adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

119 Commits

Author SHA1 Message Date
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
sfewer-r7 efb0d5da4c fix typo, C1000v should be CSR1000v. Be consistant with IOS XE and not IOS-XE. 2025-03-04 09:09:32 +00:00
sfewer-r7 45dfa5fda9 update docs for auxiliary/admin/http/cisco_ios_xe_cli_exec_cve_2023_20198 to show it working on C1000v and C8000v targets. 2025-03-03 20:23:55 +00:00
sfewer-r7 e71a851e3f mention that the C8000v series appliance version 17.6.5 was observed to not be vulnerable to CVE-2023-20273. Inspecting the Lua code shows this appliance has additional command injection filtering in place (see pexec_setsid in /usr/binos/openresty/nginx/conf/pexec.lua) which prevents the injection from working 2025-03-03 20:22:46 +00:00
h00die 1906646e67 peer review 2024-11-28 13:18:47 -05:00
h00die 2b593bcf54 wp_post_smtp_acct_takeover peer review 2024-11-03 13:52:55 -05:00
h00die 65efd07935 docs for wp_post_smtp 2024-10-30 15:38:46 -04:00
jheysel-r7 05ff8359b8 Merge pull request #19436 from h4x-x0r/CVE-2024-6670 
WhatsUp Gold SQL Injection (CVE-2024-6670) Module
 2024-09-26 17:04:30 -04:00
jheysel-r7 d11c2be4ea Merge pull request #19375 from h4x-x0r/CVE-2024-20419 
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419) Module
 2024-09-24 12:19:54 -04:00
h4x-x0r 64f595c431 cleanup, version check, documentation 
cleanup, version check, documentation
 2024-09-02 15:41:08 +01:00
bwatters 4af2294709 Land #19386, Ivanti Virtual Traffic Manager (vTM) Authentication Bypass (CVE-2024-7593) Module 
Merge branch 'land-19386' into upstream-master
 2024-08-27 09:39:10 -05:00
bwatters 84431b0a4e Land #19380, Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Merge branch 'land-19380' into upstream-master
 2024-08-26 18:09:09 -05:00
h4x-x0r 9c72a85134 Verified more versions 
Verified exploit against more affected versions
 2024-08-14 06:33:45 +01:00
h4x-x0r 75201b0892 Updated references 
references, affected versions, credits
 2024-08-14 05:15:36 +01:00
h4x-x0r 7bfc386973 Updated 
added error handling, documentation, version check, store_valid_credential
 2024-08-14 04:57:08 +01:00
h4x-x0r 26d6347919 Code cleanup 
Code cleanup
 2024-08-11 06:15:24 +01:00
h4x-x0r 5fa18a66ee Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module
 2024-08-11 05:41:07 +01:00
h4x-x0r 8a72124e9d Code cleanup and error handling added 
Code cleanup and error handling added
 2024-08-09 21:11:20 +01:00
h4x-x0r 4384d32c83 Cisco SSM On-Prem Account Takeover (CVE-2024-20419) 
Cisco SSM On-Prem Account Takeover (CVE-2024-20419)
 2024-08-09 18:59:54 +01:00
h00die 482d2b28b1 gitlab password reset account takeoever 2024-01-18 16:19:26 -05:00
Stephen Fewer 64c9968328 Update cisco_ios_xe_os_exec_cve_2023_20273.md, which was missing CISCO_ADMINUSERNAME and CISCO_ADMIN_PASSWORD in the show options command output 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-08 09:16:12 +00:00
sfewer-r7 8364ae896b add the CLI command to sue to enable testing the WebUI 2023-11-06 17:11:39 +00:00
sfewer-r7 b28668790d allow user to explicitly specify a CLI mode. Valid modes are 'user', 'privileged', and 'global'. 2023-11-06 11:40:22 +00:00
sfewer-r7 10ee87c712 Add an optional CISCO_ADMIN_USERNAME and CISCO_ADMIN_PASSWORD options. If set these admin creds are used to leverage CVE-2023-20273. If not set, then CVE-2023-20198 is used to create a new temp admin account before leveraging CVE-2023-20273 2023-11-06 10:20:07 +00:00
Stephen Fewer be1229747f fix another typo on documentation 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-06 09:47:38 +00:00
Stephen Fewer 22cb55b36b fix type on documentation 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-06 09:47:23 +00:00
sfewer-r7 a55132b36f strip out "**CLI Line # " from the results and use print_line instead of print_status for cleaner output. 2023-11-03 17:09:08 +00:00
sfewer-r7 c8121ebd8e mention dropping to User EXEC mode via two exit keywords 2023-11-03 16:43:21 +00:00
sfewer-r7 17420289dc Add two auxiliary modules for the recent Cisco IOS XE exploit chain bugs (CVE-2023-20198 and CVE-2023-20273). This allows for unauthenticated remote CLI or OS command execution. 2023-11-03 15:38:35 +00:00
Spencer McIntyre 15aaa90379 Land #18447, CVE-2023-22515 Confluence Auth Bypass 
CVE-2023-22515 - Atlassian Confluence Data Center and Server Authentication Bypass
 2023-10-19 17:35:17 -04:00
Spencer McIntyre ee0e5b9eda Tidy the docs, fix the username 
The username can not contain capital letters, or the operation will
fail.
 2023-10-19 17:19:55 -04:00
emirpolatt 258ac6421b Fix fail_with response code compare and documentation fixes 2023-10-19 17:19:30 -04:00
emirpolatt 9ef1d1746a CVE-2023-22515 - Atlassian Confluence Data Center and Server Broken Access Control Leads to Authentication Bypass 2023-10-11 12:09:22 -07:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
Grant Willcox 2958a43a6a Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored 2022-09-23 12:19:29 -05:00
h00die-gr3y f2d357eda1 updated documentation with camera specifications 2022-09-23 09:38:37 -05:00
Grant Willcox edc37835e5 Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review 2022-09-23 09:38:35 -05:00
Grant Willcox 3ca34568c2 Clean up some of the documentation and module code and descriptions 2022-09-23 09:38:12 -05:00
h00die-gr3y 5ed7ff7f52 init commit module and documentation 2022-09-23 09:38:05 -05:00
h00die 86cad29799 wp masterstudy review 2022-03-06 08:07:20 -05:00
h00die 2195edbb8d masterstudy privesc 2022-02-25 16:36:47 -05:00
space-r7 bb00575acb add command for starting docker env 2022-01-11 17:07:36 -06:00
h00die 87031de384 fix doc numbering 2022-01-02 11:57:32 -05:00
h00die 8a1ac9d51d move pihole docs 2022-01-02 11:56:04 -05:00
h00die c3e0f455ec some cleanup for rubocop 2021-12-30 15:35:22 -05:00
h00die b39196fd0f review comments 2021-11-04 15:28:05 -04:00
h00die 1e9af10a21 pr review 2021-10-21 17:25:14 -04:00
h00die 5235f69e7e update wp_automatic docs 2021-10-17 15:38:38 -04:00
h00die 165acca028 wp_automatic_plugin 2021-10-17 13:04:38 -04:00