adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

3055 Commits

Author SHA1 Message Date
Alex 8d0aaac0db Update data/templates/src/pe/exe/template_aarch64_windows.asm 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-07-10 14:37:23 +02:00
dledda-r7 ea68ee5dc7 chore: update template_aarch64_windows.exe 2025-07-09 08:54:54 -04:00
Alex 7b76a832ac Add ASM template 2025-06-28 10:15:28 +02:00
Alex 1dadec8369 Revive windows/aarch64/exec Payload 2025-06-27 23:57:12 +02:00
Diego Ledda fda250d604 Merge pull request #19910 from msutovsky-r7/fix/add-PPC64-template 
Fixing PPC64 template and payloads
 2025-06-25 12:33:39 +02:00
Diego Ledda 6d843385ec Merge pull request #20301 from msutovsky-r7/exploit/cve-2021-25094 
Adds module for Tatsu WP plugin (CVE-2021-25094)
 2025-06-25 10:58:22 +02:00
cgranleese-r7 a454217bd4 Update info -d markdown 2025-06-24 11:21:49 +01:00
Martin Sutovsky 00852f4682 Adding PPC64 template, fixing PPC64 single payloads 2025-06-19 17:17:19 +02:00
Martin Sutovsky 0b2e4bc337 Adds module for CVE-2021-25094 2025-06-11 19:03:00 +02:00
Spencer McIntyre 0a280ae800 Merge pull request #19996 from hantwister/patch-1 
Detect the CxUIUSvcChannel named pipe
 2025-06-05 11:56:50 -04:00
Diego Ledda 9b7e27e946 Merge pull request #20185 from Chocapikk/wp_depicter_sqli_cve_2025_2011 
Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011)
 2025-05-28 18:38:52 +02:00
cgranleese-r7 f6faa5598b Fixes modules to now correctly use a hash with report note 2025-05-22 10:59:50 +01:00
Chocapikk 1888abaa4d Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011) 2025-05-14 15:54:40 +02:00
msutovsky-r7 fe5f56cac0 Land #20159, adds module for privilege escalation in Wordpress (CVE-2025-2563) 
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
 2025-05-14 15:33:30 +02:00
Brendan 1982d81e22 Merge pull request #20098 from smashery/execute-assembly32 
Execute assembly32
 2025-05-13 16:49:25 -05:00
Chocapikk e335841bb0 Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563) 2025-05-13 21:42:09 +02:00
Chocapikk 4d0c7bb71a Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102) 2025-05-07 17:45:30 +02:00
Ashley Donaldson 1ab3fc1a72 Add built HostingCLR binaries 2025-05-01 08:28:12 +10:00
jheysel-r7 3141152393 Merge pull request #20017 from zeroSteiner/feat/mod/ldap/passwords 
Add LAPSv1 and LAPSv2 LDAP Module
 2025-04-30 14:02:30 -07:00
Spencer McIntyre 2fdb2611f9 Note the version of LAPS here 2025-04-30 16:38:54 -04:00
bcoles 3975d09726 Add elf_x64_template.s template source 2025-04-15 21:08:36 +10:00
sfewer-r7 db85c0259d add in a build of the gadget for 12.2.1.4.0, needed as the serialVersionUID changes for classes in the coherence.jar file 2025-04-02 15:28:29 +01:00
Harrison Neal 28c0992e77 CVE-2024-9157 detection 2025-04-01 11:32:32 -04:00
sfewer-r7 acafd884b5 add in the initial exploit for CVE-2021-35587, only tested on 12.2.1.4.0 so far. 2025-04-01 12:56:38 +01:00
bwatters-r7 ec67435de9 Rebase and squash for CVE-2024-30085 2025-03-20 09:03:28 -05:00
jheysel-r7 b1d0eedc26 Merge pull request #19712 from smashery/naa_creds 
NAA creds from SCCM
 2025-03-03 13:50:31 -08:00
EasyMoney322 aa5eda4876 Fix 404 link in eicar.txt (#19912) 
Updated the link to EICAR's test-file as the old one returns 404
 2025-02-27 16:17:10 +00:00
bwatters-r7 d031df5b6b Change the aarch64 elf version in template file and reassemble 2025-02-11 08:47:14 -06:00
Jack Heysel b8f82e0fe4 Add ESC4 detection to ldap_esc_vulnerable_cert_finder module 2025-01-23 19:13:13 -08:00
jheysel-r7 5374c7b362 Merge pull request #19676 from h00die/needrestart 
Ubuntu needrestart LPE (CVE-2024-48990)
 2025-01-09 17:02:54 -08:00
h00die cf7d2584ba update wp themes+plugins 2024-12-29 17:31:55 -05:00
h00die 87494a0958 update modules for inclusion into wordpress updater 2024-12-29 17:25:12 -05:00
h00die 03ddb8990e sort alphabetically 2024-12-29 15:57:23 -05:00
dledda-r7 60f26f7062 fix: removing reverse_hop_http 2024-12-17 08:53:06 -05:00
Ashley Donaldson 5dd55f0af4 Add initial NAA-cred-snarfing code. 2024-12-17 17:01:26 +11:00
Chocapikk 7d559e0b34 Add exploit module for CVE-2024-8856 - WP Time Capsule RCE 2024-12-11 01:14:17 +01:00
Aaryan Golatkar ef1b38654b Added perfect-survey to data/wordlists/wp-exploitable-plugins.txt 2024-12-10 18:59:20 +05:30
Chocapikk a123234141 Add CVE-2024-10924 2024-12-05 16:19:09 +01:00
Diego Ledda 58702f238c Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230) 
Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
 2024-12-04 16:39:43 +01:00
jheysel-r7 c4b7954f15 Land #19596, Wordpress Plugin Post SMTP Account Takeover 2024-11-29 09:05:03 -08:00
h00die e41f5ad577 needrestart exploit updates 2024-11-27 15:41:23 -05:00
h00die d778f5469b needrestart improvements 2024-11-26 18:22:48 -05:00
h00die d4bd00d48e needrestart improvements 2024-11-25 16:38:18 -05:00
Ashley Donaldson 7f6bdb385d Added LDAP query searching for likely Pre-Windows-2000 computers 2024-11-25 12:30:27 +11:00
h00die 7fd82b89df offload files to data 2024-11-22 15:57:18 -05:00
Jack Heysel 7a5bc60aab Windows Access Mode Mismatch LPE in ks.sys [CVE-2024-35250] 2024-11-05 15:31:44 -08:00
Spencer McIntyre e709a18128 Merge pull request #19404 from bwatters-r7/smb2http_relay 
SMB to NTLM HTTP Relay with ESC8 module
 2024-11-05 14:12:08 -05:00
Spencer McIntyre 006ed90f1c Move the ESC8 module and document the attack 2024-11-04 09:37:12 -05:00
dwelch-r7 1bfa0755a8 Land #19518, Add support for RISC-V 32-bit / 64-bit Little Endian payloads 2024-11-01 11:18:30 +00:00
h00die 9da5177d11 remove old code 2024-10-29 16:44:48 -04:00