adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,842 Commits 27 Branches 1,043 Tags
c70043f84286ed1eff7da2fef5dd7f2122b81663
Commit Graph

37283 Commits

Author SHA1 Message Date
Brendan 7ddffc790c Merge pull request #19460 from gardnerapp/game_overlay 
Land #19460, CVE-2023-2640, CVE-2023-32629 Game Overlay Ubuntu Privilege Escalation
 2024-12-18 14:44:57 -06:00
adfoster-r7 2001469d02 Merge pull request #19742 from sjanusz-r7/TeamCity-is-capitalized 
Capitalize TeamCity correctly
 2024-12-18 12:35:12 +00:00
Martin Sutovsky 531ed162db Land #19733, exploit module for CVE-2022-40471 - unauthenticated RCE 2024-12-18 12:44:34 +01:00
bwatters-r7 59229ee612 Update payload name, fix payload escapes & quotation, add unix cmd support 2024-12-17 16:52:24 -06:00
aaryan-11-x f2d723d1d0 Modified the code logic as instructed by the reviewer & removed the instance variable 2024-12-17 21:39:30 +05:30
sjanusz-r7 a99fae420a Capitalize TeamCity correctly 2024-12-17 14:27:41 +00:00
aaryan-11-x f5329a71df Added the DELETE_FILES option to delete leftover files by the exploit with the FileDropper mixin 2024-12-17 17:00:06 +05:30
aaryan-11-x 4c51165ec6 Made necessary changes as mentioned by the reviewer 2024-12-17 16:07:58 +05:30
adfoster-r7 065cee8698 Merge pull request #19739 from sjanusz-r7/add-ignorelist-to-local-exploit-suggester-datastore-options 
Add ignorelist to local exploit suggester datastore options
 2024-12-16 18:40:41 +00:00
sjanusz-r7 70d5430ba8 Add ignorelist to local exploit suggester datastore options 2024-12-16 17:51:38 +00:00
jheysel-r7 6f9982db54 Land #19647 Added module for WSO2 API Manager RCE 
Adds an exploit module for a vulnerability in the 'Add API Documentation' feature of WSO2 API Manager and allows malicious users with specific permissions to upload arbitrary files to a user-controlled server location. This flaw allows for RCE on the target system.
 2024-12-16 07:27:23 -08:00
Christophe De La Fuente b33b01e0d8 Update the CachedSize for reverse_http and reverse_http payloads 2024-12-16 12:48:57 +01:00
aaryan-11-x eb5385a23d msftidy & Rubocop Fixes 2024-12-16 14:45:04 +05:30
aaryan-11-x 08519defc7 RuboCop Fixes 2024-12-16 11:36:23 +05:30
msutovsky-r7 ab55286e0b Land #19721, Fix version in CVE-2020-0668 module 
Fix version check for cve-2020-0668 Service Tracing
 2024-12-13 20:47:17 +01:00
jheysel-r7 afd3d0b66c Land #19713, Add exploit module for WP Time Capsule RCE 
This exploits a Remote Code Execution (RCE) vulnerability identified as CVE-2024-8856 in the WordPress WP Time Capsule plugin (versions ≤ 1.22.21). This vulnerability allows unauthenticated attackers to upload and execute arbitrary files due to improper validation within the plugin.
 2024-12-12 18:19:09 -08:00
jheysel-r7 add7c7b177 Remove potential NoMethodError in fail_with call 2024-12-12 18:04:10 -08:00
bwatters-r7 48ed31f323 Fix version check 2024-12-12 17:11:53 -06:00
Valentin Lobstein 9c8db05dc6 Update modules/exploits/multi/http/wp_time_capsule_file_upload_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-12-12 22:06:04 +01:00
jheysel-r7 c7f7cfd848 Land #19656 Close ssh session on error 2024-12-11 17:00:17 -08:00
adfoster-r7 136599a29a Merge pull request #19714 from bwatters-r7/update/projectsend-cveinfo 
Add CVE info to projectsend module
 2024-12-11 13:54:06 +00:00
bwatters-r7 5311b7014e Add CVE info to projectsend module 2024-12-11 07:37:43 -06:00
Heyder Andrade 41e7bf8812 Enhance: Rollback to register_file_for_cleanup 
- Verified that the CWD is the WSO2_SERVER_HOME, allowing the uploaded payload file to be registered for cleanup using register_file_for_cleanup.
- Improved feedback by including the payload filename in the success message.
- Removed redundant on_new_session cleanup logic, as file management is now handled by FileDropper.
 2024-12-11 11:58:53 +01:00
Chocapikk 7b918b24c9 Add platform 2024-12-11 02:17:11 +01:00
Chocapikk 7d559e0b34 Add exploit module for CVE-2024-8856 - WP Time Capsule RCE 2024-12-11 01:14:17 +01:00
Spencer McIntyre f36d786736 Merge pull request #19696 from smashery/add_user_module 
Add user module
 2024-12-10 11:26:49 -05:00
Diego Ledda 4c0a403b64 Land #19701, Auxiliary Module for CVE-2021-24762: WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated) 
Land #19701, Auxiliary Module for CVE-2021-24762: WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)
 2024-12-10 15:44:50 +01:00
Diego Ledda ccf7e6942a chore: fix rubocop 2024-12-10 14:48:18 +01:00
Aaryan Golatkar 299f3027a8 Added SQLi mixin, Implemented check method & removed SHOW_FULL_RESPONSE option 2024-12-10 18:56:54 +05:30
Aaryan Golatkar b09d3033f3 Removed store_loot 2024-12-10 10:17:21 +05:30
jheysel-r7 0b5e221620 Land #19533, Update werkzeug rce module 2024-12-09 12:56:35 -08:00
Aaryan Golatkar db7f05dd76 Made all the changes as requested by the reviewer dledda-r7 2024-12-09 23:44:04 +05:30
Aaryan Golatkar bd1320f722 Merge branch 'rapid7:master' into wp_perfect_survey_sqli 2024-12-09 23:17:20 +05:30
Spencer McIntyre 8b93f1a087 Merge branch 'master' into smb_change_pw 2024-12-09 09:37:45 -05:00
Ashley Donaldson 6eea156899 Added moved_from metadata 2024-12-09 08:49:04 +11:00
Graeme Robinson 7838a943ce Update werkzeug_debug_rce.rb 
Added comments about where version-dependant salts come from
 2024-12-08 21:01:17 +00:00
Heyder Andrade f3f1c893a1 Added cleanup method 2024-12-08 02:12:16 +01:00
Heyder Andrade c953601335 Fix: it needs at least 2 follows redirect 2024-12-08 00:13:12 +01:00
Heyder Andrade edb9fdc682 Merge 2024-12-08 00:10:35 +01:00
adfoster-r7 2421ca768f Merge pull request #19705 from ostrichgolf/projectsend_rce 
Add CVE to ProjectSend module
 2024-12-07 14:24:20 +00:00
ostrichgolf 2952dbb0b8 Add CVE to module 2024-12-07 14:23:30 +01:00
adfoster-r7 861859196a Merge pull request #19703 from zeroSteiner/fix/mod/dns_txt_exec-docs 
Clarify documentation in dns_txt_query_exec
 2024-12-07 03:00:30 +00:00
jheysel-r7 0e5cf3f7ba Land #19649, Primefaces RCE (CVE-2017-1000486) 2024-12-06 16:22:06 -08:00
jheysel-r7 6cfc18a1e7 Land #19661, WordPress Really Simple Security Plugin RCE (CVE-2024-10924) 2024-12-06 16:19:56 -08:00
jheysel-r7 2357c8ad55 Standardize capitalization of Java Expression Language 2024-12-06 16:00:58 -08:00
Spencer McIntyre 909476ee64 Merge pull request #19671 from smashery/ldap_change_pw 
LDAP Change Password module
 2024-12-06 17:13:50 -05:00
Chocapikk 8f274f0189 Remove complexity 2024-12-06 22:48:59 +01:00
Spencer McIntyre a708f8c7f3 Fix a trivial typo 2024-12-06 16:47:25 -05:00
h00die e33200100d peer review 2024-12-06 15:34:40 -05:00
Spencer McIntyre 1d3d3419f6 Clarify documentation in dns_txt_query_exec 2024-12-06 14:26:44 -05:00