adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2409 Commits

Author SHA1 Message Date
h00die-gr3y 6e11f4353b Updates addressing cdelafuente-r7 comments 2023-09-20 22:14:48 +00:00
Christophe De La Fuente 525c957af2 Land #18333, Lexmark Device Embedded Web Server RCE (CVE-2023-26068) 2023-09-19 10:32:59 +02:00
Ismail Dawoodjee f9cdfef304 Move module and documentation from multi/http to linux/http 
* Update documentation scenarios for Docker on Debian 10 and Kali Linux 6.4
* Slightly modify the documentation scenario for Docker on Windows 10
 2023-09-17 22:42:26 +08:00
h00die e34ed10eca superset rce more stable 2023-09-15 16:29:05 -04:00
h00die a8da47e73c still working on resetting values 2023-09-15 13:32:24 -04:00
Jack Heysel 46832abd49 Land #18358, Add a Thrift RPC client 
This PR adds a Thrift RPC client and updates
two modules to make use of the new addition.
 2023-09-14 19:01:13 -04:00
h00die 0c418fdf65 still working on resetting values 2023-09-14 14:28:29 -04:00
h00die-gr3y 784f3118f0 third release module and documentation 2023-09-14 17:59:59 +00:00
h00die 619a46d450 working hashes for apache superset rce 2023-09-14 13:21:01 -04:00
h00die-gr3y 094685fa93 second release module 2023-09-14 13:12:33 +00:00
h00die-gr3y 4bb465bcee initial release module 2023-09-13 20:59:53 +00:00
h00die 686d704b37 superset rce wip 2023-09-13 15:26:29 -04:00
cgranleese-r7 e82bff37e1 Land #18330, Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-09-13 10:15:59 +01:00
Jack Heysel b83a49e573 Thanks to Spencer improved execute_command method 2023-09-12 15:14:10 -04:00
Spencer McIntyre 187cca848e Replace the binray blobs 2023-09-12 12:21:10 -04:00
Spencer McIntyre fbf95ecd92 Add and use a Thrift client object 2023-09-11 14:37:38 -04:00
Spencer McIntyre f1aea836f3 Land #18273, Add VMware vRealize Log Insight RCE 
Add VMware vRealize Log Insight unauthenticated RCE exploit
 2023-09-08 17:17:23 -04:00
Spencer McIntyre 21dde19511 Make some final tweaks 
Change strings to reference `VMware` using the proper case. Don't
include CmdStager (because it's unnecessary). Set PrependFork to fix
shell payloads. Move CamelCase options to advanced.
 2023-09-08 16:55:42 -04:00
Simon Janusz 57f3b8a352 Land #18350, Add opentsdb_key_cmd_injection exploit module and docs 2023-09-08 16:50:46 +01:00
Simon Janusz 7302394ffa Land #18316, Kibana Timelion Prototype Pollution RCE (CVE-2019-7609) 2023-09-08 11:50:47 +01:00
Ege Balcı 5b6ee0cfaf Add extra sleep during PakUpgrade for stabilization 2023-09-07 19:49:57 +02:00
Ege Balcı 9a5dd4e4e5 Refactor thrift usage, add extra SRVHOST check, switch to decoded mf_file 2023-09-07 19:29:23 +02:00
ErikWynter 7cabe14461 add opentsdb_key_cmd_injection exploit module 2023-09-07 17:29:16 +03:00
Jack Heysel cf62d3fa78 rubocop 2023-09-06 15:47:54 -04:00
Jack Heysel 31d5f8e128 Responded to comments 2023-09-06 15:40:43 -04:00
Jack Heysel 482fdefb2c Land #18313, SolarView Compact unauth RCE module 
This PR adds a SolarView Compact unauth RCE module.
 2023-09-05 17:49:28 -04:00
jheysel-r7 03ccb3cce0 Apply grammatical suggestions from code review 2023-09-05 17:06:01 -04:00
h00die c6a2652861 review comments 2023-09-01 20:34:35 -04:00
Jack Heysel 5c12a3e6f4 Remove unused default options 2023-08-31 02:47:40 -04:00
Jack Heysel 3a7ef46d17 Remove platform linux 2023-08-31 02:32:21 -04:00
Jack Heysel 7b8debd58f Tidy up, last minute rubocop 2023-08-31 02:17:35 -04:00
Jack Heysel 9779b1eeae Lexmark Device Embedded Web Server RCE (CVE-2023-26068) 2023-08-30 20:30:14 -04:00
jheysel-r7 68090d0406 Update modules/exploits/linux/http/ivanti_sentry_misc_log_service.rb 
Co-authored-by: wvu <4551878+wvu@users.noreply.github.com>
 2023-08-30 11:46:44 -04:00
Christophe De La Fuente 8217745a85 Land #18257, Apache nifi h2 rce (CVE-2023-34468) 2023-08-30 13:37:37 +02:00
Jack Heysel a3a7454f74 Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-08-29 15:24:04 -04:00
Jack Heysel b326832bcf Renamed module, rubocop 2023-08-29 13:21:13 -04:00
Ege Balcı 44dd8439df Add low version guard and token check 2023-08-29 17:43:21 +02:00
h00die db9bf5f6cd now down to 10 shells! 2023-08-28 17:42:35 -04:00
h00die f467e0747a review comments 2023-08-28 17:39:02 -04:00
h00die-gr3y 77a1bbef79 Second release module and documentation 2023-08-28 07:49:40 +00:00
Ege Balcı eaeb2024d3 Merge branch 'master' into vmware_vrli_rce 
Merge for ThriftMessageType
 2023-08-26 22:42:25 +02:00
h00die b529814563 fix sideeffects/reliability 2023-08-24 16:28:05 -04:00
h00die 5382eb22d1 kibana exploit 2023-08-24 16:08:08 -04:00
Christophe De La Fuente a037d16b66 Land #18233, Chamilo unauthenticed RCE [CVE-2023-34960] 2023-08-24 11:49:40 +02:00
h00die-gr3y 3612030cee first release of module 2023-08-23 22:07:58 +00:00
h00die-gr3y f64b67968f Final minor updates 2023-08-23 11:38:07 +00:00
H00die.Gr3y 1db284dcaa Apply suggestions from code review 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-08-22 18:46:25 +02:00
h00die 1bd14dd8f4 error handling for apache modules 2023-08-21 18:12:26 -04:00
h00die a45792877a lib and spec updates 2023-08-20 19:37:22 -04:00
h00die-gr3y b6cf981378 Updates based on review comments 2023-08-19 08:18:50 +00:00