adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71,608 Commits 27 Branches 1,043 Tags
6a84cc8a5743ce2ab0e7a00a13d6bea425061bea
Commit Graph

5921 Commits

Author SHA1 Message Date
Spencer McIntyre 28c4902f4a Land #18180, Flask unsign library, related modules 
Apache Supserset Priv Esc (CVE-2023-27524) and Flask unsign Library
 2023-09-12 19:02:30 -04:00
Spencer McIntyre c1cabdf099 Process escape sequences in the wordlist 2023-09-12 16:49:38 -04:00
h00die 94657d317b another round of review comments 2023-09-11 14:29:20 -04:00
h00die 2ed001ced2 light review changes 2023-09-11 10:33:43 -04:00
h00die 235c142274 Merge remote-tracking branch 'origin/flask_unsign' into flask_unsign 2023-09-11 10:27:00 -04:00
Spencer McIntyre f1aea836f3 Land #18273, Add VMware vRealize Log Insight RCE 
Add VMware vRealize Log Insight unauthenticated RCE exploit
 2023-09-08 17:17:23 -04:00
Spencer McIntyre 21dde19511 Make some final tweaks 
Change strings to reference `VMware` using the proper case. Don't
include CmdStager (because it's unnecessary). Set PrependFork to fix
shell payloads. Move CamelCase options to advanced.
 2023-09-08 16:55:42 -04:00
bwatters fdae4953eb Land #18290, Prometheus API & Prometheus Node Exporter Interrogator 
Merge branch 'land-18290' into upstream-master
 2023-09-08 12:55:30 -05:00
Simon Janusz 57f3b8a352 Land #18350, Add opentsdb_key_cmd_injection exploit module and docs 2023-09-08 16:50:46 +01:00
Simon Janusz 18103b032d Add docs for opentsdb_key_cmd_injection 2023-09-08 16:08:18 +01:00
Simon Janusz 7302394ffa Land #18316, Kibana Timelion Prototype Pollution RCE (CVE-2019-7609) 2023-09-08 11:50:47 +01:00
Christophe De La Fuente a33f03d100 Land #18302, Sonicwall rce CVE-2023-34124 2023-09-08 11:48:07 +02:00
bwatters 946794c3f8 Land #18341, add CVE-2023-38831 for Winrar 6.22 
Merge branch 'land-18341' into upstream-master
 2023-09-07 15:59:36 -05:00
Jack Heysel ef4a9dd239 Land #18329, Add LG Simple Editor RCE module 
This PR adds an unauth RCE module for LG Simple Editor
 2023-09-07 16:21:10 -04:00
Spencer McIntyre 2ded62a783 Update the module with validation functionality 2023-09-07 16:20:03 -04:00
Ege Balcı 2cda3fab50 Update options 2023-09-07 19:50:10 +02:00
Simon Janusz 26cb5c7241 Land #18322, Elasticsearch Memory Disclosure (CVE-2021-22145) 2023-09-07 16:11:40 +01:00
Ron Bowes b12fe743d0 Resolve PR comments 2023-09-06 14:11:29 -07:00
h00die fa4fabf47b review comments 2023-09-06 16:51:57 -04:00
h00die 213b9f9589 Merge remote-tracking branch 'upstream/master' into flask_unsign 2023-09-06 15:39:37 -04:00
bwatters 53b7f1ba07 Land #18286, roundcube arbitrary file read 
Merge branch 'land-18286' into upstream-master
 2023-09-06 09:43:38 -05:00
Jack Heysel 482fdefb2c Land #18313, SolarView Compact unauth RCE module 
This PR adds a SolarView Compact unauth RCE module.
 2023-09-05 17:49:28 -04:00
jheysel-r7 03ccb3cce0 Apply grammatical suggestions from code review 2023-09-05 17:06:01 -04:00
cgranleese-r7 55d0f29e54 Land #18281, Detection module for CVE-2023-21554 - QueueJumper 2023-09-05 14:03:30 +01:00
bka-dev a027daaa0d corrected another minor typo 2023-09-05 14:28:47 +02:00
bka-dev d3698a8b46 added known vulnerable systems 2023-09-05 13:58:36 +02:00
xaitax d5f355d8de WinRAR 6.22 (CVE-2023-38831) 2023-09-04 18:56:22 +02:00
h00die fb9f3bd13f review comments 2023-09-01 20:14:41 -04:00
Ege Balcı 48cb2db70b Update scenario 2023-09-01 03:48:08 +02:00
Christophe De La Fuente 8217745a85 Land #18257, Apache nifi h2 rce (CVE-2023-34468) 2023-08-30 13:37:37 +02:00
Ege Balcı 1d9c7fde77 Add LG Simple Editor Unauthenticated RCE (CVE-2023-40498) Exploit 2023-08-29 17:58:43 +02:00
Christophe De La Fuente 7fa2586e34 Land #18247, Netgear NMS RCE CVE-2023-38096/8 2023-08-28 11:23:08 +02:00
h00die-gr3y 77a1bbef79 Second release module and documentation 2023-08-28 07:49:40 +00:00
Ege Balcı eaeb2024d3 Merge branch 'master' into vmware_vrli_rce 
Merge for ThriftMessageType
 2023-08-26 22:42:25 +02:00
Ege Balcı b10d677308 Doc update. 2023-08-25 21:18:48 +02:00
h00die 772978964e elastic memory disclosure 2023-08-25 13:28:17 -04:00
cudalac 926bdd03c4 roundcube arbitrary file read 2023-08-25 08:59:53 -04:00
Spencer McIntyre b830587a60 Land #18310, elasticsearch enum module enhancements 
elasticsearch enum module enhancements
 2023-08-24 18:31:48 -04:00
h00die 67768567ac review comments 2023-08-24 17:24:20 -04:00
h00die 43401dd872 review comments 2023-08-24 16:23:41 -04:00
h00die 5382eb22d1 kibana exploit 2023-08-24 16:08:08 -04:00
Ege Balcı 0fe335aff2 Update documentation/modules/exploit/windows/http/netgear_nms_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-08-24 16:10:30 +00:00
Christophe De La Fuente a037d16b66 Land #18233, Chamilo unauthenticed RCE [CVE-2023-34960] 2023-08-24 11:49:40 +02:00
h00die 3879fbed95 elasticsearch enum module enhancements 2023-08-23 18:09:28 -04:00
h00die 79a4cfa9cb elasticsearch enum module enhancements 2023-08-23 18:07:52 -04:00
h00die 8796d5e2d4 elasticsearch enum module enhancements 2023-08-23 18:06:41 -04:00
adfoster-r7 e760e781df Land #18307, Fix exploit/linux typos in Subrion RCE docs 2023-08-23 20:37:46 +01:00
h00die 36327e1ff4 elasticsearch enum module enhancements 2023-08-23 15:19:06 -04:00
Ismail Dawoodjee c216c5a184 Fix lines in SmarterMail RCE docs for linting with msftidy_docs 2023-08-23 23:07:07 +08:00
Ismail Dawoodjee 94b7e77d11 Fix exploit/linux typos in Subrion RCE docs 2023-08-23 22:44:49 +08:00