adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3661 Commits

Author SHA1 Message Date
Spencer McIntyre deabf9b1d8 Add module docs 2024-01-24 12:49:27 -05:00
Jack Heysel c278ef9b73 Land #18648, Add Module for GL.iNet products 
This PR adds an exploit module for a number of
different GL.iNet network products. The module combines
an auth by-pass CVE-2023-50919 with an RCE CVE-2023-50445.
 2024-01-23 14:57:29 -05:00
jheysel-r7 13d2968fad Capitalize remaining references to Meterpreter 2024-01-23 13:11:03 -05:00
Jack Heysel 904e34434e Land #18626, SaltStack Minion Deployer 
This PR adds an exploit module which allows for
a user who has compromised a host acting as a
SaltStack Master to deploy payloads to the Minions
attached to that Master.
 2024-01-23 11:58:38 -05:00
bwatters 46a0052286 Land #18568, added exploit for CVE-2023-32781 - PRTG authenticated RCE 
Merge branch 'land-18568' into upstream-master
 2024-01-22 11:35:38 -06:00
Spencer McIntyre 06dcc82ced Land #18630, Add CVE-2023-50917: MajorDoMo RCE 
Add CVE-2023-50917: MajorDoMo Command Injection Module
 2024-01-19 17:10:40 -05:00
bwatters fadb0f45dd Land #18708, Ivanti Connect Secure RCE exploit module (CVE-2023-46805 and CVE-2024-21887) 
Merge branch 'land-18708' into upstream-master
 2024-01-19 15:47:43 -06:00
ekalinichev-r7 847a72c417 Land #18638, add exploit for CVE-2022-42889 Apache Commons Text RCE 2024-01-19 13:02:53 +01:00
Stephen Fewer 5ba4aba912 Update documentation/modules/exploit/linux/http/ivanti_connect_secure_rce_cve_2023_46805.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-18 09:18:28 +00:00
Christophe De La Fuente b8aa55c322 Land #18633, WordPress Backup Migration Plugin PHP Filter Chain RCE (CVE-2023-6553) 2024-01-17 18:42:52 +01:00
Christophe De La Fuente a8d46b3e7a Land #18627, Ansible: post gather module, payload deployer, and file reader 2024-01-17 15:26:25 +01:00
sfewer-r7 2919b36f2b add in docs 2024-01-17 10:25:04 +00:00
h00die d7cf9155a6 ofbiz working for 18.12.09 2024-01-16 20:06:11 -05:00
h00die-gr3y e7f2abbf9e Small typo update 2024-01-14 19:26:10 +00:00
Gaurav Jain 225ef6847f Add output from test run on windows target 2024-01-15 00:26:47 +05:30
Jack Heysel 6d8666e35b Fixed spacing and removed unused method 2024-01-11 13:13:57 -05:00
Jack Heysel cdc66dd91f Last minute fix 2024-01-11 12:56:01 -05:00
Jack Heysel 5c7061cc0c Remove OS dependant payload 2024-01-11 12:30:04 -05:00
h00die e711c9ea43 ansible review 2024-01-10 17:16:57 -05:00
h00die 2cfcb74303 saltstack review 2024-01-10 17:09:02 -05:00
h00die e9296d1add saltstack review 2024-01-10 17:04:03 -05:00
h00die 6de51a5047 non-working module 2024-01-08 19:49:47 -05:00
h00die 077cad34ab non-working module 2024-01-08 19:47:24 -05:00
h00die-gr3y 85897a2596 update adding aarch64 architecture and some new targets 2024-01-06 17:26:38 +00:00
h00die 80e9f1b97d saltstack salt-master review 2024-01-06 06:38:59 -05:00
Gaurav Jain 98667edf76 Add suggested changes 2024-01-05 22:31:51 +05:30
Spencer McIntyre 2028fbd226 Land #18404, Working Module for CVE-2023-38146 2024-01-04 12:20:26 -05:00
h00die-gr3y 9bb7e0e379 small update to documentation 2024-01-04 14:04:34 +00:00
h00die-gr3y adf455e8cb Third release of module and documentation 2024-01-04 14:01:37 +00:00
h00die-gr3y b2312c97d3 Second release of module and documentation 2024-01-04 09:26:16 +00:00
Gaurav Jain d0beea91bd Add exploit for CVE-2022-42889 2023-12-25 00:43:50 +05:30
h00die 11c12fcb6d review comments 2023-12-23 13:23:34 -05:00
h00die a5698f6aa6 review comments 2023-12-23 12:18:06 -05:00
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Balgogan 0a2dea523f Add suggested changes 2023-12-22 00:04:54 +01:00
bwatters ce43db0904 Fix TBDs and give better documentation. 2023-12-21 16:18:36 -06:00
bwatters 78bac2636b Add documentation 2023-12-20 18:44:05 -06:00
Jack Heysel eeb74cd5e1 Updated metadata 2023-12-20 16:49:45 -05:00
Jack Heysel e3062d45e0 Module working docs updated 2023-12-20 16:41:52 -05:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Christophe De La Fuente 7ca256560d Land #18542, Vinchin Backup & Recovery Command Injection 2023-12-20 18:56:50 +01:00
Balgogan 22a05c8bf5 Add CVE-2023-50917 2023-12-20 00:43:00 +01:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
Jack Heysel c895364675 Initial commit, files created 2023-12-18 19:26:14 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die-gr3y 9ac3739605 Minor changes to the documentation 2023-12-17 13:51:30 +00:00
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00