adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
RadioLogic 0680630d25 Redefined verbose prints 2023-07-17 16:04:37 -04:00
RadioLogic 394ea6029a Added prevention of printing empty missing groups 2023-07-17 15:46:17 -04:00
RadioLogic 1c693d9fad Finalized /etc/shadow line 2023-07-17 15:43:28 -04:00
RadioLogic 427e39b152 Added check to prevent manual from readding users 2023-07-17 15:42:48 -04:00
RadioLogic cc9d70b896 Added missing each in manual groups 2023-07-17 15:37:50 -04:00
RadioLogic 4ff7babae7 Turned missing groups into enum 2023-07-17 15:15:53 -04:00
RadioLogic 6e6910519a Added error if custom command doesnt exist 2023-07-17 13:59:30 -04:00
RadioLogic 9bc00f7759 Implemented custom command detection 2023-07-17 13:59:09 -04:00
RadioLogic 3a3ffcb6df Swapped vprint in useradd 2023-07-17 13:58:18 -04:00
RadioLogic 7e9071627f Added better verbose logging 2023-07-17 13:35:45 -04:00
RadioLogic c63810101c Added error for illegal usernames 2023-07-17 12:47:34 -04:00
h00die-gr3y 0ff2ca4f40 updates based on latest comments 2023-07-16 18:43:21 +00:00
jvoisin 2efcbbb772 Add docker detection via the old .dockerinit file 2023-07-16 18:12:11 +02:00
jvoisin 1f2112c5c1 Add podman detection via an environment variable 2023-07-16 18:11:11 +02:00
jvoisin f46641f479 Improve LXC detection 
See https://github.com/silverwind/ansible/commit/d649d24be2ed36ff8da7ecbd57b6bb25a9a3b745
 2023-07-16 18:07:59 +02:00
jvoisin 2e26e7c98c Add detection for WSL 2023-07-16 18:04:12 +02:00
jvoisin 04438920d5 Add Podman detection 
See https://github.com/containers/podman/issues/3586#issuecomment-661918679
 2023-07-16 18:01:06 +02:00
Guilhem RIOUX 84ad51b5c7 rubocop 2023-07-16 05:38:51 +02:00
H00die.Gr3y f608424242 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-15 12:02:22 +02:00
rodnt d7b0e94729 fix made at the request of bwatters-r7 2023-07-14 21:34:32 +00:00
bwatters b15d595de2 Adjust files to be better shared 2023-07-14 12:47:04 -05:00
rodnt 1e75365f8e Update with all changes proposed by smcintyre-r7 2023-07-13 23:38:55 +00:00
rodnt 3f0d0ee34c Merge branch 'rapid7:master' into piwigo_cve_26876 2023-07-13 09:59:43 -03:00
rodnt 4dc6e59fa3 bwatters-r7 suggestions were applied. 2023-07-13 12:51:34 +00:00
101719434+rodnt@users.noreply.github.com 5b638bb37b add module and doc for cve-2023-26876 2023-07-12 15:45:40 -03:00
Jack Heysel 10c1b79c37 Land #17861, pfSense Config Data RCE as root 
This module exploits a vulnerability in pfSense version
2.6.0 and below which allows for authenticated users to
execute arbitrary operating systems commands as root.
 2023-07-12 14:32:06 -04:00
emirpolatt 34f25fbb65 pfSense Config Data Remote Command Execution as root (CVE-2023-27253) Module 2023-07-12 13:27:02 -04:00
h00die 3d3e2a9e2d apache supserset exploit 2023-07-11 15:19:33 -04:00
Guilhem7 a9a6b03979 Update modules/exploits/multi/php/jorani_path_trav.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-11 09:28:20 +02:00
Guilhem7 56619e6da3 Update modules/exploits/multi/php/jorani_path_trav.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-11 09:28:14 +02:00
Guilhem7 8d08a2a144 Update modules/exploits/multi/php/jorani_path_trav.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-07-11 09:28:05 +02:00
adfoster-r7 5cb5c18550 Land #18170, Add module for SmarterMail Build 6985 - dotNET Deserialization Remote Code Execution (CVE-2019-7214) 2023-07-10 23:56:09 +01:00
Jack Heysel bd004e0831 Land #18178, update refence format entry 
This PR updates a reference on exploit/windows/smb/ms08_067_netapi
to the new URL format.
 2023-07-10 18:19:52 -04:00
Jeffrey Martin 3635ce9c03 update reference format for entry in rapid7.com 2023-07-10 16:54:42 -05:00
Jack Heysel 420147d02e Land #18164, WooCommerce Payments auxiliary module 
This module exploits an auth bypass and priv esc vulnerability
in order to create an admin wordpress user.
 2023-07-10 17:19:56 -04:00
h00die d6911f6b13 add new api endpoint, and checks for multiple versions 2023-07-09 19:48:16 -04:00
h00die-gr3y c34779a5f1 updates based on comments of jvoisin and adfoster-r7 2023-07-09 12:20:58 +00:00
ismaildawoodjee e61342afac Proper error handling for closing TCP socket and used Rex exceptions 2023-07-09 07:25:09 -04:00
h00die-gr3y 8edbf73b6f first release exploit module 2023-07-08 09:48:17 +00:00
ismaildawoodjee 1706812099 Implemented requested changes 
* Small fixes in Description - removed backticks
* Implemented Windows Command target
* Removed PowerShell Stager, in Targets and in exploit method
* Implemented Rex::Socket::Tcp in place of TCPSocket

* Updated TARGET section in documentation
* Added TARGET 0 - Windows Command scenario
* Removed PowerShell Stager scenario
* Replaced 'Using configured payload' lines to use Windows Command payload
  for the 2nd, 3rd, and 4th scenarios. Did not rerun the scenarios, however
 2023-07-07 04:14:20 -04:00
Ismail Dawoodjee f959dee046 Change module name 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-07-06 18:50:44 +03:00
Grant Willcox 81cf6c2a09 Fix up credential storing code 2023-07-06 10:43:20 -05:00
ismaildawoodjee 591fee1850 Fix msftidy complaining about https:// URL scheme in Line 2 2023-07-06 11:01:54 -04:00
Grant Willcox c3aefe577b Fix url_root loop code and user creation code 2023-07-06 09:36:19 -05:00
ismaildawoodjee ad0d3e79a9 SmarterMail RCE module and documentation 2023-07-06 08:00:28 -04:00
h00die 2c2f855e20 working cookies for superset 2023-07-06 07:12:39 -04:00
JustAnda7 8e33badd80 Better-parsing-of-dn-and-minor-changes 2023-07-05 18:21:48 +00:00
Grant Willcox 3abcb3ebaa Explain ADMINID field more 2023-07-05 13:10:41 -05:00
Grant Willcox ce19ce5b72 Apply fixes from review 2023-07-05 12:24:51 -05:00
Jack Heysel f1b5cd46f4 Apache RocketMQ update config RCE 2023-07-05 12:38:51 -04:00