adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2409 Commits

Author SHA1 Message Date
Ayan Saha ec57260c66 Adding suggested code 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-08 02:25:35 +05:30
Ayantaker 32db330ff6 Fixing the rubocop issue 2022-10-07 11:08:01 -04:00
Ayantaker 910ee931c2 Fixing the description of the module 2022-10-06 15:55:32 -04:00
Ayantaker c8cd6a7864 Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 
CVE-2022-22947 exploits Spring Cloud Gateway. The module has been tested with Spring Cloud gateway version 3.1.0 on Linux kali 5.18.0-kali5-amd64
 2022-10-06 15:48:36 -04:00
Ron Bowes 48dd4693df Add docs for CVE-2022-41352 (zimbra cpio), and fix some text 2022-10-06 10:46:48 -07:00
Ron Bowes 08c29f7f28 Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-06 10:23:53 -07:00
h00die 06aefb630a string true to bool true 2022-10-03 19:50:04 -04:00
bcoles 5f92d9418d Modules: Fix Stability/SideEffects/Reliability notes for several modules 2022-10-01 17:54:59 +10:00
space-r7 dd11156922 add new reference to bitbucket module 2022-09-22 16:14:18 -05:00
space-r7 8d2b182c7b add cmd stager flavors and bad characters 2022-09-21 10:54:32 -05:00
space-r7 77d1328c43 add module description 2022-09-21 08:38:18 -05:00
space-r7 34a6671c2d update module to support auth & additional target 2022-09-20 18:45:14 -05:00
space-r7 9738f23b51 add cmdstager 2022-09-20 10:37:10 -05:00
space-r7 391e5cc891 add check method, repo search 2022-09-19 17:28:17 -05:00
Christophe De La Fuente 52ff168c5e Land #16914, Add PAN-OS auth command injection module (CVE-2020-2038) 2022-09-15 17:58:07 +02:00
Jack Heysel b37b91c233 Responded to comments 2022-09-15 10:45:11 -04:00
jheysel-r7 49cc431660 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-15 10:29:28 -04:00
jheysel-r7 2fcea3763f Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-14 12:59:56 -04:00
jheysel-r7 9b6b70cbf3 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-14 12:50:07 -04:00
jheysel-r7 d001bf079e Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-14 12:49:52 -04:00
Jack Heysel 89fadf69a7 Remove require pry 2022-09-13 13:42:26 -04:00
Jack Heysel f11e5c162b Rubocop 2022-09-13 13:21:18 -04:00
Jack Heysel 1c99daa836 Updated error handling 2022-09-13 12:40:59 -04:00
jheysel-r7 8a6c2dc896 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-12 17:35:25 -04:00
jheysel-r7 92068e3c02 Update modules/exploits/linux/http/panos_op_cmd_exec.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-12 17:34:57 -04:00
space-r7 a11569fc53 Land #16944, add Apach Spark RCE 2022-09-07 13:02:27 -05:00
space-r7 65906bbb87 add curl cmd stager flavor 2022-09-07 12:45:13 -05:00
space-r7 1a9e33265a fix typos 2022-09-07 11:27:56 -05:00
h00die-gr3y 6c1f7c2d8c removed unnecessary code 2022-09-07 09:40:11 +00:00
h00die-gr3y 797e450f4a updated timer code 2022-09-06 19:08:27 +00:00
H00die.Gr3y 19a396304d Update modules/exploits/linux/http/apache_spark_rce_cve_2022_33891.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-09-03 20:28:49 +04:00
Christophe De La Fuente 8ba621a291 Land #16923, Cisco ASA-X with FirePOWER Services Authenticated Command Injection (CVE-2022-20828) 2022-09-02 18:37:37 +02:00
Jake Baines 320bd944f0 Updated default creds. Properly used fail_with. Set meterpreter to fork. Some wording and code cleanup. 2022-09-02 08:44:04 -07:00
h00die-gr3y d38494498a added linux dropper and code review suggestions 2022-08-27 17:45:47 +00:00
H00die.Gr3y b8a514bb55 Update modules/exploits/linux/http/apache_spark_rce_cve_2022_33891.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-08-27 11:08:32 +04:00
H00die.Gr3y 3164967e07 Update modules/exploits/linux/http/apache_spark_rce_cve_2022_33891.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-08-27 10:39:43 +04:00
h00die-gr3y 21c4e3ce3d commit module and documentation 2022-08-26 15:05:39 +00:00
Grant Willcox 6a71daac44 Land #16918, End the session when an HTTP/200 is received 2022-08-25 16:55:54 -05:00
h00die-gr3y 14aad14b57 rubocop fix update 2022-08-25 17:54:53 +00:00
Ron Bowes abd392c372 Add in changes from review 2022-08-23 11:44:03 -05:00
Ron Bowes 97f8ec9367 Documentation, output cleanup 2022-08-23 11:43:51 -05:00
Ron Bowes 24460efb77 Iniital import of working exploit 2022-08-23 11:43:51 -05:00
Jake Baines b4fe31757d Added module for CVE-2022-20828 2022-08-19 12:29:37 -07:00
Jack Heysel 6c09cc8c9d Responded to PR comments 2022-08-18 16:20:03 -04:00
jheysel-r7 c4abda67c1 Update modules/exploits/linux/http/panos_auth_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-08-18 16:15:21 -04:00
jheysel-r7 1f6c52923b Update modules/exploits/linux/http/panos_auth_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-08-18 15:19:14 -04:00
jheysel-r7 4f95df6ee6 Update modules/exploits/linux/http/panos_auth_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-08-18 15:19:04 -04:00
Jack Heysel f01f4c08a4 Randomize payload + rubocop 2022-08-17 17:43:16 -04:00
Jack Heysel 75efe1528c Added check method, reponded to PR comments 2022-08-17 17:24:03 -04:00
jheysel-r7 2c3778e938 Update modules/exploits/linux/http/panos_auth_rce.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-08-17 14:03:05 -04:00