metasploit-gs

Author	SHA1	Message	Date
M. Cory Billington	81c056df3b	Removed unused return value	2021-05-22 01:32:17 -05:00
M. Cory Billington	963cea939f	Changed request method to preferred method	2021-05-22 01:29:24 -05:00
M. Cory Billington	ab5256a106	Use more robust version checking and add missing return statements.	2021-05-22 01:26:28 -05:00
M. Cory Billington	64f9ea0848	Update modules/exploits/linux/http/suitecrm_log_file_rce.rb Change Metasploit download link to https Co-authored-by: bcoles <bcoles@gmail.com>	2021-05-22 00:59:23 -05:00
M. Cory Billington	f27c0a481c	Update modules/exploits/linux/http/suitecrm_log_file_rce.rb Co-authored-by: bcoles <bcoles@gmail.com>	2021-05-22 00:56:44 -05:00
M. Cory Billington	e62efe0690	Added module and documentation for SuiteCRM Log File RCE	2021-05-22 00:11:19 -05:00
Grant Willcox	e7983c3b6f	Land #15192 , Enforce Style/RedundantBegin for new modules	2021-05-17 09:51:57 -05:00
adfoster-r7	ac2c467121	Land #15011 , Enhance analyze command API to understand modules' needs	2021-05-14 14:30:33 +01:00
Alan Foster	100da2f1b1	Enforce Style/RedundantBegin for new modules	2021-05-13 04:01:03 +01:00
William Vu	637e9cff48	Update vmware_vrops_mgr_ssrf_rce documentation	2021-05-06 18:30:20 -05:00
Mehmet INCE	bf0551979f	Fix the module according to the review	2021-05-03 12:29:00 +03:00
Mehmet INCE	06157601df	Remove SCREEN_EFFECTS from sideeffects	2021-05-03 11:14:43 +03:00
Mehmet INCE	9e04805c0e	Adding check method to gravcms exec	2021-05-03 11:14:43 +03:00
Mehmet INCE	e3d05395de	Add GravCMS exec	2021-05-03 11:14:42 +03:00
William Vu	d433c0fd12	Fix typo	2021-04-30 23:29:24 -05:00
Spencer McIntyre	994825dcc9	Land #15090 , Add exploit for CVE-2021-22502	2021-04-29 14:09:28 -04:00
Shelby Pace	a4af80d3e1	Land #15005 , add VMware vRealize SSRF RCE	2021-04-27 09:19:55 -05:00
Shelby Pace	363db0e271	Land #14977 , add Apache Druid js rce	2021-04-26 12:01:19 -05:00
Pedro Ribeiro	07d82cde93	fix timeout errors in rubocop	2021-04-23 22:10:38 +07:00
Pedro Ribeiro	02ce5a1724	Update modules/exploits/linux/http/microfocus_obr_cmd_injection.rb Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>	2021-04-23 22:01:05 +07:00
Pedro Ribeiro	58e00b582e	Update modules/exploits/linux/http/microfocus_obr_cmd_injection.rb Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>	2021-04-23 22:00:55 +07:00
Pedro Ribeiro	651a34af53	add sploit for MF OBR cmd injection	2021-04-23 21:04:36 +07:00
William Vu	a62d1dfbcd	Add some details back in	2021-04-21 16:02:21 -05:00
William Vu	5111caf536	Address @gwillcox-r7 review New words from @gwillcox-r7.	2021-04-21 13:10:21 -05:00
William Vu	22433d5b2c	Add clarifying comment	2021-04-21 10:42:10 -05:00
William Vu	08907a5e3a	Add VMware vRealize Operations Manager SSRF RCE CVE-2021-21975 + CVE-2021-21983	2021-04-21 10:42:10 -05:00
Grant Willcox	7b7e521d6c	Fix up a wrong type field value and set it back to 1 from 2 in the send_exploit() function, since this was causing the exploit to fail	2021-04-20 17:45:51 -05:00
Grant Willcox	e0f13e44d1	Land #14699 , Add Nagios XI snmptrap RCE and docs (CVE-2020-5792)	2021-04-20 14:30:45 -05:00
Grant Willcox	f241a050b8	Apply review comments and fixes to documentation and the module	2021-04-20 12:38:34 -05:00
Grant Willcox	d60cdbebb3	Add in Regex fix to ensure that really old versions of NagiosXI will still be detected as vulnerable despite unusual version naming convention	2021-04-19 14:17:05 -05:00
Grant Willcox	4ac9304ca2	Land #14968 - Add Nagios XI Mibs.php Authenticated RCE module and docs (CVE-2020-5791)	2021-04-16 14:37:15 -05:00
Grant Willcox	496e074ec8	Add in fixes to documentation and module from review	2021-04-16 13:14:17 -05:00
William Vu	9e6f425427	Move exploit/linux/http/citrix_dir_traversal_rce To exploit/freebsd/http/citrix_dir_traversal_rce. It's actually FreeBSD.	2021-04-15 19:13:25 -05:00
Grant Willcox	832ca92f42	Land #14700 , Add Nagios XI Plugins Filename Authenticate RCE module and docs (CVE-2020-35578)	2021-04-14 16:58:55 -05:00
Grant Willcox	61395f3cb1	Update scenarios in documentation and also update the module to handle cases where the version number may not be in a format that Rex::Text can immediately handle.	2021-04-14 16:32:53 -05:00
Grant Willcox	76353efada	Fix minor RuboCop error	2021-04-14 15:38:06 -05:00
Grant Willcox	154e237edd	Add in fixes to documentation and module that were covered in the review process	2021-04-14 15:33:42 -05:00
Grant Willcox	a59e7e196d	Land #14701 , Rename Nagios XI authenticated RCE module and integrate Nagios XI mixin	2021-04-13 18:58:29 -05:00
Grant Willcox	d766cf9b96	Change module title to be more descriptive and remove bad characters	2021-04-13 17:33:34 -05:00
Grant Willcox	0aada27128	Update the documentation to account for the fact that the plugin name has to be check_ping and also update the module to randomize some of the fields where possible.	2021-04-13 17:15:34 -05:00
Grant Willcox	ead9d73dc5	Add in fixes from review to documentation and module	2021-04-13 16:34:13 -05:00
William Vu	e842c3ecab	Fix Gem::Package NameError with Rex::Tar::Writer	2021-04-12 18:50:31 -05:00
Shelby Pace	a36030bcb7	add AutoCheck and usage of TARGETURI option remove CheckCmd from docs	2021-04-09 12:08:25 -05:00
je5442804	352fedcca0	Improved	2021-04-09 19:50:43 +08:00
je5442804	69b62cee3a	Update modules/exploits/linux/http/apache_druid_js_rce.rb Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>	2021-04-09 08:31:38 +08:00
je5442804	58f14a3219	Update module-send_request Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>	2021-04-09 08:31:25 +08:00
je5442804	afb263bcba	Update description Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>	2021-04-09 08:27:30 +08:00
Adam Cammack	6096d0f135	Remove superfluous `default_cred?` methods	2021-04-07 06:12:25 -05:00
Shelby Pace	cfc6b0a8ba	Land #14971 , add Apache OFBiz SOAP Deser rce	2021-04-05 11:44:40 -05:00
Shelby Pace	a803e1e932	remove spare comma	2021-04-05 09:33:20 -05:00

... 12 13 14 15 16 ...

2409 Commits