 msutovsky-r7
|
c598d8b4b0
|
Land #20020, adds module for Nextcloud Workflow Remote Code Execution
Add exploit module for the nextcloud workflow vulnerability CVE-2023-26482
|
2025-05-15 12:31:51 +02:00 |
|
|
whotwagner
|
97ecaa7c30
|
Refactoring indentations
|
2025-05-15 09:16:26 +00:00 |
|
|
whotwagner
|
61dc956bb3
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-15 11:15:05 +02:00 |
|
|
whotwagner
|
72c9d5b038
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-15 11:14:25 +02:00 |
|
|
whotwagner
|
9b619cbc58
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-15 11:12:05 +02:00 |
|
|
Diego Ledda
|
6c39f9331f
|
Land #20162, modules/auxiliary/sqli: Resolve RuboCop violations
Land #20162, modules/auxiliary/sqli: Resolve RuboCop violations
|
2025-05-15 10:52:37 +02:00 |
|
|
Diego Ledda
|
f7e7b5ad14
|
Land #20154, modules/auxiliary/dos: Resolve RuboCop violations
Land #20154, modules/auxiliary/dos: Resolve RuboCop violations
|
2025-05-15 10:22:51 +02:00 |
|
|
msutovsky-r7
|
e3649b31fe
|
Land #20123, adds module for path traversal and credential harvester in PowerCom UPSMON Pro
POWERCOM UPSMON PRO Path Traversal (CVE-2022-38120) and Credential Harvester (CVE-2022-38121) Module
|
2025-05-15 07:23:07 +02:00 |
|
|
h4x-x0r
|
3f4c8a5161
|
Update upsmon_traversal.rb
|
2025-05-15 04:28:53 +01:00 |
|
|
bcoles
|
8ea5d3214f
|
modules/auxiliary/dos: Resolve RuboCop violations
|
2025-05-15 08:43:24 +10:00 |
|
|
whotwagner
|
0e0b84d252
|
Error message if nextcloud-upload fails
|
2025-05-14 13:53:59 +00:00 |
|
|
msutovsky-r7
|
fe5f56cac0
|
Land #20159, adds module for privilege escalation in Wordpress (CVE-2025-2563)
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
|
2025-05-14 15:33:30 +02:00 |
|
|
Diego Ledda
|
1f230f3731
|
Land #20153, modules/auxiliary/dos/http: Resolve RuboCop violations
Land #20153, modules/auxiliary/dos/http: Resolve RuboCop violations
|
2025-05-14 10:45:03 +02:00 |
|
|
Diego Ledda
|
621840e9df
|
Land #20152, modules/auxiliary/dos/windows: Resolve RuboCop violations
Land #20152, modules/auxiliary/dos/windows: Resolve RuboCop violations
|
2025-05-14 10:42:58 +02:00 |
|
|
msutovsky-r7
|
7d8d0230cb
|
Land #20026, adds module for CVE-2024-57487
New Exploit Module & Documentation for CVE-2024-57487
|
2025-05-14 08:00:20 +02:00 |
|
|
Brendan
|
1982d81e22
|
Merge pull request #20098 from smashery/execute-assembly32
Execute assembly32
|
2025-05-13 16:49:25 -05:00 |
|
|
Spencer McIntyre
|
3d67f9ef55
|
Merge pull request #20161 from bcoles/rubocop-modules-auxiliary-fuzzers
modules/auxiliary/fuzzers: Resolve RuboCop violations
|
2025-05-13 16:04:00 -04:00 |
|
|
Chocapikk
|
88ffe892e0
|
Remove lower bound
|
2025-05-13 21:48:49 +02:00 |
|
|
Valentin Lobstein
|
7f98f2fad7
|
Update modules/exploits/multi/http/wp_user_registration_membership_escalation.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 21:42:10 +02:00 |
|
|
Chocapikk
|
c415675c39
|
Reduce wordpress_version calls
|
2025-05-13 21:42:10 +02:00 |
|
|
Chocapikk
|
a2ff0c1f92
|
Apply suggestion to store created WordPress admin creds
|
2025-05-13 21:42:09 +02:00 |
|
|
Chocapikk
|
e335841bb0
|
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
|
2025-05-13 21:42:09 +02:00 |
|
|
aaryan-11-x
|
1e523e4e0b
|
MsfTidy Fixes again
|
2025-05-13 23:54:36 +05:30 |
|
|
Brendan
|
b41f0a4430
|
Merge pull request #20178 from bcoles/modules-post-windows-gather-credentials
modules/post/windows/gather/credentials: Update PackRat module descriptions
|
2025-05-13 11:25:50 -05:00 |
|
|
Brendan
|
cb6495e5bc
|
Merge pull request #20146 from Chocapikk/wp_suretriggers_auth_bypass
Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102)
|
2025-05-13 10:53:44 -05:00 |
|
|
whotwagner
|
09aaf5865c
|
Rearranged code and removed wait_for_payload_session
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
ad9651db5d
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
9b0aee41f4
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
83786100b3
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
2ba8e1c255
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
6aa2170fbc
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
c9521a0eab
|
Removed thread from exploit_nextcloud_workflows
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
4a5d556671
|
Removed linux_dropper from exploit_nextcloud_workflows
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
d0a3eb4332
|
Fixed refacturing-bugs
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
92e30b8391
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
5a75e0bb2d
|
Reformatting res.code for login-failure
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
fde19395ce
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
b1e3b0708e
|
Fixed get_html_document in parse_tokens
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
2245516a21
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
14daed78b2
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
4a08b93542
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
5f42b3439e
|
Update modules/exploits/unix/webapp/nextcloud_workflows_rce.rb
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
|
2025-05-13 13:48:56 +00:00 |
|
|
whotwagner
|
e6781e60f0
|
Changed ranking to Excellent
|
2025-05-13 13:48:36 +00:00 |
|
|
jenkins-metasploit
|
e819362398
|
automatic module_metadata_base.json update
|
2025-05-13 13:45:30 +00:00 |
|
|
bcoles
|
a9447e23f6
|
modules/auxiliary/dos/windows: Resolve RuboCop violations
|
2025-05-13 23:28:13 +10:00 |
|
|
bcoles
|
5abf5480d5
|
modules/post/windows/gather/credentials: Update PackRat module descriptions
|
2025-05-13 23:10:04 +10:00 |
|
|
Brendan
|
5faa0a5b6b
|
Merge pull request #19777 from msutovsky-r7/linqpad_deserialization
Linqpad deserialization persistence
|
2025-05-13 08:03:30 -05:00 |
|
|
Diego Ledda
|
619a284408
|
Land #20156, modules/post: Resolve RuboCop violations and typos
Land #20156, modules/post: Resolve RuboCop violations and typos
|
2025-05-13 12:24:41 +02:00 |
|
|
bcoles
|
81a405355c
|
modules/post: Resolve RuboCop violations and typos
|
2025-05-13 09:23:28 +10:00 |
|
|
adfoster-r7
|
0b0132c11a
|
Update web crawlers to support HTTP logging
|
2025-05-12 17:46:20 +01:00 |
|