adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3661 Commits

Author SHA1 Message Date
Ron Bowes ab2042f34e Add patch notes to the Slapper module documentation 2022-10-25 10:04:52 -07:00
Ron Bowes 3ac3fa6c32 Move the Zimbra Slapper doc to the right folder (Windows -> Linux) 2022-10-25 09:51:27 -07:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
h00die-gr3y c1aed2d274 Fixed typos documentation 2022-10-21 13:20:37 +00:00
h00die-gr3y 1c393dc596 init commit module and documentation 2022-10-21 12:50:46 +00:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
Christophe De La Fuente c89569d88c Fix the doc to make msftidy_docs.rb happy 2022-10-20 14:33:40 +02:00
bwatters 73c879a854 Add docs 2022-10-19 17:59:54 -05:00
Ron Bowes d8a5629cf4 Add Zimbra-installation notes 2022-10-19 10:05:20 -07:00
Ron Bowes 56d6f7747b Remove some old code and update documentation with version info 2022-10-19 10:02:29 -07:00
Christophe De La Fuente c43272985e Land #17141, Zimbra Postfix priv esc 2022-10-19 10:33:37 +02:00
Christophe De La Fuente fa67b6973d Documentation fix to follow the template 2022-10-18 16:09:57 +02:00
Ron Bowes dea3f72f6b Resolve feedback - get rid of unnecessary directory, add CVE number, let the user choose the path 2022-10-17 15:00:56 -07:00
Heyder Andrade 26ed9bb053 Update documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-17 22:49:57 +02:00
h00die 05b80631f3 update remote mouse version checks 2022-10-17 15:30:17 -04:00
h00die 08deb21ae3 update remote mouse version checks 2022-10-17 15:29:10 -04:00
Heyder Andrade aece783cee Added reference to user auto-detect method 2022-10-17 01:11:27 +02:00
Heyder Andrade 0b09e564f1 Improved documentation 2022-10-16 14:25:54 +02:00
Heyder Andrade 835b44ca7a Added documentation 2022-10-16 13:42:21 +02:00
Ron Bowes a2a2dcbf6f Check in zimbra_postfix_priv_esc.rb 2022-10-14 13:21:41 -07:00
Grant Willcox a3e32ffafa Add TARGET 0 to documentation 2022-10-12 20:00:33 -05:00
Grant Willcox e9f54aa5b8 Update documentation with better wording, and add randomization of parameter name to module along with cleanup code for deleting uploaded files 2022-10-12 19:16:52 -05:00
Jack Heysel 9652823393 Reverted check method to upload shell 2022-10-12 19:16:44 -05:00
Jack Heysel 3c27c8e5aa Condensed payload, changed base64 encoding to hex 2022-10-12 19:12:35 -05:00
Jack Heysel e4eac96b4b Add Module for pfSense pfBlockerNG unauth RCE as root 2022-10-12 19:12:22 -05:00
Grant Willcox f92d913f0c Land #17116, Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 2022-10-12 11:53:47 -05:00
Grant Willcox 487a26ee0f Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs 2022-10-12 11:19:47 -05:00
Ayantaker 9abaa00b9e Adding some changes to documentation as per review comments 2022-10-12 11:36:35 -04:00
Ayantaker e75438d0b2 Documentation fix and minor fixes 
Fixed the documentation according to msftidy's suggestion and removed a few unessary parts of code
 2022-10-11 18:17:52 -04:00
Grant Willcox 45aa09411e First round of edits from review 2022-10-11 15:46:04 -05:00
JustAnda7 412a07df54 Fixed #16674 2022-10-07 14:35:21 -04:00
Ayantaker c8cd6a7864 Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 
CVE-2022-22947 exploits Spring Cloud Gateway. The module has been tested with Spring Cloud gateway version 3.1.0 on Linux kali 5.18.0-kali5-amd64
 2022-10-06 15:48:36 -04:00
Ron Bowes 48dd4693df Add docs for CVE-2022-41352 (zimbra cpio), and fix some text 2022-10-06 10:46:48 -07:00
Jack Heysel 0145264046 Land #17093, add Enlightenment priv esc module 
This PR adds a local priv esc for Enlightenment on Ubuntu
which exploit a simple cmd injection
 2022-10-04 14:09:18 -04:00
space-r7 63af4e3702 Land #17067, add remote mouse rce 2022-10-04 11:40:33 -05:00
h00die b7073df1e0 review comments 2022-10-03 16:53:14 -04:00
h00die 68b2aec6fb review comments 2022-10-03 15:25:53 -04:00
krastanoel 95503be49a Update documentation 2022-10-03 19:57:25 +07:00
h00die c6e18ee469 cve-2022-1329 2022-10-02 15:59:58 -04:00
h00die e78babea90 cve-2022-37706 2022-10-01 11:24:29 -04:00
krastanoel 36f3a7ce11 update options description 2022-09-30 16:57:59 +07:00
bwatters 76c6632305 Land #16673, qdPM 9.1 - Authenticated Remote Code Execution (CVE-2020-7246) 
Merge branch 'land-16673' into upstream-master
 2022-09-29 09:46:27 -05:00
Jack Heysel 379f303ea8 Land #17061, Mobile Mouse Server RCE 
This PR includes a module that uses default
configuration in Unified Remote to spawn a
run prompt and return a shell.
 2022-09-28 10:48:41 -04:00
bwatters e27dbd2787 Land #16794,Add exploit for CVE-2022-34918 
Merge branch 'land-16794' into upstream-master
 2022-09-27 16:37:52 -05:00
h00die 391a27b08c remote mouse rce 2022-09-27 16:37:42 -04:00
h00die a39b1c9fe5 msftidy_docs 2022-09-26 15:56:43 -04:00
h00die 61f576d3e1 mobile mouse server exploit 2022-09-26 15:45:42 -04:00
Grant Willcox 0908006466 Land #16985, wifi mouse rce - CVE-2022-3218 2022-09-23 14:46:49 -05:00
Grant Willcox b62f163696 Update documentation on module and exploit a little more to make things a bit clearer 2022-09-23 14:08:18 -05:00