adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,889 Commits 27 Branches 1,043 Tags
b40fc5afa8a6c75eb4765a3e9cfca87fbaa1e9db
Commit Graph

4184 Commits

Author SHA1 Message Date
Jack Heysel 8e2dbbbd56 Land #19416, Add Traccar RCE module 
This module exploits two vulnerabilities in Traccar v5.1 - v5.12 to
obtain remote code execution: A path traversal vulnerability
CVE-2024-24809 and an unrestricted file upload vulnerability
CVE-2024-31214.
 2024-09-23 15:25:02 -07:00
jheysel-r7 e0e7c67ff7 Remove jsessionid parsing now that keep_cookies is being used 2024-09-23 18:12:01 -04:00
dledda-r7 83a31c8a2a Land #19454, Persistence post module using motd 2024-09-13 09:02:22 -04:00
jvoisin 6d659e3aa8 Add modules/exploits/linux/local/motd_persistence.rb 2024-09-12 17:41:47 +02:00
h4x-x0r 30e6af7791 cleanup 
Code cleanup and better handling of different use cases.
 2024-09-12 14:34:45 +01:00
Spencer McIntyre 5e71490b66 Fix a typo when the kernel is not Ubuntu 2024-09-09 14:19:20 -04:00
Jack Heysel 152710403d Land #19330, Add SSL opt in start_service 
The start_service method now allows users to specify their SSL
preferences directly through the opts parameter. If the ssl option is
not provided in opts, it will default to the value in datastore["SSL"]
 2024-09-05 09:08:07 -07:00
Jack Heysel 434593dcb4 Suggestion and rubocop fixes 2024-09-05 08:49:32 -07:00
h4x-x0r a39c4076e4 cleanup 
cleanup
 2024-08-29 13:36:54 +01:00
h4x-x0r 018b041335 cleanup 
cleanup
 2024-08-28 15:40:35 +01:00
h4x-x0r 6532255600 PoC & Documentation 
PoC & Documentation
 2024-08-23 23:21:49 +01:00
dledda-r7 ec5892ff1f Land #19363, Ray Modules CVE-2023-6019 CVE-2023-6020 CVE-2023-48022 2024-08-23 04:55:17 -04:00
Takah1ro 39f81e0a45 Update check function 2024-08-21 22:32:53 +09:00
Takah1ro ee58313d64 Update check function 2024-08-21 22:09:56 +09:00
Takahiro Yokoyama c66540ef2f Update modules/exploits/linux/http/ray_agent_job_rce.rb 
use MeterpreterTryToFork to avoid a meterpreter session get killed

Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2024-08-21 21:38:37 +09:00
Takah1ro 91167fc85f Remove unnecessary option 2024-08-20 21:44:11 +09:00
Takah1ro 4d1782640b Update sideeffects 2024-08-20 19:12:18 +09:00
Takah1ro 01b2a1c55c Enable fetch payload 2024-08-20 13:20:42 +09:00
Takah1ro 45677898a8 Add TARGET_URI 2024-08-20 13:08:01 +09:00
Takah1ro 52852cea72 Add cve ref 2024-08-20 12:59:52 +09:00
Takah1ro 99c81d7821 Set default fetch_command to wget 2024-08-20 08:59:39 +09:00
Takah1ro 64bdf54bb0 Use Fetch Payload (Not tested) 2024-08-20 08:56:05 +09:00
Takah1ro a5b9d553fa Update check to use version info 2024-08-20 08:25:27 +09:00
Takah1ro 5be7e09ff0 Update check to use version info 2024-08-20 08:21:48 +09:00
h4x-x0r e30232d2ca CVE-2024-31214 & CVE-2024-24809 
CVE-2024-31214 & CVE-2024-24809
 2024-08-19 23:03:36 +01:00
Takah1ro 7258ca4fb1 Remove unnecessary option for simplicity 2024-08-16 08:49:34 +09:00
Takah1ro eeab7ce2a2 Proceed when user specified cmd fails 2024-08-16 08:23:50 +09:00
Takah1ro ea1b9e925e Delete old three exploits in one module 2024-08-15 08:17:36 +09:00
cgranleese-r7 dbc51d1cd4 Land #19347, OpenMetadata authentication bypass and SpEL injection exploit chain[CVE-2024-28255 and CVE-2024-28254] 2024-08-14 16:06:10 +01:00
cgranleese-r7 36322ff274 Land #19348, Apache HugeGraph Gremlin RCE (CVE-2024-27348) 2024-08-14 10:06:21 +01:00
jheysel-r7 47e5d62ade Update modules/exploits/linux/http/apache_hugegraph_gremlin_rce.rb 2024-08-13 08:48:33 -07:00
jheysel-r7 e04e22bc30 Apply suggestions from code review 2024-08-13 08:40:20 -07:00
Takah1ro cf15124cc8 Add not null check 2024-08-09 15:34:14 +09:00
Takah1ro c36c2eea38 Separate modules 2024-08-09 08:51:14 +09:00
Takah1ro 1f68919a42 Fail if optional but required option not set 2024-08-07 13:01:23 +09:00
Takah1ro f168246796 Correct vulnerable version 
<=v2.6.3 == <v2.8.1
 2024-08-07 12:49:17 +09:00
Takah1ro a57678c8d3 Formatting 2024-08-07 08:51:22 +09:00
Takah1ro 4e99e7dfe7 Use Vulnerable when lfi 2024-08-07 08:50:42 +09:00
Takah1ro 92e2694ac5 Use Detected instead of Appears 2024-08-07 08:46:44 +09:00
Takah1ro b7e4247d22 Avoid using CVE as option 2024-08-07 08:43:57 +09:00
Takah1ro c71894f3c4 Remove unnecessary DefaultOptions 2024-08-07 08:21:15 +09:00
h00die-gr3y 8b3392a756 changed check to Appears when vulnerable 2024-08-06 21:00:06 +00:00
Takah1ro b487dadf8c Remove explicit return 2024-08-05 13:01:11 +09:00
Takah1ro 0251f1bd8d Rubocop formatting 2024-08-04 22:10:15 +09:00
Takah1ro 729ecc588a Formatting lfi output 2024-08-04 22:07:53 +09:00
Takah1ro ca0dba1844 Add LFI 2024-08-04 22:02:37 +09:00
Takah1ro a5009cd5ff Add RCE 2024-08-04 21:43:17 +09:00
Takah1ro 7a233f0049 Update CVE-2023-6019 module 2024-08-04 21:07:05 +09:00
Takah1ro 122767cc59 Implement CVE-2023-6019 module 2024-08-04 10:49:11 +09:00
h00die-gr3y 8f0d22ded4 Fourth release module and documentation 2024-08-02 21:04:50 +00:00