adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,125 Commits 27 Branches 1,043 Tags
c8d50bda0f2ade01c0b38fdd4fbf6eeca030d0e9
Commit Graph

746 Commits

Author SHA1 Message Date
Jack Heysel 8cddffa3d1 Land #18700, Add Kafka-ui Unauth RCE module 
This PR adds an exploit module for CVE-2023-52251 which
is an unauthenticated rce vulnerability in Kafka's UI.
 2024-02-16 15:38:52 -05:00
Jack Heysel a1b0ff0fcf Land #18681, Update Apache Ofbiz w. Auth-Bypass 
This PR updates the pre-existing apache_ofbiz_deserialization
module to include functionality that will bypass authentication by
using the newly discovered CVE-2023-51467.
 2024-02-16 15:02:34 -05:00
h00die-gr3y d716e60cf2 added base64 encoder module of zerosteiner 2024-02-14 21:33:50 +00:00
H00die.Gr3y 996ca8a7c9 Update documentation/modules/exploit/linux/http/kafka_ui_unauth_rce_cve_2023_52251.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-02-14 20:57:46 +00:00
h00die-gr3y f75722ecf2 Small updates to module and documentation 2024-02-14 20:57:46 +00:00
h00die-gr3y eafdb8495b Added documentation 2024-02-14 20:57:46 +00:00
h00die 84278b8e0e fix ofbiz auto detection 2024-02-06 16:45:02 -05:00
Jack Heysel c278ef9b73 Land #18648, Add Module for GL.iNet products 
This PR adds an exploit module for a number of
different GL.iNet network products. The module combines
an auth by-pass CVE-2023-50919 with an RCE CVE-2023-50445.
 2024-01-23 14:57:29 -05:00
jheysel-r7 13d2968fad Capitalize remaining references to Meterpreter 2024-01-23 13:11:03 -05:00
Spencer McIntyre 06dcc82ced Land #18630, Add CVE-2023-50917: MajorDoMo RCE 
Add CVE-2023-50917: MajorDoMo Command Injection Module
 2024-01-19 17:10:40 -05:00
Stephen Fewer 5ba4aba912 Update documentation/modules/exploit/linux/http/ivanti_connect_secure_rce_cve_2023_46805.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-18 09:18:28 +00:00
sfewer-r7 2919b36f2b add in docs 2024-01-17 10:25:04 +00:00
h00die d7cf9155a6 ofbiz working for 18.12.09 2024-01-16 20:06:11 -05:00
h00die-gr3y e7f2abbf9e Small typo update 2024-01-14 19:26:10 +00:00
h00die 6de51a5047 non-working module 2024-01-08 19:49:47 -05:00
h00die 077cad34ab non-working module 2024-01-08 19:47:24 -05:00
h00die-gr3y 85897a2596 update adding aarch64 architecture and some new targets 2024-01-06 17:26:38 +00:00
h00die-gr3y 9bb7e0e379 small update to documentation 2024-01-04 14:04:34 +00:00
h00die-gr3y adf455e8cb Third release of module and documentation 2024-01-04 14:01:37 +00:00
h00die-gr3y b2312c97d3 Second release of module and documentation 2024-01-04 09:26:16 +00:00
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Balgogan 0a2dea523f Add suggested changes 2023-12-22 00:04:54 +01:00
Balgogan 22a05c8bf5 Add CVE-2023-50917 2023-12-20 00:43:00 +01:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die-gr3y 9ac3739605 Minor changes to the documentation 2023-12-17 13:51:30 +00:00
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00
Balgogan 2750deedee Update 2023-11-21 18:28:28 +01:00
Balgogan f0ab3a7140 Fix typo 2023-11-21 02:13:58 +01:00
Balgogan 58425df0ef Update vinchin_backup_recovery_cmd_inject exploit and documentation 2023-11-21 02:09:24 +01:00
Balgogan 42cdda7200 Vinchin 2023-11-16 18:10:42 +01:00
Balgogan c5cfc995c2 Add vinchin_backup_recovery_cmd_inject 2023-11-09 19:47:27 +01:00
Christophe De La Fuente 1cde6198b5 Land #18481, MagnusBilling unauthenticated RCE [CVE-2023-30258] 2023-11-03 20:42:27 +01:00
Spencer McIntyre d26742a266 Add check code annotations, update AJP link 2023-11-02 08:53:56 -04:00
Spencer McIntyre 9c67b92a4d Rename the other TMUI RCE module 2023-11-01 16:55:42 -04:00
Spencer McIntyre 7b53592b4f Add module docs 2023-11-01 16:55:41 -04:00
h00die-gr3y ad6e4618df third release module with minor text changes 2023-10-31 09:29:13 +00:00
h00die-gr3y bfff35eb63 second release module with php fix 2023-10-31 09:05:51 +00:00
h00die-gr3y 5c89df694c added documentation 2023-10-24 18:34:29 +00:00
Spencer McIntyre 05dd2e1473 Land #18351, Apache Superset RCE (CVE-2023-37941) 2023-10-12 17:10:10 -04:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
jheysel-r7 fe9afc94c7 Update documentation/modules/exploit/linux/http/kibana_upgrade_assistant_telemetry_rce.md 2023-10-06 16:45:52 -04:00
h00die 931a67d290 kibana telemetry rce rewritten to use fetch payloads 2023-10-06 09:55:10 -04:00
h00die 5e0538a239 review comments round 1 2023-10-05 13:12:33 -04:00
h00die 88eb44be64 kibana telemetry rce 2023-10-02 16:53:20 -04:00
Christophe De La Fuente 1e69086d24 Land #18365, TOTOLINK X5000R Wireless GigaBit Router Unauthenticed RCE [CVE-2023-30013] 2023-09-21 11:27:19 +02:00
h00die-gr3y 6e11f4353b Updates addressing cdelafuente-r7 comments 2023-09-20 22:14:48 +00:00
Christophe De La Fuente 525c957af2 Land #18333, Lexmark Device Embedded Web Server RCE (CVE-2023-26068) 2023-09-19 10:32:59 +02:00
Ismail Dawoodjee f9cdfef304 Move module and documentation from multi/http to linux/http 
* Update documentation scenarios for Docker on Debian 10 and Kali Linux 6.4
* Slightly modify the documentation scenario for Docker on Windows 10
 2023-09-17 22:42:26 +08:00
h00die e34ed10eca superset rce more stable 2023-09-15 16:29:05 -04:00
Jack Heysel 46832abd49 Land #18358, Add a Thrift RPC client 
This PR adds a Thrift RPC client and updates
two modules to make use of the new addition.
 2023-09-14 19:01:13 -04:00