adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

1006 Commits

Author SHA1 Message Date
jheysel-r7 05f2012ccc Merge pull request #20338 from Chocapikk/xorcom 
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)
 2025-07-22 08:19:36 -07:00
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
Chocapikk b06903810c feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs 2025-07-16 21:25:17 +02:00
Valentin Lobstein eb81de6620 Update documentation/modules/auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-07-16 19:32:52 +02:00
jheysel-r7 914f874e12 Merge pull request #20216 from sjanusz-r7/add-graphql-aux-scanner-module 
Add GraphQL Auxiliary Scanner module
 2025-07-15 10:39:44 -07:00
Chocapikk 2a008c83d1 Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005, 30006) 2025-06-22 09:07:20 +02:00
Spencer McIntyre 166db38e67 Add missing newlines to render the markdown properly 2025-06-05 10:49:47 -04:00
Theo Sweilem ff78d179a3 Edited jenkins_enum Documentation 2025-06-03 23:36:13 -07:00
Theo Sweilem ac4e574eea Added jenkins_enum Documentation 2025-06-03 23:25:15 -07:00
Mario 50ae65d59c Update documentation/modules/auxiliary/scanner/discovery/udp_probe.md 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-05-31 17:13:29 +02:00
mariomontecatine 3efcc6322b Add documentation for auxiliary/scanner/discovery/udp_probe 2025-05-30 06:23:54 -04:00
sjanusz-r7 cdc51b41f6 Add GraphQL Introspection Scanner documentation 2025-05-27 17:24:35 +01:00
mariomontecatine e7a2809ca0 Adding documentation for modules/auxiliary/scanner/http/copy_of_file.rb 2025-05-21 14:48:10 -04:00
Martin Sutovsky 282d0f7820 Refactor docs 2025-05-21 16:48:54 +02:00
mariomontecatine 8cde1bab78 Documentation for ipv6_multicast_ping.md 2025-05-18 04:31:03 -04:00
sjanusz-r7 9808172c9e Address OPNSense login scanner PR feedback 2025-04-04 15:58:40 +01:00
sjanusz-r7 2b0d9b4971 Add OPNSense Login Scanner module 2025-03-31 14:57:44 +01:00
jheysel-r7 e841a45db2 Merge pull request #19985 from sjanusz-r7/add-pfsense-login-scanner 
Add pfSense Login Scanner module
 2025-03-28 11:12:43 -07:00
sjanusz-r7 b5ef4cdd6f Add pfSense login scanner docs 2025-03-28 11:35:56 +00:00
Spencer McIntyre 30d071e098 Make the same changes for sonicwall 2025-03-26 17:25:13 -04:00
Spencer McIntyre 7476ea9006 Brute force modules should be named service_login 2025-03-26 16:14:16 -04:00
Martin Sutovsky 8d7bbdd84f Sonicwall module 2025-03-04 08:20:22 +01:00
Diego Ledda f046e70b76 Land #19894, SimpleHelp Path Traversal CVE-2024-57727 
Land #19894, SimpleHelp Path Traversal CVE-2024-57727
 2025-02-25 12:00:34 +01:00
Jack Heysel e4ee651c9b Updated docs, fixed Notes 2025-02-24 10:26:01 -08:00
Martin Sutovsky fae3d8390a Calling check method fix & Additional documentation 2025-02-24 15:52:00 +01:00
Jack Heysel fc25e177fc SimpleHelp Path Traversal CVE-2024-57727 2025-02-21 08:15:46 -08:00
msutovsky-r7 f132b8ffe1 Update documentation/modules/auxiliary/scanner/http/netalertx_file_read.md 
Co-authored-by: Takahiro Yokoyama <tkhr.y0k0yama@gmail.com>
 2025-02-18 13:44:26 +01:00
Martin Sutovsky 00d4feb2b5 Adding documentation, file renaming 2025-02-14 14:43:43 +01:00
Martin Sutovsky 09db1f4e72 Adding documentation 2025-02-03 15:29:49 +01:00
Spencer McIntyre e5e06572fb Add documentation to the module with testing steps 2025-01-07 09:14:08 -05:00
Spencer McIntyre 56152fd359 Add docs for the new timeroast module 2024-12-19 09:29:05 -05:00
Spencer McIntyre f36d786736 Merge pull request #19696 from smashery/add_user_module 
Add user module
 2024-12-10 11:26:49 -05:00
Diego Ledda 095bd946f4 docs: updated docs 2024-12-10 15:35:16 +01:00
aaryan-11-x 500df59156 Changed plaintext to sh for better looking output 2024-12-06 12:44:50 +05:30
aaryan-11-x 547bc96603 Modified the output in the document 2024-12-06 12:43:20 +05:30
aaryan-11-x f426dc6c20 msftidy_docs Fixes 2024-12-06 12:02:18 +05:30
aaryan-11-x 897dfcd328 Added documentation of the auxiliary module 2024-12-06 11:57:04 +05:30
Ashley Donaldson d5b2d760e8 Updated ancillary documentation 2024-12-06 07:53:19 +11:00
h00die 219981227d Update documentation/modules/auxiliary/scanner/http/strapi_3_password_reset.md 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-11-16 15:36:00 -05:00
h00die 6629d5dff2 strapi password reset 2024-11-15 15:12:34 -05:00
jheysel-r7 2e8892cb01 Land #19517, Add WooCommerce SQLi module 
This adds a new auxiliary module that exploits an unauthenticated SQL injection vulnerability in the TI WooCommerce Wishlist plugin for WordPress (versions <= 2.8.2). The vulnerability allows attackers to execute SQL queries via the order parameter which can be used to dump usernames and their hashed passwords.
 2024-10-31 12:09:55 -04:00
jheysel-r7 87af327507 Merge branch 'master' into wp_ultimate_member_sorting_sqli 2024-10-29 16:34:10 -04:00
Chocapikk 7ccb2991f6 Improve nonce detection, fix bug 2024-10-29 19:41:47 +01:00
Diego Ledda e85ee0271d Land #19482, LearnPress SQLi module (CVE-2024-8522, CVE-2024-8529) 2024-10-17 11:13:49 +02:00
Chocapikk 145a23625d Add LearnPress SQLi module (CVE-2024-8522, CVE-2024-8529) 2024-10-14 18:15:01 +02:00
Chocapikk 668424a444 Add unauth SQLi exploit module for Ultimate Member plugin (CVE-2024-1071) 2024-10-14 18:14:10 +02:00
Chocapikk 95e64a0a3b Add module for TI WooCommerce Wishlist SQL Injection (CVE-2024-43917) 2024-10-14 18:11:41 +02:00
Chocapikk 8553f625a4 Add auxiliary/scanner/http/wp_fastest_cache_sqli 2024-10-14 18:03:46 +02:00
bcoles 7cf5782b13 Add cups-browsed Information Disclosure module 2024-09-28 02:35:39 +10:00