adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,511 Commits 27 Branches 1,043 Tags
4e99e7dfe7b682a0154d4fc8ec49e6a0f4e2a2c8
Commit Graph

6895 Commits

Author SHA1 Message Date
Takah1ro b7e4247d22 Avoid using CVE as option 2024-08-07 08:43:57 +09:00
Takah1ro b487dadf8c Remove explicit return 2024-08-05 13:01:11 +09:00
Takah1ro ab38c83d9c Update module document 2024-08-05 08:51:56 +09:00
Takah1ro 93f1362d22 Add module document 2024-08-05 08:47:29 +09:00
dledda-r7 48c69b99fb Land #19344, FortiClient EMS FCTID SQLi to RCE fix for 7.2.x 2024-07-31 09:43:19 -04:00
Christophe De La Fuente 24c8a2bf5f Land #19331, Update empire_skywalker module 2024-07-31 12:27:06 +02:00
Takah1ro 4f061c87fb Update document 2024-07-31 15:43:03 +09:00
Christophe De La Fuente ba7c7b6456 Land #19298, OpenMediaVault authenticated RCE [CVE-2013-3632] 2024-07-30 17:40:39 +02:00
Takahiro Yokoyama 598498832c Merge branch 'rapid7:master' into master 2024-07-27 09:21:28 +09:00
Takahiro Yokoyama d5ce191ceb Merge branch 'rapid7:master' into master 2024-07-26 21:51:30 +09:00
h4x-x0r 14945679ba Updated email generation part. 2024-07-25 23:54:27 -04:00
h4x-x0r c0c81475aa Merge branch 'master' of github.com:h4x-x0r/metasploit-framework into my_awesome_branch 2024-07-24 23:48:00 -04:00
h4x-x0r c8feb5c5e6 Updated formatting 2024-07-24 22:40:00 -04:00
Jack Heysel c05aebe248 Formatting 2024-07-24 11:16:26 -07:00
Jack Heysel e9cbb9287c Add support for 7.2.x 2024-07-24 10:45:38 -07:00
adfoster-r7 8f472b9c61 Land #19338, Kerberos asrep roasting improvements 2024-07-24 18:12:53 +01:00
adfoster-r7 89cf0223d1 Kerberos asrep roasting improvements 2024-07-24 18:01:11 +01:00
Takah1ro 0f6e2a62b5 Fix numbering 2024-07-24 19:27:11 +09:00
Takah1ro 86ae938b1f Add # 2024-07-24 18:55:52 +09:00
Takah1ro b023ebfb7d Add space at EOL 2024-07-24 18:51:23 +09:00
Takah1ro dc60fe8025 Update skywalker.md 2024-07-24 18:49:09 +09:00
h4x-x0r 9bfaf6343a Updated the module to take advantage of the check method 2024-07-23 23:48:32 -04:00
h4x-x0r 2bdba1a48d Documentation for the MyPRO Command Injection (CVE-2023-28384) Module. 2024-07-22 16:46:37 -04:00
Takahiro Yokoyama a18ce36459 Update empire_skywalker.md 2024-07-21 09:36:45 +09:00
h00die-gr3y b65c7ecb08 added support for all openmediavault versions (0.1 - 7.4.2-2) 2024-07-20 20:55:33 +00:00
Takahiro Yokoyama 48ea314138 Update empire_skywalker.md 2024-07-20 14:44:15 +09:00
Takahiro Yokoyama ec45763f05 Add empire_skywalker module documentation 2024-07-20 14:10:00 +09:00
bwatters 636c72965c Land #19084, Add CVE-2022-1373 and CVE-2022-2334 exploit chain 
Merge branch 'land-19084' into upstream-master
 2024-07-19 12:22:25 -05:00
bwatters 9b7b1fd16e Land #19313, Ghostscript Command Execution via Format String (CVE-2024-29510) 
Merge branch 'land-19313' into upstream-master
 2024-07-19 11:24:11 -05:00
Jack Heysel 6ad5ba36fd Land #19304, Add Magento XXE File Read Exploit 
This adds an auxiliary module for an XXE which results in an arbirary
file in Magento which is being tracked as CVE-2024-34102
 2024-07-18 10:32:03 -07:00
jheysel-r7 53afe2b28f Updated SRVHOST description in doc file 2024-07-18 12:44:06 -04:00
redwaysecurity.com a5208e0c5f Moved module to auxiliary/gather 2024-07-17 18:47:02 +02:00
redwaysecurity.com 5e693dcbe7 Fix typo 2024-07-17 18:14:03 +02:00
h00die-gr3y a9f8475bf5 moved module + doc to exploit/unix/webapp 2024-07-16 15:50:20 +00:00
Christophe De La Fuente e9c511c979 Add documentation and some updates 2024-07-16 16:34:28 +02:00
redwaysecurity.com 173a244718 Added documentation 
Signed-off-by: redwaysecurity.com <heyder@redwaysecurity.com>
 2024-07-16 13:17:49 +02:00
Jack Heysel f7449ea850 Land #19311, Add GeoServer unauth RCE module 
This adds an exploit module for CVE-2024-36401, an unauthenticated RCE
vulnerability in GeoServer versions prior to 2.23.6, between version
2.24.0 and 2.24.3 and in version 2.25.0, 2.25.1.
 2024-07-12 11:07:36 -07:00
H00die.Gr3y 292c177b74 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-07-12 19:20:46 +02:00
Jack Heysel 5d210b548b added windows support 2024-07-11 16:34:07 -07:00
h00die-gr3y 4e76068cea added armle architecture support 2024-07-11 21:42:45 +00:00
h00die-gr3y 92f6445856 added documentation 2024-07-11 21:24:50 +00:00
h00die-gr3y 198f3f8d9b update based on review comments of jvoisin 2024-07-10 11:05:22 +00:00
remmons-r7 7746c8877e Add sysinfo Meterpreter output and target OS version numbers 2024-07-09 16:31:01 -05:00
remmons-r7 06da60cade Adding atlassian_confluence_rce_cve_2024_21683 documentation 
Adding CVE-2024-21683 documentation, which includes both Windows and Linux examples.
 2024-07-09 14:05:43 -05:00
Jack Heysel aabd9febb2 Land #19274, Ivanti EPM SQLi to RCE 
This adds an exploit for CVE-2024-29824, an  unauthenticated SQLi
which can be used to obtain RCE in Ivanti Endpoint Manager 2022 SU5 and
prior
 2024-07-08 12:52:34 -07:00
h00die-gr3y 594de4681f Second release module addressing cdelafuente-r7 comments and added documentation 2024-07-04 20:31:02 +00:00
dledda-r7 f7902c2826 Land #19295, MOVEit Transfer SFTP auth bypass 2024-07-04 04:27:50 -04:00
Christophe De La Fuente df8f281d18 Land #19204, Zyxel VPN Series Pre-auth Command Injection 2024-07-03 20:14:39 +02:00
dledda-r7 1e0db9ec83 Land #10113, Azure CLI steal tokens post module. 2024-07-03 11:32:04 -04:00
sfewer-r7 0d7efcaabc add in AKB analysis link and fix some typos 2024-07-01 09:25:19 +01:00