adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

38478 Commits

Author SHA1 Message Date
Aaryan Golatkar bd1320f722 Merge branch 'rapid7:master' into wp_perfect_survey_sqli 2024-12-09 23:17:20 +05:30
Spencer McIntyre 8b93f1a087 Merge branch 'master' into smb_change_pw 2024-12-09 09:37:45 -05:00
Ashley Donaldson 6eea156899 Added moved_from metadata 2024-12-09 08:49:04 +11:00
Graeme Robinson 7838a943ce Update werkzeug_debug_rce.rb 
Added comments about where version-dependant salts come from
 2024-12-08 21:01:17 +00:00
Heyder Andrade f3f1c893a1 Added cleanup method 2024-12-08 02:12:16 +01:00
Heyder Andrade c953601335 Fix: it needs at least 2 follows redirect 2024-12-08 00:13:12 +01:00
Heyder Andrade edb9fdc682 Merge 2024-12-08 00:10:35 +01:00
adfoster-r7 2421ca768f Merge pull request #19705 from ostrichgolf/projectsend_rce 
Add CVE to ProjectSend module
 2024-12-07 14:24:20 +00:00
ostrichgolf 2952dbb0b8 Add CVE to module 2024-12-07 14:23:30 +01:00
adfoster-r7 861859196a Merge pull request #19703 from zeroSteiner/fix/mod/dns_txt_exec-docs 
Clarify documentation in dns_txt_query_exec
 2024-12-07 03:00:30 +00:00
jheysel-r7 0e5cf3f7ba Land #19649, Primefaces RCE (CVE-2017-1000486) 2024-12-06 16:22:06 -08:00
jheysel-r7 6cfc18a1e7 Land #19661, WordPress Really Simple Security Plugin RCE (CVE-2024-10924) 2024-12-06 16:19:56 -08:00
jheysel-r7 2357c8ad55 Standardize capitalization of Java Expression Language 2024-12-06 16:00:58 -08:00
Spencer McIntyre 909476ee64 Merge pull request #19671 from smashery/ldap_change_pw 
LDAP Change Password module
 2024-12-06 17:13:50 -05:00
Chocapikk 8f274f0189 Remove complexity 2024-12-06 22:48:59 +01:00
Spencer McIntyre a708f8c7f3 Fix a trivial typo 2024-12-06 16:47:25 -05:00
h00die 6911e52d55 peer review 2024-12-06 15:39:19 -05:00
h00die e33200100d peer review 2024-12-06 15:34:40 -05:00
Spencer McIntyre 1d3d3419f6 Clarify documentation in dns_txt_query_exec 2024-12-06 14:26:44 -05:00
Spencer McIntyre 7006c8fcfc Merge pull request #19609 from dledda-r7/remove-hardcoded-blockapi-hash 
Remove hardcoded blockapi hashes
 2024-12-06 12:43:03 -05:00
Jack Heysel f720b519c9 Lint 2024-12-06 06:22:03 -08:00
Jack Heysel 7c9bddc6e6 Added use of send_request_cgi! 2024-12-06 06:20:46 -08:00
dledda-r7 6d6608c06c fix: updated cachedsize reverse_https_proxy 2024-12-06 09:15:36 -05:00
Diego Ledda be30a06af4 Land #19430, Moodle RCE (CVE-2024-43425) Module 
Land #19430, Moodle RCE (CVE-2024-43425) Module
 2024-12-06 12:15:35 +01:00
aaryan-11-x a4af59a595 Changed filename from wp_plugin_perfect_survey_sqli.rb to wp_perfect_survey_sqli.rb 2024-12-06 11:45:36 +05:30
aaryan-11-x 3881fd6c3c RuboCop Fixes 2024-12-06 11:41:25 +05:30
aaryan-11-x 8d81ad125d Added Notes section in the code & corrected the disclosure date 2024-12-06 11:40:42 +05:30
Ashley Donaldson 75a334ca0a Changes from code review 2024-12-06 16:05:53 +11:00
Ashley Donaldson 5032695d1f MSFTidy fixes 2024-12-06 14:36:05 +11:00
Ashley Donaldson 7c46d4d02d Updated text to be clearer about the AES kerberos behaviour 2024-12-06 14:28:44 +11:00
Ashley Donaldson 88bd8f6f9e Support SMBPass as NTLM format 2024-12-06 14:21:56 +11:00
h00die 6723c585f2 obsidian plugin module 2024-12-05 17:54:07 -05:00
jheysel-r7 8ac7348be0 Land #19608 CyberPanel Pre-Auth RCE 
Adds a CyberPanel Pre-Auth RCE Exploit Module for (CVE-2024-51378 / CVE-2024-51567 / CVE-2024-51568)
 2024-12-05 09:35:35 -08:00
Chocapikk 9de6a898cd Re-add wordpress detection check 2024-12-05 16:19:15 +01:00
Chocapikk 022533db59 Fix check and use rest_route 2024-12-05 16:19:15 +01:00
Chocapikk 86bc3ceb5e Handle case when 2FA is disabled 2024-12-05 16:19:15 +01:00
Chocapikk a123234141 Add CVE-2024-10924 2024-12-05 16:19:09 +01:00
Chocapikk b8ec13e9dc Lint 2024-12-05 16:05:25 +01:00
Heyder Andrade d5f0c6108c Fix: Ensure api_list returns a list even when created during execution 2024-12-05 14:34:20 +01:00
Valentin Lobstein ca45c6439f Update modules/exploits/unix/webapp/cyberpanel_preauth_rce_multi_cve.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-12-05 08:20:59 +01:00
jheysel-r7 e8911f9129 Land #19402 vCenter Sudo LPE (CVE-2024-37081) 2024-12-04 18:25:05 -08:00
h00die bca3626cf2 peer review 2024-12-04 18:39:43 -05:00
Chocapikk 0fecf5be65 Add Referer header 2024-12-04 20:55:51 +01:00
Heyder Andrade 964261283b Fix: Handle full-location redirects in send_request_cgi 
- Resolved an issue where redirects with full-location URLs were not properly handled by `send_request_cgi`.
- Implemented a quick solution for now; open to suggestions for a more robust approach.
- Tested behavior without proxy interference, as Burp previously masked the issue.
 2024-12-04 20:05:07 +01:00
jheysel-r7 21cf475cbb Land #19595 Ivanti Connect Secure auth RCE via OpenSSL (CVE-2024-37404) 2024-12-04 08:26:07 -08:00
Diego Ledda ab2ca41eb8 Land #19629, Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220) 
Land #19629, Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220)
 2024-12-04 16:49:56 +01:00
Heyder Andrade fabced539d Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-12-04 16:44:48 +01:00
Diego Ledda 58702f238c Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230) 
Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
 2024-12-04 16:39:43 +01:00
jheysel-r7 fa3716408f Add comment explaining payload architecture restraints 2024-12-03 18:33:43 -08:00
jheysel-r7 2d1af7d809 Land #19648 Add exploit module for FortiManager (CVE-2024-47575) 2024-12-02 18:31:25 -08:00