adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Ege Balcı e74a68b3fb Make rubocop happy 2023-08-10 10:10:02 +02:00
Ege Balcı 634713ee56 Fix check method and integrate CmdStager 2023-08-10 00:56:44 +02:00
Ege Balcı 85f8333b15 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:27:25 +00:00
Ege Balcı 54ccfc1b8c Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:26:49 +00:00
Ege Balcı a8a7b4eaeb Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:24:38 +00:00
Ege Balcı fade54dc4d Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:24:24 +00:00
Ege Balcı 2c8d6b97fe Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:24:08 +00:00
cgranleese-r7 214c788ce7 Land #18232, metabase setup token rce (cve-2023-38646) 2023-08-09 09:44:53 +01:00
wvu 03c99660db Update pam_username_bof.rb 2023-08-09 00:22:57 -05:00
h00die f125ad8870 review comments 2023-08-08 17:44:35 -04:00
h00die 7b024f21bd apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die 5cdac38ac0 apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die e8ce0454cd review comments 2023-08-08 17:16:57 -04:00
h00die dca125963c metabase review comments 2023-08-08 17:16:57 -04:00
h00die f30c996340 remove comment 2023-08-08 17:16:56 -04:00
h00die 9516592eb6 metabase setup token rce 2023-08-08 17:16:56 -04:00
h00die 7ceeb9f8de review comments 2023-08-08 17:15:22 -04:00
h00die 67ea97d686 set right port 2023-08-08 17:15:22 -04:00
h00die 06a4433e2a review comments 2023-08-08 17:15:22 -04:00
h00die 97daf47269 h2 web interface shell 2023-08-08 17:15:22 -04:00
Ege Balcı 340e4c0117 Make rubocop happy 2023-08-08 20:54:40 +02:00
Ege Balcı 169ce82ea7 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-08 18:37:23 +00:00
Ege Balcı 7217eda1eb Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-08 18:37:15 +00:00
Ege Balcı 95bb5a1e09 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-08 18:37:08 +00:00
Ege Balcı d1f9f540c6 Add VMware vRealize Log Insight RCE exploit 2023-08-08 20:32:38 +02:00
sfewer-r7 85ab3113c2 bug fix for issue 18237. ColdFusion configured with a Development profile behaves slightly differently than ColdFusion deployed in a Production profile, so we need to test for some different return values during exploitation. 2023-08-08 14:47:14 +01:00
Spencer McIntyre baa0f3d5e3 Switch the fingerprint resource for v12 compat 
Switching to use citrix-fonts.css allows the technique to work for 12.x
and 13.x.
 2023-08-08 08:57:17 -04:00
Spencer McIntyre 72092392e9 Fix check method for v12, add automatic targeting 2023-08-08 08:57:11 -04:00
Ege Balcı 2abd826291 Update side effects and options 2023-08-08 00:44:19 +02:00
Ege Balcı 3b7653c08e Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-07 22:30:51 +00:00
Ege Balcı 79e009a03f Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-07 22:30:25 +00:00
Ege Balcı 6225df80e9 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-07 22:23:15 +00:00
Spencer McIntyre 760bc3fbfb Add a target for 12.1-64.17 2023-08-04 16:21:21 -04:00
Ege Balcı 41f0c30855 Add RaspAP Unauthenticated Command Injection (CVE-2022-39986) Exploit 2023-08-04 21:22:07 +02:00
Spencer McIntyre c3324ab002 Add a target for 12.1-65.25 2023-08-04 15:14:24 -04:00
bwatters 2f9e5cd332 Update info hash 2023-08-04 11:16:38 -05:00
bwatters e8456a6625 Add documentation and fix null filename catch 2023-08-03 18:30:20 -05:00
bwatters d3b7bcd676 Working 2023-08-03 13:23:41 -05:00
Christophe De La Fuente 4a7836055e Land #18211, Subrion CMS v4.2.1 RCE 2023-08-03 19:03:44 +02:00
Christophe De La Fuente 00006fffae Land #18240, Citrix RCE - CVE-2023-3519 2023-08-03 18:55:48 +02:00
Spencer McIntyre 67e1c57b7c Fix some buffer encoding issues 2023-08-03 12:47:14 -04:00
bwatters 59e3760509 First attempt at CVE-2023-34634 2023-08-03 10:58:07 -05:00
Jack Heysel 29c2361a9c Module clean up, docs, metadata, rubocop 2023-08-02 18:53:20 -04:00
Spencer McIntyre 930c90c3ac Update all targets so the stack can be relocated 2023-08-02 14:49:04 -04:00
Spencer McIntyre b365ab7d10 Add a target for 13.1-37.38 2023-08-02 13:57:53 -04:00
Spencer McIntyre 5d0b6e1fbc Add a target for 13.0-91.12 2023-08-02 12:48:34 -04:00
Ege Balcı 329920eeb2 Add Netgear NMS RCE (CVE-2023-38096/8) exploit 2023-08-02 18:03:57 +02:00
ismaildawoodjee 19dcc2d674 Move module and documentation from linux/http to multi/http 2023-08-02 10:10:27 -04:00
Ismail Dawoodjee 888091dfe4 Merge branch 'rapid7:master' into subrion_cms_file_upload_rce 2023-08-02 20:21:31 +06:30
Spencer McIntyre eb5be5746c Add a basic check method to detect Citrix 2023-08-01 12:17:30 -04:00