adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
h00die f77e7db637 woocommerce payments auth bypass 2023-07-04 13:09:27 -04:00
h00die 375a315b3d woocommerce payments auth bypass 2023-07-04 13:05:07 -04:00
Guilhem RIOUX 068a81a638 First remove the check after the triggering payload as it is not reliable. Adding the documentation after checking it with the dev tool 2023-06-28 08:53:50 +02:00
Spencer McIntyre 67f7a33d77 Land #18114, .NET assembly execution enhancements 
Allow .NET assembly execution within the meterpreter process
 2023-06-27 09:32:43 -04:00
Joshua Rogers 1e7af0457a Update jenkins_gather.md 
Change Windows default to C:\ProgramData\Jenkins\.jenkins.
 2023-06-26 21:29:27 +02:00
Jack Heysel bf1e6bddd1 Land #18134, Add exploit for CVE-2023-25194 
This exploits a Java deserialization vulnerbility
in Apache Druid which arises from a JNDI injection
within Apache Kafka clients.
 2023-06-23 16:52:04 -04:00
dwelch-r7 d68eb84334 Land #18065, Updates jenkins_gather module to work with newer version of Jenkins 2023-06-23 10:44:06 +01:00
cgranleese-r7 9176d0d3e0 Updates jenkins_gather to work with newer version of Jenkins 2023-06-23 10:02:03 +01:00
Heyder Andrade b026b38851 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-06-23 09:36:50 +02:00
Spencer McIntyre b5e028b47c Land #18100, Add MOVEit CVE-2023-34362 2023-06-22 14:23:44 -04:00
Spencer McIntyre dfd450561e Tweak some messages and cleanup markdown table 2023-06-22 14:23:25 -04:00
Redwaysecurity.com 77bb6759a6 Review suggestions 2023-06-22 18:12:13 +02:00
bwatters 5f667e1d79 Address code review 2023-06-22 10:22:43 -05:00
dwelch-r7 e298788a28 Land #18049, Update jenkins login scanner to work with newer versions 2023-06-22 14:04:24 +01:00
Redwaysecurity.com e2fc3c5eff Fixed documentation offenses 2023-06-22 14:48:16 +02:00
Redwaysecurity.com a8332e6064 Added exploit for CVE-2023-25194 2023-06-22 14:17:32 +02:00
bwatters 2adea08f67 Add documentation & code cleanup 2023-06-21 15:41:50 -05:00
Nishant Desai 823824163e Documentation-of-Capturing-Simple-Auth 2023-06-21 13:29:25 +00:00
cgranleese-r7 0609d246f3 adds more future proofing to implementation 2023-06-21 14:19:24 +01:00
Ashley Donaldson 6e438d338e Modify execute_dotnet_assembly to run in existing processes (including our own process) and receive output. 2023-06-21 12:04:09 +10:00
space-r7 9776a6eb4a Land #18078, add SID support for icpr_cert 
pulls in latest changes
 2023-06-15 13:39:31 -05:00
space-r7 5b77805d68 Land #18078, add support for SID in icpr_cert 2023-06-15 13:17:09 -05:00
adfoster-r7 51dc30909a Land #17670, add module to exploit CVE-2019-16328 2023-06-14 23:30:33 +01:00
Spencer McIntyre ae4faca1ba Update module docs to discuss KB5014754 changes 2023-06-14 16:18:04 -04:00
Jack Heysel c98cc00de9 Land #18075, RocketMQ version scanner 2023-06-13 18:15:34 -04:00
space-r7 7af22bfd41 Land #18077, add Symmetricom unauth cmd injection 2023-06-13 17:07:16 -05:00
space-r7 0d85c9e380 add module documentation 2023-06-13 13:14:51 -05:00
h00die-gr3y 4479d94658 Updates based on review comments from space-r7 and jvoisin 2023-06-12 19:28:08 +00:00
h00die-gr3y 7cd3854208 Removed Webshell upload and updated documentation 2023-06-12 13:58:59 +00:00
h00die-gr3y db8a49cc99 Updated documentation 2023-06-10 12:14:05 +00:00
h00die-gr3y 417c9fa591 init commit module and documentation 2023-06-10 09:42:32 +00:00
space-r7 c9af514be4 Land #18063, add TerraMaster webshell upload 2023-06-09 17:55:32 -05:00
Spencer McIntyre 4c817ce1de Land #17946, CVE-2023-21839 - Oracle Weblogic RCE 
CVE-2023-21839 - Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization
 2023-06-09 14:55:43 -04:00
space-r7 c8609d7983 Land #18070, add TerraMaster chained exp module 2023-06-09 12:29:47 -05:00
sfewer-r7 27f5a789c9 rework the exploit to use the new MIPS64 fetch payload adapters. Removed the seperate command and dropper targets in favor of a single default target which can do both thanks to fetch payloads. Removed the redundant IO select() call which was bad copy pasta on my part. 2023-06-09 09:47:57 +01:00
Stephen Fewer a1528556e0 Merge branch 'rapid7:master' into CVE-2023-28771 2023-06-09 09:42:19 +01:00
Spencer McIntyre 238118e8b5 Update module docs to discuss KB5014754 changes 2023-06-08 15:10:35 -04:00
Spencer McIntyre 5b5c29842c Land #18022, Add post/windows/manage/make_token 
Add update_token to MSF + make_token post-ex module
 2023-06-08 14:53:22 -04:00
Spencer McIntyre d8870d7876 Address msftidy_docs complaints 2023-06-08 14:52:57 -04:00
Grant Willcox a1e930397a Land #18072, Add CVE-2023-1133 - .NET Deserialization exploit for Delta Electronics InfraSuite Device Master 2023-06-08 08:42:07 -05:00
h00die-gr3y 0bcd930f61 Updated NAS model and version check 2023-06-08 09:12:45 +00:00
h00die-gr3y b3b0cb4ccf Updates based on space-r7 comments 2023-06-08 07:39:44 +00:00
space-r7 74dd134783 add options in scenarios output 2023-06-07 17:15:28 -05:00
Grant Willcox 4465582fee Add in link to archived version of the installer 2023-06-07 16:51:01 -05:00
Shelby Pace 2738906f87 Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:44 -05:00
Shelby Pace 54649fb856 Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:37 -05:00
Shelby Pace 4377ff037a Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:28 -05:00
Shelby Pace 60c642bcd0 Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:19 -05:00
h00die e3bcc9ac08 rocketmq version scanner 2023-06-07 17:29:53 -04:00
Christophe De La Fuente 82c8b5418e Land #17936, PaperCutNG Authentication Bypass with RCE 2023-06-07 15:05:51 +02:00