adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
catatonicprime 3875947f7d Removing unnecessary assignment 2023-05-31 19:17:30 +00:00
Catatonic Prime 6351c66b1e Update modules/exploits/multi/http/papercut_ng_auth_bypass.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-05-31 08:56:13 -07:00
Catatonic Prime 6ad9ebb5c0 Update modules/exploits/multi/http/papercut_ng_auth_bypass.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-05-31 08:48:53 -07:00
catatonicprime 530ed911f4 Fixing ZDI ID 2023-05-30 19:03:01 +00:00
catatonicprime b376dac34b okay linter 2023-05-30 18:40:59 +00:00
catatonicprime cbf850b2b7 Apparently the comment after the rescue squelchs the linter. 2023-05-30 18:38:48 +00:00
Christophe De La Fuente 7bde39ae73 Fixes from code review 2023-05-30 13:26:56 +02:00
Ashley Donaldson 75ba9110e2 Added module for Windows version comparisons 
Utilised it in various existing modules - this should fix some subtle bugs in specific modules' version detection.
 2023-05-25 14:36:46 +10:00
Grant Willcox 7ca7c6aee1 Slight efficiency improvements 2023-05-24 17:36:39 -05:00
Grant Willcox e80987ea59 First round of updates from review 2023-05-24 13:17:49 -05:00
Grant Willcox e78cf054b8 Add in EITW notes 2023-05-24 13:17:49 -05:00
Grant Willcox 84961e6e09 Add in documentation 2023-05-24 13:17:49 -05:00
Grant Willcox 9e8d1ed2ea Add in Java class file, raw source code, and tidy up the module a bit 2023-05-24 13:17:48 -05:00
Grant Willcox 155319d479 Save work 2023-05-24 13:17:48 -05:00
Grant Willcox 3faf96aa9d Check return code on target server responses 2023-05-24 13:17:48 -05:00
Grant Willcox 5ded2adfb5 Add in code initial code to start supporting JNDI loading of remote classes, currently a bit broken though 2023-05-24 13:17:47 -05:00
Grant Willcox d00d339de5 Initial copy with JNDI connection back to LDAP server. 2023-05-24 13:17:47 -05:00
Spencer McIntyre 9e38ed4459 Land #17929, Linux sudoedit LPE (CVE-2023-22809) 
Linux sudoedit priv esc (CVE-2023-22809)
 2023-05-23 09:30:18 -04:00
sfewer-r7 0205bb36d3 change ranking to GreatRanking as stability is CRASH_SERVICE_RESTARTS 2023-05-22 20:09:11 +01:00
sfewer-r7 6b101b5a4d make rubocop happy 2023-05-22 18:03:58 +01:00
Spencer McIntyre f464401dde Land #17782, Add fetch payloads 
Add http wget cmd based fetch payload for Linux and Windows
 2023-05-18 12:18:27 -04:00
bwatters 548a2d7ab4 Add fetch payloads for Windows and Linux x64 2023-05-18 10:47:29 -05:00
space-r7 6c88e85d02 Land #17993, add invscout RPM privesc 2023-05-17 18:56:42 -05:00
bcoles 0bc1fdf51d Add invscout RPM Privilege Escalation 2023-05-17 20:17:55 +10:00
h00die 2ca5ca1f63 stronger grep 2023-05-16 16:18:14 -04:00
Grant Willcox 459cf871cb Land #17979, Add exploit for Ivanti Avalanche file upload - CVE-2023-28128 2023-05-16 09:19:33 -05:00
h00die 6bee4f56d9 updates from review 2023-05-13 15:49:11 -04:00
Grant Willcox 560fc9000b Fix up checks on responses to make sure they are more robust checks 2023-05-12 16:08:47 -05:00
Grant Willcox 3b2d23eeae Fix up check method, unduplicate fail_with messages to make them unique, and add @cleanup_needed so we can check if cleanup is needed to avoid unnecessary messages when just checking if the target is vulnerable or not 2023-05-12 14:14:40 -05:00
bcoles 004a72c32e ibstat_path: Use AutoCheck, add Notes, resolve Rubocop violations 2023-05-13 01:27:53 +10:00
space-r7 722de33b6f address feedback, use cleanup to restore path 
fix bug where if config restore failed, module would
output that it was both a failure and a success
add akb topic as reference
 2023-05-11 13:20:25 -05:00
catatonicprime a445b07233 removing unnecessary call to payload_uri 2023-05-11 16:35:53 +00:00
Shelby Pace 131f2519bc Update modules/exploits/windows/http/ivanti_avalanche_filestoreconfig_upload.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-05-11 10:48:48 -05:00
Grant Willcox 020ee7ca5c Land #17964 - Pentaho Business Server Auth Bypass and SSTI - CVE-2022-43769 and CVE-2022-43939 2023-05-11 09:28:55 -05:00
catatonicprime d50bd24c2f Adding config cleanup. 2023-05-11 04:57:57 +00:00
catatonicprime cb2c6a7d80 Prevent bypass_auth from being called twice when AutoCheck is true 2023-05-11 00:34:47 +00:00
Grant Willcox 9f6a1c18a1 Minor updates to fix URLs, disclosure date, description, and minor gramatical things 2023-05-10 18:22:00 -05:00
Grant Willcox 9f0a6503b7 require.js is not the only way, account for this new discovery in code 2023-05-10 13:02:02 -05:00
Grant Willcox 5d4e68d36c Add Metasploit payload example and remove message that may suggest successful exploitation occurred even when it didn't 2023-05-10 10:36:29 -05:00
Grant Willcox 1b8f1de7c8 Add in fixes from review, add archive of software, and use uri_encode_mode for encoding parameters. 2023-05-10 10:16:08 -05:00
space-r7 e514de9aef add comment about jsf substitution 2023-05-10 09:13:01 -05:00
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
h00die-gr3y 4f8024454c Updates based on cdelafuente-r7 latest comments 2023-05-10 07:46:11 +00:00
catatonicprime c5b0bc68d7 Improved automatic targeting, tested back to major version 14 2023-05-09 23:44:46 +00:00
catatonicprime eff189f221 Ensuring csrf_token is initialized. 2023-05-09 23:43:56 +00:00
catatonicprime 43564b5267 Removing unneeded features/options. 2023-05-09 23:43:30 +00:00
Jack Heysel 79d35ad938 Fixed check method 2023-05-09 14:25:03 -05:00
Jack Heysel eca87ea2eb Updated side effects and fixed fail_withs 2023-05-09 14:25:03 -05:00
Jack Heysel 348750ea70 Updated Authors 2023-05-09 14:25:02 -05:00
Jack Heysel 07056a74bc Pentaho Business Server Auth Bypass and SSTI 2023-05-09 14:24:51 -05:00