adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,553 Commits 27 Branches 1,043 Tags
cb8e023734c778de0a4269cd8d9dd3af850d5347
Commit Graph

568 Commits

Author SHA1 Message Date
Jeffrey Martin cb8e023734 add warning about external links 
Links to external resources not controlled by the project maintainers
are subject to bitrot and malicious take over. Warnings seem appropriate.
 2022-11-23 12:08:05 -06:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
jheysel-r7 cf27c34917 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
jheysel-r7 6a1af915f6 Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
Jack Heysel d79515c3fe Fix file cleanup 2022-11-01 10:40:00 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
h00die-gr3y c1aed2d274 Fixed typos documentation 2022-10-21 13:20:37 +00:00
h00die-gr3y 1c393dc596 init commit module and documentation 2022-10-21 12:50:46 +00:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
Christophe De La Fuente c89569d88c Fix the doc to make msftidy_docs.rb happy 2022-10-20 14:33:40 +02:00
bwatters 73c879a854 Add docs 2022-10-19 17:59:54 -05:00
Ron Bowes d8a5629cf4 Add Zimbra-installation notes 2022-10-19 10:05:20 -07:00
Ron Bowes 56d6f7747b Remove some old code and update documentation with version info 2022-10-19 10:02:29 -07:00
Heyder Andrade 26ed9bb053 Update documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-17 22:49:57 +02:00
Heyder Andrade aece783cee Added reference to user auto-detect method 2022-10-17 01:11:27 +02:00
Heyder Andrade 0b09e564f1 Improved documentation 2022-10-16 14:25:54 +02:00
Heyder Andrade 835b44ca7a Added documentation 2022-10-16 13:42:21 +02:00
Grant Willcox 487a26ee0f Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs 2022-10-12 11:19:47 -05:00
Ayantaker 9abaa00b9e Adding some changes to documentation as per review comments 2022-10-12 11:36:35 -04:00
Ayantaker e75438d0b2 Documentation fix and minor fixes 
Fixed the documentation according to msftidy's suggestion and removed a few unessary parts of code
 2022-10-11 18:17:52 -04:00
Grant Willcox 45aa09411e First round of edits from review 2022-10-11 15:46:04 -05:00
Ayantaker c8cd6a7864 Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 
CVE-2022-22947 exploits Spring Cloud Gateway. The module has been tested with Spring Cloud gateway version 3.1.0 on Linux kali 5.18.0-kali5-amd64
 2022-10-06 15:48:36 -04:00
Ron Bowes 48dd4693df Add docs for CVE-2022-41352 (zimbra cpio), and fix some text 2022-10-06 10:46:48 -07:00
space-r7 f2e003cdb0 add documentation 2022-09-20 18:45:48 -05:00
Christophe De La Fuente 52ff168c5e Land #16914, Add PAN-OS auth command injection module (CVE-2020-2038) 2022-09-15 17:58:07 +02:00
Jack Heysel 1c99daa836 Updated error handling 2022-09-13 12:40:59 -04:00
space-r7 a11569fc53 Land #16944, add Apach Spark RCE 2022-09-07 13:02:27 -05:00
h00die-gr3y f71ec84f9e updated documentation 2022-09-06 19:36:11 +00:00
Christophe De La Fuente 8ba621a291 Land #16923, Cisco ASA-X with FirePOWER Services Authenticated Command Injection (CVE-2022-20828) 2022-09-02 18:37:37 +02:00
h00die-gr3y e8083c6fb1 commit module and documentation 2022-08-26 15:39:18 +00:00
h00die-gr3y 21c4e3ce3d commit module and documentation 2022-08-26 15:05:39 +00:00
Grant Willcox 2369e1562c Add in documentation on how to install the target from scratch 2022-08-23 11:44:09 -05:00
Ron Bowes abd392c372 Add in changes from review 2022-08-23 11:44:03 -05:00
Grant Willcox 5b61b5097f RuboCop documentation, add in Verification steps, and fix up minor issues 2022-08-23 11:44:02 -05:00
Ron Bowes 0e6647c7f9 Add scenarios 2022-08-23 11:43:53 -05:00
Ron Bowes 97f8ec9367 Documentation, output cleanup 2022-08-23 11:43:51 -05:00
Jake Baines b4fe31757d Added module for CVE-2022-20828 2022-08-19 12:29:37 -07:00
Jack Heysel 75efe1528c Added check method, reponded to PR comments 2022-08-17 17:24:03 -04:00
jheysel-r7 47f2b52277 Update documentation/modules/exploit/linux/http/panos_auth_rce.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-08-17 13:42:17 -04:00
jheysel-r7 ef0578160c Update documentation/modules/exploit/linux/http/panos_auth_rce.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-08-17 13:32:36 -04:00
jheysel-r7 08502e184c Update documentation/modules/exploit/linux/http/panos_auth_rce.md 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-08-17 13:32:07 -04:00
jheysel-r7 30df4ce7b0 Update documentation/modules/exploit/linux/http/panos_auth_rce.md 2022-08-16 09:58:55 -04:00
Jack Heysel 57109f2966 Add PAN-OS auth command injection module 2022-08-16 09:44:05 -04:00
Jack Heysel 06f0fffc20 Land #16856, Webmin package updates RCE module 
This module exploits an arbitrary command injection
in Webmin versions prior to 1.997.
 2022-08-09 16:13:19 -04:00
Christophe De La Fuente 38b845f247 Fix from code review 
- Documentation typos
- Adding ARM64 support
 2022-08-09 15:09:25 +02:00