adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,186 Commits 27 Branches 1,043 Tags
d2b0739d19bfb3f787300a1742d58a08df64df79
Commit Graph

1860 Commits

Author SHA1 Message Date
Spencer McIntyre 274b954c58 Land #16123, fix reference URL in cisco_ucs_rce 2022-02-01 17:06:59 -05:00
Spencer McIntyre 06fb748402 Add the missing full disclosure URL reference 2022-02-01 17:06:37 -05:00
space-r7 837fdf7c5e Land #16128, add cisco rv unauth rce 2022-02-01 10:34:57 -06:00
Jake Baines ccedcfefab Added exploit for CVE-2021-1472/CVE-2021-1473 2022-01-29 18:56:53 -08:00
swapnil shinde 70d4013610 fix faulty URL ref #16078 removed faulty url 
fix faulty URL ref #16078 , i searched for FULL_DISC tool in Cisco but i cant find anything related to this so i removed it. if that is meant by the issue.
 2022-01-29 22:33:33 +05:30
Grant Willcox 44f040ad78 Land #16056, Exploit Module for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-24 21:03:46 -06:00
Grant Willcox 15751a0f78 Minor langauge fix and final typo 2022-01-24 21:01:34 -06:00
Jake Baines 04d06a2df1 Switched to proper fail_with calls in exploit failure 2022-01-24 04:13:43 -08:00
Jake Baines 2c989ec714 Addressed multiple review comments (spelling, doc details, randomization, etc) 2022-01-22 14:09:58 -08:00
Grant Willcox 8bb3e39fd7 Land #16036, Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 10:58:42 -06:00
Brendan Coles ee2feb1207 Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 00:04:15 +00:00
Grant Willcox 8852eaa6b8 Land #16049 - Reference Fixes 2022-01-18 13:46:25 -06:00
Jake Baines 4ebb702405 Added an exploit for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-15 12:46:56 -08:00
Pedro Ribeiro 053fbe2a28 fix cisco advisory links 2022-01-13 18:55:39 +00:00
Pedro Ribeiro ea00da0a03 fix NUUO advisory links 2022-01-13 18:54:56 +00:00
Jake Baines 264f2bc03f Added the AttackerKB analysis 2022-01-11 03:17:45 -08:00
Jake Baines b0941f746f Added link to R7 blog 2022-01-10 13:24:33 -08:00
Jake Baines d4ee9a0183 Initial commit of CVE-2021-20039 exploit 2022-01-10 12:43:50 -08:00
Jeffrey Martin 21a6a18d92 trade URI.encode & URI.escape for Ruby 3 
Ruby 3 removed the `URI.escape` methods however access to
the a parse for the same RFC is stil available at `URI::DEFAULT_PARSER.escape`.

Per the Ruby forum [comment](https://bugs.ruby-lang.org/issues/17309#note-1) this should equal.
 2021-11-22 14:11:03 -06:00
Spencer McIntyre 9fa65092d1 Switch to the new Rex stopwatch function 2021-11-16 10:12:57 -05:00
dwelch-r7 73e55fcaee Land #15665, Add Meterpreter compatibility metadata 2021-10-29 12:45:26 +01:00
William Vu 78ebc89106 Improve sleep timeout using science 2021-10-27 22:49:41 -05:00
William Vu 3c4bc600f7 Link to open() in perldoc 2021-10-27 19:31:03 -05:00
William Vu c419ca04bd Warn when LPORT isn't 443 2021-10-27 19:31:03 -05:00
William Vu 14421ed5f5 Refactor elapsed time calculation 2021-10-27 19:31:03 -05:00
William Vu 7bbf0305c0 Fix elapsed time calculation using monotonic clock 
Hat tip @adfoster-r7.
 2021-10-27 19:31:03 -05:00
William Vu 3f9b22dbb7 Add Sophos UTM CVE-2020-25223 exploit 2021-10-27 19:31:03 -05:00
wvu 64654a3134 Merge branch 'master' into suitecrm_log_file_rce 2021-10-22 22:11:51 -05:00
M. Cory Billington e90a2a9274 Added CVE 2021-10-22 18:55:37 -05:00
William Vu f270d3ef7a Comment path traversals 2021-10-20 14:16:46 -05:00
William Vu 83500a17d4 Update vmware_vcenter_analytics_file_upload 2021-10-14 16:58:04 -05:00
William Vu 42ed1b6eef Add Windows support to CVE-2021-26084 exploit 2021-10-14 16:58:04 -05:00
William Vu 262b5e09f0 Add VMware vCenter Server CVE-2021-22005 exploit 2021-10-06 16:43:57 -05:00
adfoster-r7 28eab4d871 Add Meterpreter compatibility metadata 2021-10-06 13:54:51 +01:00
space-r7 12af64c4d8 Land #15604, add buffer overflow G-Cam module 2021-09-16 13:02:57 -05:00
Your Name a2f83c22ba Add Pattern Create 2021-09-16 08:22:57 +01:00
Spencer McIntyre 480dec9a1e Land #15658, Add module for CVE-2021-32682 2021-09-14 14:09:27 -04:00
space-r7 278807be98 check contents of json after attempted upload 2021-09-14 11:36:28 -05:00
adfoster-r7 1499b1988e Land #15609, Add Meterpreter compatibility commands 2021-09-13 15:21:03 +01:00
adfoster-r7 46718e3390 Run Rubocop layout rules on modules 2021-09-10 12:53:39 +01:00
space-r7 91ae50eb27 escapeshellcmd -> escapeshellarg 2021-09-09 17:28:05 -05:00
space-r7 0095613a94 add completed module and documentation 2021-09-09 16:58:40 -05:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
William Vu 8c4e5d262c Add Atlassian Confluence CVE-2021-26084 exploit 2021-09-08 06:57:31 -05:00
space-r7 80dc8b9502 add elfinder module 2021-09-03 18:26:18 -05:00
Your Name 41690d6e1d Linting again 2021-09-02 17:33:57 +01:00
Your Name f336f7a4d6 Removed global vars & Fixed linting 2021-09-02 17:30:18 +01:00
Grant Willcox 0e0e3bbcfb Land #15603, Add Geutebruck CVE_2021_335XX command injection module 2021-09-01 10:59:22 -05:00
adfoster-r7 ded8200396 Land #15537, Add support for ruby 3 2021-09-01 10:30:54 +01:00
Grant Willcox d83ede6306 Fix up some check method issues and some XML data validation issues identified during review 2021-08-31 18:25:01 -05:00