adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,213 Commits 27 Branches 1,043 Tags
d020b2fb5fa3c19360bff5d694e5446d6f331bd4
Commit Graph

589 Commits

Author SHA1 Message Date
William Vu 151b8f2f92 Update vmware_vcenter_uploadova_rce module doc 2021-03-30 21:08:21 -05:00
Spencer McIntyre 006faaab9a Land #14924, Add auxiliary and exploit modules for CVE-2020-6207 in SAP Solution Manager 2021-03-25 17:48:56 -04:00
Vladimir Ivanov b066145cf1 Minor updates 
Updated documentation auxiliary module cve_2020_6207_solman_rce.md
Updated documentation in exploit module cve_2020_6207_solman_rs.md
 2021-03-25 17:07:20 +03:00
Grant Willcox f01b434160 Land #14896, Fix apache_activemq_upload_jsp exploit module for Java 8 2021-03-24 10:22:03 -05:00
Grant Willcox 9d7e9990f4 Update documentation wording a bit to be more appropriate 2021-03-24 09:17:22 -05:00
Vladimir Ivanov d76224066f Rename option URIPATH to TARGETURI 2021-03-23 13:33:39 +03:00
Vladimir Ivanov 6e13a26fd3 Delete links to launchpad.support.sap.com in doc files 2021-03-22 11:03:53 +03:00
Vladimir Ivanov 42726a70c0 client.rb - library for auxiliary and exploit modules 
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
 2021-03-21 16:51:21 +03:00
alanfoster 308a42e95b Fix apache_activemq_upload_jsp exploit module for Java 8 2021-03-20 15:26:34 +00:00
Alan Foster 9a92ac87a1 Ensure documentation files have md extension 2021-03-15 10:24:50 +00:00
Spencer McIntyre d580e7d122 Fix some documentation, remove unnecessary code and fix a filename typo 2021-03-11 12:09:29 -06:00
Spencer McIntyre a227d00275 Add additional setup notes for some modules 2021-03-11 12:09:29 -06:00
Spencer McIntyre 8d2e644f4f Add a new Java Deserialization mixin and use it to set the shell 2021-03-11 12:09:29 -06:00
William Vu 729994d4af Update module doc 2021-03-05 17:25:37 -06:00
William Vu 7bbb4cc09a Add module doc 2021-03-05 17:25:37 -06:00
Brendan Coles 69031fa91f Add Apache Flink JAR Upload Java Code Execution 2021-02-22 23:00:57 +00:00
Pedro Ribeiro 79cac47ba3 add suggestions by cdelafuente-r7 2021-02-09 14:24:49 +07:00
Pedro Ribeiro 33edfaa8f6 mention that it has been tested on 2019.11 too 2021-01-30 21:47:31 +07:00
Pedro Ribeiro b8fe5fabf8 fix typo another typo 2021-01-28 22:50:05 +07:00
Pedro Ribeiro 446316ef6c fix typo at the end of app list 2021-01-28 22:49:32 +07:00
Pedro Ribeiro dcd9a6a214 add more clarification regarding affected products 2021-01-28 20:41:08 +07:00
Pedro Ribeiro 7ea5c3ffce add clarification about c3p0 2021-01-28 18:23:20 +07:00
Pedro Ribeiro c73fa70543 do the rubocop thing and add docs 2021-01-28 18:21:51 +07:00
Spencer McIntyre 74898461b4 Land #14654, Add exploit for Micro Focus UCMDB unauthenticated RCE 2021-01-27 10:00:22 -05:00
Spencer McIntyre fc6957fbf6 Fix a couple of issues in the markdown formatting 2021-01-27 10:00:02 -05:00
Pedro Ribeiro 7220dc3ff6 add new note on broken payloads 2021-01-24 22:39:01 +07:00
Pedro Ribeiro 12157163f7 Merge branch 'obm_deser' into ucmdb 2021-01-24 22:25:57 +07:00
Pedro Ribeiro bf4ac7b1a8 add UCMDB sploit 2021-01-24 22:25:45 +07:00
Grant Willcox 0ec99c03f9 Clean up documentation formatting a little bit 2021-01-22 14:27:57 -06:00
Grant Willcox 95d3bd98ac Do msftidy_docs and rubocop changes 2021-01-15 18:10:23 -06:00
Grant Willcox 2f0abe4900 Add in documentation and fix up small issues with module 2021-01-15 18:06:07 -06:00
h00die 7d7263cf1f spelling 2021-01-09 08:13:19 -05:00
h00die d8c55501a5 ait csv improter exploit 2021-01-01 12:14:52 -05:00
Grant Willcox 7de662c807 Land #14521, Struts2 Multi Eval OGNL RCE 2020-12-23 11:40:16 -06:00
Grant Willcox 70f8ff31f8 Update documentation to include missing extra options I forgot to document, edit the wording on the module to match the documentation, and do final touch ups. 2020-12-23 10:50:22 -06:00
Grant Willcox 799b451324 Add in updates to documentation to fix spelling mistakes and to also add in missing documentation for some options, plus to make some explanations a bit clearer. 2020-12-22 17:33:40 -06:00
Grant Willcox 4a449f97d3 Land #14522, Replace hard-coded Shiro default key with ENC_KEY 2020-12-22 09:26:49 -06:00
Grant Willcox 24e8aeffe5 Incorporate review feedback and update the associated documentation. 2020-12-21 17:29:21 -06:00
Christophe De La Fuente dc6b67f4c6 Land #14509, Fixes for Solr RCE 2020-12-18 21:51:06 +01:00
Spencer McIntyre 3d7ed70cec Tweak the check method and add module docs 2020-12-15 19:49:29 -05:00
Spencer McIntyre 246c455c96 Reformat the struts2_namespace_ognl module docs 2020-12-15 09:13:06 -05:00
James Lee f255724e01 Changes to support older Solr (tested 5.3.0) 
Use a new parameter instead of a header because older versions don't
have access to the request object.

There was an issue where the exploit would fail if the exec returned -1
despite the payload otherwise working, fixed by not trying to return
output in that case.

Also updates the documentation to reflect that we have a Java target now
and quoting is no longer a concern.
 2020-12-13 19:05:47 -06:00
alanfoster 835059f00c [CVE-2020-10977] Gitlab arbitrary file read to RCE 2020-12-07 01:26:54 +00:00
Graeme Robinson 8e534ffc22 Split scenarios to separate blocks for each target 
As suggested in https://github.com/rapid7/metasploit-framework/pull/14216#discussion_r512868894.
 2020-11-26 13:46:01 +01:00
Graeme Robinson 536e1a1a02 Fix typo in documentation 2020-11-26 13:46:01 +01:00
Graeme Robinson c280bb67e7 Wrap at 140 characters to appease msftidy_docs.rb. 2020-11-26 13:46:01 +01:00
Graeme Robinson 4dc564e62b Added documentation for module. 2020-11-26 13:46:01 +01:00
Spencer McIntyre 95665e916c Land #14416, wordpress plugin 'simple file list' rce 2020-11-25 09:58:26 -05:00
Spencer McIntyre 94c157bc95 Tweak the documentation and module output just a little for clarity 2020-11-25 09:58:07 -05:00
cgranleese-r7 31426576e0 Land #14264, Add exploit/multi/http/kong_gateway_admin_api_rce 2020-11-25 11:09:02 +00:00