adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71,114 Commits 27 Branches 1,043 Tags
a3daab88e674ac06193e2db255dcbf14719aecbc
Commit Graph

837 Commits

Author SHA1 Message Date
h00die-gr3y a3daab88e6 Added documentation and updated exploitable plugins list 2023-07-25 14:06:42 +01:00
bwatters 297c484a1c Land #18173, Add Openfire Authentication Bypass RCE [CVE-2023-32315] 
Merge branch 'land-18173' into upstream-master
 2023-07-18 18:13:20 -05:00
h00die-gr3y a3ea55f2a6 added documentation 2023-07-08 12:30:54 +00:00
Jack Heysel f1b5cd46f4 Apache RocketMQ update config RCE 2023-07-05 12:38:51 -04:00
Jack Heysel bf1e6bddd1 Land #18134, Add exploit for CVE-2023-25194 
This exploits a Java deserialization vulnerbility
in Apache Druid which arises from a JNDI injection
within Apache Kafka clients.
 2023-06-23 16:52:04 -04:00
Heyder Andrade b026b38851 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-06-23 09:36:50 +02:00
Redwaysecurity.com 77bb6759a6 Review suggestions 2023-06-22 18:12:13 +02:00
dwelch-r7 e298788a28 Land #18049, Update jenkins login scanner to work with newer versions 2023-06-22 14:04:24 +01:00
Redwaysecurity.com e2fc3c5eff Fixed documentation offenses 2023-06-22 14:48:16 +02:00
Redwaysecurity.com a8332e6064 Added exploit for CVE-2023-25194 2023-06-22 14:17:32 +02:00
cgranleese-r7 0609d246f3 adds more future proofing to implementation 2023-06-21 14:19:24 +01:00
Spencer McIntyre 4c817ce1de Land #17946, CVE-2023-21839 - Oracle Weblogic RCE 
CVE-2023-21839 - Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization
 2023-06-09 14:55:43 -04:00
Christophe De La Fuente 82c8b5418e Land #17936, PaperCutNG Authentication Bypass with RCE 2023-06-07 15:05:51 +02:00
Christophe De La Fuente 991b9604e5 Add options to the documentation 2023-06-07 15:05:12 +02:00
catatonicprime a03603d076 Documentation linting. 2023-06-06 15:35:20 +00:00
Grant Willcox e78cf054b8 Add in EITW notes 2023-05-24 13:17:49 -05:00
Grant Willcox 84961e6e09 Add in documentation 2023-05-24 13:17:49 -05:00
catatonicprime c43eaf86bc Adding documentation. 2023-05-11 05:09:35 +00:00
Grant Willcox 9f0a6503b7 require.js is not the only way, account for this new discovery in code 2023-05-10 13:02:02 -05:00
Grant Willcox 5d4e68d36c Add Metasploit payload example and remove message that may suggest successful exploitation occurred even when it didn't 2023-05-10 10:36:29 -05:00
Grant Willcox 1b8f1de7c8 Add in fixes from review, add archive of software, and use uri_encode_mode for encoding parameters. 2023-05-10 10:16:08 -05:00
Jack Heysel 07056a74bc Pentaho Business Server Auth Bypass and SSTI 2023-05-09 14:24:51 -05:00
sfewer-r7 5d05754d9b update the AKB URL to reference the changed CVE 2023-04-14 17:44:38 +01:00
sfewer-r7 e6211175b3 rename the files to the correct CVE 2023-04-14 15:52:13 +01:00
sfewer-r7 b5ea420760 On April 12 Adobe reclassified CVE-2023-26360 from an Improper Access Controll vuln to a Deserialization of Untrusted Data vuln. A private report has confirmed that CVE-2023-26359 is a similar yet seperate vuln, so I am changing the CVE associated with these two modules from CVE-2023-26359 to CVE-2023-26360 as we now beliee this is the correct CVE. 2023-04-14 15:49:10 +01:00
sfewer-r7 ae87f35944 fix two typos in documentation 2023-04-13 15:57:48 +01:00
sfewer-r7 375d9b34f1 make on_request_uri compatible with both command staget and teh generic java target 2023-04-11 14:25:07 +01:00
sfewer-r7 43fe41bea5 RCE exploit for CVE-2023-26359 and an auxiliary module for arbitrary file read via the same vuln. 2023-04-06 14:02:01 +01:00
space-r7 67ac2dc584 Land #17771, add monitorr file upload rce 2023-03-22 13:00:38 -05:00
h00die-gr3y c5ed25cd6c small update to documentation on vulnerable releases 2023-03-20 21:12:49 +00:00
h00die-gr3y e3df74ee5b Updates addressing review points of space-r7 2023-03-20 21:04:58 +00:00
Christophe De La Fuente 0df12fd694 Land #17754, Open web analytics 1.7.3 remote code execution 2023-03-17 10:15:33 +01:00
Christophe De La Fuente daadb4f523 Land #17775 - Add exploit for Bitbucket env var RCE (CVE-2022-43781) 2023-03-16 11:01:07 +01:00
space-r7 8a76dab0bd update line numbers 2023-03-15 13:24:33 -05:00
space-r7 22c05105d3 address review comments 
reduces some code duplication, sets privileged to true,
and modifies documentation to reflect lhost / rhost opts
 2023-03-15 11:18:03 -05:00
Pflegusch 3bf60a57ae Fix typo 2023-03-15 01:54:36 +01:00
Pflegusch cea8aa8e02 Update open_web_analytics_rce.md to work with latest code changes 2023-03-15 01:34:02 +01:00
space-r7 fddcae3d93 don't always create repo 2023-03-14 19:03:58 -05:00
Pflegusch bb9e214282 Fix line too long in open_web_analytics_rce docs 2023-03-15 00:01:15 +01:00
Pflegusch e160e51711 Fix typos, update docs with advanced option SearchLimit, implement SearchLimit into module 2023-03-14 23:29:55 +01:00
Pflegusch 3196a52bdf fix msftidy_docs.rb issues 2023-03-14 21:43:07 +01:00
space-r7 4bb843fe70 add documentation, adjust method of getting ids 2023-03-13 15:31:41 -05:00
h00die-gr3y 015d79a4c2 added documentation 2023-03-13 18:05:08 +00:00
Pflegusch ddd594ac62 Update example in docs for latest code changes 2023-03-11 17:26:21 +01:00
Pflegusch 85185633b7 Use single back ticks and 3 instead of 4 at the end 2023-03-09 16:58:04 +01:00
h00die-gr3y fc711131a2 added MIME, added break in mixin and added link with installation instructions 2023-03-09 09:28:46 -06:00
Grant Willcox deafceed00 Update documentation, library, and Gemspec from review 2023-03-09 09:28:27 -06:00
h00die-gr3y dc8ebb722a Added support for native PHP payloads and reengineered webshells 2023-03-09 09:28:03 -06:00
Pflegusch 14b5c08a62 Fix the double slash in the shell url 2023-03-09 14:28:15 +01:00
Pflegusch ae7ca169fe Use the same IP as in the example 2023-03-09 14:08:50 +01:00