adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,155 Commits 27 Branches 1,043 Tags
bfc45359ffba537bbf838159ef43d50edccbc521
Commit Graph

15528 Commits

Author SHA1 Message Date
Spencer McIntyre bfc45359ff More documentation updates and address PR feedback 2021-07-06 11:27:06 -04:00
bwatters 0a43ec7e4a Add module for CVE-2021-35464; pre-auth RCE in ForgeRock OpenAM server 2021-07-02 16:05:39 -05:00
Shelby Pace a2a1b91a69 Land #15341, add wpdiscuz exploit 2021-06-25 16:22:02 -05:00
Shelby Pace f24a01945c fix rubocop error 2021-06-25 15:33:45 -05:00
Alexandre ZANNI 167e33dac0 safe navigation operator on res 2021-06-25 17:09:20 +02:00
Shelby Pace 6d13f0627e formatting changes 2021-06-25 16:20:42 +02:00
Shelby Pace 1194e7d0f3 add guards, adjust formatting, add docs 2021-06-25 16:20:42 +02:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Shelby Pace 9f864df5f1 use Rex::Version instead of Gem::Version 2021-06-24 10:14:17 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Spencer McIntyre b85031ff6a Fallback to Python3 in sshexec when it's available 2021-06-18 13:35:23 -04:00
Yann Castel 1d2e3212d3 using MIME + added some guards 2021-06-18 10:43:30 +02:00
Hakyac 7781d9ff1e Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:22:11 +02:00
Hakyac 1e7737f8b4 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:17:52 +02:00
Hakyac f4bd18c5a3 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 09:21:00 +02:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
Grant Willcox 62f9d15ba3 Land #15314, Add Exploit for CVE-2021-31181 (SharePoint RCE) 2021-06-16 10:39:49 -05:00
Alexandre ZANNI 67406e71e4 WordPress wpDiscuz Unauthenticated File Upload Vulnerability 2021-06-15 14:15:30 +02:00
Grant Willcox 464dcdf578 Land #15239, ipfire <= 2.25 Core Update 156 pakfire.cgi Authenticated RCE 2021-06-14 18:01:24 -05:00
Grant Willcox 537a7763f5 Land #15337, Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests 2021-06-14 15:28:40 -05:00
Grant Willcox 5b274770ef Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall 2021-06-14 15:02:38 -05:00
adfoster-r7 fb0e0f88a9 Land #15215, HashiCorp Nomad exec RCE 2021-06-14 17:49:36 +01:00
Wyatt Dahlenburg 1789c7b070 Adding notes to Nomad Module 2021-06-14 10:39:23 -05:00
Spencer McIntyre d1be69eae6 Implement changes based on PR feedback 2021-06-14 10:15:27 -04:00
0xShoreditch 8eddecc858 Update apache_activemq_upload_jsp.rb 
Corrected a minor error where the URI and filesystem path were not separated.
 2021-06-13 07:27:56 +01:00
Grant Willcox e3a0228f79 Adjust exploit module title for rubocop compliance 2021-06-10 16:54:35 -05:00
Spencer McIntyre edee95bbb2 Update the check to not fail if a COOKIE is used 2021-06-10 11:29:07 -04:00
Grant Willcox de8180b666 Update module title to correct state affected versions 2021-06-10 09:42:26 -05:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
Grant Willcox 038d0b1334 Add in autocheck compatability, update the documentation and output to be clearer, minimize traffic sent, fix up invalid scoping of variables, randomize data where possible, and add in exploit notes 2021-06-10 09:34:52 -05:00
MucahitSaratar 83caaccc6a adding backup 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:47 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
agalway-r7 1858b574ec Land #15305, Authenticated RCE module for NSClient++ 2021-06-09 15:38:34 +01:00
Yann Castel c7b7b871c9 missing variable e for rescue 2021-06-09 11:13:39 +02:00
Yann Castel 674eb51f86 add scenario + small changes 2021-06-09 08:59:35 +02:00
Spencer McIntyre 3afe3ebfa3 Add the module docs 2021-06-08 15:23:24 -04:00
Spencer McIntyre 325ecfedff Add some error handling while extracting the key 2021-06-08 14:58:58 -04:00
Hakyac dc40cddb04 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:38:01 +02:00
Hakyac d2bf8ae912 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:34:40 +02:00
Yann Castel 2df710158e conflict fixed 2021-06-08 15:29:38 +02:00
Yann Castel 31515faccb various changes 2021-06-08 15:26:50 +02:00
Hakyac ce0c699213 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:11:25 +02:00
Hakyac 1f2f04b0d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:10:08 +02:00
Yann Castel cf5848ab3e add comment for second token generation 2021-06-08 14:31:03 +02:00
Hakyac 9e0b7cb171 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:21:04 +02:00
Hakyac 21bfa629d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:52 +02:00