adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
sfewer-r7 4060e069ed first commit of the ICS exploit 2024-01-16 14:32:48 +00:00
h00die 56a9beb39d ansible review 2024-01-15 17:18:49 -05:00
Jack Heysel f1586f08c3 Changed payload double quote to single 2024-01-15 12:09:41 -05:00
adfoster-r7 0075212fa9 Land #18596, Update smb modules to work with smb sessions 2024-01-15 12:07:07 +00:00
h00die-gr3y e7f2abbf9e Small typo update 2024-01-14 19:26:10 +00:00
Jack Heysel 5e25a99700 Responded to comments 2024-01-12 13:08:32 -05:00
Jack Heysel 6d8666e35b Fixed spacing and removed unused method 2024-01-11 13:13:57 -05:00
Jack Heysel cdc66dd91f Last minute fix 2024-01-11 12:56:01 -05:00
Jack Heysel e44b57249d Merge branch 'wp-backup-migration-php-filter' of github.com:jheysel-r7/metasploit-framework into wp-backup-migration-php-filter 2024-01-11 12:30:42 -05:00
Jack Heysel 5c7061cc0c Remove OS dependant payload 2024-01-11 12:30:04 -05:00
h00die 381b840f11 salt review 2024-01-10 17:19:58 -05:00
h00die e711c9ea43 ansible review 2024-01-10 17:16:57 -05:00
h00die e9296d1add saltstack review 2024-01-10 17:04:03 -05:00
jheysel-r7 43f4705e60 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-09 12:37:59 -05:00
h00die 077cad34ab non-working module 2024-01-08 19:47:24 -05:00
h00die-gr3y 85897a2596 update adding aarch64 architecture and some new targets 2024-01-06 17:26:38 +00:00
h00die 80e9f1b97d saltstack salt-master review 2024-01-06 06:38:59 -05:00
Gaurav Jain 98667edf76 Add suggested changes 2024-01-05 22:31:51 +05:30
h00die-gr3y 94a84960a2 Improved check for v3.x routers to obtain exact version 2024-01-05 16:20:29 +00:00
h00die-gr3y eb902457f2 small update to module for mt6000 vuln test 2024-01-05 13:19:54 +00:00
bwatters cdfa421d15 Land #18515, Add java target for ManageEngine ServiceDesk Plus CVE-2022-47966 
Merge branch 'land-18515' into upstream-master
 2024-01-04 17:25:08 -06:00
Spencer McIntyre 2028fbd226 Land #18404, Working Module for CVE-2023-38146 2024-01-04 12:20:26 -05:00
bwatters f341f72c72 add AKA 2024-01-04 11:11:23 -06:00
h00die-gr3y adf455e8cb Third release of module and documentation 2024-01-04 14:01:37 +00:00
h00die-gr3y b2312c97d3 Second release of module and documentation 2024-01-04 09:26:16 +00:00
h00die-gr3y 9fdac8fd28 First release of module 2024-01-03 19:43:49 +00:00
h00die-gr3y 08c5e6a689 Draft release of module. Not ready for review 2023-12-31 10:19:34 +00:00
Spencer McIntyre 97c3ccc8af Keep the service running when a session is opened 2023-12-29 14:03:27 -05:00
Spencer McIntyre d67d39ace6 Add error checking to #setup 2023-12-29 14:03:23 -05:00
Julien Voisin ed421c21ca Add a way to get the buildid via perf 2023-12-29 17:24:27 +01:00
Kevin Joensen 3b8f684d08 Fixed check module function 2023-12-29 16:18:50 +01:00
Kevin Joensen 2f023f7315 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-29 14:50:47 +01:00
Jack Heysel 11d58ef2e8 Land #18631, Improve vScalation Priv Esc Check 
This PR adds an improvement to the check method of the
vcenter_java_wrapper_vmon_priv_esc module. Before the module
would attempt to run stat on a file before checking if the file
existed on the system. This fixes that issue.
 2023-12-28 13:16:11 -05:00
Jack Heysel 63eb5f2a35 Land #18632, Add improvements to glibc tunables 
This PR adds improvements to the glibc tunables module. In the
event the file command is not present on the target the module
will try to use the readelf command in order to get the ld.so
BuildID to determine whether or not the target is compatible with
exploit.
 2023-12-28 12:41:52 -05:00
Gaurav Jain d0beea91bd Add exploit for CVE-2022-42889 2023-12-25 00:43:50 +05:30
h00die 357bdc8c10 ansible post library 2023-12-24 11:49:27 -05:00
h00die b654275ec4 add saltstack lib 2023-12-23 13:52:52 -05:00
h00die 11c12fcb6d review comments 2023-12-23 13:23:34 -05:00
h00die e72242949e review comments 2023-12-23 12:22:57 -05:00
h00die a5698f6aa6 review comments 2023-12-23 12:18:06 -05:00
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Balgogan 0a2dea523f Add suggested changes 2023-12-22 00:04:54 +01:00
bwatters ce43db0904 Fix TBDs and give better documentation. 2023-12-21 16:18:36 -06:00
h00die-gr3y 4c404765a4 Final update to the module based on cdelafuente-r7 comments 2023-12-21 12:06:21 +00:00
h00die 91c58ba268 asan local better check 2023-12-20 21:00:17 -05:00
h00die 526da210ad asan local better check 2023-12-20 20:58:00 -05:00
bwatters 6f17088e33 Fix some linting 2023-12-20 16:44:49 -06:00
Jack Heysel eeb74cd5e1 Updated metadata 2023-12-20 16:49:45 -05:00
Jack Heysel e3062d45e0 Module working docs updated 2023-12-20 16:41:52 -05:00
jvoisin fc66cd1522 Improve a bit glibc_tunables_priv_esc 
- Fix some typos
- Add a check via `readelf` should `file` not be available
- Add a message before launching the exploit, since it might take some time to finish.
 2023-12-20 20:59:47 +01:00