adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,154 Commits 27 Branches 1,043 Tags
441b671edd1531ceb457017fa7600aeee42072f7
Commit Graph

251 Commits

Author SHA1 Message Date
Valentin Lobstein 5cdf7ae175 Update documentation/modules/exploit/unix/webapp/cyberpanel_preauth_rce_multi_cve.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-11-30 13:55:02 +01:00
Chocapikk 9c74467950 Refactor code + add check and autocheck 2024-11-21 22:48:36 +01:00
Valentin Lobstein f85de40d58 Update documentation/modules/exploit/unix/webapp/cyberpanel_preauth_rce_multi_cve.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-11-01 15:46:05 +01:00
Chocapikk 3723064ac9 Fix typo 2024-11-01 08:53:55 +01:00
Chocapikk 616ffe7d18 Add CVE-2024-51568 2024-11-01 08:48:34 +01:00
Chocapikk 4269615400 Add CyberPanel Pre-Auth RCE Exploit Module for CVE-2024-51378 and CVE-2024-51567 2024-10-31 22:13:05 +01:00
Diego Ledda 9a245e6e06 Land #19485, Module BYOB Unauthenticated RCE (CVE-2024-45256, CVE-2024-45257) 
Land #19485, Module BYOB Unauthenticated RCE (CVE-2024-45256, CVE-2024-45257)
 2024-10-15 17:13:15 +02:00
Chocapikk 10a4b24ed7 Better file clean 2024-09-27 01:17:07 +02:00
Valentin Lobstein 5408d0b5ac Update documentation/modules/exploit/unix/webapp/byob_unauth_rce.md 2024-09-23 18:40:26 +02:00
Valentin Lobstein b18cb3ecac Update documentation/modules/exploit/unix/webapp/byob_unauth_rce.md 2024-09-23 18:40:19 +02:00
Chocapikk 9e6adea0dc Add BYOB Unauthenticated RCE module exploiting arbitrary file write and command injection (CVE-2024-45256, CVE-2024-45257) 2024-09-21 04:00:56 +02:00
Chocapikk ae8df6c34b Add working documentation + working exploit 2024-09-18 17:00:18 +02:00
Chocapikk 36621c05d9 del documentation/modules/exploit/unix/webapp/spip_rce_form.md 2024-08-30 22:22:41 +02:00
h00die-gr3y b65c7ecb08 added support for all openmediavault versions (0.1 - 7.4.2-2) 2024-07-20 20:55:33 +00:00
h00die-gr3y a9f8475bf5 moved module + doc to exploit/unix/webapp 2024-07-16 15:50:20 +00:00
fanqiaojun 6b2bdc893b chore: remove repetitive words 
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net>
 2024-04-15 11:06:50 +08:00
Balgogan ab9576f83d Add changes 2023-12-01 10:55:04 +01:00
Balgogan b2fa201a7d Implement check 2023-11-28 16:45:44 +01:00
Balgogan 0146527e55 Add splunk_xslt_authenticated_rce 2023-11-28 15:40:05 +01:00
Jack Heysel 1da4333611 Land #18434, Add module for Zoneminder RCE 
This PR adds an RCE module for the Zoneminder video
surveillance software system (CVE-2023-26035).
 2023-11-10 15:15:01 -05:00
Wolfgang Hotwagner 5d5f711dcd updated documentation 2023-11-09 22:40:36 +00:00
Wolfgang Hotwagner 58f9a39f72 replaced custom timer with rex::stopwatch 
updated documentation
 2023-10-12 11:46:56 +00:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
Wolfgang Hotwagner 2d065d59cf Documentation for exploit module for CVE-2023-26035 2023-10-06 17:43:44 +00:00
Jack Heysel 8717e66b14 Land #18280, Add Maltrail Unauth RCE Module 
This PR adds a module for an unauthenticated RCE vulnerability
in Maltrail, a malicious traffic detection system. This vuln
does not have a CVE associated with it.
 2023-08-16 17:29:05 -04:00
Ege Balcı a91f928d62 Update documentation/modules/exploit/unix/http/maltrail_rce.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-08-16 18:45:37 +00:00
Jack Heysel 99e78a4c00 Update documentaion file 2023-08-14 21:01:10 -04:00
Ege Balcı 4b7d98df07 Add Maltrail Unauthenticated RCE exploit 2023-08-10 23:02:20 +02:00
Ege Balcı da9200819d Update scenarios for new targets 2023-08-10 00:55:52 +02:00
Ege Balcı 41f0c30855 Add RaspAP Unauthenticated Command Injection (CVE-2022-39986) Exploit 2023-08-04 21:22:07 +02:00
emirpolatt 34f25fbb65 pfSense Config Data Remote Command Execution as root (CVE-2023-27253) Module 2023-07-12 13:27:02 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
bcoles 69daea95d6 exploit/unix/ftp/proftpd_modcopy_exec: Add docs and resolve RuboCop violations 2023-03-23 18:13:20 +11:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Christophe De La Fuente 2a28af208d Land #16992, Syncovery For Linux - Auth. RCE (CVE-2022-36534) 2022-12-14 13:43:00 +01:00
whoot 04e5aa3033 apply suggestions 2022-12-02 16:05:01 +01:00
Grant Willcox a3e32ffafa Add TARGET 0 to documentation 2022-10-12 20:00:33 -05:00
Grant Willcox e9f54aa5b8 Update documentation with better wording, and add randomization of parameter name to module along with cleanup code for deleting uploaded files 2022-10-12 19:16:52 -05:00
Jack Heysel 9652823393 Reverted check method to upload shell 2022-10-12 19:16:44 -05:00
Jack Heysel 3c27c8e5aa Condensed payload, changed base64 encoding to hex 2022-10-12 19:12:35 -05:00
Jack Heysel e4eac96b4b Add Module for pfSense pfBlockerNG unauth RCE as root 2022-10-12 19:12:22 -05:00
jrude 01556b22d5 Syncovery For Linux - Auth. RCE (CVE-2022-36534) 2022-09-07 13:34:48 +02:00
kalba-security b56242c7a2 enable MeterpreterTryToFork by default for aerohive_netconfig_lfi_log_poison_rce 2022-07-01 06:15:13 -04:00
space-r7 dd0b124e84 fix typo in docs, check some responses 2022-05-04 17:28:37 -05:00
krastanoel 0f5e31d593 Apply suggestions from code review 
Update documentation common default options

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-05-03 15:43:38 +07:00
krastanoel bb8c130740 Fix docs typo 2022-04-28 21:57:18 +07:00
krastanoel eba436dd99 Add Zoneminder Language rce module docs 2022-04-28 21:01:00 +07:00
Jake Baines 65e16a1a72 Initial implementation of pfSense auth file creation bug (CVE-2021-41282) 2022-02-27 18:12:54 -08:00
bwatters 4505d7e834 Land #15700, Add Aerohive NetConfig <= 10.0r8a RCE (CVE-2020-16152) module 
Merge branch 'land-15700' into upstream-master
 2021-11-11 17:03:54 -06:00
bwatters 5e670638f3 Add a line suggesting TryToFork on Meterpreter might prevent the hang after exploitation 2021-11-11 16:59:09 -06:00