adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

4643 Commits

Author SHA1 Message Date
jheysel-r7 0ff2835bb7 Merge pull request #19770 from h00die-gr3y/netis-unauth-rce 
Netis Router Exploit Chain Reactor [CVE-2024-48455, CVE-2024-48456 and CVE-2024-48457]
 2025-01-07 17:24:37 -08:00
h00die-gr3y 0c723b858f Added attackerkb references 2025-01-07 20:33:41 +00:00
Diego Ledda 7ead96a740 Land #19769, Add Selenium Chrome RCE module (CVE-2022-28108) 
Land #19769, Add Selenium Chrome RCE module (CVE-2022-28108)
 2025-01-07 11:10:37 +01:00
Diego Ledda 0f71c896e5 chore: removing PAYLOAD from DefaultOptions 2025-01-07 10:47:04 +01:00
H00die.Gr3y 9a6d074463 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-01-07 09:25:41 +01:00
Takah1ro 2be1781aa7 Remove unnecessary version check 2025-01-07 08:44:53 +09:00
Takah1ro d788a3baf7 Update check 2025-01-06 19:37:31 +09:00
Takah1ro 474f5426b5 Update check 2025-01-06 19:11:27 +09:00
Takah1ro 43294df0dd Add a message about what is failing 2025-01-04 10:21:43 +09:00
Takah1ro 710ae1198a Apply suggestions from #19769 2025-01-04 10:12:57 +09:00
Takah1ro e2bf2162dc Update failure 2025-01-04 09:13:41 +09:00
Takah1ro 6cbb30c91a Avoid the code nesting 2025-01-04 09:11:24 +09:00
Takah1ro bf643041c3 Rubocop formatting 2025-01-04 08:46:12 +09:00
Takahiro Yokoyama 3a28df6b32 Apply suggestions from code review 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-01-04 08:41:56 +09:00
Takah1ro ec8dba87fb Update failure and print about session id 2025-01-02 11:30:03 +09:00
Takah1ro 3b947cf1c5 Update vulnerable version 2025-01-02 09:57:00 +09:00
jheysel-r7 e70b6c777f Merge pull request #19663 from sfewer-r7/CVE-2024-0012 
Exploit module for PAN-OS management interface unauth RCE (CVE-2024-0012 + CVE-2024-9474)
 2024-12-30 10:29:10 -08:00
Takah1ro bbc282e90c Improve check 2024-12-30 13:36:15 +09:00
Takah1ro 6e0c945a42 Improve check for version 4 2024-12-30 13:00:25 +09:00
h00die-gr3y 862f2ee6c6 Added documentation and some small module updates 2024-12-29 20:05:05 +00:00
h00die-gr3y 8a1dd2b1ff fourth release module 2024-12-29 11:33:52 +00:00
h00die-gr3y 0d823fc9a2 third release module 2024-12-29 10:41:36 +00:00
Takah1ro 68ae0d40ea Add timeout option 2024-12-29 13:02:32 +09:00
Takah1ro e4111cdc97 Update to use FETCH_DELETE 2024-12-29 12:33:39 +09:00
Takah1ro 86bd1c2938 Minor improve 
* enable fetch_delete
 * avoid using single quotes
 * update doc
 2024-12-29 12:19:19 +09:00
Takah1ro af432a3b72 Improve stability 2024-12-29 12:00:09 +09:00
Jack Heysel 94507655ae WIP CraftCMS FTP Template exploit 2024-12-28 18:56:47 -08:00
Takah1ro cb34508321 Avoid using single quote in payload 2024-12-28 20:09:18 +09:00
Takah1ro 02ad81066d Add cleanup 2024-12-28 18:04:56 +09:00
Takahiro Yokoyama c7d7407179 Update modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2024-12-28 18:04:09 +09:00
Takah1ro 90d9bb769d Update vulnerable version 2024-12-28 15:53:31 +09:00
Takah1ro 43230b02a5 Review fix 
* use send_request_cgi
  * add check if sudo without password possible
  * base64 encode payload
 2024-12-28 15:42:15 +09:00
Takah1ro 6577a18abb Add response check 2024-12-28 15:04:35 +09:00
Takahiro Yokoyama 9f20c575e5 Update modules/exploits/linux/http/selenium_greed_chrome_rce_cve_2022_28108.rb 
Improve version detection messaging

Co-authored-by: bcoles <bcoles@gmail.com>
 2024-12-28 14:40:44 +09:00
Takah1ro 7ecc1cb87b Update vulnerable version 2024-12-28 14:39:24 +09:00
Takah1ro 9bfccc4293 Review fix 
* add check if sudo without password possible
  * base64 encode payload
 2024-12-28 14:02:59 +09:00
Takah1ro 6c5952d3b6 Use send_request_cgi 2024-12-28 13:34:10 +09:00
Takah1ro 340d4bcd58 Add selenium firefox rce module 2024-12-28 12:27:18 +09:00
Takah1ro e3d68d4164 Update author and fix version detection 2024-12-28 11:18:41 +09:00
h00die-gr3y 677e8ec9dd updated vulnerable firmware versions in description 2024-12-27 22:12:51 +00:00
h00die-gr3y 7ca7d71ab4 second release module 2024-12-27 21:55:44 +00:00
h00die-gr3y d3b4c5becb initial release module 2024-12-27 20:36:31 +00:00
Takah1ro 38e886f4b6 Update payload string formatting 2024-12-27 21:58:42 +09:00
Takah1ro e17d7cd161 Minor fix 2024-12-27 21:50:26 +09:00
Takah1ro 64b1832567 Update not to use selenium-webdriver 2024-12-27 13:00:20 +09:00
Takah1ro 390f551df7 Fix EDB 2024-12-27 00:10:01 +09:00
Takah1ro 3defb63763 Fix CVE format 2024-12-26 23:57:41 +09:00
Takah1ro 06af9b0b3d Add selenium chrome rce module 2024-12-26 23:44:11 +09:00
h00die-gr3y 58c979dc08 updated with correct privileged setting 2024-12-23 19:45:29 +00:00
h00die-gr3y 7c8116a2cb Third release of module + Documentation 2024-12-22 11:41:05 +00:00