adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
79,675 Commits 27 Branches 1,043 Tags
85604307fa98d4167d95cb346d7ac4c1fdf2800a
Commit Graph

39433 Commits

Author SHA1 Message Date
Jack Heysel 85604307fa Update ranking 2026-02-05 06:47:31 -08:00
Jack Heysel bd049dcba4 doc update 2026-02-03 18:41:51 -08:00
Jack Heysel a868bc95b2 GNU Inetutils Telnet Auth Bypass 2026-02-03 17:45:59 -08:00
jheysel-r7 f31776caf0 Merge pull request #20778 from h00die/ssh_keys 
Update and combine ssh key persistence with mixin
 2026-01-27 06:39:10 -08:00
h00die 0b68476817 Update modules/exploits/multi/persistence/ssh_key.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-26 16:44:46 -05:00
h00die 048163ea89 ssh_key persistence review 2026-01-24 16:36:54 -05:00
Spencer McIntyre c0e9288ac5 Merge pull request #20799 from jheysel-r7/feat/cacti_graph_template_rce 
Cacti Graph Template Authenticated RCE [CVE-2025-24367]
 2026-01-22 14:26:38 -05:00
Spencer McIntyre 18a4cf8c00 Use the ssl setting for HttpServer#start_service 2026-01-22 13:49:28 -05:00
Jack Heysel e9a6a6fd45 Responded to comments 2026-01-22 15:03:32 +01:00
Jack Heysel 96b788e1e8 Increase length of cron job name 2026-01-22 15:03:32 +01:00
Jack Heysel 0e0a6cc9cd Removed duplicate platform 2026-01-22 15:03:31 +01:00
Jack Heysel 2e484d552e Finishing touches 2026-01-22 15:03:31 +01:00
Jack Heysel 99e032f4af SmarterTools SmarterMail Unauth File Upload RCE [CVE-2025-52691] 2026-01-22 15:03:30 +01:00
msutovsky-r7 537a1c5395 Land #19821, adds Burpsuite persistence module 
Burp extension persistence
 2026-01-22 11:03:08 +01:00
jheysel-r7 719874a7f4 Merge pull request #20750 from MatDupas/add-exploit-oracle-ebs-cve-2025-61882-module 
Add exploit oracle ebs CVE 2025 61882 module
 2026-01-21 16:08:09 -08:00
Jack Heysel 927f5330f4 Rubocop fixes 2026-01-21 14:56:08 -08:00
Jack Heysel c45309e9ab Added payload length guards 2026-01-21 11:34:21 -08:00
jheysel-r7 b6da204725 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2026-01-21 10:09:12 -08:00
Alex 9f626a0c39 Update cve_2025_14847_mongobleed.rb 2026-01-21 11:27:03 +01:00
Alex 464e15152a Update cve_2025_14847_mongobleed.rb 2026-01-21 11:27:03 +01:00
Alex 087ab70a8e Update cve_2025_14847_mongobleed.rb 2026-01-21 11:27:02 +01:00
Alex 99636be776 Updated mongobleed 2026-01-21 11:27:02 +01:00
MatDupas b46649769e Fix formatting issues in oracle_ebs exploit script 2026-01-21 09:00:52 +01:00
MatDupas a05863f6f6 Clean up comment in generate_xsl_payload method 
Removed comment about generating XSLT payload.
 2026-01-21 08:57:10 +01:00
MatDupas cb3df4b4de Refactor payload options in Oracle EBS exploit 2026-01-21 08:56:01 +01:00
MatDupas c5df078b41 Clarify payload option comment in exploit module 
Updated the comment for the payload option to clarify usage.
 2026-01-21 08:54:53 +01:00
Martin Sutovsky ffb725f4da Rubocopes 2026-01-21 08:16:39 +01:00
h00die 0234dc7a26 Update modules/exploits/multi/persistence/burp_extension.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-01-20 19:28:18 -05:00
h00die ad343cb383 Update modules/exploits/multi/persistence/burp_extension.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-01-20 19:27:46 -05:00
h00die cf43e496b1 Update modules/exploits/multi/persistence/burp_extension.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-01-20 19:27:08 -05:00
jheysel-r7 c47a74d0dd Merge pull request #20770 from vognik/Splunk_2022-43571_CVE-2024-36985 
Add Splunk RCE Exploits (CVE-2022-43571 & CVE-2024-36985)
 2026-01-20 12:36:51 -08:00
MatDupas c351514291 Refine description for Oracle EBS CVE-2025-61882 exploit 
Updated the description of the Oracle E-Business Suite CVE-2025-61882 RCE exploit module to provide more detailed information about the exploit mechanism and affected versions.
 2026-01-20 21:09:25 +01:00
MatDupas 37c69a9bf1 Refactor Oracle EBS CVE-2025-61882 exploit module 
Updated the Oracle E-Business Suite exploit module to fix rubocop linting errors
 2026-01-20 09:12:05 +01:00
vognik 9e320dd168 add suggestions from @jheysel-r7 2026-01-19 18:45:01 -08:00
jheysel-r7 eb49dade6f Merge pull request #20755 from rudraditya21/feature/kerberos-clock-skew 
Added: Option to adjust kerberos clock
 2026-01-19 10:00:54 -08:00
MatDupas bff88db29b Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2026-01-19 15:07:45 +01:00
MatDupas 9377662118 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2026-01-19 15:06:47 +01:00
MatDupas 68f7d42bb8 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2026-01-19 15:04:59 +01:00
MatDupas 47d0b1c208 Clarify default payload comment in exploit module 
Updated the comment for the default payload option to clarify its usage.
 2026-01-19 10:47:47 +01:00
MatDupas 141fa5a169 Refactor smuggling payload creation and session handling 
Refactor HTTP request smuggling logic and error handling.
 2026-01-19 10:41:23 +01:00
MatDupas daf0fc89fc Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-19 10:34:24 +01:00
adfoster-r7 bb07207b9b Merge pull request #20861 from bcoles/post-linux-system-get_hostname 
Post::Linux::System.get_hostname: Use session sysinfo if available
 2026-01-17 19:38:21 +00:00
MatDupas 21a1245a77 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-17 16:13:55 +01:00
MatDupas ec31ff1351 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-17 16:08:43 +01:00
MatDupas 607f4651a5 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-17 12:26:52 +01:00
h00die 7ccf574e99 burp extension all working 2026-01-16 08:44:27 -05:00
adfoster-r7 350a39c274 Bump mettle 2026-01-16 13:04:57 +00:00
Brendan ade984aead Merge pull request #20793 from Chocapikk/avideo-v2 
Add AVideo notify.ffmpeg.json.php unauthenticated RCE exploit (CVE-2025-34433)
 2026-01-15 17:36:07 -06:00
h00die fa83217a07 burp extension java target working 2026-01-15 16:15:48 -05:00
adfoster-r7 67e279ef8c Fix UDP sockets for php meterpreter 2026-01-15 16:31:16 +00:00