adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,057 Commits 27 Branches 1,043 Tags
52ac28199115085bbcb61ba5b8097e34bb3c37d2
Commit Graph

1922 Commits

Author SHA1 Message Date
Grant Willcox 133b9e307a Land #16563, Zyxel Firewall Unauthenticated Command Injection (CVE-2022-30525) 2022-05-13 18:55:30 -05:00
Grant Willcox 2eb31cf765 Add in edits from review 2022-05-13 15:32:12 -05:00
adfoster-r7 6a1fe27406 Land #16442, add vars_form_data to the HTTP client 2022-05-13 10:53:16 +01:00
Jake Baines 23f8a0b915 Added Zyxel advisory. Added AKB reference. Used xpath as requested. 2022-05-12 07:17:37 -07:00
Jake Baines f3b23c072f Added a reference to Rapid7 disclosure 2022-05-12 06:33:27 -07:00
Jake Baines 24fa9aabe0 Fixed privilege flag. Swapped 'exploit' for 'command' in a couple of places 2022-05-12 06:24:33 -07:00
Jake Baines 4af93ecfe2 Updated affected 2022-05-12 03:22:21 -07:00
Jake Baines 617b4ae044 Initial commit of Zyxel unauth command injection (CVE=2022-30525) 2022-05-12 01:43:59 -07:00
Grant Willcox 8dbd6f3334 Change default target to 1 so we get benefit of avoiding some timeout issues since Unix Command may still cause server's REST API to time out at times. 2022-05-11 16:43:37 -05:00
Grant Willcox 196aac6b42 Add in PrependFork and MeterpreterTryToFork options as default to fix timeout issues and potential failure cases due to server not responding 2022-05-11 16:43:36 -05:00
Grant Willcox 27169c4ae1 Add in missing CmdStager library, add some more attribution, and add in PoC link 2022-05-11 16:43:36 -05:00
Grant Willcox 6354d7a055 Redo explanation of exploit in documentation to appropriately account for various nuances. Also update exploit title and description accordingly. 2022-05-11 16:43:36 -05:00
Heyder Andrade 1bc2616c19 Update modules/exploits/linux/http/f5_icontrol_rce.rb 
Co-authored-by: wvu <4551878+wvu@users.noreply.github.com>
 2022-05-11 16:43:13 -05:00
Heyder Andrade 208367d735 Improved check method reliability 
Extra modifications:
- Promote advanced options HttpUsername and HttpPassword
	- password is not really necessary, but if one have credential, can
	  use this module as an exec
- Fixed print statement on check
- Splitted execute_command in two, because we also send a command on the check
  methods, however we don't need the checks that are in the execute_command
 2022-05-11 16:43:12 -05:00
Heyder Andrade 55163b86d6 Improvements 
- Change module name and description
- Added author from the PoC
- Added reference
- Added payloads, targets and notes
- Removed headers used during the tests
 2022-05-11 16:43:11 -05:00
Heyder Andrade 77f60eb21e Added module and documentation for f5 icontrol RCE (CVE-2022-1388) 2022-05-11 16:43:00 -05:00
adfoster-r7 94e1ad3fe5 Update form data api defaults 2022-05-10 14:12:17 +01:00
adfoster-r7 4ad4ca32e8 Fix test alignment 2022-05-09 16:51:20 +01:00
sjanusz 2e59f17439 Rename files to form_data 2022-05-06 16:41:19 +01:00
William Vu 6532365dc8 Deregister VHOST 2022-05-03 11:52:50 -05:00
William Vu 8c0cd40a19 Fix VMware Workspace ONE Access CVE-2022-22954 2022-05-03 10:39:58 -05:00
William Vu b2994aa8d8 Add words 2022-05-03 01:13:45 -05:00
William Vu 9a980d068d Link to freemarker.template.utility.Execute docs 2022-05-03 01:00:46 -05:00
William Vu 612e3d6f13 Add another tested SSTI param 2022-05-03 00:30:12 -05:00
William Vu 333681b6da Add other tested SSTI URIs 2022-05-03 00:02:21 -05:00
William Vu a71ded0da8 Update PoC credit 2022-05-02 23:41:43 -05:00
William Vu fa09487ee1 Refactor code, once more with feeling 2022-05-02 22:27:52 -05:00
William Vu 135a81ebc2 Refactor code 2022-05-02 21:53:17 -05:00
William Vu bf7d3e1c32 Add VMware Workspace ONE Access CVE-2022-22954 2022-05-02 18:51:46 -05:00
sjanusz 4ec4b89d00 Add upload of files to HttpClient & update a module to use it 2022-04-25 14:55:37 +01:00
Jack Heysel 4417a335ff Land #16379, Make SSH defaults widely used 
Refactored a number of modules to use ssh_client_defaults
 2022-04-19 22:08:45 -07:00
Grant Willcox a756df5400 Add in missing RuboCop note sections 2022-04-19 16:40:57 -05:00
Brendan Coles 94ed9ae28b Modules: Prefer CVE references over cve.mitre.org URL references 2022-04-19 20:42:23 +00:00
Heyder Andrade bf849eb2a2 Making SSH defaults widely used 2022-04-14 17:27:19 +02:00
Heyder Andrade c4700c9e64 Rubocop 2022-04-14 17:25:48 +02:00
Heyder Andrade 1305baf6f6 Module should use ssh_defaults 2022-04-13 18:51:43 +02:00
Ashley Donaldson 1576fd720e Remove another redundant cleanup 2022-03-11 12:17:30 +11:00
Ashley Donaldson 9761d68c19 Rename stop_service to cleanup_service for services that use reference counting 2022-03-10 10:28:25 +11:00
bwatters ecaf8b1ba9 Land #16204, Hikvision Unauthenticated RCE (CVE-2021-36260) 
Merge branch 'land-16204' into upstream-master
 2022-02-25 16:37:08 -06:00
Grant Willcox 217afa0f3b Land #16190, Axis Camera App RCE (No CVE) 2022-02-25 11:35:03 -06:00
Grant Willcox 1e0db45f1d Add small note about ARMLE stager for future travelers 2022-02-25 11:34:31 -06:00
Jake Baines 2bec5c425f Change CheckCode to Appears 2022-02-25 08:32:06 -08:00
Jake Baines 1facfe4a2f Alter upload filename. 2022-02-25 02:53:52 -08:00
Jake Baines d055a7d811 Altered some randomization, the json extracted by check, and fixed some wording 2022-02-24 18:48:21 -08:00
Jake Baines 48072b6554 Fix rubcop complaint introduced in suggestion commit 2022-02-24 18:28:38 -08:00
Jake Baines 454eba2438 Apply suggestions from code review 
Added changes suggested by @gwillcox-r7

Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-02-24 21:25:09 -05:00
Jake Baines 9f05a7d11a Removed unneeded custom timeout 2022-02-24 08:13:04 -08:00
Jake Baines 3739dad470 Updated to use print_bad instead of fail_with for application removal errors. Also included instructions on how to manually remove the application 2022-02-24 07:44:34 -08:00
Jake Baines e1616a520f Fixed a couple of typos. Changed a CheckCode. Randomized the replaced tmp file name 2022-02-24 06:38:36 -08:00
Jake Baines 4cd3563bc7 Initial commit of exploit for CVE-2021-36260 2022-02-19 13:13:24 -08:00