adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,058 Commits 27 Branches 1,043 Tags
87dacce2cd804f46d306efd68b216ad9ceed6798
Commit Graph

2196 Commits

Author SHA1 Message Date
Spencer McIntyre 87dacce2cd Land #14446, Add Oracle Solaris SunSSH PAM parse_user_name() exploit (CVE-2020-14871) 2020-12-16 16:01:32 -05:00
Tim W a30cdfc892 Fix #14254, Add CVE-2020-1054, win32k DrawIconEx OOB Write LPE 2020-12-14 14:54:54 +00:00
Christophe De La Fuente 98d6364248 Land #14482, Use CVE-2020-5752 path traversal bypass for CVE-2019-3999 2020-12-14 15:10:09 +01:00
William Vu ba125c1c64 Merge remote-tracking branch 'upstream/master' into feature/solaris 2020-12-11 14:25:05 -06:00
Shelby Pace 83943adf8b Land #14466, add Aerospike UDF rce 2020-12-10 11:07:56 -06:00
Brendan Coles a9e231ad0a Use CVE-2020-5752 path traversal bypass for CVE-2019-3999 2020-12-10 12:14:47 +00:00
William Vu 9452c1dcfa Fix merge conflict from #14202, in linear history 2020-12-09 17:24:29 -06:00
Shelby Pace d337d832b8 Land #14422, add GitLab file read/rce 2020-12-09 11:34:14 -06:00
Tim W fb9b1c5de4 Land #14409, add weak services technique to the service permissions LPE 2020-12-09 17:16:53 +00:00
Spencer McIntyre 6d7c6c054a Update the module docs with more details for the registry technique 2020-12-08 17:39:34 -05:00
Shelby Pace 8e1cab0131 Land #14339, add flexdotnetcms rce 2020-12-07 14:28:01 -06:00
William Vu a69269a101 Update module doc 2020-12-07 01:35:59 -06:00
William Vu af27d91eea Fix download link 
I was logged in.
 2020-12-07 01:35:13 -06:00
William Vu 9ac5725ce3 Show how to find libc base 2020-12-07 01:35:13 -06:00
William Vu 0211c2c6e8 Add module doc 2020-12-07 01:35:13 -06:00
alanfoster 835059f00c [CVE-2020-10977] Gitlab arbitrary file read to RCE 2020-12-07 01:26:54 +00:00
Brendan Coles 6cdb484d7c Add Aerospike Database UDF Lua Code Execution exploit 2020-12-05 14:15:22 +00:00
Tim W 87eba681e0 Land #14365, Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 19:55:00 +00:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
Graeme Robinson 8e534ffc22 Split scenarios to separate blocks for each target 
As suggested in https://github.com/rapid7/metasploit-framework/pull/14216#discussion_r512868894.
 2020-11-26 13:46:01 +01:00
Graeme Robinson 536e1a1a02 Fix typo in documentation 2020-11-26 13:46:01 +01:00
Graeme Robinson c280bb67e7 Wrap at 140 characters to appease msftidy_docs.rb. 2020-11-26 13:46:01 +01:00
Graeme Robinson 4dc564e62b Added documentation for module. 2020-11-26 13:46:01 +01:00
Spencer McIntyre 95665e916c Land #14416, wordpress plugin 'simple file list' rce 2020-11-25 09:58:26 -05:00
Spencer McIntyre 94c157bc95 Tweak the documentation and module output just a little for clarity 2020-11-25 09:58:07 -05:00
cgranleese-r7 31426576e0 Land #14264, Add exploit/multi/http/kong_gateway_admin_api_rce 2020-11-25 11:09:02 +00:00
Grant Willcox efdc7f062e Land #14241, OpenMediaVault 5.5.11 Authenticated Remote Code Execution 2020-11-24 13:42:53 -06:00
h00die 92c92f1573 simple file list rce 2020-11-21 08:51:07 -05:00
Spencer McIntyre 1031b12c57 Land #14206, Rockwell FactoryTalk CVE-2020-12027 RCE 2020-11-20 08:49:39 -05:00
Spencer McIntyre cbc5899edf Add module docs for the Service Permissions LPE module 2020-11-19 14:17:20 -05:00
Pedro Ribeiro e7196256d4 Update rockwell_factorytalk_rce.md 2020-11-19 17:53:25 +07:00
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
William Vu dcd8ec1d70 Lock JDK to 8u131 to be safe 2020-11-18 15:17:12 -06:00
William Vu 20a90557bf Update module doc 2020-11-18 15:08:12 -06:00
William Vu bcdf5aa586 Clarify Windows target setup further 2020-11-18 14:25:10 -06:00
William Vu 4d610b5500 Clarify using the generic installer for examples 2020-11-18 14:06:13 -06:00
William Vu 83beae731f Add WebLogic Administration Console Handle RCE 
CVE-2020-14882
CVE-2020-14883
 2020-11-18 10:56:02 -06:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 0feff932f2 Change docs to reflect the truth of the "vuln" 2020-11-16 11:38:00 -06:00
Christophe De La Fuente d6b412c58e Land #14340, Add HorizontCMS 1.0.0-beta exploit module and documentation 2020-11-13 13:03:04 +01:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00
William Vu 04bcbd0253 Update module doc 2020-11-11 15:57:29 -06:00
William Vu 42bdae919b Add SaltStack Salt REST API RCE (CVE-2020-16846) 
Leveraging CVE-2020-25592.
 2020-11-11 13:09:26 -06:00
Shelby Pace 65e1ef4cb8 Land #14253, add wp-file-manager rce for wordpress 2020-11-10 08:48:33 -06:00
Grant Willcox 34697ecc11 Apply further fixes from the review process 2020-11-09 12:11:25 -06:00
stasinopoulos 2ee9b47023 Minor update regrarding Options section 2020-11-09 08:59:14 +02:00
stasinopoulos ad5b0af9c6 Fixes n' updates 2020-11-08 10:26:31 +02:00
kalba-security e7a20ec47c Add CVE ID to module and docs 2020-11-05 07:05:32 -05:00
kalba-security 0a9589166f Add CVE ID 2020-11-05 06:55:37 -05:00
Justin Steven 34715de016 Add jdk to msfvenom's APK template dependencies 2020-11-05 20:13:52 +10:00