adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,533 Commits 27 Branches 1,043 Tags
8aef054dfdfe83d73674bb15df2411e237120bf2
Commit Graph

4104 Commits

Author SHA1 Message Date
Spencer McIntyre c997952d83 Land #17607, Fortra RCE CVE-2023-0669 
Fortra deserialization RCE CVE-2023-0669 (ETR)
 2023-02-08 12:56:09 -05:00
Spencer McIntyre 2b008af097 Move the module to reflect it targets Windows too 2023-02-08 10:24:27 -05:00
cgranleese-r7 10144a9f13 Land #17615, Add missing module notes for stability reliability and side effects 2023-02-08 12:28:47 +00:00
adfoster-r7 433bafdccf Add missing module notes for stability reliability and side effects 2023-02-08 11:45:17 +00:00
bwatters 8ee67085c8 Land #17556, ManageEngine ADSelfService Plus RCE (CVE-2022-47966) 
Merge branch 'land-17556' into upstream-master
 2023-02-07 16:57:22 -06:00
bwatters 53c67653f5 Land #17527, ManageEngine ServiceDesk Plus RCE (CVE-2022-47966) 
Merge branch 'land-17527' into upstream-master
 2023-02-06 17:37:31 -06:00
adfoster-r7 6870efc34a Land #17426, Update all references to old Wiki to point to new docs site 2023-02-01 23:49:20 +00:00
Christophe De La Fuente f676568d89 Fix CVE 2023-01-30 12:18:08 +01:00
Christophe De La Fuente a5ba1245c2 Fix CVE 2023-01-30 12:15:14 +01:00
bcoles e11aaa8027 modules/exploits/multi/local: Resolve Rubocop and msftidy_docs violations 2023-01-28 15:02:24 +11:00
Christophe De La Fuente 85d5b041aa Add minimum build number check 2023-01-27 18:03:19 +01:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Christophe De La Fuente e01239cf7b Add exploit module and documentation 2023-01-26 21:53:14 +01:00
Christophe De La Fuente ed2dd2fc0c Add randomization in the XML when possible & fix BadChars issue 2023-01-26 18:42:09 +01:00
Christophe De La Fuente 2be22752be Add Linuc specifics and documentation 2023-01-26 16:16:00 +01:00
Christophe De La Fuente 38f0d33d6b Add exploit module 2023-01-24 00:55:45 +01:00
ErikWynter 3c219c8a77 prevent .keys call on nil in log4shell_header_injection 2022-12-15 12:51:30 +02:00
Maik Ro 330cb2944b fix typo 
OptString.new('FILENAME', [true, 'The OpoenOffice Text document name', 'msf.odt']) -> OpoenOffice changed to OpenOffice
 2022-11-30 22:10:18 +01:00
Grant Willcox 8ca7550062 Land #17257, Adding exploit for ChurchInfo 1.2.13-1.3.0 RCE (CVE-2021-43258) 2022-11-18 19:27:10 -06:00
Grant Willcox 237eb904d4 Add in fixes for documentation examples and then update the code to fix some bugs 2022-11-18 18:30:07 -06:00
Grant Willcox 85a6770973 Add additional checks, a check method, and fix up some doc errors 2022-11-18 18:22:06 -06:00
m4lwhere b9ecdb3bc2 Use TARGETURI, registered cleanup, implment cookie_jar, and perform response checks and documentation 2022-11-18 18:21:27 -06:00
m4lwhere a33a313544 Adding exploit for ChurchInfo 1.3.0 2022-11-18 18:21:08 -06:00
Christophe De La Fuente d1a7170020 Land #17021, Gitea Git fetch RCE module - CVE-2022-30781 2022-11-17 12:28:29 +01:00
Christophe De La Fuente 11541a5774 Add comment for details about the string substitutions on Windows 2022-11-17 12:25:52 +01:00
krastanoel 1ddc137f1a Update module 
- adjust execute_command method and add logic for :win_dropper target
- move cmdstager uripath setting into target case statement
- add more cmdstagerflavour for :linux_dropper target
- fix lint msftidy
 2022-11-15 22:30:45 +07:00
krastanoel cbca2a5604 Update modules/exploits/multi/http/gitea_git_fetch_rce.rb 
apply suggestion

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-15 22:17:59 +07:00
krastanoel 639afebe1e Update module 
- handle cleanup method on manual `check`
- adjust targets flavour option
- add :win_dropper target and handle the payload delivery
NOTE: the Windows dropper target is still unsuccessfull but keep this for further review
 2022-11-09 16:12:20 +07:00
krastanoel 13bb31feeb Update module 
- move repository migration to execute_command.
NOTE: the stageless payload is still unsuccessfull but keep this anyway for christophe to review.
 2022-11-09 04:52:18 +07:00
krastanoel bca5138fc8 Update module 
- move cleanup process to its own method and handle the response
- remove timeout and http delay option
- adjust target type location as code review suggestion
 2022-11-09 01:42:27 +07:00
krastanoel a50cca27e6 remove cookie_jar manipulation 2022-11-09 00:48:23 +07:00
krastanoel 52d867bbc7 follow Ruby coding convetions 
- combine gitea_version into get_gitea_version for the check method
- validate empty username
 2022-11-09 00:41:30 +07:00
krastanoel f0b67c8812 fix msftidy 2022-11-08 14:14:45 +07:00
krastanoel 540984804d Apply suggestions from code review 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-08 14:09:31 +07:00
Jack Heysel f61136dd6d Fixed powershell taget 2022-11-01 10:55:50 -05:00
jheysel-r7 757c0da639 Review updates 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-11-01 10:55:20 -05:00
Jack Heysel b31c0f6987 Added check method, refactored, updated docs 2022-11-01 10:54:27 -05:00
Jack Heysel a0babb354a Apache CouchDB Erlang module initial commit 2022-11-01 10:54:19 -05:00
Jack Heysel c4c2c7c0c1 Beta commit, injection working 2022-11-01 10:54:12 -05:00
Jack Heysel 9c5d82e00f Land #17147, add Vargrant Breakout module 
This PR adds a module that exploits a default
Vagrant shared folder to append a Ruby payload
to the Vagrant project Vagrantfile config file.
 2022-10-26 17:11:03 -04:00
bcoles 01fa2e1041 Add Vagrant Synced Folder Vagrantfile Breakout module 2022-10-26 17:33:44 +11:00
space-r7 7c64b0ba93 add option in documentation and add notes 2022-10-25 12:22:00 -05:00
r3nt0n 982cfb97c2 Refactor: check for THEME_DIR as ternary 
Suggested by @space-r7
 2022-10-25 17:38:30 +02:00
r3nt0n 08721ccf73 Adding THEME_DIR option to wp_crop_rce exploit 2022-10-20 16:37:21 +02:00
Matthew Dunn 1e50ba3415 Move to Hashes module, address requested changes 
Fix rubocop

Move identify to hashes module up one layer, use full reference to identify_hash instead of full include

Fix SMTP require

Remove hashes require statement

Remove hashes require statement

Remove hashes require statement

Remove hashes require statement

Address remaining requested changes, reference constants directly

Add all the missing direct references

Co-Authored-By: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-17 17:28:31 -04:00
Matthew Dunn 8b5223f53b Modularize Identify, Update referenced use cases 
Modularize Identity.rb

Include new module style Identify

Update juniper.rb

Fix inadvertent change

Add new module to identify spec

Put the require back

Put back require line for juniper
 2022-10-17 17:28:30 -04:00
adfoster-r7 46910b9390 Land #17105, set keep_cookies value to boolean true instead of string true 2022-10-05 11:37:37 +01:00
h00die 06aefb630a string true to bool true 2022-10-03 19:50:04 -04:00
h00die fffc080286 use vars_form_data 2022-10-03 14:43:12 -04:00
krastanoel bd15798be7 support windows platform 2022-10-03 19:57:09 +07:00