adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

320 Commits

Author SHA1 Message Date
Spencer McIntyre 21c45b3733 Update module metadata 2021-10-27 11:58:53 -04:00
Spencer McIntyre 60b17b5c6f Add the module docs for OMIGOD 2021-10-26 12:08:48 -04:00
Spencer McIntyre 33bacd2b20 Update references and add a check method 2021-10-26 10:35:13 -04:00
Spencer McIntyre e9582d1ddb Initial commit for CVE-2021-38647 2021-10-25 17:36:55 -04:00
Jeffrey Martin 731b3d5ffe OptRegExp default value as string representation 
OptRegExp default should be string to utilize in a Regex.
This allows for the object to serialize in metadata and via
rpc bridge when transimiteed using msgpack.
 2021-09-17 16:34:46 -05:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Shelby Pace de22236902 add AutoCheck and update docs output 2021-04-30 15:38:57 -05:00
Rob V 41fe16463d switching to CmdStager 
- had to switch away from python payload to appease CmdStager
- removed systemd service adjustments preferring to use sleep to avoid rate limits
- updated check function to accomodate more current vulnerable version information in vendor advisory
 2021-04-30 12:53:33 -04:00
Rob V 1ba22f9b0c leveraging Udp mixin for version check 2021-04-09 15:21:38 -04:00
Rob V 3ecd97f8bc using Rex::Version over more manual process 2021-04-09 14:39:32 -04:00
Rob V ffcec1f3b4 adding comment header 2021-04-09 14:16:20 -04:00
robvinson 85176f4385 style change using unless instead of if not 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 09:17:58 -05:00
robvinson c913762077 move privileged from false to true 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 09:16:49 -05:00
Rob V 748ff19ef4 attempt to please linting 2021-03-25 16:11:43 -04:00
Rob V 63ce27f4ca adding IGEL OS RCE module 2021-03-25 14:39:23 -04:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Brendan Coles 6cdb484d7c Add Aerospike Database UDF Lua Code Execution exploit 2020-12-05 14:15:22 +00:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
A Galway 0328e3f815 Land #14359, gives preference to default target options 2020-11-13 14:44:13 +00:00
William Vu 67ae309896 Set plat/arch in saltstack_salt_unauth_rce targets 
Looks like I forgot this, and it affects compatible payloads.
 2020-11-11 13:09:26 -06:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
Spencer McIntyre 659137da94 Remove the DRuby remote code execution module 2020-11-02 08:32:52 -05:00
Spencer McIntyre ba17a5d67f Apply rubocop fixes for the DRuby RCE module 2020-10-22 12:35:35 -04:00
Spencer McIntyre 8aca08f80b Add the DRuby RCE check method 2020-10-22 12:34:51 -04:00
Spencer McIntyre 34e41e66ec Fix the syscall DRuby target by adding a small delay before execve 2020-10-22 12:18:12 -04:00
Spencer McIntyre 49145bfd31 Don't start the DRuby service, it appears unnecessary 2020-10-22 12:15:39 -04:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
William Vu 36b5d237fa Make cmd/unix target types consistent to :unix_cmd 
There were some using :unix_command, and it was just an oversight.
 2020-07-05 11:16:47 -05:00
Spencer McIntyre a27bf9df38 Fix some grammatical mistakes and set a default target for anydesk 2020-07-01 15:27:33 -04:00
Spencer McIntyre bb33bc9c62 Randomize the bad unicode character used to trigger the vulnerability 2020-06-26 13:05:43 -04:00
Spencer McIntyre fb4ec60a30 Apply rubocop linting and add an Ubuntu 20.04 target 2020-06-25 16:18:17 -04:00
Spencer McIntyre f1c4cecf6d Add module docs for CVE-2020-13160 2020-06-17 11:30:41 -04:00
Spencer McIntyre 3edae89496 Add an exploit for CVE-2020-13160 2020-06-17 10:14:35 -04:00
William Vu f60e569c1b Add Cisco CML and VIRL-PE advisory to Salt modules 
Hat tip @brudis-r7!
 2020-05-29 15:24:00 -05:00
William Vu 06f9099d7f Add BASE_DN and ROOT_KEY to vmdir and Salt modules 2020-05-22 11:16:58 -05:00
William Vu 06cae74d51 Note what CheckModule is used to provide a check 
Hat tip @ccondon-r7 for making me realize my standard comment needs to
be reapplied.
 2020-05-11 12:28:02 -05:00
William Vu 83dde571a2 Add VMware vRealize Operations Manager advisory 
Hat tip @brudis-r7!
 2020-05-11 12:05:38 -05:00
William Vu 6e8abd7a40 Add SaltStack Salt unauthenticated RCE module 2020-05-11 12:05:38 -05:00
Alan Foster f2c3fc5f00 Rubocop recently landed modules 2020-04-17 11:55:04 +01:00
Pedro Ribeiro a0c472b039 add comments about reference table 2020-04-09 23:01:27 +07:00
Pedro Ribeiro 600f4efe4a Fix advisory link 2020-04-09 19:05:49 +07:00
Pedro Ribeiro 4ae9c65ecf Optimise exploit 2020-04-09 18:15:27 +07:00
Pedro Ribeiro a90d745fa4 Fix typo and make it Aggressive 2020-04-08 20:05:19 +07:00
Radek Domanski d6755b7221 Remove SSL option 
Busybox wget on the target doesn't support https connections.
 2020-04-08 14:49:49 +02:00
Pedro Ribeiro 33e1c8ffdb Fix issues 2020-04-08 12:26:37 +07:00
Radek Domanski e2e69a5053 Adding exploit for tplink_archer_a7_c7_lan 2020-04-07 19:57:34 +02:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
h00die 9f29f5f419 fix spelling received 2019-10-05 14:40:27 -04:00