adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
catatonicprime a229a0ed86 If you are receiving 200, that is hard-evidence of bypass. Also Fix typo. 2023-04-25 23:34:04 +00:00
catatonicprime 17271f1046 Adding documentation, expanding failure cases. Always struggle in the last mile. Here we go. 2023-04-25 23:00:33 +00:00
catatonicprime 1a823b05f1 Serve jar file for exploit. 2023-04-25 18:36:44 +00:00
dwelch-r7 10577cf1e4 Land #17913, Fix crash when running local exploit suggester 2023-04-25 16:31:59 +01:00
h00die e7725e7b6d cve-2023-22809 2023-04-25 04:37:33 -04:00
vtoutain 3036b607b6 JSON output support 
Added the prettyfied JSON output along with the CSV, refactored variables regarding the JSON contacts object.
 2023-04-24 11:50:29 +02:00
vtoutain e565a8f962 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-24 11:44:52 +02:00
catatonicprime 20109932fd Command injection PoC working. 2023-04-23 15:30:23 +00:00
bcoles 5a57ea131e resolve_sid: Add docs and resolve RuboCop violations 2023-04-23 17:39:32 +10:00
bcoles 538381bd4d shell_to_meterpreter: Support using bind payloads with PAYLOAD_OVERRIDE 2023-04-22 15:44:56 +10:00
h00die d6c2e4f528 cve-2022-24716 2023-04-21 16:27:52 -04:00
space-r7 365b7c099c Land #17895, add Joomla api scanner 2023-04-21 09:50:24 -05:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
cgranleese-r7 eb4107b5e2 Fixes couchdb login bug 2023-04-21 10:14:22 +01:00
adfoster-r7 f35b9e4fa5 Fix crash when running local exploit suggester 2023-04-21 10:13:37 +01:00
catatonicprime 253f4e54bc rough pseudo-coding 2023-04-21 03:53:03 +00:00
h00die 17f674e3fa review comments 2023-04-20 16:23:52 -04:00
cgranleese-r7 896058a147 Land #17908, Update ftp login connect timeout option name 2023-04-20 16:23:42 +01:00
vtoutain d6e921c414 Version regex fix 
The previous fix was not matching numbers at the end of the version like "-rc2".
 2023-04-20 16:20:40 +02:00
vtoutain ea9019600a Version regex update 
Used a less greedy version of the regex based on reviews, as well as the `version.blank?` pattern for improved readability.
 2023-04-20 16:00:24 +02:00
vtoutain ecd56c7904 Check logic simplification 
Moved most of the check logic inside the check function to make it easier to read.
 2023-04-20 11:51:28 +02:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
Spencer McIntyre 2e3a2b6f6d Combine AWS SSM modules, autodetect platform 2023-04-19 18:05:50 -04:00
Spencer McIntyre 59b3c0e945 Set the platform in enum_ssm 
Update the enum_ssm module to use the correct session type with the
appropriate platform. Also set the session information to the same
string which also removes the eye sore that is the shell banner.
 2023-04-19 18:05:50 -04:00
vtoutain a2f3a719a9 Fixes from code reviews 
Fixed some typos, took into account the comment from jvoisin to infer fields from the JSON reply, used fail_with as suggested by jheysel-r7, fixed a rubocop warning about a redundant begin block.
 2023-04-19 11:45:03 +02:00
vtoutain 35c7d3918d Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-19 11:24:37 +02:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
adfoster-r7 34a6980e5e Land #17907, Add VMware Workspace RCE added missing require statement 2023-04-19 00:12:59 +01:00
adfoster-r7 246de78f85 Update ftp login connect timeout option name 2023-04-18 23:44:58 +01:00
Jack Heysel 9563466037 Land #17873, add ensure disconnect to ftp login 
Add ensure disconnect to ftp login module and ftp timeout configuration
 2023-04-18 18:31:12 -04:00
Jack Heysel bd286dd147 Added missing require builder statement 2023-04-18 18:10:46 -04:00
Jack Heysel de18ed438a Removed unnecessary require statement 2023-04-18 18:05:11 -04:00
Zach Goldman 898a9f2f3d add user mutability to connection timeout 2023-04-18 16:31:05 -05:00
Jack Heysel a2c23d18ef Added require builder statement 2023-04-18 16:01:14 -04:00
h00die-gr3y de9cd59ea5 added pwd derivation and report credential function including updates based on review comments 2023-04-18 19:17:00 +00:00
cgranleese-r7 b65d3252e9 Land #17883, Fix crash for lotus domino hashes module when database not active 2023-04-18 16:38:47 +01:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
vtoutain e4ae9e0997 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-18 11:37:13 +02:00
dsecbypass 413082a4d6 Linting 
Simplified version regex, fixed rubocop findings.
 2023-04-18 11:24:14 +02:00
Jack Heysel db853f9a68 Land #17711, SPIP unauth RCE module 
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
 2023-04-17 15:30:03 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
dsecbypass a05aae3ebe Support remote database storage 
It's better to pass the CSV string to store_loot directly instead of using nil and writing to the local file path ourself.
 2023-04-17 17:24:59 +02:00
dsecbypass 3b710293f5 Dolibarr 16 unauthenticated contact database dump 
Auxiliary module and documentation.
 2023-04-17 14:52:05 +02:00
sfewer-r7 e54774fd20 ensure SRVHOST is a routable IP 2023-04-17 13:01:30 +01:00
h00die 2c7d54da2f joomla api cve-2023-23752 with create_credential_and_login 2023-04-16 23:20:19 -04:00
h00die 32b6741cd8 joomla api cve-2023-23752 2023-04-16 22:54:54 -04:00
h00die 4b176c8ef5 fix unified_remote_rce docs 2023-04-16 10:11:01 -04:00
adfoster-r7 71a058b555 Fix crash for lotus domino hashes module when database not active 2023-04-14 23:28:32 +01:00
Jack Heysel cda2e9610b Land #17820, optimising the nagiosxi modules 
This PR refactors the authenticated nagiosxi modules and mixins..
 2023-04-14 16:21:26 -04:00
Jack Heysel ace2f42387 Changed ranking to Good 2023-04-14 15:15:40 -04:00