adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3661 Commits

Author SHA1 Message Date
Ron Bowes 1094221468 Merge branch 'rapid7:master' into f5-createuser-privesc 2023-02-01 10:20:43 -08:00
Ron Bowes 638a1c519d Update documentation/modules/exploit/linux/local/f5_create_user.md 
Better demo exploit

Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-02-01 10:14:25 -08:00
h00die 5a374533af cve-2022-1043 2023-01-31 16:02:25 -05:00
h00die 8d58eb6279 cve-2022-1043 2023-01-31 16:02:25 -05:00
Jack Heysel 022760d24a Land #17300, linux LPE cve-2022-22942 module 
This PR adds a linux priv esc against VMWare virtual machines
 with kernel 4.14-rc1 - 5.17-rc1 due to a VMWare driver bug.
 2023-01-31 14:07:55 -05:00
adfoster-r7 bbf17c167c Land #17511, add exploit for CVE-2022-44877 command injection in CentOS Control Web Panel 2023-01-31 14:05:19 +00:00
Christophe De La Fuente f676568d89 Fix CVE 2023-01-30 12:18:08 +01:00
Christophe De La Fuente a5ba1245c2 Fix CVE 2023-01-30 12:15:14 +01:00
h00die-gr3y a2f4a27614 updated module and added documentation 2023-01-29 10:06:14 +00:00
h00die 62d43a6e96 use exploit retry function 2023-01-28 07:44:53 -05:00
bcoles e11aaa8027 modules/exploits/multi/local: Resolve Rubocop and msftidy_docs violations 2023-01-28 15:02:24 +11:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Christophe De La Fuente e01239cf7b Add exploit module and documentation 2023-01-26 21:53:14 +01:00
adfoster-r7 672fb9ce9f Land #17460, add support for feature kerberos authentication 2023-01-26 17:47:27 +00:00
Christophe De La Fuente 2be22752be Add Linuc specifics and documentation 2023-01-26 16:16:00 +01:00
Spencer McIntyre f81195d0cc Fix a typo 2023-01-25 13:45:18 -05:00
space-r7 153af9fb68 Land #17407, add Cacti unauth command injection 2023-01-23 13:06:46 -06:00
Spencer McIntyre 6fe0933c1e Add exploit for CVE-2022-44877 2023-01-20 09:04:24 -05:00
h00die 633c58a0ff tomcat on rhel priv esc 2023-01-19 15:28:10 -05:00
Jack Heysel 4da94325f3 Rubocop 2023-01-19 13:52:58 -05:00
Jack Heysel 63d9445911 Fix for Win Server 2022 and 2019 2023-01-19 00:52:38 -05:00
Jack Heysel 2c2bfec4a0 Tested on Windows Build 19044, 19045 and 22000 2023-01-18 01:41:30 -05:00
h00die be7ca91a8f cve-2022-22942 2023-01-17 15:30:36 -05:00
Grant Willcox 7e23c34e6c Apply fixes per code review 2023-01-17 12:44:22 -06:00
h00die-gr3y da3ae22135 added documentation 2023-01-17 12:44:20 -06:00
h00die 0ac4d3d2e6 doc how to set permissions on service 2023-01-13 17:07:17 -05:00
Spencer McIntyre 3ddcf73c2b Remove the QUICK option altogether 
Use blocks to check whether each service is exploitable as they are
enumerated. With this change, it is the service and path enumeration
halts once an exploitable one is found that yields a session.

Also all files are registered for cleanup.
 2023-01-13 17:06:42 -05:00
h00die 90a12cf3b0 unquoted service path tweaks 2023-01-13 17:06:42 -05:00
h00die c52eb09cbb unquoted service path tweaks 2023-01-13 17:06:42 -05:00
adfoster-r7 eddac9321c Merge 6.2.36 master into kerberos feature branch 2023-01-13 17:31:02 +00:00
Grant Willcox f39973de86 Fix up missing option in documentation and also add some additional validation on server response. 2023-01-04 17:02:05 -06:00
h00die-gr3y c7b59b4815 updates based on gwillcox-r7 review comments 2023-01-04 17:02:04 -06:00
h00die-gr3y 6801cbd21e updated Limitation section 2023-01-04 17:02:03 -06:00
h00die-gr3y fc6acdab6a added documentation 2023-01-04 17:01:59 -06:00
Christophe De La Fuente 868072e6c8 Land #17317, Fix various WinRM modules 2023-01-03 19:57:07 +01:00
Christophe De La Fuente 20d70799a7 Land #17298, Add opentsdb_yrange_cmd_injection module and docs 2022-12-23 13:38:58 +01:00
ErikWynter 8f96746551 fix typo and add credit for discovery 2022-12-23 11:11:31 +02:00
ErikWynter 4c2dfe0279 add cacti_unauthenticated_cmd_injection 2022-12-22 17:55:45 +02:00
Ron Bowes 2ec77e6d95 Merge branch 'master' into f5-createuser-privesc 2022-12-15 13:11:26 -08:00
Steffen Robertz cc5c405941 Unauthenticated RCE for multiple Zyxel Router changes 2022-12-15 21:44:57 +01:00
Steffen Robertz 1b690283db Unauthenticated RCE for multiple Zyxel Router 2022-12-15 11:50:48 +01:00
Christophe De La Fuente 2a28af208d Land #16992, Syncovery For Linux - Auth. RCE (CVE-2022-36534) 2022-12-14 13:43:00 +01:00
Christophe De La Fuente d6a5590c06 Land #17265, Add Exploit for CVE-2020-25736 2022-12-13 18:49:56 +01:00
Jack Heysel 2fa7e7b2d5 Lenovo Diagnostics Driver Privilege Escaltion (CVE-2022-3699) 2022-12-12 21:53:53 -05:00
space-r7 6885e576ed add note about uninstalling the helper tool 2022-12-12 16:35:44 -06:00
Tod Beardsley 97a9fb6650 Update docs for Acronis module 
Note that uninstalling the module doesn't necessarily uninstall the vulnerable service, so call that out to people who are testing this module so they have a chance to do more thorough cleanup after testing.
 2022-12-06 11:08:31 -06:00
Christophe De La Fuente e7e2849f6d Land #17183, Zimbra fixes 2022-12-06 15:38:37 +01:00
bwatters 54cd055276 Land #17286, CVE-2021-22015 vCenter priv esc 
Merge branch 'land-17286' into upstream-master
 2022-12-05 09:31:01 -06:00
Heyder Andrade 5c3ac339d0 Apply suggestions from code review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-12-04 12:13:50 +01:00
whoot 04e5aa3033 apply suggestions 2022-12-02 16:05:01 +01:00