8fbc577b73
fix typos
2026-02-03 10:30:52 +00:00
77b6aff818
add in initial web help desk exploit with a windows target
2026-01-30 22:05:08 +00:00
751ceaaaf3
Merge pull request #20902 from rudraditya21/fix/ssh-login-no-shell-success
...
Handle SSH login success when shell creation fails
2026-01-28 10:18:39 -05:00
be4a69ab1d
Merge pull request #20846 from msutovsky-r7/exploit/freepbx/injections_rce
...
Adds auxiliary module for FreePBX (CVE-2025-66039, CVE-2025-61675)
2026-01-28 06:39:47 -08:00
7d931c960c
Merge pull request #20858 from msutovsky-r7/exploit/freepbx/unrestricted_file_upload
...
Adds exploit module for FreePBX (CVE-2025-66039, CVE-2025-61678)
2026-01-28 06:23:43 -08:00
147a94cee5
Update freepbx_firmware_file_upload print statement
2026-01-28 06:08:47 -08:00
e6b97a79a4
Addresses comments
2026-01-28 11:33:54 +01:00
7e92ef4811
Addresses comments
2026-01-28 11:14:24 +01:00
f31776caf0
Merge pull request #20778 from h00die/ssh_keys
...
Update and combine ssh key persistence with mixin
2026-01-27 06:39:10 -08:00
0b68476817
Update modules/exploits/multi/persistence/ssh_key.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2026-01-26 16:44:46 -05:00
ea63e0df93
handles ssh login success when session creation fails
2026-01-26 22:06:55 +05:30
a1e56a0d36
Adds check method, adds sql injection abstraction
2026-01-26 16:07:00 +01:00
4a24653812
Adds disclosure date
2026-01-26 15:58:08 +01:00
ce4e176798
Expands check method
2026-01-26 13:30:26 +01:00
b263530180
Increases entropy of payload filename
2026-01-26 11:32:33 +01:00
048163ea89
ssh_key persistence review
2026-01-24 16:36:54 -05:00
c0e9288ac5
Merge pull request #20799 from jheysel-r7/feat/cacti_graph_template_rce
...
Cacti Graph Template Authenticated RCE [CVE-2025-24367]
2026-01-22 14:26:38 -05:00
18a4cf8c00
Use the ssl setting for HttpServer#start_service
2026-01-22 13:49:28 -05:00
e9a6a6fd45
Responded to comments
2026-01-22 15:03:32 +01:00
96b788e1e8
Increase length of cron job name
2026-01-22 15:03:32 +01:00
0e0a6cc9cd
Removed duplicate platform
2026-01-22 15:03:31 +01:00
2e484d552e
Finishing touches
2026-01-22 15:03:31 +01:00
99e032f4af
SmarterTools SmarterMail Unauth File Upload RCE [CVE-2025-52691]
2026-01-22 15:03:30 +01:00
537a1c5395
Land #19821 , adds Burpsuite persistence module
...
Burp extension persistence
2026-01-22 11:03:08 +01:00
719874a7f4
Merge pull request #20750 from MatDupas/add-exploit-oracle-ebs-cve-2025-61882-module
...
Add exploit oracle ebs CVE 2025 61882 module
2026-01-21 16:08:09 -08:00
927f5330f4
Rubocop fixes
2026-01-21 14:56:08 -08:00
c45309e9ab
Added payload length guards
2026-01-21 11:34:21 -08:00
b6da204725
Apply suggestions from code review
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2026-01-21 10:09:12 -08:00
9f626a0c39
Update cve_2025_14847_mongobleed.rb
2026-01-21 11:27:03 +01:00
464e15152a
Update cve_2025_14847_mongobleed.rb
2026-01-21 11:27:03 +01:00
087ab70a8e
Update cve_2025_14847_mongobleed.rb
2026-01-21 11:27:02 +01:00
99636be776
Updated mongobleed
2026-01-21 11:27:02 +01:00
b46649769e
Fix formatting issues in oracle_ebs exploit script
2026-01-21 09:00:52 +01:00
a05863f6f6
Clean up comment in generate_xsl_payload method
...
Removed comment about generating XSLT payload.
2026-01-21 08:57:10 +01:00
cb3df4b4de
Refactor payload options in Oracle EBS exploit
2026-01-21 08:56:01 +01:00
c5df078b41
Clarify payload option comment in exploit module
...
Updated the comment for the payload option to clarify usage.
2026-01-21 08:54:53 +01:00
ffb725f4da
Rubocopes
2026-01-21 08:16:39 +01:00
0234dc7a26
Update modules/exploits/multi/persistence/burp_extension.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2026-01-20 19:28:18 -05:00
ad343cb383
Update modules/exploits/multi/persistence/burp_extension.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2026-01-20 19:27:46 -05:00
cf43e496b1
Update modules/exploits/multi/persistence/burp_extension.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2026-01-20 19:27:08 -05:00
c47a74d0dd
Merge pull request #20770 from vognik/Splunk_2022-43571_CVE-2024-36985
...
Add Splunk RCE Exploits (CVE-2022-43571 & CVE-2024-36985)
2026-01-20 12:36:51 -08:00
c351514291
Refine description for Oracle EBS CVE-2025-61882 exploit
...
Updated the description of the Oracle E-Business Suite CVE-2025-61882 RCE exploit module to provide more detailed information about the exploit mechanism and affected versions.
2026-01-20 21:09:25 +01:00
37c69a9bf1
Refactor Oracle EBS CVE-2025-61882 exploit module
...
Updated the Oracle E-Business Suite exploit module to fix rubocop linting errors
2026-01-20 09:12:05 +01:00
9e320dd168
add suggestions from @jheysel-r7
2026-01-19 18:45:01 -08:00
eb49dade6f
Merge pull request #20755 from rudraditya21/feature/kerberos-clock-skew
...
Added: Option to adjust kerberos clock
2026-01-19 10:00:54 -08:00
bff88db29b
Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2026-01-19 15:07:45 +01:00
9377662118
Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2026-01-19 15:06:47 +01:00
68f7d42bb8
Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2026-01-19 15:04:59 +01:00
47d0b1c208
Clarify default payload comment in exploit module
...
Updated the comment for the default payload option to clarify its usage.
2026-01-19 10:47:47 +01:00
141fa5a169
Refactor smuggling payload creation and session handling
...
Refactor HTTP request smuggling logic and error handling.
2026-01-19 10:41:23 +01:00
sfewer-r7