adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,133 Commits 27 Branches 1,043 Tags
cb6495e5bc5035c22c1663b3ccb3c9c16c9bda3d
Commit Graph

19478 Commits

Author SHA1 Message Date
Brendan cb6495e5bc Merge pull request #20146 from Chocapikk/wp_suretriggers_auth_bypass 
Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102)
 2025-05-13 10:53:44 -05:00
Brendan 5faa0a5b6b Merge pull request #19777 from msutovsky-r7/linqpad_deserialization 
Linqpad deserialization persistence
 2025-05-13 08:03:30 -05:00
Chocapikk 40002f87f4 Apply suggestion to store created WordPress admin creds 2025-05-11 17:53:06 +02:00
Valentin Lobstein 604672433a Update modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2025-05-11 17:19:12 +02:00
Valentin Lobstein ca6e413bea Update modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2025-05-11 17:18:51 +02:00
Valentin Lobstein 04915c8c95 Update modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2025-05-11 17:18:37 +02:00
Valentin Lobstein 5c8013ad92 Update modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2025-05-11 17:18:29 +02:00
Chocapikk 21a9fa848c Add credits 2025-05-07 23:59:06 +02:00
Chocapikk 879027bd5a Update 2025-05-07 23:50:20 +02:00
Valentin Lobstein 2e9d7db238 Update modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-07 23:34:58 +02:00
Valentin Lobstein 23809f0d08 Update modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-07 23:34:51 +02:00
Chocapikk 4d0c7bb71a Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102) 2025-05-07 17:45:30 +02:00
cgranleese-r7 49c041f291 Land #20137, modules/exploits/unix/dhcp: Resolve RuboCop violations 2025-05-07 09:55:41 +01:00
bcoles 37c52bb4c7 modules/exploits/unix/dhcp: Resolve RuboCop violations 2025-05-07 00:22:34 +10:00
bcoles e5138fcd01 modules/exploits/unix/fileformat: Resolve RuboCop violations 2025-05-06 23:30:37 +10:00
Martin Sutovsky 24a86cd74a Refactoring based on comments 2025-05-06 08:43:57 +02:00
msutovsky-r7 0cbe2cb6b6 Land #20129, resolves Rubocop violations in modules/exploits/unix/x11 
modules/exploits/unix/x11: Resolve RuboCop violations
 2025-05-06 08:28:51 +02:00
bcoles 127e4c553f modules/exploits/unix/x11: Resolve RuboCop violations 2025-05-04 16:24:31 +10:00
jheysel-r7 4b9032a487 Merge pull request #20060 from mekhalleh/rce_cve-2025-21293 
Added exploit module for CVE-2025-32433 (Erlang/OTP)
 2025-05-02 07:05:30 -07:00
RAMELLA Sebastien 8da70b64d7 modify exploit response message 
Signed-off-by: RAMELLA Sebastien <sebastien.ramella@pirates.re>
 2025-05-02 13:41:47 +04:00
RAMELLA Sebastien eef2fac8dc add HrrRbSsh and fix exploit response message 
Signed-off-by: RAMELLA Sebastien <sebastien.ramella@pirates.re>
 2025-05-02 13:18:21 +04:00
jheysel-r7 0f22a18dac Merge pull request #20081 from msutovsky-r7/exploit/wondercms-rce 
Adds module for  CVE-2023-41425 WonderCMS RCE
 2025-04-30 13:14:45 -07:00
Martin Sutovsky 1f650b0432 Adding SRVHOST check 2025-04-30 17:58:15 +02:00
Martin Sutovsky f2e0fe79be Responding to comments 2025-04-30 17:53:26 +02:00
Diego Ledda 8ae6d353d8 Land #20085, module exploit for Craft CMS Preauth RCE (CVE-2025-3243) 
Land #20085, module exploit for Craft CMS Preauth RCE (CVE-2025-3243)
 2025-04-30 17:22:50 +02:00
Chocapikk 73f0963d81 Lint ^^ 2025-04-30 16:16:30 +02:00
Valentin Lobstein 691cead95c Update modules/exploits/linux/http/craftcms_preauth_rce_cve_2025_32432.rb 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-04-30 16:10:32 +02:00
Valentin Lobstein c85fe60596 Update modules/exploits/linux/http/craftcms_preauth_rce_cve_2025_32432.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-04-30 11:33:14 +02:00
Valentin Lobstein 301e9e64e7 Update modules/exploits/linux/http/craftcms_preauth_rce_cve_2025_32432.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-04-30 11:32:58 +02:00
Chocapikk 39a5d710aa Refactor module: modularization, session-path leak, randomized key, improved check 
- Centralized fetch_cookies_and_csrf and execute_via_session methods for clarity
- Added leak_session_path() to call send_transform("phpinfo") and parse session.save_path via XPath
- In check(): first try to leak the PHP session directory (report vulnerable if successful), then perform a simple RCE check by summing two 4-digit random numbers with print_r()
- Stub injection now happens once in fetch_cookies_and_csrf; execute_via_session only needs the payload
- Randomized the "as hack" key in send_transform
- Simplified exploit() to reuse execute_via_session with a Base64-encoded payload
- Big thanks to @jvoisin for the suggestions!
 2025-04-30 00:24:25 +02:00
Valentin Lobstein 9d0d12004e Update modules/exploits/linux/http/craftcms_preauth_rce_cve_2025_32432.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-04-29 19:59:09 +02:00
Valentin Lobstein 59b9249cec Update modules/exploits/linux/http/craftcms_preauth_rce_cve_2025_32432.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-04-29 19:58:38 +02:00
RAMELLA Sebastien 32a8e6797e fixes review 
Signed-off-by: RAMELLA Sebastien <sebastien.ramella@pirates.re>
 2025-04-27 20:31:13 +04:00
Chocapikk a0e9758c7f Improve error handling, and search csrf_token in root uri 2025-04-27 08:01:17 +02:00
adfoster-r7 d4988c4eb2 Merge pull request #20073 from bcoles/rubocop-modules-exploits-solaris 
modules/exploits/solaris: Resolve RuboCop violations
 2025-04-26 18:08:17 +01:00
adfoster-r7 dd30b6fe9f Merge pull request #20083 from bcoles/rubocop-modules-exploits-android 
modules/exploits/android: Resolve RuboCop violations
 2025-04-26 15:59:20 +01:00
Chocapikk ba094199da Fix typo 2025-04-26 10:41:30 +02:00
Chocapikk 332c61b6ea Fix cookie handling and switch to send_request_cgi for HTTP requests 2025-04-26 08:24:11 +02:00
Chocapikk 3e96b4148e Add comment about msftidy issue 2025-04-26 06:02:27 +02:00
Chocapikk 9392d0bdf9 Add suggestions 2025-04-26 05:56:41 +02:00
Chocapikk c4e621f3cf Add new exploit for CVE-2025-32432: Craft CMS Preauth RCE 2025-04-26 05:43:13 +02:00
Martin Sutovsky b117843c00 Addressing comments 2025-04-25 20:17:46 +02:00
bcoles 4ce7b89bf1 modules/exploits/android: Resolve RuboCop violations 2025-04-26 01:28:35 +10:00
Martin Sutovsky 622abe78f8 Adding cleanup option: 2025-04-25 15:53:47 +02:00
Martin Sutovsky 8fe0003bbe Adding cleanup 2025-04-25 15:51:53 +02:00
Martin Sutovsky 77d0fe5ae0 Fixing calling payload 2025-04-25 15:49:24 +02:00
Martin Sutovsky 665065e4df Module init 2025-04-25 14:35:24 +02:00
RAMELLA Sebastien 740a8130d4 combine modules 
Signed-off-by: RAMELLA Sebastien <sebastien.ramella@pirates.re>
 2025-04-25 10:35:16 +04:00
Brendan f1acf0fead Merge pull request #20076 from Zeecka/patch-1 
Fix typo in bypassuac_fodhelper.rb
 2025-04-23 12:41:35 -05:00
adfoster-r7 1bfb43a467 Merge pull request #20077 from adfoster-r7/update-haraka-module-to-work-with-newer-python-versions 
Update haraka module to work with newer python versions
 2025-04-23 17:43:53 +01:00