adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
Shelby Pace 6d13f0627e formatting changes 2021-06-25 16:20:42 +02:00
Shelby Pace 1194e7d0f3 add guards, adjust formatting, add docs 2021-06-25 16:20:42 +02:00
Spencer McIntyre 9cc17095d4 Land #15282, CVE-2019-15975 Cisco DCNM auth bypass 2021-06-24 11:59:21 -04:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Spencer McIntyre fe6b725d3f Update the documentation and fix a couple of bugs 2021-06-24 11:19:26 -04:00
Yann Castel 5ac025477a parent e7983c3b6f 
author Yann Castel <yann.castel@orange.com> 1622466490 +0200
committer Spencer McIntyre <Spencer_McIntyre@rapid7.com> 1624547674 -0400

Add an exploit for CVE-2019-15975 (Cisco DCNM)

add documentation

passed rubocop

edit documentation

set ssl to true by default

edit documentation

rubocop again

int return code was replaced by symbols

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

rubocop ok

various changes

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

various changes 2

various changes

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

adding some guards + module notes
 2021-06-24 11:19:25 -04:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
Grant Willcox 62f9d15ba3 Land #15314, Add Exploit for CVE-2021-31181 (SharePoint RCE) 2021-06-16 10:39:49 -05:00
Grant Willcox 464dcdf578 Land #15239, ipfire <= 2.25 Core Update 156 pakfire.cgi Authenticated RCE 2021-06-14 18:01:24 -05:00
Grant Willcox 537a7763f5 Land #15337, Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests 2021-06-14 15:28:40 -05:00
Grant Willcox 5b274770ef Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall 2021-06-14 15:02:38 -05:00
adfoster-r7 e40fcafbf1 Land #15339, fix typo in wp_admin_shell_upload.md 2021-06-14 18:04:30 +01:00
adfoster-r7 fb0e0f88a9 Land #15215, HashiCorp Nomad exec RCE 2021-06-14 17:49:36 +01:00
Spencer McIntyre d1be69eae6 Implement changes based on PR feedback 2021-06-14 10:15:27 -04:00
Florian CASAGRANDE 6e3e27984b Update wp_admin_shell_upload.md 2021-06-13 13:53:08 +02:00
h00die 0f16c1a633 Land #14836, emby ssrf module and scanner for cve-2020-26948 2021-06-12 15:18:12 -04:00
h00die 65bbe021bc updated docs 2021-06-12 15:08:53 -04:00
Spencer McIntyre edee95bbb2 Update the check to not fail if a COOKIE is used 2021-06-10 11:29:07 -04:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
btnz-k f684955537 updated documentation, modified var type 2021-06-09 15:26:29 -07:00
agalway-r7 1858b574ec Land #15305, Authenticated RCE module for NSClient++ 2021-06-09 15:38:34 +01:00
Yann Castel ebc8dba921 intial commit 2021-06-09 15:10:03 +02:00
Yann Castel 14c5924044 rubocop for documentation is ok 2021-06-09 09:08:19 +02:00
Yann Castel 674eb51f86 add scenario + small changes 2021-06-09 08:59:35 +02:00
Spencer McIntyre 3afe3ebfa3 Add the module docs 2021-06-08 15:23:24 -04:00
Hakyac fd988f7f29 Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:35:10 +02:00
Hakyac e1030226de Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:17:53 +02:00
Hakyac 0834fa122d Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:17:34 +02:00
Hakyac e53ca42570 Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:16:12 +02:00
Yann Castel bf96b88446 add default port + set ssl to true 2021-06-07 16:48:16 +02:00
Yann Castel 6a7e30749d initial commit 2021-06-07 14:39:10 +02:00
Spencer McIntyre 1d003e9dee Land #15293, Redis extractor improvements 2021-06-04 10:23:07 -04:00
Spencer McIntyre eea2f10f2e Use ALL_CAPS for normal datastore options 2021-06-04 10:22:42 -04:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
btnz-k 267a07166c Updated per R7 requests. 2021-06-03 13:08:08 -07:00
Shelby Pace 8b737c2c60 Land #15231, add SuiteCRM log file rce 2021-06-03 09:11:00 -05:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
William Vu 6498554084 Clean up NetMotion Mobility exploit and docs 
Refactor target selection once again.
 2021-06-02 23:47:01 -05:00
Ashley Donaldson 51969602a7 Updated documentation for redis extractor changes 2021-06-03 12:02:03 +10:00
Shelby Pace 598f925fd3 remove extra spaces 2021-06-01 11:37:45 -05:00
h00die 3f1bb4b51e rename module, add docs 2021-05-30 14:48:39 -04:00
h00die 0c3a693bef working exploit and docs 2021-05-30 14:37:11 -04:00
h00die 825cc9d284 upgraded to meterp 2021-05-29 15:55:24 -04:00
h00die 721a47ad7f cacti 1.2.12 sql to rce 2021-05-29 15:55:24 -04:00