adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,795 Commits 27 Branches 1,043 Tags
8528cb255a994eb621269a34412be0caa1d511f5
Commit Graph

20012 Commits

Author SHA1 Message Date
adfoster-r7 f24552cdfd Merge pull request #20632 from h00die/linqpad_cleanup 
Linqpad cleanup
 2025-10-22 13:23:32 +01:00
msutovsky-r7 e5ee4d5384 Land #20630, adds authenticated RCE module for Vvveb CMS (CVE-2025-8518) 
Add Vvveb CMS Authenticated RCE (CVE-2025-8518)
 2025-10-22 09:27:59 +02:00
Maksim Rogov ff73363159 Update modules/exploits/multi/http/vvveb_auth_rce_cve_2025_8518.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-10-21 19:10:16 +03:00
vognik 45a87eaaca small fixes 2025-10-20 09:41:48 -07:00
vognik 74c7f98ad9 code review changes from @msutovsky-r7 2025-10-20 09:00:24 -07:00
Valentin Lobstein 97b58f9372 easy-fix: Fix typo in modules/exploits/unix/http/freepbx_unauth_sqli_to_rce 2025-10-20 14:29:19 +02:00
h00die ef9300870a linqpad persistence cleanup 2025-10-19 10:05:48 -04:00
h00die 287cba7436 linqpad persistence cleanup 2025-10-19 10:05:36 -04:00
vognik 9ad83f6454 Add Vvveb CMS Authenticated RCE (CVE-2025-8518) 2025-10-18 17:12:05 -07:00
Diego Ledda 644bcfabbb Merge pull request #20522 from h00die/modern_persistence_sysvinit 
update systemvinit to persistence mixin
 2025-10-16 16:35:16 +02:00
h00die 55583bd2c8 review for sysv persistence 2025-10-14 19:30:06 -04:00
h00die 68c74e1bcf remove unnecessary writabledir variable and check 2025-10-13 19:54:05 -04:00
h00die f3219668e0 remove unnedcessary sudo 2025-10-13 17:48:02 -04:00
h00die 1e9dd04505 update periodic_script to new persistence mechanism 2025-10-13 17:48:00 -04:00
h00die 7a8189f976 additional check 2025-10-13 14:07:18 -04:00
h00die c0b09693e3 systemv updated with mixin udpates 2025-10-13 13:42:41 -04:00
h00die 1a13d39a4d use attck ref in sysvinit persistence module 2025-10-13 13:42:41 -04:00
h00die 058e858e82 update systemvinit to persistence mixin 2025-10-13 13:42:41 -04:00
bcoles 93b3ec34ac exploit/multi/local/periodic_script_persistence: Unset DefaultTarget 2025-10-11 21:47:11 +11:00
Brendan 91c0adb17f Merge pull request #20585 from vognik/CVE_2025_60787 
Add MotionEye Authenticated RCE (CVE-2025-60787)
 2025-10-09 13:50:25 -05:00
Vognik 267a26b763 code review changes from smcintyre-r7@ 2025-10-09 21:51:31 +04:00
Spencer McIntyre 7b2643ce5d Remove a CVE that was mistakenly added 2025-10-08 10:45:59 -04:00
jheysel-r7 eeaf760948 Merge pull request #20595 from zeroSteiner/fix/add-missing-cves 
Add Missing CVE Data To Modules In Bulk
 2025-10-07 15:28:37 -07:00
Spencer McIntyre 9dc5696cc4 Update dash characters in module references 2025-10-07 14:03:32 -04:00
Spencer McIntyre fd21209e4d Add missing CVEs from VulnCheck 2025-10-07 13:59:13 -04:00
Spencer McIntyre 17c5b3707a Add missing module notes 2025-10-07 13:59:13 -04:00
Vognik 5cb1968c42 small fixes 2025-10-07 08:49:24 +04:00
Vognik 1be31c05da add some random 2025-10-07 08:38:20 +04:00
Vognik c05a9d3f7f code review changes from @bwatters-r7 2025-10-07 03:07:26 +04:00
jheysel-r7 dbf84abec3 Merge pull request #20586 from bcoles/windows_script_host_wsf 
Add Malicious Windows Script Host Script File (.wsf) module
 2025-10-06 13:21:56 -07:00
Vognik 25624e9ae0 code review changes 2025-10-06 15:46:59 +04:00
bcoles 9a8d1473d8 Add Malicious Windows Script Host Script File (.wsf) module 2025-10-05 20:16:00 +11:00
Vognik 6d295b993a Add MotionEye Unauthenticated RCE (CVE-2025-60787) 2025-10-05 05:32:32 +04:00
jheysel-r7 5252e92954 Merge pull request #20568 from bcoles/vbsobfuscate 
Msf::Exploit::VBSObfuscate: Add VBS obfuscation library
 2025-10-03 13:36:43 -07:00
jheysel-r7 04188cb9cb Merge pull request #20527 from h00die/modern_persistence_plist 
update plist persistence to mixin
 2025-10-03 10:05:17 -07:00
msutovsky-r7 a23473a103 Land #20565, moves image exec module to persistence category and mixin 
Modern persistence image exec
 2025-09-29 09:32:25 +02:00
h00die 81d8d46166 peer review 2025-09-26 15:44:31 -04:00
msutovsky-r7 79ff667d5e Land #20538, adds systemd override persistence module 
persistence: systemd service override
 2025-09-26 15:57:31 +02:00
Martin Sutovsky 00f902b04b Adds formatting to cleanup commands 2025-09-26 15:00:09 +02:00
bcoles bbc9928a75 exploit/windows/fileformat/windows_script_host_vbscript: Use VBSObfuscate 2025-09-26 03:06:37 +10:00
Martin Sutovsky a91f5f53f2 Substitutes cmd_exec with mkdir to create_process 2025-09-25 18:20:54 +02:00
h00die 915cad72b5 modern persistence for windows image_exec_options 2025-09-23 17:25:27 -04:00
h00die 2b16a23436 Update modules/exploits/osx/persistence/launch_plist.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-09-23 16:59:26 -04:00
h00die 01a07ac9a1 modernizing windows persistence 2025-09-23 16:39:56 -04:00
Brendan a1e3e1545b Merge pull request #20562 from uhei/fix/weblogic-regex 
fix: WebLogic server detection regex
 2025-09-23 10:35:19 -05:00
Uli Heilmeier 5af0dd3357 fix: WebLogic server detection regex 
Some WebLogic server versions reports their version with a dash
between 'Server' and 'Version', like
'<p id="footerVersion">WebLogic Server-Version: 12.2.1.3.0</p>'
 2025-09-23 09:58:50 +02:00
Echo_Slow b51cc87f88 Update freepbx_unauth_sqli_to_rce.rb 
Performed manual cleanup by observing the error log of msftidy.  Checked for original functionality, the exploit still works.
 2025-09-22 17:34:00 +02:00
Echo_Slow 6b183ba3b4 Update freepbx_unauth_sqli_to_rce.rb 
Used rubocop -A option
 2025-09-22 16:49:19 +02:00
Echo_Slow c0f4efd87d Update modules/exploits/unix/http/freepbx_unauth_sqli_to_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-09-22 16:42:22 +02:00
Echo_Slow 09207eb450 Update freepbx_unauth_sqli_to_rce.rb to account for slow systems 2025-09-22 13:18:32 +02:00