adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,154 Commits 27 Branches 1,043 Tags
441b671edd1531ceb457017fa7600aeee42072f7
Commit Graph

716 Commits

Author SHA1 Message Date
h00die 1906646e67 peer review 2024-11-28 13:18:47 -05:00
h00die 2b593bcf54 wp_post_smtp_acct_takeover peer review 2024-11-03 13:52:55 -05:00
h00die 9da5177d11 remove old code 2024-10-29 16:44:48 -04:00
h00die 41ed44864f wp_post_smtp_acct_takeover 2024-10-29 16:44:20 -04:00
h00die 4feb12ab4a untested code 2024-10-29 16:44:20 -04:00
jheysel-r7 05ff8359b8 Merge pull request #19436 from h4x-x0r/CVE-2024-6670 
WhatsUp Gold SQL Injection (CVE-2024-6670) Module
 2024-09-26 17:04:30 -04:00
h4x-x0r c20b1d8a03 minor fixes 
minor fixes
 2024-09-26 04:01:36 +01:00
jheysel-r7 d11c2be4ea Merge pull request #19375 from h4x-x0r/CVE-2024-20419 
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419) Module
 2024-09-24 12:19:54 -04:00
Jack Heysel f254eeb65e Added error handling 2024-09-23 14:16:26 -07:00
h4x-x0r 322188a112 Refactoring 
Refactored code to remove duplicate requests
 2024-09-23 13:29:46 +01:00
h4x-x0r 05f591d005 Cleanup and check method added 
Cleanup and check method added
 2024-09-12 15:43:20 +01:00
h4x-x0r 75627ccba7 Update whatsup_gold_sqli.rb 2024-09-02 15:45:45 +01:00
h4x-x0r fdd740b235 cleanup 
cleanup
 2024-09-02 15:44:27 +01:00
h4x-x0r 64f595c431 cleanup, version check, documentation 
cleanup, version check, documentation
 2024-09-02 15:41:08 +01:00
h4x-x0r 686da13ff5 WhatsUp Gold SQL Injection (CVE-2024-6670) 
WhatsUp Gold SQL Injection (CVE-2024-6670)
 2024-09-02 16:09:10 +01:00
bwatters 4af2294709 Land #19386, Ivanti Virtual Traffic Manager (vTM) Authentication Bypass (CVE-2024-7593) Module 
Merge branch 'land-19386' into upstream-master
 2024-08-27 09:39:10 -05:00
bwatters 84431b0a4e Land #19380, Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Merge branch 'land-19380' into upstream-master
 2024-08-26 18:09:09 -05:00
h4x-x0r 3f3690bebb code cleanup 
code cleanup
 2024-08-19 21:17:16 +01:00
h4x-x0r 9690f01df6 code cleanup 
code cleanup
 2024-08-19 16:25:50 +01:00
h4x-x0r 82f51bb9b7 code cleanup 
code cleanup
 2024-08-16 15:43:34 +01:00
h4x-x0r 5a94869809 cleanup 
cleanup
 2024-08-16 14:12:41 +01:00
h4x-x0r 3577ae8ffb Code cleanup 
Code cleanup
 2024-08-16 13:57:38 +01:00
h4x-x0r 8ad328a510 Code cleanup 
Code cleanup
 2024-08-16 07:07:16 +01:00
h4x-x0r 947cefe43a Fixed get_cookies 
Fixed get_cookies
 2024-08-14 17:42:11 +01:00
h4x-x0r 765e9b9ae4 Improved error handling 
Improved error handling
 2024-08-14 17:25:36 +01:00
h4x-x0r ea2b5920ac cleanup 
cleanup
 2024-08-14 06:44:43 +01:00
h4x-x0r 9c72a85134 Verified more versions 
Verified exploit against more affected versions
 2024-08-14 06:33:45 +01:00
h4x-x0r 75201b0892 Updated references 
references, affected versions, credits
 2024-08-14 05:15:36 +01:00
h4x-x0r 7bfc386973 Updated 
added error handling, documentation, version check, store_valid_credential
 2024-08-14 04:57:08 +01:00
h4x-x0r be62cc97a7 Auth Bypass 
Auth Bypass
 2024-08-14 02:00:06 +01:00
h4x-x0r 17149db5a3 code cleanup 
code cleanup
 2024-08-13 23:23:35 +01:00
h4x-x0r b96bc116f5 Code cleanup 
Code cleanup
 2024-08-13 23:18:26 +01:00
h4x-x0r c53e5d3c4e Code cleanup and added store_valid_credential 
added store_valid_credential
code cleanup
 2024-08-13 23:12:50 +01:00
h4x-x0r 733e2ab9fc Added store_valid_credential 
Added store_valid_credential
 2024-08-13 23:00:13 +01:00
h4x-x0r 14e4a11d24 Added store_valid_credential 
Added store_valid_credential
 2024-08-13 20:54:56 +01:00
h4x-x0r 26d6347919 Code cleanup 
Code cleanup
 2024-08-11 06:15:24 +01:00
h4x-x0r 5fa18a66ee Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module
 2024-08-11 05:41:07 +01:00
h4x-x0r 8a72124e9d Code cleanup and error handling added 
Code cleanup and error handling added
 2024-08-09 21:11:20 +01:00
h4x-x0r 4384d32c83 Cisco SSM On-Prem Account Takeover (CVE-2024-20419) 
Cisco SSM On-Prem Account Takeover (CVE-2024-20419)
 2024-08-09 18:59:54 +01:00
h4x-x0r 8bef9b5f72 Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276) 
Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
 2024-08-08 17:52:38 +01:00
adfoster-r7 62a3f73e70 Update rubocop target ruby version 2024-07-24 16:47:17 +01:00
h00die 779da83d59 gitlab password reset account takeoever review 2024-01-27 07:44:11 -05:00
h00die e6c4195ad3 gitlab password reset account takeoever review 2024-01-27 07:42:25 -05:00
h00die 482d2b28b1 gitlab password reset account takeoever 2024-01-18 16:19:26 -05:00
adfoster-r7 75c2de8c3d Revert spelling correction 2024-01-08 10:51:35 +00:00
h00die 8beb6255cb fix spelling in aux modules 2024-01-07 15:02:53 -05:00
Spencer McIntyre 69e5caa1a0 Refactor the ghostcat module to use the AJP defs 2023-11-17 12:58:05 -05:00
sfewer-r7 b28668790d allow user to explicitly specify a CLI mode. Valid modes are 'user', 'privileged', and 'global'. 2023-11-06 11:40:22 +00:00
sfewer-r7 10ee87c712 Add an optional CISCO_ADMIN_USERNAME and CISCO_ADMIN_PASSWORD options. If set these admin creds are used to leverage CVE-2023-20273. If not set, then CVE-2023-20198 is used to create a new temp admin account before leveraging CVE-2023-20273 2023-11-06 10:20:07 +00:00
sfewer-r7 a55132b36f strip out "**CLI Line # " from the results and use print_line instead of print_status for cleaner output. 2023-11-03 17:09:08 +00:00