adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,952 Commits 27 Branches 1,043 Tags
b8bea10296df5d66841e24093eda7c1c03c052d4
Commit Graph

3496 Commits

Author SHA1 Message Date
Grant Willcox 7e23c34e6c Apply fixes per code review 2023-01-17 12:44:22 -06:00
h00die-gr3y 541dab9365 simplified messaging 2023-01-17 12:44:20 -06:00
h00die-gr3y 77687bff3f init module 2023-01-17 12:44:20 -06:00
Grant Willcox 725f83601f Land #17435, Restore raw_send_recv for module using SMTP mixin 2023-01-05 11:29:53 -06:00
Grant Willcox f39973de86 Fix up missing option in documentation and also add some additional validation on server response. 2023-01-04 17:02:05 -06:00
h00die-gr3y 11b95b2094 added additional response check 2023-01-04 17:02:04 -06:00
h00die-gr3y c7b59b4815 updates based on gwillcox-r7 review comments 2023-01-04 17:02:04 -06:00
h00die-gr3y f9ecaa92ae updated references section 2023-01-04 17:02:03 -06:00
h00die-gr3y 4db15346e1 init commit module 2023-01-04 17:01:58 -06:00
Jeffrey Martin 6b5948a69d restore raw_send_recv for module using SMTP mixin 
changes in #16153 adjusted modules that were not utilizing
`Exploit::Remote::SMTPDeliver` in error restore calls to `raw_send_recv`
that is no longer shadowed by in `SMTPDeliver`.
 2023-01-04 14:45:58 -06:00
Christophe De La Fuente 20d70799a7 Land #17298, Add opentsdb_yrange_cmd_injection module and docs 2022-12-23 13:38:58 +01:00
Christophe De La Fuente 83b11a69a8 Make rubocop happy 2022-12-23 13:38:16 +01:00
ErikWynter 7fa557805e add final code review suggestions 2022-12-23 11:29:29 +02:00
Christophe De La Fuente e7e2849f6d Land #17183, Zimbra fixes 2022-12-06 15:38:37 +01:00
Christophe De La Fuente ddaf5a3f0d Remove unecessary return statement 2022-12-06 15:07:28 +01:00
bwatters 54cd055276 Land #17286, CVE-2021-22015 vCenter priv esc 
Merge branch 'land-17286' into upstream-master
 2022-12-05 09:31:01 -06:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
h00die 867059efe5 add super to cleanup command 2022-12-01 14:55:43 -05:00
h00die 62b484fdc7 blank over empty 2022-12-01 14:34:09 -05:00
h00die 039b611fae fix enlightenment check method 2022-11-30 17:06:50 -05:00
Ashley Donaldson 25a0d0ff0e Fixes #17227 - polkit_dbus_auth_bypass module when run from a command shell 2022-11-25 15:13:57 +11:00
ErikWynter 78dfaa12ef add opentsdb_yrange_cmd_injection module and docs 2022-11-24 21:37:24 +02:00
Spencer McIntyre 6350daf2d8 Land #17273, F5 exploit module CVE-2022-41800 
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
 2022-11-23 17:57:18 -05:00
Ron Bowes b7cf112d42 Fix an issue where the session handler would close too early on Zimbra modules 2022-11-23 13:09:47 -08:00
Ron Bowes ffbf8b303a Change a 'return 0' to 'fail_with', per Christophe's request 2022-11-23 12:51:51 -08:00
Ron Bowes 28a68ede8c Merge branch 'master' into zimbra-fixes 2022-11-23 12:50:56 -08:00
Ron Bowes cbb50ed902 Remove non-functioning Arch'es 2022-11-23 10:42:07 -08:00
h00die 6877304bac exploit for cve-2021-22015 vcenter priv esc 2022-11-20 11:29:49 -05:00
space-r7 8b30ff3dce remove CmdStager inclusion 2022-11-18 16:18:25 -06:00
Ron Bowes 7ebf84c66b Add URLs 2022-11-16 12:20:37 -08:00
Ron Bowes 20e6c1b55e Add URLs 2022-11-16 12:19:16 -08:00
Ron Bowes d0e109b842 Check in exploit module for CVE-2022-41800 2022-11-16 12:04:18 -08:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
Christophe De La Fuente 494c9601ca Land #17222, Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream [CVE-2021-39144] 2022-11-15 14:16:14 +01:00
h00die 59535b6799 remove 'is' 2022-11-12 16:19:50 -05:00
h00die-gr3y 70669f3fea addressed code improvement suggestions 2022-11-12 10:21:43 +00:00
H00die.Gr3y 72080910e7 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:22:06 +01:00
H00die.Gr3y 85b4512292 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:21:55 +01:00
H00die.Gr3y 5d314e5799 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:21:42 +01:00
H00die.Gr3y 04d6a310af Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:16:46 +01:00
H00die.Gr3y 1ce8695401 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:16:30 +01:00
H00die.Gr3y e38138d69e Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:16:17 +01:00
H00die.Gr3y 967388eba7 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Agreed !

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:15:42 +01:00
h00die-gr3y da189041b4 randomized endpoint url 2022-11-07 08:16:54 +00:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
h00die-gr3y 71d1c971a7 init commit module 2022-11-04 13:31:27 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
Jack Heysel 45ddcf02c9 Remove unused mix in, add low bound to check 2022-11-01 10:42:43 -05:00
Jack Heysel 2ed8dbc08d Rubocop 2022-11-01 10:42:43 -05:00