adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
66,898 Commits 27 Branches 1,043 Tags
78f2ea39e99e548e4532899d2e50e36bfef074bf
Commit Graph

4919 Commits

Author SHA1 Message Date
Jack Heysel bea4207c62 Land PR #16607 - MyBB RCE Module (CVE-2022-24734) 
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
 2022-05-31 11:59:53 -04:00
Christophe De La Fuente dac355d9cf Land #16492, nfs_mount more intelligent mountability 2022-05-31 11:56:19 +02:00
Christophe De La Fuente b996f5ee49 Fixes from code review 2022-05-30 16:24:18 +02:00
adfoster-r7 d225d4663c Land #16413, update local exploit suggester 2022-05-25 13:24:11 +01:00
sjanusz 6b1faf0e0e Add 'run' commands to Local Exploit Suggester docs 2022-05-25 12:05:06 +01:00
sjanusz 7734161ffc Update Local Exploit Suggester documentation 2022-05-24 14:48:40 +01:00
Christophe De La Fuente bac9be956f Add documentation 2022-05-23 17:27:42 +02:00
Spencer McIntyre 02e7a65b93 Just move the auxiliary module into an exploit 2022-05-16 17:44:31 -04:00
Grant Willcox 133b9e307a Land #16563, Zyxel Firewall Unauthenticated Command Injection (CVE-2022-30525) 2022-05-13 18:55:30 -05:00
Jake Baines 39567281bf Revised setup guidance 2022-05-13 13:41:05 -07:00
Grant Willcox 2eb31cf765 Add in edits from review 2022-05-13 15:32:12 -05:00
bwatters 1fe04caadd Land #16406, Create get_bookmarks.rb 
Merge branch 'land-16406' into upstream-master
 2022-05-13 13:42:31 -05:00
dwelch-r7 c0c02e56ba Land #16430, Improve kerberos user enum module 2022-05-13 12:17:26 +01:00
bwatters 934f193dc0 Land #16484, Add vcenter_forge_saml_token aux module 
Merge branch 'land-16484' into upstream-master
 2022-05-12 17:36:20 -05:00
Jake Baines da133a34c8 Updated affected 2022-05-12 03:22:02 -07:00
Jake Baines 617b4ae044 Initial commit of Zyxel unauth command injection (CVE=2022-30525) 2022-05-12 01:43:59 -07:00
Grant Willcox 6354d7a055 Redo explanation of exploit in documentation to appropriately account for various nuances. Also update exploit title and description accordingly. 2022-05-11 16:43:36 -05:00
Heyder Andrade 8a6dd7152e Added tested versions reference 2022-05-11 16:43:12 -05:00
Heyder Andrade 77f60eb21e Added module and documentation for f5 icontrol RCE (CVE-2022-1388) 2022-05-11 16:43:00 -05:00
Grant Willcox 1c934b87b4 Land #16169, Add sploit for Cisco RV340 SSL VPN - CVE-2022-20699 2022-05-11 10:15:08 -05:00
Grant Willcox 68fdb103fe Add in final touch ups to documentation to fix a typo or two for formatting. Also update exploit ranking since this exploit doesn't retrieve version information before exploiting and is not 100% reliable so Excellent ranking isn't appropriate 2022-05-11 09:39:47 -05:00
Grant Willcox 5a04f8253c Land #16551, Add docker documentation for tomcat mgr upload 2022-05-10 12:03:18 -05:00
Grant Willcox 6a7be290ff Add in minor changes to improve overall formatting and presentation of documentation 2022-05-10 12:02:45 -05:00
adfoster-r7 ff410b23a0 Add documentation for tomcat mgr upload 2022-05-10 17:01:40 +01:00
bwatters 92715c883f Land #16423, Add module for exploit CVE-2022-22965 
Merge branch 'land-16423' into upstream-master
 2022-05-10 08:44:06 -05:00
bwatters 43f2b4dcf9 Quick update to the vulhub guidance 2022-05-10 08:42:02 -05:00
h00die 978dfe9b74 nfs mount more intelligent 2022-05-08 08:48:53 -04:00
dwelch-r7 1f4ee19c05 Expose options for logging to a file in mettle 2022-05-06 14:36:55 +01:00
Spencer McIntyre 7646bf9e0a Update the module docs 2022-05-05 11:26:37 -04:00
space-r7 e2cefe0750 Land #16514, add ZoneMinder exploit module 2022-05-04 17:37:08 -05:00
space-r7 dd0b124e84 fix typo in docs, check some responses 2022-05-04 17:28:37 -05:00
William Vu 6532365dc8 Deregister VHOST 2022-05-03 11:52:50 -05:00
William Vu 8c0cd40a19 Fix VMware Workspace ONE Access CVE-2022-22954 2022-05-03 10:39:58 -05:00
dwelch-r7 a76600f4a9 Land #16462, add support for armle/aarch64 architectures 2022-05-03 15:48:50 +01:00
krastanoel 0f5e31d593 Apply suggestions from code review 
Update documentation common default options

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-05-03 15:43:38 +07:00
William Vu 4ea72bb7a7 Add log IOC 2022-05-03 02:38:29 -05:00
William Vu 184b1b1e76 Add module doc 2022-05-02 20:41:01 -05:00
Spencer McIntyre c994f8e933 Land #16507, Add WSO2 file upload RCE module 2022-04-29 09:58:55 -04:00
krastanoel bb8c130740 Fix docs typo 2022-04-28 21:57:18 +07:00
krastanoel eba436dd99 Add Zoneminder Language rce module docs 2022-04-28 21:01:00 +07:00
vleminator f8887dbf1c Reflect changes in the console output 2022-04-28 00:22:44 +02:00
Spencer McIntyre 21f8494366 Land #16509, Ensure HTML is escaped in markdown codeblocks 2022-04-27 15:18:50 -04:00
adfoster-r7 9f6950c6c8 Ensure HTML is escaped in markdown codeblocks 2022-04-27 19:51:05 +01:00
Jack Heysel 253cb8580a Responded to comments added retry_until_true 2022-04-27 09:45:18 -07:00
jheysel-r7 266d3bb9ca Apply suggestions from @bcoles code review 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-04-26 13:40:25 -07:00
Jack Heysel ca0be9c145 Add WSO2 file upload RCE module 2022-04-26 12:29:12 -07:00
Jake Baines de453b8970 Update documentation/modules/exploit/linux/redis/redis_debian_sandbox_escape.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-04-26 14:42:57 -04:00
Jake Baines d20fd996bd Fix spelling mistakes 2022-04-26 03:38:23 -07:00
Jake Baines 71a4023c0d Initial commit of Redis sandbox escape CVE-2022-0543 2022-04-26 03:32:11 -07:00
Brendan Coles 02d911e655 gdb_server_exec: Cleanup and add support for armle/aarch64 architectures 2022-04-25 19:25:06 +00:00