 root
|
d2c192e9bf
|
windows persistence userinit v6
|
2026-01-03 15:37:44 -05:00 |
|
|
root
|
cb7dd50731
|
windows persistence userinit v5
|
2026-01-03 15:21:20 -05:00 |
|
|
root
|
f6fdbc4fbd
|
windows persistence userinit v4
|
2026-01-03 14:43:50 -05:00 |
|
|
root
|
beff06b9a4
|
windows persistence userinit v3
|
2026-01-03 11:09:14 -05:00 |
|
|
6a6f656c
|
4a3a26e9d9
|
windows persistence userinit v2
|
2026-01-02 09:33:21 -05:00 |
|
|
6a6f656c
|
9d120c1eeb
|
windows persistence userinit
|
2026-01-02 07:21:05 -05:00 |
|
|
Spencer McIntyre
|
fba6040445
|
Merge pull request #20781 from jbx81-1337/fix/remove-ppc
remove ppc meterpreter
|
2025-12-22 14:56:48 -05:00 |
|
|
Spencer McIntyre
|
68965f667e
|
Remove the ppc64le adapters
This is dead code now. We don't have any PPC64LE payloads.
|
2025-12-22 14:27:09 -05:00 |
|
|
Brendan
|
3015c9f962
|
Merge pull request #20792 from sfewer-r7/hpe_oneview_rce
Add unauth RCE exploit module for HPE OneView (CVE-2025-37164)
|
2025-12-19 17:41:51 -06:00 |
|
|
Brendan
|
b12ebc95c0
|
Merge pull request #20754 from h00die/assist_tech
assistive technology persistence
|
2025-12-19 16:33:21 -06:00 |
|
|
h00die
|
5ac586a788
|
Update modules/exploits/windows/persistence/assistive_technology.rb
Co-authored-by: Brendan <bwatters@rapid7.com>
|
2025-12-19 14:52:34 -05:00 |
|
|
sfewer-r7
|
0c947d05ab
|
add in the AKB analysis
|
2025-12-19 15:38:43 +00:00 |
|
|
sfewer-r7
|
5c6c8a3956
|
better check result given we have the version string
|
2025-12-19 15:38:27 +00:00 |
|
|
sfewer-r7
|
a4dba96712
|
add in the HPE OneView exploit
|
2025-12-19 15:30:53 +00:00 |
|
|
Brendan
|
6c4a61fa42
|
Merge pull request #20761 from Chocapikk/acf-extended-rce
Add WordPress ACF Extended unauthenticated RCE exploit (CVE-2025-13486)
|
2025-12-18 16:03:06 -06:00 |
|
|
h00die
|
d15d4ca5dc
|
.exe guard clause for assistive_tech persistence
|
2025-12-18 16:17:50 -05:00 |
|
|
Spencer McIntyre
|
05479c022a
|
Update nodejs cache sizes
|
2025-12-17 17:33:51 -05:00 |
|
|
jbx81-1337
|
48c21f5c45
|
fix: remove broken ppc meterpreters
|
2025-12-16 11:17:07 +01:00 |
|
|
Jack Heysel
|
0589121fb9
|
Update payload options
|
2025-12-15 18:52:38 -05:00 |
|
|
Jack Heysel
|
ca2ac75e16
|
Change react2shell default encoder
|
2025-12-12 15:22:34 -08:00 |
|
|
jheysel-r7
|
388a967101
|
Merge pull request #20749 from nakkouchtarek/grav-ssti-rce
Add Grav CMS Twig SSTI Sandbox Bypass RCE Exploit Module & Documentation
|
2025-12-11 16:13:09 -08:00 |
|
|
jheysel-r7
|
33197bd59c
|
Merge pull request #20713 from Chocapikk/nable
Add N-able N-Central authentication bypass and XXE scanner module (CVE-2025-9316, CVE-2025-11700)
|
2025-12-11 11:10:48 -08:00 |
|
|
Tarek Nakkouch
|
a20e2dfa6e
|
Use send_request_cgi! for automatic redirect handling
|
2025-12-11 20:03:17 +01:00 |
|
|
Tarek Nakkouch
|
028aa2f544
|
Wrap zlib require in begin/rescue block for proper error handling
|
2025-12-11 19:53:02 +01:00 |
|
|
Tarek Nakkouch
|
df9f546d01
|
Use HttpClientTimeout datastore option instead of hardcoded timeout value
|
2025-12-11 19:52:16 +01:00 |
|
|
Tarek Nakkouch
|
80f60b431c
|
Set default value for FORM_NAME option and remove fallback check
|
2025-12-11 19:45:24 +01:00 |
|
|
Valentin Lobstein
|
35d7b2e334
|
Improve file content parsing in extract_file_contents method
|
2025-12-11 18:57:18 +01:00 |
|
|
cgranleese-r7
|
f7abf967a6
|
Merge pull request #20743 from zeroSteiner/fix/mssql-encryption-guard
Remove the TDSENCRYPTION Guard Clause
|
2025-12-11 12:58:09 +00:00 |
|
|
jheysel-r7
|
0c921ea2e7
|
Merge pull request #20725 from Chocapikk/magento
Add Magento SessionReaper (CVE-2025-54236) exploit module
|
2025-12-10 08:56:47 -08:00 |
|
|
jheysel-r7
|
d86c5f0908
|
Merge pull request #20746 from Chocapikk/king-addons
Add WordPress King Addons privilege escalation exploit (CVE-2025-8489)
|
2025-12-10 08:37:11 -08:00 |
|
|
Diego Ledda
|
d6560b951f
|
Merge branch 'master' into loongarch64
|
2025-12-10 07:08:40 -05:00 |
|
|
Valentin Lobstein
|
be4c3c1a91
|
Update modules/exploits/multi/http/wp_king_addons_privilege_escalation.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2025-12-10 06:07:41 +01:00 |
|
|
Valentin Lobstein
|
fc8f07cf91
|
Update modules/exploits/multi/http/wp_king_addons_privilege_escalation.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2025-12-10 06:07:23 +01:00 |
|
|
Valentin Lobstein
|
b4d65afcf5
|
Add exploit module for WordPress ACF Extended CVE-2025-13486 unauthenticated RCE
|
2025-12-09 22:02:41 +01:00 |
|
|
jheysel-r7
|
47771a6789
|
Merge pull request #20760 from sfewer-r7/fix-55182
fix a typo with the use of CVE-2025-55102, it should be CVE-2025-55182
|
2025-12-09 10:32:33 -08:00 |
|
|
Valentin Lobstein
|
6bc2bffd8c
|
Refactor create_admin_user to handle errors internally and remove custom.ini from documentation
|
2025-12-09 19:20:56 +01:00 |
|
|
Valentin Lobstein
|
1596d42c6a
|
Update modules/exploits/multi/http/wp_king_addons_privilege_escalation.rb
Co-authored-by: Phil Townes <phil_townes@rapid7.com>
|
2025-12-09 19:14:44 +01:00 |
|
|
Valentin Lobstein
|
c423ff07c5
|
Update modules/exploits/multi/http/wp_king_addons_privilege_escalation.rb
Co-authored-by: Phil Townes <phil_townes@rapid7.com>
|
2025-12-09 19:14:36 +01:00 |
|
|
Diego Ledda
|
9489296664
|
Merge pull request #20758 from msutovsky-r7/payload/ppc/fetch_payloads
Adds PPC reverse payloads to fetch adapters
|
2025-12-09 07:04:14 -05:00 |
|
|
sfewer-r7
|
1a8e88c054
|
fix a typo with the use of CVE-2025-55102, it should be CVE-2025-55182
|
2025-12-09 09:05:59 +00:00 |
|
|
Brendan
|
caa672231b
|
Merge pull request #20736 from sfewer-r7/fortiweb-exploit-rce-v6-support
Update the FortiWeb exploit module (CVE-2025-64446 + CVE-2025-58034) to target older unsupported versions 6.x
|
2025-12-08 17:43:49 -06:00 |
|
|
jheysel-r7
|
66279422d1
|
Merge pull request #20747 from vognik/2025-55182
Add CVE-2025-55182 / CVE-2025-66478
|
2025-12-08 13:41:49 -08:00 |
|
|
Tarek Nakkouch
|
e45eda6ead
|
Replace gsub with encode_base64 delimiter parameter
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
|
2025-12-08 19:48:01 +01:00 |
|
|
Martin Sutovsky
|
f8ae3912be
|
Rubocopes
|
2025-12-08 17:32:28 +01:00 |
|
|
Martin Sutovsky
|
62d02675ce
|
Adds reverse shell payloads to PPC fetch adapters
|
2025-12-08 17:31:55 +01:00 |
|
|
cpomfret-r7
|
2a53d9c866
|
Merge pull request #20704 from dwelch-r7/combine-ssh-login-modules
The module `auxiliary/scanner/ssh/ssh_login_pubkey` has been removed.
Its functionality has been moved into `auxiliary/scanner/ssh/ssh_login`.
|
2025-12-08 15:44:58 +00:00 |
|
|
Tarek Nakkouch
|
e08c18c720
|
Remove ARTIFACTS_ON_DISK side effect
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
|
2025-12-08 15:42:29 +01:00 |
|
|
Tarek Nakkouch
|
77f4fe9c98
|
Update module name
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
|
2025-12-08 15:41:31 +01:00 |
|
|
vognik
|
bdd7cb5365
|
upgraded payload
|
2025-12-08 01:32:43 -08:00 |
|
|
Tarek Nakkouch
|
5fcc33d203
|
Implement zlib compression before base64 encoding to minimize payload size
|
2025-12-07 22:25:51 +01:00 |
|