adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,776 Commits 27 Branches 1,043 Tags
d15ed9d2bdf710857faaeeb671fdf8916aff38fc
Commit Graph

3482 Commits

Author SHA1 Message Date
Christophe De La Fuente e7e2849f6d Land #17183, Zimbra fixes 2022-12-06 15:38:37 +01:00
Christophe De La Fuente ddaf5a3f0d Remove unecessary return statement 2022-12-06 15:07:28 +01:00
bwatters 54cd055276 Land #17286, CVE-2021-22015 vCenter priv esc 
Merge branch 'land-17286' into upstream-master
 2022-12-05 09:31:01 -06:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
h00die 867059efe5 add super to cleanup command 2022-12-01 14:55:43 -05:00
h00die 62b484fdc7 blank over empty 2022-12-01 14:34:09 -05:00
h00die 039b611fae fix enlightenment check method 2022-11-30 17:06:50 -05:00
Ashley Donaldson 25a0d0ff0e Fixes #17227 - polkit_dbus_auth_bypass module when run from a command shell 2022-11-25 15:13:57 +11:00
Spencer McIntyre 6350daf2d8 Land #17273, F5 exploit module CVE-2022-41800 
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
 2022-11-23 17:57:18 -05:00
Ron Bowes b7cf112d42 Fix an issue where the session handler would close too early on Zimbra modules 2022-11-23 13:09:47 -08:00
Ron Bowes ffbf8b303a Change a 'return 0' to 'fail_with', per Christophe's request 2022-11-23 12:51:51 -08:00
Ron Bowes 28a68ede8c Merge branch 'master' into zimbra-fixes 2022-11-23 12:50:56 -08:00
Ron Bowes cbb50ed902 Remove non-functioning Arch'es 2022-11-23 10:42:07 -08:00
h00die 6877304bac exploit for cve-2021-22015 vcenter priv esc 2022-11-20 11:29:49 -05:00
space-r7 8b30ff3dce remove CmdStager inclusion 2022-11-18 16:18:25 -06:00
Ron Bowes 7ebf84c66b Add URLs 2022-11-16 12:20:37 -08:00
Ron Bowes 20e6c1b55e Add URLs 2022-11-16 12:19:16 -08:00
Ron Bowes d0e109b842 Check in exploit module for CVE-2022-41800 2022-11-16 12:04:18 -08:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
Christophe De La Fuente 494c9601ca Land #17222, Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream [CVE-2021-39144] 2022-11-15 14:16:14 +01:00
h00die 59535b6799 remove 'is' 2022-11-12 16:19:50 -05:00
h00die-gr3y 70669f3fea addressed code improvement suggestions 2022-11-12 10:21:43 +00:00
H00die.Gr3y 72080910e7 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:22:06 +01:00
H00die.Gr3y 85b4512292 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:21:55 +01:00
H00die.Gr3y 5d314e5799 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:21:42 +01:00
H00die.Gr3y 04d6a310af Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:16:46 +01:00
H00die.Gr3y 1ce8695401 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:16:30 +01:00
H00die.Gr3y e38138d69e Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:16:17 +01:00
H00die.Gr3y 967388eba7 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Agreed !

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:15:42 +01:00
h00die-gr3y da189041b4 randomized endpoint url 2022-11-07 08:16:54 +00:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
h00die-gr3y 71d1c971a7 init commit module 2022-11-04 13:31:27 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
Jack Heysel 45ddcf02c9 Remove unused mix in, add low bound to check 2022-11-01 10:42:43 -05:00
Jack Heysel 2ed8dbc08d Rubocop 2022-11-01 10:42:43 -05:00
Jack Heysel 4587691d64 Fixed module to work over SSL 2022-11-01 10:42:42 -05:00
Jack Heysel 3b645ad9f4 Moved get variables from uri to vars_get 2022-11-01 10:42:42 -05:00
jheysel-r7 c810a1f5aa Update modules/exploits/linux/http/webmin_file_manager_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:42:42 -05:00
jheysel-r7 ebf7496ee2 Update modules/exploits/linux/http/webmin_file_manager_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:42:41 -05:00
jheysel-r7 0ede1ca94f Update modules/exploits/linux/http/webmin_file_manager_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
Jack Heysel d79515c3fe Fix file cleanup 2022-11-01 10:40:00 -05:00
Jack Heysel d1e1350ef9 Updated author 2022-11-01 10:40:00 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
Jack Heysel 9af689e130 draft module no docs 2022-11-01 10:40:00 -05:00
Jack Heysel c400a97b63 beta commit 2022-11-01 10:39:59 -05:00
Ron Bowes 4624031aec Remove errant puts 2022-10-25 10:21:47 -07:00
Ron Bowes 4979c0b74f Add a check to the cve-2022-30333 module for Zimbra that aborts before generating artifacts if the server cannot be reached 2022-10-25 10:05:16 -07:00
h00die-gr3y 3d8e18c1cb updated module with code suggestions space-r7 2022-10-25 16:38:15 +00:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00