adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,932 Commits 27 Branches 1,043 Tags
83e65b0ea3df450eee8a984e068baac48ee7d747
Commit Graph

2228 Commits

Author SHA1 Message Date
space-r7 7af22bfd41 Land #18077, add Symmetricom unauth cmd injection 2023-06-13 17:07:16 -05:00
space-r7 5535401345 add exploit rank 2023-06-13 17:05:30 -05:00
Steve Campbell 37bc9cd5a4 Update symmetricom_syncserver_rce.rb 
Updated info to add allowed SRVPORT and LPORT, and fixed issue with srvport variable not used.
 2023-06-13 16:22:08 -04:00
space-r7 cbf7109c51 add rubocop fixes and some metadata 2023-06-13 13:44:23 -05:00
Steve Campbell ed516faa93 Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Added link to CVE

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:34:24 -04:00
Steve Campbell 5b73c8fea1 Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Added CVE

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:33:57 -04:00
Steve Campbell 4e4d09862e Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Fixed misspelling

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:32:12 -04:00
Steve Campbell bc2fb0c919 Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb 
Updated heading

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-06-12 16:31:21 -04:00
h00die-gr3y 4479d94658 Updates based on review comments from space-r7 and jvoisin 2023-06-12 19:28:08 +00:00
h00die-gr3y 7cd3854208 Removed Webshell upload and updated documentation 2023-06-12 13:58:59 +00:00
h00die-gr3y 417c9fa591 init commit module and documentation 2023-06-10 09:42:32 +00:00
space-r7 c9af514be4 Land #18063, add TerraMaster webshell upload 2023-06-09 17:55:32 -05:00
h00die-gr3y dfc366e022 Latest updates based on reviewers comments 2023-06-08 21:25:40 +00:00
Steve Campbell 229fc0c002 Added symmetricom_syncserver_rce.rb 2023-06-08 12:46:10 -04:00
h00die-gr3y 0bcd930f61 Updated NAS model and version check 2023-06-08 09:12:45 +00:00
h00die-gr3y b3b0cb4ccf Updates based on space-r7 comments 2023-06-08 07:39:44 +00:00
h00die-gr3y 46fcdb76d5 Updates based on jvoisin comments 2023-06-07 08:27:55 +00:00
h00die-gr3y 3e6ae74886 init commit module 2023-06-06 07:07:36 +00:00
h00die-gr3y 00e39eb540 updated CMD stager order 2023-06-05 14:54:31 +00:00
h00die-gr3y 07def1c9f0 init commit module 2023-06-05 11:19:42 +00:00
Spencer McIntyre f464401dde Land #17782, Add fetch payloads 
Add http wget cmd based fetch payload for Linux and Windows
 2023-05-18 12:18:27 -04:00
bwatters 548a2d7ab4 Add fetch payloads for Windows and Linux x64 2023-05-18 10:47:29 -05:00
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
h00die-gr3y 4f8024454c Updates based on cdelafuente-r7 latest comments 2023-05-10 07:46:11 +00:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
h00die-gr3y cfb21e3de2 Added CVE-2023-28770 reference 2023-04-28 12:51:17 +00:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
Jack Heysel bd286dd147 Added missing require builder statement 2023-04-18 18:10:46 -04:00
h00die-gr3y de9cd59ea5 added pwd derivation and report credential function including updates based on review comments 2023-04-18 19:17:00 +00:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel cda2e9610b Land #17820, optimising the nagiosxi modules 
This PR refactors the authenticated nagiosxi modules and mixins..
 2023-04-14 16:21:26 -04:00
h00die-gr3y e0926890ab init commit module 2023-04-14 13:07:12 +00:00
h00die-gr3y 5584685f24 init commit module 2023-04-14 13:05:42 +00:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Jack Heysel a2d2946007 Rubocop 2023-04-07 13:53:12 -04:00
Jack Heysel 18170babc2 Fix RCE payloads and add autorunscript 2023-04-07 13:35:16 -04:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
Jack Heysel 665ba4aece Add additional target 2023-04-06 23:41:36 -04:00
Ryuuuuu 9985538846 Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb 
fix nil exception

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-04-07 09:55:00 +09:00
Jack Heysel 79d4021f31 Replaced janky XML building 2023-04-06 14:58:05 -04:00
Jack Heysel 544fb8ead6 Removed unecessary start_service proc 2023-04-06 14:26:02 -04:00
Jack Heysel d92fc41d29 Print out what command fails when attempting RCE 2023-04-06 13:31:17 -04:00
Jack Heysel 4984a3e2d3 Edit check method to raise errors instead of returning boolean 2023-04-06 13:25:20 -04:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
cgranleese-r7 c3a7da54d5 reduces code duplication 2023-04-04 10:27:11 +01:00
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
Ryuuuuu 8b3d799104 fix check function which always prints vulnerable 2023-04-04 10:07:06 +09:00