adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,845 Commits 27 Branches 1,043 Tags
5b3edd4cb2accbf2bd8eb835470f6e9cd59cd2f6
Commit Graph

1753 Commits

Author SHA1 Message Date
Grant Willcox e7983c3b6f Land #15192, Enforce Style/RedundantBegin for new modules 2021-05-17 09:51:57 -05:00
adfoster-r7 ac2c467121 Land #15011, Enhance analyze command API to understand modules' needs 2021-05-14 14:30:33 +01:00
Alan Foster 100da2f1b1 Enforce Style/RedundantBegin for new modules 2021-05-13 04:01:03 +01:00
William Vu 637e9cff48 Update vmware_vrops_mgr_ssrf_rce documentation 2021-05-06 18:30:20 -05:00
Mehmet INCE bf0551979f Fix the module according to the review 2021-05-03 12:29:00 +03:00
Mehmet INCE 06157601df Remove SCREEN_EFFECTS from sideeffects 2021-05-03 11:14:43 +03:00
Mehmet INCE 9e04805c0e Adding check method to gravcms exec 2021-05-03 11:14:43 +03:00
Mehmet INCE e3d05395de Add GravCMS exec 2021-05-03 11:14:42 +03:00
William Vu d433c0fd12 Fix typo 2021-04-30 23:29:24 -05:00
Spencer McIntyre 994825dcc9 Land #15090, Add exploit for CVE-2021-22502 2021-04-29 14:09:28 -04:00
Shelby Pace a4af80d3e1 Land #15005, add VMware vRealize SSRF RCE 2021-04-27 09:19:55 -05:00
Shelby Pace 363db0e271 Land #14977, add Apache Druid js rce 2021-04-26 12:01:19 -05:00
Pedro Ribeiro 07d82cde93 fix timeout errors in rubocop 2021-04-23 22:10:38 +07:00
Pedro Ribeiro 02ce5a1724 Update modules/exploits/linux/http/microfocus_obr_cmd_injection.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2021-04-23 22:01:05 +07:00
Pedro Ribeiro 58e00b582e Update modules/exploits/linux/http/microfocus_obr_cmd_injection.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2021-04-23 22:00:55 +07:00
Pedro Ribeiro 651a34af53 add sploit for MF OBR cmd injection 2021-04-23 21:04:36 +07:00
William Vu a62d1dfbcd Add some details back in 2021-04-21 16:02:21 -05:00
William Vu 5111caf536 Address @gwillcox-r7 review 
New words from @gwillcox-r7.
 2021-04-21 13:10:21 -05:00
William Vu 22433d5b2c Add clarifying comment 2021-04-21 10:42:10 -05:00
William Vu 08907a5e3a Add VMware vRealize Operations Manager SSRF RCE 
CVE-2021-21975 + CVE-2021-21983
 2021-04-21 10:42:10 -05:00
Grant Willcox 7b7e521d6c Fix up a wrong type field value and set it back to 1 from 2 in the send_exploit() function, since this was causing the exploit to fail 2021-04-20 17:45:51 -05:00
Grant Willcox e0f13e44d1 Land #14699, Add Nagios XI snmptrap RCE and docs (CVE-2020-5792) 2021-04-20 14:30:45 -05:00
Grant Willcox f241a050b8 Apply review comments and fixes to documentation and the module 2021-04-20 12:38:34 -05:00
Grant Willcox d60cdbebb3 Add in Regex fix to ensure that really old versions of NagiosXI will still be detected as vulnerable despite unusual version naming convention 2021-04-19 14:17:05 -05:00
Grant Willcox 4ac9304ca2 Land #14968 - Add Nagios XI Mibs.php Authenticated RCE module and docs (CVE-2020-5791) 2021-04-16 14:37:15 -05:00
Grant Willcox 496e074ec8 Add in fixes to documentation and module from review 2021-04-16 13:14:17 -05:00
William Vu 9e6f425427 Move exploit/linux/http/citrix_dir_traversal_rce 
To exploit/freebsd/http/citrix_dir_traversal_rce. It's actually FreeBSD.
 2021-04-15 19:13:25 -05:00
Grant Willcox 832ca92f42 Land #14700, Add Nagios XI Plugins Filename Authenticate RCE module and docs (CVE-2020-35578) 2021-04-14 16:58:55 -05:00
Grant Willcox 61395f3cb1 Update scenarios in documentation and also update the module to handle cases where the version number may not be in a format that Rex::Text can immediately handle. 2021-04-14 16:32:53 -05:00
Grant Willcox 76353efada Fix minor RuboCop error 2021-04-14 15:38:06 -05:00
Grant Willcox 154e237edd Add in fixes to documentation and module that were covered in the review process 2021-04-14 15:33:42 -05:00
Grant Willcox a59e7e196d Land #14701, Rename Nagios XI authenticated RCE module and integrate Nagios XI mixin 2021-04-13 18:58:29 -05:00
Grant Willcox d766cf9b96 Change module title to be more descriptive and remove bad characters 2021-04-13 17:33:34 -05:00
Grant Willcox 0aada27128 Update the documentation to account for the fact that the plugin name has to be check_ping and also update the module to randomize some of the fields where possible. 2021-04-13 17:15:34 -05:00
Grant Willcox ead9d73dc5 Add in fixes from review to documentation and module 2021-04-13 16:34:13 -05:00
William Vu e842c3ecab Fix Gem::Package NameError with Rex::Tar::Writer 2021-04-12 18:50:31 -05:00
Shelby Pace a36030bcb7 add AutoCheck and usage of TARGETURI option 
remove CheckCmd from docs
 2021-04-09 12:08:25 -05:00
je5442804 352fedcca0 Improved 2021-04-09 19:50:43 +08:00
je5442804 69b62cee3a Update modules/exploits/linux/http/apache_druid_js_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:31:38 +08:00
je5442804 58f14a3219 Update module-send_request 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:31:25 +08:00
je5442804 afb263bcba Update description 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:27:30 +08:00
Adam Cammack 6096d0f135 Remove superfluous default_cred? methods 2021-04-07 06:12:25 -05:00
Shelby Pace cfc6b0a8ba Land #14971, add Apache OFBiz SOAP Deser rce 2021-04-05 11:44:40 -05:00
Shelby Pace a803e1e932 remove spare comma 2021-04-05 09:33:20 -05:00
je5442804 76f89dc4d4 Update apache_druid_js_rce.rb 2021-04-04 21:36:53 +08:00
je5442804 80f96f0045 Update modules/exploits/linux/http/apache_druid_js_rce.rb 
Co-authored-by: wvu <wvu-r7@users.noreply.github.com>
 2021-04-03 23:57:22 +08:00
kalba-security 34a5f7906c Rebase so we can use the latest mixin code,update the version range, update docs 2021-04-01 13:29:44 -04:00
kalba-security faab100d9a Add Nagios XI Mibs.php Authenticated RCE module and docs 2021-04-01 13:06:33 -04:00
kalba-security f76f58eb51 Rebase, use latest mixin code in check, update version and docs 2021-04-01 12:43:44 -04:00
kalba-security dd5c747584 Add Nagios XI snmptrap RCE and docs 2021-04-01 12:26:06 -04:00