adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
h00die 619a46d450 working hashes for apache superset rce 2023-09-14 13:21:01 -04:00
Heyder Andrade 766766be78 Apply suggestions from code review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-09-14 16:13:10 +02:00
h00die-gr3y 094685fa93 second release module 2023-09-14 13:12:33 +00:00
eu 54a7b55eb4 Fix code style 2023-09-14 15:05:41 +02:00
Simon Janusz 8b56dc0117 Land #18250, CVE-2023-28252: Windows CLFS Driver Privilege Escalation 2023-09-14 10:18:29 +01:00
h00die-gr3y 4bb465bcee initial release module 2023-09-13 20:59:53 +00:00
h00die 686d704b37 superset rce wip 2023-09-13 15:26:29 -04:00
Ismail Dawoodjee 930063fe91 Merge branch 'rapid7:master' into apache_airflow_dag_rce 2023-09-13 23:51:47 +08:00
eu 401c775336 Rename module 2023-09-13 17:19:42 +02:00
cgranleese-r7 e82bff37e1 Land #18330, Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-09-13 10:15:59 +01:00
Ismail Dawoodjee 008701f431 Apply suggestions from code review 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-09-13 15:04:52 +08:00
Ashley Donaldson 5c93b3880a Don't add extra PACs for silver tickets 2023-09-13 15:41:09 +10:00
Ismail Dawoodjee 78684dce8d Merge branch 'rapid7:master' into apache_airflow_dag_rce 2023-09-13 09:43:35 +08:00
Spencer McIntyre 28c4902f4a Land #18180, Flask unsign library, related modules 
Apache Supserset Priv Esc (CVE-2023-27524) and Flask unsign Library
 2023-09-12 19:02:30 -04:00
Spencer McIntyre c1cabdf099 Process escape sequences in the wordlist 2023-09-12 16:49:38 -04:00
Jack Heysel b83a49e573 Thanks to Spencer improved execute_command method 2023-09-12 15:14:10 -04:00
Spencer McIntyre 8e8b8ad191 Update nimbus_gettopologyhistory_cmd_exec 2023-09-12 12:21:10 -04:00
Spencer McIntyre 187cca848e Replace the binray blobs 2023-09-12 12:21:10 -04:00
Dean Welch 5713b74cd4 Use constants for LDAP::Auth conditional 2023-09-12 14:41:58 +01:00
Spencer McIntyre ba84c0484c Update the Nimbus module to use the Thrift client 2023-09-11 14:42:54 -04:00
Spencer McIntyre fbf95ecd92 Add and use a Thrift client object 2023-09-11 14:37:38 -04:00
h00die 94657d317b another round of review comments 2023-09-11 14:29:20 -04:00
Jack Heysel b80f9a84e4 Updated check method and reliability 2023-09-11 13:10:57 -04:00
Dean Welch 586f27f44a Fix issue with username generation always adding domain 2023-09-11 16:35:31 +01:00
Dean Welch fc89c9939a Add LDAP login scanner 2023-09-11 16:33:01 +01:00
Dean Welch 8f013d7aef Add ldap login scanner module 2023-09-11 16:33:01 +01:00
h00die 2ed001ced2 light review changes 2023-09-11 10:33:43 -04:00
h00die 235c142274 Merge remote-tracking branch 'origin/flask_unsign' into flask_unsign 2023-09-11 10:27:00 -04:00
Spencer McIntyre f1aea836f3 Land #18273, Add VMware vRealize Log Insight RCE 
Add VMware vRealize Log Insight unauthenticated RCE exploit
 2023-09-08 17:17:23 -04:00
Spencer McIntyre 21dde19511 Make some final tweaks 
Change strings to reference `VMware` using the proper case. Don't
include CmdStager (because it's unnecessary). Set PrependFork to fix
shell payloads. Move CamelCase options to advanced.
 2023-09-08 16:55:42 -04:00
bwatters fdae4953eb Land #18290, Prometheus API & Prometheus Node Exporter Interrogator 
Merge branch 'land-18290' into upstream-master
 2023-09-08 12:55:30 -05:00
Jack Heysel 96a6baa500 Land #17474, Add Windows 11 support for Capcom LPE 
This PR adds support to the Capcom.sys LPE for Windows 11 21H1
 2023-09-08 13:43:07 -04:00
jheysel-r7 0111e55006 Update modules/exploits/windows/local/capcom_sys_exec.rb 2023-09-08 13:05:44 -04:00
Simon Janusz 5e8d00914f Land #18327, fix #18326 (ssl_version module bug when selecting specific ssl version) 2023-09-08 17:11:07 +01:00
Simon Janusz 57f3b8a352 Land #18350, Add opentsdb_key_cmd_injection exploit module and docs 2023-09-08 16:50:46 +01:00
Simon Janusz 7302394ffa Land #18316, Kibana Timelion Prototype Pollution RCE (CVE-2019-7609) 2023-09-08 11:50:47 +01:00
Christophe De La Fuente a33f03d100 Land #18302, Sonicwall rce CVE-2023-34124 2023-09-08 11:48:07 +02:00
bwatters 946794c3f8 Land #18341, add CVE-2023-38831 for Winrar 6.22 
Merge branch 'land-18341' into upstream-master
 2023-09-07 15:59:36 -05:00
Jack Heysel ef4a9dd239 Land #18329, Add LG Simple Editor RCE module 
This PR adds an unauth RCE module for LG Simple Editor
 2023-09-07 16:21:10 -04:00
Spencer McIntyre 6afde75c59 Print the connection string 2023-09-07 16:20:03 -04:00
Spencer McIntyre 2ded62a783 Update the module with validation functionality 2023-09-07 16:20:03 -04:00
xaitax adae68d288 Update winrar_cve_2023_38831.rb 2023-09-07 22:01:49 +02:00
Alex 4d2277faa3 Update modules/exploits/windows/fileformat/winrar_cve_2023_38831.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-09-07 21:46:24 +02:00
Alex 51d80b626f Update modules/exploits/windows/fileformat/winrar_cve_2023_38831.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-09-07 21:46:16 +02:00
Alex 8b40f56fd7 Update modules/exploits/windows/fileformat/winrar_cve_2023_38831.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-09-07 21:46:09 +02:00
Alex cc78156b8c Update modules/exploits/windows/fileformat/winrar_cve_2023_38831.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-09-07 21:46:00 +02:00
xaitax 28785eb8a1 Remove payload space 2023-09-07 19:59:31 +02:00
Ege Balcı 5b6ee0cfaf Add extra sleep during PakUpgrade for stabilization 2023-09-07 19:49:57 +02:00
Ege Balcı 9a5dd4e4e5 Refactor thrift usage, add extra SRVHOST check, switch to decoded mf_file 2023-09-07 19:29:23 +02:00
Ege Balcı e286c96dee Update modules/exploits/windows/http/lg_simple_editor_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-09-07 17:00:17 +00:00