adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Shelby Pace 187ab078c0 Land #15122, add Cacti sqli to rce exploit 2021-06-01 11:40:23 -05:00
Shelby Pace 598f925fd3 remove extra spaces 2021-06-01 11:37:45 -05:00
pingport80 fe8e586b22 fall to shell when meterpreter fails get_processes 
shift `pidof` to `Msf::Post::Process`
 2021-06-01 18:51:39 +05:30
h00die 3f1bb4b51e rename module, add docs 2021-05-30 14:48:39 -04:00
h00die 0c3a693bef working exploit and docs 2021-05-30 14:37:11 -04:00
h00die d849376ae6 rebase and rubocop 2021-05-29 15:56:50 -04:00
h00die 7e758f8b74 review comments 2021-05-29 15:55:24 -04:00
h00die 825cc9d284 upgraded to meterp 2021-05-29 15:55:24 -04:00
h00die 95331c9ada set default payload 2021-05-29 15:55:24 -04:00
h00die 94d122f573 more suggestions 2021-05-29 15:55:24 -04:00
Alan Foster 38929227d7 Update cacti rce to use cookie jar api 2021-05-29 15:55:24 -04:00
h00die fde3334b70 some review comments 2021-05-29 15:55:24 -04:00
h00die 721a47ad7f cacti 1.2.12 sql to rce 2021-05-29 15:55:24 -04:00
mcorybillington dea7f50d36 Cover log file restoriation in all failure cases 2021-05-29 09:25:10 -05:00
M. Cory Billington 1451e9b56b Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:32 -05:00
M. Cory Billington fa1ad1b32e Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:28 -05:00
M. Cory Billington b4f699fb15 Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:23 -05:00
mcorybillington 2d9fdb97ad Check that initial request is valid 2021-05-26 12:23:36 -05:00
mcorybillington 57ef94cfdf Remove non boolean return from authentication 2021-05-25 22:55:28 -05:00
mcorybillington 91284db05d Check returned responses on each stage and output status info 2021-05-25 22:49:27 -05:00
mcorybillington ed1f5db48d Check method and authentication fixes 2021-05-25 20:38:32 -05:00
Wyatt Dahlenburg eb76aae2a7 Merge branch 'master' of github.com:rapid7/metasploit-framework into hashicorp_nomad 2021-05-25 15:56:13 -05:00
Spencer McIntyre 7c6afc33d2 Update the web_delivery module 2021-05-25 14:38:52 -04:00
Shelby Pace 8e4a33f2a2 Land #15223, move TokenMagic validation logic 2021-05-24 14:51:13 -05:00
M. Cory Billington 01a8a6ab30 Remove unrequired reference to msfcore 2021-05-23 12:12:35 -05:00
M. Cory Billington 2757e7163c Remove trailing white space found during msftidy 2021-05-22 18:44:15 -05:00
M. Cory Billington 81c056df3b Removed unused return value 2021-05-22 01:32:17 -05:00
M. Cory Billington 963cea939f Changed request method to preferred method 2021-05-22 01:29:24 -05:00
M. Cory Billington ab5256a106 Use more robust version checking and add missing return statements. 2021-05-22 01:26:28 -05:00
M. Cory Billington 64f9ea0848 Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Change Metasploit download link to https

Co-authored-by: bcoles <bcoles@gmail.com>
 2021-05-22 00:59:23 -05:00
M. Cory Billington f27c0a481c Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-05-22 00:56:44 -05:00
M. Cory Billington e62efe0690 Added module and documentation for SuiteCRM Log File RCE 2021-05-22 00:11:19 -05:00
bwatters 8e1391f098 Land #15216, Fix targeting for CVE-2021-21551 
Merge branch 'land-15216' into upstream-master
 2021-05-21 14:56:08 -05:00
bwatters 72375d1f67 Land #15024, Add RCE Exploit For CVE-2020-0796 (SMBGhost) 
Merge branch 'land-15024' into upstream-master
 2021-05-20 17:02:04 -05:00
Spencer McIntyre a6f650a1a3 Add a clear warning about instability due to KPP 2021-05-20 17:28:14 -04:00
bwatters a89fffade1 Update check method and move it to earlier in the module to prevent crashing 
on windows 7 sp0 targets.
 2021-05-19 15:58:40 -05:00
Wyatt Dahlenburg 359b47a146 AutoCheck + JSON Parsing + WfsDelay 2021-05-19 13:42:59 -05:00
Grant Willcox 133b40de30 Land #15212, Converts Python shebangs over to Python 3 2021-05-19 10:39:09 -05:00
Spencer McIntyre 56388cd696 Land #15146, Add support for extra OSes for CVE-2021-3156 (Baron Samedit) 2021-05-18 18:02:30 -04:00
Spencer McIntyre a8a1cf75b8 Reorder the Fedora targets to be descending 2021-05-18 18:02:12 -04:00
Grant Willcox 47633ac9e6 Land #15205, Fix TLS bug for gitlab file read RCE module to work on TLS enabled GitLab servers 2021-05-18 16:02:04 -05:00
Spencer McIntyre 78d47b11f2 Add targeting for Windows 10 v21H1 2021-05-18 12:56:02 -04:00
Wyatt Dahlenburg 20415172a4 Support additional payload parameters 2021-05-18 09:39:46 -05:00
cgranleese-r7 a894b8cc29 Updates Python shebangs to Python 3 2021-05-18 12:43:04 +01:00
Wyatt Dahlenburg 7427c68057 Add HashiCorp Nomad Job Exploit 2021-05-17 16:16:21 -05:00
William Vu aad4ea8e09 Add check 
Thanks to @adfoster-r7 for the round of golf!
 2021-05-17 13:58:03 -05:00
William Vu 47740c8ac3 Add NetMotion Mobility CVE-2021-26914 exploit 2021-05-17 13:58:03 -05:00
William aee65a6d8d Fix indentation 2021-05-17 23:31:49 +08:00
William 5e04eec4fc Update fix 
Changing the regex to solve the bug

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-05-17 23:27:12 +08:00
William e0f6700a7e Add empty line 2021-05-17 23:10:29 +08:00