adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,470 Commits 27 Branches 1,043 Tags
2fcd97f5efac397ea025b33a2d26d306d3f9dcab
Commit Graph

3282 Commits

Author SHA1 Message Date
space-r7 3b53966caa add installation steps 2023-06-06 12:14:14 -05:00
space-r7 5f7ae883f8 add documentation 2023-06-05 17:38:58 -05:00
Spencer McIntyre 9e38ed4459 Land #17929, Linux sudoedit LPE (CVE-2023-22809) 
Linux sudoedit priv esc (CVE-2023-22809)
 2023-05-23 09:30:18 -04:00
space-r7 6c88e85d02 Land #17993, add invscout RPM privesc 2023-05-17 18:56:42 -05:00
bcoles 0bc1fdf51d Add invscout RPM Privilege Escalation 2023-05-17 20:17:55 +10:00
Grant Willcox 459cf871cb Land #17979, Add exploit for Ivanti Avalanche file upload - CVE-2023-28128 2023-05-16 09:19:33 -05:00
Grant Willcox ea988f0c78 Add more documentation on how to set the target up based on my own experience and so that we have a backup in case the link to external documentation breaks 2023-05-12 14:27:39 -05:00
Grant Willcox cf5f90ac4f Minor updates to documentation to tidy things up a bit 2023-05-11 16:48:16 -05:00
space-r7 722de33b6f address feedback, use cleanup to restore path 
fix bug where if config restore failed, module would
output that it was both a failure and a success
add akb topic as reference
 2023-05-11 13:20:25 -05:00
Grant Willcox 020ee7ca5c Land #17964 - Pentaho Business Server Auth Bypass and SSTI - CVE-2022-43769 and CVE-2022-43939 2023-05-11 09:28:55 -05:00
Grant Willcox 9f6a1c18a1 Minor updates to fix URLs, disclosure date, description, and minor gramatical things 2023-05-10 18:22:00 -05:00
Grant Willcox 9f0a6503b7 require.js is not the only way, account for this new discovery in code 2023-05-10 13:02:02 -05:00
Grant Willcox 5d4e68d36c Add Metasploit payload example and remove message that may suggest successful exploitation occurred even when it didn't 2023-05-10 10:36:29 -05:00
Grant Willcox 1b8f1de7c8 Add in fixes from review, add archive of software, and use uri_encode_mode for encoding parameters. 2023-05-10 10:16:08 -05:00
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
Jack Heysel 07056a74bc Pentaho Business Server Auth Bypass and SSTI 2023-05-09 14:24:51 -05:00
space-r7 d60843f0eb name versions that are vulnerable 2023-05-09 09:16:42 -05:00
space-r7 08a79a2f4e add documentation 2023-05-08 17:42:23 -05:00
Grant Willcox f773d348e1 Add in notes about reliability of the module, and also add documentation on 7005 test on Windows 2022 2023-05-08 12:11:01 -05:00
Grant Willcox c221edb1ec Add in ADAudit Plus build 6077 testing examples 2023-05-08 11:45:44 -05:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
h00die e692e927dc review fixes 2023-05-05 16:43:47 -04:00
Grant Willcox 19651633c4 Update the installation instructions to resolve some issues encountered during testing 2023-05-04 18:26:54 -05:00
Grant Willcox f27fc28411 Perform review updates 2023-05-04 15:12:31 -05:00
ErikWynter aede036b02 additional changes from code review 2023-05-04 15:12:30 -05:00
Grant Willcox 0fd743d851 Add in fixes from code review 2023-05-04 15:12:29 -05:00
Grant Willcox d5032f0a5d Minor touchups on documentation for review 2023-05-04 15:12:28 -05:00
ErikWynter 32796b429b add note about payload limitations for builds 7004 and 7005 2023-05-04 15:12:27 -05:00
Grant Willcox 3b0d8b850b Fix up some issues identified during review 2023-05-04 15:12:26 -05:00
ErikWynter 9f68a5f8d1 add manageengine_adaudit_plus_authenticated_rce exploit module and docs 2023-05-04 15:12:09 -05:00
h00die 95562e04aa sudoedit work 2023-05-02 18:39:59 -04:00
Christophe De La Fuente 60149259a2 Land #17856, RCE exploit for CVE-2023-26359 (Adobe ColdFusion) and an auxiliary module for arbitrary file read via the same vuln. 2023-04-28 19:27:15 +02:00
h00die d454b2e195 cve-2023-22809 2023-04-25 20:54:48 -04:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel 78e80f8e32 docs fix 2023-04-17 16:41:35 -04:00
Jack Heysel 162fe21659 Documentation copy pasta correction 2023-04-17 16:39:57 -04:00
jheysel-r7 d4b668e27b Update documentation/modules/exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-04-17 16:36:31 -04:00
Jack Heysel db853f9a68 Land #17711, SPIP unauth RCE module 
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
 2023-04-17 15:30:03 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
adfoster-r7 396a4b90cc Land #17892, update unified_remote_rce docs 2023-04-17 13:53:32 +01:00
h00die 37130e5a3d move asan docs 2023-04-16 10:19:43 -04:00
h00die 4b176c8ef5 fix unified_remote_rce docs 2023-04-16 10:11:01 -04:00
sfewer-r7 5d05754d9b update the AKB URL to reference the changed CVE 2023-04-14 17:44:38 +01:00
sfewer-r7 e6211175b3 rename the files to the correct CVE 2023-04-14 15:52:13 +01:00
sfewer-r7 b5ea420760 On April 12 Adobe reclassified CVE-2023-26360 from an Improper Access Controll vuln to a Deserialization of Untrusted Data vuln. A private report has confirmed that CVE-2023-26359 is a similar yet seperate vuln, so I am changing the CVE associated with these two modules from CVE-2023-26359 to CVE-2023-26360 as we now beliee this is the correct CVE. 2023-04-14 15:49:10 +01:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
sfewer-r7 ae87f35944 fix two typos in documentation 2023-04-13 15:57:48 +01:00