adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,755 Commits 27 Branches 1,043 Tags
46a0052286b9de5d288b2e932e82e308de33cf21
Commit Graph

2369 Commits

Author SHA1 Message Date
Spencer McIntyre 06dcc82ced Land #18630, Add CVE-2023-50917: MajorDoMo RCE 
Add CVE-2023-50917: MajorDoMo Command Injection Module
 2024-01-19 17:10:40 -05:00
sfewer-r7 de6ed9e1d6 use get_json_document instead of JSON.parse 2024-01-18 15:35:43 +00:00
sfewer-r7 4ff399844f By replacing the trailing ';' with a '#' we comment out the remaining portion of the command string (Thank you @jvoisin). We must also include a space character for this to work as expected, doing so also removes the need to bootstrap the Linux payloads with a separate file. 2024-01-18 10:04:38 +00:00
Stephen Fewer c74fd86961 Update modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2023_46805.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-18 09:18:46 +00:00
Stephen Fewer 3bb1d2bc02 Update modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2023_46805.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-18 09:18:35 +00:00
sfewer-r7 70ef0dcb0d improve the check logic to fall through when the json doesnt have the key we expect it to have 2024-01-17 10:02:59 +00:00
sfewer-r7 518c1e5d3c mention Pull Connect as well as the CVEs in the description 2024-01-17 10:02:11 +00:00
sfewer-r7 ad7e348eaa remove a copy pasta link 2024-01-17 09:16:18 +00:00
sfewer-r7 f9419c4839 seperate commands into an array instead of one bog long string 2024-01-16 17:19:13 +00:00
sfewer-r7 ea1dafa353 this is a slightly nicer way to write this 2024-01-16 17:08:09 +00:00
sfewer-r7 4060e069ed first commit of the ICS exploit 2024-01-16 14:32:48 +00:00
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Balgogan 0a2dea523f Add suggested changes 2023-12-22 00:04:54 +01:00
h00die-gr3y 4c404765a4 Final update to the module based on cdelafuente-r7 comments 2023-12-21 12:06:21 +00:00
Balgogan 9c9af0dca1 Fix statement 2023-12-20 01:51:19 +01:00
Balgogan 22a05c8bf5 Add CVE-2023-50917 2023-12-20 00:43:00 +01:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00
h00die-gr3y db099f8f4c Third release of module 2023-12-16 16:06:05 +00:00
h00die-gr3y d00249f083 Second release with manual cleanup of php* files 2023-12-14 12:57:07 +00:00
h00die-gr3y ff44932113 first draft release of module 2023-12-10 21:09:40 +00:00
Valentin Lobstein 1438a88eb5 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-28 08:10:56 +01:00
Valentin Lobstein c60da4ad58 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-11-23 17:33:19 +01:00
Valentin Lobstein d20a1703b1 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-11-23 17:32:57 +01:00
Balgogan 9b050e29ae Add suggested changes 2023-11-22 00:53:12 +01:00
Balgogan fff8d20eb8 Add suggested changes 2023-11-22 00:50:57 +01:00
Balgogan 2750deedee Update 2023-11-21 18:28:28 +01:00
Valentin Lobstein 218f652429 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-21 17:08:55 +01:00
Balgogan 58425df0ef Update vinchin_backup_recovery_cmd_inject exploit and documentation 2023-11-21 02:09:24 +01:00
Valentin Lobstein d59d5e5524 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-20 19:07:04 +01:00
Valentin Lobstein 4e1ec6484a Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-20 19:06:51 +01:00
Valentin Lobstein 8eb1f61217 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-20 19:06:41 +01:00
Valentin Lobstein 223cb245ba Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-20 19:06:05 +01:00
Valentin Lobstein 13b19ba537 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-20 19:05:54 +01:00
Valentin Lobstein 00cc8dcc09 Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-11-20 19:05:45 +01:00
Balgogan 42cdda7200 Vinchin 2023-11-16 18:10:42 +01:00
Balgogan 7482948ab7 Fix 2023-11-09 20:05:39 +01:00
Balgogan c5cfc995c2 Add vinchin_backup_recovery_cmd_inject 2023-11-09 19:47:27 +01:00
Christophe De La Fuente 1cde6198b5 Land #18481, MagnusBilling unauthenticated RCE [CVE-2023-30258] 2023-11-03 20:42:27 +01:00
Spencer McIntyre e5790f8d6e Fix a stability issue with the module 
Occassionally the module will fail on login if things are running too
quickly. Fix it by retrying like update_user_password does.
 2023-11-02 17:10:20 -04:00
Spencer McIntyre 27d86be456 Remove the REPEATABLE_SESSION tag 
The module is generally reliable, but may fail after it's been run multiple
times.
 2023-11-02 11:11:36 -04:00
Spencer McIntyre cea4c1f326 Feedback from module review 2023-11-02 10:17:45 -04:00
Spencer McIntyre d26742a266 Add check code annotations, update AJP link 2023-11-02 08:53:56 -04:00
Spencer McIntyre 9c67b92a4d Rename the other TMUI RCE module 2023-11-01 16:55:42 -04:00
Spencer McIntyre 7b53592b4f Add module docs 2023-11-01 16:55:41 -04:00
Spencer McIntyre 03252913a1 Add the check method 2023-11-01 16:55:41 -04:00
Spencer McIntyre 714eeaaa3a Finish cleaning the exploit up 2023-11-01 16:55:36 -04:00
Spencer McIntyre c803d6ef7e Fetch the admin hash as a bonus 2023-10-31 15:27:31 -04:00
Spencer McIntyre 04388d9e25 Initial commit of CVE-2023-46747 2023-10-31 09:55:18 -04:00
h00die-gr3y ad6e4618df third release module with minor text changes 2023-10-31 09:29:13 +00:00