adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,756 Commits 27 Branches 1,043 Tags
ae4e616c3bee9e8ce7bf6496ae786200142e2f9d
Commit Graph

5731 Commits

Author SHA1 Message Date
sfewer-r7 27f5a789c9 rework the exploit to use the new MIPS64 fetch payload adapters. Removed the seperate command and dropper targets in favor of a single default target which can do both thanks to fetch payloads. Removed the redundant IO select() call which was bad copy pasta on my part. 2023-06-09 09:47:57 +01:00
Stephen Fewer a1528556e0 Merge branch 'rapid7:master' into CVE-2023-28771 2023-06-09 09:42:19 +01:00
Spencer McIntyre 5b5c29842c Land #18022, Add post/windows/manage/make_token 
Add update_token to MSF + make_token post-ex module
 2023-06-08 14:53:22 -04:00
Spencer McIntyre d8870d7876 Address msftidy_docs complaints 2023-06-08 14:52:57 -04:00
Grant Willcox a1e930397a Land #18072, Add CVE-2023-1133 - .NET Deserialization exploit for Delta Electronics InfraSuite Device Master 2023-06-08 08:42:07 -05:00
space-r7 74dd134783 add options in scenarios output 2023-06-07 17:15:28 -05:00
Grant Willcox 4465582fee Add in link to archived version of the installer 2023-06-07 16:51:01 -05:00
Shelby Pace 2738906f87 Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:44 -05:00
Shelby Pace 54649fb856 Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:37 -05:00
Shelby Pace 4377ff037a Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:28 -05:00
Shelby Pace 60c642bcd0 Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:41:19 -05:00
Christophe De La Fuente 82c8b5418e Land #17936, PaperCutNG Authentication Bypass with RCE 2023-06-07 15:05:51 +02:00
Christophe De La Fuente 991b9604e5 Add options to the documentation 2023-06-07 15:05:12 +02:00
Christophe De La Fuente f88cb3b847 Land #18039, gitlab file read CVE-2023-2825 2023-06-07 13:07:54 +02:00
h00die 4950cb3424 review adjustments 2023-06-06 16:24:38 -04:00
space-r7 3b53966caa add installation steps 2023-06-06 12:14:14 -05:00
catatonicprime a03603d076 Documentation linting. 2023-06-06 15:35:20 +00:00
attl4s ec948b5c16 add documentation 2023-06-06 10:04:57 +02:00
space-r7 5f7ae883f8 add documentation 2023-06-05 17:38:58 -05:00
Jeffrey Martin 4e91a4e93d refactor archer_c7_traversal as gather module 
* Update modules landed as a scanner into a more appropriate category.
* Adds a check method based on TP-link default `TITLE` html.
* Rename module consistent with existing exploit.
 2023-06-05 09:07:11 -05:00
h00die 8f3325bcf8 move gitlab_auth_subgroups to gahter instead of scanner 2023-06-02 18:06:44 -04:00
Grant Willcox f7d2cdae56 Add in ability to restore settings n documentation changes. 
Previously there was not the ability to restore the server proxy setting.
This updates the code to do so. Additionally this also updates the documentation
to note that Fetch payloads are incompatible with this module since they
use HTTP connections that will be impacted by this module changing the server's
HTTP proxy settings. There is no way around this.
 2023-06-02 09:48:03 -05:00
Grant Willcox 965311d09e Fix documentation and fix bug in creating PARMS value 2023-06-02 09:48:02 -05:00
Grant Willcox 8577f21e52 Add in documentation and updated code 2023-06-02 09:48:01 -05:00
h00die da2e339ae8 review adjustments 2023-06-02 05:15:44 -04:00
Christophe De La Fuente 8ed981e575 Land #18003, Archer c7 traversal 2023-06-01 17:37:13 +02:00
Spencer McIntyre 8378435051 Land #17430, Add AWS SSM Sessions 2023-06-01 11:34:40 -04:00
h00die 1267d067b3 move gitlab_subgroup to gitlab_authenticated_subgroup 2023-05-31 15:29:00 -04:00
Grant Willcox 6756047f1f Land #18028, Add Apache NiFi login scanner module 2023-05-31 12:25:18 -05:00
Grant Willcox ccbdd7870e Update documentation 2023-05-31 11:57:42 -05:00
Grant Willcox 1fd2d41835 Fix typos and add dig for safe navigation 2023-05-31 10:34:10 -05:00
Grant Willcox cf9f9905e3 Fix more typos 2023-05-30 17:30:57 -05:00
Grant Willcox c0671c325a Touch up typos in documentation 2023-05-30 15:27:31 -05:00
Christophe De La Fuente ef89219715 Land #17899, Dolibarr 16 unauthenticated contact database dump 2023-05-30 16:41:28 +02:00
Jack Heysel b575f92d0a Minor fix in vsftpd docs 2023-05-29 17:55:36 -04:00
Jack Heysel 0b9aff0661 Land #18004, VSFTPD Dos Module 
This PR adds a dos module for cve-2011-0762
which exploits the vsftpd server
 2023-05-29 17:39:02 -04:00
jheysel-r7 1018ed1aaf Update documentation/modules/auxiliary/dos/ftp/vsftpd_232.md 2023-05-29 15:40:42 -04:00
h00die 5f308e0176 gitlab file read CVE-2023-2825 2023-05-29 00:55:02 -04:00
h00die 0ccfa4af87 gitlab file read CVE-2023-2825 2023-05-29 00:48:15 -04:00
h00die cf2ca434a8 spelling 2023-05-26 15:53:16 -04:00
h00die 93479be5e6 review comments 2023-05-26 15:47:22 -04:00
RadioLogic 573eb4bda4 Merge branch 'master' into archer_c7_traversal 2023-05-26 01:48:43 -04:00
RadioLogic 250a8768e3 Updated doc to appease msftidy 2023-05-25 21:28:19 -04:00
RadioLogic 376ef7a8bc Made several fixes for msftidy 2023-05-25 21:16:07 -04:00
h00die 48207dd9f1 apache nifi login module 2023-05-25 16:57:32 -04:00
RadioLogic 72ef6537ef Added tested versions to description 2023-05-25 14:21:52 -04:00
RadioLogic cb8d86651d Added build setup for arch linux 2023-05-25 14:19:44 -04:00
RadioLogic b11b31c9ae Moved docker description into vulnerable application 2023-05-25 14:18:15 -04:00
RadioLogic 1d98cb0069 Added better description to documentation 2023-05-25 13:34:04 -04:00
h00die 7c2790513d apache nifi version scanner 2023-05-24 20:05:34 -04:00