adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

73452 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Spencer McIntyre 9181d93807 Search for a resolv.conf file 2024-02-08 11:22:32 -05:00
dwelch-r7 87e78d4f8d Land #18783, remove initialize warnings from rspec tests 2024-02-08 14:38:02 +00:00
Metasploit 0625e84b57 automatic module_metadata_base.json update 2024-02-08 07:04:19 -06:00
adfoster-r7 8b71afdd53 Land #18759, Updates MySQL modules to now support the new MySQL session type 2024-02-08 12:39:51 +00:00
Gaurav Jain 4dc21bae45 Merge branch 'rapid7:master' into manageengine 2024-02-08 15:11:15 +05:30
Metasploit d3bde6b172 Bump version of framework to 6.3.56 2024-02-08 03:38:37 -06:00
adfoster-r7 108e5afaea Land #18803, Remove all references to Msf::SymbolicModule 6.3.55 2024-02-07 21:50:16 +00:00
Gaurav Jain 25804edbf4 Add java targets for manageengine cve-2022-47966 modules 2024-02-08 01:55:52 +05:30
cgranleese-r7 02ae96edb0 Addresses RPORT not defaulting correctly 2024-02-07 16:07:15 +00:00
Dean Welch 792708c07b Remove all references to Msf::SymbolicModule 2024-02-07 15:08:47 +00:00
cgranleese-r7 b060809a8d Addresses logoff PR feedback 2024-02-07 12:51:04 +00:00
upsidedwn 4b5d04e59e Fix revision number checks in cve_2022_26904_superprofile.rb 2024-02-07 11:30:42 +08:00
upsidedwn ccb446f2ae Fix revision number checks for cve_2021_40449.rb 2024-02-07 11:28:00 +08:00
upsidedwn 436efad4ca Fix revision number checks 2024-02-07 11:25:41 +08:00
upsidedwn 47d30696bc Fix revision_number checks 2024-02-07 11:20:12 +08:00
h00die 84278b8e0e fix ofbiz auto detection 2024-02-06 16:45:02 -05:00
cgranleese-r7 e80f0ef8cd Removes session logic from mixins and uses client instead of datastore for rhost and rport 2024-02-06 14:11:16 +00:00
sfewer-r7 03a58c784b fix typo in variable name 2024-02-06 14:08:54 +00:00
cgranleese-r7 b72d8d16d4 Land #18782, Update Windows installation docs to mention requirement to install as Administrator 2024-02-06 13:05:04 +00:00
sfewer-r7 367783bcb5 add in RCE exploit for CVE-2024-21893 2024-02-06 11:49:04 +00:00
ekalinichev-r7 9ae54e08bc Update code formatting in Metasploit installation docs 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-02-06 11:35:50 +01:00
adfoster-r7 5975d668f6 Land #18773, Support CTRL + Z for interactive SQL REPL 2024-02-05 16:39:13 +00:00
adfoster-r7 b109fe0cf7 Land #18787, Temporarily remove PHP github action testing 2024-02-05 16:07:08 +00:00
adfoster-r7 12b188d186 Temporarily remove PHP github action testing 2024-02-05 14:36:26 +00:00
Metasploit aec2a82af4 automatic module_metadata_base.json update 2024-02-05 06:35:04 -06:00
Christophe De La Fuente d546db6055 Land #18780, runc cwd priv esc (docker) (cve-2024-21626) 2024-02-05 13:12:02 +01:00
sjanusz-r7 4039ae137a Support CTRL + Z for interactive SQL REPL 2024-02-05 11:14:51 +00:00
lihe07 29524fa7f8 Fix option collision in service_persistence 
The option `SHELLPATH` collide with `cmd/unix/reverse_netcat`,
resulting in abnormal backdoors. This commit rename it to BACKDOOR_PATH
 2024-02-03 23:18:45 +08:00
h00die cf2f76e6a2 cve-2024-21626 review 2024-02-02 16:27:02 -05:00
Zach Goldman 23e184c9ce Fix removing initialize warnings 2024-02-02 11:04:44 -06:00
Metasploit 77a2340b34 automatic module_metadata_base.json update 2024-02-02 11:02:14 -06:00
Jack Heysel 85974d16c2 Land #18769, Add Cacti RCE via SQLi Module 
This exploit module leverages a SQLi (CVE-2023-49085) and
a LFI (CVE-2023-49084) vulnerability in Cacti versions prior
to 1.2.26 to achieve RCE
 2024-02-02 11:46:10 -05:00
Metasploit ef8f8bc8d3 automatic module_metadata_base.json update 2024-02-02 09:12:30 -06:00
cgranleese-r7 577304cf7c Updates more modules 2024-02-02 14:59:56 +00:00
cgranleese-r7 ae1cb57dc3 Updates MySQL modules to now support the new MySQL session type 2024-02-02 14:59:56 +00:00
adfoster-r7 46e34e5362 Land #18718, Add MySQL session type 2024-02-02 14:57:10 +00:00
Metasploit bb3e872bc5 automatic module_metadata_base.json update 2024-02-02 08:45:20 -06:00
cgranleese-r7 0e9cad6d45 Adds MySQL session type 2024-02-02 14:39:37 +00:00
Jeffrey Martin bed552d26e set error on unsupported LDAP auth 2024-02-02 08:36:00 -06:00
adfoster-r7 48221e594d Land #18704, Leverage the module metadata cache in the module_sets 2024-02-02 14:16:46 +00:00
adfoster-r7 7ac4387d35 Land #18696, Convert MSSQL mixin to class 2024-02-02 14:14:34 +00:00
Christophe De La Fuente b91648f065 Fix typos 2024-02-02 11:45:51 +01:00
Metasploit 41b517d809 automatic module_metadata_base.json update 2024-02-02 04:40:21 -06:00
Christophe De La Fuente 1ff1302df7 Use exceptions instead of returning a boolean in do_login 2024-02-02 11:39:13 +01:00
adfoster-r7 372b792b8c Land #18761, Add alert to show user the new session options available in Metasploit 6.4 2024-02-02 10:25:32 +00:00
Simon Janusz 18ea7b39af Land #18779, Update PHP Github action for acceptance tests 2024-02-02 10:13:28 +00:00
Egor Kalinichev 02311bf94a Update Windows installation docs to mention requirement to install as Administrator 2024-02-02 10:57:01 +01:00
Metasploit 6132264dcd automatic module_metadata_base.json update 2024-02-01 22:02:34 -06:00
Jack Heysel be2d2d61ca Land #18762, Add exploit module for CVE-2024-0204 
This pull request adds an exploit module for CVE-2024-0204
in Fortra GoAnywhere MFT. GoAnywhere MFT versions 6.x from
6.0.1, and 7.x before 7.4.1 are vulnerable.
 2024-02-01 22:36:32 -05:00
Zach Goldman 35778e92b2 client consolidation 
convert first module from remote to client

move client to rex

remove metasploit mixin
 2024-02-01 17:23:55 -06:00