adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,906 Commits 27 Branches 1,043 Tags
2bb2bbc5bd399cf81541fcccf4ead1353b29697c
Commit Graph

4246 Commits

Author SHA1 Message Date
msutovsky-r7 ffdfa07954 Land #20354, adds module for ISPConfig code injection (CVE-2023-46818) 
Add module for ISPConfig Code Injection (CVE-2023-46818)
 2025-07-09 07:47:56 +02:00
Martin Sutovsky ffa2152a6a Updates docs 2025-07-07 11:56:53 +02:00
Valentin Lobstein b9ee9ba88c Update wingftp_null_byte_rce.md 2025-07-03 19:43:06 +02:00
Valentin Lobstein ef3ddec3dd Update documentation/modules/exploit/multi/http/wingftp_null_byte_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2025-07-03 19:41:34 +02:00
Chocapikk 5b268bd4b4 Fix documentation and typos 2025-07-01 22:50:01 +02:00
Chocapikk 1a4a15e83b Add WingFTP unauthenticated RCE (CVE-2025-47812) 2025-07-01 19:15:15 +02:00
happybear-21 840ae0f317 resolved: issues 2025-06-27 19:42:35 +05:30
Diego Ledda a7b038b822 Merge pull request #20341 from msutovsky-r7/exploit/skyvern_ssti_rce 
Adds module for Skyvern SSTI (CVE-2025-49619)
 2025-06-27 14:14:40 +02:00
Martin Sutovsky 7b845fa3df Fixed documentation issues 2025-06-26 12:08:51 +02:00
Martin Sutovsky 240bc828f1 Removing header 2025-06-26 12:08:51 +02:00
happybear-21 d787444137 Add exploit module for ISPConfig language_edit.php PHP Code Injection (CVE-2023-46818) 
- Adds modules/exploits/linux/http/ispconfig_lang_edit_php_code_injection.rb
- Adds documentation for the module in documentation/modules/exploit/linux/http/ispconfig_lang_edit_php_code_injection.md
- Module targets ISPConfig < 3.2.11p1 with admin_allow_langedit enabled
- References and implementation based on PoC and advisories at https://github.com/SyFi/CVE-2023-46818
 2025-06-25 22:27:52 +05:30
msutovsky-r7 fdc78b40bb Add more clear installation steps 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-06-25 15:17:58 +02:00
msutovsky-r7 fde78bf73f Land #20324, adds exploit for UNC path in .url files (CVE-2025-33053) 
Adds exploit module for Internet Shortcut UNC path vulnerability (CVE-2025-33053)
 2025-06-25 11:23:23 +02:00
Diego Ledda 6d843385ec Merge pull request #20301 from msutovsky-r7/exploit/cve-2021-25094 
Adds module for Tatsu WP plugin (CVE-2021-25094)
 2025-06-25 10:58:22 +02:00
Diego Ledda afdad8ed4c chore(wp_tatsu_rce): msftidy_docs fix 2025-06-25 10:16:49 +02:00
Martin Sutovsky 13cd2d2e51 Minor code changes, updates documentation 2025-06-24 16:22:42 +02:00
msutovsky-r7 a67c883e0c Removes unnecessary header 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-06-24 15:48:38 +02:00
adfoster-r7 be8864fe84 Merge pull request #20339 from bcoles/exploit-windows-fileformat-ms_visual_basic_vbp 
exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document
 2025-06-23 10:41:14 +01:00
Martin Sutovsky ca142599e8 Module init 2025-06-23 10:27:27 +02:00
bcoles e1dec29ef9 exploit/windows/browser/ms08_070_visual_studio_msmask: Cleanup and add documentation 2025-06-23 00:38:44 +10:00
bcoles c0baf1888b exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document 2025-06-23 00:11:54 +10:00
Diego Ledda c0dfbf43f2 Merge pull request #20235 from Chocapikk/vbulletin_replace_ad_template_rce 
vBulletin replaceAdTemplate Remote Code Execution
 2025-06-19 14:20:16 +02:00
DevBuiHieu ec5ba0bd0d Final code for CVE-2025-33053 exploit module 2025-06-17 23:03:36 -04:00
DevBuiHieu 20b8a9fcd3 Add some features and fix bugs for CVE-2025-33053 exploit module 2025-06-17 22:59:34 -04:00
DevBuiHieu 20629fe6b8 Add some features and fix all errors for CVE-2025-33053 exploit module 2025-06-17 02:49:10 -04:00
DevBuiHieu f81ddf82f1 Add some features for CVE-2025-33053 exploit module 2025-06-17 01:00:35 -04:00
Martin Sutovsky 4fe750a946 Removing redundant comment 2025-06-13 10:33:58 +02:00
Martin Sutovsky 3abe9b46c0 Addressing comments 2025-06-13 10:32:39 +02:00
Martin Sutovsky 0b2e4bc337 Adds module for CVE-2021-25094 2025-06-11 19:03:00 +02:00
msutovsky-r7 f2920f868a Land #20291, adds Roundcube post-authentication RCE (CVE-2025-49113) 
Add Remote for Roundсube CVE-2025-49113 post-authentication RCE module
 2025-06-11 10:48:58 +02:00
Maksim Rogov ed643c3bc6 Update roundcube_auth_rce_cve_2025_49113.md 2025-06-09 18:42:52 +03:00
msutovsky-r7 f20e72b6c8 Land #20256, adds RCE module for Remote For Mac 2025.7 
Add Remote for Mac 2025.6 unauthenticated RCE module
 2025-06-08 16:03:58 +02:00
Maksim Rogov d97b09a898 Rename roundcube_unauth_rce_cve_2025_49113.md to roundcube_auth_rce_cve_2025_49113.md 2025-06-07 16:46:30 +03:00
Maksim Rogov bd811a3cd1 Update roundcube_unauth_rce_cve_2025_49113.md 2025-06-07 04:45:54 +03:00
Vognik a4638ad632 Update Documentation 2025-06-07 05:35:18 +04:00
Vognik 96d7929972 Add Documentation for Roundcube CVE-2025-49113 unauthenticated RCE module 2025-06-07 05:28:45 +04:00
Brendan 19e8e6cdf8 Merge pull request #20187 from Chocapikk/wp_ottokit 
Add CVE-2025-27007 in existing `exploit(multi/http/wp_suretriggers_auth_bypass)` module
 2025-06-05 11:03:00 -05:00
Brendan 26156dfac2 Merge pull request #20265 from remmons-r7/cve_2025_4427_4428 
Exploit module for CVE-2025-4427/CVE-2025-4428 - Ivanti EPMM (AKA MobileIron Core) Authentication Bypass to EL Injection
 2025-06-04 09:05:04 -05:00
remmons-r7 97f308386b Update documentation/modules/exploit/multi/http/ivanti_epmm_rce_cve_2025_4427_4428.md 
Update docs to reflect the new Python payload approach

Co-authored-by: Brendan <bwatters@rapid7.com>
 2025-06-04 08:30:11 -05:00
msutovsky-r7 5fbf46ba7f Land #19472, adds exploits/linux/local/udev_persistence 
Add modules/exploits/linux/local/udev_persistence.rb
 2025-06-04 13:21:04 +02:00
Chocapikk 33439fccb3 Add verbosity, update doc 2025-05-29 16:30:41 +02:00
root e027be9f4c Add documentation for Remote for Mac 2025.6 unauthenticated RCE module 2025-05-29 12:30:10 +01:00
remmons-r7 68929a50fa Add ivanti_epmm_rce_cve_2025_4427_4428.md 
Documentation for ivanti_epmm_rce_cve_2025_4427_4428.
 2025-05-28 17:35:34 -05:00
Diego Ledda ce6e0d1164 Merge pull request #20096 from h00die-gr3y/CVE-2025-30406 
Gladinet CentreStack/Triofox ASP.NET ViewState Deserialization [CVE-2025-30406]
 2025-05-28 13:46:13 +02:00
Chocapikk 387a39d0a9 Update doc, module 2025-05-25 20:13:36 +02:00
Chocapikk 64b9254b3d Remove useless command in Dockefile 2025-05-23 23:59:06 +02:00
Valentin Lobstein e6aa8a3125 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:56:37 +02:00
Valentin Lobstein df44d63ac3 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:56:18 +02:00
Valentin Lobstein f5e33ef290 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:55:55 +02:00
Chocapikk 1f6dd34f93 vBulletin replaceAdTemplate Remote Code Execution 2025-05-23 23:17:02 +02:00