adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
adfoster-r7 908f7ad3f3 Land #17972, updates to some of the example modules to keep them in line with framework changes 2023-05-09 18:46:25 +01:00
space-r7 d1e3ce1183 add Ivanti Avalanche file upload 2023-05-08 17:41:52 -05:00
h00die 12911d10fb review comments 2023-05-08 15:25:31 -04:00
Grant Willcox f773d348e1 Add in notes about reliability of the module, and also add documentation on 7005 test on Windows 2022 2023-05-08 12:11:01 -05:00
h00die 0ace550537 small updates to example modules 2023-05-07 13:02:30 -04:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
catatonicprime c69ca39748 consistent indenting 2023-05-06 05:07:59 +00:00
catatonicprime 0448d408ea Match wording from "How to write a module using HttpServer and HttpClient" on docs.metasploit.com 2023-05-06 04:58:50 +00:00
catatonicprime af3c482acd heh, I probably should have tested that too 2023-05-06 04:55:23 +00:00
catatonicprime e37e506fe2 heh, I probably should have tested this 2023-05-06 04:37:43 +00:00
space-r7 f04dababa2 add upload code 2023-05-05 18:59:46 -05:00
h00die e692e927dc review fixes 2023-05-05 16:43:47 -04:00
catatonicprime f27648799b Adding original ZDI reference. Minor formatting changes. 2023-05-05 18:19:53 +00:00
Catatonic Prime 5f12f0e0ba Apply suggestions from code review 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-05-05 11:07:08 -07:00
ErikWynter b8856bbb87 fix capitalization of Htlm_fileName JSON parram 2023-05-05 09:59:11 +03:00
space-r7 9fa0dac56c add login and path change methods 2023-05-04 18:03:02 -05:00
ErikWynter c088430bd9 improve sanity checks in login method and other code review fixes 2023-05-04 15:12:31 -05:00
Grant Willcox f27fc28411 Perform review updates 2023-05-04 15:12:31 -05:00
ErikWynter 9b596b3efd minor changes 2023-05-04 15:12:31 -05:00
ErikWynter 1c6c1dffc6 final code review fixes 2023-05-04 15:12:31 -05:00
ErikWynter 9fe7db4648 improve status codes handling 2023-05-04 15:12:30 -05:00
ErikWynter 86b7f97421 remove trailing whitespace 2023-05-04 15:12:30 -05:00
ErikWynter aede036b02 additional changes from code review 2023-05-04 15:12:30 -05:00
Grant Willcox 8871b2955b Fix up Active Directory name so we appropriately use uppercase 2023-05-04 15:12:30 -05:00
Grant Willcox ba687c49aa Fix a few typos 2023-05-04 15:12:29 -05:00
ErikWynter a5e86a0c51 code review improvements, including renaming silent param 2023-05-04 15:12:29 -05:00
Grant Willcox 0fd743d851 Add in fixes from code review 2023-05-04 15:12:29 -05:00
ErikWynter dd075d5c99 library improvements after code review, module update 2023-05-04 15:12:28 -05:00
ErikWynter 47d374497a create adaudit plus mixin and move some stuff there 2023-05-04 15:12:27 -05:00
Grant Willcox 3b0d8b850b Fix up some issues identified during review 2023-05-04 15:12:26 -05:00
ErikWynter 9f68a5f8d1 add manageengine_adaudit_plus_authenticated_rce exploit module and docs 2023-05-04 15:12:09 -05:00
h00die 95562e04aa sudoedit work 2023-05-02 18:39:59 -04:00
Christophe De La Fuente 60149259a2 Land #17856, RCE exploit for CVE-2023-26359 (Adobe ColdFusion) and an auxiliary module for arbitrary file read via the same vuln. 2023-04-28 19:27:15 +02:00
Christophe De La Fuente f5b1b96d9a Fix rubocop issues 2023-04-28 16:09:57 +02:00
Christophe De La Fuente 62806caeae Update web_delivery 2023-04-28 16:09:51 +02:00
h00die-gr3y cfb21e3de2 Added CVE-2023-28770 reference 2023-04-28 12:51:17 +00:00
bcoles f6725dfc4e feedback_assistant_root: Check if OSX version is blank in check method 2023-04-28 19:52:15 +10:00
catatonicprime 97a76e3883 linting changes. removing unnecessary success checks. 2023-04-28 00:07:47 +00:00
catatonicprime 4ba8d62d88 Removing unused documentation 2023-04-28 00:02:37 +00:00
catatonicprime c0be991ed8 removing superfluous options 2023-04-28 00:00:57 +00:00
catatonicprime 12f7134cc6 generating payloads on the fly is what we wanted originally 2023-04-27 19:38:12 +00:00
adfoster-r7 4d98499766 Land #17941, Added CVE Identifier to SEC Consult Zyxel Exploit (CVE-2023-28769) 2023-04-27 17:46:38 +01:00
space-r7 63115c9415 Land #17857, add T3S support for weblogic modules 2023-04-27 11:37:37 -05:00
catatonicprime 16ae6b71f4 Use the generated payload as is. 2023-04-27 15:21:21 +00:00
catatonicprime feec15a482 full_uri has what we need for the origin header 2023-04-27 15:07:15 +00:00
Jacob Baines ec5858c198 Added newly assigned CVE identifier 2023-04-27 09:54:48 -04:00
catatonicprime 0be38eb3ab method should do one thing and do it well 2023-04-26 19:32:57 +00:00
catatonicprime 5e93669d75 Enable AutoCheck 2023-04-26 19:28:56 +00:00
catatonicprime 9f6fe964e2 bypass_auth returns the anti-csrf token and vprints active session on success 2023-04-26 18:28:02 +00:00
catatonicprime 8694beebd1 Removing unnecessary search. 2023-04-26 18:17:46 +00:00