adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
h00die-gr3y 7f35abff86 fixed the invalid character at the store_valid_credential‎ function 2023-07-18 08:38:06 +00:00
h00die-gr3y 0ff2ca4f40 updates based on latest comments 2023-07-16 18:43:21 +00:00
Guilhem RIOUX 84ad51b5c7 rubocop 2023-07-16 05:38:51 +02:00
H00die.Gr3y f608424242 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-15 12:02:22 +02:00
bwatters b15d595de2 Adjust files to be better shared 2023-07-14 12:47:04 -05:00
Jack Heysel 10c1b79c37 Land #17861, pfSense Config Data RCE as root 
This module exploits a vulnerability in pfSense version
2.6.0 and below which allows for authenticated users to
execute arbitrary operating systems commands as root.
 2023-07-12 14:32:06 -04:00
emirpolatt 34f25fbb65 pfSense Config Data Remote Command Execution as root (CVE-2023-27253) Module 2023-07-12 13:27:02 -04:00
Guilhem7 a9a6b03979 Update modules/exploits/multi/php/jorani_path_trav.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-11 09:28:20 +02:00
Guilhem7 56619e6da3 Update modules/exploits/multi/php/jorani_path_trav.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-11 09:28:14 +02:00
Guilhem7 8d08a2a144 Update modules/exploits/multi/php/jorani_path_trav.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-11 09:28:05 +02:00
adfoster-r7 5cb5c18550 Land #18170, Add module for SmarterMail Build 6985 - dotNET Deserialization Remote Code Execution (CVE-2019-7214) 2023-07-10 23:56:09 +01:00
Jeffrey Martin 3635ce9c03 update reference format for entry in rapid7.com 2023-07-10 16:54:42 -05:00
h00die-gr3y c34779a5f1 updates based on comments of jvoisin and adfoster-r7 2023-07-09 12:20:58 +00:00
ismaildawoodjee e61342afac Proper error handling for closing TCP socket and used Rex exceptions 2023-07-09 07:25:09 -04:00
h00die-gr3y 8edbf73b6f first release exploit module 2023-07-08 09:48:17 +00:00
ismaildawoodjee 1706812099 Implemented requested changes 
* Small fixes in Description - removed backticks
* Implemented Windows Command target
* Removed PowerShell Stager, in Targets and in exploit method
* Implemented Rex::Socket::Tcp in place of TCPSocket

* Updated TARGET section in documentation
* Added TARGET 0 - Windows Command scenario
* Removed PowerShell Stager scenario
* Replaced 'Using configured payload' lines to use Windows Command payload
  for the 2nd, 3rd, and 4th scenarios. Did not rerun the scenarios, however
 2023-07-07 04:14:20 -04:00
Ismail Dawoodjee f959dee046 Change module name 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-07-06 18:50:44 +03:00
ismaildawoodjee 591fee1850 Fix msftidy complaining about https:// URL scheme in Line 2 2023-07-06 11:01:54 -04:00
ismaildawoodjee ad0d3e79a9 SmarterMail RCE module and documentation 2023-07-06 08:00:28 -04:00
Jack Heysel f1b5cd46f4 Apache RocketMQ update config RCE 2023-07-05 12:38:51 -04:00
Grant Willcox 3ab7b3ddc7 Add in autocheck and expand check logic for Windows 11 targets 2023-06-30 16:41:03 -05:00
Grant Willcox 17ffd4e0f6 Add in description about why versions after 22000.194 aren't affected 2023-06-30 16:40:53 -05:00
Wrathdemon 7870bfe94e fix #15890: Support Windows 11 in Capcom.sys LPE Module 2023-06-30 16:40:43 -05:00
adfoster-r7 085943bd78 Add Ruby 3.3.0-preview1 to test suite 2023-06-29 22:53:17 +01:00
Guilhem RIOUX 068a81a638 First remove the check after the triggering payload as it is not reliable. Adding the documentation after checking it with the dev tool 2023-06-28 08:53:50 +02:00
Grant Willcox 1b7e1343f8 Fix up some points noted during review 2023-06-27 11:32:44 -05:00
Grant Willcox c11dd0efc4 Fix up RuboCop errors 2023-06-27 11:23:41 -05:00
Guilhem RIOUX 8cae031d97 update after rubocop and advice 2023-06-27 16:08:55 +02:00
Jack Heysel bf1e6bddd1 Land #18134, Add exploit for CVE-2023-25194 
This exploits a Java deserialization vulnerbility
in Apache Druid which arises from a JNDI injection
within Apache Kafka clients.
 2023-06-23 16:52:04 -04:00
Heyder Andrade b026b38851 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-06-23 09:36:50 +02:00
Spencer McIntyre b5e028b47c Land #18100, Add MOVEit CVE-2023-34362 2023-06-22 14:23:44 -04:00
Spencer McIntyre dfd450561e Tweak some messages and cleanup markdown table 2023-06-22 14:23:25 -04:00
bwatters a05bde217c Ensure any users we create are deleted 2023-06-22 12:18:07 -05:00
Redwaysecurity.com 77bb6759a6 Review suggestions 2023-06-22 18:12:13 +02:00
bwatters 5f667e1d79 Address code review 2023-06-22 10:22:43 -05:00
bwatters a2c2a9193f Update error catching logic 2023-06-22 08:27:44 -05:00
dwelch-r7 e298788a28 Land #18049, Update jenkins login scanner to work with newer versions 2023-06-22 14:04:24 +01:00
Redwaysecurity.com a8332e6064 Added exploit for CVE-2023-25194 2023-06-22 14:17:32 +02:00
Jeffrey Martin 1b562dd02b Revert "Improve AMSI bypass on new Windows" 
This reverts commit f97ab80224, reversing
changes made to c8f942cc03.

This change impacted the default `psexec` powershell target and needs further
testing to be reintroduced.
 2023-06-21 16:35:41 -05:00
bwatters 2adea08f67 Add documentation & code cleanup 2023-06-21 15:41:50 -05:00
bwatters 52907ac794 Add space limitation 2023-06-21 12:56:59 -05:00
bwatters 10c6e6328f Add user cleanup and update error handling 2023-06-21 12:00:34 -05:00
bwatters 9d16b0043b Add check method 2023-06-21 11:26:04 -05:00
bwatters 957339b3c0 Simplify output 2023-06-21 08:34:02 -05:00
cgranleese-r7 0609d246f3 adds more future proofing to implementation 2023-06-21 14:19:24 +01:00
bwatters d63c14dc17 Ugly, but working 2023-06-20 20:06:57 -05:00
Guilhem RIOUX 784f76b355 update after rubocop 2023-06-19 14:31:23 +02:00
Guilhem RIOUX 8d7dc7ae26 Add exploit for unauth RCE Jorani 2023-06-19 06:16:07 +02:00
Ashley Donaldson 381d291da9 Use revision in MSF modules 2023-06-16 10:07:35 +10:00
bwatters d5a986a4bc Fix copy/pasta 2023-06-15 08:34:30 -05:00