 Grant Willcox
|
5c8aa9b802
|
Add in ForgeRock demonstration and fix up some last minor issues with the documentation to make it more accurate
|
2021-07-09 16:43:25 -05:00 |
|
|
Spencer McIntyre
|
fba838f4e8
|
Update docs, pin version and fix the check method
|
2021-07-09 16:39:58 -04:00 |
|
|
Spencer McIntyre
|
a0bd903b50
|
Update module docs and the TARGETURI option
|
2021-07-06 15:52:50 -04:00 |
|
|
Spencer McIntyre
|
bfc45359ff
|
More documentation updates and address PR feedback
|
2021-07-06 11:27:06 -04:00 |
|
|
Spencer McIntyre
|
deb78275d0
|
Make the requested documentation changes
|
2021-07-06 09:55:19 -04:00 |
|
|
bwatters
|
0a43ec7e4a
|
Add module for CVE-2021-35464; pre-auth RCE in ForgeRock OpenAM server
|
2021-07-02 16:05:39 -05:00 |
|
|
Shelby Pace
|
a2a1b91a69
|
Land #15341, add wpdiscuz exploit
|
2021-06-25 16:22:02 -05:00 |
|
|
Shelby Pace
|
6d13f0627e
|
formatting changes
|
2021-06-25 16:20:42 +02:00 |
|
|
Shelby Pace
|
1194e7d0f3
|
add guards, adjust formatting, add docs
|
2021-06-25 16:20:42 +02:00 |
|
|
Shelby Pace
|
3c7d96695e
|
Land #15349, add rConfig vendors auth rce
|
2021-06-24 10:43:18 -05:00 |
|
|
Shelby Pace
|
df1faf85ff
|
rename files, change version check, use cookie jar
|
2021-06-24 09:47:38 -05:00 |
|
|
Spencer McIntyre
|
397c9ef140
|
Land #15333, Cisco HyperFlex File Upload RCE
|
2021-06-17 13:40:39 -04:00 |
|
|
Jack Heysel
|
281fce0c94
|
Cisco HyperFlex File Upload RCE module
beta draft
RCE working with linux/x64/meterpreter_reverse_tcp
rubocop
Updated title, removed newlines
Responded to comments
Rubo cop offenses
Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md
Co-authored-by: wvu <wvu-r7@users.noreply.github.com>
Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb
Co-authored-by: wvu <wvu-r7@users.noreply.github.com>
Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb
Co-authored-by: wvu <wvu-r7@users.noreply.github.com>
Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb
Co-authored-by: wvu <wvu-r7@users.noreply.github.com>
Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb
Co-authored-by: wvu <wvu-r7@users.noreply.github.com>
Responded to comments
Rubocop offenses
Added support for Java Dropper
Made changes to Linux Dropper
Rubocop
Improved check method, changed to default staged paylod, removed TODO
Switched to single-quoted strings
|
2021-06-17 12:38:47 -04:00 |
|
|
Yann Castel
|
dca4f3f471
|
fix download link
|
2021-06-17 15:19:42 +02:00 |
|
|
Yann Castel
|
0fda6b348d
|
initial commit
|
2021-06-17 15:15:59 +02:00 |
|
|
Grant Willcox
|
62f9d15ba3
|
Land #15314, Add Exploit for CVE-2021-31181 (SharePoint RCE)
|
2021-06-16 10:39:49 -05:00 |
|
|
Grant Willcox
|
464dcdf578
|
Land #15239, ipfire <= 2.25 Core Update 156 pakfire.cgi Authenticated RCE
|
2021-06-14 18:01:24 -05:00 |
|
|
Grant Willcox
|
537a7763f5
|
Land #15337, Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests
|
2021-06-14 15:28:40 -05:00 |
|
|
Grant Willcox
|
5b274770ef
|
Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall
|
2021-06-14 15:02:38 -05:00 |
|
|
adfoster-r7
|
e40fcafbf1
|
Land #15339, fix typo in wp_admin_shell_upload.md
|
2021-06-14 18:04:30 +01:00 |
|
|
adfoster-r7
|
fb0e0f88a9
|
Land #15215, HashiCorp Nomad exec RCE
|
2021-06-14 17:49:36 +01:00 |
|
|
Spencer McIntyre
|
d1be69eae6
|
Implement changes based on PR feedback
|
2021-06-14 10:15:27 -04:00 |
|
|
Florian CASAGRANDE
|
6e3e27984b
|
Update wp_admin_shell_upload.md
|
2021-06-13 13:53:08 +02:00 |
|
|
Spencer McIntyre
|
edee95bbb2
|
Update the check to not fail if a COOKIE is used
|
2021-06-10 11:29:07 -04:00 |
|
|
MucahitSaratar
|
ea7eaba7a9
|
added cve
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
|
2021-06-10 09:35:42 -05:00 |
|
|
MucahitSaratar
|
4796779a29
|
Add more fixes to the module and documentation
|
2021-06-10 09:35:10 -05:00 |
|
|
MucahitSaratar
|
8e16d4a1c7
|
ipfire 2.25 core 156 remote code execution
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
|
2021-06-10 09:34:13 -05:00 |
|
|
agalway-r7
|
1858b574ec
|
Land #15305, Authenticated RCE module for NSClient++
|
2021-06-09 15:38:34 +01:00 |
|
|
Yann Castel
|
14c5924044
|
rubocop for documentation is ok
|
2021-06-09 09:08:19 +02:00 |
|
|
Yann Castel
|
674eb51f86
|
add scenario + small changes
|
2021-06-09 08:59:35 +02:00 |
|
|
Spencer McIntyre
|
3afe3ebfa3
|
Add the module docs
|
2021-06-08 15:23:24 -04:00 |
|
|
Hakyac
|
fd988f7f29
|
Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md
Co-authored-by: bcoles <bcoles@gmail.com>
|
2021-06-08 16:35:10 +02:00 |
|
|
Hakyac
|
e1030226de
|
Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md
Co-authored-by: bcoles <bcoles@gmail.com>
|
2021-06-08 15:17:53 +02:00 |
|
|
Hakyac
|
0834fa122d
|
Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md
Co-authored-by: bcoles <bcoles@gmail.com>
|
2021-06-08 15:17:34 +02:00 |
|
|
Hakyac
|
e53ca42570
|
Update documentation/modules/exploit/windows/http/nscp_authenticated_rce.md
Co-authored-by: bcoles <bcoles@gmail.com>
|
2021-06-08 15:16:12 +02:00 |
|
|
Yann Castel
|
bf96b88446
|
add default port + set ssl to true
|
2021-06-07 16:48:16 +02:00 |
|
|
Yann Castel
|
6a7e30749d
|
initial commit
|
2021-06-07 14:39:10 +02:00 |
|
|
Spencer McIntyre
|
78f97d2fa7
|
Land #15281, Add Cisco HyperFlex exploit
|
2021-06-03 17:24:27 -04:00 |
|
|
Shelby Pace
|
8b737c2c60
|
Land #15231, add SuiteCRM log file rce
|
2021-06-03 09:11:00 -05:00 |
|
|
William Vu
|
6efd312430
|
Add Cisco HyperFlex HX Data Platform exploit
CVE-2021-1497
CVE-2021-1498
|
2021-06-03 00:43:56 -05:00 |
|
|
William Vu
|
6498554084
|
Clean up NetMotion Mobility exploit and docs
Refactor target selection once again.
|
2021-06-02 23:47:01 -05:00 |
|
|
Shelby Pace
|
598f925fd3
|
remove extra spaces
|
2021-06-01 11:37:45 -05:00 |
|
|
h00die
|
825cc9d284
|
upgraded to meterp
|
2021-05-29 15:55:24 -04:00 |
|
|
h00die
|
721a47ad7f
|
cacti 1.2.12 sql to rce
|
2021-05-29 15:55:24 -04:00 |
|
|
Wyatt Dahlenburg
|
eb76aae2a7
|
Merge branch 'master' of github.com:rapid7/metasploit-framework into hashicorp_nomad
|
2021-05-25 15:56:13 -05:00 |
|
|
Shelby Pace
|
8e4a33f2a2
|
Land #15223, move TokenMagic validation logic
|
2021-05-24 14:51:13 -05:00 |
|
|
M. Cory Billington
|
e62efe0690
|
Added module and documentation for SuiteCRM Log File RCE
|
2021-05-22 00:11:19 -05:00 |
|
|
bwatters
|
8e1391f098
|
Land #15216, Fix targeting for CVE-2021-21551
Merge branch 'land-15216' into upstream-master
|
2021-05-21 14:56:08 -05:00 |
|
|
bwatters
|
72375d1f67
|
Land #15024, Add RCE Exploit For CVE-2020-0796 (SMBGhost)
Merge branch 'land-15024' into upstream-master
|
2021-05-20 17:02:04 -05:00 |
|
|
Spencer McIntyre
|
a6f650a1a3
|
Add a clear warning about instability due to KPP
|
2021-05-20 17:28:14 -04:00 |
|