adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,998 Commits 27 Branches 1,043 Tags
3b799a50e89cff52fc271bd15ee8a5fb0ea8a7f0
Commit Graph

39019 Commits

Author SHA1 Message Date
Diego Ledda 3b799a50e8 Merge pull request #20703 from bcoles/linux-riscv-chmod-payloads 
Add Linux RISC-V chmod payloads
 2025-11-25 18:10:57 +01:00
msutovsky-r7 47b742ba0c Land #20482, fixes bug in HTTP-based login scanners 
Fix HTTP-based login scanners when using SSL with custom port
 2025-11-25 16:23:39 +01:00
jheysel-r7 4a012dd06a Merge pull request #20637 from zeroSteiner/feat/mod/smb-to-mssql 
Add an SMB to MSSQL NTLM Relay module
 2025-11-24 09:17:45 -08:00
Brendan 21777b8969 Merge pull request #20685 from msutovsky-r7/persistence/windows/notepad++_persistence 
Adds notepad++ persistence module for Windows
 2025-11-21 14:28:28 -06:00
msutovsky-r7 8f2525aba7 Land #20705, adds modules for Flowise RCEs (CVE-2025-59528, CVE-2025-8943) 
Add Flowise RCE exploits (CVE-2025-59528, CVE-2025-8943)
 2025-11-21 21:20:22 +01:00
Valentin Lobstein 8702256ec2 Remove manual substitution and add BadChars for backslash and quote in flowise_js_rce 2025-11-21 19:34:33 +01:00
Martin Sutovsky 098af341f9 Fix payload name escaping 2025-11-21 13:04:52 +01:00
Valentin Lobstein 6215da4754 Apply review suggestions: use case/when, improve error handling, simplify code 2025-11-20 22:41:08 +01:00
Valentin Lobstein 8cd32c04ea Update modules/exploits/multi/http/flowise_js_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-11-20 21:55:43 +01:00
Valentin Lobstein db082959f4 Update modules/exploits/multi/http/flowise_custommcp_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-11-20 21:55:20 +01:00
Brendan bb728c44d7 Merge pull request #20560 from cdelafuente-r7/feat/mitre/T1021 
Add T1021 "Remote Services" MITRE technique and sub-technique references
 2025-11-20 11:19:31 -06:00
Martin Sutovsky d904a526ee Shamefully removes pry and pry-byebug 2025-11-20 17:08:28 +01:00
bcoles d510adb13c Add Linux RISC-V chmod payloads 2025-11-21 01:37:12 +11:00
msutovsky-r7 e2097ee1bc Land #20701, adds windows WSL registry persistence module 
Windows WSL registry persistence
 2025-11-20 15:15:22 +01:00
Martin Sutovsky abaa4e6c7a Fixes cmd_exec call 2025-11-20 11:27:34 +01:00
h00die 9ff3f94bc9 review comments for wsl persistence 2025-11-19 17:37:55 -05:00
Valentin Lobstein 9624f75617 Simplify code formatting: shorten lines and improve readability 2025-11-19 23:05:01 +01:00
Valentin Lobstein 3102b31767 Move FETCH_COMMAND WGET to Unix/Linux target DefaultOptions only 2025-11-19 22:59:22 +01:00
Valentin Lobstein 44cf2e309f Add Flowise RCE exploits (CVE-2025-59528, CVE-2025-8943) with shared mixin, documentation, and Docker Compose setup 2025-11-19 22:12:49 +01:00
Valentin Lobstein df1c157471 Improve Flowise CustomMCP RCE exploit stability with Basic Auth support and HTTP response validation 2025-11-19 20:12:31 +01:00
Valentin Lobstein f991bd58a4 Update modules/exploits/multi/http/flowise_custommcp_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-11-19 19:57:48 +01:00
Valentin Lobstein 7ba143452c Change checkcode 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-11-19 19:57:03 +01:00
Valentin Lobstein 8178313a46 Delete SSL param 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-11-19 19:56:43 +01:00
Valentin Lobstein a187b9824e Remove CVE ID from title 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-11-19 19:56:23 +01:00
Christophe De La Fuente 179a545312 Remove false positive references 2025-11-19 17:34:15 +01:00
Martin Sutovsky 554c952d06 Adds payload name escaping 2025-11-19 15:58:30 +01:00
msutovsky-r7 d8b544b1ab Land #20707, adds note "CAP_SYS_BOOT privileges are required" to Linux Reboot payloads 
Add note "CAP_SYS_BOOT privileges are required" to Linux Reboot payloads
 2025-11-19 12:10:03 +01:00
bcoles c77c138117 Add note "CAP_SYS_BOOT privileges are required" to Linux Reboot payloads 2025-11-19 21:39:44 +11:00
Martin Sutovsky 6957f73bf5 Adds architecture match check 2025-11-19 08:12:30 +01:00
h00die 58f29548b3 review for windows/persistence/wsl/registry 2025-11-18 18:50:07 -05:00
Valentin Lobstein b26c4f5c7b Add Flowise Custom MCP RCE exploit (CVE-2025-8943) 2025-11-18 22:25:39 +01:00
Valentin Lobstein 88aadcc856 Add Flowise Custom MCP RCE exploit (CVE-2025-8943) 2025-11-18 22:03:59 +01:00
Martin Sutovsky e99c1f648d Expands fix for all HTTP-based login scanners 2025-11-18 16:42:59 +01:00
h00die 3209fdc937 remove old file 2025-11-17 19:03:55 -05:00
h00die 7c8fbd1672 rework windows service persistence 2025-11-17 19:02:54 -05:00
h00die a0222d0783 rework windows service persistence 2025-11-17 19:02:53 -05:00
h00die 1ad89ef1ef rewriting service 2025-11-17 19:02:53 -05:00
h00die 06f5c89bf4 throw this away 2025-11-17 19:02:53 -05:00
h00die 8c211b4d4a fix sc commands in windows service persistence 2025-11-17 19:02:53 -05:00
h00die 450e1df340 windows service now with persistence mixin 2025-11-17 19:02:50 -05:00
Martin Sutovsky 8285b433cb Addresses comments 2025-11-17 11:04:28 +01:00
Martin Sutovsky 0e26719cf2 Adds dll_exitprocess 2025-11-17 09:24:09 +01:00
h00die e3560e43cf windows wsl registry persistence 2025-11-16 08:35:44 -05:00
sfewer-r7 c1ff36668c disclosure date 2025-11-14 17:06:30 +00:00
sfewer-r7 b1327361e9 add in new CVE ID and vendor advisory 2025-11-14 17:04:33 +00:00
Brendan 9dcea0c20d Merge pull request #20698 from sfewer-r7/fortiweb-exploit 
Add an aux module for the recent FortiWeb exploit (No CVE assigned yet)
 2025-11-14 09:32:03 -06:00
Spencer McIntyre c000e9cfa5 Merge pull request #20687 from dwelch-r7/winrm-error-handling-improvements 
Add error handling for winrm login issues
 2025-11-14 08:39:26 -05:00
Dean Welch 771856ac6b Use print_brute over print_warning 2025-11-14 13:22:54 +00:00
sfewer-r7 06fbe46172 add in aux moduel for recent FortiWeb exploit 2025-11-14 12:02:10 +00:00
jheysel-r7 90ff800e41 Merge pull request #20669 from stfnw/azure-ad-login-default-message 
azure_ad_login: add context to error message
 2025-11-12 10:45:32 -08:00