adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,775 Commits 27 Branches 1,043 Tags
4c02405ab520ca3232aeb359a14fd82ae29e23db
Commit Graph

664 Commits

Author SHA1 Message Date
Jake Baines 4b7c5acc5b Changed qx delimiter to # and added it to badchars. Defaulted to a staged payload 2021-11-03 10:51:37 -07:00
Jake Baines 68cae90f45 Fix spelling error 2021-11-03 08:51:07 -07:00
Jake Baines 116e2b0c1d Enabled use of cmdstager::flavor printf. Tested against a CentOS install. Updated docs. Default to MeterpreterTryToFork and enabled autocheck 2021-11-03 08:49:09 -07:00
Jake Baines beb30f2b6a Expanded cmdstager flavors. Removed bad variable name 2021-11-02 12:01:36 -07:00
Jake Baines 10bb77ea4b Addressed a wide variety of spelling and formatting issues. Added a reference. Registered TARGETURI. Randomized the image payload in check. Added additional options information to documentation. 2021-11-02 09:50:06 -07:00
Jake Baines b3a6d09b86 Fix wrong extension for documentation 2021-11-02 08:07:56 -07:00
Jake Baines 3aadb6000b Initial version of CVE-2021-22205 GitLab Unauth RCE 2021-11-02 01:46:51 -07:00
Spencer McIntyre 7fc38d1b50 Land #15754, add apache2 path traversal modules 2021-10-22 12:40:57 -04:00
Spencer McIntyre ced61f989b Tweak the verbiage for clarity, update docs 2021-10-22 12:38:03 -04:00
adfoster-r7 2f86b332f5 Land #15733, Add Module For Kubernetes Pod Authenticated Code Execution 2021-10-21 10:46:20 +01:00
Spencer McIntyre 1e1b1982b2 Improve image selection when creating a pod 
The module will now iterate over identified image names by default and
also allows an explicit image name to be specified using the new
PodImage advanced option.
 2021-10-20 15:52:23 -04:00
William Vu 42ed1b6eef Add Windows support to CVE-2021-26084 exploit 2021-10-14 16:58:04 -05:00
dwelch-r7 dcb42da269 Land #15612, Add multiple moodle modules 2021-10-11 23:18:55 +01:00
RAMELLA Sébastien 60b2b0f009 update modules and docs 2021-10-10 17:01:15 +04:00
RAMELLA Sébastien 256b4edf78 update modules to CVE-2021-42013 2021-10-08 15:22:47 +04:00
Spencer McIntyre d8f2b18649 Implement review feedback 2021-10-01 14:44:13 -04:00
Spencer McIntyre 8d82bebc3c Add the kubernetes/exec module docs 2021-10-01 10:32:12 -04:00
space-r7 327aefd3f5 add older path, fix typo 2021-09-20 12:14:42 -05:00
Spencer McIntyre fd0f565095 Add automatic targeting for the CVEs 2021-09-16 15:15:52 -04:00
Spencer McIntyre d82ed7d4a2 Write up the module docs 2021-09-14 09:10:44 -04:00
h00die 65aae010ce more libs for moodle and teacher priv esc to rce module 2021-09-04 13:31:11 -04:00
h00die 5ea2cf9e5a moodle_admin_shell_upload working and minor other fixes 2021-08-29 16:59:44 -04:00
h00die 176c1f0751 moodle lib and module 2021-08-29 10:50:25 -04:00
h00die a35be13958 moodle 3.8.0 tested 2021-08-28 08:10:28 -04:00
h00die c0a8535764 moodle spellcheck rce 2021-08-27 19:51:52 -04:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Grant Willcox ade653f0bf Final fixup edits to change the timeout value to be an advanced option and also to use send_req_cgi 2021-08-05 13:10:24 -05:00
Grant Willcox 00cfdc4f17 Use Faker to generate a fake app name, add in option to specify timeout to server, and also fix Alan's remaining review comments 2021-08-05 09:46:34 -05:00
Grant Willcox 0d7d5ab93f Switch over to Rex::MIME::Message to use our built in mixins, and also fix last remaining review comments 2021-08-02 11:17:26 -05:00
Grant Willcox 27f70af1b3 Fix up some of the mistakes wvu pointed out 2021-07-30 15:28:10 -05:00
Grant Willcox 3427571887 Push up working CVE-2019-11580 exploit and associated documentation 2021-07-30 12:07:12 -05:00
Shelby Pace 183caff15c Land #15418, add modern events calendar rce 2021-07-26 09:45:05 -05:00
Shelby Pace 38ae82155e modify info, fix spacing 2021-07-26 09:43:34 -05:00
Shelby Pace 9e95eb7be1 Land #15408, add Wordpress sp doc file upload 2021-07-23 12:36:29 -05:00
Shelby Pace d207f994c0 modify doc description 
randomize form data, formatting
 2021-07-23 12:33:41 -05:00
Hakyac 1a55cfc88c Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:10 +02:00
Hakyac 76a7233ee9 Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:00 +02:00
Hakyac cf9a5be774 Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:49 +02:00
Hakyac 9eb8d521f8 Update documentation/modules/exploit/multi/http/wp_plugin_modern_events_calendar_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:08:19 +02:00
Shelby Pace 79d49a6857 Land #15402, add Wordpress Backup Guard rce 2021-07-20 15:53:57 -05:00
Shelby Pace f738383b98 rename docs, modify privileged to false 
use vars_get in upload request
 2021-07-20 15:31:38 -05:00
Hakyac 109ca7ec7a Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-07-20 09:05:27 +02:00
Hakyac d26d9f50fa Update wordpress_plugin_backup_guard_rce.md 2021-07-12 14:29:35 +02:00
Hakyac ba69294967 Update wp_plugin_sp_project_document_rce.md 2021-07-12 14:28:35 +02:00
Yann Castel 6934ec7d18 initial commit 2021-07-12 14:25:38 +02:00
Grant Willcox 5c8aa9b802 Add in ForgeRock demonstration and fix up some last minor issues with the documentation to make it more accurate 2021-07-09 16:43:25 -05:00
Spencer McIntyre fba838f4e8 Update docs, pin version and fix the check method 2021-07-09 16:39:58 -04:00
Yann Castel d9233b9d98 typo 2 2021-07-09 11:54:25 +02:00
Yann Castel 3f2d7cda10 typo 2021-07-09 11:51:52 +02:00