adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2409 Commits

Author SHA1 Message Date
Ege Balcı e0f545673c Add files for cleanup, fix serve address, add retry_until_truthy 2023-08-18 23:25:49 +02:00
Ege Balcı e97183e7bd Update modules/exploits/linux/http/vmware_vrli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-18 20:21:42 +00:00
Ege Balcı 20ca3b8720 Update modules/exploits/linux/http/vmware_vrli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-18 20:17:37 +00:00
Ege Balcı d8d5049d97 Update modules/exploits/linux/http/vmware_vrli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-18 20:16:32 +00:00
Ege Balcı 4fe15ee788 Update modules/exploits/linux/http/vmware_vrli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-18 20:16:21 +00:00
Ege Balcı 1a97b11f09 Update modules/exploits/linux/http/vmware_vrli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-18 20:16:12 +00:00
Ege Balcı 86c8f11e17 Update modules/exploits/linux/http/vmware_vrli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-18 20:16:03 +00:00
Jack Heysel 900e418796 Land #18226, H2 Web Interface RCE 
This PR adds a module to exploit an RCE feature in
the H2 databases Web Interface.
 2023-08-15 16:23:09 -04:00
h00die f125ad8870 review comments 2023-08-08 17:44:35 -04:00
h00die 7b024f21bd apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die 5cdac38ac0 apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die e8ce0454cd review comments 2023-08-08 17:16:57 -04:00
h00die dca125963c metabase review comments 2023-08-08 17:16:57 -04:00
h00die f30c996340 remove comment 2023-08-08 17:16:56 -04:00
h00die 9516592eb6 metabase setup token rce 2023-08-08 17:16:56 -04:00
h00die 7ceeb9f8de review comments 2023-08-08 17:15:22 -04:00
h00die 67ea97d686 set right port 2023-08-08 17:15:22 -04:00
h00die 06a4433e2a review comments 2023-08-08 17:15:22 -04:00
h00die 97daf47269 h2 web interface shell 2023-08-08 17:15:22 -04:00
Ege Balcı 340e4c0117 Make rubocop happy 2023-08-08 20:54:40 +02:00
Ege Balcı d1f9f540c6 Add VMware vRealize Log Insight RCE exploit 2023-08-08 20:32:38 +02:00
h00die-gr3y 19ef0cc4f9 Added documentation and fixed a typo in the module description 2023-07-28 21:30:24 +00:00
h00die-gr3y f282e1ab92 first drop of module 2023-07-28 20:14:44 +00:00
ErikWynter f79b4331b8 code review fixes for wd_mycloud_unauthenticated_cmd_injection 2023-07-27 23:09:50 +03:00
ErikWynter 53b8653ac7 add wd_mycloud_unauthenticated_cmd_injection 2023-07-26 17:24:44 +03:00
Christophe De La Fuente c7f8ce5acd Land #18199, VMWare vRealize Network Insight pre-authenticated RCE CVE-2023-20887 2023-07-25 17:45:30 +02:00
Jack Heysel ee26e7f926 Rubocop fixes 2023-07-20 16:40:28 -04:00
Jack Heysel 421b06119f Update docs 2023-07-20 14:55:27 -04:00
Jack Heysel c48346413c Fixed payload and verion detection 2023-07-20 14:44:56 -04:00
h00die 530934f78a review comments 2023-07-19 11:42:47 -04:00
space-r7 7af22bfd41 Land #18077, add Symmetricom unauth cmd injection 2023-06-13 17:07:16 -05:00
space-r7 5535401345 add exploit rank 2023-06-13 17:05:30 -05:00
Steve Campbell 37bc9cd5a4 Update symmetricom_syncserver_rce.rb 
Updated info to add allowed SRVPORT and LPORT, and fixed issue with srvport variable not used.
 2023-06-13 16:22:08 -04:00
space-r7 cbf7109c51 add rubocop fixes and some metadata 2023-06-13 13:44:23 -05:00
SinSinology fd5e4dfc39 VMWare vRealize Network Insight pre-authenticated RCE CVE-2023-20887 
Technical details at
https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-20887/
 2023-06-13 15:16:11 +01:00
Steve Campbell ed516faa93 Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Added link to CVE

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:34:24 -04:00
Steve Campbell 5b73c8fea1 Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Added CVE

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:33:57 -04:00
Steve Campbell 4e4d09862e Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Fixed misspelling

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:32:12 -04:00
Steve Campbell bc2fb0c919 Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Updated heading

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:31:21 -04:00
h00die-gr3y 4479d94658 Updates based on review comments from space-r7 and jvoisin 2023-06-12 19:28:08 +00:00
h00die-gr3y 7cd3854208 Removed Webshell upload and updated documentation 2023-06-12 13:58:59 +00:00
h00die-gr3y 417c9fa591 init commit module and documentation 2023-06-10 09:42:32 +00:00
space-r7 c9af514be4 Land #18063, add TerraMaster webshell upload 2023-06-09 17:55:32 -05:00
h00die-gr3y dfc366e022 Latest updates based on reviewers comments 2023-06-08 21:25:40 +00:00
Steve Campbell 229fc0c002 Added symmetricom_syncserver_rce.rb 2023-06-08 12:46:10 -04:00
h00die-gr3y 0bcd930f61 Updated NAS model and version check 2023-06-08 09:12:45 +00:00
h00die-gr3y b3b0cb4ccf Updates based on space-r7 comments 2023-06-08 07:39:44 +00:00
h00die-gr3y 46fcdb76d5 Updates based on jvoisin comments 2023-06-07 08:27:55 +00:00
h00die-gr3y 3e6ae74886 init commit module 2023-06-06 07:07:36 +00:00
h00die-gr3y 00e39eb540 updated CMD stager order 2023-06-05 14:54:31 +00:00