adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,776 Commits 27 Branches 1,043 Tags
d15ed9d2bdf710857faaeeb671fdf8916aff38fc
Commit Graph

2081 Commits

Author SHA1 Message Date
Christophe De La Fuente e7e2849f6d Land #17183, Zimbra fixes 2022-12-06 15:38:37 +01:00
Christophe De La Fuente ddaf5a3f0d Remove unecessary return statement 2022-12-06 15:07:28 +01:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
Spencer McIntyre 6350daf2d8 Land #17273, F5 exploit module CVE-2022-41800 
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
 2022-11-23 17:57:18 -05:00
Ron Bowes b7cf112d42 Fix an issue where the session handler would close too early on Zimbra modules 2022-11-23 13:09:47 -08:00
Ron Bowes ffbf8b303a Change a 'return 0' to 'fail_with', per Christophe's request 2022-11-23 12:51:51 -08:00
Ron Bowes 28a68ede8c Merge branch 'master' into zimbra-fixes 2022-11-23 12:50:56 -08:00
Ron Bowes cbb50ed902 Remove non-functioning Arch'es 2022-11-23 10:42:07 -08:00
space-r7 8b30ff3dce remove CmdStager inclusion 2022-11-18 16:18:25 -06:00
Ron Bowes 7ebf84c66b Add URLs 2022-11-16 12:20:37 -08:00
Ron Bowes 20e6c1b55e Add URLs 2022-11-16 12:19:16 -08:00
Ron Bowes d0e109b842 Check in exploit module for CVE-2022-41800 2022-11-16 12:04:18 -08:00
Ron Bowes 99e661cfcf Check in exploit script for CVE-2022-41622 (CSRF into SOAP) 2022-11-16 11:58:15 -08:00
h00die-gr3y 70669f3fea addressed code improvement suggestions 2022-11-12 10:21:43 +00:00
H00die.Gr3y 72080910e7 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:22:06 +01:00
H00die.Gr3y 85b4512292 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:21:55 +01:00
H00die.Gr3y 5d314e5799 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:21:42 +01:00
H00die.Gr3y 04d6a310af Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-11-12 09:16:46 +01:00
H00die.Gr3y 1ce8695401 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:16:30 +01:00
H00die.Gr3y e38138d69e Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:16:17 +01:00
H00die.Gr3y 967388eba7 Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb 
Agreed !

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-12 09:15:42 +01:00
h00die-gr3y da189041b4 randomized endpoint url 2022-11-07 08:16:54 +00:00
h00die-gr3y bf0ed5b513 fixed some typos in documentation 2022-11-05 15:36:42 +00:00
h00die-gr3y 642a83bd0d Updated module and added documentation 2022-11-05 15:14:31 +00:00
h00die-gr3y 71d1c971a7 init commit module 2022-11-04 13:31:27 +00:00
space-r7 197b37751b Land #17174, add FLIR AX8 command injection module 2022-11-01 12:41:01 -05:00
Jack Heysel 45ddcf02c9 Remove unused mix in, add low bound to check 2022-11-01 10:42:43 -05:00
Jack Heysel 2ed8dbc08d Rubocop 2022-11-01 10:42:43 -05:00
Jack Heysel 4587691d64 Fixed module to work over SSL 2022-11-01 10:42:42 -05:00
Jack Heysel 3b645ad9f4 Moved get variables from uri to vars_get 2022-11-01 10:42:42 -05:00
jheysel-r7 c810a1f5aa Update modules/exploits/linux/http/webmin_file_manager_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:42:42 -05:00
jheysel-r7 ebf7496ee2 Update modules/exploits/linux/http/webmin_file_manager_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:42:41 -05:00
jheysel-r7 0ede1ca94f Update modules/exploits/linux/http/webmin_file_manager_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:40:01 -05:00
Jack Heysel d79515c3fe Fix file cleanup 2022-11-01 10:40:00 -05:00
Jack Heysel d1e1350ef9 Updated author 2022-11-01 10:40:00 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
Jack Heysel 9af689e130 draft module no docs 2022-11-01 10:40:00 -05:00
Jack Heysel c400a97b63 beta commit 2022-11-01 10:39:59 -05:00
Ron Bowes 4624031aec Remove errant puts 2022-10-25 10:21:47 -07:00
Ron Bowes 4979c0b74f Add a check to the cve-2022-30333 module for Zimbra that aborts before generating artifacts if the server cannot be reached 2022-10-25 10:05:16 -07:00
h00die-gr3y 3d8e18c1cb updated module with code suggestions space-r7 2022-10-25 16:38:15 +00:00
h00die-gr3y 3e78229fc0 updated module and documentation 2022-10-25 13:33:52 +00:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
jheysel-r7 3bbd05a11a Update modules/exploits/linux/http/glpi_htmlawed_php_injection.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-24 11:48:33 -04:00
h00die-gr3y 1c393dc596 init commit module and documentation 2022-10-21 12:50:46 +00:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
bwatters 6039e54b75 For real, this time 2022-10-19 17:23:16 -05:00
bwatters 78e8de826b Sure; I can spell 2022-10-19 17:22:29 -05:00
bwatters 238aa9058f Fix Cmdstager flavor, complete info hash 2022-10-19 17:18:20 -05:00
bwatters 56b8bf6302 Working draft for CVE-2022-35914 2022-10-19 14:33:33 -05:00