adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

4643 Commits

Author SHA1 Message Date
Takah1ro fd7321dd3f Strip_comments 2024-09-06 22:58:31 +09:00
Takah1ro b34e807277 Remove unnecessary directory existing check 2024-09-06 22:05:34 +09:00
Takah1ro a40fbb2a7b Remove unnecessary check 2024-09-06 22:04:51 +09:00
Takah1ro d4ac300d73 Fix typo 2024-09-06 21:59:16 +09:00
Takahiro Yokoyama 7a921bbeff Update modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb 
Use kernel_version.btween

Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-09-06 21:45:32 +09:00
Takah1ro cd97b08c62 Move C code to separate file 2024-09-06 21:09:39 +09:00
Takah1ro 1cc562c863 Use mkdir function 2024-09-06 12:55:51 +09:00
Takah1ro 920ef70105 Exploit dir existing check 2024-09-06 12:53:18 +09:00
Takahiro Yokoyama b243b86157 Update modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb 
use linux/x64/meterpreter_reverse_tcp

Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-09-06 08:51:20 +09:00
Takah1ro dc81711301 Make timeout user configurable 2024-09-06 08:24:14 +09:00
Jack Heysel 152710403d Land #19330, Add SSL opt in start_service 
The start_service method now allows users to specify their SSL
preferences directly through the opts parameter. If the ssl option is
not provided in opts, it will default to the value in datastore["SSL"]
 2024-09-05 09:08:07 -07:00
Jack Heysel 434593dcb4 Suggestion and rubocop fixes 2024-09-05 08:49:32 -07:00
Takah1ro afb8c6c27c Strip comments 2024-09-05 23:13:08 +09:00
Takah1ro 3d20dd6ddf Add module: 
Linux Priv Esc (OverlayFS copying bug) CVE-2023-0386
 2024-09-05 22:54:55 +09:00
h4x-x0r c82b8217a8 CVE-2024-6670 
CVE-2024-6670
 2024-09-01 23:26:11 +01:00
h4x-x0r 64123ab599 placeholder for CVE-2024-43425 
placeholder for CVE-2024-43425
 2024-08-29 17:17:10 +01:00
h4x-x0r a39c4076e4 cleanup 
cleanup
 2024-08-29 13:36:54 +01:00
h4x-x0r 018b041335 cleanup 
cleanup
 2024-08-28 15:40:35 +01:00
h4x-x0r 6532255600 PoC & Documentation 
PoC & Documentation
 2024-08-23 23:21:49 +01:00
dledda-r7 ec5892ff1f Land #19363, Ray Modules CVE-2023-6019 CVE-2023-6020 CVE-2023-48022 2024-08-23 04:55:17 -04:00
Takah1ro 39f81e0a45 Update check function 2024-08-21 22:32:53 +09:00
Takah1ro ee58313d64 Update check function 2024-08-21 22:09:56 +09:00
Takahiro Yokoyama c66540ef2f Update modules/exploits/linux/http/ray_agent_job_rce.rb 
use MeterpreterTryToFork to avoid a meterpreter session get killed

Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2024-08-21 21:38:37 +09:00
Takah1ro 91167fc85f Remove unnecessary option 2024-08-20 21:44:11 +09:00
Takah1ro 4d1782640b Update sideeffects 2024-08-20 19:12:18 +09:00
Takah1ro 01b2a1c55c Enable fetch payload 2024-08-20 13:20:42 +09:00
Takah1ro 45677898a8 Add TARGET_URI 2024-08-20 13:08:01 +09:00
Takah1ro 52852cea72 Add cve ref 2024-08-20 12:59:52 +09:00
h00die c8084e4504 Create vcenter_sudo_lpe.rb 2024-08-19 20:02:05 -04:00
Takah1ro 99c81d7821 Set default fetch_command to wget 2024-08-20 08:59:39 +09:00
Takah1ro 64bdf54bb0 Use Fetch Payload (Not tested) 2024-08-20 08:56:05 +09:00
Takah1ro a5b9d553fa Update check to use version info 2024-08-20 08:25:27 +09:00
Takah1ro 5be7e09ff0 Update check to use version info 2024-08-20 08:21:48 +09:00
h4x-x0r e30232d2ca CVE-2024-31214 & CVE-2024-24809 
CVE-2024-31214 & CVE-2024-24809
 2024-08-19 23:03:36 +01:00
Takah1ro 7258ca4fb1 Remove unnecessary option for simplicity 2024-08-16 08:49:34 +09:00
Takah1ro eeab7ce2a2 Proceed when user specified cmd fails 2024-08-16 08:23:50 +09:00
Takah1ro ea1b9e925e Delete old three exploits in one module 2024-08-15 08:17:36 +09:00
cgranleese-r7 dbc51d1cd4 Land #19347, OpenMetadata authentication bypass and SpEL injection exploit chain[CVE-2024-28255 and CVE-2024-28254] 2024-08-14 16:06:10 +01:00
cgranleese-r7 36322ff274 Land #19348, Apache HugeGraph Gremlin RCE (CVE-2024-27348) 2024-08-14 10:06:21 +01:00
jheysel-r7 47e5d62ade Update modules/exploits/linux/http/apache_hugegraph_gremlin_rce.rb 2024-08-13 08:48:33 -07:00
jheysel-r7 e04e22bc30 Apply suggestions from code review 2024-08-13 08:40:20 -07:00
Takah1ro cf15124cc8 Add not null check 2024-08-09 15:34:14 +09:00
Takah1ro c36c2eea38 Separate modules 2024-08-09 08:51:14 +09:00
Takah1ro 1f68919a42 Fail if optional but required option not set 2024-08-07 13:01:23 +09:00
Takah1ro f168246796 Correct vulnerable version 
<=v2.6.3 == <v2.8.1
 2024-08-07 12:49:17 +09:00
Takah1ro a57678c8d3 Formatting 2024-08-07 08:51:22 +09:00
Takah1ro 4e99e7dfe7 Use Vulnerable when lfi 2024-08-07 08:50:42 +09:00
Takah1ro 92e2694ac5 Use Detected instead of Appears 2024-08-07 08:46:44 +09:00
Takah1ro b7e4247d22 Avoid using CVE as option 2024-08-07 08:43:57 +09:00
Takah1ro c71894f3c4 Remove unnecessary DefaultOptions 2024-08-07 08:21:15 +09:00