adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

361 Commits

Author SHA1 Message Date
jheysel-r7 00c8c773a3 Merge pull request #20375 from Chocapikk/wp_photo_gallery_sqli 
WP Photo Gallery by 10Web Unauthenticated SQLi (CVE-2022-0169)
 2025-07-18 16:37:14 -07:00
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
Chocapikk 622072bba4 WP Photo Gallery by 10Web Unauthenticated SQLi (CVE-2022-0169) 2025-07-10 13:22:19 +02:00
Spencer McIntyre a1e3a23eb4 Merge pull request #20262 from bwatters-r7/fix/vcenter_vmdir_gather 
Fix references to LDAP Datastore Options
 2025-06-05 17:44:21 -04:00
Brendan 2a7f40dcc9 Merge pull request #20139 from h4x-x0r/CVE-2023-27856 
ThinManager Path Traversal Download (CVE-2023-27856) Module
 2025-06-04 14:03:21 -05:00
bwatters-r7 e36336669d Update description in module and docs to reflect nre option name 2025-05-29 08:11:33 -05:00
bwatters-r7 b207a8848c Fix references to LDAP Datastore Options 2025-05-28 12:02:01 -05:00
Diego Ledda 9b7e27e946 Merge pull request #20185 from Chocapikk/wp_depicter_sqli_cve_2025_2011 
Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011)
 2025-05-28 18:38:52 +02:00
Chocapikk 2820a0418f Update code to use Wordpress::SQLi mixin ^^ 2025-05-21 18:27:02 +02:00
Chocapikk 70d5fb4b65 Move from scanner to gather 2025-05-19 17:52:00 +02:00
Spencer McIntyre 57c69049f7 Merge pull request #20175 from smashery/ruby-kerberoasting 
Ruby kerberoasting
 2025-05-16 10:28:52 -04:00
msutovsky-r7 e3649b31fe Land #20123, adds module for path traversal and credential harvester in PowerCom UPSMON Pro 
POWERCOM UPSMON PRO Path Traversal (CVE-2022-38120) and Credential Harvester (CVE-2022-38121) Module
 2025-05-15 07:23:07 +02:00
Ashley Donaldson 806d0ec557 Kerberoasting documentation 2025-05-13 18:26:25 +10:00
Ashley Donaldson 6d3fc7b732 Neatening kerberoasting modifications 2025-05-13 18:26:25 +10:00
h4x-x0r c034c6490c CVE-2023-27856 2025-05-06 20:04:54 +01:00
h4x-x0r 514f51d7dc CVE-2025-2264 
CVE-2025-2264
 2025-05-02 22:56:30 +01:00
h4x-x0r bd11531d4c wrong branch 2025-05-02 22:55:36 +01:00
h4x-x0r 18c34c6bd0 CVE-2025-2264 
CVE-2025-2264
 2025-05-02 22:53:57 +01:00
Spencer McIntyre 878653abe2 Update the module docs 2025-04-29 14:01:35 -04:00
remmons-r7 e9070e3472 crushftp_authbypass_cve_2025_2825.md 2025-04-02 20:06:57 -05:00
Jack Heysel cde6034614 Account for all vulnerable version DB schemas 2025-03-20 13:09:17 -07:00
Jack Heysel e3d9561be1 GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi (CVE-2025-24799) 2025-03-19 12:50:40 -07:00
Jack Heysel d2dd9a6d8f Add docs for ESC4,13 and 15 vulnerable template configuration 2025-02-27 22:54:24 -08:00
h4x-x0r 2b83fbf449 CVE-2022-38120 
CVE-2022-38120
 2025-02-20 02:02:36 +00:00
TheBigStonk d67dcda2c6 Added Argus LFI Module and Docs 2025-01-31 00:23:34 +13:00
Diego Ledda b2e28efa48 Land #19781, Add Selenium file read auxiliary module 
Land #19781, Add Selenium file read auxiliary module
 2025-01-08 13:54:04 +01:00
jheysel-r7 817557c589 Merge pull request #19614 from vultza/onedev-file-read 
OneDev Unauthenticated Arbitrary File Read (CVE-2024-45309)
 2025-01-06 18:57:35 -08:00
Takah1ro 11c1b726cf Improve 
* add timeout option
  * print session info
  * apply suggestions (#19769)
 2025-01-04 11:54:31 +09:00
Takah1ro 9d664a36f0 Add Selenium file read auxiliary module 2025-01-01 11:55:35 +09:00
vultza 814cdb354f fix typo 2024-12-27 14:45:05 +00:00
Spencer McIntyre d22c6996be Merge pull request #18877 from h00die/xspy 
New module to replicate xspy tool (and X11 library)
 2024-12-02 13:38:37 -05:00
jheysel-r7 7de3d117b8 Land #19582 Acronis Cyber Backup/Protect Info Disclosure 2024-11-27 07:50:16 -08:00
Ashley Donaldson 3e3e81ff22 Update documentation with new datastore options 2024-11-14 15:15:06 +11:00
Spencer McIntyre e709a18128 Merge pull request #19404 from bwatters-r7/smb2http_relay 
SMB to NTLM HTTP Relay with ESC8 module
 2024-11-05 14:12:08 -05:00
Spencer McIntyre 006ed90f1c Move the ESC8 module and document the attack 2024-11-04 09:37:12 -05:00
vultza 8f2f0c7b37 typo on documentation 2024-11-02 15:08:37 +00:00
vultza f0abc0da69 Add documentation 2024-11-02 00:47:32 +00:00
jheysel-r7 ea45d83562 Land #19499, Adds SolarWinds Help Desk Backdoor module 
This adds a new module which exploits a backdoor in SolarWinds Web Help Desk (CVE-2024-28987) <= v12.8.3 which enables attackers to retrieve all tickets currently logged in the application.
 2024-10-31 12:17:32 -04:00
h00die-gr3y 5aaf0b22cd update based on review comments of adfoster-r7 2024-10-25 10:41:10 +00:00
h00die-gr3y 4a1d31f239 small update on the documentation 2024-10-23 10:36:59 +00:00
h00die-gr3y d6e080a253 first release module + documentation 2024-10-23 10:25:43 +00:00
h4x-x0r d950bf7bb3 updated 
updated
 2024-10-21 20:51:41 +01:00
h4x-x0r 6c3e9338f7 Updated documentation 
Updated documentation
 2024-09-26 05:50:52 +01:00
h4x-x0r 5f95b2bf0d Documentation 
Documentation
 2024-09-25 17:15:54 +01:00
bwatters f74b7ccef5 Land #19415, Update the ldap_esc_vulnerable_cert_finder module 
Merge branch 'land-19415' into upstream-master
 2024-08-26 18:28:33 -05:00
Spencer McIntyre 4cfa93f878 Update the ldap_esc_vulnerable_cert_finder module 2024-08-23 16:49:30 -04:00
Takah1ro 0ffe335660 Add module docs 2024-08-10 10:59:00 +09:00
adfoster-r7 8f472b9c61 Land #19338, Kerberos asrep roasting improvements 2024-07-24 18:12:53 +01:00
adfoster-r7 89cf0223d1 Kerberos asrep roasting improvements 2024-07-24 18:01:11 +01:00