adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
space-r7 365b7c099c Land #17895, add Joomla api scanner 2023-04-21 09:50:24 -05:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
cgranleese-r7 eb4107b5e2 Fixes couchdb login bug 2023-04-21 10:14:22 +01:00
h00die 17f674e3fa review comments 2023-04-20 16:23:52 -04:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
vtoutain d875741c87 Fixed documentation typos 2023-04-19 11:43:08 +02:00
vtoutain 35c7d3918d Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-19 11:24:37 +02:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
vtoutain e4ae9e0997 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-18 11:37:13 +02:00
Jack Heysel 78e80f8e32 docs fix 2023-04-17 16:41:35 -04:00
Jack Heysel 162fe21659 Documentation copy pasta correction 2023-04-17 16:39:57 -04:00
jheysel-r7 d4b668e27b Update documentation/modules/exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-04-17 16:36:31 -04:00
Jack Heysel db853f9a68 Land #17711, SPIP unauth RCE module 
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
 2023-04-17 15:30:03 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
adfoster-r7 396a4b90cc Land #17892, update unified_remote_rce docs 2023-04-17 13:53:32 +01:00
dsecbypass 3b710293f5 Dolibarr 16 unauthenticated contact database dump 
Auxiliary module and documentation.
 2023-04-17 14:52:05 +02:00
h00die 32b6741cd8 joomla api cve-2023-23752 2023-04-16 22:54:54 -04:00
h00die 37130e5a3d move asan docs 2023-04-16 10:19:43 -04:00
h00die 4b176c8ef5 fix unified_remote_rce docs 2023-04-16 10:11:01 -04:00
sfewer-r7 5d05754d9b update the AKB URL to reference the changed CVE 2023-04-14 17:44:38 +01:00
sfewer-r7 e6211175b3 rename the files to the correct CVE 2023-04-14 15:52:13 +01:00
sfewer-r7 b5ea420760 On April 12 Adobe reclassified CVE-2023-26360 from an Improper Access Controll vuln to a Deserialization of Untrusted Data vuln. A private report has confirmed that CVE-2023-26359 is a similar yet seperate vuln, so I am changing the CVE associated with these two modules from CVE-2023-26359 to CVE-2023-26360 as we now beliee this is the correct CVE. 2023-04-14 15:49:10 +01:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
sfewer-r7 b7f46aab99 split the CFC_METHOD_PARAMETERS by comma and not amperstand 2023-04-13 16:55:34 +01:00
sfewer-r7 ae87f35944 fix two typos in documentation 2023-04-13 15:57:48 +01:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
sfewer-r7 43bfdcd6b4 improve the aux file read module; add a default CFC endpoint option and support servers configured with the non-default setting 'Enable Request Debugging Output' enabled. 2023-04-12 12:39:00 +01:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
Ron Bowes 6119330e29 Update documentation to match current version of modules 2023-04-11 09:48:53 -07:00
sfewer-r7 375d9b34f1 make on_request_uri compatible with both command staget and teh generic java target 2023-04-11 14:25:07 +01:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
sfewer-r7 43fe41bea5 RCE exploit for CVE-2023-26359 and an auxiliary module for arbitrary file read via the same vuln. 2023-04-06 14:02:01 +01:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
Ron Bowes c22c2904c2 Fix msftidy_docs stuff 2023-04-05 10:53:58 -07:00
Jack Heysel 15d267a233 Land #17826, post module for CVE-2023-21768 
This adds an exploit module for CVE-2023-21768 that
achieves local privilege escalation on Windows 11 2H22.
 2023-03-30 12:27:28 -04:00
dwelch-r7 ab08cd2d1c Land #17753, Update get_ticket to support using forged golden tickets 2023-03-30 14:15:48 +01:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
space-r7 9cd024a7a2 Land #17828, add AMQP login scanner module 2023-03-29 09:24:48 -05:00
space-r7 72ec93d27a Land #17827, add AMQP version scanner module 2023-03-28 16:00:42 -05:00
Jack Heysel fcb93fef58 Land #17806, Optergy BMS Backdoor RCE module 
This module exploits an undocumented backdoor vulnerability
(CVE-2019-7276) in the Optergy Proton and Enterprise Building
Management System (BMS) applications.
 2023-03-28 10:27:35 -04:00
Spencer McIntyre 97d67c6a79 Add an AMQP login scanner 2023-03-27 16:53:03 -04:00
Spencer McIntyre 95e8a1c175 Initial AMQP version scanner 2023-03-27 16:44:11 -04:00
space-r7 f9c6caa804 Land #17785, add SolarWinds (SWIS) deser RCE 2023-03-27 15:25:17 -05:00
Christophe De La Fuente 6d4ee0c071 Add exploit for CVE-2023-21768 2023-03-27 20:08:22 +02:00
h00die-gr3y bcef7ee357 updated module and documentation with SUDO option 2023-03-26 18:31:25 +00:00
emirpolatt c65685deae CVE-2023-27253 - PfSense 2.6.0 'Backup & Restore' OS Command Injection Module 2023-03-26 02:46:31 +03:00
jheysel-r7 0d6195a9ae Merge branch 'master' into proftpd_modcopy_exec 2023-03-24 21:16:54 -04:00