 bcoles
|
3aa6e2d8db
|
modules/exploits/linux/ids: Resolve RuboCop violations
|
2025-05-20 23:54:29 +10:00 |
|
|
adfoster-r7
|
ccced2c0ad
|
Merge pull request #20190 from bcoles/rubocop-modules-auxiliary-dos-smb-smb_loris
modules/auxiliary/dos/smb/smb_loris: Resolve RuboCop violations
|
2025-05-19 20:54:00 +01:00 |
|
|
msutovsky-r7
|
561eef98c1
|
Land #20188, adds module for CVE-2024-7399 Samsung MagicINFO 9 Server
Samsung MagicINFO 9 Server RCE (CVE-2024-7399) Module
|
2025-05-19 09:49:09 +02:00 |
|
|
jheysel-r7
|
e4a5aecf05
|
Merge pull request #20186 from bcoles/rubocop-modules-auxiliary-server-capture
modules/auxiliary/server/capture: Resolve RuboCop violations
|
2025-05-16 14:43:20 -07:00 |
|
|
Spencer McIntyre
|
57c69049f7
|
Merge pull request #20175 from smashery/ruby-kerberoasting
Ruby kerberoasting
|
2025-05-16 10:28:52 -04:00 |
|
|
Diego Ledda
|
c68b10b640
|
Merge pull request #20164 from bcoles/rubocop-modules-exploits-linux-games
modules/exploits/linux/games: Resolve RuboCop violations
|
2025-05-16 10:27:24 +02:00 |
|
|
h4x-x0r
|
647545c5ef
|
Update magicinfo_traversal.rb
|
2025-05-15 22:13:08 +01:00 |
|
|
h4x-x0r
|
bd181f8a13
|
Update magicinfo_traversal.rb
|
2025-05-15 22:11:23 +01:00 |
|
|
h4x-x0r
|
6d2a1e529e
|
Update magicinfo_traversal.rb
|
2025-05-15 20:11:59 +01:00 |
|
|
Spencer McIntyre
|
5d4aca6c92
|
Merge pull request #20145 from bcoles/rubocop-modules-auxiliary-spoof
modules/auxiliary/spoof: Resolve RuboCop violations
|
2025-05-15 13:43:23 -04:00 |
|
|
Spencer McIntyre
|
a7d092701a
|
Add error handling to the module
|
2025-05-15 13:39:10 -04:00 |
|
|
Brendan
|
76471731f9
|
Merge pull request #20112 from cdelafuente-r7/mod/ivanti/rce/cve_2025_22457
Ivanti Connect Secure Unauthenticated RCE via Stack-based Buffer Overflow CVE-2025-22457
|
2025-05-15 11:44:49 -05:00 |
|
|
Spencer McIntyre
|
15f04ca85f
|
Log an error when kerberoasting fails
|
2025-05-15 12:29:34 -04:00 |
|
|
bcoles
|
42a383e4c7
|
modules/exploits/linux/games: Resolve RuboCop violations
|
2025-05-16 00:09:30 +10:00 |
|
|
adfoster-r7
|
b67a0f7851
|
Merge pull request #20194 from adfoster-r7/ensure-thinkphp-rce-runs-on-metasploit-pro
Ensure thinkphp rce runs on metasploit pro
|
2025-05-15 14:14:33 +01:00 |
|
|
Ashley Donaldson
|
2ba2d7976a
|
Changes from code review
|
2025-05-15 22:19:11 +10:00 |
|
|
adfoster-r7
|
20cda86177
|
Ensure thinkphp rce runs on metasploit pro
|
2025-05-15 12:55:12 +01:00 |
|
|
Diego Ledda
|
d12b6fe3ba
|
Merge pull request #20163 from bcoles/rubocop-modules-exploits-linux-antivirus
modules/exploits/linux/antivirus: Resolve RuboCop violations
|
2025-05-15 13:11:08 +02:00 |
|
|
msutovsky-r7
|
c598d8b4b0
|
Land #20020, adds module for Nextcloud Workflow Remote Code Execution
Add exploit module for the nextcloud workflow vulnerability CVE-2023-26482
|
2025-05-15 12:31:51 +02:00 |
|
|
Christophe De La Fuente
|
365caab8fc
|
Update the error message in case of Broken pipe error and update the documentation
|
2025-05-15 12:10:53 +02:00 |
|
|
bcoles
|
17f9038372
|
modules/auxiliary/dos/smb/smb_loris: Resolve RuboCop violations
|
2025-05-15 19:21:57 +10:00 |
|
|
whotwagner
|
97ecaa7c30
|
Refactoring indentations
|
2025-05-15 09:16:26 +00:00 |
|
|
whotwagner
|
61dc956bb3
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-15 11:15:05 +02:00 |
|
|
whotwagner
|
72c9d5b038
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-15 11:14:25 +02:00 |
|
|
whotwagner
|
9b619cbc58
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-15 11:12:05 +02:00 |
|
|
Diego Ledda
|
6c39f9331f
|
Land #20162, modules/auxiliary/sqli: Resolve RuboCop violations
Land #20162, modules/auxiliary/sqli: Resolve RuboCop violations
|
2025-05-15 10:52:37 +02:00 |
|
|
Diego Ledda
|
f7e7b5ad14
|
Land #20154, modules/auxiliary/dos: Resolve RuboCop violations
Land #20154, modules/auxiliary/dos: Resolve RuboCop violations
|
2025-05-15 10:22:51 +02:00 |
|
|
msutovsky-r7
|
e3649b31fe
|
Land #20123, adds module for path traversal and credential harvester in PowerCom UPSMON Pro
POWERCOM UPSMON PRO Path Traversal (CVE-2022-38120) and Credential Harvester (CVE-2022-38121) Module
|
2025-05-15 07:23:07 +02:00 |
|
|
h4x-x0r
|
3f4c8a5161
|
Update upsmon_traversal.rb
|
2025-05-15 04:28:53 +01:00 |
|
|
bcoles
|
8ea5d3214f
|
modules/auxiliary/dos: Resolve RuboCop violations
|
2025-05-15 08:43:24 +10:00 |
|
|
bcoles
|
3ae2a8fa8c
|
modules/auxiliary/server/capture: Resolve RuboCop violations
|
2025-05-15 00:26:16 +10:00 |
|
|
whotwagner
|
0e0b84d252
|
Error message if nextcloud-upload fails
|
2025-05-14 13:53:59 +00:00 |
|
|
msutovsky-r7
|
fe5f56cac0
|
Land #20159, adds module for privilege escalation in Wordpress (CVE-2025-2563)
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
|
2025-05-14 15:33:30 +02:00 |
|
|
Diego Ledda
|
1f230f3731
|
Land #20153, modules/auxiliary/dos/http: Resolve RuboCop violations
Land #20153, modules/auxiliary/dos/http: Resolve RuboCop violations
|
2025-05-14 10:45:03 +02:00 |
|
|
Diego Ledda
|
621840e9df
|
Land #20152, modules/auxiliary/dos/windows: Resolve RuboCop violations
Land #20152, modules/auxiliary/dos/windows: Resolve RuboCop violations
|
2025-05-14 10:42:58 +02:00 |
|
|
msutovsky-r7
|
7d8d0230cb
|
Land #20026, adds module for CVE-2024-57487
New Exploit Module & Documentation for CVE-2024-57487
|
2025-05-14 08:00:20 +02:00 |
|
|
Brendan
|
1982d81e22
|
Merge pull request #20098 from smashery/execute-assembly32
Execute assembly32
|
2025-05-13 16:49:25 -05:00 |
|
|
Spencer McIntyre
|
3d67f9ef55
|
Merge pull request #20161 from bcoles/rubocop-modules-auxiliary-fuzzers
modules/auxiliary/fuzzers: Resolve RuboCop violations
|
2025-05-13 16:04:00 -04:00 |
|
|
Chocapikk
|
88ffe892e0
|
Remove lower bound
|
2025-05-13 21:48:49 +02:00 |
|
|
Valentin Lobstein
|
7f98f2fad7
|
Update modules/exploits/multi/http/wp_user_registration_membership_escalation.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 21:42:10 +02:00 |
|
|
Chocapikk
|
c415675c39
|
Reduce wordpress_version calls
|
2025-05-13 21:42:10 +02:00 |
|
|
Chocapikk
|
a2ff0c1f92
|
Apply suggestion to store created WordPress admin creds
|
2025-05-13 21:42:09 +02:00 |
|
|
Chocapikk
|
e335841bb0
|
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
|
2025-05-13 21:42:09 +02:00 |
|
|
aaryan-11-x
|
1e523e4e0b
|
MsfTidy Fixes again
|
2025-05-13 23:54:36 +05:30 |
|
|
Brendan
|
b41f0a4430
|
Merge pull request #20178 from bcoles/modules-post-windows-gather-credentials
modules/post/windows/gather/credentials: Update PackRat module descriptions
|
2025-05-13 11:25:50 -05:00 |
|
|
Brendan
|
cb6495e5bc
|
Merge pull request #20146 from Chocapikk/wp_suretriggers_auth_bypass
Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102)
|
2025-05-13 10:53:44 -05:00 |
|
|
Christophe De La Fuente
|
3d121839c8
|
Fix from code review #2
|
2025-05-13 17:17:41 +02:00 |
|
|
whotwagner
|
09aaf5865c
|
Rearranged code and removed wait_for_payload_session
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
ad9651db5d
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
9b0aee41f4
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|