adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,795 Commits 27 Branches 1,043 Tags
8528cb255a994eb621269a34412be0caa1d511f5
Commit Graph

1025 Commits

Author SHA1 Message Date
h00die 8490ce844d linqpad persistence cleanup 2025-10-19 10:08:33 -04:00
h00die 287cba7436 linqpad persistence cleanup 2025-10-19 10:05:36 -04:00
jheysel-r7 dbf84abec3 Merge pull request #20586 from bcoles/windows_script_host_wsf 
Add Malicious Windows Script Host Script File (.wsf) module
 2025-10-06 13:21:56 -07:00
bcoles 9a8d1473d8 Add Malicious Windows Script Host Script File (.wsf) module 2025-10-05 20:16:00 +11:00
h00die 915cad72b5 modern persistence for windows image_exec_options 2025-09-23 17:25:27 -04:00
remmons-r7 eddc81f10c Update commvault_rce_cve_2025_57790_cve_2025_57791.md 
Update the example usage terminal output to reflect module changes.
 2025-09-15 11:37:57 -05:00
remmons-r7 b754b7027c Merge branch 'rapid7:master' into commvault_rce_cve_2025_57790_cve_2025_57791 2025-09-15 10:47:38 -05:00
jheysel-r7 a3a1e146f0 Apply suggestions from code review 2025-09-11 09:40:34 -07:00
Martin Sutovsky 00bd70751c Updates docs 2025-09-11 10:41:28 +02:00
remmons-r7 8ffc9a3db4 Update commvault_rce_cve_2025_57790_cve_2025_57791.md 
Updating module type from "multi" to "windows" in documentation :)
 2025-09-05 23:13:10 -05:00
remmons-r7 e661388ce6 Revise and move commvault_rce_cve_2025_57790_cve_2025_57791.md 
New documentation for the Commvault CVE-2025-57790/CVE-2025-57791 RCE module, updated to reflect module changes.
 2025-09-05 23:06:16 -05:00
Martin Sutovsky a8e97e034c Adds docs 2025-08-26 13:06:57 +02:00
Martin Sutovsky b43b4c9f37 Updates library, addressing comments 2025-08-25 17:49:34 +02:00
Martin Sutovsky da5b20faa4 Creating lib file for shared functionality, adding more reliable check method for CVE-2025-34511, docs init 2025-08-20 10:59:22 +02:00
Brendan b6dc0860e7 Merge pull request #20409 from sfewer-r7/sharepoint-hax 
Exploit module for Microsoft SharePoint ToolPane Unauthenticated RCE (CVE-2025-53770 and CVE-2025-53771)
 2025-08-06 14:24:28 -05:00
sfewer-r7 0a923a611d reword the language around our usage of CVE-2025-53770 to make it clear that this module is leveraging the authentication bypass for both CVE-2025-49706 and CVE-2025-53771, and the unsafe deserialization for CVE-2025-49704. 2025-08-06 15:33:57 +01:00
msutovsky-r7 f4622d802e Land #20406, adds malicious Windows Script Host VBScript fileformat module 
Add Malicious Windows Script Host VBScript (.vbs) File module
 2025-07-28 13:58:07 +02:00
msutovsky-r7 12340ef6b5 Land #20398, adds malicious Windows Script Host JScript fileformat module 
Add Malicious Windows Script Host JScript (.js) File module
 2025-07-28 13:51:26 +02:00
sfewer-r7 3237151512 add in the documentation 2025-07-25 14:40:12 +01:00
bcoles cbc03eaeeb Add Malicious Windows Script Host VBScript (.vbs) File module 2025-07-25 18:46:47 +10:00
bcoles 44c61a7e4d Add Malicious Windows Script Host JScript (.js) File module 2025-07-25 18:43:33 +10:00
msutovsky-r7 afeded56aa Land #20384, adds module for malicious Windows Registration Entries files 
Add Malicious Windows Registration Entries (.reg) File module
 2025-07-24 12:29:34 +02:00
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
bcoles c5ec45452a Add Malicious Windows Registration Entries (.reg) File module 2025-07-13 23:41:59 +10:00
msutovsky-r7 fde78bf73f Land #20324, adds exploit for UNC path in .url files (CVE-2025-33053) 
Adds exploit module for Internet Shortcut UNC path vulnerability (CVE-2025-33053)
 2025-06-25 11:23:23 +02:00
Martin Sutovsky 13cd2d2e51 Minor code changes, updates documentation 2025-06-24 16:22:42 +02:00
adfoster-r7 be8864fe84 Merge pull request #20339 from bcoles/exploit-windows-fileformat-ms_visual_basic_vbp 
exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document
 2025-06-23 10:41:14 +01:00
bcoles e1dec29ef9 exploit/windows/browser/ms08_070_visual_studio_msmask: Cleanup and add documentation 2025-06-23 00:38:44 +10:00
bcoles c0baf1888b exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document 2025-06-23 00:11:54 +10:00
DevBuiHieu ec5ba0bd0d Final code for CVE-2025-33053 exploit module 2025-06-17 23:03:36 -04:00
DevBuiHieu 20b8a9fcd3 Add some features and fix bugs for CVE-2025-33053 exploit module 2025-06-17 22:59:34 -04:00
DevBuiHieu 20629fe6b8 Add some features and fix all errors for CVE-2025-33053 exploit module 2025-06-17 02:49:10 -04:00
DevBuiHieu f81ddf82f1 Add some features for CVE-2025-33053 exploit module 2025-06-17 01:00:35 -04:00
Diego Ledda ce6e0d1164 Merge pull request #20096 from h00die-gr3y/CVE-2025-30406 
Gladinet CentreStack/Triofox ASP.NET ViewState Deserialization [CVE-2025-30406]
 2025-05-28 13:46:13 +02:00
h4x-x0r e9c88b55f2 cleanup 2025-05-09 22:39:30 +01:00
h4x-x0r 803581ab81 CVE-2024-7399 2025-05-09 17:27:22 +01:00
Brendan 5faa0a5b6b Merge pull request #19777 from msutovsky-r7/linqpad_deserialization 
Linqpad deserialization persistence
 2025-05-13 08:03:30 -05:00
msutovsky-r7 3af76cfa00 Renames incorrect option in documentation 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2025-05-13 06:30:00 +02:00
Martin Sutovsky d16c639278 Adds cleanup option in documentation 2025-05-06 09:07:21 +02:00
Martin Sutovsky 24a86cd74a Refactoring based on comments 2025-05-06 08:43:57 +02:00
h00die-gr3y 908094da6b update documentation with privileged escalation to system 2025-05-02 20:59:07 +00:00
h00die-gr3y 1c5be6154a second release including Triofox + documentation 2025-05-02 20:42:14 +00:00
Spencer McIntyre 3216fbbde3 Fix the smb_to_ldap module 2025-05-01 16:59:16 -04:00
Jack Heysel 3ead0fdf42 Add check for is_uac_enabled? 2025-04-16 17:59:53 -07:00
Jack Heysel 9a95f60df6 Updated service_permissions with action to exploit CVE-2025-21293 2025-04-16 10:55:05 -07:00
jheysel-r7 5505bb5ef1 Merge pull request #19947 from machang-r7/machang-r7-module-cve-2025-27218 
Create sitecore_xp_cve_2025_27218.rb
 2025-03-28 07:40:28 -07:00
Jack Heysel fa0c29837e Update author, rubocop, msftidy_docs 2025-03-27 09:36:10 -07:00
Jack Heysel 74cc1d313c Add documentation 2025-03-27 09:28:44 -07:00
bwatters-r7 ec67435de9 Rebase and squash for CVE-2024-30085 2025-03-20 09:03:28 -05:00