adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,567 Commits 27 Branches 1,043 Tags
b7b1df23eaefb69a331ecb74a30ff6cd744c6d1a
Commit Graph

3040 Commits

Author SHA1 Message Date
adfoster-r7 0aa0884e26 Land #17296, add warning about external links 2022-11-24 10:30:44 +00:00
Spencer McIntyre 6350daf2d8 Land #17273, F5 exploit module CVE-2022-41800 
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
 2022-11-23 17:57:18 -05:00
Jeffrey Martin 453cfc5939 spelling change per review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-11-23 13:26:19 -06:00
Jeffrey Martin cb8e023734 add warning about external links 
Links to external resources not controlled by the project maintainers
are subject to bitrot and malicious take over. Warnings seem appropriate.
 2022-11-23 12:08:05 -06:00
Grant Willcox 8ca7550062 Land #17257, Adding exploit for ChurchInfo 1.2.13-1.3.0 RCE (CVE-2021-43258) 2022-11-18 19:27:10 -06:00
Grant Willcox 237eb904d4 Add in fixes for documentation examples and then update the code to fix some bugs 2022-11-18 18:30:07 -06:00
Grant Willcox 713323f2cb Add in Docker setup documentation 2022-11-18 18:22:11 -06:00
Grant Willcox 85a6770973 Add additional checks, a check method, and fix up some doc errors 2022-11-18 18:22:06 -06:00
m4lwhere b9ecdb3bc2 Use TARGETURI, registered cleanup, implment cookie_jar, and perform response checks and documentation 2022-11-18 18:21:27 -06:00
m4lwhere a33a313544 Adding exploit for ChurchInfo 1.3.0 2022-11-18 18:21:08 -06:00
space-r7 3d5708e3e6 Land #17271, add f5 big-ip csrf exploit 2022-11-18 16:19:09 -06:00
Christophe De La Fuente d1a7170020 Land #17021, Gitea Git fetch RCE module - CVE-2022-30781 2022-11-17 12:28:29 +01:00
Ron Bowes d0e109b842 Check in exploit module for CVE-2022-41800 2022-11-16 12:04:18 -08:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
Grant Willcox c4c4e736d9 Land #17142, Apache CouchDB Erlang RCE module CVE-2022-24706 2022-11-01 12:26:49 -05:00
Grant Willcox 11095c8789 Documentation touchups 2022-11-01 11:43:01 -05:00
jheysel-r7 757c0da639 Review updates 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-11-01 10:55:20 -05:00
Jack Heysel 434cb21d27 Docs update 2022-11-01 10:54:37 -05:00
Jack Heysel b31c0f6987 Added check method, refactored, updated docs 2022-11-01 10:54:27 -05:00
Jack Heysel a0babb354a Apache CouchDB Erlang module initial commit 2022-11-01 10:54:19 -05:00
jheysel-r7 cf27c34917 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
jheysel-r7 6a1af915f6 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
Jack Heysel d79515c3fe Fix file cleanup 2022-11-01 10:40:00 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
Jack Heysel 3346ddec2c Land #17155, Remote mouse version updates 
Also add a vulnerable download link to the docs
 2022-10-27 16:32:23 -04:00
Jack Heysel 9c5d82e00f Land #17147, add Vargrant Breakout module 
This PR adds a module that exploits a default
Vagrant shared folder to append a Ruby payload
to the Vagrant project Vagrantfile config file.
 2022-10-26 17:11:03 -04:00
bcoles 01fa2e1041 Add Vagrant Synced Folder Vagrantfile Breakout module 2022-10-26 17:33:44 +11:00
space-r7 35e4d829d8 Land #17164, add THEME_DIR option to wp_crop_rce 2022-10-25 12:23:50 -05:00
space-r7 7c64b0ba93 add option in documentation and add notes 2022-10-25 12:22:00 -05:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
h00die-gr3y c1aed2d274 Fixed typos documentation 2022-10-21 13:20:37 +00:00
h00die-gr3y 1c393dc596 init commit module and documentation 2022-10-21 12:50:46 +00:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
Christophe De La Fuente c89569d88c Fix the doc to make msftidy_docs.rb happy 2022-10-20 14:33:40 +02:00
bwatters 73c879a854 Add docs 2022-10-19 17:59:54 -05:00
Ron Bowes d8a5629cf4 Add Zimbra-installation notes 2022-10-19 10:05:20 -07:00
Ron Bowes 56d6f7747b Remove some old code and update documentation with version info 2022-10-19 10:02:29 -07:00
Christophe De La Fuente c43272985e Land #17141, Zimbra Postfix priv esc 2022-10-19 10:33:37 +02:00
Christophe De La Fuente fa67b6973d Documentation fix to follow the template 2022-10-18 16:09:57 +02:00
Ron Bowes dea3f72f6b Resolve feedback - get rid of unnecessary directory, add CVE number, let the user choose the path 2022-10-17 15:00:56 -07:00
Heyder Andrade 26ed9bb053 Update documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-17 22:49:57 +02:00
h00die 05b80631f3 update remote mouse version checks 2022-10-17 15:30:17 -04:00
h00die 08deb21ae3 update remote mouse version checks 2022-10-17 15:29:10 -04:00
Heyder Andrade aece783cee Added reference to user auto-detect method 2022-10-17 01:11:27 +02:00
Heyder Andrade 0b09e564f1 Improved documentation 2022-10-16 14:25:54 +02:00
Heyder Andrade 835b44ca7a Added documentation 2022-10-16 13:42:21 +02:00