adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
btnz-k 267a07166c Updated per R7 requests. 2021-06-03 13:08:08 -07:00
adfoster-r7 34002bcf72 Land #15291, remove unneeded Msf::Post::File mixin from FortiOS module 2021-06-03 16:07:37 +01:00
Shelby Pace 8b737c2c60 Land #15231, add SuiteCRM log file rce 2021-06-03 09:11:00 -05:00
Grant Willcox bd8a96aa23 Apply minor RuboCop edit 2021-06-03 07:57:31 -05:00
Grant Willcox 107a6a3ce2 Fix up module by removing an import that was causing crashes 2021-06-03 07:48:12 -05:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
William Vu 6498554084 Clean up NetMotion Mobility exploit and docs 
Refactor target selection once again.
 2021-06-02 23:47:01 -05:00
Ashley Donaldson 3920c0873c Fix bugs in redis_extractor module 
- Long values were truncated because the network didn't pull enough data, so parsing failed
- Race condition if value was deleted between scan and retrieval of value
- Also support retrieving a subset of keys (e.g. it stores session IDs, there are thousands of them and we only need a few)
 2021-06-03 11:54:02 +10:00
William Vu 37a7ee2e28 Clean up f5_icontrol_rest_ssrf_rce 
Escalate a warning and prefer a variable.
 2021-06-02 20:32:47 -05:00
mcorybillington d2b539e3c9 authentication fix from add cookie jar merge 2021-06-02 16:54:09 -05:00
Shelby Pace 3056e8f946 add cookie jar and AutoCheck 2021-06-02 13:09:33 -05:00
Shelby Pace 187ab078c0 Land #15122, add Cacti sqli to rce exploit 2021-06-01 11:40:23 -05:00
Shelby Pace 598f925fd3 remove extra spaces 2021-06-01 11:37:45 -05:00
pingport80 8d57d9cfec fix localization issue in module linux/gather/ppp_chap_secrets 2021-06-01 21:33:33 +05:30
Spencer McIntyre 74e324e8c1 Land #15260, Add #pidof to Msf::Post::Process 
Add the #pidof method to Msf::Post::Process and update #get_processes to
fallback to the shell version if it fails for some reason.
 2021-06-01 09:53:08 -04:00
pingport80 fe8e586b22 fall to shell when meterpreter fails get_processes 
shift `pidof` to `Msf::Post::Process`
 2021-06-01 18:51:39 +05:30
h00die 3f1bb4b51e rename module, add docs 2021-05-30 14:48:39 -04:00
h00die 0c3a693bef working exploit and docs 2021-05-30 14:37:11 -04:00
h00die d849376ae6 rebase and rubocop 2021-05-29 15:56:50 -04:00
h00die 7e758f8b74 review comments 2021-05-29 15:55:24 -04:00
h00die 825cc9d284 upgraded to meterp 2021-05-29 15:55:24 -04:00
h00die 95331c9ada set default payload 2021-05-29 15:55:24 -04:00
h00die 94d122f573 more suggestions 2021-05-29 15:55:24 -04:00
Alan Foster 38929227d7 Update cacti rce to use cookie jar api 2021-05-29 15:55:24 -04:00
h00die fde3334b70 some review comments 2021-05-29 15:55:24 -04:00
h00die 721a47ad7f cacti 1.2.12 sql to rce 2021-05-29 15:55:24 -04:00
mcorybillington dea7f50d36 Cover log file restoriation in all failure cases 2021-05-29 09:25:10 -05:00
Hakyac 3b06bdc2e1 Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-28 09:01:32 +02:00
M. Cory Billington 1451e9b56b Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:32 -05:00
M. Cory Billington fa1ad1b32e Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:28 -05:00
M. Cory Billington b4f699fb15 Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:23 -05:00
Spencer McIntyre 4ae442496b Land #15267, Shodan search fix for max pages 2021-05-27 09:21:09 -04:00
Yann Castel 61c9b9772e omission of rubocop 2021-05-27 15:09:02 +02:00
Yann Castel d7a8986af9 target_uri + fix targeted_class param + more description 2021-05-27 15:05:27 +02:00
owein 733cd73cfc Fix the shodan search module max pages 2021-05-27 08:53:54 -04:00
mcorybillington 2d9fdb97ad Check that initial request is valid 2021-05-26 12:23:36 -05:00
Hakyac ddcc42b844 Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-26 15:35:04 +02:00
Hakyac 22f25d7a7f Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-26 15:34:54 +02:00
Hakyac d766f89a3f Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-26 15:34:41 +02:00
mcorybillington 57ef94cfdf Remove non boolean return from authentication 2021-05-25 22:55:28 -05:00
mcorybillington 91284db05d Check returned responses on each stage and output status info 2021-05-25 22:49:27 -05:00
mcorybillington ed1f5db48d Check method and authentication fixes 2021-05-25 20:38:32 -05:00
adfoster-r7 f26d0b676a Land #14984 - OSX Post exploitation .gitignore retrieval 2021-05-26 00:50:43 +01:00
Wyatt Dahlenburg eb76aae2a7 Merge branch 'master' of github.com:rapid7/metasploit-framework into hashicorp_nomad 2021-05-25 15:56:13 -05:00
Spencer McIntyre 7c6afc33d2 Update the web_delivery module 2021-05-25 14:38:52 -04:00
Spencer McIntyre 64eeedf218 Land #15246, Refactor as Msf::Post::Process 2021-05-25 13:07:21 -04:00
Spencer McIntyre 8d834afeae Land #15236, Add additional Xen check to checkvm 2021-05-25 11:15:14 -04:00
Jeffrey Martin 5b3edd4cb2 still need to include Msf::Post::File 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-05-25 08:35:55 -05:00
cgranleese-r7 dbd85a8795 Land #15243, Add check method to tomcat ghostcat module 2021-05-25 13:12:22 +01:00
Jeffrey Martin 0cefd8eaa6 refactor post API for process lists 2021-05-24 18:39:16 -05:00