adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,480 Commits 27 Branches 1,043 Tags
c23c848d2eeffa5a01dfdcdafa63340002b06eb9
Commit Graph

3044 Commits

Author SHA1 Message Date
Diego Ledda 9b7e27e946 Merge pull request #20185 from Chocapikk/wp_depicter_sqli_cve_2025_2011 
Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011)
 2025-05-28 18:38:52 +02:00
cgranleese-r7 f6faa5598b Fixes modules to now correctly use a hash with report note 2025-05-22 10:59:50 +01:00
Chocapikk 1888abaa4d Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011) 2025-05-14 15:54:40 +02:00
msutovsky-r7 fe5f56cac0 Land #20159, adds module for privilege escalation in Wordpress (CVE-2025-2563) 
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
 2025-05-14 15:33:30 +02:00
Brendan 1982d81e22 Merge pull request #20098 from smashery/execute-assembly32 
Execute assembly32
 2025-05-13 16:49:25 -05:00
Chocapikk e335841bb0 Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563) 2025-05-13 21:42:09 +02:00
Chocapikk 4d0c7bb71a Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102) 2025-05-07 17:45:30 +02:00
Ashley Donaldson 1ab3fc1a72 Add built HostingCLR binaries 2025-05-01 08:28:12 +10:00
jheysel-r7 3141152393 Merge pull request #20017 from zeroSteiner/feat/mod/ldap/passwords 
Add LAPSv1 and LAPSv2 LDAP Module
 2025-04-30 14:02:30 -07:00
Spencer McIntyre 2fdb2611f9 Note the version of LAPS here 2025-04-30 16:38:54 -04:00
bcoles 3975d09726 Add elf_x64_template.s template source 2025-04-15 21:08:36 +10:00
sfewer-r7 db85c0259d add in a build of the gadget for 12.2.1.4.0, needed as the serialVersionUID changes for classes in the coherence.jar file 2025-04-02 15:28:29 +01:00
sfewer-r7 acafd884b5 add in the initial exploit for CVE-2021-35587, only tested on 12.2.1.4.0 so far. 2025-04-01 12:56:38 +01:00
bwatters-r7 ec67435de9 Rebase and squash for CVE-2024-30085 2025-03-20 09:03:28 -05:00
jheysel-r7 b1d0eedc26 Merge pull request #19712 from smashery/naa_creds 
NAA creds from SCCM
 2025-03-03 13:50:31 -08:00
EasyMoney322 aa5eda4876 Fix 404 link in eicar.txt (#19912) 
Updated the link to EICAR's test-file as the old one returns 404
 2025-02-27 16:17:10 +00:00
bwatters-r7 d031df5b6b Change the aarch64 elf version in template file and reassemble 2025-02-11 08:47:14 -06:00
Jack Heysel b8f82e0fe4 Add ESC4 detection to ldap_esc_vulnerable_cert_finder module 2025-01-23 19:13:13 -08:00
jheysel-r7 5374c7b362 Merge pull request #19676 from h00die/needrestart 
Ubuntu needrestart LPE (CVE-2024-48990)
 2025-01-09 17:02:54 -08:00
h00die cf7d2584ba update wp themes+plugins 2024-12-29 17:31:55 -05:00
h00die 87494a0958 update modules for inclusion into wordpress updater 2024-12-29 17:25:12 -05:00
h00die 03ddb8990e sort alphabetically 2024-12-29 15:57:23 -05:00
dledda-r7 60f26f7062 fix: removing reverse_hop_http 2024-12-17 08:53:06 -05:00
Ashley Donaldson 5dd55f0af4 Add initial NAA-cred-snarfing code. 2024-12-17 17:01:26 +11:00
Chocapikk 7d559e0b34 Add exploit module for CVE-2024-8856 - WP Time Capsule RCE 2024-12-11 01:14:17 +01:00
Aaryan Golatkar ef1b38654b Added perfect-survey to data/wordlists/wp-exploitable-plugins.txt 2024-12-10 18:59:20 +05:30
Chocapikk a123234141 Add CVE-2024-10924 2024-12-05 16:19:09 +01:00
Diego Ledda 58702f238c Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230) 
Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
 2024-12-04 16:39:43 +01:00
jheysel-r7 c4b7954f15 Land #19596, Wordpress Plugin Post SMTP Account Takeover 2024-11-29 09:05:03 -08:00
h00die e41f5ad577 needrestart exploit updates 2024-11-27 15:41:23 -05:00
h00die d778f5469b needrestart improvements 2024-11-26 18:22:48 -05:00
h00die d4bd00d48e needrestart improvements 2024-11-25 16:38:18 -05:00
Ashley Donaldson 7f6bdb385d Added LDAP query searching for likely Pre-Windows-2000 computers 2024-11-25 12:30:27 +11:00
h00die 7fd82b89df offload files to data 2024-11-22 15:57:18 -05:00
Jack Heysel 7a5bc60aab Windows Access Mode Mismatch LPE in ks.sys [CVE-2024-35250] 2024-11-05 15:31:44 -08:00
Spencer McIntyre e709a18128 Merge pull request #19404 from bwatters-r7/smb2http_relay 
SMB to NTLM HTTP Relay with ESC8 module
 2024-11-05 14:12:08 -05:00
Spencer McIntyre 006ed90f1c Move the ESC8 module and document the attack 2024-11-04 09:37:12 -05:00
dwelch-r7 1bfa0755a8 Land #19518, Add support for RISC-V 32-bit / 64-bit Little Endian payloads 2024-11-01 11:18:30 +00:00
h00die 9da5177d11 remove old code 2024-10-29 16:44:48 -04:00
jheysel-r7 87af327507 Merge branch 'master' into wp_ultimate_member_sorting_sqli 2024-10-29 16:34:10 -04:00
Spencer McIntyre 05a149dadc Merge pull request #19572 from cdelafuente-r7/fix/mod/ldap/ad_cs_cert_template 
Fix UPDATE certificate templates with `admin/ldap/ad_cs_cert_template`
 2024-10-22 15:03:31 -04:00
Christophe De La Fuente ae213813b5 Updates from code review 2024-10-22 14:41:02 +02:00
adfoster-r7 9c0efc67fb Merge pull request #19567 from bcoles/wordlists 
data/wordlists: Add default passwords for common single-board computers
 2024-10-21 11:58:23 +01:00
Christophe De La Fuente 43f13c7e90 Add the msPKI-Template-Schema-Version attribute to ESC1, ESC2 and ESC3 templates 2024-10-18 18:57:50 +02:00
bcoles e50767bb6f data/wordlists: Add default passwords for common single-board computers 2024-10-19 00:49:14 +11:00
Spencer McIntyre 8e38010d6e Add an ESC15 template 2024-10-17 11:23:31 -04:00
bcoles 1c748d376a Add RISC-V 32-bit/64-bit ELF templates 2024-10-15 22:51:32 +11:00
Chocapikk 668424a444 Add unauth SQLi exploit module for Ultimate Member plugin (CVE-2024-1071) 2024-10-14 18:14:10 +02:00
Chocapikk 8553f625a4 Add auxiliary/scanner/http/wp_fastest_cache_sqli 2024-10-14 18:03:46 +02:00
Brendan dbc020a745 Merge pull request #19441 from Takahiro-Yoko/cve_2023_0386_priv_esc 
Land #19441, Add module: Linux Priv Esc (OverlayFS copying bug) CVE-2023-0386
 2024-09-26 14:07:17 -05:00