adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
space-r7 60f6574bf3 Land #17965, add module for AD CS cert management 2023-05-22 09:50:53 -05:00
Spencer McIntyre 0a3247f1a7 Add documentation 2023-05-22 10:29:03 -04:00
RadioLogic 3dc9438b3a Added firmware version to documentation 2023-05-21 00:33:33 -04:00
space-r7 6c88e85d02 Land #17993, add invscout RPM privesc 2023-05-17 18:56:42 -05:00
RadioLogic 62f48c5933 Updated vsftpd_232 documentation 2023-05-17 12:01:59 -04:00
bcoles 0bc1fdf51d Add invscout RPM Privilege Escalation 2023-05-17 20:17:55 +10:00
RadioLogic 10dd1b8906 Updated scenarios for vsftpd_232 2023-05-17 00:44:46 -04:00
RadioLogic e1a9f61ad9 Added documentation to scanner module 2023-05-17 00:00:00 -04:00
Grant Willcox 459cf871cb Land #17979, Add exploit for Ivanti Avalanche file upload - CVE-2023-28128 2023-05-16 09:19:33 -05:00
Grant Willcox ea988f0c78 Add more documentation on how to set the target up based on my own experience and so that we have a backup in case the link to external documentation breaks 2023-05-12 14:27:39 -05:00
RadioLogic 0e9060e295 Added documentation for module 2023-05-12 14:27:12 -04:00
Grant Willcox cf5f90ac4f Minor updates to documentation to tidy things up a bit 2023-05-11 16:48:16 -05:00
space-r7 722de33b6f address feedback, use cleanup to restore path 
fix bug where if config restore failed, module would
output that it was both a failure and a success
add akb topic as reference
 2023-05-11 13:20:25 -05:00
Grant Willcox 020ee7ca5c Land #17964 - Pentaho Business Server Auth Bypass and SSTI - CVE-2022-43769 and CVE-2022-43939 2023-05-11 09:28:55 -05:00
catatonicprime c43eaf86bc Adding documentation. 2023-05-11 05:09:35 +00:00
Grant Willcox 9f6a1c18a1 Minor updates to fix URLs, disclosure date, description, and minor gramatical things 2023-05-10 18:22:00 -05:00
Grant Willcox 9f0a6503b7 require.js is not the only way, account for this new discovery in code 2023-05-10 13:02:02 -05:00
Grant Willcox 5d4e68d36c Add Metasploit payload example and remove message that may suggest successful exploitation occurred even when it didn't 2023-05-10 10:36:29 -05:00
Grant Willcox 1b8f1de7c8 Add in fixes from review, add archive of software, and use uri_encode_mode for encoding parameters. 2023-05-10 10:16:08 -05:00
vtoutain cfea6530a1 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-05-10 11:59:46 +02:00
vtoutain daee69e1d0 Fix msftidy errors 2023-05-10 11:55:50 +02:00
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
Jack Heysel 07056a74bc Pentaho Business Server Auth Bypass and SSTI 2023-05-09 14:24:51 -05:00
space-r7 d60843f0eb name versions that are vulnerable 2023-05-09 09:16:42 -05:00
space-r7 08a79a2f4e add documentation 2023-05-08 17:42:23 -05:00
Grant Willcox f773d348e1 Add in notes about reliability of the module, and also add documentation on 7005 test on Windows 2022 2023-05-08 12:11:01 -05:00
Grant Willcox c221edb1ec Add in ADAudit Plus build 6077 testing examples 2023-05-08 11:45:44 -05:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
h00die e692e927dc review fixes 2023-05-05 16:43:47 -04:00
Grant Willcox 19651633c4 Update the installation instructions to resolve some issues encountered during testing 2023-05-04 18:26:54 -05:00
Grant Willcox f27fc28411 Perform review updates 2023-05-04 15:12:31 -05:00
ErikWynter aede036b02 additional changes from code review 2023-05-04 15:12:30 -05:00
Grant Willcox 0fd743d851 Add in fixes from code review 2023-05-04 15:12:29 -05:00
Grant Willcox d5032f0a5d Minor touchups on documentation for review 2023-05-04 15:12:28 -05:00
ErikWynter 32796b429b add note about payload limitations for builds 7004 and 7005 2023-05-04 15:12:27 -05:00
Grant Willcox 3b0d8b850b Fix up some issues identified during review 2023-05-04 15:12:26 -05:00
ErikWynter 9f68a5f8d1 add manageengine_adaudit_plus_authenticated_rce exploit module and docs 2023-05-04 15:12:09 -05:00
Grant Willcox bf61718fe6 Land #17915, Icinga Web 2 Arbitrary File Read (CVE-2022-24716) 2023-05-03 11:47:26 -05:00
Grant Willcox 818bd4837e Add in additional information about testing on Docker 2023-05-03 10:17:16 -05:00
h00die 95562e04aa sudoedit work 2023-05-02 18:39:59 -04:00
Grant Willcox 092e4f93ad Fix up incorrect user who we are executing as 2023-05-02 15:50:46 -05:00
Grant Willcox cf6b309904 Add in quick fixes from review 2023-05-02 15:17:02 -05:00
adfoster-r7 7ec7a4c607 Land #17910, Fixes couchdb_login false positives 2023-05-02 17:56:55 +01:00
Christophe De La Fuente 60149259a2 Land #17856, RCE exploit for CVE-2023-26359 (Adobe ColdFusion) and an auxiliary module for arbitrary file read via the same vuln. 2023-04-28 19:27:15 +02:00
h00die d454b2e195 cve-2023-22809 2023-04-25 20:54:48 -04:00
vtoutain df6c2bf7eb Documentation update 
Modified the layout according to reviews, updated scenarios output, and added the JSON example output.
 2023-04-24 11:47:21 +02:00
vtoutain e565a8f962 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-24 11:44:52 +02:00
bcoles 5a57ea131e resolve_sid: Add docs and resolve RuboCop violations 2023-04-23 17:39:32 +10:00
h00die 076760e011 cve-2022-24716 2023-04-21 16:31:07 -04:00
h00die d6c2e4f528 cve-2022-24716 2023-04-21 16:27:52 -04:00