adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,155 Commits 27 Branches 1,043 Tags
bfc45359ffba537bbf838159ef43d50edccbc521
Commit Graph

31086 Commits

Author SHA1 Message Date
Spencer McIntyre bfc45359ff More documentation updates and address PR feedback 2021-07-06 11:27:06 -04:00
bwatters 0a43ec7e4a Add module for CVE-2021-35464; pre-auth RCE in ForgeRock OpenAM server 2021-07-02 16:05:39 -05:00
adfoster-r7 2067e1177e Land #15363, Fix ipmi_dumphashes - session refused after few failed attempts 2021-06-28 10:50:41 +01:00
Hynek Petrak 059189d4a4 fix ipmi disconnects after few failed attemts 2021-06-27 22:53:27 +02:00
Shelby Pace a2a1b91a69 Land #15341, add wpdiscuz exploit 2021-06-25 16:22:02 -05:00
Shelby Pace f24a01945c fix rubocop error 2021-06-25 15:33:45 -05:00
Alexandre ZANNI 167e33dac0 safe navigation operator on res 2021-06-25 17:09:20 +02:00
Shelby Pace 6d13f0627e formatting changes 2021-06-25 16:20:42 +02:00
Shelby Pace 1194e7d0f3 add guards, adjust formatting, add docs 2021-06-25 16:20:42 +02:00
Spencer McIntyre 9cc17095d4 Land #15282, CVE-2019-15975 Cisco DCNM auth bypass 2021-06-24 11:59:21 -04:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Spencer McIntyre fe6b725d3f Update the documentation and fix a couple of bugs 2021-06-24 11:19:26 -04:00
Yann Castel 5ac025477a parent e7983c3b6f 
author Yann Castel <yann.castel@orange.com> 1622466490 +0200
committer Spencer McIntyre <Spencer_McIntyre@rapid7.com> 1624547674 -0400

Add an exploit for CVE-2019-15975 (Cisco DCNM)

add documentation

passed rubocop

edit documentation

set ssl to true by default

edit documentation

rubocop again

int return code was replaced by symbols

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

rubocop ok

various changes

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

various changes 2

various changes

Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

adding some guards + module notes
 2021-06-24 11:19:25 -04:00
Shelby Pace 9f864df5f1 use Rex::Version instead of Gem::Version 2021-06-24 10:14:17 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Shelby Pace c3d4bb42bd Land #15358, use valid python binary in sshexec 2021-06-22 16:15:36 -05:00
adfoster-r7 fe41a6b518 Land #15350, fix shellcode_inject module 2021-06-21 09:03:26 +01:00
pingport80 27954cc4ae update checkvm module to include system specific mixin 2021-06-20 10:34:18 +05:30
Spencer McIntyre b85031ff6a Fallback to Python3 in sshexec when it's available 2021-06-18 13:35:23 -04:00
Yann Castel 1d2e3212d3 using MIME + added some guards 2021-06-18 10:43:30 +02:00
Hakyac 7781d9ff1e Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:22:11 +02:00
Hakyac 1e7737f8b4 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:17:52 +02:00
Hakyac f4bd18c5a3 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 09:21:00 +02:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
pingport80 cc1abe9d1b adding generic process mixin to the windows process mixin 2021-06-17 21:24:13 +05:30
pingport80 8598183e98 add process mixin in the modules which required it 2021-06-17 20:46:04 +05:30
pingport80 c055b1100b fix shellcode_inject module 2021-06-17 18:51:49 +05:30
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
Grant Willcox 62f9d15ba3 Land #15314, Add Exploit for CVE-2021-31181 (SharePoint RCE) 2021-06-16 10:39:49 -05:00
guly f243bb1d78 Updated gavazzi_em_login_loot: added CVE 
added CVE
 2021-06-16 15:24:15 +02:00
guly d6de658709 fixed reference url 
fixed reference url
 2021-06-16 10:57:13 +02:00
Alexandre ZANNI 67406e71e4 WordPress wpDiscuz Unauthenticated File Upload Vulnerability 2021-06-15 14:15:30 +02:00
Grant Willcox 464dcdf578 Land #15239, ipfire <= 2.25 Core Update 156 pakfire.cgi Authenticated RCE 2021-06-14 18:01:24 -05:00
Spencer McIntyre f58bbc236f Land #15319, Fix a localization issue 2021-06-14 16:42:19 -04:00
Grant Willcox 537a7763f5 Land #15337, Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests 2021-06-14 15:28:40 -05:00
Grant Willcox 5b274770ef Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall 2021-06-14 15:02:38 -05:00
pingport80 7c597b4ca2 define error_token as a random alphanumeric string 2021-06-14 23:32:44 +05:30
Gaurav Purswani 622e82cf44 Update modules/post/windows/gather/enum_hyperv_vms.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-06-14 23:23:12 +05:30
Gaurav Purswani 59928bf941 Update modules/post/windows/gather/enum_hyperv_vms.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-06-14 23:23:04 +05:30
adfoster-r7 fb0e0f88a9 Land #15215, HashiCorp Nomad exec RCE 2021-06-14 17:49:36 +01:00
Wyatt Dahlenburg 1789c7b070 Adding notes to Nomad Module 2021-06-14 10:39:23 -05:00
Spencer McIntyre d1be69eae6 Implement changes based on PR feedback 2021-06-14 10:15:27 -04:00
pingport80 9929d1c11d fix new rubocop errors 2021-06-14 18:25:22 +05:30
pingport80 beba2a6e46 add error_token in case the command fails and remove regexp from psh_exec 2021-06-14 15:02:39 +05:30
0xShoreditch 8eddecc858 Update apache_activemq_upload_jsp.rb 
Corrected a minor error where the URI and filesystem path were not separated.
 2021-06-13 07:27:56 +01:00
h00die 0f16c1a633 Land #14836, emby ssrf module and scanner for cve-2020-26948 2021-06-12 15:18:12 -04:00
h00die d58eb309e6 update module location 2021-06-12 15:07:03 -04:00
Grant Willcox e3a0228f79 Adjust exploit module title for rubocop compliance 2021-06-10 16:54:35 -05:00