adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71,743 Commits 27 Branches 1,043 Tags
aa2a8433fe8d2ccaa52a42dc63b50beeb66dd7bf
Commit Graph

35125 Commits

Author SHA1 Message Date
Christophe De La Fuente 1e69086d24 Land #18365, TOTOLINK X5000R Wireless GigaBit Router Unauthenticed RCE [CVE-2023-30013] 2023-09-21 11:27:19 +02:00
h00die-gr3y 6e11f4353b Updates addressing cdelafuente-r7 comments 2023-09-20 22:14:48 +00:00
cgranleese-r7 37b506c238 Land #18374, fix related modules references 2023-09-20 10:03:47 +01:00
Christophe De La Fuente 525c957af2 Land #18333, Lexmark Device Embedded Web Server RCE (CVE-2023-26068) 2023-09-19 10:32:59 +02:00
bwatters bfa876c3a1 Land #18283, Apache Airflow 1.10.10 - Example DAG Remote Code Execution 
CVE-2020-11978 + CVE-2020-13927

Merge branch 'land-18283' into upstream-master
 2023-09-18 17:00:19 -05:00
adfoster-r7 4dd18d814e Land #18377, add support for HELO to smtp_relay auxiliary module in case EHLO is not supported 2023-09-18 21:59:24 +01:00
ErikWynter e5c922619b use res for check response code instead of res.inspect 2023-09-18 19:33:07 +03:00
ErikWynter 75d2d20a04 check response code instead of text for downgrade to HELO 2023-09-18 17:25:04 +03:00
dwelch-r7 c1a44c8b7f Land #18359, Forge ticket fix 2023-09-18 13:05:25 +01:00
h00die 8d79d5afbd fix references 2023-09-18 06:56:18 -04:00
cgranleese-r7 23dc1a487d Land #18321, Add Ivanti Avalanche MDM Buffer Overflow Exploit (CVE-2023-32560) 2023-09-18 10:43:45 +01:00
ErikWynter 47bb57a1fe add support for HELO in case EHLO is not supported 2023-09-18 12:31:13 +03:00
Ismail Dawoodjee f9cdfef304 Move module and documentation from multi/http to linux/http 
* Update documentation scenarios for Docker on Debian 10 and Kali Linux 6.4
* Slightly modify the documentation scenario for Docker on Windows 10
 2023-09-17 22:42:26 +08:00
h00die dd947d49cc fix related modules references 2023-09-15 16:42:03 -04:00
h00die cd183194fd fix related modules references 2023-09-15 16:40:22 -04:00
h00die 13e7f6cc27 fix related modules references 2023-09-15 16:35:55 -04:00
Ismail Dawoodjee d12b1778e5 Merge branch 'rapid7:master' into apache_airflow_dag_rce 2023-09-15 22:06:43 +08:00
Jack Heysel 46832abd49 Land #18358, Add a Thrift RPC client 
This PR adds a Thrift RPC client and updates
two modules to make use of the new addition.
 2023-09-14 19:01:13 -04:00
h00die-gr3y 784f3118f0 third release module and documentation 2023-09-14 17:59:59 +00:00
h00die-gr3y 094685fa93 second release module 2023-09-14 13:12:33 +00:00
Simon Janusz 8b56dc0117 Land #18250, CVE-2023-28252: Windows CLFS Driver Privilege Escalation 2023-09-14 10:18:29 +01:00
h00die-gr3y 4bb465bcee initial release module 2023-09-13 20:59:53 +00:00
Ismail Dawoodjee 930063fe91 Merge branch 'rapid7:master' into apache_airflow_dag_rce 2023-09-13 23:51:47 +08:00
cgranleese-r7 e82bff37e1 Land #18330, Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035) 2023-09-13 10:15:59 +01:00
Ismail Dawoodjee 008701f431 Apply suggestions from code review 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-09-13 15:04:52 +08:00
Ashley Donaldson 5c93b3880a Don't add extra PACs for silver tickets 2023-09-13 15:41:09 +10:00
Ismail Dawoodjee 78684dce8d Merge branch 'rapid7:master' into apache_airflow_dag_rce 2023-09-13 09:43:35 +08:00
Spencer McIntyre 28c4902f4a Land #18180, Flask unsign library, related modules 
Apache Supserset Priv Esc (CVE-2023-27524) and Flask unsign Library
 2023-09-12 19:02:30 -04:00
Spencer McIntyre c1cabdf099 Process escape sequences in the wordlist 2023-09-12 16:49:38 -04:00
Jack Heysel b83a49e573 Thanks to Spencer improved execute_command method 2023-09-12 15:14:10 -04:00
Spencer McIntyre 8e8b8ad191 Update nimbus_gettopologyhistory_cmd_exec 2023-09-12 12:21:10 -04:00
Spencer McIntyre 187cca848e Replace the binray blobs 2023-09-12 12:21:10 -04:00
Spencer McIntyre ba84c0484c Update the Nimbus module to use the Thrift client 2023-09-11 14:42:54 -04:00
Spencer McIntyre fbf95ecd92 Add and use a Thrift client object 2023-09-11 14:37:38 -04:00
h00die 94657d317b another round of review comments 2023-09-11 14:29:20 -04:00
Jack Heysel b80f9a84e4 Updated check method and reliability 2023-09-11 13:10:57 -04:00
h00die 2ed001ced2 light review changes 2023-09-11 10:33:43 -04:00
h00die 235c142274 Merge remote-tracking branch 'origin/flask_unsign' into flask_unsign 2023-09-11 10:27:00 -04:00
Spencer McIntyre f1aea836f3 Land #18273, Add VMware vRealize Log Insight RCE 
Add VMware vRealize Log Insight unauthenticated RCE exploit
 2023-09-08 17:17:23 -04:00
Spencer McIntyre 21dde19511 Make some final tweaks 
Change strings to reference `VMware` using the proper case. Don't
include CmdStager (because it's unnecessary). Set PrependFork to fix
shell payloads. Move CamelCase options to advanced.
 2023-09-08 16:55:42 -04:00
bwatters fdae4953eb Land #18290, Prometheus API & Prometheus Node Exporter Interrogator 
Merge branch 'land-18290' into upstream-master
 2023-09-08 12:55:30 -05:00
Jack Heysel 96a6baa500 Land #17474, Add Windows 11 support for Capcom LPE 
This PR adds support to the Capcom.sys LPE for Windows 11 21H1
 2023-09-08 13:43:07 -04:00
jheysel-r7 0111e55006 Update modules/exploits/windows/local/capcom_sys_exec.rb 2023-09-08 13:05:44 -04:00
Simon Janusz 5e8d00914f Land #18327, fix #18326 (ssl_version module bug when selecting specific ssl version) 2023-09-08 17:11:07 +01:00
Simon Janusz 57f3b8a352 Land #18350, Add opentsdb_key_cmd_injection exploit module and docs 2023-09-08 16:50:46 +01:00
Simon Janusz 7302394ffa Land #18316, Kibana Timelion Prototype Pollution RCE (CVE-2019-7609) 2023-09-08 11:50:47 +01:00
Christophe De La Fuente a33f03d100 Land #18302, Sonicwall rce CVE-2023-34124 2023-09-08 11:48:07 +02:00
bwatters 946794c3f8 Land #18341, add CVE-2023-38831 for Winrar 6.22 
Merge branch 'land-18341' into upstream-master
 2023-09-07 15:59:36 -05:00
Jack Heysel ef4a9dd239 Land #18329, Add LG Simple Editor RCE module 
This PR adds an unauth RCE module for LG Simple Editor
 2023-09-07 16:21:10 -04:00
Spencer McIntyre 6afde75c59 Print the connection string 2023-09-07 16:20:03 -04:00