adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,842 Commits 27 Branches 1,043 Tags
c70043f84286ed1eff7da2fef5dd7f2122b81663
Commit Graph

2622 Commits

Author SHA1 Message Date
jheysel-r7 c7f7cfd848 Land #19656 Close ssh session on error 2024-12-11 17:00:17 -08:00
adfoster-r7 136599a29a Merge pull request #19714 from bwatters-r7/update/projectsend-cveinfo 
Add CVE info to projectsend module
 2024-12-11 13:54:06 +00:00
bwatters-r7 5311b7014e Add CVE info to projectsend module 2024-12-11 07:37:43 -06:00
adfoster-r7 2421ca768f Merge pull request #19705 from ostrichgolf/projectsend_rce 
Add CVE to ProjectSend module
 2024-12-07 14:24:20 +00:00
ostrichgolf 2952dbb0b8 Add CVE to module 2024-12-07 14:23:30 +01:00
Diego Ledda be30a06af4 Land #19430, Moodle RCE (CVE-2024-43425) Module 
Land #19430, Moodle RCE (CVE-2024-43425) Module
 2024-12-06 12:15:35 +01:00
jheysel-r7 21cf475cbb Land #19595 Ivanti Connect Secure auth RCE via OpenSSL (CVE-2024-37404) 2024-12-04 08:26:07 -08:00
Diego Ledda ab2ca41eb8 Land #19629, Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220) 
Land #19629, Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220)
 2024-12-04 16:49:56 +01:00
jheysel-r7 fa3716408f Add comment explaining payload architecture restraints 2024-12-03 18:33:43 -08:00
Christophe De La Fuente a46b2f437f Use TARGET_URI when checking the redirection URI 2024-12-02 16:45:12 +01:00
Christophe De La Fuente 3dcb9d58ab Code review 2024-12-02 14:02:07 +01:00
Christophe De La Fuente c943cc6378 Add module and documentation 2024-12-02 14:02:07 +01:00
sjanusz-r7 566e12b69e Add error_callback to SSH Command Stream 2024-11-25 16:43:59 +00:00
jheysel-r7 d95d549992 Land #19531 ProjectSend r1335 - r1605 RCE module 2024-11-21 09:53:36 -08:00
ostrichgolf 68eb6599fd Create projectsend_unauth_rce 2024-11-21 09:34:58 -08:00
jheysel-r7 afbbba09e8 Land #19584 Judge0 sandbox escape CVE-2024-28185, CVE-2024-28189 2024-11-20 14:35:38 -08:00
Takah1ro da6f8cd552 Add Judge0 module and document 2024-11-20 14:15:38 -08:00
Spencer McIntyre 5d9add4450 Merge pull request #19640 from jheysel-r7/pyload_js2py_cve_2024_39205 
Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397)
 2024-11-15 09:24:37 -05:00
Jack Heysel 92e42a63ea Rubocop 2024-11-14 12:47:35 -08:00
Jack Heysel 4e1f33336c Ofuscation and Gemfile update 2024-11-14 12:44:19 -08:00
Jack Heysel 526451fed5 Responded to comments 2024-11-14 10:46:11 -08:00
Jack Heysel 2ba8a6c08d Responded to comments 2024-11-13 17:23:08 -08:00
Jack Heysel 497ce5e9da Linting and Rex::RandomIdentifier update 2024-11-13 08:28:52 -08:00
h4x-x0r afdddf2e43 updated 2024-11-13 03:40:22 +00:00
Jack Heysel d2ef3cb6a9 Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397) 2024-11-12 16:05:07 -08:00
Brendan 19e182ce65 Land #19557, Add Palo Alto Expedition RCE (CVE-2024-5910 & CVE-2024-9464) Module 
Palo Alto Expedition RCE (CVE-2024-5910 & CVE-2024-9464) Module
 2024-11-12 16:42:06 -06:00
h4x-x0r 6f6f92823a fixed typo 
fixed typo
 2024-11-12 15:15:15 +00:00
h4x-x0r fb102ec409 Update modules/exploits/linux/http/paloalto_expedition_rce.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-11-12 09:03:22 -06:00
bwatters-r7 03928a56bd Add staging file delete and code cleanup 2024-11-11 14:42:19 -06:00
Jack Heysel 3068511b66 CVE-2023:4220: Chamilo v1.11.24 Unrestricted File Upload 2024-11-11 11:33:34 -08:00
bwatters-r7 0308f46f74 Stage cmd payloads to a file before executing 2024-11-08 19:27:58 -06:00
h4x-x0r 661075a45c handling additional case 
handling additional case when autocheck is disabled and no credentials are provided
 2024-10-22 03:42:39 +01:00
h4x-x0r 4d7d7f2c06 updated 
using instance variables instead of updating the datastores
 2024-10-21 22:07:43 +01:00
h4x-x0r 7028b807ed linting 
linting
 2024-10-21 21:45:04 +01:00
h4x-x0r b6d3a0ef36 safety flag 
added a safety flag for the password reset in case no credentials are provided
 2024-10-21 21:43:48 +01:00
h4x-x0r 202e5e55ac Added exception handling 
Added exception handling
 2024-10-20 19:50:43 +01:00
Diego Ledda 59d026acd3 Land #19544, Magento Arbitrary File Read (CVE-2024-34102) + PHP Buffer Overflow iconv() of GLIBC (CVE-2024-2961) 2024-10-18 14:39:54 +02:00
adfoster-r7 7b400f18fe Fix metabase rce to support older versions 2024-10-17 10:10:50 +01:00
Jack Heysel ee68e47521 Added http_server cleanup 2024-10-15 10:28:39 -07:00
Jack Heysel 7a89db5080 Updated print statements 2024-10-15 09:21:07 -07:00
Jack Heysel 3635dd1c23 Merge branch 'magento_xxe_to_rce' 2024-10-15 09:17:40 -07:00
Jack Heysel 3f6f060933 Updated check method 2024-10-15 09:17:02 -07:00
h4x-x0r 7929df2bfd improved reliability 
improved reliability
 2024-10-15 06:26:46 +01:00
h4x-x0r 5716b6c799 linting 
linting
 2024-10-14 15:56:00 +01:00
h4x-x0r ea74802a5a cleanup 
cleanup
 2024-10-14 15:53:07 +01:00
h4x-x0r bd7cd8b3ba cleanup 
cleanup
 2024-10-14 15:36:45 +01:00
h4x-x0r 34538df83c PoC and Documentation 
PoC and Documentation
 2024-10-14 05:09:29 +01:00
h4x-x0r d28a098398 CVE-2024-9464 
CVE-2024-9464
 2024-10-11 19:31:56 +01:00
jheysel-r7 3be4eae2f5 Update modules/exploits/linux/http/magento_xxe_to_glibc_buf_overflow.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-10-10 15:20:06 -04:00
Jack Heysel 44b33b8010 Fixed multiple sessions and instability 2024-10-10 11:36:16 -07:00