adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
ErikWynter f79b4331b8 code review fixes for wd_mycloud_unauthenticated_cmd_injection 2023-07-27 23:09:50 +03:00
Ismail Dawoodjee f3e1fccd0c Merge branch 'rapid7:master' into subrion_cms_file_upload_rce 2023-07-27 22:17:46 +03:00
cgranleese-r7 055206a11b Land #18225, Fix invalid references in modules 2023-07-27 16:56:11 +01:00
adfoster-r7 f3adc3f79f Fix invalid references in modules 2023-07-27 16:02:37 +01:00
Ege Balcı ca9601bb58 Fixed check method and targets 2023-07-26 18:01:26 +02:00
Ege Balcı 5b5f666256 Make rubocop happy 2023-07-26 16:26:18 +02:00
Ege Balcı 006831938d Adjust targets 2023-07-26 16:26:18 +02:00
Ege Balcı f5e91f686c Update modules/exploits/multi/http/rudder_server_sqli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-07-26 16:26:18 +02:00
Ege Balcı d50fceca40 Update modules/exploits/multi/http/rudder_server_sqli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-07-26 16:26:17 +02:00
Ege Balcı 1b52c7c8ba Update modules/exploits/multi/http/rudder_server_sqli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-07-26 16:26:17 +02:00
Ege Balcı bc58254db8 Update modules/exploits/multi/http/rudder_server_sqli_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-07-26 16:26:17 +02:00
Ege Balcı d6328edc27 Make rubocop happy 2023-07-26 16:26:17 +02:00
Ege Balcı 47f48e8adb Add rudder-server SQLI RCE (CVE-2023-30625) exploit 2023-07-26 16:26:17 +02:00
ErikWynter 53b8653ac7 add wd_mycloud_unauthenticated_cmd_injection 2023-07-26 17:24:44 +03:00
ismaildawoodjee b7b11373f5 Use full_uri for the payload URI 2023-07-25 22:53:11 -04:00
Ismail Dawoodjee 867282ba96 Merge branch 'rapid7:master' into subrion_cms_file_upload_rce 2023-07-25 23:09:30 +03:00
ismaildawoodjee 671a90ee58 Put checks for website requests and change failure message 2023-07-25 16:08:25 -04:00
Christophe De La Fuente c7f8ce5acd Land #18199, VMWare vRealize Network Insight pre-authenticated RCE CVE-2023-20887 2023-07-25 17:45:30 +02:00
Ismail Dawoodjee 78c1f75f2a Merge branch 'rapid7:master' into subrion_cms_file_upload_rce 2023-07-25 18:01:08 +03:00
ismaildawoodjee e9f53bd195 Use full_uri instead of piecing together a full URI 2023-07-25 11:00:21 -04:00
h00die-gr3y 43056ad621 removed powershell mixin 2023-07-25 14:06:45 +01:00
h00die-gr3y c1d84e950c Update based on bwatters-r7 comments 2023-07-25 14:06:44 +01:00
h00die-gr3y 45eacec846 Updated module with WordPress check 2023-07-25 14:06:44 +01:00
h00die-gr3y cda6ab5960 init commit module 2023-07-25 14:06:29 +01:00
adfoster-r7 fa97281267 Add documentation on building and testing vulnerable targets 2023-07-25 13:48:38 +01:00
bwatters 39f24a305e Change default command to certutil for Windows HTTP Fetch and default FETCH_SRVHOST to LHOST 2023-07-24 15:53:19 -05:00
Ismail Dawoodjee a709c4c010 Update modules/exploits/linux/http/subrion_cms_file_upload_rce.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-07-24 20:36:28 +03:00
ismaildawoodjee 4e16307165 Add module and documentation for Subrion CMS v4.2.1 RCE 2023-07-21 17:22:58 -04:00
adfoster-r7 c26d44a177 Fix bypassuac_comhijack module crash 2023-07-21 16:46:43 +01:00
adfoster-r7 f287f50be7 Land #18187, Fixes incorrect usage of pack/unpack directives 2023-07-21 11:40:02 +01:00
dwelch-r7 1af22cfd22 Land #18096, Add initial proxies datastore support for kerberos workflows 2023-07-21 11:37:04 +01:00
adfoster-r7 08a2a293a9 Add proxies datastore support to kerberos 2023-07-21 11:19:50 +01:00
RadioLogic 49eeb90145 Removed pointless line 2023-07-20 19:25:09 -04:00
Jack Heysel ee26e7f926 Rubocop fixes 2023-07-20 16:40:28 -04:00
RadioLogic 0de59481e9 Added better means to ignore groups additions on empty set 2023-07-20 15:18:48 -04:00
RadioLogic 761f91faf0 Added quotes around password to prevent bash shebang 2023-07-20 15:17:26 -04:00
Jack Heysel 421b06119f Update docs 2023-07-20 14:55:27 -04:00
RadioLogic ab5b12e8f1 Corrected sideeffects 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-07-20 14:52:46 -04:00
RadioLogic 923cb78110 Corrected reliability 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-07-20 14:52:27 -04:00
Jack Heysel c48346413c Fixed payload and verion detection 2023-07-20 14:44:56 -04:00
adfoster-r7 2ae6688815 Fix libssh_auth_bypass crash on newer versions 2023-07-20 12:29:21 +01:00
jvoisin 0df2f57124 Fix a typo 2023-07-19 19:47:17 +02:00
Julien Voisin d5ca174e1e Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-07-19 17:46:27 +00:00
h00die 530934f78a review comments 2023-07-19 11:42:47 -04:00
cgranleese-r7 8e0a909b18 Fixes incorrect usage of pack/unpack directives 2023-07-19 11:39:00 +01:00
bwatters 01434662fa Land #18182, Add module and doc for cve-2023-26876 
Merge branch 'land-18182' into upstream-master
 2023-07-18 20:10:47 -05:00
bwatters 297c484a1c Land #18173, Add Openfire Authentication Bypass RCE [CVE-2023-32315] 
Merge branch 'land-18173' into upstream-master
 2023-07-18 18:13:20 -05:00
cgranleese-r7 a0f04a7018 Land #17681, Add datastore option for Jenkins home directory 2023-07-18 14:17:15 +01:00
Joshua Rogers d9e23a5c67 Update modules/post/multi/gather/jenkins_gather.rb 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-07-18 14:02:27 +02:00
h00die-gr3y 7f35abff86 fixed the invalid character at the store_valid_credential‎ function 2023-07-18 08:38:06 +00:00