adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

4544 Commits

Author SHA1 Message Date
sfewer-r7 b97cb9f63d remove whitespace 2023-10-17 09:10:28 +01:00
sfewer-r7 1c027ac05c add an RCE exploit for CVE-2023-22515 2023-10-16 20:50:18 +01:00
sjanusz-r7 1140efc8b4 Support adding encrypted files to archives & jars 2023-10-13 14:42:10 +01:00
Spencer McIntyre 86b7ec4518 Address comments from the review 2023-10-12 09:50:19 -04:00
Spencer McIntyre 4f734379d3 Add module docs and print some messages 2023-10-12 09:27:26 -04:00
Spencer McIntyre 0799f9d860 Add a check method and populate module metadata 2023-10-12 09:27:26 -04:00
Spencer McIntyre 7a226ba285 Randomize components in the MAR file 2023-10-12 09:27:26 -04:00
Spencer McIntyre 5a6dc7f9a6 Initial commit of CVE-2023-43654 2023-10-12 09:27:26 -04:00
Spencer McIntyre e7ab983279 Minor code changes 
Changes include:
  * Remove the PAYLOAD key which didn't do anything
  * Add the missing payload size constraint
  * Use #retry_until_truthy
 2023-09-28 13:19:26 -04:00
sfewer-r7 89940e8b08 use the correct naming convention for normal options. 2023-09-28 16:36:18 +01:00
sfewer-r7 9a6e2dab71 improve the check routine to explicitly look for either a header value or a cookie value that TeamCity is known to set 2023-09-28 16:28:16 +01:00
sfewer-r7 96568bf6d3 typo in comment 2023-09-28 16:05:46 +01:00
sfewer-r7 ad7ff705c7 add in a Linux target 2023-09-28 14:57:02 +01:00
sfewer-r7 fbd5e60cfc add in coverage for CVE-2023-42793. Currently only a Windows target. 2023-09-28 12:31:59 +01:00
eu b1de44d892 Fix code styling 2023-09-22 16:51:49 +02:00
eu 4044835a64 Improve the cleanup method 
- The cleanup methos is deleting the job and removing the app directory
- Added a change dir command as an AutoRunScript just to avoid the error when trying to access the current directory in the session
 2023-09-22 15:45:40 +02:00
eu 47d8e4de04 Remove ReturnOutput option 
TODO: distinguish commands that return output and commands that don't
 2023-09-22 11:52:14 +02:00
eu ffb34b05ef Adherence to code review 2023-09-15 16:55:05 +02:00
Heyder Andrade 766766be78 Apply suggestions from code review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-09-14 16:13:10 +02:00
eu 54a7b55eb4 Fix code style 2023-09-14 15:05:41 +02:00
eu 401c775336 Rename module 2023-09-13 17:19:42 +02:00
Christophe De La Fuente a33f03d100 Land #18302, Sonicwall rce CVE-2023-34124 2023-09-08 11:48:07 +02:00
eu 6a260f60e0 Initial commit 2023-09-07 13:53:42 +02:00
Ron Bowes b12fe743d0 Resolve PR comments 2023-09-06 14:11:29 -07:00
Christophe De La Fuente 8217745a85 Land #18257, Apache nifi h2 rce (CVE-2023-34468) 2023-08-30 13:37:37 +02:00
h00die f467e0747a review comments 2023-08-28 17:39:02 -04:00
Christophe De La Fuente bf1b5ffaa3 Land #18272, Bug fix for ColdFusion RCE module - CVE-2023-26360 2023-08-23 16:05:33 +02:00
Ron Bowes 4b130f5be7 Change a variable name 2023-08-22 09:00:31 -07:00
h00die 1bd14dd8f4 error handling for apache modules 2023-08-21 18:12:26 -04:00
Ron Bowes 1bbf8194ce Remove more unnecessary arguments 2023-08-21 14:45:09 -07:00
Ron Bowes 79fa3dea8b Fix a variable name 2023-08-21 14:32:06 -07:00
Ron Bowes b1c1f705be Remove some unneeded arguments 2023-08-21 14:30:25 -07:00
Ron Bowes 6dd89a513b Make some changes from jvoisin's suggestions in the PR 2023-08-21 14:26:34 -07:00
Ron Bowes f5908a5818 Add a comment 2023-08-21 08:53:52 -07:00
Ron Bowes ce50cfa11a Add module for SonicWall vulns, which includes cve-2023-34124 2023-08-21 08:53:07 -07:00
h00die a45792877a lib and spec updates 2023-08-20 19:37:22 -04:00
Jack Heysel 5fdc9924d5 Land #18123, add exploit for Jorani unauth RCE 
This PR adds a module that chains together a log poisoning LFI,
redirection bypass and a path traversal vulnerability to obtain unauth RCE.
 2023-08-18 16:44:42 -04:00
jheysel-r7 0334d28553 Apply final suggestions from code review 2023-08-18 15:40:58 -04:00
jheysel-r7 b064578488 Apply suggestions from code review 2023-08-18 15:37:11 -04:00
jheysel-r7 4ddd789f51 Apply suggestions from code review 2023-08-18 15:33:59 -04:00
h00die 7b024f21bd apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die 5cdac38ac0 apache nifi h2 rce 2023-08-08 17:44:35 -04:00
sfewer-r7 85ab3113c2 bug fix for issue 18237. ColdFusion configured with a Development profile behaves slightly differently than ColdFusion deployed in a Production profile, so we need to test for some different return values during exploitation. 2023-08-08 14:47:14 +01:00
ismaildawoodjee 19dcc2d674 Move module and documentation from linux/http to multi/http 2023-08-02 10:10:27 -04:00
adfoster-r7 b979217227 Land #18239, Add version numbers to apache nifi rce module 2023-07-31 22:28:52 +01:00
h00die 5d9a65eeb0 version numbers for apache nifi rce 2023-07-31 16:14:57 -04:00
Christophe De La Fuente 56661f49ee Add a comment explaining why the Windows target is disabled 2023-07-31 15:13:35 +02:00
Ege Balcı c509b7b341 Comment out Windows target related lines 2023-07-28 17:06:21 +02:00
Ege Balcı 225a33995a Merge branch 'rudder_server_sqli_rce' of github.com:egebalci/metasploit-framework into rudder_server_sqli_rce 2023-07-28 00:54:29 +02:00
Ege Balcı 6b11439fa1 Remove basic auth and API_USER/PASS options 2023-07-28 00:44:44 +02:00