adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,906 Commits 27 Branches 1,043 Tags
2bb2bbc5bd399cf81541fcccf4ead1353b29697c
Commit Graph

38443 Commits

Author SHA1 Message Date
Valentin Lobstein 2bb2bbc5bd Update wp_depicter_sqli_cve_2025_2011.rb 2025-07-19 04:07:22 +02:00
Chocapikk ac62c42be8 chore(wp_depicter): remove unused Actions block 2025-07-16 22:20:31 +02:00
Chocapikk c45481fa58 fix: guard get_sqli_object JSON extraction to avoid NoMethodError 2025-07-12 15:12:02 +02:00
Chocapikk 9aef758c31 fix: abort run when get_sqli_object returns error constant 2025-07-12 15:09:05 +02:00
Chocapikk 869ed8d818 fix: replace return with next in get_sqli_object to prevent LocalJumpError 2025-07-12 15:00:57 +02:00
Brendan b4188e70be Merge pull request #20357 from xaitax/add-windows-aarch64-winexec-payload 
Revive and Finalize windows/aarch64/exec Payload
 2025-07-11 10:18:17 -05:00
Brendan 36675ccd9a Merge pull request #20349 from sfewer-r7/0day-cve-2024-51978 
Add auxiliary module for multiple Brother devices authentication bypass (CVE-2024-51978)
 2025-07-09 13:07:25 -05:00
sfewer-r7 df24090fc0 fix typo in message 2025-07-09 14:59:54 +01:00
sfewer-r7 ab913b0416 make this error message not that no password may be present on the device 2025-07-09 14:58:59 +01:00
sfewer-r7 34952d73f6 display the AuthCookie if one is received 2025-07-09 10:15:30 +01:00
msutovsky-r7 ffdfa07954 Land #20354, adds module for ISPConfig code injection (CVE-2023-46818) 
Add module for ISPConfig Code Injection (CVE-2023-46818)
 2025-07-09 07:47:56 +02:00
jheysel-r7 79d67dd1f0 Merge pull request #20345 from zeroSteiner/feat/lib/ldap-adds/1 
Add an Active Directory LDAP Mixin
 2025-07-08 14:37:23 -07:00
Spencer McIntyre 2ab90df4b2 Check for full permissions on certs too 2025-07-08 15:46:43 -04:00
Spencer McIntyre 8b8b350950 Use the new function instead of the old 2025-07-08 15:01:54 -04:00
Spencer McIntyre 7cacc4cd45 Update the ad_cs_cert_template module too 2025-07-08 15:01:54 -04:00
Spencer McIntyre c2a06e341d Expand on the matcher logic 2025-07-08 15:01:46 -04:00
msutovsky-r7 93f902fe27 Land #20364, adds WingFTP unauthenticated RCE module 
Add WingFTP unauthenticated RCE (CVE-2025-47812)
 2025-07-07 13:12:10 +02:00
Martin Sutovsky 7d881567f2 Refactors code 2025-07-07 11:54:28 +02:00
msutovsky-r7 bc705b8c5a Land #20334, adds payload linux/x64/set_hostname 
Add payload/linux/x64/set_hostname module.
 2025-07-06 18:56:43 +02:00
Chocapikk 7629dd7518 DRY code, grab wingftp version in check method 2025-07-05 22:25:45 +02:00
Martin Sutovsky 1ee9d61de1 Running Rubocop 2025-07-05 15:57:38 +02:00
Umut f0a64b92a7 Update CachedSize 2025-07-04 18:22:52 +03:00
Umut 4cb523a20c Add exit(0) syscall 2025-07-04 18:21:20 +03:00
Martin Sutovsky b1de0c6313 Removes null-bytes 2025-07-04 12:30:01 +02:00
Martin Sutovsky dbe422698f Updates cached_size 2025-07-04 12:16:16 +02:00
Martin Sutovsky d0df343f74 Rewriting shellcode, making it smaller 2025-07-04 12:12:00 +02:00
Valentin Lobstein 6edbfb32ec Update modules/exploits/multi/http/wingftp_null_byte_rce.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2025-07-03 19:42:01 +02:00
happybear-21 1700b2eaaa fixed: rubocop issues, changes resolved 2025-07-03 21:25:19 +05:30
msutovsky-r7 0553d6b4e6 Land #20365, fixes/refactors the Maltrail RCE module 
Fix `exploit/unix/http/maltrail_rce.rb`
 2025-07-03 15:29:28 +02:00
Chocapikk 1944c699f8 Fix exploit/unix/http/maltrail_rce.rb 2025-07-03 14:07:14 +02:00
Valentin Lobstein d79810a7e3 Update modules/exploits/multi/http/wingftp_null_byte_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-07-03 13:54:11 +02:00
Valentin Lobstein d625ab5fbc Update modules/exploits/multi/http/wingftp_null_byte_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-07-03 13:54:01 +02:00
Valentin Lobstein 32f7754774 Update modules/exploits/multi/http/wingftp_null_byte_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-07-02 14:42:34 +02:00
Chocapikk 5b268bd4b4 Fix documentation and typos 2025-07-01 22:50:01 +02:00
Chocapikk f7a649c121 Remove php mixin and arch 2025-07-01 19:43:21 +02:00
Chocapikk 5d9eb58848 Remove useless mixin 2025-07-01 19:39:26 +02:00
Chocapikk 1a4a15e83b Add WingFTP unauthenticated RCE (CVE-2025-47812) 2025-07-01 19:15:15 +02:00
happybear-21 03e943726a resolved: changes updated methods 2025-07-01 21:33:41 +05:30
Stephen Fewer 56354849f0 favor AUTO over ANY for this enum usage 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-07-01 15:05:09 +01:00
Stephen Fewer 14512d7d17 favor AUTO over ANY for this enum 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-07-01 15:04:57 +01:00
happybear-21 20134b5ced resolved: changes 2025-07-01 15:37:10 +05:30
happybear-21 47f2ba2861 removed: unused imports, and functions, removed: falsey statements, resolved: changes 2025-06-30 20:34:17 +05:30
adfoster-r7 3a034ba2ba Merge pull request #20362 from sjanusz-r7/improve-bleichenbacher-oracle-python-version-detection 
Fix Bleichenbacher Oracle module on hosts with Python 2
 2025-06-30 15:18:44 +01:00
Alex 91a3cc27cd Update modules/payloads/singles/windows/aarch64/exec.rb 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-06-30 14:46:51 +02:00
sjanusz-r7 41b83b7170 Fix Bleichenbacher Oracle module on hosts with Python 2 2025-06-30 13:02:40 +01:00
happybear-21 ff15b581ed resolved: issues 2025-06-29 12:34:38 +05:30
Alex 3069d6a3b8 Readability 2025-06-28 23:25:23 +02:00
happybear-21 e77abd9bbc added: automatic admin_allow_langedit permission checking and enabling capability 2025-06-28 16:20:49 +05:30
Alex 114def2352 Merge branch 'rapid7:master' into add-windows-aarch64-winexec-payload 2025-06-27 23:57:55 +02:00
Alex 1dadec8369 Revive windows/aarch64/exec Payload 2025-06-27 23:57:12 +02:00