adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Ege Balcı 3509193ae8 Update modules/exploits/windows/http/lg_simple_editor_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-09-07 17:00:10 +00:00
Simon Janusz 26cb5c7241 Land #18322, Elasticsearch Memory Disclosure (CVE-2021-22145) 2023-09-07 16:11:40 +01:00
ErikWynter 7cabe14461 add opentsdb_key_cmd_injection exploit module 2023-09-07 17:29:16 +03:00
eu 6a260f60e0 Initial commit 2023-09-07 13:53:42 +02:00
Ron Bowes b12fe743d0 Resolve PR comments 2023-09-06 14:11:29 -07:00
Jack Heysel 3ae658285b Updated socat tcp cache size 2023-09-06 15:52:56 -04:00
Jack Heysel cf62d3fa78 rubocop 2023-09-06 15:47:54 -04:00
Jack Heysel 31d5f8e128 Responded to comments 2023-09-06 15:40:43 -04:00
h00die 213b9f9589 Merge remote-tracking branch 'upstream/master' into flask_unsign 2023-09-06 15:39:37 -04:00
Jack Heysel 13174382d9 Land #18179, improve windows checkvm post module 2023-09-06 14:07:50 -04:00
Jack Heysel 4ade16752a Land #18190, improve linux checkvm post module 2023-09-06 11:50:50 -04:00
bwatters 53b7f1ba07 Land #18286, roundcube arbitrary file read 
Merge branch 'land-18286' into upstream-master
 2023-09-06 09:43:38 -05:00
Jack Heysel 482fdefb2c Land #18313, SolarView Compact unauth RCE module 
This PR adds a SolarView Compact unauth RCE module.
 2023-09-05 17:49:28 -04:00
jheysel-r7 03ccb3cce0 Apply grammatical suggestions from code review 2023-09-05 17:06:01 -04:00
bwatters 91e7af4370 Added check, some stealth, and cleaned code 2023-09-05 14:29:13 -05:00
cgranleese-r7 55d0f29e54 Land #18281, Detection module for CVE-2023-21554 - QueueJumper 2023-09-05 14:03:30 +01:00
Bastian Kanbach 4b8f5dc41c Update modules/auxiliary/scanner/msmq/cve_2023_21554_queuejumper.rb 
Corrected typo

Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-09-05 13:15:36 +02:00
xaitax ac91516cc9 Update winrar_cve_2023_38831.rb 2023-09-04 20:25:20 +02:00
xaitax b0fa4cc266 Update winrar_cve_2023_38831.rb 2023-09-04 19:54:43 +02:00
xaitax d5f355d8de WinRAR 6.22 (CVE-2023-38831) 2023-09-04 18:56:22 +02:00
Ege Balcı 4088276b36 Adjust option name 2023-09-04 16:46:14 +02:00
h00die c6a2652861 review comments 2023-09-01 20:34:35 -04:00
h00die fb9f3bd13f review comments 2023-09-01 20:14:41 -04:00
Jeffrey Martin 6b5fff6c33 Land #18125, LDAP Capture Simple Authentication 2023-09-01 11:08:19 -05:00
JustAnda7 05d6e9815d changes-to-support-nmap 2023-09-01 08:07:01 -04:00
Ege Balcı c2fc371721 Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:59:03 +00:00
Ege Balcı 9044588971 Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:53:40 +00:00
Ege Balcı f96ca4429a Update modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:53:31 +00:00
Ege Balcı 20a22f1baf Fix check, randomize JSP name, ditch backup 2023-09-01 03:46:58 +02:00
Ege Balcı 757e942ac9 Update modules/exploits/windows/http/lg_simple_editor_rce.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:16:32 +00:00
Jack Heysel 73de437eca Updated cache size 2023-08-31 12:22:30 -04:00
Jack Heysel e5f2ebff19 Fix copy pasta error 2023-08-31 12:14:24 -04:00
Christophe De La Fuente 6a674f53ff Land #18309, Stream LDAP query results 2023-08-31 18:09:45 +02:00
Jack Heysel 5c12a3e6f4 Remove unused default options 2023-08-31 02:47:40 -04:00
Jack Heysel 3a7ef46d17 Remove platform linux 2023-08-31 02:32:21 -04:00
Jack Heysel 273d8ec0bc Setting cache size to 88 to apease CI 2023-08-31 02:27:03 -04:00
Jack Heysel 7b8debd58f Tidy up, last minute rubocop 2023-08-31 02:17:35 -04:00
Jack Heysel 9779b1eeae Lexmark Device Embedded Web Server RCE (CVE-2023-26068) 2023-08-30 20:30:14 -04:00
RadioLogic e026791905 Added catch all warning to remove added groups 2023-08-30 12:15:00 -04:00
jheysel-r7 68090d0406 Update modules/exploits/linux/http/ivanti_sentry_misc_log_service.rb 
Co-authored-by: wvu <4551878+wvu@users.noreply.github.com>
 2023-08-30 11:46:44 -04:00
Christophe De La Fuente 8217745a85 Land #18257, Apache nifi h2 rce (CVE-2023-34468) 2023-08-30 13:37:37 +02:00
bwatters ccba494e61 Exploit working, still needs to be cleaned up 2023-08-29 18:01:44 -05:00
Jack Heysel a3a7454f74 Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-08-29 15:24:04 -04:00
Jack Heysel b326832bcf Renamed module, rubocop 2023-08-29 13:21:13 -04:00
Ege Balcı 32f9357f7a Update side effects 2023-08-29 18:08:11 +02:00
Ege Balcı 1d9c7fde77 Add LG Simple Editor Unauthenticated RCE (CVE-2023-40498) Exploit 2023-08-29 17:58:43 +02:00
Ege Balcı 44dd8439df Add low version guard and token check 2023-08-29 17:43:21 +02:00
Jack Heysel efd9a69b35 Module returns a Metepreter session 2023-08-29 02:00:35 -04:00
h00die db9bf5f6cd now down to 10 shells! 2023-08-28 17:42:35 -04:00
h00die f467e0747a review comments 2023-08-28 17:39:02 -04:00