adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,208 Commits 27 Branches 1,043 Tags
68fdb103fef023e8f8fefc0e0cd6a9bc020ef430
Commit Graph

4724 Commits

Author SHA1 Message Date
Grant Willcox 68fdb103fe Add in final touch ups to documentation to fix a typo or two for formatting. Also update exploit ranking since this exploit doesn't retrieve version information before exploiting and is not 100% reliable so Excellent ranking isn't appropriate 2022-05-11 09:39:47 -05:00
Pedro Ribeiro e0c8108942 add docs for sslvpn module 2022-03-06 23:15:53 +00:00
space-r7 bed067dda0 Land #16125, add ARCH_CMD for GXV3140 support 2022-02-08 12:24:42 -06:00
Spencer McIntyre 2f3e4742f4 Land #16151, Add QEMU Monitor HMP exec module 2022-02-07 16:43:08 -05:00
Brendan Coles 5bbe934db9 Add QEMU Monitor HMP 'migrate' Command Execution module 2022-02-07 17:48:27 +00:00
Christophe De La Fuente fa849e51c3 Land #16137, Update PrintNightmare to use the moved DCERPC definitions 2022-02-07 16:54:09 +01:00
Christophe De La Fuente f99438b9d1 Add target security settings info to the documentation 2022-02-07 16:48:34 +01:00
Spencer McIntyre e2c91ebf30 Land #16010, zabbix_script_exec improvements 
This updates the zabbix_script_exec module to work with versions 5.0 and
newer as well as adds a new item-based execution technique.
 2022-02-04 15:13:13 -05:00
Spencer McIntyre ae278d0568 Cleanup some minor typos 2022-02-04 15:12:57 -05:00
Spencer McIntyre dd64dcf074 Finish the PetitPotam module with docs 2022-02-04 13:12:08 -05:00
lap1nou 8838d9cb66 Added timeout system, fixed a bug with TLS_PSK, linted 2022-02-04 04:01:23 -08:00
lap1nou 645ef5e71f Fixed few bugs 2022-02-02 14:30:02 -08:00
Spencer McIntyre 7c987a452d Land #16130, Wordpress RegistrationMagic sqli 2022-02-02 10:50:13 -05:00
Spencer McIntyre dda6c53144 Fix table alignment 2022-02-02 10:48:58 -05:00
lap1nou de32cc0e97 Linted with Rubocop, factorized API call, fixed some grammmar 2022-02-01 13:29:30 -08:00
h00die 00c1ac4da9 updated docs for registrationmagic 2022-02-01 16:17:36 -05:00
space-r7 837fdf7c5e Land #16128, add cisco rv unauth rce 2022-02-01 10:34:57 -06:00
Jake Baines 78312fb300 Update documentation/modules/exploit/linux/http/cisco_rv_series_authbypass_and_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-02-01 06:41:26 -05:00
h00die b71f9e7e45 wp_plugin RegistrationMagic sqli 2022-01-30 16:08:06 -05:00
Jake Baines ccedcfefab Added exploit for CVE-2021-1472/CVE-2021-1473 2022-01-29 18:56:53 -08:00
Brendan Coles feebf25ad4 Add support for GXV3140 models and ARCH_CMD busybox telnetd payload 2022-01-29 19:38:57 +00:00
Brendan Coles a4fcddca8e Rename to grandstream_gxv31xx_settimezone_unauth_cmd_exec 2022-01-29 19:24:09 +00:00
Grant Willcox 44f040ad78 Land #16056, Exploit Module for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-24 21:03:46 -06:00
Grant Willcox 15751a0f78 Minor langauge fix and final typo 2022-01-24 21:01:34 -06:00
Jake Baines 2c989ec714 Addressed multiple review comments (spelling, doc details, randomization, etc) 2022-01-22 14:09:58 -08:00
Spencer McIntyre 458d584f83 Add details to check codes and PR feedback 2022-01-21 09:40:23 -05:00
Spencer McIntyre 579627f5c7 Update docs, note OS X support 2022-01-20 10:47:11 -05:00
Spencer McIntyre ba469a4b2c Add version detection to the Unifi exploit 2022-01-20 09:26:48 -05:00
Spencer McIntyre ef344d9d12 Add the Unifi Log4Shell RCE exploit 2022-01-19 17:51:31 -05:00
bwatters 4cf3ae352c Land #16050, Log4Shell: vCenter RCE 
Merge branch 'land-16050' into upstream-master
 2022-01-19 16:30:33 -06:00
Grant Willcox 8bb3e39fd7 Land #16036, Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 10:58:42 -06:00
Brendan Coles ee2feb1207 Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 00:04:15 +00:00
Jake Baines 4ebb702405 Added an exploit for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-15 12:46:56 -08:00
Spencer McIntyre 3f04b80d8b Add vCenter Log4Shell docs 2022-01-13 14:50:28 -05:00
Christophe De La Fuente e10331b22d Land #15656, Allow authenticated user creation in vmware_vcenter_vmdir_auth_bypass 2022-01-13 17:04:12 +01:00
space-r7 435e79aaef Land #16041, add SonicWALL cmd injection 2022-01-12 13:23:57 -06:00
Christophe De La Fuente b0743e15d9 Update documentation and fix vulnarable/non-vulnerable status message 2022-01-12 16:51:40 +01:00
space-r7 199eae5e99 Land #16012, add pi-hole aux module and lib 2022-01-12 09:21:11 -06:00
space-r7 bb00575acb add command for starting docker env 2022-01-11 17:07:36 -06:00
Spencer McIntyre 877bab6f2a Land #15969, Log4j2 HTTP Header Injection Exploit 2022-01-11 16:52:08 -05:00
Spencer McIntyre 7b64383040 Preemptively tweak references to ysoserial 2022-01-11 16:25:21 -05:00
Jake Baines d4ee9a0183 Initial commit of CVE-2021-20039 exploit 2022-01-10 12:43:50 -08:00
lap1nou 53c2400be9 Added cleaning procedure + fixed few mistakes/error mesage, removed unused docs 2022-01-08 10:56:31 -08:00
lap1nou ccc90b0330 Linted doc+module, added support for 6.x version, aded support for TLS and item RCE, improved payload management 2022-01-07 17:40:15 -08:00
Spencer McIntyre 3f15c9ecc1 Writeup the module docs 2022-01-07 17:30:39 -05:00
h00die 4df91dd3ec f5 big-ip module and doc updates 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 89ec0a8434 Add the output of 'notes' to the documentation 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul fcb2a06a98 Remove an unnecessary line in the documentation 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 411e062738 Change domain name example in verification steps 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 17ec7c6255 Add documentation 2022-01-07 12:17:43 -05:00