adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2936 Commits

Author SHA1 Message Date
giacomo270197 ba76c5702d Code changes, included metasploit version comparison utilities, removed Linux targets 2022-06-14 20:45:35 +02:00
giacomo270197 cb1e72461f Renamed username to email to better reflect the user input nature. Created module documentation under /documentation/modules/exploit/multi/http/qdpm_authenticated_rce.md 2022-06-14 10:35:43 +02:00
giacomo270197 c906cf8fa2 Fixed EDB reference 2022-06-13 17:41:34 +02:00
bwatters 3875db78ae Land #16644, Add Exploit for CVE-2022-26134 (Confluence RCE) 
Merge branch 'land-16644' into upstream-master
 2022-06-07 16:00:37 -05:00
Spencer McIntyre 1a06f69f95 Works through v7.18 now too 2022-06-06 22:03:21 -04:00
Spencer McIntyre 45c646afea Refactor #encode_ognl 2022-06-06 18:15:44 -04:00
Spencer McIntyre 2c0e034a18 Fix a couple of typos 2022-06-06 18:14:05 -04:00
Spencer McIntyre f55334f0fe Add version detection 2022-06-03 18:26:04 -04:00
Spencer McIntyre 76ec36a091 Remove the Windows targets for now 2022-06-03 16:50:13 -04:00
Spencer McIntyre 29a9ef686a Finish up a draft of the module 2022-06-03 16:47:02 -04:00
Spencer McIntyre cd6bbeb0ba WIP module 2022-06-03 15:27:13 -04:00
Kert Ojasoo 1dc61d02eb Update php_fpm_rce.rb 2022-06-03 11:23:53 +03:00
Christophe De La Fuente 474116d413 Land #16611, DotCMS File Upload to RCE Module (CVE-2022-26352) 2022-06-02 15:30:10 +02:00
jheysel-r7 97caca4f6e Update modules/exploits/multi/http/dotcms_file_upload_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-06-01 10:54:02 -04:00
Jack Heysel bea4207c62 Land PR #16607 - MyBB RCE Module (CVE-2022-24734) 
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
 2022-05-31 11:59:53 -04:00
Jack Heysel 2c02a607ee Responded to PR feedback 2022-05-30 14:46:54 -04:00
Christophe De La Fuente b996f5ee49 Fixes from code review 2022-05-30 16:24:18 +02:00
Christophe De La Fuente 1f304ef2c4 Add module exploit for MyBB RCE - CVE-2022-24734 2022-05-23 17:27:20 +02:00
Jack Heysel 3afb9b2ffe dotCMS file upload to RCE module 2022-05-20 15:57:22 -04:00
Jack Heysel 4f4287eb6b Module working on linux 2022-05-19 09:37:48 -04:00
Spencer McIntyre 19a9ff1198 Update a couple of modules for the new SMB server 2022-05-16 14:39:45 -04:00
adfoster-r7 0196b6fa75 Land #16555, move duplicated retry_until_truthy code into centralized location 2022-05-16 18:31:57 +01:00
Spencer McIntyre 1aceb71971 Rename the function to emphasize truthy 2022-05-13 09:16:01 -04:00
adfoster-r7 6a1fe27406 Land #16442, add vars_form_data to the HTTP client 2022-05-13 10:53:16 +01:00
Spencer McIntyre 05fcbd803e Add a new Retry mixin 2022-05-11 15:41:37 -04:00
adfoster-r7 e4f42d7eaa Update more modules to use the vars_form_data api 2022-05-11 18:18:21 +01:00
bwatters 92715c883f Land #16423, Add module for exploit CVE-2022-22965 
Merge branch 'land-16423' into upstream-master
 2022-05-10 08:44:06 -05:00
Spencer McIntyre ece5e2699a Automatically identify the HTTP method 2022-05-05 10:24:04 -04:00
Spencer McIntyre 7faac7faa4 Update the JSP file to delete itself 2022-05-02 14:34:51 -04:00
Spencer McIntyre 3bdb8e02e2 Use an exponential backoff to retry 2022-05-02 12:30:43 -04:00
Spencer McIntyre 0f8a35e4d3 Whitespace, grammar and timing changes 2022-05-02 10:45:21 -04:00
Jack Heysel 2b8ea72e51 Added autocheck fixed execute_payload method 2022-04-28 08:55:17 -07:00
vleminator 1185cfd99f Add support for payload dropper with windows path (backslash) 2022-04-28 00:02:19 +02:00
vleminator 6c75b7efcb Add WriteableDir as an advanced module option 2022-04-27 23:38:51 +02:00
vleminator 868d35a1ed bugfix encoding of the jsp payload dropper 2022-04-27 23:35:31 +02:00
vleminator 71eb6e6fb6 Refactor code to improve readability and remove unused code 2022-04-27 23:32:36 +02:00
Jack Heysel 5b82a978ea Added reference removed default payload 2022-04-27 09:48:21 -07:00
Jack Heysel 253cb8580a Responded to comments added retry_until_true 2022-04-27 09:45:18 -07:00
vleminator f57bdabb41 Refine the check method to perform less-invasive exploit validation 2022-04-27 14:05:47 +02:00
Jack Heysel a941fea26a Removed unused import added target_uri 2022-04-26 14:11:10 -07:00
Jack Heysel a8ae08d138 Updated authors 2022-04-26 13:55:59 -07:00
Jack Heysel 86ff080d31 Merge branch 'wso2-file-upload-rce' of github.com:jheysel-r7/metasploit-framework into wso2-file-upload-rce 2022-04-26 13:53:17 -07:00
Jack Heysel 1879a7568f Updated authors 2022-04-26 13:52:59 -07:00
jheysel-r7 266d3bb9ca Apply suggestions from @bcoles code review 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-04-26 13:40:25 -07:00
Jack Heysel 691d9fe001 Added Reliability section to Notes 2022-04-26 13:19:34 -07:00
Jack Heysel 76c8e0b65f Added Notes section to module 2022-04-26 13:01:38 -07:00
Jack Heysel 37c8fff523 Rubocop offenses 2022-04-26 12:51:12 -07:00
Jack Heysel ca0be9c145 Add WSO2 file upload RCE module 2022-04-26 12:29:12 -07:00
Brendan Coles 94ed9ae28b Modules: Prefer CVE references over cve.mitre.org URL references 2022-04-19 20:42:23 +00:00
vleminator 2fdcc143c0 Improve usability by turning the payload path into custimizablea module option 2022-04-08 11:10:16 +02:00