adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,584 Commits 27 Branches 1,043 Tags
55152da83acd030976ba8d90ff40e0ca9e3cfac0
Commit Graph

1640 Commits

Author SHA1 Message Date
Spencer McIntyre b743296f48 Reapply "This adjusts module options that need a routable address" 
This reverts commit 628275ef59.
 2026-03-26 14:43:31 -04:00
adfoster-r7 628275ef59 Revert "This adjusts module options that need a routable address" 2026-03-08 17:37:49 +00:00
Spencer McIntyre 36ba1608af Remove more unnecessary my_host definitions 2026-03-03 09:37:27 -05:00
Spencer McIntyre 1b39311784 Remove redundant definitions of SRVHOST 2026-03-03 09:37:27 -05:00
Spencer McIntyre 821e3c28f1 Replace old patterns with srvhost_addr 2026-03-03 09:37:27 -05:00
Spencer McIntyre 132ef661d3 Update usage within binding operations 2026-03-03 09:37:27 -05:00
Spencer McIntyre 6e38f8568c Update tftphost usage in cmd stagers 2026-03-03 09:37:27 -05:00
adfoster-r7 9df6879a95 Update modules to use srvhost method 2026-03-03 09:37:25 -05:00
Spencer McIntyre fc49421939 Replace checks for nonroutable addresses 
This consolidates modules that check for a nonroutable SRVHOST value and
replaces it with OptAddressRoutable, defaulting to a reasonable address.
 2026-03-03 09:34:49 -05:00
adfoster-r7 65d37019ad Fix false positives on lg simple editor check methods 2026-02-16 10:51:28 +00:00
Valentin Lobstein 7776588577 Address PR #20768 review feedback 
- gladinet.rb: Fix machineKey regex to match decryptionKey then validationKey explicitly
- gladinet.rb: Remove DEFAULT_WEB_CONFIG_PATH constant, inline in each module's datastore option
- gladinet_storage_access_ticket_forge.rb: Inline version check
- gladinet_storage_access_ticket_forge.rb: Inline FILEPATH default value (with C:\ for absolute path)
- gladinet_storage_lfi_cve_2025_11371.rb: Inline version check
- gladinet_storage_lfi_cve_2025_11371.rb: Inline valid_response? method (removed)
- gladinet_storage_lfi_cve_2025_11371.rb: Inline FILEPATH default value (without C:\, stripped by build_lfi_path)
- gladinet_storage_lfi_cve_2025_11371.rb: Use vars_get with encode_params instead of manual URL building
- gladinet_viewstate_deserialization: Remove nil fallback (mandatory option with default)
- gladinet_viewstate_deserialization: Remove DEFAULT_MACHINE_KEY constant, inline in datastore option
- gladinet_viewstate_deserialization: Remove duplicate detect_app_type/extract_build_version (already in shared lib)

Note: Suggestion to rename gladinet? to is_gladinet? was NOT applied.
msftidy enforces Naming/PredicatePrefix convention which requires predicate
methods to NOT have 'is_' prefix (gladinet? is correct, is_gladinet? is not).

Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-02-04 08:38:35 +01:00
Valentin Lobstein 628c5ee7af Update Gladinet modules: fix AutoCheck in auxiliary modules and update documentation with real outputs 2026-02-04 08:38:32 +01:00
Valentin Lobstein 478345506e Add Gladinet CentreStack/Triofox auxiliary modules and exploit 2026-02-04 08:38:31 +01:00
Spencer McIntyre 602adeb4c5 Mass rubocop changes 2025-12-18 10:08:31 -05:00
Spencer McIntyre d4b196b309 Update exploits to note target authors 
Target authors were selected based on comments that indicated that the
author was only responsible for a set of descrete targets. Authors that
were noted as assisting with target testing, check module development,
etc. were left at the module level.
 2025-12-17 17:30:16 -05:00
Spencer McIntyre 8945267db6 Remove redundant Platform and Arch definitions 2025-12-17 16:12:31 -05:00
Brendan bb728c44d7 Merge pull request #20560 from cdelafuente-r7/feat/mitre/T1021 
Add T1021 "Remote Services" MITRE technique and sub-technique references
 2025-11-20 11:19:31 -06:00
Martin Sutovsky 6aeb81a499 Adds MITRE reference, updates docs 2025-11-10 18:32:13 +01:00
Martin Sutovsky fc434414d3 Randomizes XML paramater 2025-11-10 16:54:49 +01:00
Martin Sutovsky 5ea47e5ac3 Adds formatting to XML data, adds automatic plugin ID extraction 2025-11-06 16:46:58 +01:00
Martin Sutovsky 570c7c0bf4 Changes CheckCode to Detected 2025-11-06 16:21:42 +01:00
Martin Sutovsky b0afe5e24b Randomizes parameters that can be randomized 2025-11-06 15:06:30 +01:00
Martin Sutovsky 904e752662 Code refactor 2025-11-06 14:52:49 +01:00
Martin Sutovsky cb0011649c Adds SCREEN_EFFECTS to SideEffects 2025-11-06 14:50:31 +01:00
Martin Sutovsky f586fff090 Adds clear message if exploit fails 2025-11-06 14:46:02 +01:00
Martin Sutovsky 5ad76f82d1 Adds more docs, adds description 2025-11-04 13:49:43 +01:00
Martin Sutovsky f195ebd453 Code refactor 2025-11-04 13:36:33 +01:00
Martin Sutovsky 98467f3a21 Adds msf payload to module, adds docs 2025-11-04 12:28:03 +01:00
Martin Sutovsky e885da1f0b Add rce for wsus 2025-11-03 20:47:28 +01:00
Martin Sutovsky 96edf7bad4 Updates 2025-11-03 14:25:39 +01:00
Martin Sutovsky 103e3d5044 Module init 2025-10-21 16:48:23 +02:00
Christophe De La Fuente 0a755ea03a Add references to MITRE ATT&CK T1021 - Remote Services 2025-10-14 16:25:30 +02:00
Spencer McIntyre fd21209e4d Add missing CVEs from VulnCheck 2025-10-07 13:59:13 -04:00
Spencer McIntyre 17c5b3707a Add missing module notes 2025-10-07 13:59:13 -04:00
remmons-r7 12b78c086d Update commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Remove an empty line that msftidy doesn't like
 2025-09-15 11:19:49 -05:00
remmons-r7 ddc5abf20c Update commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Remove a commented out line that isn't needed.
 2025-09-15 10:56:30 -05:00
remmons-r7 bb3a26cff1 Implement peer review suggestions for Commvault module 
Implementing commvault_rce_cve_2025_57790_cve_2025_57791.rb changes from peer review.
 2025-09-15 10:54:34 -05:00
remmons-r7 b754b7027c Merge branch 'rapid7:master' into commvault_rce_cve_2025_57790_cve_2025_57791 2025-09-15 10:47:38 -05:00
Martin Sutovsky 5ab864b9b1 Uses between? for version check, clearer webshell upload 2025-09-11 11:04:34 +02:00
remmons-r7 be546af7c0 Revise and move commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Revised initial module and moved it to windows instead of multi.
 2025-09-05 23:04:02 -05:00
Martin Sutovsky d056164d89 Removes redundant definitions 2025-09-01 15:53:14 +02:00
Martin Sutovsky 2533ddf441 Rubocoping 2025-08-26 12:42:28 +02:00
Martin Sutovsky b43b4c9f37 Updates library, addressing comments 2025-08-25 17:49:34 +02:00
Martin Sutovsky da5b20faa4 Creating lib file for shared functionality, adding more reliable check method for CVE-2025-34511, docs init 2025-08-20 10:59:22 +02:00
Martin Sutovsky 8c28c7dbae Code changes for 34510, adds module for CVE-2025-34511 2025-08-20 09:58:26 +02:00
Martin Sutovsky 7ab12460f1 Fixing payloads 2025-08-19 16:11:25 +02:00
Martin Sutovsky 96791403db Adds malicious zip upload 2025-08-19 09:56:23 +02:00
Martin Sutovsky 52efe8d6de Module init 2025-08-15 14:37:09 +02:00
sfewer-r7 0a923a611d reword the language around our usage of CVE-2025-53770 to make it clear that this module is leveraging the authentication bypass for both CVE-2025-49706 and CVE-2025-53771, and the unsafe deserialization for CVE-2025-49704. 2025-08-06 15:33:57 +01:00
sfewer-r7 228a066521 add a reference to the Kaspersky analysis which covers all 4 CVEs 2025-07-25 12:26:55 +01:00