 Christophe De La Fuente
|
3182cb4000
|
Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892]
|
2023-12-22 10:59:39 +01:00 |
|
|
Christophe De La Fuente
|
fb26c93291
|
Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables)
|
2023-12-20 20:04:21 +01:00 |
|
|
Christophe De La Fuente
|
7ca256560d
|
Land #18542, Vinchin Backup & Recovery Command Injection
|
2023-12-20 18:56:50 +01:00 |
|
|
Jack Heysel
|
065abf6b92
|
Rubocop, doc scenario update
|
2023-12-19 12:30:02 -05:00 |
|
|
Jack Heysel
|
4e61596e7a
|
Check Build ID before running exploit
|
2023-12-19 12:15:35 -05:00 |
|
|
Jack Heysel
|
549ee43df9
|
Update docs description minor comments
|
2023-12-19 00:32:21 -05:00 |
|
|
h00die-gr3y
|
5d7cf90521
|
Some minor changes to the module and documentation
|
2023-12-18 08:23:16 +00:00 |
|
|
h00die-gr3y
|
9ac3739605
|
Minor changes to the documentation
|
2023-12-17 13:51:30 +00:00 |
|
|
h00die-gr3y
|
0641839e69
|
Added documentation and removed debug info
|
2023-12-17 13:10:18 +00:00 |
|
|
Jack Heysel
|
d9aa7f914e
|
Added newline to PoC and removed empty file
|
2023-12-14 18:42:09 -05:00 |
|
|
Jack Heysel
|
df111afb06
|
Glibc Tunables Exploit
|
2023-12-14 18:28:43 -05:00 |
|
|
cgranleese-r7
|
f794268020
|
Land #18578, Docker cgroup escape (CVE-2022-0492)
|
2023-12-06 16:07:08 +00:00 |
|
|
h00die
|
eca611aaac
|
review
|
2023-12-05 16:18:39 -05:00 |
|
|
Christophe De La Fuente
|
10d4b9233b
|
Land #18463, D-Link Router UPnP unauthenticed LAN RCE via a crafted M-SEARCH packet
|
2023-12-05 10:58:15 +01:00 |
|
|
h00die
|
22242732d9
|
working cve-2022-0492
|
2023-11-28 15:25:53 -05:00 |
|
|
h00die
|
b171b5e77c
|
working cve-2022-0492
|
2023-11-28 15:16:18 -05:00 |
|
|
h00die
|
4ae62a431b
|
not-working docker escape
|
2023-11-28 13:44:08 -05:00 |
|
|
Balgogan
|
2750deedee
|
Update
|
2023-11-21 18:28:28 +01:00 |
|
|
Balgogan
|
f0ab3a7140
|
Fix typo
|
2023-11-21 02:13:58 +01:00 |
|
|
Balgogan
|
58425df0ef
|
Update vinchin_backup_recovery_cmd_inject exploit and documentation
|
2023-11-21 02:09:24 +01:00 |
|
|
Balgogan
|
42cdda7200
|
Vinchin
|
2023-11-16 18:10:42 +01:00 |
|
|
h00die-gr3y
|
6e1580e5f5
|
added target DIR-845L
|
2023-11-13 14:48:59 +00:00 |
|
|
h00die-gr3y
|
51523e0971
|
release updating dlink_upnp_msearch_exec exploit module
|
2023-11-13 12:15:04 +00:00 |
|
|
Balgogan
|
c5cfc995c2
|
Add vinchin_backup_recovery_cmd_inject
|
2023-11-09 19:47:27 +01:00 |
|
|
bwatters
|
77a93e452f
|
Land #18507, Exploit & Auxiliary modules for CVE-2023-20198 and CVE-2023-20273 (Cisco IOS XE)
Merge branch 'land-18507' into upstream-master
|
2023-11-08 09:05:40 -06:00 |
|
|
sfewer-r7
|
25ef7d1272
|
add the RCE exploit
|
2023-11-06 17:12:40 +00:00 |
|
|
Christophe De La Fuente
|
1cde6198b5
|
Land #18481, MagnusBilling unauthenticated RCE [CVE-2023-30258]
|
2023-11-03 20:42:27 +01:00 |
|
|
Spencer McIntyre
|
d26742a266
|
Add check code annotations, update AJP link
|
2023-11-02 08:53:56 -04:00 |
|
|
Spencer McIntyre
|
9c67b92a4d
|
Rename the other TMUI RCE module
|
2023-11-01 16:55:42 -04:00 |
|
|
Spencer McIntyre
|
7b53592b4f
|
Add module docs
|
2023-11-01 16:55:41 -04:00 |
|
|
h00die-gr3y
|
ad6e4618df
|
third release module with minor text changes
|
2023-10-31 09:29:13 +00:00 |
|
|
h00die-gr3y
|
bfff35eb63
|
second release module with php fix
|
2023-10-31 09:05:51 +00:00 |
|
|
h00die-gr3y
|
5c89df694c
|
added documentation
|
2023-10-24 18:34:29 +00:00 |
|
|
h00die
|
97f9edb5f7
|
review
|
2023-10-23 06:35:23 -04:00 |
|
|
h00die-gr3y
|
8ea82693a9
|
third release module + documentation
|
2023-10-18 19:55:13 +00:00 |
|
|
h00die
|
00b534dbed
|
review
|
2023-10-17 13:17:10 -04:00 |
|
|
h00die
|
b94d278003
|
vmware aria ssh keys exploit
|
2023-10-16 14:47:04 -04:00 |
|
|
h00die
|
ba82b59ec2
|
vmware aria ssh keys exploit
|
2023-10-16 13:43:15 -04:00 |
|
|
h00die
|
f394b4a8ed
|
vmware aria ssh keys exploit
|
2023-10-16 13:42:58 -04:00 |
|
|
h00die
|
263eaf7d95
|
vmware aria ssh keys exploit
|
2023-10-16 13:42:27 -04:00 |
|
|
h00die
|
b3b1595ef4
|
vmware aria ssh keys exploit
|
2023-10-16 13:06:17 -04:00 |
|
|
Spencer McIntyre
|
05dd2e1473
|
Land #18351, Apache Superset RCE (CVE-2023-37941)
|
2023-10-12 17:10:10 -04:00 |
|
|
h00die
|
7ffc1ca491
|
undo some spelling fixes when upstream has those issues
|
2023-10-11 06:30:11 -04:00 |
|
|
h00die
|
557a15a115
|
spelling fixes on docs
|
2023-10-10 14:46:18 -04:00 |
|
|
jheysel-r7
|
fe9afc94c7
|
Update documentation/modules/exploit/linux/http/kibana_upgrade_assistant_telemetry_rce.md
|
2023-10-06 16:45:52 -04:00 |
|
|
h00die
|
931a67d290
|
kibana telemetry rce rewritten to use fetch payloads
|
2023-10-06 09:55:10 -04:00 |
|
|
h00die
|
5e0538a239
|
review comments round 1
|
2023-10-05 13:12:33 -04:00 |
|
|
h00die
|
88eb44be64
|
kibana telemetry rce
|
2023-10-02 16:53:20 -04:00 |
|
|
Christophe De La Fuente
|
1e69086d24
|
Land #18365, TOTOLINK X5000R Wireless GigaBit Router Unauthenticed RCE [CVE-2023-30013]
|
2023-09-21 11:27:19 +02:00 |
|
|
h00die-gr3y
|
6e11f4353b
|
Updates addressing cdelafuente-r7 comments
|
2023-09-20 22:14:48 +00:00 |
|