adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,568 Commits 27 Branches 1,043 Tags
5b0565a4a18d4e663ad445a037f9cbdfc28dcd15
Commit Graph

38797 Commits

Author SHA1 Message Date
Brendan a1e3e1545b Merge pull request #20562 from uhei/fix/weblogic-regex 
fix: WebLogic server detection regex
 2025-09-23 10:35:19 -05:00
Uli Heilmeier 5af0dd3357 fix: WebLogic server detection regex 
Some WebLogic server versions reports their version with a dash
between 'Server' and 'Version', like
'<p id="footerVersion">WebLogic Server-Version: 12.2.1.3.0</p>'
 2025-09-23 09:58:50 +02:00
Echo_Slow b51cc87f88 Update freepbx_unauth_sqli_to_rce.rb 
Performed manual cleanup by observing the error log of msftidy.  Checked for original functionality, the exploit still works.
 2025-09-22 17:34:00 +02:00
Echo_Slow 6b183ba3b4 Update freepbx_unauth_sqli_to_rce.rb 
Used rubocop -A option
 2025-09-22 16:49:19 +02:00
Echo_Slow c0f4efd87d Update modules/exploits/unix/http/freepbx_unauth_sqli_to_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-09-22 16:42:22 +02:00
Echo_Slow 09207eb450 Update freepbx_unauth_sqli_to_rce.rb to account for slow systems 2025-09-22 13:18:32 +02:00
Echo_Slow b54dfddc25 Update modules/exploits/unix/http/freepbx_unauth_sqli_to_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-09-22 13:17:28 +02:00
Echo_Slow 75c8efbc7d Update freepbx_unauth_sqli_to_rce.rb 
Made the code more readable
 2025-09-22 11:26:11 +02:00
Echo_Slow 19074eef02 Add exploit for CVE-2025-57819 
Added an exploit script for unauthenticated remote code execution targeting FreePBX
 2025-09-21 22:56:19 +02:00
h00die 160cf5c55b peer review for yum persistence 2025-09-18 16:15:24 -04:00
h00die 15f4abd1b2 update yum to persistence module 2025-09-18 15:36:44 -04:00
Spencer McIntyre cf3abc280e Merge pull request #20533 from cdelafuente-r7/feat/mitre/add_ref 
Add T1003 "OS credential dumping" MITRE technique reference
 2025-09-18 11:56:33 -04:00
Diego Ledda c718a965d7 Merge pull request #20508 from h00die/modern_persistence_cron 
update cron to persistence mixin
 2025-09-18 12:04:00 +02:00
Diego Ledda cb2f3992de chore: fix white-space issue 2025-09-18 11:48:17 +02:00
h00die 6ddaa076c1 Apply suggestions from code review 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-09-17 15:41:25 -04:00
Diego Ledda 448381ee96 Merge pull request #20548 from xHector1337/fix-exploits/linux/samba/is_known_pipename.rb 
Fixes samba share iteration in linux/samba/is_known_pipename
 2025-09-17 15:21:27 +02:00
Diego Ledda b5b1ac237a Update is_known_pipename.rb 2025-09-17 11:04:28 +02:00
msutovsky-r7 dc8d67538c Land #20536, adds docker image persistence module 
docker image persistence module
 2025-09-17 09:56:16 +02:00
jheysel-r7 81ce0f8868 Merge pull request #20521 from h00die/modern_persistence_systemd 
update systemd to persistence mixin
 2025-09-16 14:56:26 -07:00
jheysel-r7 58dfd4d0ca Merge pull request #20507 from remmons-r7/commvault_rce_cve_2025_57790_cve_2025_57791 
Exploit Module for CVE-2025-57790/CVE-2025-57791 - Commvault Unauthenticated RCE
 2025-09-16 13:22:18 -07:00
h00die 93bc79e87d peer review for docker_image persistence 2025-09-16 15:57:24 -04:00
Muzaffer Umut ŞAHİN 7c5fce6872 Add nill check logic 2025-09-16 19:49:55 +03:00
Christophe De La Fuente 788b9c27b4 Use sub-technique and add missing modules 2025-09-16 18:39:23 +02:00
msutovsky-r7 32aa0d84e4 Land #20525, moves obsidian plugin module to persistence category and mixin 
update obsidian to persistence mixin
 2025-09-16 14:58:15 +02:00
jheysel-r7 02e35f7e92 Merge pull request #20520 from h00die/modern_persistence_openrc 
update openrc to persistence mixin
 2025-09-15 15:54:31 -07:00
Brendan 1ec10ec877 Merge pull request #20510 from h00die/modern_persistence_rc_local 
update rc_local to persistence mixin
 2025-09-15 14:47:48 -05:00
remmons-r7 12b78c086d Update commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Remove an empty line that msftidy doesn't like
 2025-09-15 11:19:49 -05:00
remmons-r7 ddc5abf20c Update commvault_rce_cve_2025_57790_cve_2025_57791.rb 
Remove a commented out line that isn't needed.
 2025-09-15 10:56:30 -05:00
remmons-r7 bb3a26cff1 Implement peer review suggestions for Commvault module 
Implementing commvault_rce_cve_2025_57790_cve_2025_57791.rb changes from peer review.
 2025-09-15 10:54:34 -05:00
remmons-r7 b754b7027c Merge branch 'rapid7:master' into commvault_rce_cve_2025_57790_cve_2025_57791 2025-09-15 10:47:38 -05:00
jheysel-r7 b45a3caaa5 Merge pull request #20509 from h00die/modern_persistence_motd 
update motd to persistence mixin
 2025-09-12 16:18:08 -07:00
Spencer McIntyre 829166def4 Fix a regression in smb_login 2025-09-12 16:49:46 -04:00
Spencer McIntyre 3e396ce31f Deregister KrbCacheMode because it's ignored 2025-09-12 15:11:23 -04:00
Spencer McIntyre 5d748b9ba3 Fix a regression in smb_login 2025-09-12 14:27:32 -04:00
h00die 15cdbfac2e update at persistence to use attck ref 2025-09-12 14:13:26 +02:00
h00die fd1d70ef93 update at persistence to mixin 2025-09-12 14:13:26 +02:00
jheysel-r7 96a83143f1 Merge pull request #20479 from msutovsky-r7/exploit/sitecore/postauth-rce 
Adds modules for Sitecore XP post-auth remote code executions (CVE-2025-34510, CVE-2025-34511)
 2025-09-11 11:25:27 -07:00
Diego Ledda 985af001d2 Merge pull request #20497 from h00die/modern_persistence_autostart 
update autostart to persistence mixin
 2025-09-11 18:58:32 +02:00
h00die bce1a19927 Update modules/exploits/linux/persistence/init_openrc.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-09-11 12:00:52 -04:00
Martin Sutovsky 5ab864b9b1 Uses between? for version check, clearer webshell upload 2025-09-11 11:04:34 +02:00
Diego Ledda 80c5e41650 Merge pull request #20495 from h00die/modern_persistence_apt 
update apt_package_manager to persistence mixin
 2025-09-11 10:49:08 +02:00
h00die 71e9602eba Update modules/exploits/linux/persistence/autostart.rb 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-09-10 13:59:23 -04:00
h00die 2bf5264aff docker image persistence module 2025-09-10 13:45:22 -04:00
Diego Ledda 1314f5d0bb Merge pull request #20455 from Chocapikk/aitemi_m300_time_rce 
Add unauthenticated RCE on Shenzhen Aitemi M300 MT02 (CVE-2025-34152)
 2025-09-10 10:12:41 +02:00
h00die 489e0ca404 docker image persistence module draft 2025-09-09 22:53:06 -04:00
h00die e3cad5b772 systemd updated with mixin udpates 2025-09-09 16:19:41 -04:00
h00die 296961137e use attck ref in systemd persistence module 2025-09-09 16:19:41 -04:00
h00die f240fed592 use attck ref in systemd persistence module 2025-09-09 16:19:41 -04:00
h00die 8b6aede3e4 update systemd to persistence mixin 2025-09-09 16:19:41 -04:00
h00die 16e407fa47 rc_local updated with mixin udpates 2025-09-09 15:42:46 -04:00