adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,154 Commits 27 Branches 1,043 Tags
441b671edd1531ceb457017fa7600aeee42072f7
Commit Graph

529 Commits

Author SHA1 Message Date
Spencer McIntyre 0ec9b1bcb9 Fix a multicast socket issue 2024-11-21 15:14:46 -05:00
Spencer McIntyre 24d3ef16cf Remove some unnecessary code, switch to passive stance 2024-11-21 15:08:43 -05:00
remmons-r7 720312ba1c Create cups_ipp_remote_code_execution.rb 2024-11-11 15:51:09 -06:00
Jack Heysel 152710403d Land #19330, Add SSL opt in start_service 
The start_service method now allows users to specify their SSL
preferences directly through the opts parameter. If the ssl option is
not provided in opts, it will default to the value in datastore["SSL"]
 2024-09-05 09:08:07 -07:00
Jack Heysel 434593dcb4 Suggestion and rubocop fixes 2024-09-05 08:49:32 -07:00
h4x-x0r 1390251e87 Code cleanup 
Updated code for version detection and exploit invocation
 2024-08-03 05:13:33 +01:00
h4x-x0r 2ce0a7a3fd v7.15 Support added 
Updated to work with v7.15 too.
 2024-08-02 15:43:26 +01:00
h4x-x0r 6dbb264a0d Calibre Python Code Injection (CVE-2024-6782) 
New Exploit Module for Calibre Python Code Injection (CVE-2024-6782)
 2024-08-02 06:03:15 +01:00
redwaysecurity.com a812617fee Removed "ssl_restore = true" 2024-07-26 17:30:25 +02:00
Jack Heysel 9bbb82ab55 Land #18998, VSCode exploit for ipynb integration 
VSCode allows users open a Jypiter notebook (.ipynb) file. Versions
v1.4.0 - v1.71.1 allow the Jypiter notebook to embed HTML and
javascript, which can then open new terminal windows within VSCode. Each
of these new windows can then execute arbitrary code at startup
 2024-06-10 14:36:57 -07:00
Jack Heysel 216ffec555 Add Linux compatibility 2024-05-13 10:11:56 -07:00
jheysel-r7 6055d8a005 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2024-04-29 17:37:49 -04:00
Jack Heysel 3b57fbf052 ActiveMQ fixes 2024-04-26 14:25:16 -07:00
h00die c8d9702b37 vscode ipynb review 2024-04-17 16:35:10 -04:00
h00die 3da170a43c smcintyre-r7 recommendation for better payload handling 2024-03-22 17:04:06 -04:00
h00die f6b65993ac ipynb vscode exploit 2024-03-22 16:26:03 -04:00
Spencer McIntyre b31abcc9b2 Mark unix encoders as compatible with linux 
Fixes #18572
 2024-01-19 13:40:43 -05:00
sfewer-r7 ea21036995 reduce nesting in the check routine 2023-11-06 09:42:59 +00:00
sfewer-r7 4272678938 reduce the indentation in on_request_uri 2023-11-06 09:36:20 +00:00
sfewer-r7 fa8c40072c ensure the payload doesnt contain a CDATA closing tag, if found then fail before we attempt exploitation 2023-11-06 09:36:20 +00:00
sfewer-r7 24810183ca add in a unix target as ActiveMQ can run on OSX 2023-11-02 10:25:45 +00:00
sfewer-r7 94b5211525 set exploit Stance to Agressive 2023-11-02 09:32:36 +00:00
sfewer-r7 df040b30aa typos and improve comments 2023-11-01 17:59:00 +00:00
sfewer-r7 a408181def Add initial work on exploit module for CVE-2023-46604 2023-11-01 17:34:30 +00:00
sjanusz-r7 1140efc8b4 Support adding encrypted files to archives & jars 2023-10-13 14:42:10 +01:00
space-r7 63115c9415 Land #17857, add T3S support for weblogic modules 2023-04-27 11:37:37 -05:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Steve E 67b98b5120 merge tested exploits 2023-04-06 15:42:39 +01:00
Steve E f0189cc886 revert another get_once 2023-04-06 11:43:50 +01:00
Steve E 656c562816 Added notes, revert to get_once 2023-04-06 11:01:32 +01:00
Steve Embling cc79fe039a Merge branch 'rapid7:master' into weblogic-t3s-support 2023-04-06 10:38:29 +01:00
cgranleese-r7 c3a7da54d5 reduces code duplication 2023-04-04 10:27:11 +01:00
adfoster-r7 d04c8e1bce Update broken secunia references 2023-03-23 10:43:57 +00:00
adfoster-r7 656ded4b86 Add module notes 2023-02-08 15:46:07 +00:00
adfoster-r7 25ee41df68 Run rubocop on exploit modules 2023-02-08 15:20:32 +00:00
Steve E b67f001e2a post-testing typo fix 2023-01-12 20:02:20 +00:00
Steve E 1afecd0884 force t3 over ssl option 2023-01-12 19:42:55 +00:00
Steve E 990d5ccfad Action linter warnings in changes 2023-01-09 21:17:22 +00:00
Steve Embling 16c176dbe0 Accept protocol option change to optenum from optstring 
Co-authored-by: bcoles <bcoles@gmail.com>
 2023-01-10 12:54:28 +00:00
Steve Embling a368f76a2a Update weblogic_deserialize_badattrval.rb 2023-01-10 10:47:31 +00:00
Steve E 60bfa329fa Add t3s protocol support to weblogic_deserialize_badattrval 2023-01-09 18:47:43 +00:00
Maik Ro 330cb2944b fix typo 
OptString.new('FILENAME', [true, 'The OpoenOffice Text document name', 'msf.odt']) -> OpoenOffice changed to OpenOffice
 2022-11-30 22:10:18 +01:00
Jack Heysel 52fd45b7ab Land #16744 Jboss EAP/AS RCE module 
This module exploits a Java deserialization vulnerability
in JBOSS EAP/AS Remoting Unified Invoker interface for
versions 6.1.0 and prior.
 2022-07-12 10:49:22 -04:00
Jack Heysel 7df6d73741 Added new line to end of file 2022-07-12 09:08:19 -04:00
Jack Heysel 44abcfcb28 Added flavour to fix linux_dropper 2022-07-12 09:06:06 -04:00
Heyder Andrade 2f7cf90b7f mixin didn't work with linux_dropper payload 
- Fixed exception handling variable attribution
- Tried to change JavaDeserialization Util to JavaDeserialization mixin
instead
- Changed the fail reason when the connection is unsuccessful
 2022-07-08 02:30:26 +02:00
space-r7 52ac281991 change wording in fail_with() 2022-07-07 18:05:56 -05:00
kalba-security 7d32338702 remove ARTIFACTS_ON_DISK from weblogic_deserialize_asyncresponseservice notes 2022-07-07 05:26:59 -07:00
Heyder Andrade 50ca5f0ce2 Add description 2022-07-05 00:25:07 +02:00
Heyder Andrade 0ea033be55 Add module for jboss remoting unified invoker RCE 2022-07-01 21:39:42 +02:00