a7402fb5f1
Land #18205 , Add rudder-server SQLI RCE (CVE-2023-30625) exploit
2023-07-31 15:15:07 +02:00
154387f99a
Add additional installation instructions and scenarios
2023-07-30 07:28:16 -04:00
19ef0cc4f9
Added documentation and fixed a typo in the module description
2023-07-28 21:30:24 +00:00
c4d089b884
Merge branch 'rapid7:master' into subrion_cms_file_upload_rce
2023-07-28 23:13:11 +03:00
0996938113
Add note for Windows compatibility
2023-07-28 17:06:38 +02:00
40ef9d496a
add docs for wd_mycloud_unauthenticated_cmd_injection
2023-07-28 10:16:50 +03:00
6b11439fa1
Remove basic auth and API_USER/PASS options
2023-07-28 00:44:44 +02:00
103f9a3f60
Update install instructions and scenario
2023-07-26 18:08:54 +02:00
00f2fe03be
Update documentation/modules/exploit/multi/http/rudder_server_sqli_rce.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-07-26 16:26:17 +02:00
fa3638b10e
Update documentation/modules/exploit/multi/http/rudder_server_sqli_rce.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-07-26 16:26:17 +02:00
5018c0cdc5
Add documentation
2023-07-26 16:26:17 +02:00
867282ba96
Merge branch 'rapid7:master' into subrion_cms_file_upload_rce
2023-07-25 23:09:30 +03:00
c7f8ce5acd
Land #18199 , VMWare vRealize Network Insight pre-authenticated RCE CVE-2023-20887
2023-07-25 17:45:30 +02:00
78c1f75f2a
Merge branch 'rapid7:master' into subrion_cms_file_upload_rce
2023-07-25 18:01:08 +03:00
52b417b1af
Update documentation/modules/exploit/multi/http/wp_plugin_fma_shortcode_unauth_rce.md
2023-07-25 14:06:45 +01:00
c1d84e950c
Update based on bwatters-r7 comments
2023-07-25 14:06:44 +01:00
a3daab88e6
Added documentation and updated exploitable plugins list
2023-07-25 14:06:42 +01:00
3ce382dcc2
Fix issues with msftidy_docs.rb
2023-07-25 03:48:58 -04:00
568849fad3
Add scenario for Ubuntu 20.04
2023-07-24 11:03:49 -04:00
4e16307165
Add module and documentation for Subrion CMS v4.2.1 RCE
2023-07-21 17:22:58 -04:00
586971c1fd
Fix incomplete copy pasta in docs
2023-07-21 14:38:07 -04:00
ee26e7f926
Rubocop fixes
2023-07-20 16:40:28 -04:00
421b06119f
Update docs
2023-07-20 14:55:27 -04:00
d03157fcc1
Installation instructions
2023-07-19 14:23:17 -04:00
530934f78a
review comments
2023-07-19 11:42:47 -04:00
297c484a1c
Land #18173 , Add Openfire Authentication Bypass RCE [CVE-2023-32315]
...
Merge branch 'land-18173' into upstream-master
2023-07-18 18:13:20 -05:00
10c1b79c37
Land #17861 , pfSense Config Data RCE as root
...
This module exploits a vulnerability in pfSense version
2.6.0 and below which allows for authenticated users to
execute arbitrary operating systems commands as root.
2023-07-12 14:32:06 -04:00
34f25fbb65
pfSense Config Data Remote Command Execution as root (CVE-2023-27253) Module
2023-07-12 13:27:02 -04:00
a3ea55f2a6
added documentation
2023-07-08 12:30:54 +00:00
e274b96a13
Updating documentation
2023-07-08 07:29:38 +02:00
1706812099
Implemented requested changes
...
* Small fixes in Description - removed backticks
* Implemented Windows Command target
* Removed PowerShell Stager, in Targets and in exploit method
* Implemented Rex::Socket::Tcp in place of TCPSocket
* Updated TARGET section in documentation
* Added TARGET 0 - Windows Command scenario
* Removed PowerShell Stager scenario
* Replaced 'Using configured payload' lines to use Windows Command payload
for the 2nd, 3rd, and 4th scenarios. Did not rerun the scenarios, however
2023-07-07 04:14:20 -04:00
24ef4e1b90
Update documentation/modules/exploit/windows/http/smartermail_rce.md
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-07-06 18:49:49 +03:00
ad0d3e79a9
SmarterMail RCE module and documentation
2023-07-06 08:00:28 -04:00
f1b5cd46f4
Apache RocketMQ update config RCE
2023-07-05 12:38:51 -04:00
068a81a638
First remove the check after the triggering payload as it is not reliable. Adding the documentation after checking it with the dev tool
2023-06-28 08:53:50 +02:00
bf1e6bddd1
Land #18134 , Add exploit for CVE-2023-25194
...
This exploits a Java deserialization vulnerbility
in Apache Druid which arises from a JNDI injection
within Apache Kafka clients.
2023-06-23 16:52:04 -04:00
b026b38851
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-06-23 09:36:50 +02:00
b5e028b47c
Land #18100 , Add MOVEit CVE-2023-34362
2023-06-22 14:23:44 -04:00
dfd450561e
Tweak some messages and cleanup markdown table
2023-06-22 14:23:25 -04:00
77bb6759a6
Review suggestions
2023-06-22 18:12:13 +02:00
5f667e1d79
Address code review
2023-06-22 10:22:43 -05:00
e298788a28
Land #18049 , Update jenkins login scanner to work with newer versions
2023-06-22 14:04:24 +01:00
e2fc3c5eff
Fixed documentation offenses
2023-06-22 14:48:16 +02:00
a8332e6064
Added exploit for CVE-2023-25194
2023-06-22 14:17:32 +02:00
2adea08f67
Add documentation & code cleanup
2023-06-21 15:41:50 -05:00
0609d246f3
adds more future proofing to implementation
2023-06-21 14:19:24 +01:00
7af22bfd41
Land #18077 , add Symmetricom unauth cmd injection
2023-06-13 17:07:16 -05:00
0d85c9e380
add module documentation
2023-06-13 13:14:51 -05:00
4479d94658
Updates based on review comments from space-r7 and jvoisin
2023-06-12 19:28:08 +00:00
7cd3854208
Removed Webshell upload and updated documentation
2023-06-12 13:58:59 +00:00
Christophe De La Fuente