 -05:00