adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,099 Commits 27 Branches 1,043 Tags
41fca09bfbb2e16b99a7315bfbd6034a6125bcde
Commit Graph

31055 Commits

Author SHA1 Message Date
Grant Willcox 62f9d15ba3 Land #15314, Add Exploit for CVE-2021-31181 (SharePoint RCE) 2021-06-16 10:39:49 -05:00
guly f243bb1d78 Updated gavazzi_em_login_loot: added CVE 
added CVE
 2021-06-16 15:24:15 +02:00
guly d6de658709 fixed reference url 
fixed reference url
 2021-06-16 10:57:13 +02:00
Grant Willcox 464dcdf578 Land #15239, ipfire <= 2.25 Core Update 156 pakfire.cgi Authenticated RCE 2021-06-14 18:01:24 -05:00
Spencer McIntyre f58bbc236f Land #15319, Fix a localization issue 2021-06-14 16:42:19 -04:00
Grant Willcox 537a7763f5 Land #15337, Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests 2021-06-14 15:28:40 -05:00
Grant Willcox 5b274770ef Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall 2021-06-14 15:02:38 -05:00
pingport80 7c597b4ca2 define error_token as a random alphanumeric string 2021-06-14 23:32:44 +05:30
Gaurav Purswani 622e82cf44 Update modules/post/windows/gather/enum_hyperv_vms.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-06-14 23:23:12 +05:30
Gaurav Purswani 59928bf941 Update modules/post/windows/gather/enum_hyperv_vms.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-06-14 23:23:04 +05:30
adfoster-r7 fb0e0f88a9 Land #15215, HashiCorp Nomad exec RCE 2021-06-14 17:49:36 +01:00
Wyatt Dahlenburg 1789c7b070 Adding notes to Nomad Module 2021-06-14 10:39:23 -05:00
Spencer McIntyre d1be69eae6 Implement changes based on PR feedback 2021-06-14 10:15:27 -04:00
pingport80 9929d1c11d fix new rubocop errors 2021-06-14 18:25:22 +05:30
pingport80 beba2a6e46 add error_token in case the command fails and remove regexp from psh_exec 2021-06-14 15:02:39 +05:30
0xShoreditch 8eddecc858 Update apache_activemq_upload_jsp.rb 
Corrected a minor error where the URI and filesystem path were not separated.
 2021-06-13 07:27:56 +01:00
h00die 0f16c1a633 Land #14836, emby ssrf module and scanner for cve-2020-26948 2021-06-12 15:18:12 -04:00
h00die d58eb309e6 update module location 2021-06-12 15:07:03 -04:00
Grant Willcox e3a0228f79 Adjust exploit module title for rubocop compliance 2021-06-10 16:54:35 -05:00
Spencer McIntyre edee95bbb2 Update the check to not fail if a COOKIE is used 2021-06-10 11:29:07 -04:00
Grant Willcox de8180b666 Update module title to correct state affected versions 2021-06-10 09:42:26 -05:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
Grant Willcox 038d0b1334 Add in autocheck compatability, update the documentation and output to be clearer, minimize traffic sent, fix up invalid scoping of variables, randomize data where possible, and add in exploit notes 2021-06-10 09:34:52 -05:00
MucahitSaratar 83caaccc6a adding backup 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:47 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
btnz-k f684955537 updated documentation, modified var type 2021-06-09 15:26:29 -07:00
pingport80 669586a3ed fix localization issue in windows/enum_hyperv_vms and chomp extra data from psh_exec method 2021-06-09 23:35:27 +05:30
agalway-r7 1858b574ec Land #15305, Authenticated RCE module for NSClient++ 2021-06-09 15:38:34 +01:00
Yann Castel c7b7b871c9 missing variable e for rescue 2021-06-09 11:13:39 +02:00
Yann Castel 674eb51f86 add scenario + small changes 2021-06-09 08:59:35 +02:00
Spencer McIntyre 3afe3ebfa3 Add the module docs 2021-06-08 15:23:24 -04:00
Spencer McIntyre 325ecfedff Add some error handling while extracting the key 2021-06-08 14:58:58 -04:00
Hakyac dc40cddb04 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:38:01 +02:00
Hakyac d2bf8ae912 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:34:40 +02:00
Yann Castel 2df710158e conflict fixed 2021-06-08 15:29:38 +02:00
Yann Castel 31515faccb various changes 2021-06-08 15:26:50 +02:00
Hakyac ce0c699213 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:11:25 +02:00
Hakyac 1f2f04b0d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:10:08 +02:00
Yann Castel cf5848ab3e add comment for second token generation 2021-06-08 14:31:03 +02:00
Hakyac 9e0b7cb171 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:21:04 +02:00
Hakyac 21bfa629d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:52 +02:00
Hakyac 38c63a6966 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:32 +02:00
Yann Castel e9305dc622 rubocop ok 2021-06-08 09:32:51 +02:00
Spencer McIntyre 64077e1395 Add and use a new sharepoint mixin 2021-06-07 15:25:07 -04:00
Spencer McIntyre 8cc220ccbc Initial commit of CVE-2021-31181 2021-06-07 13:37:28 -04:00
btnz-k 93f0f62b05 MSFTIDY 2021-06-07 08:40:11 -07:00
Yann Castel bf96b88446 add default port + set ssl to true 2021-06-07 16:48:16 +02:00
Yann Castel 212039fa6b rubocop ok 2021-06-07 16:30:42 +02:00
Yann Castel 6a7e30749d initial commit 2021-06-07 14:39:10 +02:00