adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,291 Commits 27 Branches 1,043 Tags
862194d63fa8a1344d04b2b574f23bca4b91237d
Commit Graph

3534 Commits

Author SHA1 Message Date
Jack Heysel 862194d63f Documentation and rubocop changes 2023-12-11 19:01:35 -05:00
Jack Heysel 1da4333611 Land #18434, Add module for Zoneminder RCE 
This PR adds an RCE module for the Zoneminder video
surveillance software system (CVE-2023-26035).
 2023-11-10 15:15:01 -05:00
Wolfgang Hotwagner 5d5f711dcd updated documentation 2023-11-09 22:40:36 +00:00
bwatters 77a93e452f Land #18507, Exploit & Auxiliary modules for CVE-2023-20198 and CVE-2023-20273 (Cisco IOS XE) 
Merge branch 'land-18507' into upstream-master
 2023-11-08 09:05:40 -06:00
sfewer-r7 25ef7d1272 add the RCE exploit 2023-11-06 17:12:40 +00:00
bwatters e8d45b00ba Land #18501, Exploit module for CVE-2023-46604 - Apache ActiveMQ 
Merge branch 'land-18501' into upstream-master
 2023-11-06 09:30:48 -06:00
Christophe De La Fuente 1cde6198b5 Land #18481, MagnusBilling unauthenticated RCE [CVE-2023-30258] 2023-11-03 20:42:27 +01:00
Jack Heysel c27412a1ac Land #18494, Add AjaxPro Deserialization RCE 
This PR adds a module which leverages an insecure
deserialization of data to get remote code execution
on the target OS in the context of the user running
the website which utilized AjaxPro.
 2023-11-02 13:54:17 -04:00
Stephen Fewer 00104ce467 Update documentation to specify bin directory 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-02 17:41:21 +00:00
Stephen Fewer 8b70c3ec77 Update documentation/modules/exploit/multi/misc/apache_activemq_rce_cve_2023_46604.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-02 17:40:54 +00:00
Spencer McIntyre d26742a266 Add check code annotations, update AJP link 2023-11-02 08:53:56 -04:00
sfewer-r7 05f0b6a70c change the verification stesp to be for alinux target, as the testing steps above are for linux 2023-11-02 10:28:21 +00:00
sfewer-r7 58d03a3dab add in documentation 2023-11-02 10:26:02 +00:00
Jemmy Wang 9f9f18c73f Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-11-02 10:10:26 +08:00
Spencer McIntyre 9c67b92a4d Rename the other TMUI RCE module 2023-11-01 16:55:42 -04:00
Spencer McIntyre 7b53592b4f Add module docs 2023-11-01 16:55:41 -04:00
h00die-gr3y ad6e4618df third release module with minor text changes 2023-10-31 09:29:13 +00:00
h00die-gr3y bfff35eb63 second release module with php fix 2023-10-31 09:05:51 +00:00
Jemmy Wang 00ccebe8ce Upadte documentation for AjaxPro Deserializaion RCE 2023-10-31 13:31:10 +08:00
Jemmy Wang 40683ff591 Add document for AjaxPro Deserialization RCE Module 2023-10-28 01:37:34 +08:00
Zach Goldman d960aa522c Land #18348, Splunk account take over (CVE-2023-32707) leading to RCE 2023-10-26 11:34:02 -04:00
h00die-gr3y 5c89df694c added documentation 2023-10-24 18:34:29 +00:00
Christophe De La Fuente ff9639e6a6 Land #18460, VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE 2023-10-24 17:32:28 +02:00
h00die 97f9edb5f7 review 2023-10-23 06:35:23 -04:00
Heyder Andrade 1ac0e2dc66 Update splunk_privilege_escalation_cve_2023_32707.md 2023-10-23 11:31:19 +02:00
Christophe De La Fuente da9d04d32d Land #18461, CVE-2023-22515 - Atlassian Confluence unauthenticated RCE 2023-10-19 10:22:57 +02:00
sfewer-r7 c63aaba760 add in documentation for Options 2023-10-18 10:05:05 +01:00
h00die 00b534dbed review 2023-10-17 13:17:10 -04:00
sfewer-r7 1c027ac05c add an RCE exploit for CVE-2023-22515 2023-10-16 20:50:18 +01:00
h00die b94d278003 vmware aria ssh keys exploit 2023-10-16 14:47:04 -04:00
h00die ba82b59ec2 vmware aria ssh keys exploit 2023-10-16 13:43:15 -04:00
h00die f394b4a8ed vmware aria ssh keys exploit 2023-10-16 13:42:58 -04:00
h00die 263eaf7d95 vmware aria ssh keys exploit 2023-10-16 13:42:27 -04:00
h00die b3b1595ef4 vmware aria ssh keys exploit 2023-10-16 13:06:17 -04:00
Spencer McIntyre 05dd2e1473 Land #18351, Apache Superset RCE (CVE-2023-37941) 2023-10-12 17:10:10 -04:00
Spencer McIntyre 86b7ec4518 Address comments from the review 2023-10-12 09:50:19 -04:00
Spencer McIntyre 4f734379d3 Add module docs and print some messages 2023-10-12 09:27:26 -04:00
Wolfgang Hotwagner 58f9a39f72 replaced custom timer with rex::stopwatch 
updated documentation
 2023-10-12 11:46:56 +00:00
h00die 7ffc1ca491 undo some spelling fixes when upstream has those issues 2023-10-11 06:30:11 -04:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
Jack Heysel fb834b235a Land #18417, Add Kibana Upgrade Assistant RCE 
Kibana before version 7.6.3 suffers from a prototype
pollution bug within the Upgrade Assistant. This PR adds
an exploit module to exploit the bug. There is no CVE
for this issue at the moment.
 2023-10-06 17:29:02 -04:00
jheysel-r7 fe9afc94c7 Update documentation/modules/exploit/linux/http/kibana_upgrade_assistant_telemetry_rce.md 2023-10-06 16:45:52 -04:00
Wolfgang Hotwagner 2d065d59cf Documentation for exploit module for CVE-2023-26035 2023-10-06 17:43:44 +00:00
h00die 931a67d290 kibana telemetry rce rewritten to use fetch payloads 2023-10-06 09:55:10 -04:00
h00die 5e0538a239 review comments round 1 2023-10-05 13:12:33 -04:00
sfewer-r7 623b589fb5 When I removed the PowerShell target I forgot to update the documentation, this commit updates the documentation to reflect the changes made to the exploit module. 2023-10-04 17:03:28 +01:00
h00die 88eb44be64 kibana telemetry rce 2023-10-02 16:53:20 -04:00
sfewer-r7 1695a12c9c Explicitly state both the release name (e.g. 2022.0.2) and the version number (e.g. 8.8.2) in a more consistent way. 2023-10-02 17:40:11 +01:00
sfewer-r7 53ed4a632b add in exploit module for CVE-2023-40044 - WS_FTP unauthenticated RCE via .NET deserialization. 2023-10-02 11:42:19 +01:00
Christophe De La Fuente 50155e3d94 Land #18389, Juniper Junos OS PHPRC Manipulation RCE (CVE-2023-36845) 2023-09-29 18:05:28 +02:00