adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

99 Commits

Author SHA1 Message Date
h00die 482d2b28b1 gitlab password reset account takeoever 2024-01-18 16:19:26 -05:00
Stephen Fewer 64c9968328 Update cisco_ios_xe_os_exec_cve_2023_20273.md, which was missing CISCO_ADMINUSERNAME and CISCO_ADMIN_PASSWORD in the show options command output 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-08 09:16:12 +00:00
sfewer-r7 8364ae896b add the CLI command to sue to enable testing the WebUI 2023-11-06 17:11:39 +00:00
sfewer-r7 b28668790d allow user to explicitly specify a CLI mode. Valid modes are 'user', 'privileged', and 'global'. 2023-11-06 11:40:22 +00:00
sfewer-r7 10ee87c712 Add an optional CISCO_ADMIN_USERNAME and CISCO_ADMIN_PASSWORD options. If set these admin creds are used to leverage CVE-2023-20273. If not set, then CVE-2023-20198 is used to create a new temp admin account before leveraging CVE-2023-20273 2023-11-06 10:20:07 +00:00
Stephen Fewer be1229747f fix another typo on documentation 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-06 09:47:38 +00:00
Stephen Fewer 22cb55b36b fix type on documentation 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-06 09:47:23 +00:00
sfewer-r7 a55132b36f strip out "**CLI Line # " from the results and use print_line instead of print_status for cleaner output. 2023-11-03 17:09:08 +00:00
sfewer-r7 c8121ebd8e mention dropping to User EXEC mode via two exit keywords 2023-11-03 16:43:21 +00:00
sfewer-r7 17420289dc Add two auxiliary modules for the recent Cisco IOS XE exploit chain bugs (CVE-2023-20198 and CVE-2023-20273). This allows for unauthenticated remote CLI or OS command execution. 2023-11-03 15:38:35 +00:00
Spencer McIntyre 15aaa90379 Land #18447, CVE-2023-22515 Confluence Auth Bypass 
CVE-2023-22515 - Atlassian Confluence Data Center and Server Authentication Bypass
 2023-10-19 17:35:17 -04:00
Spencer McIntyre ee0e5b9eda Tidy the docs, fix the username 
The username can not contain capital letters, or the operation will
fail.
 2023-10-19 17:19:55 -04:00
emirpolatt 258ac6421b Fix fail_with response code compare and documentation fixes 2023-10-19 17:19:30 -04:00
emirpolatt 9ef1d1746a CVE-2023-22515 - Atlassian Confluence Data Center and Server Broken Access Control Leads to Authentication Bypass 2023-10-11 12:09:22 -07:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
Grant Willcox 2958a43a6a Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored 2022-09-23 12:19:29 -05:00
h00die-gr3y f2d357eda1 updated documentation with camera specifications 2022-09-23 09:38:37 -05:00
Grant Willcox edc37835e5 Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review 2022-09-23 09:38:35 -05:00
Grant Willcox 3ca34568c2 Clean up some of the documentation and module code and descriptions 2022-09-23 09:38:12 -05:00
h00die-gr3y 5ed7ff7f52 init commit module and documentation 2022-09-23 09:38:05 -05:00
h00die 86cad29799 wp masterstudy review 2022-03-06 08:07:20 -05:00
h00die 2195edbb8d masterstudy privesc 2022-02-25 16:36:47 -05:00
space-r7 bb00575acb add command for starting docker env 2022-01-11 17:07:36 -06:00
h00die 87031de384 fix doc numbering 2022-01-02 11:57:32 -05:00
h00die 8a1ac9d51d move pihole docs 2022-01-02 11:56:04 -05:00
h00die c3e0f455ec some cleanup for rubocop 2021-12-30 15:35:22 -05:00
h00die b39196fd0f review comments 2021-11-04 15:28:05 -04:00
h00die 1e9af10a21 pr review 2021-10-21 17:25:14 -04:00
h00die 5235f69e7e update wp_automatic docs 2021-10-17 15:38:38 -04:00
h00die 165acca028 wp_automatic_plugin 2021-10-17 13:04:38 -04:00
h00die 43d77d63ce ghostcat meta updates 2021-10-03 16:30:12 -04:00
Grant Willcox 9deffb1848 Fix up a bug and resolve Christophe's review comments 2021-09-23 16:45:15 -05:00
Grant Willcox 061240367d Push up changes to support saving WiFi credentials captured to the database, as well as to fix issues noticed during the review process 2021-09-23 13:31:27 -05:00
Grant Willcox 1ca075fb4f Fix up RuboCop issues 2021-09-22 14:06:06 -05:00
Grant Willcox d4474b0706 Add in refined XPATH searches to module, ability to automatically get a session, improved error handling, documenation for module, and general improvements 2021-09-22 14:01:49 -05:00
Grant Willcox a518fcac98 Add in timeout to 10th and final request to prevent module from throwing errors like it isn't working when it really is 2021-07-28 11:32:47 -05:00
Grant Willcox a53411229f Move files over to start work on converting this into an auxiliary module 2021-07-27 13:00:17 -05:00
Grant Willcox 7c23f7f546 Fix a minor issue where one command wasn't properly documented in a manner that allowed for easy copy and pasting 2021-04-09 16:29:24 -05:00
Grant Willcox 608ac3a0b7 Update module description to clean it up and also add documentation for uncommon options 2021-04-09 16:09:02 -05:00
Alan Foster 8814218f20 Update tomcat ghost module with default ports 2021-04-08 10:29:09 +01:00
Brendan Coles bc1ffec2c1 Update ScadaBR Credentials Dumper module 2021-02-22 20:32:55 +00:00
firefart f9e8ac8f58 update more references 2021-02-08 17:48:54 +01:00
SunCSR Team 2d99a07b12 Update and rename documentation/modules/exploit/windows/http/tomcat_ghostcat.md to documentation/modules/auxiliary/admin/http/tomcat_ghostcat.md 2020-11-16 21:03:00 +07:00
Shelby Pace 39284d4263 align logging line, fix msftidy_docs warning 2020-08-21 14:55:45 -05:00
debifrank 7598c9ec80 Create cisco_7937g_ssh_privesc.md 2020-08-21 13:39:00 -04:00
gwillcox-r7 fdfef2729f Update documentation and modules to better list the range of versions affected now that we know which versions we can target and the CVE IDs. Also update the firmware links to archive.org links in case they ever get removed which is more common than you think 2020-07-01 13:28:46 -05:00
gwillcox-r7 ddb41d5a50 Update module and documentation with new output from the exploit 2020-07-01 13:28:32 -05:00
gwillcox-r7 3db867e5eb Futher updates to the module documentation since technically this module doesn't send the packet to UDP port 23 to enable the telnet server. 2020-07-01 13:28:15 -05:00
Radek Domanski 1e520f27e9 Updating md as per comments 2020-07-01 13:27:32 -05:00
Radek Domanski a19c50044f Fixing firmware download link 2020-07-01 13:27:30 -05:00