adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,464 Commits 27 Branches 1,043 Tags
a4af80d3e17cf99a8fbbefdebba52a55cb8521f1
Commit Graph

2383 Commits

Author SHA1 Message Date
Shelby Pace a4af80d3e1 Land #15005, add VMware vRealize SSRF RCE 2021-04-27 09:19:55 -05:00
Shelby Pace 363db0e271 Land #14977, add Apache Druid js rce 2021-04-26 12:01:19 -05:00
Erran Carey dcf457f7e9 Fix a typo in Eclipse Equinox product name 
The osgi_console_exec module docs had a few stray characters for the
product name and description. The product name confused me when
googling for this module.
 2021-04-23 11:57:48 +01:00
William Vu a62d1dfbcd Add some details back in 2021-04-21 16:02:21 -05:00
William Vu 5111caf536 Address @gwillcox-r7 review 
New words from @gwillcox-r7.
 2021-04-21 13:10:21 -05:00
William Vu d4041cb5f4 Add module doc 2021-04-21 10:42:10 -05:00
agalway-r7 93c7727622 Land #15058, Cockpit CMS RCE 2021-04-21 13:21:55 +01:00
Grant Willcox e0f13e44d1 Land #14699, Add Nagios XI snmptrap RCE and docs (CVE-2020-5792) 2021-04-20 14:30:45 -05:00
Grant Willcox 13d3e4ae89 Add in CentOS 7 with NagiosXI 5.6.5 scenario 2021-04-20 14:12:56 -05:00
Grant Willcox f241a050b8 Apply review comments and fixes to documentation and the module 2021-04-20 12:38:34 -05:00
h00die 51f9e1ae73 cockpit cms rce 2021-04-18 18:52:04 -04:00
Grant Willcox 4ac9304ca2 Land #14968 - Add Nagios XI Mibs.php Authenticated RCE module and docs (CVE-2020-5791) 2021-04-16 14:37:15 -05:00
Grant Willcox 496e074ec8 Add in fixes to documentation and module from review 2021-04-16 13:14:17 -05:00
Tim W 97425602e9 fix typo and docs in chrome_simplifiedlowering_overflow 2021-04-16 14:59:43 +01:00
William Vu 9e6f425427 Move exploit/linux/http/citrix_dir_traversal_rce 
To exploit/freebsd/http/citrix_dir_traversal_rce. It's actually FreeBSD.
 2021-04-15 19:13:25 -05:00
Grant Willcox 832ca92f42 Land #14700, Add Nagios XI Plugins Filename Authenticate RCE module and docs (CVE-2020-35578) 2021-04-14 16:58:55 -05:00
Grant Willcox 61395f3cb1 Update scenarios in documentation and also update the module to handle cases where the version number may not be in a format that Rex::Text can immediately handle. 2021-04-14 16:32:53 -05:00
Grant Willcox 154e237edd Add in fixes to documentation and module that were covered in the review process 2021-04-14 15:33:42 -05:00
Grant Willcox a59e7e196d Land #14701, Rename Nagios XI authenticated RCE module and integrate Nagios XI mixin 2021-04-13 18:58:29 -05:00
Grant Willcox 9379f0356b Add in 5.6.5 exploitation scenario to documentation 2021-04-13 17:42:47 -05:00
Grant Willcox 0aada27128 Update the documentation to account for the fact that the plugin name has to be check_ping and also update the module to randomize some of the fields where possible. 2021-04-13 17:15:34 -05:00
Grant Willcox cdd589f592 Update documentation to wrap some overly long lines to meet msftidy_docs.rb requirements. 2021-04-13 16:36:38 -05:00
Grant Willcox ead9d73dc5 Add in fixes from review to documentation and module 2021-04-13 16:34:13 -05:00
je5442804 942d9e6bf2 Update apache_druid_js_rce.md 2021-04-10 10:43:00 +08:00
Shelby Pace a36030bcb7 add AutoCheck and usage of TARGETURI option 
remove CheckCmd from docs
 2021-04-09 12:08:25 -05:00
je5442804 2d1b73f1f2 Update apache_druid_js_rce.md 2021-04-09 19:48:45 +08:00
je5442804 d6f1bd7dec Update docs-docker setup 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:29:58 +08:00
je5442804 d49b28eeb7 Update docs 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:29:30 +08:00
je5442804 f30a2fd756 Update docs 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:29:15 +08:00
Tim W 7c575cd38f Land #15007, add a chrome renderer exploit (CVE-2020-16040) 2021-04-08 22:18:20 +01:00
Shelby Pace 926f051377 Land #14978, add Gitea and Gogs exploit modules 2021-04-07 13:44:43 -05:00
adfoster-r7 258b9d3e28 Land #14998, Change CVE references from CVE Details to NVD 2021-04-07 10:10:55 +01:00
rajvardhan agarwal c863c324ae Add exploit for CVE-2020-16040 2021-04-06 17:25:27 +05:30
William Vu 4020813b42 Correct broken or redundant CVE references 2021-04-05 13:06:50 -05:00
Shelby Pace cfc6b0a8ba Land #14971, add Apache OFBiz SOAP Deser rce 2021-04-05 11:44:40 -05:00
Shelby Pace a803e1e932 remove spare comma 2021-04-05 09:33:20 -05:00
Shelby Pace 71914a1ddb Land #14813, additional dup scout bof targets 2021-04-01 13:03:57 -05:00
kalba-security 34a5f7906c Rebase so we can use the latest mixin code,update the version range, update docs 2021-04-01 13:29:44 -04:00
kalba-security faab100d9a Add Nagios XI Mibs.php Authenticated RCE module and docs 2021-04-01 13:06:33 -04:00
kalba-security f76f58eb51 Rebase, use latest mixin code in check, update version and docs 2021-04-01 12:43:44 -04:00
kalba-security dd5c747584 Add Nagios XI snmptrap RCE and docs 2021-04-01 12:26:06 -04:00
kalba-security 02b9e5c939 rebase, use latest mixin code, correct vulnerable versions, update docs 2021-04-01 12:18:46 -04:00
kalba-security 3b7e612541 Add Nagios XI Plugins Filename Authenticate RCE module and docs 2021-04-01 11:23:52 -04:00
kalba-security 2df90d8d23 Rebase, rename module to nagios_xi_plugins_check_plugin_authenticated_rce, update check to take advantage of mixin, minor improvements 2021-04-01 11:07:49 -04:00
Shelby Pace 2cbd1a6be9 Land #14935, add F5 iControl REST API SSRF RCE 2021-04-01 08:40:38 -05:00
kalba-security 0e7c11ada3 Rename module and modify it to use the Nagios XI mixin, add autocheck, fix syntax and linting, also update docs 2021-04-01 09:26:16 -04:00
Shelby Pace 8cdaf9791d Land #14950, add saltstack salt api rce 2021-03-31 14:50:30 -05:00
Shelby Pace 9eacda5552 add wait time line to test output 2021-03-31 14:47:34 -05:00
William Vu 69a0c9420b Add module doc 2021-03-31 14:02:32 -05:00
Christophe De La Fuente 9806026ab9 Update from code review 2021-03-31 17:48:35 +02:00