adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

263 Commits

Author SHA1 Message Date
Christophe De La Fuente 0252429715 Land #18775, Adding new module for MinIO (CVE-2023-28432) 2024-03-11 14:46:59 +01:00
n00bhaxor 35f8c6ce8a Added fixes suggested by reviewer. Added a fix for redirects due to workspaces being case-insensitive. 2024-02-14 09:09:52 -05:00
n00bhaxor fdcd9e26ad Adding module for gitlab_email_disclosure 2024-02-09 20:51:45 -05:00
cudalac 2b01b86374 Adding new module for MinIO 2024-01-31 13:33:04 -05:00
h00die 0394f5f7ad splunk 6.6.0+ 2023-12-20 20:47:04 -05:00
n00bhaxor a31de9eb05 Adding Splunk Info Disclosure module. 2023-12-20 14:07:50 -05:00
Jack Heysel 603e5b2bff Land #18569, Add a module to perform ASREP-roasts 
This adds a module to gather credential material from accounts
with Requires Pre-Authentication disabled. The module supports two
mechanisms, Brute Forcing using a list of usernames or using a LDAP
query to request the relevant usernames, followed by requesting TGTs.
 2023-12-11 19:58:06 -05:00
jheysel-r7 76657c8f14 `Update documentation/modules/auxiliary/gather/owncloud_phpinfo_reader.md 2023-12-05 10:20:51 -05:00
h00die befc87f9f0 owncloud exploit 2023-12-03 15:45:44 -05:00
h00die ea803063b1 owncloud phpinfo reader 2023-12-03 11:04:38 -05:00
Ashley Donaldson 11bcd43562 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-11-30 17:30:59 +11:00
Ashley Donaldson 622277e960 Added documentation for ASREP module 2023-11-24 08:45:26 +11:00
Spencer McIntyre 05dd2e1473 Land #18351, Apache Superset RCE (CVE-2023-37941) 2023-10-12 17:10:10 -04:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
h00die e34ed10eca superset rce more stable 2023-09-15 16:29:05 -04:00
Spencer McIntyre 28c4902f4a Land #18180, Flask unsign library, related modules 
Apache Supserset Priv Esc (CVE-2023-27524) and Flask unsign Library
 2023-09-12 19:02:30 -04:00
Spencer McIntyre c1cabdf099 Process escape sequences in the wordlist 2023-09-12 16:49:38 -04:00
h00die 94657d317b another round of review comments 2023-09-11 14:29:20 -04:00
h00die 2ed001ced2 light review changes 2023-09-11 10:33:43 -04:00
h00die 235c142274 Merge remote-tracking branch 'origin/flask_unsign' into flask_unsign 2023-09-11 10:27:00 -04:00
bwatters fdae4953eb Land #18290, Prometheus API & Prometheus Node Exporter Interrogator 
Merge branch 'land-18290' into upstream-master
 2023-09-08 12:55:30 -05:00
Spencer McIntyre 2ded62a783 Update the module with validation functionality 2023-09-07 16:20:03 -04:00
h00die fa4fabf47b review comments 2023-09-06 16:51:57 -04:00
h00die 213b9f9589 Merge remote-tracking branch 'upstream/master' into flask_unsign 2023-09-06 15:39:37 -04:00
bwatters 53b7f1ba07 Land #18286, roundcube arbitrary file read 
Merge branch 'land-18286' into upstream-master
 2023-09-06 09:43:38 -05:00
cudalac 926bdd03c4 roundcube arbitrary file read 2023-08-25 08:59:53 -04:00
h00die 67768567ac review comments 2023-08-24 17:24:20 -04:00
h00die 43401dd872 review comments 2023-08-24 16:23:41 -04:00
h00die 3879fbed95 elasticsearch enum module enhancements 2023-08-23 18:09:28 -04:00
h00die 79a4cfa9cb elasticsearch enum module enhancements 2023-08-23 18:07:52 -04:00
h00die 8796d5e2d4 elasticsearch enum module enhancements 2023-08-23 18:06:41 -04:00
h00die b5a21f66b5 add docs 2023-08-15 20:30:54 -04:00
cudalac 904e8ba89f roundcube arbitrary file read 2023-08-10 22:45:01 -04:00
h00die 042136cf57 python flask signer module and docs 2023-08-01 18:27:25 -04:00
h00die 7c76196a5b apache superset review 2023-07-28 16:21:23 -04:00
rodnt ddb1cc0497 Fix all warns from msftidy rename the docs with the correct name 2023-07-17 23:57:39 +00:00
rodnt 1e75365f8e Update with all changes proposed by smcintyre-r7 2023-07-13 23:38:55 +00:00
rodnt fb8947aa49 change the comment at mysql image 2023-07-13 12:58:30 +00:00
101719434+rodnt@users.noreply.github.com 5b638bb37b add module and doc for cve-2023-26876 2023-07-12 15:45:40 -03:00
h00die e6f4f441c5 apache supserset exploit 2023-07-11 15:21:39 -04:00
h00die 3d3e2a9e2d apache supserset exploit 2023-07-11 15:19:33 -04:00
Christophe De La Fuente f88cb3b847 Land #18039, gitlab file read CVE-2023-2825 2023-06-07 13:07:54 +02:00
h00die 4950cb3424 review adjustments 2023-06-06 16:24:38 -04:00
Jeffrey Martin 4e91a4e93d refactor archer_c7_traversal as gather module 
* Update modules landed as a scanner into a more appropriate category.
* Adds a check method based on TP-link default `TITLE` html.
* Rename module consistent with existing exploit.
 2023-06-05 09:07:11 -05:00
h00die 8f3325bcf8 move gitlab_auth_subgroups to gahter instead of scanner 2023-06-02 18:06:44 -04:00
sfewer-r7 5d05754d9b update the AKB URL to reference the changed CVE 2023-04-14 17:44:38 +01:00
sfewer-r7 e6211175b3 rename the files to the correct CVE 2023-04-14 15:52:13 +01:00
sfewer-r7 b5ea420760 On April 12 Adobe reclassified CVE-2023-26360 from an Improper Access Controll vuln to a Deserialization of Untrusted Data vuln. A private report has confirmed that CVE-2023-26359 is a similar yet seperate vuln, so I am changing the CVE associated with these two modules from CVE-2023-26359 to CVE-2023-26360 as we now beliee this is the correct CVE. 2023-04-14 15:49:10 +01:00
sfewer-r7 b7f46aab99 split the CFC_METHOD_PARAMETERS by comma and not amperstand 2023-04-13 16:55:34 +01:00
sfewer-r7 ae87f35944 fix two typos in documentation 2023-04-13 15:57:48 +01:00