adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,991 Commits 27 Branches 1,043 Tags
8b116a7dcdefa88397ded403b633c7495bd06f33
Commit Graph

1010 Commits

Author SHA1 Message Date
space-r7 153af9fb68 Land #17407, add Cacti unauth command injection 2023-01-23 13:06:46 -06:00
Grant Willcox 7e23c34e6c Apply fixes per code review 2023-01-17 12:44:22 -06:00
h00die-gr3y da3ae22135 added documentation 2023-01-17 12:44:20 -06:00
Grant Willcox f39973de86 Fix up missing option in documentation and also add some additional validation on server response. 2023-01-04 17:02:05 -06:00
h00die-gr3y c7b59b4815 updates based on gwillcox-r7 review comments 2023-01-04 17:02:04 -06:00
h00die-gr3y 6801cbd21e updated Limitation section 2023-01-04 17:02:03 -06:00
h00die-gr3y fc6acdab6a added documentation 2023-01-04 17:01:59 -06:00
Christophe De La Fuente 20d70799a7 Land #17298, Add opentsdb_yrange_cmd_injection module and docs 2022-12-23 13:38:58 +01:00
ErikWynter 8f96746551 fix typo and add credit for discovery 2022-12-23 11:11:31 +02:00
ErikWynter 4c2dfe0279 add cacti_unauthenticated_cmd_injection 2022-12-22 17:55:45 +02:00
Christophe De La Fuente e7e2849f6d Land #17183, Zimbra fixes 2022-12-06 15:38:37 +01:00
bwatters 54cd055276 Land #17286, CVE-2021-22015 vCenter priv esc 
Merge branch 'land-17286' into upstream-master
 2022-12-05 09:31:01 -06:00
ErikWynter 78dfaa12ef add opentsdb_yrange_cmd_injection module and docs 2022-11-24 21:37:24 +02:00
adfoster-r7 0aa0884e26 Land #17296, add warning about external links 2022-11-24 10:30:44 +00:00
Spencer McIntyre 6350daf2d8 Land #17273, F5 exploit module CVE-2022-41800 
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
 2022-11-23 17:57:18 -05:00
Ron Bowes 28a68ede8c Merge branch 'master' into zimbra-fixes 2022-11-23 12:50:56 -08:00
Jeffrey Martin 453cfc5939 spelling change per review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-11-23 13:26:19 -06:00
Jeffrey Martin cb8e023734 add warning about external links 
Links to external resources not controlled by the project maintainers
are subject to bitrot and malicious take over. Warnings seem appropriate.
 2022-11-23 12:08:05 -06:00
h00die 6877304bac exploit for cve-2021-22015 vcenter priv esc 2022-11-20 11:29:49 -05:00
Ron Bowes d0e109b842 Check in exploit module for CVE-2022-41800 2022-11-16 12:04:18 -08:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
jheysel-r7 cf27c34917 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
jheysel-r7 6a1af915f6 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
Jack Heysel d79515c3fe Fix file cleanup 2022-11-01 10:40:00 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
Ron Bowes ab2042f34e Add patch notes to the Slapper module documentation 2022-10-25 10:04:52 -07:00
Ron Bowes 3ac3fa6c32 Move the Zimbra Slapper doc to the right folder (Windows -> Linux) 2022-10-25 09:51:27 -07:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
h00die-gr3y c1aed2d274 Fixed typos documentation 2022-10-21 13:20:37 +00:00
h00die-gr3y 1c393dc596 init commit module and documentation 2022-10-21 12:50:46 +00:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
Christophe De La Fuente c89569d88c Fix the doc to make msftidy_docs.rb happy 2022-10-20 14:33:40 +02:00
bwatters 73c879a854 Add docs 2022-10-19 17:59:54 -05:00
Ron Bowes d8a5629cf4 Add Zimbra-installation notes 2022-10-19 10:05:20 -07:00
Ron Bowes 56d6f7747b Remove some old code and update documentation with version info 2022-10-19 10:02:29 -07:00
Christophe De La Fuente c43272985e Land #17141, Zimbra Postfix priv esc 2022-10-19 10:33:37 +02:00
Christophe De La Fuente fa67b6973d Documentation fix to follow the template 2022-10-18 16:09:57 +02:00
Ron Bowes dea3f72f6b Resolve feedback - get rid of unnecessary directory, add CVE number, let the user choose the path 2022-10-17 15:00:56 -07:00
Heyder Andrade 26ed9bb053 Update documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-17 22:49:57 +02:00
Heyder Andrade aece783cee Added reference to user auto-detect method 2022-10-17 01:11:27 +02:00
Heyder Andrade 0b09e564f1 Improved documentation 2022-10-16 14:25:54 +02:00
Heyder Andrade 835b44ca7a Added documentation 2022-10-16 13:42:21 +02:00
Ron Bowes a2a2dcbf6f Check in zimbra_postfix_priv_esc.rb 2022-10-14 13:21:41 -07:00
Grant Willcox 487a26ee0f Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs 2022-10-12 11:19:47 -05:00
Ayantaker 9abaa00b9e Adding some changes to documentation as per review comments 2022-10-12 11:36:35 -04:00
Ayantaker e75438d0b2 Documentation fix and minor fixes 
Fixed the documentation according to msftidy's suggestion and removed a few unessary parts of code
 2022-10-11 18:17:52 -04:00