adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
79,523 Commits 27 Branches 1,043 Tags
3672e2ba457c16a7b67dfed0bf32bb6a4e9532cf
Commit Graph

7532 Commits

Author SHA1 Message Date
Martin Sutovsky 3672e2ba45 Adds additional installation step 2026-01-19 11:23:09 +01:00
Martin Sutovsky c56f9d2ee2 Removes line from documentation 2026-01-15 15:20:44 +01:00
Martin Sutovsky e114ecdfd5 Splitting the modules into separate PRs 2026-01-15 15:20:43 +01:00
Martin Sutovsky 5ee1a15b7d Addressing comments 2026-01-15 15:20:43 +01:00
Martin Sutovsky b4f4078956 Updates documentation 2026-01-15 15:20:42 +01:00
Martin Sutovsky 744b366c58 Msftidy documentation 2026-01-15 15:20:41 +01:00
Martin Sutovsky 8e8c61b9c1 Fixes typo in documentation 2026-01-15 15:20:41 +01:00
Martin Sutovsky 7bbf49112f Updates documentation 2026-01-15 15:20:39 +01:00
Martin Sutovsky de856db75a Adds check methods, docs init 2026-01-15 15:20:38 +01:00
jheysel-r7 bb473b6019 Merge pull request #20797 from h00die/remove_persistence_exe 
persistence modules cleanup
 2026-01-14 14:43:33 -08:00
Spencer McIntyre 658c251b66 Merge pull request #20472 from jheysel-r7/feat/mod/badsuccessor 
Add BadSuccessor dMSA Privilege Escalation in Windows 2025
 2026-01-14 15:43:35 -05:00
Jack Heysel c1023fd62a Add BadSuccessor dMSA Privilege Escalation in Windows 2025 2026-01-14 12:34:45 -08:00
h00die f4a195b88a persistence modules cleanup 2026-01-14 13:49:29 -05:00
msutovsky-r7 7b092aeedb Land #20806, adds module for unauthenticated command injection in Control Web Panel API (CVE-2025-67888) 
Adds module for Control Web Panel API Command Injection (CVE-2025-67888)
 2026-01-14 15:44:25 +01:00
Diego Ledda e4f8d4fb13 Merge pull request #20706 from h00die/windows_wmi_persistence 
Update windows wmi to persistence mixin
 2026-01-14 09:37:20 -05:00
msutovsky-r7 eae97b314a Land #20810, adds module for authenticated RCE in n8n (CVE-2025-68613) 
Adds module for n8n workflow expression RCE (CVE-2025-68613)
 2026-01-13 16:51:06 +01:00
Brendan 10d12570c0 Merge pull request #20791 from Chocapikk/webcheck 
Add Web-Check screenshot API command injection RCE exploit (CVE-2025-32778)
 2026-01-12 17:14:04 -06:00
Martin Sutovsky defa2b1337 Adds reference to protocol, fixes formatting 2026-01-12 14:54:46 +01:00
basicallyabidoof 2f62e7c031 Add documentation for ipv6_neighbor_router_advertisement.rb see https://github.com/rapid7/metasploit-framework/issues/12389 2026-01-12 14:54:46 +01:00
h00die 6491f74d9d wmi persistence improvements 2026-01-11 07:25:13 -05:00
JohannesLks d45e91b130 typo 2026-01-09 10:48:30 -05:00
msutovsky-r7 472016b753 Land #20796, moves udev module into persistence category 
update udev to persistence mixin
 2026-01-09 16:14:08 +01:00
jheysel-r7 b9be6ac259 Merge pull request #20785 from Chocapikk/react2shell-clean 
Update react2shell module: Add Waku framework support
 2026-01-08 17:58:48 -08:00
jheysel-r7 bb98e855e1 Merge pull request #20751 from h00die/sticky_keys 
update windows sticky keys to persistence mixin
 2026-01-08 16:44:04 -08:00
Spencer McIntyre da89d98b1e Merge pull request #20847 from dwelch-r7/fix-ssh-login-print-and-docs 
Fix extra characters in print and merge docs for ssh_login/ssh_login_pubkey
 2026-01-08 16:17:43 -05:00
Dean Welch 2867729808 Fix extra characters in print and merge docs for ssh_login/ssh_login_pubkey 2026-01-08 13:57:22 +00:00
msutovsky-r7 c289ff44b9 Land #20811, adds module for Prison Management System 1.0 RCE (CVE-2024-48594) 
Add Prison Management System 1.0 auth RCE (CVE-2024-48594)
 2026-01-08 12:33:00 +01:00
msutovsky-r7 b39e781500 Land #20700, adds module for Taiga.io RCE (CVE-2025-62368) 
Adds exploit module for authenticated deserialization vulnerability in Taiga.io (CVE-2025-62368)
 2026-01-07 11:53:32 +01:00
jheysel-r7 0d21fd4cc9 Merge pull request #20692 from msutovsky-r7/persistence/multi/python-site-specific-config-hook 
Adds module for python site-specific hook persistence
 2026-01-06 16:19:31 -08:00
h00die 428f31fdd3 review for wmi persistence 2026-01-06 16:36:05 -05:00
h00die bfec7c378b Update documentation/modules/exploit/windows/persistence/accessibility_features_debugger.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-06 14:00:39 -05:00
kali be9b2c9491 Add documentation for prison_management_rce 2026-01-06 12:33:49 +02:00
h00die 2f4db3bd5f review for wmi persistence 2026-01-05 17:06:17 -05:00
Diego Ledda acc206b2dc Merge pull request #20833 from xaitax/CVE-2025-14847_Mongobleed 
Add MongoDB memory disclosure module (CVE-2025-14847)
 2025-12-30 08:49:30 -05:00
Diego Ledda cd83a441b9 Merge pull request #20767 from Chocapikk/geoserver 
Add GeoServer WMS GetMap XXE file read module (CVE-2025-58360)
 2025-12-30 08:39:00 -05:00
Alex 44b2adafa7 Add MongoDB memory disclosure module (CVE-2025-14847) 2025-12-30 13:04:25 +01:00
JohannesLks 2cadcfe6ab add CVE-2025-68613 2025-12-25 11:21:28 -05:00
JohannesLks 455275d087 add module for CVE-2025-67888 2025-12-23 19:21:34 -05:00
h00die 3ea866c41d udev persistence 2025-12-21 07:50:48 -05:00
Brendan 3015c9f962 Merge pull request #20792 from sfewer-r7/hpe_oneview_rce 
Add unauth RCE exploit module for HPE OneView (CVE-2025-37164)
 2025-12-19 17:41:51 -06:00
Brendan b12ebc95c0 Merge pull request #20754 from h00die/assist_tech 
assistive technology persistence
 2025-12-19 16:33:21 -06:00
sfewer-r7 d40a35acdb the version logic changes, update the docs 2025-12-19 15:48:07 +00:00
sfewer-r7 a4dba96712 add in the HPE OneView exploit 2025-12-19 15:30:53 +00:00
Brendan 6c4a61fa42 Merge pull request #20761 from Chocapikk/acf-extended-rce 
Add WordPress ACF Extended unauthenticated RCE exploit (CVE-2025-13486)
 2025-12-18 16:03:06 -06:00
Valentin Lobstein 080f74f862 Update Web-Check documentation with docker-compose.yml setup instructions 2025-12-18 19:19:17 +01:00
Valentin Lobstein 5178cdee42 Update Web-Check documentation with git clone command 2025-12-18 18:56:18 +01:00
Valentin Lobstein 13f102eb5b Add Web-Check screenshot API command injection RCE exploit (CVE-2025-32778) 2025-12-18 18:51:12 +01:00
Valentin Lobstein 3b407575fa Update react2shell module: Add Waku framework support 2025-12-17 23:07:01 +01:00
Valentin Lobstein 46f87e0f6e Add GeoServer WMS GetMap XXE file read module (CVE-2025-58360) 2025-12-12 16:11:15 +01:00
jheysel-r7 388a967101 Merge pull request #20749 from nakkouchtarek/grav-ssti-rce 
Add Grav CMS Twig SSTI Sandbox Bypass RCE Exploit Module & Documentation
 2025-12-11 16:13:09 -08:00