adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,685 Commits 27 Branches 1,043 Tags
b0dbe03544bfe9b832012bb1a492ac776ee49c20
Commit Graph

4218 Commits

Author SHA1 Message Date
Diego Ledda c0dfbf43f2 Merge pull request #20235 from Chocapikk/vbulletin_replace_ad_template_rce 
vBulletin replaceAdTemplate Remote Code Execution
 2025-06-19 14:20:16 +02:00
msutovsky-r7 f2920f868a Land #20291, adds Roundcube post-authentication RCE (CVE-2025-49113) 
Add Remote for Roundсube CVE-2025-49113 post-authentication RCE module
 2025-06-11 10:48:58 +02:00
Maksim Rogov ed643c3bc6 Update roundcube_auth_rce_cve_2025_49113.md 2025-06-09 18:42:52 +03:00
msutovsky-r7 f20e72b6c8 Land #20256, adds RCE module for Remote For Mac 2025.7 
Add Remote for Mac 2025.6 unauthenticated RCE module
 2025-06-08 16:03:58 +02:00
Maksim Rogov d97b09a898 Rename roundcube_unauth_rce_cve_2025_49113.md to roundcube_auth_rce_cve_2025_49113.md 2025-06-07 16:46:30 +03:00
Maksim Rogov bd811a3cd1 Update roundcube_unauth_rce_cve_2025_49113.md 2025-06-07 04:45:54 +03:00
Vognik a4638ad632 Update Documentation 2025-06-07 05:35:18 +04:00
Vognik 96d7929972 Add Documentation for Roundcube CVE-2025-49113 unauthenticated RCE module 2025-06-07 05:28:45 +04:00
Brendan 19e8e6cdf8 Merge pull request #20187 from Chocapikk/wp_ottokit 
Add CVE-2025-27007 in existing `exploit(multi/http/wp_suretriggers_auth_bypass)` module
 2025-06-05 11:03:00 -05:00
Brendan 26156dfac2 Merge pull request #20265 from remmons-r7/cve_2025_4427_4428 
Exploit module for CVE-2025-4427/CVE-2025-4428 - Ivanti EPMM (AKA MobileIron Core) Authentication Bypass to EL Injection
 2025-06-04 09:05:04 -05:00
remmons-r7 97f308386b Update documentation/modules/exploit/multi/http/ivanti_epmm_rce_cve_2025_4427_4428.md 
Update docs to reflect the new Python payload approach

Co-authored-by: Brendan <bwatters@rapid7.com>
 2025-06-04 08:30:11 -05:00
msutovsky-r7 5fbf46ba7f Land #19472, adds exploits/linux/local/udev_persistence 
Add modules/exploits/linux/local/udev_persistence.rb
 2025-06-04 13:21:04 +02:00
Chocapikk 33439fccb3 Add verbosity, update doc 2025-05-29 16:30:41 +02:00
root e027be9f4c Add documentation for Remote for Mac 2025.6 unauthenticated RCE module 2025-05-29 12:30:10 +01:00
remmons-r7 68929a50fa Add ivanti_epmm_rce_cve_2025_4427_4428.md 
Documentation for ivanti_epmm_rce_cve_2025_4427_4428.
 2025-05-28 17:35:34 -05:00
Diego Ledda ce6e0d1164 Merge pull request #20096 from h00die-gr3y/CVE-2025-30406 
Gladinet CentreStack/Triofox ASP.NET ViewState Deserialization [CVE-2025-30406]
 2025-05-28 13:46:13 +02:00
Chocapikk 387a39d0a9 Update doc, module 2025-05-25 20:13:36 +02:00
Chocapikk 64b9254b3d Remove useless command in Dockefile 2025-05-23 23:59:06 +02:00
Valentin Lobstein e6aa8a3125 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:56:37 +02:00
Valentin Lobstein df44d63ac3 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:56:18 +02:00
Valentin Lobstein f5e33ef290 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:55:55 +02:00
Chocapikk 1f6dd34f93 vBulletin replaceAdTemplate Remote Code Execution 2025-05-23 23:17:02 +02:00
Chocapikk 2e158d2d1a Fix User-Agent issue 2025-05-22 23:47:20 +02:00
Chocapikk 38b7cfd753 Refactor 2025-05-21 19:46:47 +02:00
jheysel-r7 ca40f6ecbc Merge pull request #20214 from Chocapikk/invision_customcss_rce 
Add Invision Community 5.0.6 customCss RCE (CVE-2025-47916)
 2025-05-21 09:29:14 -07:00
jheysel-r7 0600de2d90 Merge pull request #20177 from msutovsky-r7/clinic_management_system_sqli2rce 
Clinic Patient's Management System SQLi (CVE-2025-3096)
 2025-05-21 08:42:16 -07:00
Valentin Lobstein e5bbc01e78 Update invision_customcss_rce.md 2025-05-21 08:38:36 +02:00
Chocapikk 28b7c7f786 Add Invision Community 5.0.6 customCss RCE (CVE-2025-47916) 2025-05-20 18:33:06 +02:00
msutovsky-r7 561eef98c1 Land #20188, adds module for CVE-2024-7399 Samsung MagicINFO 9 Server 
Samsung MagicINFO 9 Server RCE (CVE-2024-7399) Module
 2025-05-19 09:49:09 +02:00
Martin Sutovsky 070bd54d33 Addressing comments 2025-05-19 07:17:14 +02:00
Brendan 76471731f9 Merge pull request #20112 from cdelafuente-r7/mod/ivanti/rce/cve_2025_22457 
Ivanti Connect Secure Unauthenticated RCE via Stack-based Buffer Overflow CVE-2025-22457
 2025-05-15 11:44:49 -05:00
msutovsky-r7 c598d8b4b0 Land #20020, adds module for Nextcloud Workflow Remote Code Execution 
Add exploit module for the nextcloud workflow vulnerability CVE-2023-26482
 2025-05-15 12:31:51 +02:00
Christophe De La Fuente 365caab8fc Update the error message in case of Broken pipe error and update the documentation 2025-05-15 12:10:53 +02:00
Chocapikk 75a3fa7ad7 Add CVE-2025-27007 in existing exploit(multi/http/wp_suretriggers_auth_bypass) module 2025-05-14 19:29:03 +02:00
whotwagner 2259de33c1 Fixed a txpo in nextcloud_workflows_rce.md 2025-05-14 13:40:47 +00:00
msutovsky-r7 fe5f56cac0 Land #20159, adds module for privilege escalation in Wordpress (CVE-2025-2563) 
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
 2025-05-14 15:33:30 +02:00
msutovsky-r7 7d8d0230cb Land #20026, adds module for CVE-2024-57487 
New Exploit Module & Documentation for CVE-2024-57487
 2025-05-14 08:00:20 +02:00
Chocapikk e335841bb0 Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563) 2025-05-13 21:42:09 +02:00
Brendan cb6495e5bc Merge pull request #20146 from Chocapikk/wp_suretriggers_auth_bypass 
Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102)
 2025-05-13 10:53:44 -05:00
whotwagner 09aaf5865c Rearranged code and removed wait_for_payload_session 2025-05-13 13:48:56 +00:00
jenkins-metasploit e819362398 automatic module_metadata_base.json update 2025-05-13 13:45:30 +00:00
Brendan 5faa0a5b6b Merge pull request #19777 from msutovsky-r7/linqpad_deserialization 
Linqpad deserialization persistence
 2025-05-13 08:03:30 -05:00
Martin Sutovsky 939d997b8a Adds documentation 2025-05-13 14:57:55 +02:00
msutovsky-r7 3af76cfa00 Renames incorrect option in documentation 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2025-05-13 06:30:00 +02:00
msutovsky-r7 8c647cd1ad Land #20118, changes target option for smb_to_ldap module 
Fix the smb_to_ldap module's missing target option
 2025-05-12 09:56:06 +02:00
h4x-x0r e9c88b55f2 cleanup 2025-05-09 22:39:30 +01:00
h4x-x0r 803581ab81 CVE-2024-7399 2025-05-09 17:27:22 +01:00
Chocapikk 4d0c7bb71a Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102) 2025-05-07 17:45:30 +02:00
Martin Sutovsky d16c639278 Adds cleanup option in documentation 2025-05-06 09:07:21 +02:00
Martin Sutovsky 24a86cd74a Refactoring based on comments 2025-05-06 08:43:57 +02:00