adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,547 Commits 27 Branches 1,043 Tags
6343fc8f7c11d6eae0dbaa207ce0c19ac5b54ffb
Commit Graph

33962 Commits

Author SHA1 Message Date
Grant Willcox aa9b3df6b3 Land #17625, Add credit for CVE-2023-0669; fix path in docs 2023-02-09 14:02:52 -06:00
Spencer McIntyre c7279e9a0a Add credit for CVE-2023-0669; fix path in docs 2023-02-09 13:02:40 -05:00
Grant Willcox 43b4ee268c Land #17592, Fix bypassuac_injection_winsxs for x64 2023-02-09 11:41:51 -06:00
Spencer McIntyre e6f4e96544 Close hFindFile 2023-02-09 11:43:20 -05:00
bcoles de8a6e1445 Move fortra_goanywhere_rce_cve_2023_0669 module documentation to documentation directory 2023-02-09 23:12:45 +11:00
cgranleese-r7 508f5c7e52 Land #17619, Run rubocop on exploit modules 2023-02-09 10:11:53 +00:00
bwatters 01a78f972c Land #17567, ManageEngine Endpoint Central RCE (CVE-2022-47966) 
Merge branch 'land-17567' into upstream-master
 2023-02-08 13:06:53 -06:00
Spencer McIntyre c997952d83 Land #17607, Fortra RCE CVE-2023-0669 
Fortra deserialization RCE CVE-2023-0669 (ETR)
 2023-02-08 12:56:09 -05:00
cgranleese-r7 a878403a3e Land #17618, Run rubocop on auxiliary admin http modules 2023-02-08 17:40:26 +00:00
adfoster-r7 656ded4b86 Add module notes 2023-02-08 15:46:07 +00:00
Spencer McIntyre 2b008af097 Move the module to reflect it targets Windows too 2023-02-08 10:24:27 -05:00
adfoster-r7 25ee41df68 Run rubocop on exploit modules 2023-02-08 15:20:32 +00:00
Spencer McIntyre 75ceb7b670 Refactor option handling. 
Use CamelCase names for advaned options and add validation.
 2023-02-08 10:17:16 -05:00
Spencer McIntyre fef7c85518 Add Windows target compatibility 2023-02-08 09:47:37 -05:00
adfoster-r7 6e9b33dc88 Run rubocop on auxiliary admin http modules 2023-02-08 14:30:08 +00:00
adfoster-r7 b56213b168 Update linting on post modules 2023-02-08 14:12:43 +00:00
dwelch-r7 11c886b30f Land #17616, Run rubocop on post modules 2023-02-08 14:09:16 +00:00
adfoster-r7 a81a71c5df Run rubocop on post modules 2023-02-08 13:47:34 +00:00
cgranleese-r7 10144a9f13 Land #17615, Add missing module notes for stability reliability and side effects 2023-02-08 12:28:47 +00:00
adfoster-r7 433bafdccf Add missing module notes for stability reliability and side effects 2023-02-08 11:45:17 +00:00
bwatters 8ee67085c8 Land #17556, ManageEngine ADSelfService Plus RCE (CVE-2022-47966) 
Merge branch 'land-17556' into upstream-master
 2023-02-07 16:57:22 -06:00
Matthew Dunn 52fa2e5be6 Add example for version 5.5.6 with CVE-2021-25297 2023-02-07 14:18:53 -06:00
Grant Willcox 489ab24876 Add in additional case documentation for the various targets and CVEs and fix a bug in the code 2023-02-07 14:18:45 -06:00
Grant Willcox 7c30889784 Refactor code to handle unsigned licenses in one central function 2023-02-07 14:18:39 -06:00
Grant Willcox b14bcd40a2 Fix incorrect match logic grabbing the wrong entry from results for NSP 2023-02-07 14:18:38 -06:00
Grant Willcox 425da60b15 Add in missing case 5 check 2023-02-07 14:18:38 -06:00
Matthew Dunn 90e07ef5ed Switch to match over scan and add troubleshooting steps 2023-02-07 14:18:37 -06:00
Matthew Dunn 8cddf56238 Verify auth_cookies before use 2023-02-07 14:18:37 -06:00
Matthew Dunn a276659681 Use more encompassing single regex 2023-02-07 14:18:36 -06:00
Matthew Dunn 7554b5e4fd Add failure condition for nsp's that fail to match the regex 2023-02-07 14:18:36 -06:00
Matthew Dunn 1cb06b11ac Adjust exploit and docs to support versions 5.5.6-5.7.5 2023-02-07 14:18:09 -06:00
Matthew Dunn 87176f9d7f Address Review Comments and add CVE-2021-25297 coverage 2023-02-07 14:18:06 -06:00
Matthew Dunn c5914d8c99 Insert randomized strings to fix exploit with plugin_output_len 2023-02-07 14:18:05 -06:00
Matthew Dunn 990db5372f Remove extra payload details, add config check 2023-02-07 14:18:05 -06:00
Matthew Dunn b042e71b2a Make Module work for both target url parameters 2023-02-07 14:18:04 -06:00
Matthew Dunn b606d1ff6b Add Documentation for Module 
Fix CVE format

Add Documentation
 2023-02-07 14:18:04 -06:00
Matthew Dunn 5846d95b25 Create nagios_xi_configwizards_authenticated_rce.rb 
Add initial module
 2023-02-07 14:18:03 -06:00
Ron Bowes 676bb2af02 Fix a couple requests from the PR 2023-02-07 09:05:44 -08:00
Ron Bowes 588bddc950 Fix a couple requests from the PR 2023-02-07 09:05:16 -08:00
bwatters 53c67653f5 Land #17527, ManageEngine ServiceDesk Plus RCE (CVE-2022-47966) 
Merge branch 'land-17527' into upstream-master
 2023-02-06 17:37:31 -06:00
Ron Bowes f7fb611bcc Add documentation 2023-02-06 14:35:42 -08:00
Ron Bowes 89485703dc Make rubocop happy 2023-02-06 14:23:55 -08:00
Ron Bowes 9b90343480 Check in the module 2023-02-06 14:21:42 -08:00
adfoster-r7 4a2dc0d6b0 Land #17598, modules/exploits/unix/local Add Notes and resolve RuboCop violations 2023-02-06 13:59:19 +00:00
adfoster-r7 215cfa27b0 Land #17483, add tomcat 8 priv esc on ubuntu (cve-2016-1240) 2023-02-06 13:53:25 +00:00
h00die a5a7d5dd10 correct cleanup and stabilization 2023-02-05 08:15:38 -05:00
bcoles adf5091c7a modules/exploits/unix/local: Add Notes and resolve RuboCop violations 2023-02-05 15:45:30 +11:00
bcoles 19b526d584 qubes_mirage_firewall_dos: Fix notes for SideEffects and Reliability 2023-02-05 12:04:59 +11:00
h00die 561b42f105 use exploit retry function 2023-02-04 18:17:42 -05:00
h00die aff14e8e46 tocat to tomcat 2023-02-04 18:17:42 -05:00