7c8116a2cb
Third release of module + Documentation
2024-12-22 11:41:05 +00:00
51bbc76c79
Land #19748 , Add the timeroast module
...
Add the timeroast module
2024-12-19 16:50:09 -06:00
56152fd359
Add docs for the new timeroast module
2024-12-19 09:29:05 -05:00
7ddffc790c
Merge pull request #19460 from gardnerapp/game_overlay
...
Land #19460 , CVE-2023-2640, CVE-2023-32629 Game Overlay Ubuntu Privilege Escalation
2024-12-18 14:44:57 -06:00
b7f477172f
Update docs to reflect recent changes
2024-12-18 14:08:10 -06:00
531ed162db
Land #19733 , exploit module for CVE-2022-40471 - unauthenticated RCE
2024-12-18 12:44:34 +01:00
65bb3cc990
typo 2
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-12-17 17:26:20 +00:00
3ed2b5916a
fix typo
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-12-17 17:26:00 +00:00
556e52d1d2
Add missing option docs
2024-12-17 17:01:27 +11:00
c2495aff58
Properly support there being no NAA creds
2024-12-17 17:01:27 +11:00
d52874ac46
Allow sessions to be not required. Added documentation.
2024-12-17 17:01:26 +11:00
6f9982db54
Land #19647 Added module for WSO2 API Manager RCE
...
Adds an exploit module for a vulnerability in the 'Add API Documentation' feature of WSO2 API Manager and allows malicious users with specific permissions to upload arbitrary files to a user-controlled server location. This flaw allows for RCE on the target system.
2024-12-16 07:27:23 -08:00
af462f7dcf
arch linux compatibility for runc priv esc
2024-12-16 05:52:29 -05:00
d196591845
Modified documentation
2024-12-16 15:47:30 +05:30
06528abe05
Added documentation
2024-12-16 15:33:29 +05:30
77d0292be3
additional review for obsidian plugin
2024-12-14 17:38:29 -05:00
e06dd6deea
Update documentation
2024-12-12 22:10:11 +01:00
7cf942ca30
peer review
2024-12-11 17:49:43 -05:00
7d559e0b34
Add exploit module for CVE-2024-8856 - WP Time Capsule RCE
2024-12-11 01:14:17 +01:00
f36d786736
Merge pull request #19696 from smashery/add_user_module
...
Add user module
2024-12-10 11:26:49 -05:00
f05145dd1e
Tweak the documentation verbiage slightly
2024-12-10 10:58:17 -05:00
4c0a403b64
Land #19701 , Auxiliary Module for CVE-2021-24762: WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)
...
Land #19701 , Auxiliary Module for CVE-2021-24762: WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)
2024-12-10 15:44:50 +01:00
095bd946f4
docs: updated docs
2024-12-10 15:35:16 +01:00
0b5e221620
Land #19533 , Update werkzeug rce module
2024-12-09 12:56:35 -08:00
bd1320f722
Merge branch 'rapid7:master' into wp_perfect_survey_sqli
2024-12-09 23:17:20 +05:30
8b93f1a087
Merge branch 'master' into smb_change_pw
2024-12-09 09:37:45 -05:00
4ce4cf472e
Update werkzeug_debug_rce.md
...
Added note about python3 version in verification steps because the version may change when a newer docker image becomes available.
Added report.txt as a file because I apparently forgot it before and the containers fail to build without it.
2024-12-08 21:11:03 +00:00
0e5cf3f7ba
Land #19649 , Primefaces RCE (CVE-2017-1000486)
2024-12-06 16:22:06 -08:00
6cfc18a1e7
Land #19661 , WordPress Really Simple Security Plugin RCE (CVE-2024-10924)
2024-12-06 16:19:56 -08:00
909476ee64
Merge pull request #19671 from smashery/ldap_change_pw
...
LDAP Change Password module
2024-12-06 17:13:50 -05:00
be30a06af4
Land #19430 , Moodle RCE (CVE-2024-43425) Module
...
Land #19430 , Moodle RCE (CVE-2024-43425) Module
2024-12-06 12:15:35 +01:00
500df59156
Changed plaintext to sh for better looking output
2024-12-06 12:44:50 +05:30
547bc96603
Modified the output in the document
2024-12-06 12:43:20 +05:30
f426dc6c20
msftidy_docs Fixes
2024-12-06 12:02:18 +05:30
897dfcd328
Added documentation of the auxiliary module
2024-12-06 11:57:04 +05:30
75a334ca0a
Changes from code review
2024-12-06 16:05:53 +11:00
7c46d4d02d
Updated text to be clearer about the AES kerberos behaviour
2024-12-06 14:28:44 +11:00
6723c585f2
obsidian plugin module
2024-12-05 17:54:07 -05:00
d5b2d760e8
Updated ancillary documentation
2024-12-06 07:53:19 +11:00
8ac7348be0
Land #19608 CyberPanel Pre-Auth RCE
...
Adds a CyberPanel Pre-Auth RCE Exploit Module for (CVE-2024-51378 / CVE-2024-51567 / CVE-2024-51568)
2024-12-05 09:35:35 -08:00
5290750cca
Update doc
2024-12-05 16:19:14 +01:00
a123234141
Add CVE-2024-10924
2024-12-05 16:19:09 +01:00
e8911f9129
Land #19402 vCenter Sudo LPE (CVE-2024-37081)
2024-12-04 18:25:05 -08:00
21cf475cbb
Land #19595 Ivanti Connect Secure auth RCE via OpenSSL (CVE-2024-37404)
2024-12-04 08:26:07 -08:00
ab2ca41eb8
Land #19629 , Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220)
...
Land #19629 , Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220)
2024-12-04 16:49:56 +01:00
fabced539d
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-12-04 16:44:48 +01:00
58702f238c
Land #19574 , Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
...
Land #19574 , Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
2024-12-04 16:39:43 +01:00
2d1af7d809
Land #19648 Add exploit module for FortiManager (CVE-2024-47575)
2024-12-02 18:31:25 -08:00
d22c6996be
Merge pull request #18877 from h00die/xspy
...
New module to replicate xspy tool (and X11 library)
2024-12-02 13:38:37 -05:00
a230a353e4
Land #19613 Asterisk authenticated rce via AMI (CVE-2024-42365)
2024-12-02 08:21:35 -08:00
h00die-gr3y