adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
79,232 Commits 27 Branches 1,043 Tags
36b29fb458bf22d520fe0cd3fc96069a9af2478e
Commit Graph

1617 Commits

Author SHA1 Message Date
gregd 36b29fb458 Add vulnerable environment setup guide to module documentation 
Step-by-step minikube-based setup for deploying a vulnerable
che-machine-exec instance for module verification.
 2026-02-19 11:27:27 +00:00
gregd c225256956 Add meterpreter scenario and redact IPs in documentation 2025-12-31 15:37:46 +00:00
gregd 475846ea2a Add Eclipse Che machine-exec unauthenticated RCE (CVE-2025-12548) 
This module exploits an unauthenticated RCE vulnerability in the
Eclipse Che machine-exec service. The service accepts WebSocket
connections without authentication on port 3333, allowing command
execution via JSON-RPC.

Affects Red Hat OpenShift DevSpaces environments.
 2025-12-30 21:14:55 +00:00
sfewer-r7 d40a35acdb the version logic changes, update the docs 2025-12-19 15:48:07 +00:00
sfewer-r7 a4dba96712 add in the HPE OneView exploit 2025-12-19 15:30:53 +00:00
sfewer-r7 795c38c524 Combine the 7.x and 6.x targets together, as Linux payloads work on 7.x also, so this target is Unix and Linux. This leaves the 8.x target Unix only due to IMA appraisal. 2025-11-28 10:12:02 +00:00
sfewer-r7 014312873c get both unix and linux payloads working on 6.x. Add a note to the docs about setting a gateway. 2025-11-27 20:28:44 +00:00
sfewer-r7 f5e8aa83be add in exploit support for FortiWeb versions 6.x which are vulnerable, but no longer under support from the vendor. 2025-11-27 12:43:19 +00:00
Brendan e998b91aee Merge pull request #20717 from sfewer-r7/fortiweb-exploit-rce 
Add exploit module for Fortinet FortiWeb (CVE-2025-64446 + CVE-2025-58034)
 2025-11-25 14:14:31 -06:00
sfewer-r7 fa03ac8b66 on 7.4.8 the command nohup is not available. we must execute our payload in a new session, so we use a python stub to essentially call setsid. This has been tested to work on both 8.0.1 and 7.4.8. Teh payload cmd/unix/reverse_python isnot working as it previously was, so I am removing from the list of confirmed paylaods. The other two, cmd/unix/reverse_bash and cmd/unix/reverse_openssl work fine on both versions 2025-11-25 11:25:41 +00:00
Zedeldi 4b2798f357 Correct vulnerable version information 2025-11-24 17:10:51 +00:00
Zedeldi ce926fd3d1 Update vulnerable IGEL OS version to < 11.09.310 2025-11-24 11:57:18 +00:00
Zedeldi 933fb7bdf1 Add clean-up information 2025-11-24 11:43:46 +00:00
Zedeldi 002795c5be Update module information in documentation 2025-11-24 11:24:23 +00:00
Zedeldi b13137886a Add IGEL OS and vulnerability summary to documentation 2025-11-21 13:09:28 +00:00
sfewer-r7 aff76622fa add in the unauth RCE exploit module for CVE-2025-64446 + CVE-2025-58034 2025-11-21 12:22:25 +00:00
Zedeldi c6db0d4285 Move IGEL OS persistence module to linux/persistence 2025-11-17 18:42:28 +00:00
Zedeldi c37f7872a3 Add documentation for IGEL OS modules 2025-11-17 16:33:15 +00:00
h00die b646e0e044 docs editing for consistency 2025-11-07 15:42:27 -05:00
h00die fb02ec4554 remove 4 space indents in options 2025-11-07 15:42:27 -05:00
h00die caa2873a14 more adjustments 2025-11-07 15:42:27 -05:00
h00die d8c73f6684 replace bold options with h3 2025-11-07 15:42:23 -05:00
Diego Ledda 110cb837aa Merge pull request #20672 from h00die-gr3y/centreon_auth_rce 
Centreon authenticated command injection leading to RCE via broker engine "reload" parameter [CVE-2025-5946]
 2025-11-05 16:29:29 +01:00
h00die-gr3y 408eceb2d9 small update documentation 2025-11-03 10:27:44 +00:00
h00die-gr3y 85b4233345 updated module based on review comments and added documentation 2025-11-03 10:21:31 +00:00
Diego Ledda 13dc61e2e8 Merge pull request #20523 from h00die/modern_persistence_upstart 
update upstart to persistence mixin
 2025-10-31 12:28:59 +01:00
bcoles 676a2ed4b1 Add Rootkit Privilege Escalation Signal Hunter 2025-10-31 17:22:19 +11:00
h00die c0b3f40b3e upstart review 2025-10-27 19:45:38 -04:00
bcoles 52b7f1ff25 Deprecate exploit/linux/local/diamorphine_rootkit_signal_priv_esc 2025-10-24 17:05:10 +11:00
h00die 55583bd2c8 review for sysv persistence 2025-10-14 19:30:06 -04:00
h00die 058e858e82 update systemvinit to persistence mixin 2025-10-13 13:42:41 -04:00
Brendan 91c0adb17f Merge pull request #20585 from vognik/CVE_2025_60787 
Add MotionEye Authenticated RCE (CVE-2025-60787)
 2025-10-09 13:50:25 -05:00
Vognik 267a26b763 code review changes from smcintyre-r7@ 2025-10-09 21:51:31 +04:00
msutovsky-r7 79ff667d5e Land #20538, adds systemd override persistence module 
persistence: systemd service override
 2025-09-26 15:57:31 +02:00
h00die 6c5522cdba Update documentation/modules/exploit/linux/persistence/init_systemd_override.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2025-09-18 16:25:54 -04:00
h00die 15f4abd1b2 update yum to persistence module 2025-09-18 15:36:44 -04:00
Diego Ledda c718a965d7 Merge pull request #20508 from h00die/modern_persistence_cron 
update cron to persistence mixin
 2025-09-18 12:04:00 +02:00
msutovsky-r7 dc8d67538c Land #20536, adds docker image persistence module 
docker image persistence module
 2025-09-17 09:56:16 +02:00
jheysel-r7 81ce0f8868 Merge pull request #20521 from h00die/modern_persistence_systemd 
update systemd to persistence mixin
 2025-09-16 14:56:26 -07:00
jheysel-r7 02e35f7e92 Merge pull request #20520 from h00die/modern_persistence_openrc 
update openrc to persistence mixin
 2025-09-15 15:54:31 -07:00
h00die ebe0234ddb Update documentation/modules/exploit/linux/persistence/init_openrc.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-09-15 16:30:17 -04:00
Brendan 1ec10ec877 Merge pull request #20510 from h00die/modern_persistence_rc_local 
update rc_local to persistence mixin
 2025-09-15 14:47:48 -05:00
jheysel-r7 b45a3caaa5 Merge pull request #20509 from h00die/modern_persistence_motd 
update motd to persistence mixin
 2025-09-12 16:18:08 -07:00
h00die 403d02698b systemd service override persistence 2025-09-11 17:29:13 -04:00
Diego Ledda 985af001d2 Merge pull request #20497 from h00die/modern_persistence_autostart 
update autostart to persistence mixin
 2025-09-11 18:58:32 +02:00
h00die 00115457f7 Update documentation/modules/exploit/linux/persistence/init_upstart.md 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-09-11 12:00:28 -04:00
h00die 5c52151a06 Update documentation/modules/exploit/linux/persistence/init_upstart.md 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-09-11 12:00:22 -04:00
Diego Ledda 80c5e41650 Merge pull request #20495 from h00die/modern_persistence_apt 
update apt_package_manager to persistence mixin
 2025-09-11 10:49:08 +02:00
h00die 2bf5264aff docker image persistence module 2025-09-10 13:45:22 -04:00
Diego Ledda 1314f5d0bb Merge pull request #20455 from Chocapikk/aitemi_m300_time_rce 
Add unauthenticated RCE on Shenzhen Aitemi M300 MT02 (CVE-2025-34152)
 2025-09-10 10:12:41 +02:00