metasploit-gs

Author	SHA1	Message	Date
Ashley Donaldson	b4da4e74af	Use specific subclass of Command Shell for reverse bash	2024-10-12 14:36:09 +11:00
Ashley Donaldson	880203b503	Remove accidentally committed changes	2024-10-12 14:36:08 +11:00
Ashley Donaldson	85d019cd3c	Handle CommandLineToArgv behaviour	2024-10-12 14:36:08 +11:00
h4x-x0r	d28a098398	CVE-2024-9464 CVE-2024-9464	2024-10-11 19:31:56 +01:00
Alex	6d272759dc	Add Browser Version Detection and display System Information	2024-10-11 12:13:48 +02:00
Ashley Donaldson	c732fed617	Feedback from code review	2024-10-11 08:22:39 +11:00
jvoisin	b2ad59d0aa	Add modules/exploits/linux/local/udev_persistence.rb Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>	2024-10-10 23:08:23 +02:00
jheysel-r7	3be4eae2f5	Update modules/exploits/linux/http/magento_xxe_to_glibc_buf_overflow.rb Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-10 15:20:06 -04:00
Jack Heysel	44b33b8010	Fixed multiple sessions and instability	2024-10-10 11:36:16 -07:00
Alex	91beef1dbb	Add BROWSER_TYPE option to choose between Chromium, Gecko, or both for data extraction	2024-10-10 20:08:14 +02:00
Alex	47c4679d6b	Fixed migration logic	2024-10-10 19:28:03 +02:00
Alex	d3ae5a9ab0	Abort when session is running under SYSTEM privileges.	2024-10-10 13:25:11 +02:00
Alex	cd487715c4	[Added] Migration to explorer.exe for user-context based extraction	2024-10-10 12:32:19 +02:00
Jack Heysel	65936d181e	Update libc region on sucess print	2024-10-09 23:04:44 -07:00
Jack Heysel	dab5d66e37	Test and respond to comments	2024-10-09 22:52:55 -07:00
jheysel-r7	b72f70cbac	Apply suggestions from code review Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-10 00:40:54 -04:00
Jack Heysel	7a78c0d724	Updated authors	2024-10-09 13:14:09 -07:00
Jack Heysel	b94b2f3c72	Merge conflicts and rubocop	2024-10-09 12:59:59 -07:00
Jack Heysel	e8711c5b20	Magento XXE to GLIBC buffer overflow	2024-10-09 12:53:29 -07:00
Jack Heysel	9536eaae2d	Magento XXE to GLIBC buffer overflow	2024-10-09 12:36:53 -07:00
GhostlyBox	967f7c30a0	Update enum_unattend.rb Included checks for '.vmimport' files which may have been created by the AWS EC2 VMIE service which will still contain cleartext credentials.	2024-10-07 17:58:30 +01:00
Graeme Robinson	3e422c235b	Use random number to check for code execution in werkzeug_debug_rce.rb Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-07 10:59:29 +01:00
Graeme Robinson	255ab5c3ff	Change some messages from vprint to print werkzeug_debug_rce.rb	2024-10-07 10:31:03 +01:00
Graeme Robinson	8ad38f1d1a	Appease the linter when checking werkzeug_debug_rce.rb	2024-10-06 20:43:25 +01:00
Graeme Robinson	d135b572f5	Add support for Cookie/PIN generation to Werkzeug RCE	2024-10-06 20:18:12 +01:00
Alex	9eda0338af	Improved readability and other small fixes	2024-10-06 10:19:10 +02:00
Chocapikk	3515015e1b	Lint	2024-10-04 19:35:15 +02:00
NtAlexio2	29c0a10fd2	allow settings the RPORT option for pipe_dcerpc_auditor	2024-10-04 12:37:06 -04:00
Valentin Lobstein	686f31aac1	Update modules/exploits/multi/http/wp_givewp_rce.rb Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-04 17:32:18 +02:00
Valentin Lobstein	888c446f9a	Update modules/exploits/multi/http/wp_givewp_rce.rb Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-04 17:32:10 +02:00
Valentin Lobstein	3a244212e2	Update modules/exploits/multi/http/wp_givewp_rce.rb Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-04 17:32:03 +02:00
Valentin Lobstein	b8aad8b22f	Update modules/exploits/multi/http/wp_givewp_rce.rb Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-04 17:31:54 +02:00
Chocapikk	98b857e1a7	Lint	2024-10-04 18:04:21 +02:00
Spencer McIntyre	f2a723541d	Add a test for the python/exec payload	2024-10-04 11:10:50 -04:00
Spencer McIntyre	c051ea5a7f	Add a python/exec payload to execute OS commands	2024-10-04 10:03:08 -04:00
Valentin Lobstein	0dba8f0963	Update modules/exploits/multi/http/wp_givewp_rce.rb Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2024-10-04 16:01:29 +02:00
Chocapikk	5733d43fb0	Update check function	2024-10-03 14:13:29 +02:00
jheysel-r7	8d6972081f	Land #19480 update service_persistence for openrc This updates exploits/linux/local/service_persistence.rb to work on systems that are running OpenRC	2024-10-02 17:48:18 -04:00
jheysel-r7	1cdaeac843	Land #19463 Add Acronis Cyber Default Password RCE This adds an RCE module Acronis Cyber Infrastructure Default Password [CVE-2023-45249]	2024-10-02 16:02:50 -04:00
Chocapikk	d14866a34d	Update description	2024-10-02 21:02:26 +02:00
Chocapikk	1d083cf9e8	Add credit for the bypass	2024-10-02 20:57:57 +02:00
Brendan	dc03b02857	Merge pull request #19510 from bcoles/cups_browsed_info_disclosure Add cups-browsed Information Disclosure module	2024-10-02 13:48:40 -05:00
Chocapikk	fbb74a6d2d	Add bypass for GiveWP RCE (CVE-2024-8353)	2024-10-02 19:53:20 +02:00
Simon Janusz	a31261ecf2	Revert "Replace Readline with Reline"	2024-10-02 13:15:12 +01:00
jvoisin	811678a793	Add openrc to exploits/linux/local/service_persistence.rb Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>	2024-10-02 12:54:33 +02:00
jheysel-r7	8761226b97	Land #19456 VICIdial Auth RCE module This adds a module to exploit CVE-2024-8504 an authenticated RCE in VICIdial	2024-09-30 17:13:33 -04:00
bcoles	7cf5782b13	Add cups-browsed Information Disclosure module	2024-09-28 02:35:39 +10:00
Alex	a4fd4df052	Merge branch 'rapid7:master' into enum_browsers	2024-09-27 08:06:17 +02:00
Alex	6d28e4b350	Update modules/post/windows/gather/enum_browsers.rb Co-authored-by: Valentin Lobstein <88535377+Chocapikk@users.noreply.github.com>	2024-09-27 08:03:02 +02:00
Alex	4a9754313a	Update modules/post/windows/gather/enum_browsers.rb Co-authored-by: Valentin Lobstein <88535377+Chocapikk@users.noreply.github.com>	2024-09-27 08:02:57 +02:00

... 30 31 32 33 34 ...

38478 Commits