adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
bka-dev ef8e6f46bc reverting previous change 2023-08-11 00:43:38 +02:00
bka-dev 1e7e39c383 Adds module to detect CVE-2023-21554 aka QueueJumper 2023-08-11 00:34:30 +02:00
Ege Balcı 4b7d98df07 Add Maltrail Unauthenticated RCE exploit 2023-08-10 23:02:20 +02:00
Ege Balcı e74a68b3fb Make rubocop happy 2023-08-10 10:10:02 +02:00
Ege Balcı 634713ee56 Fix check method and integrate CmdStager 2023-08-10 00:56:44 +02:00
Ege Balcı 85f8333b15 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:27:25 +00:00
Ege Balcı 54ccfc1b8c Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:26:49 +00:00
Ege Balcı a8a7b4eaeb Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:24:38 +00:00
Ege Balcı fade54dc4d Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:24:24 +00:00
Ege Balcı 2c8d6b97fe Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-09 21:24:08 +00:00
cgranleese-r7 214c788ce7 Land #18232, metabase setup token rce (cve-2023-38646) 2023-08-09 09:44:53 +01:00
wvu 03c99660db Update pam_username_bof.rb 2023-08-09 00:22:57 -05:00
h00die f125ad8870 review comments 2023-08-08 17:44:35 -04:00
h00die 7b024f21bd apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die 5cdac38ac0 apache nifi h2 rce 2023-08-08 17:44:35 -04:00
h00die e8ce0454cd review comments 2023-08-08 17:16:57 -04:00
h00die dca125963c metabase review comments 2023-08-08 17:16:57 -04:00
h00die f30c996340 remove comment 2023-08-08 17:16:56 -04:00
h00die 9516592eb6 metabase setup token rce 2023-08-08 17:16:56 -04:00
h00die 7ceeb9f8de review comments 2023-08-08 17:15:22 -04:00
h00die 67ea97d686 set right port 2023-08-08 17:15:22 -04:00
h00die 06a4433e2a review comments 2023-08-08 17:15:22 -04:00
h00die 97daf47269 h2 web interface shell 2023-08-08 17:15:22 -04:00
Ege Balcı 340e4c0117 Make rubocop happy 2023-08-08 20:54:40 +02:00
Ege Balcı 169ce82ea7 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-08 18:37:23 +00:00
Ege Balcı 7217eda1eb Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-08 18:37:15 +00:00
Ege Balcı 95bb5a1e09 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-08 18:37:08 +00:00
Ege Balcı d1f9f540c6 Add VMware vRealize Log Insight RCE exploit 2023-08-08 20:32:38 +02:00
Jack Heysel 6e8d0b33df Land #18191, Improve post linux checkcontainer 
This PR adds support for detecting whether a session is
running in a podman container and improves detection for
sessions running in Docker, LXC and WLS containers.
 2023-08-08 13:26:01 -04:00
sfewer-r7 85ab3113c2 bug fix for issue 18237. ColdFusion configured with a Development profile behaves slightly differently than ColdFusion deployed in a Production profile, so we need to test for some different return values during exploitation. 2023-08-08 14:47:14 +01:00
Spencer McIntyre baa0f3d5e3 Switch the fingerprint resource for v12 compat 
Switching to use citrix-fonts.css allows the technique to work for 12.x
and 13.x.
 2023-08-08 08:57:17 -04:00
Spencer McIntyre 72092392e9 Fix check method for v12, add automatic targeting 2023-08-08 08:57:11 -04:00
Ege Balcı 2abd826291 Update side effects and options 2023-08-08 00:44:19 +02:00
Ege Balcı 3b7653c08e Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-07 22:30:51 +00:00
Ege Balcı 79e009a03f Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-07 22:30:25 +00:00
Ege Balcı 6225df80e9 Update modules/exploits/unix/http/raspap_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-07 22:23:15 +00:00
Spencer McIntyre 760bc3fbfb Add a target for 12.1-64.17 2023-08-04 16:21:21 -04:00
Ege Balcı 41f0c30855 Add RaspAP Unauthenticated Command Injection (CVE-2022-39986) Exploit 2023-08-04 21:22:07 +02:00
Spencer McIntyre c3324ab002 Add a target for 12.1-65.25 2023-08-04 15:14:24 -04:00
bwatters 2f9e5cd332 Update info hash 2023-08-04 11:16:38 -05:00
bwatters e8456a6625 Add documentation and fix null filename catch 2023-08-03 18:30:20 -05:00
Spencer McIntyre e3d4a8ccd9 Land #18234, Fix for issue #13724 
Fix for issue #13724: fix crash for unloaded user32.dll: add library loading
 2023-08-03 14:32:33 -04:00
bwatters d3b7bcd676 Working 2023-08-03 13:23:41 -05:00
Christophe De La Fuente 4a7836055e Land #18211, Subrion CMS v4.2.1 RCE 2023-08-03 19:03:44 +02:00
Christophe De La Fuente 00006fffae Land #18240, Citrix RCE - CVE-2023-3519 2023-08-03 18:55:48 +02:00
Spencer McIntyre 67e1c57b7c Fix some buffer encoding issues 2023-08-03 12:47:14 -04:00
Spencer McIntyre 39382c4652 Land #17600, Add AWS Instance Connect Sessions 
Implement AWS Instance Connect Sessions
 2023-08-03 12:06:29 -04:00
bwatters 59e3760509 First attempt at CVE-2023-34634 2023-08-03 10:58:07 -05:00
D00Movenok 3ea9c0100b fixed windows/x64/messagebox CachedSize 2023-08-03 17:10:11 +03:00
Ismail Dawoodjee 31da1f890d Merge branch 'rapid7:master' into subrion_cms_file_upload_rce 2023-08-03 18:29:21 +06:30