adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,937 Commits 27 Branches 1,043 Tags
91633fdad7e9474debefbfd044d2b8bc7652deee
Commit Graph

20804 Commits

Author SHA1 Message Date
Diego Ledda 1d5eae0f5b Merge pull request #21034 from Chocapikk/add-module-opendcim-sqli-rce 
Add openDCIM install.php SQLi to RCE module
 2026-04-14 16:04:13 -04:00
Diego Ledda addcd69205 Merge pull request #20933 from madefourit/persis_pwrshell_profile 
Windows Persistence: Powershell Profile
 2026-04-14 15:43:06 -04:00
Diego Ledda 31a2de9562 Merge pull request #20839 from h00die/bits 
New persistence module: Microsoft Bits
 2026-04-14 15:42:55 -04:00
Diego Ledda 7ea55d86d9 fix: update from srvhost to srvhost_addr 2026-04-14 17:16:54 +02:00
Diego Ledda 976f5a8e66 fix: remove unecessary srvhost check 2026-04-14 17:14:51 +02:00
Brendan 4c421532d6 Merge pull request #21288 from g0tmi1k/AutoCheck 
Add AutoCheck to various exploit modules
 2026-04-14 09:59:25 -05:00
msutovsky-r7 5b6c2be9d1 Land #21003, unifies Selenium Firefox and Chrome modules 
Unified Selenium Grid/Selenoid RCE with Firefox + Chrome auto-detection
 2026-04-14 16:32:06 +02:00
Diego Ledda 1b195b1406 fix: removing ARCH_AARCH64 from powershell_profile persistence 2026-04-14 09:45:47 -04:00
madefourit 9433413166 final module fixes 2026-04-14 09:45:46 -04:00
madefourit a94dd32492 final module 2026-04-14 09:45:46 -04:00
h00die 14cd7fad47 module docs 2026-04-14 09:45:44 -04:00
h00die 4474c77ca3 update pshell module 2026-04-14 09:45:44 -04:00
h00die 9e506cc5a0 update pshell module 2026-04-14 09:45:43 -04:00
h00die 9189436a42 payload debugging 2026-04-14 09:45:43 -04:00
h00die 3c341e3b72 update pshell module 2026-04-14 09:45:42 -04:00
madefourit c03a9a5ce2 update modules_2 2026-04-14 09:45:42 -04:00
madefourit f255fe398d update modules 2026-04-14 09:45:41 -04:00
madefourit 17a5daabf1 inital modules 2026-04-14 09:45:41 -04:00
madefourit e2810a791b Add Profile and initial skeleton 2026-04-14 09:45:40 -04:00
Diego Ledda 18c11b17a9 Update modules/exploits/windows/persistence/bits.rb 2026-04-14 14:34:00 +02:00
Chocapikk 62e2c336d0 Remove old Selenium modules replaced by unified selenium_greed_rce 2026-04-14 12:32:51 +02:00
Martin Sutovsky db0fe4aaef Fixes Python payload delivery for Firefox profile 2026-04-14 10:17:04 +02:00
g0t mi1k 10fd6b9ef8 Add AutoCheck to various exploit modules 2026-04-14 06:21:15 +01:00
Chocapikk d84b09a16e Fix: Wrap Python payload for Firefox profile handler 
The Firefox exploit path delivers payloads via a MIME handler mapped to
/bin/sh. When using the default Python target, the raw Python payload
would fail to execute in /bin/sh. Wrap it with python3 -c so the shell
can invoke it correctly.
 2026-04-13 17:57:48 +02:00
h00die e28969980d Update modules/exploits/windows/persistence/bits.rb 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2026-04-13 06:15:03 -04:00
adfoster-r7 44a6da0e53 Merge pull request #21078 from Chocapikk/fix-churchcrm 
Fix ChurchCRM unauthenticated RCE module
 2026-04-13 10:36:18 +01:00
h00die a4d84fa734 Merge branch 'rapid7:master' into bits 2026-04-13 05:14:48 -04:00
Brendan 800614101d Merge pull request #21233 from bcoles/exploit-linux-local-riscv 
Add RISC-V arch support to Linux local exploit modules
 2026-04-10 07:58:34 -05:00
h00die 9960ec2355 fix compatibility with session.sys on windows persistence modules 2026-04-09 15:03:49 +02:00
h00die 8f441aca9a add attck ref 2026-04-09 15:02:43 +02:00
h00die 475f203760 windows telemetry persistence 2026-04-09 15:02:42 +02:00
dledda-r7 4a8adacf29 fix: fix bits persistence to be used with HttpServer 2026-04-09 07:13:26 -04:00
Diego Ledda 08e29e833d Merge pull request #20814 from h00die/s4u 
s4u persistence updates
 2026-04-07 05:22:01 -04:00
g0t mi1k b338c774cd Split HEADERS using '=' rather than ':' 2026-04-05 07:30:32 +01:00
g0t mi1k 14c841bb28 php_eval: evalme -> eval 2026-04-05 07:27:20 +01:00
g0t mi1k 6ef9234622 php_eval: Use check() to run a command 2026-04-05 07:27:20 +01:00
g0t mi1k 926ec78d23 php_eval: Consistencies 
Sorry, not sorry
 2026-04-05 07:27:20 +01:00
g0t mi1k 1f569b3a71 php_eval: Header don't have the same badchars 2026-04-05 07:27:20 +01:00
g0t mi1k fdfa10cde7 php_eval: Be more verbose 2026-04-05 07:27:20 +01:00
g0t mi1k 71b40641d5 php_eval: Add POST HTTP method support 2026-04-05 07:27:20 +01:00
g0t mi1k 6945f89b74 php_eval: Sends headers using check() 2026-04-05 07:27:20 +01:00
g0t mi1k b554cd7277 php_eval: Makes sure there is a response using check() 2026-04-05 07:27:20 +01:00
g0t mi1k 2dcdda88b0 php_eval: Header var needs to be a string 2026-04-05 07:27:19 +01:00
g0t mi1k f8b0608d62 php_eval: !CODE! -> !INJECT! 2026-04-05 07:27:19 +01:00
g0t mi1k 02bf188e78 php_eval: PHPURI -> URIPATH 2026-04-05 07:27:19 +01:00
bcoles 338db0cabd Add RISC-V arch support to Linux local exploit modules 
Add ARCH_RISCV64LE and ARCH_RISCV32LE to the supported architecture
lists of 9 Linux local privilege escalation modules that use generic
EXE payload dropping and are not dependent on pre-compiled
architecture-specific exploit binaries.

This allows these modules to be used on RISC-V targets with the
existing RISC-V payload set.
 2026-04-05 02:15:16 +11:00
Spencer McIntyre 45942c8d5e Merge pull request #21180 from jheysel-r7/feat/lib/relay_functionality_refactor 
Refactor reusable relay classes out of the SMB directory
 2026-04-03 17:10:56 -04:00
Spencer McIntyre 789bcb13ac Merge pull request #20979 from g0tmi1k/php_include 
php_include: Improve check & Clean up
 2026-04-03 16:29:19 -04:00
Jack Heysel 5111f9eb52 Refactor HashCapture 2026-04-02 13:14:06 -07:00
Jack Heysel 4125b209f8 Refactor reusable relay classes out of SMB directory 
Apply suggestions from code review

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-04-02 13:14:06 -07:00