adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
eu 6a260f60e0 Initial commit 2023-09-07 13:53:42 +02:00
Ron Bowes b12fe743d0 Resolve PR comments 2023-09-06 14:11:29 -07:00
Jack Heysel cf62d3fa78 rubocop 2023-09-06 15:47:54 -04:00
Jack Heysel 31d5f8e128 Responded to comments 2023-09-06 15:40:43 -04:00
Jack Heysel 482fdefb2c Land #18313, SolarView Compact unauth RCE module 
This PR adds a SolarView Compact unauth RCE module.
 2023-09-05 17:49:28 -04:00
jheysel-r7 03ccb3cce0 Apply grammatical suggestions from code review 2023-09-05 17:06:01 -04:00
bwatters 91e7af4370 Added check, some stealth, and cleaned code 2023-09-05 14:29:13 -05:00
xaitax ac91516cc9 Update winrar_cve_2023_38831.rb 2023-09-04 20:25:20 +02:00
xaitax b0fa4cc266 Update winrar_cve_2023_38831.rb 2023-09-04 19:54:43 +02:00
xaitax d5f355d8de WinRAR 6.22 (CVE-2023-38831) 2023-09-04 18:56:22 +02:00
Ege Balcı 4088276b36 Adjust option name 2023-09-04 16:46:14 +02:00
h00die c6a2652861 review comments 2023-09-01 20:34:35 -04:00
Ege Balcı c2fc371721 Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:59:03 +00:00
Ege Balcı 9044588971 Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:53:40 +00:00
Ege Balcı f96ca4429a Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:53:31 +00:00
Ege Balcı 20a22f1baf Fix check, randomize JSP name, ditch backup 2023-09-01 03:46:58 +02:00
Ege Balcı 757e942ac9 Update modules/exploits/windows/http/lg_simple_editor_rce.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:16:32 +00:00
Jack Heysel 5c12a3e6f4 Remove unused default options 2023-08-31 02:47:40 -04:00
Jack Heysel 3a7ef46d17 Remove platform linux 2023-08-31 02:32:21 -04:00
Jack Heysel 7b8debd58f Tidy up, last minute rubocop 2023-08-31 02:17:35 -04:00
Jack Heysel 9779b1eeae Lexmark Device Embedded Web Server RCE (CVE-2023-26068) 2023-08-30 20:30:14 -04:00
jheysel-r7 68090d0406 Update modules/exploits/linux/http/ivanti_sentry_misc_log_service.rb 
Co-authored-by: wvu <4551878+wvu@users.noreply.github.com>
 2023-08-30 11:46:44 -04:00
Christophe De La Fuente 8217745a85 Land #18257, Apache nifi h2 rce (CVE-2023-34468) 2023-08-30 13:37:37 +02:00
bwatters ccba494e61 Exploit working, still needs to be cleaned up 2023-08-29 18:01:44 -05:00
Jack Heysel a3a7454f74 Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-08-29 15:24:04 -04:00
Jack Heysel b326832bcf Renamed module, rubocop 2023-08-29 13:21:13 -04:00
Ege Balcı 32f9357f7a Update side effects 2023-08-29 18:08:11 +02:00
Ege Balcı 1d9c7fde77 Add LG Simple Editor Unauthenticated RCE (CVE-2023-40498) Exploit 2023-08-29 17:58:43 +02:00
Ege Balcı 44dd8439df Add low version guard and token check 2023-08-29 17:43:21 +02:00
Jack Heysel efd9a69b35 Module returns a Metepreter session 2023-08-29 02:00:35 -04:00
h00die db9bf5f6cd now down to 10 shells! 2023-08-28 17:42:35 -04:00
h00die f467e0747a review comments 2023-08-28 17:39:02 -04:00
Christophe De La Fuente 7fa2586e34 Land #18247, Netgear NMS RCE CVE-2023-38096/8 2023-08-28 11:23:08 +02:00
h00die-gr3y 77a1bbef79 Second release module and documentation 2023-08-28 07:49:40 +00:00
Ege Balcı eaeb2024d3 Merge branch 'master' into vmware_vrli_rce 
Merge for ThriftMessageType
 2023-08-26 22:42:25 +02:00
Ege Balcı 65402ab3ab Update stability to CRASH_SAFE 2023-08-26 18:55:31 +02:00
Ege Balcı 047a1c9e03 Remove TRA (Tenable vuln ID) 2023-08-26 18:45:42 +02:00
Ege Balcı ed01948ffe Randomize buffer + use make_nops 2023-08-26 18:43:07 +02:00
Ege Balcı 721d5cfaa1 Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-26 16:27:21 +00:00
Ege Balcı 06ab901397 Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-26 16:27:12 +00:00
Ege Balcı 08de344f81 Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-26 16:26:54 +00:00
bwatters c69e983b30 Add module to create directory structures and upload/run exploit 2023-08-25 15:41:25 -05:00
Ege Balcı a971867ca6 Add Ivanti Avalanche MDM Buffer Overflow Exploit (CVE-2023-32560) 2023-08-25 19:26:06 +02:00
h00die b529814563 fix sideeffects/reliability 2023-08-24 16:28:05 -04:00
h00die 5382eb22d1 kibana exploit 2023-08-24 16:08:08 -04:00
Christophe De La Fuente a037d16b66 Land #18233, Chamilo unauthenticed RCE [CVE-2023-34960] 2023-08-24 11:49:40 +02:00
h00die-gr3y 3612030cee first release of module 2023-08-23 22:07:58 +00:00
Ismail Dawoodjee 009721b3c7 Merge branch 'rapid7:master' into apache_airflow_dag_rce 2023-08-23 22:13:20 +08:00
Christophe De La Fuente bf1b5ffaa3 Land #18272, Bug fix for ColdFusion RCE module - CVE-2023-26360 2023-08-23 16:05:33 +02:00
h00die-gr3y f64b67968f Final minor updates 2023-08-23 11:38:07 +00:00