adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,755 Commits 27 Branches 1,043 Tags
46a0052286b9de5d288b2e932e82e308de33cf21
Commit Graph

897 Commits

Author SHA1 Message Date
ekalinichev-r7 847a72c417 Land #18638, add exploit for CVE-2022-42889 Apache Commons Text RCE 2024-01-19 13:02:53 +01:00
Christophe De La Fuente b8aa55c322 Land #18633, WordPress Backup Migration Plugin PHP Filter Chain RCE (CVE-2023-6553) 2024-01-17 18:42:52 +01:00
Gaurav Jain 225ef6847f Add output from test run on windows target 2024-01-15 00:26:47 +05:30
Jack Heysel 6d8666e35b Fixed spacing and removed unused method 2024-01-11 13:13:57 -05:00
Jack Heysel cdc66dd91f Last minute fix 2024-01-11 12:56:01 -05:00
Jack Heysel 5c7061cc0c Remove OS dependant payload 2024-01-11 12:30:04 -05:00
Gaurav Jain 98667edf76 Add suggested changes 2024-01-05 22:31:51 +05:30
Gaurav Jain d0beea91bd Add exploit for CVE-2022-42889 2023-12-25 00:43:50 +05:30
Jack Heysel eeb74cd5e1 Updated metadata 2023-12-20 16:49:45 -05:00
Jack Heysel e3062d45e0 Module working docs updated 2023-12-20 16:41:52 -05:00
Jack Heysel c895364675 Initial commit, files created 2023-12-18 19:26:14 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
Jack Heysel 862194d63f Documentation and rubocop changes 2023-12-11 19:01:35 -05:00
Balgogan 402434bbf2 Add module output 2023-11-28 08:41:35 +01:00
Valentin Lobstein bfd22f8f01 Update documentation/modules/exploit/multi/http/wp_royal_elementor_addons_rce.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-11-28 08:15:14 +01:00
Balgogan 31daaf58fe Add wp_royal_elementor_addons_rce 2023-11-23 05:15:28 +01:00
Stephen Fewer 00104ce467 Update documentation to specify bin directory 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-02 17:41:21 +00:00
Stephen Fewer 8b70c3ec77 Update documentation/modules/exploit/multi/misc/apache_activemq_rce_cve_2023_46604.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-02 17:40:54 +00:00
sfewer-r7 05f0b6a70c change the verification stesp to be for alinux target, as the testing steps above are for linux 2023-11-02 10:28:21 +00:00
sfewer-r7 58d03a3dab add in documentation 2023-11-02 10:26:02 +00:00
Zach Goldman d960aa522c Land #18348, Splunk account take over (CVE-2023-32707) leading to RCE 2023-10-26 11:34:02 -04:00
Heyder Andrade 1ac0e2dc66 Update splunk_privilege_escalation_cve_2023_32707.md 2023-10-23 11:31:19 +02:00
Christophe De La Fuente da9d04d32d Land #18461, CVE-2023-22515 - Atlassian Confluence unauthenticated RCE 2023-10-19 10:22:57 +02:00
sfewer-r7 c63aaba760 add in documentation for Options 2023-10-18 10:05:05 +01:00
sfewer-r7 1c027ac05c add an RCE exploit for CVE-2023-22515 2023-10-16 20:50:18 +01:00
Spencer McIntyre 86b7ec4518 Address comments from the review 2023-10-12 09:50:19 -04:00
Spencer McIntyre 4f734379d3 Add module docs and print some messages 2023-10-12 09:27:26 -04:00
h00die 7ffc1ca491 undo some spelling fixes when upstream has those issues 2023-10-11 06:30:11 -04:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
Spencer McIntyre e7ab983279 Minor code changes 
Changes include:
  * Remove the PAYLOAD key which didn't do anything
  * Add the missing payload size constraint
  * Use #retry_until_truthy
 2023-09-28 13:19:26 -04:00
sfewer-r7 89940e8b08 use the correct naming convention for normal options. 2023-09-28 16:36:18 +01:00
sfewer-r7 ad7ff705c7 add in a Linux target 2023-09-28 14:57:02 +01:00
sfewer-r7 fbd5e60cfc add in coverage for CVE-2023-42793. Currently only a Windows target. 2023-09-28 12:31:59 +01:00
Heyder Andrade 766766be78 Apply suggestions from code review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-09-14 16:13:10 +02:00
eu 8627616404 Added scenario for a non-vulnrable version 2023-09-14 15:56:35 +02:00
eu 54a7b55eb4 Fix code style 2023-09-14 15:05:41 +02:00
eu fc4b47cddd Added documentation 2023-09-13 17:18:18 +02:00
Christophe De La Fuente a33f03d100 Land #18302, Sonicwall rce CVE-2023-34124 2023-09-08 11:48:07 +02:00
Ron Bowes b12fe743d0 Resolve PR comments 2023-09-06 14:11:29 -07:00
Christophe De La Fuente 8217745a85 Land #18257, Apache nifi h2 rce (CVE-2023-34468) 2023-08-30 13:37:37 +02:00
Ismail Dawoodjee 94b7e77d11 Fix exploit/linux typos in Subrion RCE docs 2023-08-23 22:44:49 +08:00
Ron Bowes ce50cfa11a Add module for SonicWall vulns, which includes cve-2023-34124 2023-08-21 08:53:07 -07:00
Jack Heysel 5fdc9924d5 Land #18123, add exploit for Jorani unauth RCE 
This PR adds a module that chains together a log poisoning LFI,
redirection bypass and a path traversal vulnerability to obtain unauth RCE.
 2023-08-18 16:44:42 -04:00
jheysel-r7 4ddd789f51 Apply suggestions from code review 2023-08-18 15:33:59 -04:00
h00die bba8681be4 update doc 2023-08-08 17:44:35 -04:00
h00die 7b024f21bd apache nifi h2 rce 2023-08-08 17:44:35 -04:00
ismaildawoodjee 19dcc2d674 Move module and documentation from linux/http to multi/http 2023-08-02 10:10:27 -04:00
adfoster-r7 b979217227 Land #18239, Add version numbers to apache nifi rce module 2023-07-31 22:28:52 +01:00
h00die b2869a5550 version numbers for apache nifi rce 2023-07-31 17:16:26 -04:00
h00die 5d9a65eeb0 version numbers for apache nifi rce 2023-07-31 16:14:57 -04:00