adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,756 Commits 27 Branches 1,043 Tags
ae4e616c3bee9e8ce7bf6496ae786200142e2f9d
Commit Graph

3699 Commits

Author SHA1 Message Date
sfewer-r7 27f5a789c9 rework the exploit to use the new MIPS64 fetch payload adapters. Removed the seperate command and dropper targets in favor of a single default target which can do both thanks to fetch payloads. Removed the redundant IO select() call which was bad copy pasta on my part. 2023-06-09 09:47:57 +01:00
Stephen Fewer a1528556e0 Merge branch 'rapid7:master' into CVE-2023-28771 2023-06-09 09:42:19 +01:00
Spencer McIntyre 9e38ed4459 Land #17929, Linux sudoedit LPE (CVE-2023-22809) 
Linux sudoedit priv esc (CVE-2023-22809)
 2023-05-23 09:30:18 -04:00
sfewer-r7 0205bb36d3 change ranking to GreatRanking as stability is CRASH_SERVICE_RESTARTS 2023-05-22 20:09:11 +01:00
sfewer-r7 6b101b5a4d make rubocop happy 2023-05-22 18:03:58 +01:00
Spencer McIntyre f464401dde Land #17782, Add fetch payloads 
Add http wget cmd based fetch payload for Linux and Windows
 2023-05-18 12:18:27 -04:00
bwatters 548a2d7ab4 Add fetch payloads for Windows and Linux x64 2023-05-18 10:47:29 -05:00
h00die 2ca5ca1f63 stronger grep 2023-05-16 16:18:14 -04:00
h00die 6bee4f56d9 updates from review 2023-05-13 15:49:11 -04:00
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
h00die-gr3y 4f8024454c Updates based on cdelafuente-r7 latest comments 2023-05-10 07:46:11 +00:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
h00die e692e927dc review fixes 2023-05-05 16:43:47 -04:00
h00die 95562e04aa sudoedit work 2023-05-02 18:39:59 -04:00
h00die-gr3y cfb21e3de2 Added CVE-2023-28770 reference 2023-04-28 12:51:17 +00:00
Jacob Baines ec5858c198 Added newly assigned CVE identifier 2023-04-27 09:54:48 -04:00
h00die d454b2e195 cve-2023-22809 2023-04-25 20:54:48 -04:00
h00die e7725e7b6d cve-2023-22809 2023-04-25 04:37:33 -04:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
Jack Heysel bd286dd147 Added missing require builder statement 2023-04-18 18:10:46 -04:00
Jack Heysel de18ed438a Removed unnecessary require statement 2023-04-18 18:05:11 -04:00
Jack Heysel a2c23d18ef Added require builder statement 2023-04-18 16:01:14 -04:00
h00die-gr3y de9cd59ea5 added pwd derivation and report credential function including updates based on review comments 2023-04-18 19:17:00 +00:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel cda2e9610b Land #17820, optimising the nagiosxi modules 
This PR refactors the authenticated nagiosxi modules and mixins..
 2023-04-14 16:21:26 -04:00
Jack Heysel ace2f42387 Changed ranking to Good 2023-04-14 15:15:40 -04:00
h00die-gr3y e0926890ab init commit module 2023-04-14 13:07:12 +00:00
h00die-gr3y 5584685f24 init commit module 2023-04-14 13:05:42 +00:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
Ron Bowes 7dc1faa689 Better error handling, and fix version detection 2023-04-11 09:34:24 -07:00
Jack Heysel a2d2946007 Rubocop 2023-04-07 13:53:12 -04:00
Jack Heysel 18170babc2 Fix RCE payloads and add autorunscript 2023-04-07 13:35:16 -04:00
Ron Bowes 1a8671311d Move the offsets into a field separate from 'targets' 2023-04-07 10:26:56 -07:00
Ron Bowes 02072418f0 Expand the comment about why we're checking for \xff (since it can't appear in the payload) 2023-04-07 10:10:13 -07:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
Jack Heysel 665ba4aece Add additional target 2023-04-06 23:41:36 -04:00
Ryuuuuu 9985538846 Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb 
fix nil exception

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-04-07 09:55:00 +09:00
Jack Heysel 79d4021f31 Replaced janky XML building 2023-04-06 14:58:05 -04:00
Jack Heysel 544fb8ead6 Removed unecessary start_service proc 2023-04-06 14:26:02 -04:00
Ron Bowes ce111f158a Better error handling 2023-04-06 10:35:33 -07:00
Jack Heysel d92fc41d29 Print out what command fails when attempting RCE 2023-04-06 13:31:17 -04:00
Jack Heysel 4984a3e2d3 Edit check method to raise errors instead of returning boolean 2023-04-06 13:25:20 -04:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
Ron Bowes 523931aa4c Change target options for stack overflow exploit 2023-04-05 15:24:49 -07:00