adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2409 Commits

Author SHA1 Message Date
Grant Willcox 0a57641aa4 Add in documentation and module code cleanness improvements and also make the output easier for readers to understand should something fail midway through. 2021-08-31 18:24:57 -05:00
Your Name cd74e34e3c Fixed Authors 2021-08-31 18:24:51 -05:00
Your Name b5b0b3087a Fixed References and Description 2021-08-31 18:24:50 -05:00
Your Name 56cde3eaba Add Geutebruck CVE_2021_335XX command injections module 2021-08-31 18:24:14 -05:00
Your Name 690af9f956 Fixed CVE Number 2021-08-30 08:18:19 +01:00
Your Name 70f3f9d731 Fixed CVE Number 2021-08-28 11:33:42 +01:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Your Name 8d28dece69 Added Notes 2021-08-27 16:42:54 +01:00
Your Name 6a501a37ff Add CVE-2021-33549 exploit for Geutebruck G-CAM 2021-08-27 01:28:26 +01:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
Alan Foster 03400991af Update uses of open ssl 2021-08-10 15:40:23 +01:00
Jack Heysel 29b193406e Fix for file clean up in the Cisco Hyperflex file upload RCE module 2021-07-30 14:59:52 -04:00
William Vu 6a6c08c773 Fix edge case in method overloading 2021-07-12 20:29:56 -05:00
William Vu d29532d4c4 Add VMware vCenter Server CVE-2021-21985 exploit 2021-07-12 13:07:05 -05:00
William Vu 6fbaecf919 Backport print changes to recent modules 2021-07-08 21:26:35 -05:00
William Vu af986380d3 Fix CheckCode 
It's closer to CheckCode::Appears than CheckCode::Vulnerable.
 2021-07-06 22:22:27 -05:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Shelby Pace 9f864df5f1 use Rex::Version instead of Gem::Version 2021-06-24 10:14:17 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Yann Castel 1d2e3212d3 using MIME + added some guards 2021-06-18 10:43:30 +02:00
Hakyac 7781d9ff1e Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:22:11 +02:00
Hakyac 1e7737f8b4 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:17:52 +02:00
Hakyac f4bd18c5a3 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 09:21:00 +02:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
Grant Willcox e3a0228f79 Adjust exploit module title for rubocop compliance 2021-06-10 16:54:35 -05:00
Grant Willcox de8180b666 Update module title to correct state affected versions 2021-06-10 09:42:26 -05:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
Grant Willcox 038d0b1334 Add in autocheck compatability, update the documentation and output to be clearer, minimize traffic sent, fix up invalid scoping of variables, randomize data where possible, and add in exploit notes 2021-06-10 09:34:52 -05:00
MucahitSaratar 83caaccc6a adding backup 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:47 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
Shelby Pace 8b737c2c60 Land #15231, add SuiteCRM log file rce 2021-06-03 09:11:00 -05:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
William Vu 37a7ee2e28 Clean up f5_icontrol_rest_ssrf_rce 
Escalate a warning and prefer a variable.
 2021-06-02 20:32:47 -05:00
mcorybillington d2b539e3c9 authentication fix from add cookie jar merge 2021-06-02 16:54:09 -05:00
Shelby Pace 3056e8f946 add cookie jar and AutoCheck 2021-06-02 13:09:33 -05:00
mcorybillington dea7f50d36 Cover log file restoriation in all failure cases 2021-05-29 09:25:10 -05:00
M. Cory Billington 1451e9b56b Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:32 -05:00
M. Cory Billington fa1ad1b32e Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:28 -05:00
M. Cory Billington b4f699fb15 Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:23 -05:00
mcorybillington 2d9fdb97ad Check that initial request is valid 2021-05-26 12:23:36 -05:00
mcorybillington 57ef94cfdf Remove non boolean return from authentication 2021-05-25 22:55:28 -05:00
mcorybillington 91284db05d Check returned responses on each stage and output status info 2021-05-25 22:49:27 -05:00
mcorybillington ed1f5db48d Check method and authentication fixes 2021-05-25 20:38:32 -05:00
M. Cory Billington 01a8a6ab30 Remove unrequired reference to msfcore 2021-05-23 12:12:35 -05:00
M. Cory Billington 2757e7163c Remove trailing white space found during msftidy 2021-05-22 18:44:15 -05:00