adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,395 Commits 27 Branches 1,043 Tags
5dd75e174b42cf6fb49dff30d79250ec8a38418d
Commit Graph

1259 Commits

Author SHA1 Message Date
h00die-gr3y 5dd75e174b second release module and documentation 2024-03-15 18:27:59 +00:00
Jack Heysel 0aa20c73a4 Land #18832, Add exploit module CVE-2023-47218 
The PR adds a module targeting CVE-2023-47218, an
unauthenticated command injection vuln affecting QNAP
QTS and QuTH Hero.
 2024-02-21 08:48:30 -08:00
bwatters d21e4080a9 Land #18792, Ivanti Connect Secure - Unauth RCE (CVE-2024-21893 + CVE-2024-21887) #18792 
Merge branch 'land-18792' into upstream-master
 2024-02-20 17:40:12 -06:00
Jack Heysel 8cddffa3d1 Land #18700, Add Kafka-ui Unauth RCE module 
This PR adds an exploit module for CVE-2023-52251 which
is an unauthenticated rce vulnerability in Kafka's UI.
 2024-02-16 15:38:52 -05:00
Jack Heysel a1b0ff0fcf Land #18681, Update Apache Ofbiz w. Auth-Bypass 
This PR updates the pre-existing apache_ofbiz_deserialization
module to include functionality that will bypass authentication by
using the newly discovered CVE-2023-51467.
 2024-02-16 15:02:34 -05:00
Jack Heysel 6c252de974 Docs plus minor edits 2024-02-15 17:12:11 -05:00
h00die-gr3y d716e60cf2 added base64 encoder module of zerosteiner 2024-02-14 21:33:50 +00:00
H00die.Gr3y 996ca8a7c9 Update documentation/modules/exploit/linux/http/kafka_ui_unauth_rce_cve_2023_52251.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-02-14 20:57:46 +00:00
h00die-gr3y f75722ecf2 Small updates to module and documentation 2024-02-14 20:57:46 +00:00
h00die-gr3y eafdb8495b Added documentation 2024-02-14 20:57:46 +00:00
Christophe De La Fuente 747d328bcb Land #18786, Fix option collision in service_persistence 2024-02-14 17:25:15 +01:00
sfewer-r7 1f292c8a73 remove the linux and unix targets in favor of a single automatic target 2024-02-09 09:26:08 +00:00
h00die 84278b8e0e fix ofbiz auto detection 2024-02-06 16:45:02 -05:00
sfewer-r7 367783bcb5 add in RCE exploit for CVE-2024-21893 2024-02-06 11:49:04 +00:00
lihe07 29524fa7f8 Fix option collision in service_persistence 
The option `SHELLPATH` collide with `cmd/unix/reverse_netcat`,
resulting in abnormal backdoors. This commit rename it to BACKDOOR_PATH
 2024-02-03 23:18:45 +08:00
h00die cf2f76e6a2 cve-2024-21626 review 2024-02-02 16:27:02 -05:00
h00die 1c73cf938f cve-2024-21626 2024-02-01 15:28:04 -05:00
Jack Heysel c278ef9b73 Land #18648, Add Module for GL.iNet products 
This PR adds an exploit module for a number of
different GL.iNet network products. The module combines
an auth by-pass CVE-2023-50919 with an RCE CVE-2023-50445.
 2024-01-23 14:57:29 -05:00
jheysel-r7 13d2968fad Capitalize remaining references to Meterpreter 2024-01-23 13:11:03 -05:00
Jack Heysel 904e34434e Land #18626, SaltStack Minion Deployer 
This PR adds an exploit module which allows for
a user who has compromised a host acting as a
SaltStack Master to deploy payloads to the Minions
attached to that Master.
 2024-01-23 11:58:38 -05:00
Spencer McIntyre 06dcc82ced Land #18630, Add CVE-2023-50917: MajorDoMo RCE 
Add CVE-2023-50917: MajorDoMo Command Injection Module
 2024-01-19 17:10:40 -05:00
bwatters fadb0f45dd Land #18708, Ivanti Connect Secure RCE exploit module (CVE-2023-46805 and CVE-2024-21887) 
Merge branch 'land-18708' into upstream-master
 2024-01-19 15:47:43 -06:00
Stephen Fewer 5ba4aba912 Update documentation/modules/exploit/linux/http/ivanti_connect_secure_rce_cve_2023_46805.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-18 09:18:28 +00:00
Christophe De La Fuente a8d46b3e7a Land #18627, Ansible: post gather module, payload deployer, and file reader 2024-01-17 15:26:25 +01:00
sfewer-r7 2919b36f2b add in docs 2024-01-17 10:25:04 +00:00
h00die d7cf9155a6 ofbiz working for 18.12.09 2024-01-16 20:06:11 -05:00
h00die-gr3y e7f2abbf9e Small typo update 2024-01-14 19:26:10 +00:00
h00die e711c9ea43 ansible review 2024-01-10 17:16:57 -05:00
h00die 2cfcb74303 saltstack review 2024-01-10 17:09:02 -05:00
h00die e9296d1add saltstack review 2024-01-10 17:04:03 -05:00
h00die 6de51a5047 non-working module 2024-01-08 19:49:47 -05:00
h00die 077cad34ab non-working module 2024-01-08 19:47:24 -05:00
h00die-gr3y 85897a2596 update adding aarch64 architecture and some new targets 2024-01-06 17:26:38 +00:00
h00die 80e9f1b97d saltstack salt-master review 2024-01-06 06:38:59 -05:00
h00die-gr3y 9bb7e0e379 small update to documentation 2024-01-04 14:04:34 +00:00
h00die-gr3y adf455e8cb Third release of module and documentation 2024-01-04 14:01:37 +00:00
h00die-gr3y b2312c97d3 Second release of module and documentation 2024-01-04 09:26:16 +00:00
h00die 11c12fcb6d review comments 2023-12-23 13:23:34 -05:00
h00die a5698f6aa6 review comments 2023-12-23 12:18:06 -05:00
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Balgogan 0a2dea523f Add suggested changes 2023-12-22 00:04:54 +01:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Christophe De La Fuente 7ca256560d Land #18542, Vinchin Backup & Recovery Command Injection 2023-12-20 18:56:50 +01:00
Balgogan 22a05c8bf5 Add CVE-2023-50917 2023-12-20 00:43:00 +01:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die-gr3y 9ac3739605 Minor changes to the documentation 2023-12-17 13:51:30 +00:00
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00