adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,121 Commits 27 Branches 1,043 Tags
58aed837b2fd16be9a2fee756f97e718e250cd13
Commit Graph

4702 Commits

Author SHA1 Message Date
bwatters 58aed837b2 Update docs and options 2022-03-01 14:48:48 -06:00
bwatters 3ea032472d Updated exploit with better check method, added OnSessionCmd option 
to run a command when a session is bootstrapped, added more
documentation.
 2022-02-18 16:30:47 -06:00
Dhiraj Mishra 97d83f3fd5 cve_2021_4034_pwnkit_lpe_pkexec.md 2022-01-27 18:32:46 +04:00
Grant Willcox 44f040ad78 Land #16056, Exploit Module for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-24 21:03:46 -06:00
Grant Willcox 15751a0f78 Minor langauge fix and final typo 2022-01-24 21:01:34 -06:00
Jake Baines 2c989ec714 Addressed multiple review comments (spelling, doc details, randomization, etc) 2022-01-22 14:09:58 -08:00
Spencer McIntyre 458d584f83 Add details to check codes and PR feedback 2022-01-21 09:40:23 -05:00
Spencer McIntyre 579627f5c7 Update docs, note OS X support 2022-01-20 10:47:11 -05:00
Spencer McIntyre ba469a4b2c Add version detection to the Unifi exploit 2022-01-20 09:26:48 -05:00
Spencer McIntyre ef344d9d12 Add the Unifi Log4Shell RCE exploit 2022-01-19 17:51:31 -05:00
bwatters 4cf3ae352c Land #16050, Log4Shell: vCenter RCE 
Merge branch 'land-16050' into upstream-master
 2022-01-19 16:30:33 -06:00
Grant Willcox 8bb3e39fd7 Land #16036, Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 10:58:42 -06:00
Brendan Coles ee2feb1207 Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 00:04:15 +00:00
Jake Baines 4ebb702405 Added an exploit for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-15 12:46:56 -08:00
Spencer McIntyre 3f04b80d8b Add vCenter Log4Shell docs 2022-01-13 14:50:28 -05:00
Christophe De La Fuente e10331b22d Land #15656, Allow authenticated user creation in vmware_vcenter_vmdir_auth_bypass 2022-01-13 17:04:12 +01:00
space-r7 435e79aaef Land #16041, add SonicWALL cmd injection 2022-01-12 13:23:57 -06:00
Christophe De La Fuente b0743e15d9 Update documentation and fix vulnarable/non-vulnerable status message 2022-01-12 16:51:40 +01:00
space-r7 199eae5e99 Land #16012, add pi-hole aux module and lib 2022-01-12 09:21:11 -06:00
space-r7 bb00575acb add command for starting docker env 2022-01-11 17:07:36 -06:00
Spencer McIntyre 877bab6f2a Land #15969, Log4j2 HTTP Header Injection Exploit 2022-01-11 16:52:08 -05:00
Spencer McIntyre 7b64383040 Preemptively tweak references to ysoserial 2022-01-11 16:25:21 -05:00
Jake Baines d4ee9a0183 Initial commit of CVE-2021-20039 exploit 2022-01-10 12:43:50 -08:00
Spencer McIntyre 3f15c9ecc1 Writeup the module docs 2022-01-07 17:30:39 -05:00
h00die 4df91dd3ec f5 big-ip module and doc updates 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 89ec0a8434 Add the output of 'notes' to the documentation 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul fcb2a06a98 Remove an unnecessary line in the documentation 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 411e062738 Change domain name example in verification steps 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 17ec7c6255 Add documentation 2022-01-07 12:17:43 -05:00
Christophe De La Fuente 41ebb3aa29 Land #15903, SMB Shadow Module: Direct SMB Session Takeover 2022-01-07 16:57:17 +01:00
usiegl00 3051c5d9f5 Add mutex to cleanup in smb_shadow 
The mutex will prevent multiple calls to cleanup when the module is
stopped with Ctrl-C. Add a Notes section to the documentation which
describes arpspoof usage and such.
 2022-01-07 14:18:15 +09:00
Spencer McIntyre d0417f60bd Land #15924, Updates to Windows Secrets Dump 2022-01-05 13:25:59 -05:00
space-r7 3ef9afb0fc Land #15988, add wp catch themes file upload 2022-01-04 14:44:06 -06:00
h00die c6372ecdf1 more wp catch themes doc and error handling 2022-01-04 04:34:42 -05:00
Christophe De La Fuente ae2e4d723b Add NTDS technique 2022-01-03 21:39:33 +01:00
h00die 87031de384 fix doc numbering 2022-01-02 11:57:32 -05:00
h00die 8a1ac9d51d move pihole docs 2022-01-02 11:56:04 -05:00
h00die c3e0f455ec some cleanup for rubocop 2021-12-30 15:35:22 -05:00
Spencer McIntyre d08714d474 Land #15961, Initial Rex LDAP Server 2021-12-28 14:50:03 -05:00
Spencer McIntyre d82b9ecb47 Add module docs for the ldap server module 2021-12-28 13:52:12 -05:00
h00die d8255978ac Wordpress Plugin Catch Themes Demo Import cve-2021-39352 2021-12-24 11:56:51 -05:00
William Vu d55af3aa00 Add module doc 2021-12-23 12:27:57 -06:00
h00die 4e0fc5a4e5 Wordpress Plugin Catch Themes Demo Import cve-2021-39352 2021-12-21 20:04:09 -05:00
bwatters 1619083834 Land #15955, BYOVD to Enable/Disable Windows Memory Protection 
Merge branch 'land-15955' into upstream-master
 2021-12-21 15:21:23 -06:00
bwatters 6727c1b344 Land #15954, Add Grafana file read (CVE-2021-43798) 
Merge branch 'land-15954' into upstream-master
 2021-12-20 09:54:15 -06:00
bwatters 2705d6ae94 Land #15948, Wordpress wp_popular_posts rce 
Merge branch 'land-15948' into upstream-master
 2021-12-20 09:28:23 -06:00
h00die cb348f06c4 move grafana plugins out to data 2021-12-19 16:18:05 -05:00
Jake Baines e7810acb1e Pulled offsets out of dll into module. Auto-find lsass.exe when pid is 0 2021-12-18 10:56:46 -08:00
Spencer McIntyre 60de839b60 Update Log4Shell references and VCenter URI 2021-12-17 15:55:02 -05:00
Jake Baines 78cae04db6 Merge branch 'rapid7:master' into dell_protect 2021-12-17 12:29:32 -08:00