adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
Christophe De La Fuente 991b9604e5 Add options to the documentation 2023-06-07 15:05:12 +02:00
Christophe De La Fuente f88cb3b847 Land #18039, gitlab file read CVE-2023-2825 2023-06-07 13:07:54 +02:00
h00die-gr3y 46fcdb76d5 Updates based on jvoisin comments 2023-06-07 08:27:55 +00:00
h00die 4950cb3424 review adjustments 2023-06-06 16:24:38 -04:00
space-r7 3b53966caa add installation steps 2023-06-06 12:14:14 -05:00
catatonicprime a03603d076 Documentation linting. 2023-06-06 15:35:20 +00:00
h00die-gr3y 2e34d69133 Added documentation 2023-06-06 12:18:59 +00:00
cgranleese-r7 18ddd72285 Update jenkins login scanner to work with newer versions 2023-06-06 11:54:55 +01:00
attl4s ec948b5c16 add documentation 2023-06-06 10:04:57 +02:00
space-r7 5f7ae883f8 add documentation 2023-06-05 17:38:58 -05:00
h00die-gr3y 52745a96d7 Added documentation 2023-06-05 17:18:57 +00:00
Jeffrey Martin 4e91a4e93d refactor archer_c7_traversal as gather module 
* Update modules landed as a scanner into a more appropriate category.
* Adds a check method based on TP-link default `TITLE` html.
* Rename module consistent with existing exploit.
 2023-06-05 09:07:11 -05:00
h00die 8f3325bcf8 move gitlab_auth_subgroups to gahter instead of scanner 2023-06-02 18:06:44 -04:00
Grant Willcox f7d2cdae56 Add in ability to restore settings n documentation changes. 
Previously there was not the ability to restore the server proxy setting.
This updates the code to do so. Additionally this also updates the documentation
to note that Fetch payloads are incompatible with this module since they
use HTTP connections that will be impacted by this module changing the server's
HTTP proxy settings. There is no way around this.
 2023-06-02 09:48:03 -05:00
Grant Willcox 965311d09e Fix documentation and fix bug in creating PARMS value 2023-06-02 09:48:02 -05:00
Grant Willcox 8577f21e52 Add in documentation and updated code 2023-06-02 09:48:01 -05:00
h00die da2e339ae8 review adjustments 2023-06-02 05:15:44 -04:00
Christophe De La Fuente 8ed981e575 Land #18003, Archer c7 traversal 2023-06-01 17:37:13 +02:00
Spencer McIntyre 8378435051 Land #17430, Add AWS SSM Sessions 2023-06-01 11:34:40 -04:00
h00die 1267d067b3 move gitlab_subgroup to gitlab_authenticated_subgroup 2023-05-31 15:29:00 -04:00
Grant Willcox 6756047f1f Land #18028, Add Apache NiFi login scanner module 2023-05-31 12:25:18 -05:00
Grant Willcox ccbdd7870e Update documentation 2023-05-31 11:57:42 -05:00
Grant Willcox 1fd2d41835 Fix typos and add dig for safe navigation 2023-05-31 10:34:10 -05:00
Grant Willcox cf9f9905e3 Fix more typos 2023-05-30 17:30:57 -05:00
Grant Willcox c0671c325a Touch up typos in documentation 2023-05-30 15:27:31 -05:00
Christophe De La Fuente ef89219715 Land #17899, Dolibarr 16 unauthenticated contact database dump 2023-05-30 16:41:28 +02:00
Jack Heysel b575f92d0a Minor fix in vsftpd docs 2023-05-29 17:55:36 -04:00
Jack Heysel 0b9aff0661 Land #18004, VSFTPD Dos Module 
This PR adds a dos module for cve-2011-0762
which exploits the vsftpd server
 2023-05-29 17:39:02 -04:00
jheysel-r7 1018ed1aaf Update documentation/modules/auxiliary/dos/ftp/vsftpd_232.md 2023-05-29 15:40:42 -04:00
h00die 5f308e0176 gitlab file read CVE-2023-2825 2023-05-29 00:55:02 -04:00
h00die 0ccfa4af87 gitlab file read CVE-2023-2825 2023-05-29 00:48:15 -04:00
h00die cf2ca434a8 spelling 2023-05-26 15:53:16 -04:00
h00die 93479be5e6 review comments 2023-05-26 15:47:22 -04:00
RadioLogic 573eb4bda4 Merge branch 'master' into archer_c7_traversal 2023-05-26 01:48:43 -04:00
RadioLogic 250a8768e3 Updated doc to appease msftidy 2023-05-25 21:28:19 -04:00
RadioLogic 376ef7a8bc Made several fixes for msftidy 2023-05-25 21:16:07 -04:00
h00die 48207dd9f1 apache nifi login module 2023-05-25 16:57:32 -04:00
RadioLogic 72ef6537ef Added tested versions to description 2023-05-25 14:21:52 -04:00
RadioLogic cb8d86651d Added build setup for arch linux 2023-05-25 14:19:44 -04:00
RadioLogic b11b31c9ae Moved docker description into vulnerable application 2023-05-25 14:18:15 -04:00
RadioLogic 1d98cb0069 Added better description to documentation 2023-05-25 13:34:04 -04:00
h00die 7c2790513d apache nifi version scanner 2023-05-24 20:05:34 -04:00
Grant Willcox e78cf054b8 Add in EITW notes 2023-05-24 13:17:49 -05:00
Grant Willcox 84961e6e09 Add in documentation 2023-05-24 13:17:49 -05:00
RadioLogic 1c57019096 Merge branch 'master' into vsftpd_232 2023-05-24 10:58:22 -04:00
RadioLogic 9c58289b21 Added container info in documentation 2023-05-24 10:54:31 -04:00
vtoutain e542c50154 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-05-24 09:26:03 +02:00
Spencer McIntyre 9e38ed4459 Land #17929, Linux sudoedit LPE (CVE-2023-22809) 
Linux sudoedit priv esc (CVE-2023-22809)
 2023-05-23 09:30:18 -04:00
Spencer McIntyre 120dc877ad Pr/collab/17430 (#41) 
* Prevent using post modules with the session

It doesn't work reliably because of winpty and how the output is
mangled.

* Set the limit correctly

* Fix Linux PTY downgrade issues

* Remove filtering

The filtering implementation is incomplete and unnecessary.

Filtering is unnecessary because Linux sessions execute a stub on
session start up that uses a combiantion of stty and a fifo to emulate a
PTY-less session. Windows sessions do not need filtering because they
have been explictly marked as being incompatible with the Post API which
is confused by the extra characters.

The filtering implementation is incomplete because it does not account for
echo fragments that are split across lines. It also does not account for
all of the ANSI escape codes.

* Add module docs for enum_ssm
 2023-05-22 17:11:16 -04:00
sfewer-r7 6b101b5a4d make rubocop happy 2023-05-22 18:03:58 +01:00