adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
catatonicprime 0cf5f4cacc More accurate list of side effects. 2023-04-26 16:55:13 +00:00
catatonicprime bcafd22997 Better defaults pattern for TARGETURI. 2023-04-26 16:54:19 +00:00
catatonicprime 8c87660eaa Explicit stance. 2023-04-26 16:53:04 +00:00
catatonicprime 22238a0860 Adding references. 2023-04-26 16:52:26 +00:00
h00die d454b2e195 cve-2023-22809 2023-04-25 20:54:48 -04:00
catatonicprime 8a9871f0d8 Default to a java payload. 2023-04-25 23:57:05 +00:00
catatonicprime a229a0ed86 If you are receiving 200, that is hard-evidence of bypass. Also Fix typo. 2023-04-25 23:34:04 +00:00
catatonicprime 17271f1046 Adding documentation, expanding failure cases. Always struggle in the last mile. Here we go. 2023-04-25 23:00:33 +00:00
catatonicprime 1a823b05f1 Serve jar file for exploit. 2023-04-25 18:36:44 +00:00
h00die e7725e7b6d cve-2023-22809 2023-04-25 04:37:33 -04:00
catatonicprime 20109932fd Command injection PoC working. 2023-04-23 15:30:23 +00:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
adfoster-r7 f35b9e4fa5 Fix crash when running local exploit suggester 2023-04-21 10:13:37 +01:00
catatonicprime 253f4e54bc rough pseudo-coding 2023-04-21 03:53:03 +00:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
Jack Heysel bd286dd147 Added missing require builder statement 2023-04-18 18:10:46 -04:00
Jack Heysel de18ed438a Removed unnecessary require statement 2023-04-18 18:05:11 -04:00
Jack Heysel a2c23d18ef Added require builder statement 2023-04-18 16:01:14 -04:00
h00die-gr3y de9cd59ea5 added pwd derivation and report credential function including updates based on review comments 2023-04-18 19:17:00 +00:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel db853f9a68 Land #17711, SPIP unauth RCE module 
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
 2023-04-17 15:30:03 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
sfewer-r7 e54774fd20 ensure SRVHOST is a routable IP 2023-04-17 13:01:30 +01:00
h00die 4b176c8ef5 fix unified_remote_rce docs 2023-04-16 10:11:01 -04:00
Jack Heysel cda2e9610b Land #17820, optimising the nagiosxi modules 
This PR refactors the authenticated nagiosxi modules and mixins..
 2023-04-14 16:21:26 -04:00
Jack Heysel ace2f42387 Changed ranking to Good 2023-04-14 15:15:40 -04:00
sfewer-r7 5d05754d9b update the AKB URL to reference the changed CVE 2023-04-14 17:44:38 +01:00
sfewer-r7 e6211175b3 rename the files to the correct CVE 2023-04-14 15:52:13 +01:00
sfewer-r7 b5ea420760 On April 12 Adobe reclassified CVE-2023-26360 from an Improper Access Controll vuln to a Deserialization of Untrusted Data vuln. A private report has confirmed that CVE-2023-26359 is a similar yet seperate vuln, so I am changing the CVE associated with these two modules from CVE-2023-26359 to CVE-2023-26360 as we now beliee this is the correct CVE. 2023-04-14 15:49:10 +01:00
h00die-gr3y e0926890ab init commit module 2023-04-14 13:07:12 +00:00
h00die-gr3y 5584685f24 init commit module 2023-04-14 13:05:42 +00:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
dwelch-r7 f9d5459a9c Land #17872, Ensure identify hashes helper is accessible to modules 2023-04-13 16:20:20 +01:00
sfewer-r7 90dacd00ab favor a staged meterpreter payload over the non staged payload as a default 2023-04-13 16:11:19 +01:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
adfoster-r7 8e2169ed47 Ensure identify hashes helper is accessible to modules 2023-04-12 13:28:56 +01:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
Ron Bowes 7dc1faa689 Better error handling, and fix version detection 2023-04-11 09:34:24 -07:00
sfewer-r7 375d9b34f1 make on_request_uri compatible with both command staget and teh generic java target 2023-04-11 14:25:07 +01:00
sfewer-r7 0022d0b8c3 Merge branch 'CVE-2023-26359-java-payload' into CVE-2023-26359 2023-04-11 13:59:37 +01:00
sfewer-r7 1dc8eb2802 remove linemax option from execute_cmdstager as it was artifact from testing and is not needed here 2023-04-11 12:14:28 +01:00
sfewer-r7 296fd6fec7 add in bourne and printf command stager flavors for Linux target 2023-04-11 12:07:49 +01:00
sfewer-r7 70018f7543 add psh_invokewebrequest as a command stager flavor for Windows 2023-04-11 11:57:39 +01:00
sfewer-r7 657c1446c4 dont check these datastore options for empty? as the default values will either be set or an empty value will be detected during configuration validation 2023-04-11 11:41:55 +01:00
sfewer-r7 fa1e7ae016 close all CMFL tags and chain the getRuntime and exec calls for berevity 2023-04-11 11:22:13 +01:00
Jack Heysel a2d2946007 Rubocop 2023-04-07 13:53:12 -04:00
Jack Heysel 18170babc2 Fix RCE payloads and add autorunscript 2023-04-07 13:35:16 -04:00