adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
h00die-gr3y adf455e8cb Third release of module and documentation 2024-01-04 14:01:37 +00:00
h00die-gr3y b2312c97d3 Second release of module and documentation 2024-01-04 09:26:16 +00:00
Jack Heysel beef573fb8 Land #18635, Authenticated Splunk Info Disclosure 
This PR adds a module for an authenticated Splunk information
disclosure. This module gathers information about the host
machine and the Splunk install including OS version, build,
CPU arch, Splunk licnese keys etc.
 2023-12-28 11:20:52 -05:00
Gaurav Jain d0beea91bd Add exploit for CVE-2022-42889 2023-12-25 00:43:50 +05:30
h00die 11c12fcb6d review comments 2023-12-23 13:23:34 -05:00
h00die a5698f6aa6 review comments 2023-12-23 12:18:06 -05:00
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Balgogan 0a2dea523f Add suggested changes 2023-12-22 00:04:54 +01:00
bwatters ce43db0904 Fix TBDs and give better documentation. 2023-12-21 16:18:36 -06:00
h00die 0394f5f7ad splunk 6.6.0+ 2023-12-20 20:47:04 -05:00
bwatters 78bac2636b Add documentation 2023-12-20 18:44:05 -06:00
Jack Heysel eeb74cd5e1 Updated metadata 2023-12-20 16:49:45 -05:00
Spencer McIntyre 6fc0704930 Land #18477, Add docs for nessus_rest_login 2023-12-20 16:49:09 -05:00
Jack Heysel e3062d45e0 Module working docs updated 2023-12-20 16:41:52 -05:00
Spencer McIntyre 300c53d005 Fix typos and tweak the section order 2023-12-20 16:31:52 -05:00
n00bhaxor a31de9eb05 Adding Splunk Info Disclosure module. 2023-12-20 14:07:50 -05:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Christophe De La Fuente 7ca256560d Land #18542, Vinchin Backup & Recovery Command Injection 2023-12-20 18:56:50 +01:00
Balgogan 22a05c8bf5 Add CVE-2023-50917 2023-12-20 00:43:00 +01:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
Jack Heysel c895364675 Initial commit, files created 2023-12-18 19:26:14 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die-gr3y 9ac3739605 Minor changes to the documentation 2023-12-17 13:51:30 +00:00
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00
h00die 02302439a0 saltstack salt minion deployer 2023-12-16 10:13:46 -05:00
h00die c911ec1413 ansible collection 2023-12-16 07:16:26 -05:00
Kevin Joensen 2f3e207277 Fixed documentation for exploit 2023-12-15 13:58:10 +01:00
Jack Heysel d9aa7f914e Added newline to PoC and removed empty file 2023-12-14 18:42:09 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
sjanusz-r7 f5e81aee2a Add docs for ssh_identify_pubkey using Metasploitable2 as target 2023-12-13 17:00:46 +00:00
h00die 9c869a6768 fix spelling 2023-12-13 09:45:02 -05:00
h00die 8eefea76ce puppet post gather module 2023-12-13 07:12:17 -05:00
Jack Heysel 603e5b2bff Land #18569, Add a module to perform ASREP-roasts 
This adds a module to gather credential material from accounts
with Requires Pre-Authentication disabled. The module supports two
mechanisms, Brute Forcing using a list of usernames or using a LDAP
query to request the relevant usernames, followed by requesting TGTs.
 2023-12-11 19:58:06 -05:00
Jack Heysel 862194d63f Documentation and rubocop changes 2023-12-11 19:01:35 -05:00
bwatters daa6d5363f Land #18577, Added RCE Module for Splunk Enterprise (CVE-2023-46214) 
Merge branch 'land-18577' into upstream-master
 2023-12-11 15:52:05 -06:00
Aleksa Zatezalo bc16684046 Update nessus_rest_login.md 2023-12-09 22:57:22 -05:00
Aleksa Zatezalo 93cfdd88cb Rename nessus_http_login.md to nessus_rest_login.md 2023-12-09 22:57:03 -05:00
Jack Heysel 3bad98afc6 Land #18488, add kerberos_tickets post module 
Adds a module to manage kerberos tickets from a compromised
host. This PR also includes rail gun enhancements.
 2023-12-07 19:12:48 -05:00
siddolo 32e5dfb12d Windows gather credentials for Mikrotik Winbox 'Keep Password' feature 2023-12-07 13:14:37 +01:00
cgranleese-r7 f794268020 Land #18578, Docker cgroup escape (CVE-2022-0492) 2023-12-06 16:07:08 +00:00
h00die eca611aaac review 2023-12-05 16:18:39 -05:00
Jack Heysel 509ec2c9b5 Land #18591, add ownCloud auxiliary module 
This module can extract sensitive environment variables from
the ownCloud target including ownCloud, DB, Redis, SMTP and
S3 credentials.
 2023-12-05 10:50:57 -05:00
jheysel-r7 76657c8f14 `Update documentation/modules/auxiliary/gather/owncloud_phpinfo_reader.md 2023-12-05 10:20:51 -05:00
Christophe De La Fuente 10d4b9233b Land #18463, D-Link Router UPnP unauthenticed LAN RCE via a crafted M-SEARCH packet 2023-12-05 10:58:15 +01:00
Zach Goldman 3d6ddf769e Land #17667, Update password crackers 2023-12-04 10:45:53 -05:00
h00die befc87f9f0 owncloud exploit 2023-12-03 15:45:44 -05:00
h00die ea803063b1 owncloud phpinfo reader 2023-12-03 11:04:38 -05:00