adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,133 Commits 27 Branches 1,043 Tags
cb6495e5bc5035c22c1663b3ccb3c9c16c9bda3d
Commit Graph

7807 Commits

Author SHA1 Message Date
Brendan 5faa0a5b6b Merge pull request #19777 from msutovsky-r7/linqpad_deserialization 
Linqpad deserialization persistence
 2025-05-13 08:03:30 -05:00
Martin Sutovsky 24a86cd74a Refactoring based on comments 2025-05-06 08:43:57 +02:00
Zeecka 9ade55bd35 Fix typo in bypassuac_fodhelper.rb 2025-04-23 17:49:11 +02:00
msutovsky-r7 bdac31037a Land #20028, pgAdmin modules refactor 
Refactor pgAdmin modules to use new lib
 2025-04-21 16:03:35 +02:00
bcoles 0e74591eee modules: examples: Resolve RuboCop violations 2025-04-18 14:13:26 +10:00
Jack Heysel faea5f7933 Responded to comments 2025-04-17 09:43:13 -07:00
Jack Heysel 3ead0fdf42 Add check for is_uac_enabled? 2025-04-16 17:59:53 -07:00
Jack Heysel 9a95f60df6 Updated service_permissions with action to exploit CVE-2025-21293 2025-04-16 10:55:05 -07:00
bcoles 06d1971f23 exploit/windows/local/unquoted_service_path: Check if write_file fails 2025-04-13 16:34:03 +10:00
Jack Heysel 4c5e0203dd Refactor pgAdmin modules to use new lib 2025-04-11 15:55:46 -07:00
cgranleese-r7 e3e396b190 Updates module with missing notes 2025-04-07 15:35:40 +01:00
jheysel-r7 5505bb5ef1 Merge pull request #19947 from machang-r7/machang-r7-module-cve-2025-27218 
Create sitecore_xp_cve_2025_27218.rb
 2025-03-28 07:40:28 -07:00
Jack Heysel fa0c29837e Update author, rubocop, msftidy_docs 2025-03-27 09:36:10 -07:00
Jack Heysel d54e8d8749 Add check method that returns Detected 2025-03-27 09:28:28 -07:00
Jack Heysel 24a785d6b0 Target and metadata updates 2025-03-25 11:56:15 -07:00
Jack Heysel abeeb091fd Rubocop 2025-03-25 11:18:48 -07:00
bwatters-r7 ec67435de9 Rebase and squash for CVE-2024-30085 2025-03-20 09:03:28 -05:00
cgranleese-r7 4764ebbe39 Land #19932, Fix crash when running mssql payload against sessions 2025-03-20 11:20:06 +00:00
Jack Heysel cf08a4e533 Readd missing checks 2025-03-13 13:14:13 -07:00
Jack Heysel 82f07c171b Fix check method 2025-03-13 13:00:24 -07:00
machang-r7 a0ca1b10af Create sitecore_xp_cve_2025_27218.rb 2025-03-05 17:54:54 -05:00
Spencer McIntyre 04842eaaee Add a check method to the smb_relay module 2025-03-05 13:44:33 -05:00
Spencer McIntyre b43dc8be08 Switch relay modules, add ESC8 check method 2025-03-05 13:44:33 -05:00
adfoster-r7 2f958c21af Fix crash when running mssql payload against sessions 2025-03-03 19:20:56 +00:00
cgranleese-r7 0017fbdf56 Updates more dead links 2025-02-28 10:30:14 +00:00
cgranleese-r7 810e7c4518 Adds scripts to find and replace dead module reference links 2025-02-28 09:20:48 +00:00
h4x-x0r 21b3315229 updated 
updated
 2025-01-29 20:18:05 +00:00
Martin Sutovsky f667179515 Removing execution of LINQPad file due to module recategorisation to persistence 2025-01-24 16:54:27 +01:00
msutovsky-r7 712b47b0bf Merge branch 'rapid7:master' into linqpad_deserialization 2025-01-24 16:52:29 +01:00
Martin Sutovsky 689e44f3ff Addressing some issues 2025-01-10 11:12:32 +01:00
Martin Sutovsky 2f351eae33 Addressing some issues 2025-01-10 11:12:21 +01:00
h00die 3513c6c4db fix nsfw link 2025-01-09 20:58:40 -05:00
Martin Sutovsky 93c2360741 Renaming module to persistence module instead 2025-01-09 15:30:50 +01:00
Martin Sutovsky 058e7be47a Cleaning up module 2024-12-30 16:13:24 +01:00
Martin Sutovsky 302052c692 LINQPad deserialization module init 2024-12-30 15:57:59 +01:00
Ashley Donaldson 40f2eaaab1 Recognise broken SMB sessions and close them 2024-12-16 19:52:19 +11:00
bwatters-r7 48ed31f323 Fix version check 2024-12-12 17:11:53 -06:00
Diego Ledda 58702f238c Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230) 
Land #19574, Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
 2024-12-04 16:39:43 +01:00
jheysel-r7 05cbd1d9a3 Land #19593 Add exploit for CVE-2023-28324 (Unauthenticated RCE in Ivanti EPM) 
This exploits an unauthenticated RCE in Ivanti's EPM where a .NET remoting client can invoke a method that results in an OS command being executed in the context of NT AUTHORITY\SYSTEM.
 2024-11-20 11:18:58 -08:00
Spencer McIntyre e52edf447c Implement feedback from the PR 2024-11-20 13:51:39 -05:00
h4x-x0r 37c148cc7c CVE-2024-47407 
CVE-2024-47407
 2024-11-13 03:55:17 +00:00
Jack Heysel 81b83f2fd6 Updated docs and check 2024-11-06 09:13:51 -08:00
Jack Heysel 5bc3e046eb Update check 2024-11-05 15:34:25 -08:00
Jack Heysel 7a5bc60aab Windows Access Mode Mismatch LPE in ks.sys [CVE-2024-35250] 2024-11-05 15:31:44 -08:00
Spencer McIntyre 5550e073dd Implement suggested changes 2024-10-31 11:29:34 -04:00
Spencer McIntyre 9f41937c7a Finish up the exploit module 2024-10-28 17:20:35 -04:00
Spencer McIntyre 27d5c95323 Refactor into an SMB server relay mixin 2024-10-24 16:25:40 -04:00
Spencer McIntyre 8ba0019ca0 Refactor the existing relay target client code 2024-10-24 16:25:40 -04:00
Jack Heysel cf85992531 Placeholder commit 2024-10-18 16:11:06 -07:00
Spencer McIntyre 77f63442d7 Add the initial higher level client 2024-10-17 12:54:25 -04:00