 Diego Ledda
|
985af001d2
|
Merge pull request #20497 from h00die/modern_persistence_autostart
update autostart to persistence mixin
|
2025-09-11 18:58:32 +02:00 |
|
|
Diego Ledda
|
80c5e41650
|
Merge pull request #20495 from h00die/modern_persistence_apt
update apt_package_manager to persistence mixin
|
2025-09-11 10:49:08 +02:00 |
|
|
h00die
|
71e9602eba
|
Update modules/exploits/linux/persistence/autostart.rb
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
|
2025-09-10 13:59:23 -04:00 |
|
|
Diego Ledda
|
1314f5d0bb
|
Merge pull request #20455 from Chocapikk/aitemi_m300_time_rce
Add unauthenticated RCE on Shenzhen Aitemi M300 MT02 (CVE-2025-34152)
|
2025-09-10 10:12:41 +02:00 |
|
|
h00die
|
c4d03023fc
|
autostart updated with mixin udpates
|
2025-09-09 11:47:13 -04:00 |
|
|
h00die
|
fb29084f86
|
persistence autostart cleanup updates
|
2025-09-09 10:49:56 -04:00 |
|
|
h00die
|
c3be5ad23c
|
update autostart to persistence mixin
|
2025-09-09 10:49:56 -04:00 |
|
|
h00die
|
638beeb738
|
apt persistence updates for mixin
|
2025-09-09 10:33:10 -04:00 |
|
|
h00die
|
711d8d0896
|
persistence apt cleanup updates
|
2025-09-09 10:28:03 -04:00 |
|
|
h00die
|
db2f9f7792
|
update apt_package_manager to persistence mixin
|
2025-09-09 10:28:03 -04:00 |
|
|
h00die
|
c4936d1b0f
|
adjustments to the persistence lib and modules
|
2025-09-09 10:02:06 -04:00 |
|
|
Brendan
|
da7224ed1b
|
Merge pull request #20376 from msutovsky-r7/exploit/sudo-chroot-privesc
Adds module for sudo chroot LPE (CVE-2025-32463)
|
2025-09-03 16:53:43 -05:00 |
|
|
h00die
|
d9f96571e4
|
use new ATTCK ref
|
2025-09-01 18:09:25 -04:00 |
|
|
h00die
|
4591de4cae
|
last changes for persistence bash module after peer review
|
2025-09-01 17:49:49 -04:00 |
|
|
h00die
|
fa9d58bb73
|
update bash_profile to persistence mixin
|
2025-08-30 15:17:50 -04:00 |
|
|
Brendan
|
f1dffd3ad6
|
Merge pull request #20480 from msutovsky-r7/exploit/pretalx/file-rw
Adds modules for Pretalx File Read/Limited File Write (CVE-2023-28459, CVE-2023-28458)
|
2025-08-27 15:46:39 -05:00 |
|
|
Martin Sutovsky
|
eef1d34506
|
Adds more comprehensive check, updates build instructions
|
2025-08-27 17:58:11 +02:00 |
|
|
Martin Sutovsky
|
d49870211b
|
Adding exceptions to exploit module, bug fix for aux module, adds documentation for exploit module
|
2025-08-22 15:26:46 +02:00 |
|
|
Martin Sutovsky
|
4e113b1768
|
Addresses comments, adds exception for Pretalx, modifies aux module
|
2025-08-22 13:59:50 +02:00 |
|
|
Martin Sutovsky
|
2e9b5453ec
|
Adds description
|
2025-08-21 15:29:08 +02:00 |
|
|
Martin Sutovsky
|
fb062075e3
|
Adds target, adds side effects
|
2025-08-21 15:21:16 +02:00 |
|
|
Martin Sutovsky
|
408f7575e4
|
Fixing write primitive for exploit module, library update
|
2025-08-21 15:17:32 +02:00 |
|
|
Martin Sutovsky
|
01c09bcfed
|
Library fixes, refactoring exploit module
|
2025-08-21 09:22:21 +02:00 |
|
|
Martin Sutovsky
|
72dcc5a301
|
Library fix
|
2025-08-21 07:21:56 +02:00 |
|
|
Spencer McIntyre
|
5735a82df7
|
Merge pull request #20460 from msutovsky-r7/exploit/ndsudo-priv-esc
Adds an exploit for ndsudo privilege escalation (CVE-2024-32019)
|
2025-08-20 14:13:24 -04:00 |
|
|
Martin Sutovsky
|
e23feb0faf
|
Adds check for ndsudo binary
|
2025-08-20 12:49:38 +02:00 |
|
|
Martin Sutovsky
|
aae5356190
|
Updates the docs
|
2025-08-20 12:10:11 +02:00 |
|
|
Martin Sutovsky
|
38f81e073f
|
Fixing documentation, adds more reliable cmd_exec
|
2025-08-15 07:26:56 +02:00 |
|
|
Chocapikk
|
f4e71c1e93
|
Replace Rank
|
2025-08-14 16:37:13 +02:00 |
|
|
Chocapikk
|
3022513652
|
Add CRASH_SERVICE_DOWN and "`" badchar
|
2025-08-14 16:16:21 +02:00 |
|
|
Valentin Lobstein
|
46bbec2470
|
Update modules/exploits/linux/http/aitemi_m300_time_rce.rb
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
|
2025-08-14 16:11:27 +02:00 |
|
|
Valentin Lobstein
|
bd9c2bf231
|
Update modules/exploits/linux/http/aitemi_m300_time_rce.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-08-14 16:01:59 +02:00 |
|
|
jheysel-r7
|
8251d89e92
|
Merge pull request #20400 from msutovsky-r7/exploit/pivotx-rce
Adds module for PivotX RCE (CVE-2025-52367)
|
2025-08-12 12:28:28 -07:00 |
|
|
Jack Heysel
|
0273f1474f
|
Added incorrect creds check
|
2025-08-12 10:42:46 -07:00 |
|
|
jheysel-r7
|
e59a24823b
|
Merge pull request #20387 from h00die-gr3y/wazuh-auth-rce
Wazuh Server authenticated RCE [CVE-2025-24016]
|
2025-08-12 09:22:22 -07:00 |
|
|
Martin Sutovsky
|
94bd9eea98
|
Removes leftover includes
|
2025-08-11 16:29:16 +02:00 |
|
|
Martin Sutovsky
|
fbd1c1767f
|
Finish documentation, adds description and notes
|
2025-08-11 16:25:56 +02:00 |
|
|
Martin Sutovsky
|
d219efc0ac
|
Adds documentation, adds check method
|
2025-08-11 12:25:33 +02:00 |
|
|
Martin Sutovsky
|
936e68eb2e
|
Module init
|
2025-08-08 07:53:56 +02:00 |
|
|
Chocapikk
|
ff4ede95cc
|
Remove useless headers
|
2025-08-07 21:53:14 +02:00 |
|
|
Chocapikk
|
87eb063460
|
Add unauthenticated RCE on Shenzhen Aitemi M300 MT02 (CVE-2025-34152)
|
2025-08-07 18:34:49 +02:00 |
|
|
msutovsky-r7
|
9caa2be9a2
|
Land #20399, adds module for Pandora ITSM authenticated RCE (CVE-2025-4653)
Pandora ITSM auth RCE [CVE-2025-4653]
|
2025-08-07 08:37:45 +02:00 |
|
|
Martin Sutovsky
|
8c43583e87
|
Removes debugging imports
|
2025-08-07 07:35:17 +02:00 |
|
|
Martin Sutovsky
|
02c81c57e9
|
Removes redundant comment
|
2025-08-07 07:35:17 +02:00 |
|
|
Martin Sutovsky
|
febb52ea3f
|
Fixing mkdir issue
|
2025-08-07 07:35:17 +02:00 |
|
|
Martin Sutovsky
|
e1b8453764
|
Removing redundant include
|
2025-08-07 07:35:16 +02:00 |
|
|
Martin Sutovsky
|
c5c51fe577
|
Updates comments
|
2025-08-07 07:35:15 +02:00 |
|
|
Martin Sutovsky
|
547a0bb7f4
|
Adds sudo version check using existing functionality
|
2025-08-07 07:35:15 +02:00 |
|
|
Martin Sutovsky
|
0a9dda06fb
|
Addressing comments
|
2025-08-07 07:35:15 +02:00 |
|
|
Martin Sutovsky
|
b1acfc1b97
|
Addressing comments
|
2025-08-07 07:35:14 +02:00 |
|