adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,381 Commits 27 Branches 1,043 Tags
5886e69e92d3eced2e5cd3a0714dbb2e2ddcfda5
Commit Graph

4099 Commits

Author SHA1 Message Date
Christophe De La Fuente df8f281d18 Land #19204, Zyxel VPN Series Pre-auth Command Injection 2024-07-03 20:14:39 +02:00
jheysel-r7 b67f05f50d Apply suggestions from code review 2024-07-03 13:51:50 -04:00
Jack Heysel 7e4c6ca028 Added code to print stdout of payloads without reverse connections 2024-07-03 09:36:36 -07:00
Jack Heysel 1d602da6b5 Added space between command and stderr/stout redirection 2024-07-03 08:23:38 -07:00
Jack Heysel 9cfaa2e69f Lowered rank and explained mock testing 2024-06-24 09:13:46 -07:00
Christophe De La Fuente 24fa34e7b9 Land #19188, Netis MW5360 unauthenticated RCE [CVE-2024-22729] 2024-06-24 13:40:51 +02:00
Christophe De La Fuente 8fc6e20cec Update other modules to use java_class_loader_start_service and cmdstager_start_service 2024-06-14 12:57:42 +02:00
h00die-gr3y 4e26704d73 Update addressing cdelafuente-r7 comments 2024-06-12 18:57:29 +00:00
Jack Heysel 12b1936e16 Fixed typo added Options section docs 2024-06-10 07:39:24 -07:00
h00die-gr3y 6a77c2e562 Final tweaks in check method 2024-06-08 11:33:55 +00:00
h00die-gr3y 0e3471d543 Final draft 2024-06-07 19:47:06 +00:00
h00die-gr3y 55fa94995b Updated check method 2024-06-06 22:23:35 +00:00
Jack Heysel 9d47372fe6 rubocop 2024-06-03 15:43:25 -04:00
jheysel-r7 a8335478c7 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2024-06-03 15:33:46 -04:00
adfoster-r7 1281f4726f Land #19209, update fileformat modules to show the default template datastore values 2024-05-31 15:12:48 +01:00
Jack Heysel d8d1ea7ffb Added on_new_session method 2024-05-29 16:04:00 -04:00
Jack Heysel 80ee458410 Land #19151, Add Flowmon Priv Esc Feature Module 
Privilege escalation module for Progress Flowmon unpatched feature
 2024-05-29 11:35:53 -04:00
Zach Goldman 847b29178a change nil guards to default values, nil or blank guards for certain datastore options 2024-05-29 09:34:58 -05:00
Jack Heysel cc7aeb4364 Fix module cleanup 2024-05-29 08:39:06 -04:00
Jack Heysel 72f332aba0 Land #19150, Add Flowmon Command Injection Module 
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
 2024-05-29 08:28:37 -04:00
Jack Heysel e57f4d3cb5 Change xml to html in get_html_document 2024-05-28 16:29:55 -04:00
Jack Heysel 5d2a6aa4a1 Updated authors 2024-05-28 16:03:56 -04:00
Jack Heysel 9955724f0a Fixed check method, responded to comments 2024-05-28 15:54:28 -04:00
Jack Heysel d13ce0b1b8 rubocop fixes 2024-05-27 15:05:07 -04:00
h00die-gr3y e7d65fe60a Update based on bwatters-r7 comments 2024-05-27 17:45:07 +00:00
Jack Heysel 92b259981f Added WRITEABLE_DIR datastore option plus minor improvements 2024-05-27 12:48:17 -04:00
Jack Heysel 2c6fc11639 Responded to comments, clean up /etc/sudoers file 2024-05-23 16:56:35 -04:00
Jack Heysel a0597007e4 Minor fixes, respond to comments 2024-05-23 14:02:28 -04:00
Dave Yesland 1b55b6512f Rubocop fixes 2024-05-22 12:43:27 -07:00
Dave Yesland b3bc4a6c68 Update progress_flowmon_sudo_privesc_2024.rb 2024-05-21 13:48:20 -07:00
Dave Yesland de99a74540 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:45:36 -07:00
Dave Yesland 5a60a9a3d9 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:42:43 -07:00
Dave Yesland a517a218ab Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:41:44 -07:00
Dave Yesland 90a0be67b6 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:54 -07:00
Dave Yesland 1ddc60b185 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:44 -07:00
h00die-gr3y 66a7fbf0ea Update based on jvoisin comments 2024-05-21 20:21:35 +00:00
cgranleese-r7 67154a12e0 Land #19104, CHAOS rat xss to rce 2024-05-21 11:10:57 +01:00
h00die-gr3y 31babb6ca1 Fixed disclosure date 2024-05-19 12:23:21 +00:00
h00die-gr3y 6d844ae9c8 first release module 2024-05-19 12:16:14 +00:00
h00die d1739f32c2 review of chaos rat 2024-05-13 16:55:43 -04:00
Jack Heysel 576191b34f beta commit 2024-05-10 09:01:58 -07:00
Spencer McIntyre 80fdde5fdc Land #19100, Add Loadmaster sudo priv esc 
Add Kemp Progress Loadmaster sudo abuse priv esc
 2024-05-10 10:21:38 -04:00
bwatters b28e263a2b Update debug statements and add protection against bad die name 2024-05-10 08:54:23 -05:00
bwatters 948b18b08c Add a check to the file delete 2024-05-09 15:52:29 -05:00
Spencer McIntyre 47c8d7252b Land #18519, Docker kernel module escape 2024-05-06 09:08:08 -04:00
bwatters b044bcab01 Add command payloads and checks for overwritten files 2024-05-03 13:06:16 -05:00
Spencer McIntyre c2bf9ead06 Add support for redhat based containers 
Containers such as Fedora use a different directory for the kernel
headers.
 2024-05-01 13:30:16 -04:00
DaveYesland c2a561630d Add local privesc module for Flowmon 2024-05-01 09:07:34 -07:00
DaveYesland a7e97e50ad Add module for flowmon cmd injection CVE-2024-2389 2024-05-01 08:42:55 -07:00
Spencer McIntyre 2cb0e44740 Don't change the working directory 2024-05-01 10:35:24 -04:00