adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
adfoster-r7 094d6ee36b Add additional reliability and stability notes to modules 2024-01-22 23:29:57 +00:00
aleksa e9e5a44522 Updated with side effects 2024-01-22 18:03:28 -05:00
aleksa 8e3fbcae26 notes added to storage path exploit. 2024-01-22 17:55:26 -05:00
Spencer McIntyre b8a0e33ce3 Initial exploit for CVE-2023-22527 2024-01-22 17:06:29 -05:00
bwatters 46a0052286 Land #18568, added exploit for CVE-2023-32781 - PRTG authenticated RCE 
Merge branch 'land-18568' into upstream-master
 2024-01-22 11:35:38 -06:00
sjanusz-r7 2bd93ae72c Use a glob for memory_search PROCESS_NAMES_GLOB 2024-01-22 16:53:32 +00:00
sjanusz-r7 f8bdb02593 Validate memory_search PROCESS_IDS using regex 2024-01-22 16:53:00 +00:00
Kevin Joensen dfa54d02b9 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-01-22 10:10:14 +01:00
h00die-gr3y 919c846064 Final small updates (removed UDP and corrected typo in release date 2024-01-20 11:27:10 +00:00
Spencer McIntyre 06dcc82ced Land #18630, Add CVE-2023-50917: MajorDoMo RCE 
Add CVE-2023-50917: MajorDoMo Command Injection Module
 2024-01-19 17:10:40 -05:00
bwatters fadb0f45dd Land #18708, Ivanti Connect Secure RCE exploit module (CVE-2023-46805 and CVE-2024-21887) 
Merge branch 'land-18708' into upstream-master
 2024-01-19 15:47:43 -06:00
Spencer McIntyre b31abcc9b2 Mark unix encoders as compatible with linux 
Fixes #18572
 2024-01-19 13:40:43 -05:00
ekalinichev-r7 847a72c417 Land #18638, add exploit for CVE-2022-42889 Apache Commons Text RCE 2024-01-19 13:02:53 +01:00
sjanusz-r7 b1fb58749b Use PostgreSQL session type for postgres_schemadump 2024-01-19 10:29:44 +00:00
sjanusz-r7 23a9938283 Add PostgreSQL session type 2024-01-19 10:29:37 +00:00
h00die 482d2b28b1 gitlab password reset account takeoever 2024-01-18 16:19:26 -05:00
Gaurav Jain fd3ca96988 Update splunk cve-2023-32707 to use splunk library 2024-01-19 01:56:15 +05:30
sfewer-r7 de6ed9e1d6 use get_json_document instead of JSON.parse 2024-01-18 15:35:43 +00:00
sjanusz-r7 6ca4c113ee Get memory match length from buffer TLV length for Mettle 2024-01-18 11:08:38 +00:00
sjanusz-r7 337400b9b8 Remove AARCH64 reference 2024-01-18 11:08:38 +00:00
sjanusz-r7 1e7b74a0e5 Correctly use process glob when searching for processes 2024-01-18 11:08:34 +00:00
sfewer-r7 4ff399844f By replacing the trailing ';' with a '#' we comment out the remaining portion of the command string (Thank you @jvoisin). We must also include a space character for this to work as expected, doing so also removes the need to bootstrap the Linux payloads with a separate file. 2024-01-18 10:04:38 +00:00
Stephen Fewer c74fd86961 Update modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2023_46805.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-18 09:18:46 +00:00
Stephen Fewer 3bb1d2bc02 Update modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2023_46805.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-18 09:18:35 +00:00
Christophe De La Fuente b8aa55c322 Land #18633, WordPress Backup Migration Plugin PHP Filter Chain RCE (CVE-2023-6553) 2024-01-17 18:42:52 +01:00
sjanusz-r7 977a9f3cd4 Add generic memory search module for supported Meterpreter sessions 2024-01-17 15:55:23 +00:00
Christophe De La Fuente a8d46b3e7a Land #18627, Ansible: post gather module, payload deployer, and file reader 2024-01-17 15:26:25 +01:00
sfewer-r7 70ef0dcb0d improve the check logic to fall through when the json doesnt have the key we expect it to have 2024-01-17 10:02:59 +00:00
sfewer-r7 518c1e5d3c mention Pull Connect as well as the CVEs in the description 2024-01-17 10:02:11 +00:00
sfewer-r7 ad7e348eaa remove a copy pasta link 2024-01-17 09:16:18 +00:00
h00die d7cf9155a6 ofbiz working for 18.12.09 2024-01-16 20:06:11 -05:00
Jack Heysel 607a2789d0 Revert "Changed payload double quote to single" 
This reverts commit f1586f08c3.
 2024-01-16 14:49:22 -05:00
adfoster-r7 1ba704b1cb Land #18398, Update deprecated report_auth_info in various modules 2024-01-16 19:30:56 +00:00
sfewer-r7 f9419c4839 seperate commands into an array instead of one bog long string 2024-01-16 17:19:13 +00:00
sfewer-r7 ea1dafa353 this is a slightly nicer way to write this 2024-01-16 17:08:09 +00:00
sfewer-r7 4060e069ed first commit of the ICS exploit 2024-01-16 14:32:48 +00:00
h00die 56a9beb39d ansible review 2024-01-15 17:18:49 -05:00
Jack Heysel f1586f08c3 Changed payload double quote to single 2024-01-15 12:09:41 -05:00
Dean Welch 2cf045d3c4 Leverage the module metadata cache in the module_sets 2024-01-15 14:56:46 +00:00
adfoster-r7 0075212fa9 Land #18596, Update smb modules to work with smb sessions 2024-01-15 12:07:07 +00:00
h00die-gr3y e7f2abbf9e Small typo update 2024-01-14 19:26:10 +00:00
Jack Heysel 5e25a99700 Responded to comments 2024-01-12 13:08:32 -05:00
h00die d57c9fb464 ssh_version module 2024-01-11 14:48:21 -05:00
Jack Heysel 6d8666e35b Fixed spacing and removed unused method 2024-01-11 13:13:57 -05:00
Jack Heysel cdc66dd91f Last minute fix 2024-01-11 12:56:01 -05:00
Jack Heysel e44b57249d Merge branch 'wp-backup-migration-php-filter' of github.com:jheysel-r7/metasploit-framework into wp-backup-migration-php-filter 2024-01-11 12:30:42 -05:00
Jack Heysel 5c7061cc0c Remove OS dependant payload 2024-01-11 12:30:04 -05:00
h00die b031311892 ansible review 2024-01-10 17:29:15 -05:00
h00die 381b840f11 salt review 2024-01-10 17:19:58 -05:00
h00die e711c9ea43 ansible review 2024-01-10 17:16:57 -05:00