adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,828 Commits 27 Branches 1,043 Tags
a8697cdffc49249ded505d5bb528209fc36ab6c5
Commit Graph

574 Commits

Author SHA1 Message Date
Christophe De La Fuente 20d70799a7 Land #17298, Add opentsdb_yrange_cmd_injection module and docs 2022-12-23 13:38:58 +01:00
ErikWynter 78dfaa12ef add opentsdb_yrange_cmd_injection module and docs 2022-11-24 21:37:24 +02:00
adfoster-r7 0aa0884e26 Land #17296, add warning about external links 2022-11-24 10:30:44 +00:00
Spencer McIntyre 6350daf2d8 Land #17273, F5 exploit module CVE-2022-41800 
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
 2022-11-23 17:57:18 -05:00
Jeffrey Martin 453cfc5939 spelling change per review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-11-23 13:26:19 -06:00
Jeffrey Martin cb8e023734 add warning about external links 
Links to external resources not controlled by the project maintainers
are subject to bitrot and malicious take over. Warnings seem appropriate.
 2022-11-23 12:08:05 -06:00
Ron Bowes d0e109b842 Check in exploit module for CVE-2022-41800 2022-11-16 12:04:18 -08:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
jheysel-r7 cf27c34917 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
jheysel-r7 6a1af915f6 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
Jack Heysel d79515c3fe Fix file cleanup 2022-11-01 10:40:00 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
h00die-gr3y c1aed2d274 Fixed typos documentation 2022-10-21 13:20:37 +00:00
h00die-gr3y 1c393dc596 init commit module and documentation 2022-10-21 12:50:46 +00:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
Christophe De La Fuente c89569d88c Fix the doc to make msftidy_docs.rb happy 2022-10-20 14:33:40 +02:00
bwatters 73c879a854 Add docs 2022-10-19 17:59:54 -05:00
Ron Bowes d8a5629cf4 Add Zimbra-installation notes 2022-10-19 10:05:20 -07:00
Ron Bowes 56d6f7747b Remove some old code and update documentation with version info 2022-10-19 10:02:29 -07:00
Heyder Andrade 26ed9bb053 Update documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-17 22:49:57 +02:00
Heyder Andrade aece783cee Added reference to user auto-detect method 2022-10-17 01:11:27 +02:00
Heyder Andrade 0b09e564f1 Improved documentation 2022-10-16 14:25:54 +02:00
Heyder Andrade 835b44ca7a Added documentation 2022-10-16 13:42:21 +02:00
Grant Willcox 487a26ee0f Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs 2022-10-12 11:19:47 -05:00
Ayantaker 9abaa00b9e Adding some changes to documentation as per review comments 2022-10-12 11:36:35 -04:00
Ayantaker e75438d0b2 Documentation fix and minor fixes 
Fixed the documentation according to msftidy's suggestion and removed a few unessary parts of code
 2022-10-11 18:17:52 -04:00
Grant Willcox 45aa09411e First round of edits from review 2022-10-11 15:46:04 -05:00
Ayantaker c8cd6a7864 Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 
CVE-2022-22947 exploits Spring Cloud Gateway. The module has been tested with Spring Cloud gateway version 3.1.0 on Linux kali 5.18.0-kali5-amd64
 2022-10-06 15:48:36 -04:00
Ron Bowes 48dd4693df Add docs for CVE-2022-41352 (zimbra cpio), and fix some text 2022-10-06 10:46:48 -07:00
space-r7 f2e003cdb0 add documentation 2022-09-20 18:45:48 -05:00
Christophe De La Fuente 52ff168c5e Land #16914, Add PAN-OS auth command injection module (CVE-2020-2038) 2022-09-15 17:58:07 +02:00
Jack Heysel 1c99daa836 Updated error handling 2022-09-13 12:40:59 -04:00
space-r7 a11569fc53 Land #16944, add Apach Spark RCE 2022-09-07 13:02:27 -05:00
h00die-gr3y f71ec84f9e updated documentation 2022-09-06 19:36:11 +00:00
Christophe De La Fuente 8ba621a291 Land #16923, Cisco ASA-X with FirePOWER Services Authenticated Command Injection (CVE-2022-20828) 2022-09-02 18:37:37 +02:00
h00die-gr3y e8083c6fb1 commit module and documentation 2022-08-26 15:39:18 +00:00
h00die-gr3y 21c4e3ce3d commit module and documentation 2022-08-26 15:05:39 +00:00
Grant Willcox 2369e1562c Add in documentation on how to install the target from scratch 2022-08-23 11:44:09 -05:00
Ron Bowes abd392c372 Add in changes from review 2022-08-23 11:44:03 -05:00
Grant Willcox 5b61b5097f RuboCop documentation, add in Verification steps, and fix up minor issues 2022-08-23 11:44:02 -05:00
Ron Bowes 0e6647c7f9 Add scenarios 2022-08-23 11:43:53 -05:00
Ron Bowes 97f8ec9367 Documentation, output cleanup 2022-08-23 11:43:51 -05:00
Jake Baines b4fe31757d Added module for CVE-2022-20828 2022-08-19 12:29:37 -07:00
Jack Heysel 75efe1528c Added check method, reponded to PR comments 2022-08-17 17:24:03 -04:00
jheysel-r7 47f2b52277 Update documentation/modules/exploit/linux/http/panos_auth_rce.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-08-17 13:42:17 -04:00