adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,246 Commits 27 Branches 1,043 Tags
c43eaf86bca041ac6cca2444cd7d8b18e1fee080
Commit Graph

3242 Commits

Author SHA1 Message Date
catatonicprime c43eaf86bc Adding documentation. 2023-05-11 05:09:35 +00:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel 78e80f8e32 docs fix 2023-04-17 16:41:35 -04:00
Jack Heysel 162fe21659 Documentation copy pasta correction 2023-04-17 16:39:57 -04:00
jheysel-r7 d4b668e27b Update documentation/modules/exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-04-17 16:36:31 -04:00
Jack Heysel db853f9a68 Land #17711, SPIP unauth RCE module 
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
 2023-04-17 15:30:03 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
adfoster-r7 396a4b90cc Land #17892, update unified_remote_rce docs 2023-04-17 13:53:32 +01:00
h00die 37130e5a3d move asan docs 2023-04-16 10:19:43 -04:00
h00die 4b176c8ef5 fix unified_remote_rce docs 2023-04-16 10:11:01 -04:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
Ron Bowes 6119330e29 Update documentation to match current version of modules 2023-04-11 09:48:53 -07:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
Ron Bowes c22c2904c2 Fix msftidy_docs stuff 2023-04-05 10:53:58 -07:00
Jack Heysel 15d267a233 Land #17826, post module for CVE-2023-21768 
This adds an exploit module for CVE-2023-21768 that
achieves local privilege escalation on Windows 11 2H22.
 2023-03-30 12:27:28 -04:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
Jack Heysel fcb93fef58 Land #17806, Optergy BMS Backdoor RCE module 
This module exploits an undocumented backdoor vulnerability
(CVE-2019-7276) in the Optergy Proton and Enterprise Building
Management System (BMS) applications.
 2023-03-28 10:27:35 -04:00
space-r7 f9c6caa804 Land #17785, add SolarWinds (SWIS) deser RCE 2023-03-27 15:25:17 -05:00
Christophe De La Fuente 6d4ee0c071 Add exploit for CVE-2023-21768 2023-03-27 20:08:22 +02:00
h00die-gr3y bcef7ee357 updated module and documentation with SUDO option 2023-03-26 18:31:25 +00:00
jheysel-r7 0d6195a9ae Merge branch 'master' into proftpd_modcopy_exec 2023-03-24 21:16:54 -04:00
Jack Heysel b7ac6d45d5 Land #17789, proftpd_modcopy_exec enhancements 
This PR add documentation, notes, a reference URL, and a few
general code improvements to the check and exploit methods.
 2023-03-24 21:08:28 -04:00
Spencer McIntyre 3ca177eb1f Add the exploit for CVE-2022-38108 2023-03-23 17:28:58 -04:00
h00die-gr3y 0c87b0b7cf removed Windows reference from documentation 2023-03-23 10:34:51 +00:00
bcoles 69daea95d6 exploit/unix/ftp/proftpd_modcopy_exec: Add docs and resolve RuboCop violations 2023-03-23 18:13:20 +11:00
h00die-gr3y 820e625baa updated documentation 2023-03-22 21:17:54 +00:00
h00die-gr3y 8226fb9022 fixed small typos documentation 2023-03-22 20:04:34 +00:00
h00die-gr3y 28459c286a init commit module and documentation 2023-03-22 18:40:50 +00:00
space-r7 67ac2dc584 Land #17771, add monitorr file upload rce 2023-03-22 13:00:38 -05:00
Jack Heysel 1f2a889d0c Land #17388, Zyxel router RCE 
This module adds a new exploit module for a buffer
overflow in roughly 45 different Zyxel router and VPN models.
 2023-03-21 15:07:04 -04:00
h00die-gr3y c5ed25cd6c small update to documentation on vulnerable releases 2023-03-20 21:12:49 +00:00
h00die-gr3y e3df74ee5b Updates addressing review points of space-r7 2023-03-20 21:04:58 +00:00
bcoles 1b7cee4589 exploit/unix/ftp/proftpd_modcopy_exec: Add docs and resolve RuboCop violations 2023-03-19 15:35:36 +11:00
Jack Heysel 31a32ccd9b linting and srvhost check fix 2023-03-17 14:39:02 -04:00
jheysel-r7 764abaf087 Update documentation/modules/exploit/linux/misc/zyxel_multiple_devices_zhttp_lan_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-03-17 12:59:48 -04:00
Christophe De La Fuente 0df12fd694 Land #17754, Open web analytics 1.7.3 remote code execution 2023-03-17 10:15:33 +01:00
Christophe De La Fuente daadb4f523 Land #17775 - Add exploit for Bitbucket env var RCE (CVE-2022-43781) 2023-03-16 11:01:07 +01:00
space-r7 8a76dab0bd update line numbers 2023-03-15 13:24:33 -05:00
space-r7 22c05105d3 address review comments 
reduces some code duplication, sets privileged to true,
and modifies documentation to reflect lhost / rhost opts
 2023-03-15 11:18:03 -05:00
Pflegusch 3bf60a57ae Fix typo 2023-03-15 01:54:36 +01:00
Pflegusch cea8aa8e02 Update open_web_analytics_rce.md to work with latest code changes 2023-03-15 01:34:02 +01:00
space-r7 fddcae3d93 don't always create repo 2023-03-14 19:03:58 -05:00
Pflegusch bb9e214282 Fix line too long in open_web_analytics_rce docs 2023-03-15 00:01:15 +01:00
Pflegusch e160e51711 Fix typos, update docs with advanced option SearchLimit, implement SearchLimit into module 2023-03-14 23:29:55 +01:00