adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Christophe De La Fuente 1dfdb619a9 Update from code review 
- Set RPORT default value to 3000
- Use ternary operator
 2021-04-07 19:40:59 +02:00
cgranleese-r7 893de0c45c Land #14987, Update RbMysql to the most recent version 2021-04-07 13:29:43 +01:00
Adam Cammack 6096d0f135 Remove superfluous default_cred? methods 2021-04-07 06:12:25 -05:00
adfoster-r7 258b9d3e28 Land #14998, Change CVE references from CVE Details to NVD 2021-04-07 10:10:55 +01:00
rajvardhan agarwal b1c5afc55b fix rubocop warning 2021-04-06 18:46:07 +05:30
rajvardhan agarwal c23a69dcaf Make suggested changes 2021-04-06 18:43:26 +05:30
rajvardhan agarwal 1088557ce9 fix rubocop warning 2021-04-06 17:51:23 +05:30
rajvardhan agarwal cb0319c849 fix rubocop warning 2021-04-06 17:41:05 +05:30
rajvardhan agarwal c863c324ae Add exploit for CVE-2020-16040 2021-04-06 17:25:27 +05:30
William Vu 4020813b42 Correct broken or redundant CVE references 2021-04-05 13:06:50 -05:00
Shelby Pace cfc6b0a8ba Land #14971, add Apache OFBiz SOAP Deser rce 2021-04-05 11:44:40 -05:00
Shelby Pace a803e1e932 remove spare comma 2021-04-05 09:33:20 -05:00
je5442804 76f89dc4d4 Update apache_druid_js_rce.rb 2021-04-04 21:36:53 +08:00
William Vu 22ae40a072 Remove new AKB reference 
I'm not sure it adds enough value due to the URL format.
 2021-04-03 14:05:45 -05:00
William Vu d020b2fb5f Update f5_icontrol_rest_ssrf_rce for AKB reference 2021-04-03 12:58:42 -05:00
je5442804 80f96f0045 Update modules/exploits/linux/http/apache_druid_js_rce.rb 
Co-authored-by: wvu <wvu-r7@users.noreply.github.com>
 2021-04-03 23:57:22 +08:00
Christophe De La Fuente 401a4ff8c7 Land #14975, Fix uninitialized constant in cve_2020_1054_drawiconex_lpe 2021-04-02 17:23:03 +02:00
Shelby Pace 71914a1ddb Land #14813, additional dup scout bof targets 2021-04-01 13:03:57 -05:00
kalba-security 34a5f7906c Rebase so we can use the latest mixin code,update the version range, update docs 2021-04-01 13:29:44 -04:00
kalba-security faab100d9a Add Nagios XI Mibs.php Authenticated RCE module and docs 2021-04-01 13:06:33 -04:00
kalba-security f76f58eb51 Rebase, use latest mixin code in check, update version and docs 2021-04-01 12:43:44 -04:00
kalba-security dd5c747584 Add Nagios XI snmptrap RCE and docs 2021-04-01 12:26:06 -04:00
kalba-security 02b9e5c939 rebase, use latest mixin code, correct vulnerable versions, update docs 2021-04-01 12:18:46 -04:00
kalba-security 3b7e612541 Add Nagios XI Plugins Filename Authenticate RCE module and docs 2021-04-01 11:23:52 -04:00
kalba-security 2df90d8d23 Rebase, rename module to nagios_xi_plugins_check_plugin_authenticated_rce, update check to take advantage of mixin, minor improvements 2021-04-01 11:07:49 -04:00
Shelby Pace 2cbd1a6be9 Land #14935, add F5 iControl REST API SSRF RCE 2021-04-01 08:40:38 -05:00
kalba-security a02f14f644 Add 'moved_from' alias 2021-04-01 09:26:24 -04:00
kalba-security 0e7c11ada3 Rename module and modify it to use the Nagios XI mixin, add autocheck, fix syntax and linting, also update docs 2021-04-01 09:26:16 -04:00
dwelch-r7 278c56652e Update RbMysql to the most recent code from this gem https://github.com/tmtm/ruby-mysql 2021-04-01 14:17:28 +01:00
je5442804 2ac30a5c61 Update modules/exploits/linux/http/apache_druid_js_rce.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-04-01 07:07:24 +08:00
Shelby Pace 8cdaf9791d Land #14950, add saltstack salt api rce 2021-03-31 14:50:30 -05:00
William Vu cb3f1238f3 Add F5 iControl REST CVE-2021-22986 exploit 2021-03-31 14:02:32 -05:00
William Vu 51200c4b22 Remove CmdStagerFlavor from a couple modules 
Not strictly necessary. We need a better way to limit by platform.
 2021-03-31 12:08:46 -05:00
Christophe De La Fuente 9806026ab9 Update from code review 2021-03-31 17:48:35 +02:00
Christophe De La Fuente 73a8b7aa5f Add Gitea and Gogs RCE modules and documentations 2021-03-31 16:47:29 +02:00
je5442804 b6b7956f0f Add Apache Druid CVE-2021-25646 RCE 2021-03-31 21:11:23 +08:00
Spencer McIntyre d73ec7a751 Remove the CmdStager allow list and randomize the domain 2021-03-31 08:54:37 -04:00
je5442804 21ec87d8bd Add Apache Druid CVE-2021-25646 RCE 2021-03-31 20:43:28 +08:00
Tim W 70c8e802d8 Fix #14974, fix uninitialized constant in cve_2020_1054_drawiconex_lpe 2021-03-31 12:06:15 +01:00
Spencer McIntyre a0a4bc079a Add the exploit module for CVE-2021-26295 2021-03-30 18:18:16 -04:00
ryanpohlner d92d0e59d8 Fixed generic cmd payload not echoing 2021-03-29 20:06:12 -04:00
ryanpohlner c55303863a Fixed payload triggering twice 2021-03-29 18:27:25 -04:00
Spencer McIntyre 9d85af51cb Land #14945, Proxylogon RCE (Praetorian update) 2021-03-29 12:04:19 -04:00
Spencer McIntyre 11f4946817 Tweak some ProxyLogon verbiage for clarity 2021-03-29 10:07:43 -04:00
RAMELLA Sébastien 02b240b22a code review 2021-03-29 14:23:39 +04:00
Christophe De La Fuente fca8bf37e2 Update description & add Stability trait 2021-03-29 11:14:35 +02:00
Christophe De La Fuente 00698d20bf Add waiting status message and update doc 2021-03-26 14:59:27 +01:00
Christophe De La Fuente b069fec866 Add module and doc for Saltstack Salt API wheel_async RCE 2021-03-26 13:54:06 +01:00
RAMELLA Sébastien c64b1b200e remove ClientID, seem useless 2021-03-26 16:37:08 +04:00
William Vu fb387d940d Land #14946, fail_with corrections for two modules 2021-03-26 01:51:14 -05:00