adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,712 Commits 27 Branches 1,043 Tags
d2ca5d331df37683e56ced943dc97493fdf82159
Commit Graph

2158 Commits

Author SHA1 Message Date
bwatters d2ca5d331d Add documentation 2020-12-22 14:14:20 -06:00
Spencer McIntyre 1031b12c57 Land #14206, Rockwell FactoryTalk CVE-2020-12027 RCE 2020-11-20 08:49:39 -05:00
Pedro Ribeiro e7196256d4 Update rockwell_factorytalk_rce.md 2020-11-19 17:53:25 +07:00
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
William Vu dcd8ec1d70 Lock JDK to 8u131 to be safe 2020-11-18 15:17:12 -06:00
William Vu 20a90557bf Update module doc 2020-11-18 15:08:12 -06:00
William Vu bcdf5aa586 Clarify Windows target setup further 2020-11-18 14:25:10 -06:00
William Vu 4d610b5500 Clarify using the generic installer for examples 2020-11-18 14:06:13 -06:00
William Vu 83beae731f Add WebLogic Administration Console Handle RCE 
CVE-2020-14882
CVE-2020-14883
 2020-11-18 10:56:02 -06:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 0feff932f2 Change docs to reflect the truth of the "vuln" 2020-11-16 11:38:00 -06:00
Christophe De La Fuente d6b412c58e Land #14340, Add HorizontCMS 1.0.0-beta exploit module and documentation 2020-11-13 13:03:04 +01:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00
William Vu 04bcbd0253 Update module doc 2020-11-11 15:57:29 -06:00
William Vu 42bdae919b Add SaltStack Salt REST API RCE (CVE-2020-16846) 
Leveraging CVE-2020-25592.
 2020-11-11 13:09:26 -06:00
Shelby Pace 65e1ef4cb8 Land #14253, add wp-file-manager rce for wordpress 2020-11-10 08:48:33 -06:00
kalba-security e7a20ec47c Add CVE ID to module and docs 2020-11-05 07:05:32 -05:00
Justin Steven 34715de016 Add jdk to msfvenom's APK template dependencies 2020-11-05 20:13:52 +10:00
kalba-security cf954888da Add horizontcms_upload_exec module and documentation 2020-11-02 13:01:13 -05:00
Justin Steven cb14287cb2 Add metasploit_msfvenom_apk_template_cmd_injection 2020-10-31 11:28:28 +10:00
Brendan Coles 6258d5b561 Land #14296, Move mercury_login module docs to documentation directory 2020-10-22 13:24:54 +00:00
h00die 5890bc45b5 move docs out of exploits folder 2020-10-21 16:37:02 -04:00
William Vu e4fb76d74f Add version check to exchange_ecp_dlp_policy 
And update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb.
 2020-10-20 14:32:43 -05:00
William Vu 3970b69734 Land #14229, Telerik UI for ASP.NET AJAX exploit 
CVE-2017-11317 && CVE-2019-18935
 2020-10-20 13:24:35 -05:00
bwatters 1e568a6d1b Merge branch 'land-14179' into upstream-master 2020-10-19 15:55:25 -05:00
William Vu 253928570b Update module doc 2020-10-19 11:18:00 -05:00
Spencer McIntyre 0f344b0661 Land #14265, Add SharePoint Server-Side Include (SSI) and ViewState RCE (CVE-2020-16952) 2020-10-19 10:27:58 -04:00
William Vu 4cb08f7426 Address outstanding issues 2020-10-15 13:24:08 -05:00
Tim W 87104a7236 Update docs and make them msftidy_docs.rb compliant 2020-10-15 10:59:46 -05:00
Grant Willcox 59f74438da Rename the LPE exploit to a more appropriate name since their could be future bugs in NtUserMessageCall and also update the description info a bit more 2020-10-15 10:59:44 -05:00
Grant Willcox f2899186e4 Add in first round of initial updates to fix review comments 2020-10-15 10:59:40 -05:00
Tim W dcc322436b Update documentation files and module description to more accurately describe what the cause of the LPE bug for CVE-2019-1458 is. also apply RuboCop edits. 2020-10-15 10:58:58 -05:00
Tim W 00d209425b add documentation 2020-10-15 10:58:08 -05:00
ide0x90 8d43fa4848 Module can now use mkfile+put method to exploit vulnerability. 2020-10-15 17:46:40 +08:00
William Vu 1a341ae931 Add SharePoint SSI and ViewState RCE 
CVE-2020-16952
 2020-10-14 17:45:15 -05:00
Pedro Ribeiro 9fe5e4d036 Create docs 2020-10-12 14:29:46 +07:00
ide0x90 b9df68cbb6 Fix module according to Rubocop, make documentation follow standard. 2020-10-11 19:04:06 +08:00
ide0x90 57b0f30e37 Add new module for WordPress File Manager unauth RCE (CVE-2020-25213) 2020-10-11 01:20:28 +08:00
youkergav 263b6bc070 Merge branch 'master' of github.com:rapid7/metasploit-framework into su_login 2020-10-09 05:26:48 -04:00
youkergav 23c6c415eb Added python alternative and check function 2020-10-09 03:58:55 -04:00
Spencer McIntyre fb569a24ee Add module documentation for Telerik RAU Deserialization 2020-10-07 13:40:10 -04:00
bwatters 3a6293357e Land #14190, Add the DOMAIN option to the CVE-2020-0688 Exploit 
Merge branch 'land-14190' into upstream-master
 2020-10-05 12:12:21 -05:00
h00die 15bb690308 fix vulnerability spelling 2020-10-04 13:00:48 -04:00
bwatters e24a81919a Land #13996, Add module for CVE-2020-9801, CVE-2020-9850 and CVE-2020-9856, 
RCE for Safari on macOS 10.15.3 (pwn2own2020)

Merge branch 'land-13996' into upstream-master
 2020-10-01 09:46:39 -05:00
bwatters 3aeeede4a6 Land #14187, Added CVE-2020-3433 module 
Merge branch 'land-14187' into upstream-master
 2020-09-29 13:41:33 -05:00
youkergav 0bceead907 Merge branch 'master' of github.com:rapid7/metasploit-framework into su_login 2020-09-29 01:53:50 -04:00
Spencer McIntyre e7d2b73600 Add a DOMAIN option to CVE-2020-0688 for consistency with other modules 2020-09-28 09:24:39 -04:00
youkergav 38fb644169 Architecture updates; base64 password; compliance 2020-09-25 23:58:48 -04:00
Shelby Pace f0f4da2b1e Land #14157, Windows update orchestrator privesc 2020-09-25 16:07:27 -05:00
Antoine GOICHOT fef88f27eb Added CVE-2020-3433 module 2020-09-25 23:04:58 +02:00