adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,714 Commits 27 Branches 1,043 Tags
b21fccebaa8ce862d1fb4ea2006f440be3ec64a4
Commit Graph

3529 Commits

Author SHA1 Message Date
William Vu 72a6993408 Add patch bypass (CVE-2020-14750) to references 
We were already using it... but now there's a CVE.
 2020-11-18 10:57:05 -06:00
William Vu 78999bb92c Add an exploit from Exploit-DB 
Written by either (Nguyen) Jang or Mohammed Althibyani. Not used by the
module.

https://www.exploit-db.com/exploits/48971
 2020-11-18 10:56:03 -06:00
William Vu 83beae731f Add WebLogic Administration Console Handle RCE 
CVE-2020-14882
CVE-2020-14883
 2020-11-18 10:56:02 -06:00
Christophe De La Fuente d6b412c58e Land #14340, Add HorizontCMS 1.0.0-beta exploit module and documentation 2020-11-13 13:03:04 +01:00
kalba-security ce7031e263 Add suggestions from code review 2020-11-11 07:41:22 -05:00
h00die 768fb7d3a7 remove cwe-74 from cmsms 2020-11-10 11:43:42 -05:00
Shelby Pace 65e1ef4cb8 Land #14253, add wp-file-manager rce for wordpress 2020-11-10 08:48:33 -06:00
Shelby Pace 4382f6ff55 add filedropper usage 2020-11-10 08:47:53 -06:00
kalba-security e7a20ec47c Add CVE ID to module and docs 2020-11-05 07:05:32 -05:00
Grant Willcox a0087842fb Fix an earlier merge mistake, was meant to replace URI.escape with Rex::Text.uri_encode() but instead replaced it with CGI.escape. Fix it to be Rex::Text.uri_encode() 2020-11-04 14:39:16 -06:00
Grant Willcox d50ac2972d Land #14222, Update php_fpm_rce.rb to replace depreciated URI.encode calls with Rex::Text::uri_encode 2020-11-04 14:04:28 -06:00
Shelby Pace 79e83cdceb add rubocop change 2020-11-04 10:09:00 -06:00
Shelby Pace e49d99a80d add AutoCheck usage, minor changes 2020-11-04 10:04:14 -06:00
kalba-security cf954888da Add horizontcms_upload_exec module and documentation 2020-11-02 13:01:13 -05:00
h00die 79384e85f3 remove old .keep files in non-empty directories 2020-10-24 09:41:55 -04:00
Grant Willcox 849dbeca5c Fix up bad merge commit 2020-10-15 11:53:39 -05:00
ide0x90 d6a91f8965 Remove some unnecessary comments 2020-10-16 00:34:12 +08:00
ide0x90 8d02a1a4c6 Use Rex::MIME for building MIME message 2020-10-16 00:26:10 +08:00
Tim W 87104a7236 Update docs and make them msftidy_docs.rb compliant 2020-10-15 10:59:46 -05:00
Grant Willcox f2899186e4 Add in first round of initial updates to fix review comments 2020-10-15 10:59:40 -05:00
Tim W dcc322436b Update documentation files and module description to more accurately describe what the cause of the LPE bug for CVE-2019-1458 is. also apply RuboCop edits. 2020-10-15 10:58:58 -05:00
Tim W c38064b022 Apply rubocop edits and update documentation 2020-10-15 10:58:38 -05:00
Tim W a3772d43d4 set InitialAutoRunScript to post/windows/manage/priv_migrate 2020-10-15 10:58:08 -05:00
Tim W 12c5f4f916 CVE-2019-1458 chrome sandbox escape initial commit 2020-10-15 10:57:46 -05:00
ide0x90 8d43fa4848 Module can now use mkfile+put method to exploit vulnerability. 2020-10-15 17:46:40 +08:00
ide0x90 b9df68cbb6 Fix module according to Rubocop, make documentation follow standard. 2020-10-11 19:04:06 +08:00
ide0x90 57b0f30e37 Add new module for WordPress File Manager unauth RCE (CVE-2020-25213) 2020-10-11 01:20:28 +08:00
Grant Willcox a2675c13e8 Land #14213, Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates 2020-10-07 12:09:59 -05:00
Grant Willcox 2c391e9edc Fix up last of the module that had incorrect disclosure dates 2020-10-07 12:09:35 -05:00
JRodriguez556 a1164dbe9e Update php_fpm_rce.rb 
URI.encode/URI.escape is obsolete. Replaced with CGI.escape.
 2020-10-05 11:57:17 -04:00
h00die 15bb690308 fix vulnerability spelling 2020-10-04 13:00:48 -04:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Alan Foster 26ff912291 Fix invalid disclosure date formats 2020-10-02 12:20:05 +01:00
kalba-security 33b3d6efcc Use register_for_cleanup instead of on_new_session for cleanup 2020-09-25 08:11:02 -04:00
kalba-security 5b48bae4b0 Use keep_cookies instead of @cookie variable 2020-09-24 16:36:01 -04:00
kalba-security 45d13bf85e Simplify shash checks, use cgi request instead of raw, fix ctype header placement 2020-09-24 07:49:55 -04:00
kalba-security e026c74108 Improve Failure:: categories and remove empty parameters from POST requests 2020-09-23 13:27:19 -04:00
kalba-security 1133f76722 Improve feedback when authentication fails 2020-09-23 07:51:11 -04:00
kalba-security e65083c092 Add maracms_upload_exec.rb exploit module and docs 2020-09-22 16:53:29 -04:00
bwatters 149566b30e Run rubocop 2020-09-02 17:14:30 -05:00
ggkitsas 62d3d9bc9a fix: reverts misuse of in zip_slip exploit 2020-09-01 21:49:55 +01:00
ggkitsas 788244150c Add support for zip generation in zip_slip exploit 2020-08-31 13:18:14 +01:00
William Vu f08349982d Use CheckModule scanner in java_rmi_server exploit 2020-08-24 10:11:03 -05:00
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Tod Beardsley f401f48138 Update vbulletin module with correct CVE 
Apparently someone snarfed the CVE for this out from under me. Since they were faster
to publish, we should use that number instead of the one out of our block.
 2020-08-14 08:25:57 -05:00
Spencer McIntyre 24b1235cf7 Whitespace adjustment and remove superfluous return statements 2020-08-12 13:59:25 -04:00
Amir Etemadieh 0b1efd0fe9 Update modules/exploits/multi/http/vbulletin_widget_template_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2020-08-12 09:33:16 -07:00
Zenofex e334217636 Fix from bad merge for vbulletin_widget_template_rce module. 2020-08-11 19:09:14 -05:00
Zenofex 8db34ea91b vBulletin_widget_template_rce merge 2020-08-11 18:40:09 -05:00
Zenofex 3ef01c468f Ran vBulletin_widget_template_rce through rubocop, cleaned up results. 2020-08-11 18:38:41 -05:00