adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

725 Commits

Author SHA1 Message Date
adfoster-r7 a0bb2d8c89 Merge pull request #20298 from bcoles/modules-SSL 
Modules: Convert SSL default option to Boolean in several modules
 2025-06-26 15:00:59 +01:00
cgranleese-r7 04a18fb3ca Updates modules to remove non-printable chars 2025-06-25 14:19:56 +01:00
bcoles b483312eca Modules: Convert SSL default option to Boolean in several modules 2025-06-23 19:38:36 +10:00
bcoles 6ee7d56b1a modules/auxiliary/admin/http: Resolve RuboCop violations 2025-05-16 01:16:37 +10:00
jheysel-r7 08e227faca Merge pull request #19934 from sfewer-r7/bugfix-cisco-iosxe-rce 
Improve exploit/linux/misc/cisco_ios_xe_rce (CVE-2023-20198 + CVE-2023-20273)
 2025-03-27 16:51:16 -07:00
sfewer-r7 efb0d5da4c fix typo, C1000v should be CSR1000v. Be consistant with IOS XE and not IOS-XE. 2025-03-04 09:09:32 +00:00
sfewer-r7 e71a851e3f mention that the C8000v series appliance version 17.6.5 was observed to not be vulnerable to CVE-2023-20273. Inspecting the Lua code shows this appliance has additional command injection filtering in place (see pexec_setsid in /usr/binos/openresty/nginx/conf/pexec.lua) which prevents the injection from working 2025-03-03 20:22:46 +00:00
cgranleese-r7 0017fbdf56 Updates more dead links 2025-02-28 10:30:14 +00:00
cgranleese-r7 810e7c4518 Adds scripts to find and replace dead module reference links 2025-02-28 09:20:48 +00:00
h00die 1906646e67 peer review 2024-11-28 13:18:47 -05:00
h00die 2b593bcf54 wp_post_smtp_acct_takeover peer review 2024-11-03 13:52:55 -05:00
h00die 9da5177d11 remove old code 2024-10-29 16:44:48 -04:00
h00die 41ed44864f wp_post_smtp_acct_takeover 2024-10-29 16:44:20 -04:00
h00die 4feb12ab4a untested code 2024-10-29 16:44:20 -04:00
jheysel-r7 05ff8359b8 Merge pull request #19436 from h4x-x0r/CVE-2024-6670 
WhatsUp Gold SQL Injection (CVE-2024-6670) Module
 2024-09-26 17:04:30 -04:00
h4x-x0r c20b1d8a03 minor fixes 
minor fixes
 2024-09-26 04:01:36 +01:00
jheysel-r7 d11c2be4ea Merge pull request #19375 from h4x-x0r/CVE-2024-20419 
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419) Module
 2024-09-24 12:19:54 -04:00
Jack Heysel f254eeb65e Added error handling 2024-09-23 14:16:26 -07:00
h4x-x0r 322188a112 Refactoring 
Refactored code to remove duplicate requests
 2024-09-23 13:29:46 +01:00
h4x-x0r 05f591d005 Cleanup and check method added 
Cleanup and check method added
 2024-09-12 15:43:20 +01:00
h4x-x0r 75627ccba7 Update whatsup_gold_sqli.rb 2024-09-02 15:45:45 +01:00
h4x-x0r fdd740b235 cleanup 
cleanup
 2024-09-02 15:44:27 +01:00
h4x-x0r 64f595c431 cleanup, version check, documentation 
cleanup, version check, documentation
 2024-09-02 15:41:08 +01:00
h4x-x0r 686da13ff5 WhatsUp Gold SQL Injection (CVE-2024-6670) 
WhatsUp Gold SQL Injection (CVE-2024-6670)
 2024-09-02 16:09:10 +01:00
bwatters 4af2294709 Land #19386, Ivanti Virtual Traffic Manager (vTM) Authentication Bypass (CVE-2024-7593) Module 
Merge branch 'land-19386' into upstream-master
 2024-08-27 09:39:10 -05:00
bwatters 84431b0a4e Land #19380, Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Merge branch 'land-19380' into upstream-master
 2024-08-26 18:09:09 -05:00
h4x-x0r 3f3690bebb code cleanup 
code cleanup
 2024-08-19 21:17:16 +01:00
h4x-x0r 9690f01df6 code cleanup 
code cleanup
 2024-08-19 16:25:50 +01:00
h4x-x0r 82f51bb9b7 code cleanup 
code cleanup
 2024-08-16 15:43:34 +01:00
h4x-x0r 5a94869809 cleanup 
cleanup
 2024-08-16 14:12:41 +01:00
h4x-x0r 3577ae8ffb Code cleanup 
Code cleanup
 2024-08-16 13:57:38 +01:00
h4x-x0r 8ad328a510 Code cleanup 
Code cleanup
 2024-08-16 07:07:16 +01:00
h4x-x0r 947cefe43a Fixed get_cookies 
Fixed get_cookies
 2024-08-14 17:42:11 +01:00
h4x-x0r 765e9b9ae4 Improved error handling 
Improved error handling
 2024-08-14 17:25:36 +01:00
h4x-x0r ea2b5920ac cleanup 
cleanup
 2024-08-14 06:44:43 +01:00
h4x-x0r 9c72a85134 Verified more versions 
Verified exploit against more affected versions
 2024-08-14 06:33:45 +01:00
h4x-x0r 75201b0892 Updated references 
references, affected versions, credits
 2024-08-14 05:15:36 +01:00
h4x-x0r 7bfc386973 Updated 
added error handling, documentation, version check, store_valid_credential
 2024-08-14 04:57:08 +01:00
h4x-x0r be62cc97a7 Auth Bypass 
Auth Bypass
 2024-08-14 02:00:06 +01:00
h4x-x0r 17149db5a3 code cleanup 
code cleanup
 2024-08-13 23:23:35 +01:00
h4x-x0r b96bc116f5 Code cleanup 
Code cleanup
 2024-08-13 23:18:26 +01:00
h4x-x0r c53e5d3c4e Code cleanup and added store_valid_credential 
added store_valid_credential
code cleanup
 2024-08-13 23:12:50 +01:00
h4x-x0r 733e2ab9fc Added store_valid_credential 
Added store_valid_credential
 2024-08-13 23:00:13 +01:00
h4x-x0r 14e4a11d24 Added store_valid_credential 
Added store_valid_credential
 2024-08-13 20:54:56 +01:00
h4x-x0r 26d6347919 Code cleanup 
Code cleanup
 2024-08-11 06:15:24 +01:00
h4x-x0r 5fa18a66ee Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module
 2024-08-11 05:41:07 +01:00
h4x-x0r 8a72124e9d Code cleanup and error handling added 
Code cleanup and error handling added
 2024-08-09 21:11:20 +01:00
h4x-x0r 4384d32c83 Cisco SSM On-Prem Account Takeover (CVE-2024-20419) 
Cisco SSM On-Prem Account Takeover (CVE-2024-20419)
 2024-08-09 18:59:54 +01:00
h4x-x0r 8bef9b5f72 Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276) 
Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
 2024-08-08 17:52:38 +01:00
adfoster-r7 62a3f73e70 Update rubocop target ruby version 2024-07-24 16:47:17 +01:00