adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,958 Commits 27 Branches 1,043 Tags
5d0b7c191c18313ba55c7bee71b49d9fbff00a02
Commit Graph

3198 Commits

Author SHA1 Message Date
Christophe De La Fuente 0df12fd694 Land #17754, Open web analytics 1.7.3 remote code execution 2023-03-17 10:15:33 +01:00
Christophe De La Fuente daadb4f523 Land #17775 - Add exploit for Bitbucket env var RCE (CVE-2022-43781) 2023-03-16 11:01:07 +01:00
space-r7 8a76dab0bd update line numbers 2023-03-15 13:24:33 -05:00
space-r7 22c05105d3 address review comments 
reduces some code duplication, sets privileged to true,
and modifies documentation to reflect lhost / rhost opts
 2023-03-15 11:18:03 -05:00
Pflegusch 3bf60a57ae Fix typo 2023-03-15 01:54:36 +01:00
Pflegusch cea8aa8e02 Update open_web_analytics_rce.md to work with latest code changes 2023-03-15 01:34:02 +01:00
space-r7 fddcae3d93 don't always create repo 2023-03-14 19:03:58 -05:00
Pflegusch bb9e214282 Fix line too long in open_web_analytics_rce docs 2023-03-15 00:01:15 +01:00
Pflegusch e160e51711 Fix typos, update docs with advanced option SearchLimit, implement SearchLimit into module 2023-03-14 23:29:55 +01:00
Pflegusch 3196a52bdf fix msftidy_docs.rb issues 2023-03-14 21:43:07 +01:00
Grant Willcox c53a22d3fb Land #17750, FortiNAC keyUpload.jsp arbitrary file write CVE-2022-39952 2023-03-14 11:09:40 -05:00
Grant Willcox 7217a60e41 Update documentation to provide better installation instructions 2023-03-14 10:13:27 -05:00
Grant Willcox 4a4b2a28d2 Update documentation to provide better installation instructions 2023-03-14 09:21:08 -05:00
cgranleese-r7 ec7347cd49 Land #17509, tomcat 7 priv esc on rhel based systems (cve-2016-5425) 2023-03-14 10:16:18 +00:00
Grant Willcox 3bd4c15704 Correct architecture and do final fixes 2023-03-13 15:46:42 -05:00
space-r7 4bb843fe70 add documentation, adjust method of getting ids 2023-03-13 15:31:41 -05:00
Pflegusch ddd594ac62 Update example in docs for latest code changes 2023-03-11 17:26:21 +01:00
Jack Heysel 2a9ddae531 Updated description 2023-03-09 17:43:14 -05:00
Jack Heysel 06e7c3d702 Responded to comments updated docs 2023-03-09 17:39:53 -05:00
Pflegusch 85185633b7 Use single back ticks and 3 instead of 4 at the end 2023-03-09 16:58:04 +01:00
h00die-gr3y fc711131a2 added MIME, added break in mixin and added link with installation instructions 2023-03-09 09:28:46 -06:00
Grant Willcox deafceed00 Update documentation, library, and Gemspec from review 2023-03-09 09:28:27 -06:00
h00die-gr3y dc8ebb722a Added support for native PHP payloads and reengineered webshells 2023-03-09 09:28:03 -06:00
h00die-gr3y c844d4d714 removed check and fix up some code 2023-03-09 09:27:29 -06:00
h00die-gr3y 771f32bd8a Add documentation and apply code updates 2023-03-09 09:27:03 -06:00
Pflegusch 14b5c08a62 Fix the double slash in the shell url 2023-03-09 14:28:15 +01:00
Pflegusch ae7ca169fe Use the same IP as in the example 2023-03-09 14:08:50 +01:00
Pflegusch 3847c410b0 Small changes to the open_web_analytics_rce documentation 2023-03-09 14:05:06 +01:00
Pflegusch 7b0a54bb56 Add the documentation for the module 2023-03-09 13:59:27 +01:00
Grant Willcox 100cfbccf9 Fix up some more slight things in documentation. Also tidy up some things in the module 2023-03-08 17:25:56 -06:00
Grant Willcox eeb30d2426 Fix up some typos etc from review in documentation 2023-03-08 16:44:06 -06:00
Jack Heysel dfae7e2fc4 FortiNAC keyUploap.jsp arbitrary file write CVE-2022-39952 2023-03-08 14:06:28 -05:00
Spencer McIntyre a418bd9c65 Land #17638, Lucee Scheduled Job RCE 2023-03-02 08:57:19 -05:00
JBince 1245124afa updated docs to reflect changes from smcintyre-r7 2023-02-28 19:58:39 -06:00
Jack Heysel 3abd62076c Land #17624, Oracle E-Business Suite Module 
This pull request adds an exploit module for CVE-2022-21587
an arbitrary file upload vulnerability in Oracle Web Applications
Desktop Integrator as shipped with 12.2.3 through to 12.2.11
which results in RCE
 2023-02-28 17:04:20 -05:00
Spencer McIntyre a916163b49 Cleanup files and fixup messages 2023-02-28 16:41:57 -05:00
JBince 8b03f2fda8 Reworked payload execution logic 2023-02-27 11:09:34 -06:00
Jack Heysel 5311a491e9 Froxlor 2.0.7 is actually vulnerable too 2023-02-24 13:18:34 -05:00
space-r7 9621f77bac Land #17640, add Froxlor RCE 2023-02-22 12:11:38 -06:00
sfewer-r7 690abcfe1f improve the documentation, mention some steps required during setup. 2023-02-22 09:42:11 +00:00
Jack Heysel f6ec3855b3 Removed space at EOL 2023-02-22 00:35:42 -05:00
Jack Heysel 0c8df1a67b Updated docs and module suggetsions 2023-02-22 00:33:40 -05:00
Grant Willcox 38d8b70873 Make msftidy_docs.rb happy and then also clarify where to find software download links 2023-02-17 14:56:51 -06:00
Grant Willcox c713da368d Add in a few fixes from the review 2023-02-17 14:52:57 -06:00
JBince ce9933fc4c Feedback changes + rubocop & msftidy changes 2023-02-17 08:16:49 -06:00
sfewer-r7 73e82274dd changes as per @gwillcox-r7 review 2023-02-17 13:10:53 +00:00
JBince a3a6ae9c4a feedback fixes 2023-02-16 14:33:03 -06:00
Spencer McIntyre ecd5ad29a7 Add module docs 2023-02-15 16:29:42 -05:00
Spencer McIntyre ac9d60ce9e Land #17281, Added module for CVE-2022-2992 
Added module for CVE-2022-2992 - Gitlab Remote Command Execution via Github import
 2023-02-14 16:57:29 -05:00
sfewer-r7 d1463df3cc fix documentation issues from msftidy_docs 2023-02-14 10:47:47 +00:00