adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,623 Commits 27 Branches 1,043 Tags
2cf8ea39f94bbf749ca99cd6ddfc034df407d166
Commit Graph

2962 Commits

Author SHA1 Message Date
Noam Rathaus 705cfb5016 Fix empty banner (never set) issue 2024-04-05 19:24:19 +03:00
bwatters 3dc638909f Land #18906, Add template data files for ESC2 and ESC3 
Merge branch 'land-18906' into upstream-master
 2024-03-29 15:29:52 -05:00
Jack Heysel abb2eb7ffd Land #18891, Add RCE module for wp bricks builder 
This PR adds the wp_bricks_builder_rce exploit module that targets a
known vulnerability in the WordPress Bricks Builder Theme, versions
prior to 1.9.6.
 2024-03-26 14:46:35 -07:00
Jack Heysel d03dfe8991 Land #18841, Update sap_icm_paths.txt wordlist 
This PR updates the sap_icm_paths.txt wordlist with the newest enteries.
 2024-03-19 16:40:09 -07:00
Spencer McIntyre 88ea9af859 Add ESC2 and ESC3 templates too 2024-02-29 16:15:39 -05:00
Spencer McIntyre 97f75c19e4 Show the objectSID of groups as well 2024-02-26 17:28:41 -05:00
Balgogan f04b66d6dd Add wp_bricks_builder_rce 2024-02-26 22:09:38 +01:00
Jack Heysel 8cddffa3d1 Land #18700, Add Kafka-ui Unauth RCE module 
This PR adds an exploit module for CVE-2023-52251 which
is an unauthenticated rce vulnerability in Kafka's UI.
 2024-02-16 15:38:52 -05:00
adfoster-r7 7b56d012e8 Land #18678, add LDAP capture capabilities 2024-02-15 22:11:04 +00:00
randomstr1ng 564c3f8e02 merge sap_icm_paths.txt with seclists sap.txt wordlist and add paths related to potential information leak 2024-02-15 16:03:31 +01:00
h00die-gr3y f5c71d09c2 using data/kafka_ui_versions.json for the version check 2024-02-14 20:57:46 +00:00
Spencer McIntyre a75013e51a Land #18616, Fix aarch64 elf shared SIGBUS error 
Fix aarch64 elf shared object bus error
 2024-02-14 13:30:29 -05:00
Jeffrey Martin d20ef7a08b add LDAP to capture plugin 2024-01-23 13:52:35 -06:00
Christophe De La Fuente b8aa55c322 Land #18633, WordPress Backup Migration Plugin PHP Filter Chain RCE (CVE-2023-6553) 2024-01-17 18:42:52 +01:00
adfoster-r7 1ba704b1cb Land #18398, Update deprecated report_auth_info in various modules 2024-01-16 19:30:56 +00:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Jack Heysel b86df4820c Responded to comments from jvoisin 2023-12-19 13:50:09 -05:00
Jack Heysel 2ed3b771ed Updated python exploit 2023-12-19 00:26:54 -05:00
Jack Heysel c895364675 Initial commit, files created 2023-12-18 19:26:14 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
Gaurav Jain e9ff2e55dc Remove useless include of Report mixin in psnuffle.rb 2023-12-17 22:53:19 +05:30
Gaurav Jain a58f7f0558 Minor fixes to modules to use report_cred 2023-12-16 23:40:30 +05:30
Jack Heysel d9aa7f914e Added newline to PoC and removed empty file 2023-12-14 18:42:09 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
adfoster-r7 4e106c2a73 Fix aarch64 elf shared object bus error 2023-12-13 00:26:53 +00:00
Jack Heysel 7b74b758ad Removed unnecessary files in zip backup 2023-12-11 18:23:22 -05:00
Jack Heysel 3bad98afc6 Land #18488, add kerberos_tickets post module 
Adds a module to manage kerberos tickets from a compromised
host. This PR also includes rail gun enhancements.
 2023-12-07 19:12:48 -05:00
adfoster-r7 02c892c3fc Add hierarchical search table support 2023-11-30 16:32:29 +00:00
Balgogan 65ea1188e2 Add suggested changes 2023-11-23 18:22:36 +01:00
Jack Heysel c0be4c2f72 working end to end unix confluence 7.18 2023-11-22 19:49:38 -05:00
Jack Heysel e6e2106140 Auth bypass, auth, shell upload, working 2023-11-21 22:14:27 -05:00
Spencer McIntyre 54bce7fcb5 Add module docs 2023-10-27 12:47:19 -04:00
h00die b3b1595ef4 vmware aria ssh keys exploit 2023-10-16 13:06:17 -04:00
Spencer McIntyre 5a6dc7f9a6 Initial commit of CVE-2023-43654 2023-10-12 09:27:26 -04:00
Christophe De La Fuente 1058291af9 Land #18314, Windows Error Reporting RCE (CVE-2023-36874) 2023-09-27 15:25:06 +02:00
errorxyz f5d5541e73 Update deprecated report_auth_info method call in various modules in data/exploits/psnuffle/ 2023-09-25 02:51:08 +05:30
errorxyz 9f10f9402c Update deprecated report_auth_info method call in data/exploits/psnuffle/smb.rb module 2023-09-25 02:06:48 +05:30
bwatters be731f330e Add error checking and randomize the report directory 2023-09-22 14:43:21 -05:00
bwatters b4a1bb8fa2 Add docs and support for shell sessions; update exe to work without runtime lib. 2023-09-19 17:50:18 -05:00
Simon Janusz 8b56dc0117 Land #18250, CVE-2023-28252: Windows CLFS Driver Privilege Escalation 2023-09-14 10:18:29 +01:00
h00die 94657d317b another round of review comments 2023-09-11 14:29:20 -04:00
bwatters 91e7af4370 Added check, some stealth, and cleaned code 2023-09-05 14:29:13 -05:00
bwatters ccba494e61 Exploit working, still needs to be cleaned up 2023-08-29 18:01:44 -05:00
bwatters c69e983b30 Add module to create directory structures and upload/run exploit 2023-08-25 15:41:25 -05:00
Jack Heysel 97dd22032c Responded to comments, improved stability 2023-08-21 19:20:25 -04:00
cgranleese-r7 89f8deb672 Land #18253, Add CVE-2023-34634, Greenshot Fileformat exploit 2023-08-17 15:30:02 +01:00
Jack Heysel bcfc892195 General code clean up 2023-08-04 14:27:14 -04:00
bwatters 59e3760509 First attempt at CVE-2023-34634 2023-08-03 10:58:07 -05:00
adfoster-r7 9a40e2612b Land #17129, Add OSX Aarch64 Payload support 2023-08-02 18:37:56 +01:00
adfoster-r7 89cd524acb Update osx templates makefile and compile binaries 2023-08-02 01:26:18 +01:00