adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1851 Commits

Author SHA1 Message Date
Grant Willcox 1fd2d41835 Fix typos and add dig for safe navigation 2023-05-31 10:34:10 -05:00
Grant Willcox cf9f9905e3 Fix more typos 2023-05-30 17:30:57 -05:00
Grant Willcox c0671c325a Touch up typos in documentation 2023-05-30 15:27:31 -05:00
Christophe De La Fuente ef89219715 Land #17899, Dolibarr 16 unauthenticated contact database dump 2023-05-30 16:41:28 +02:00
Jack Heysel b575f92d0a Minor fix in vsftpd docs 2023-05-29 17:55:36 -04:00
Jack Heysel 0b9aff0661 Land #18004, VSFTPD Dos Module 
This PR adds a dos module for cve-2011-0762
which exploits the vsftpd server
 2023-05-29 17:39:02 -04:00
jheysel-r7 1018ed1aaf Update documentation/modules/auxiliary/dos/ftp/vsftpd_232.md 2023-05-29 15:40:42 -04:00
h00die 5f308e0176 gitlab file read CVE-2023-2825 2023-05-29 00:55:02 -04:00
h00die 0ccfa4af87 gitlab file read CVE-2023-2825 2023-05-29 00:48:15 -04:00
h00die cf2ca434a8 spelling 2023-05-26 15:53:16 -04:00
h00die 93479be5e6 review comments 2023-05-26 15:47:22 -04:00
RadioLogic 573eb4bda4 Merge branch 'master' into archer_c7_traversal 2023-05-26 01:48:43 -04:00
RadioLogic 250a8768e3 Updated doc to appease msftidy 2023-05-25 21:28:19 -04:00
RadioLogic 376ef7a8bc Made several fixes for msftidy 2023-05-25 21:16:07 -04:00
h00die 48207dd9f1 apache nifi login module 2023-05-25 16:57:32 -04:00
RadioLogic 72ef6537ef Added tested versions to description 2023-05-25 14:21:52 -04:00
RadioLogic cb8d86651d Added build setup for arch linux 2023-05-25 14:19:44 -04:00
RadioLogic b11b31c9ae Moved docker description into vulnerable application 2023-05-25 14:18:15 -04:00
RadioLogic 1d98cb0069 Added better description to documentation 2023-05-25 13:34:04 -04:00
h00die 7c2790513d apache nifi version scanner 2023-05-24 20:05:34 -04:00
RadioLogic 1c57019096 Merge branch 'master' into vsftpd_232 2023-05-24 10:58:22 -04:00
RadioLogic 9c58289b21 Added container info in documentation 2023-05-24 10:54:31 -04:00
vtoutain e542c50154 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-05-24 09:26:03 +02:00
Spencer McIntyre 120dc877ad Pr/collab/17430 (#41) 
* Prevent using post modules with the session

It doesn't work reliably because of winpty and how the output is
mangled.

* Set the limit correctly

* Fix Linux PTY downgrade issues

* Remove filtering

The filtering implementation is incomplete and unnecessary.

Filtering is unnecessary because Linux sessions execute a stub on
session start up that uses a combiantion of stty and a fifo to emulate a
PTY-less session. Windows sessions do not need filtering because they
have been explictly marked as being incompatible with the Post API which
is confused by the extra characters.

The filtering implementation is incomplete because it does not account for
echo fragments that are split across lines. It also does not account for
all of the ANSI escape codes.

* Add module docs for enum_ssm
 2023-05-22 17:11:16 -04:00
Spencer McIntyre 0a3247f1a7 Add documentation 2023-05-22 10:29:03 -04:00
RadioLogic 3dc9438b3a Added firmware version to documentation 2023-05-21 00:33:33 -04:00
RadioLogic 62f48c5933 Updated vsftpd_232 documentation 2023-05-17 12:01:59 -04:00
RadioLogic 10dd1b8906 Updated scenarios for vsftpd_232 2023-05-17 00:44:46 -04:00
RadioLogic e1a9f61ad9 Added documentation to scanner module 2023-05-17 00:00:00 -04:00
RadioLogic 0e9060e295 Added documentation for module 2023-05-12 14:27:12 -04:00
vtoutain cfea6530a1 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-05-10 11:59:46 +02:00
vtoutain daee69e1d0 Fix msftidy errors 2023-05-10 11:55:50 +02:00
Grant Willcox bf61718fe6 Land #17915, Icinga Web 2 Arbitrary File Read (CVE-2022-24716) 2023-05-03 11:47:26 -05:00
Grant Willcox 818bd4837e Add in additional information about testing on Docker 2023-05-03 10:17:16 -05:00
Grant Willcox 092e4f93ad Fix up incorrect user who we are executing as 2023-05-02 15:50:46 -05:00
Grant Willcox cf6b309904 Add in quick fixes from review 2023-05-02 15:17:02 -05:00
adfoster-r7 7ec7a4c607 Land #17910, Fixes couchdb_login false positives 2023-05-02 17:56:55 +01:00
Christophe De La Fuente 60149259a2 Land #17856, RCE exploit for CVE-2023-26359 (Adobe ColdFusion) and an auxiliary module for arbitrary file read via the same vuln. 2023-04-28 19:27:15 +02:00
vtoutain df6c2bf7eb Documentation update 
Modified the layout according to reviews, updated scenarios output, and added the JSON example output.
 2023-04-24 11:47:21 +02:00
vtoutain e565a8f962 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-24 11:44:52 +02:00
h00die 076760e011 cve-2022-24716 2023-04-21 16:31:07 -04:00
h00die d6c2e4f528 cve-2022-24716 2023-04-21 16:27:52 -04:00
cgranleese-r7 eb4107b5e2 Fixes couchdb login bug 2023-04-21 10:14:22 +01:00
h00die 17f674e3fa review comments 2023-04-20 16:23:52 -04:00
vtoutain d875741c87 Fixed documentation typos 2023-04-19 11:43:08 +02:00
dsecbypass 3b710293f5 Dolibarr 16 unauthenticated contact database dump 
Auxiliary module and documentation.
 2023-04-17 14:52:05 +02:00
h00die 32b6741cd8 joomla api cve-2023-23752 2023-04-16 22:54:54 -04:00
sfewer-r7 5d05754d9b update the AKB URL to reference the changed CVE 2023-04-14 17:44:38 +01:00
sfewer-r7 e6211175b3 rename the files to the correct CVE 2023-04-14 15:52:13 +01:00
sfewer-r7 b5ea420760 On April 12 Adobe reclassified CVE-2023-26360 from an Improper Access Controll vuln to a Deserialization of Untrusted Data vuln. A private report has confirmed that CVE-2023-26359 is a similar yet seperate vuln, so I am changing the CVE associated with these two modules from CVE-2023-26359 to CVE-2023-26360 as we now beliee this is the correct CVE. 2023-04-14 15:49:10 +01:00