adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,641 Commits 27 Branches 1,043 Tags
59eb419d28f7172c6b805fa820b8db8a23ed3e46
Commit Graph

3592 Commits

Author SHA1 Message Date
space-r7 9621f77bac Land #17640, add Froxlor RCE 2023-02-22 12:11:38 -06:00
Jack Heysel bf7884b2dc Removed need to auth twice when AutoCheck enabled 2023-02-22 12:28:28 -05:00
Jack Heysel 0c8df1a67b Updated docs and module suggetsions 2023-02-22 00:33:40 -05:00
jheysel-r7 42146fc4ec Update modules/exploits/linux/http/froxlor_log_path_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-02-21 23:02:49 -05:00
jheysel-r7 80cec400bf Update modules/exploits/linux/http/froxlor_log_path_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-02-21 22:59:23 -05:00
jheysel-r7 fc5f4983f6 Update modules/exploits/linux/http/froxlor_log_path_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-02-21 22:58:49 -05:00
jheysel-r7 647418745f Update modules/exploits/linux/http/froxlor_log_path_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-02-21 22:58:41 -05:00
Jack Heysel e625e2e474 Land #17652, module for pyload js2py exploit 
This adds an exploit for CVE-2023-0297 which is unauthenticated
Javascript injection in pyLoads Click N Load service.
 2023-02-21 16:27:04 -05:00
Jack Heysel 44c393e2f1 Fixed netcat session cleanup 2023-02-16 13:14:24 -05:00
Jack Heysel 1c49b002d2 Changed get_csrf to use xpath 2023-02-16 10:47:04 -05:00
Jack Heysel 00d1637f3d Changed check method to use xpath 2023-02-16 10:33:15 -05:00
Spencer McIntyre ecd5ad29a7 Add module docs 2023-02-15 16:29:42 -05:00
Arnout Engelen 5d8b1dc4a6 Link Hadoop YARN exploit to documentation 
This exploit scans for misconfigured installations, link to the documentation
that describes how to properly secure it.
 2023-02-15 21:17:26 +01:00
Spencer McIntyre 557042c91c Initial exploit is working 2023-02-15 14:18:25 -05:00
Jack Heysel 8aed02de3d Linting 2023-02-14 10:39:47 -05:00
Jack Heysel ff159c8760 Updated TODO 2023-02-13 20:24:32 -05:00
Jack Heysel ca0b1ffe05 Documentation fixes 2023-02-13 19:56:23 -05:00
Jack Heysel 2e195b2742 Initial commit Froxlor RCE 2023-02-13 19:39:18 -05:00
Grant Willcox d012145726 Land #17599, Cisco RV LAN Exploit - CVE-2022-20705 and CVE-2022-20707 2023-02-13 17:50:06 -06:00
Stephen Wildow 96fecb6048 Modified BadChars and FailWith codes 2023-02-13 17:49:09 -05:00
Grant Willcox 45e453d687 Fix up remaining review comments 2023-02-13 15:07:25 -06:00
Stephen Wildow 79b1801a4f Rewrote check method to only abuse authentication bypass. Added additional status checks. 2023-02-11 17:43:33 -05:00
Stephen Wildow 036ed7f467 Removed /etc/password. Modified check code and fail_with. Added proper checking for non-vulnerable versions of firmware. 2023-02-09 21:55:40 -05:00
Grant Willcox f2a86327d0 Minor fixes from review 2023-02-09 15:34:25 -06:00
Stephen Wildow 4b05ba6189 Update description and vulnerability listings. Cleaned up references. More randomization. Removed first unnecessary request in exploit portion of code. Added rescue section around json grabbing. 2023-02-08 21:26:18 -05:00
Jack Heysel 19bcf8be7f Working hardcoded payload 2023-02-08 18:14:11 -05:00
adfoster-r7 656ded4b86 Add module notes 2023-02-08 15:46:07 +00:00
adfoster-r7 25ee41df68 Run rubocop on exploit modules 2023-02-08 15:20:32 +00:00
Stephen Wildow 35749a000a Added docs. Performed code linting with rubocop. 2023-02-07 20:27:07 -05:00
Matthew Dunn 52fa2e5be6 Add example for version 5.5.6 with CVE-2021-25297 2023-02-07 14:18:53 -06:00
Grant Willcox 489ab24876 Add in additional case documentation for the various targets and CVEs and fix a bug in the code 2023-02-07 14:18:45 -06:00
Grant Willcox 7c30889784 Refactor code to handle unsigned licenses in one central function 2023-02-07 14:18:39 -06:00
Grant Willcox b14bcd40a2 Fix incorrect match logic grabbing the wrong entry from results for NSP 2023-02-07 14:18:38 -06:00
Grant Willcox 425da60b15 Add in missing case 5 check 2023-02-07 14:18:38 -06:00
Matthew Dunn 90e07ef5ed Switch to match over scan and add troubleshooting steps 2023-02-07 14:18:37 -06:00
Matthew Dunn 8cddf56238 Verify auth_cookies before use 2023-02-07 14:18:37 -06:00
Matthew Dunn a276659681 Use more encompassing single regex 2023-02-07 14:18:36 -06:00
Matthew Dunn 7554b5e4fd Add failure condition for nsp's that fail to match the regex 2023-02-07 14:18:36 -06:00
Matthew Dunn 1cb06b11ac Adjust exploit and docs to support versions 5.5.6-5.7.5 2023-02-07 14:18:09 -06:00
Matthew Dunn 87176f9d7f Address Review Comments and add CVE-2021-25297 coverage 2023-02-07 14:18:06 -06:00
Matthew Dunn c5914d8c99 Insert randomized strings to fix exploit with plugin_output_len 2023-02-07 14:18:05 -06:00
Matthew Dunn 990db5372f Remove extra payload details, add config check 2023-02-07 14:18:05 -06:00
Matthew Dunn b042e71b2a Make Module work for both target url parameters 2023-02-07 14:18:04 -06:00
Matthew Dunn b606d1ff6b Add Documentation for Module 
Fix CVE format

Add Documentation
 2023-02-07 14:18:04 -06:00
Matthew Dunn 5846d95b25 Create nagios_xi_configwizards_authenticated_rce.rb 
Add initial module
 2023-02-07 14:18:03 -06:00
Stephen Wildow 475813eb33 Properly labing ZDI vulnerability 2023-02-05 21:48:48 -05:00
Stephen Wildow 59332da8ce Randomized hard coded strings, modified cmd string, and updated references 2023-02-05 21:42:57 -05:00
Stephen Wildow ac9caa8894 Removed unnecessary CVE listing 2023-02-05 14:32:04 -05:00
Stephen Wildow 7cff3cc2b0 Updated to include vulnerable versions of software 2023-02-05 13:20:52 -05:00
Stephen Wildow 4b3125d14b Add module to exploit Cisco RV34x Small Business Routers 2023-02-05 10:15:16 -05:00