adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,113 Commits 27 Branches 1,043 Tags
d2ed326b16ff5dc8f95633e287c19eb467c5ac6c
Commit Graph

4612 Commits

Author SHA1 Message Date
Martin Sutovsky d2af23a4a6 Adds additional installation step 2026-01-19 11:25:39 +01:00
Martin Sutovsky 4e36ff99ac Adds additional installation step 2026-01-19 11:24:45 +01:00
MatDupas 54c6e18505 Update documentation/modules/exploit/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-17 12:26:18 +01:00
h00die 7ccf574e99 burp extension all working 2026-01-16 08:44:27 -05:00
Brendan ade984aead Merge pull request #20793 from Chocapikk/avideo-v2 
Add AVideo notify.ffmpeg.json.php unauthenticated RCE exploit (CVE-2025-34433)
 2026-01-15 17:36:07 -06:00
Martin Sutovsky b01353cc07 Code cleanup, removes line from documentation 2026-01-15 15:26:30 +01:00
Martin Sutovsky 85221800a4 Removes line from documentation, code cleanup 2026-01-15 15:23:54 +01:00
jheysel-r7 bb473b6019 Merge pull request #20797 from h00die/remove_persistence_exe 
persistence modules cleanup
 2026-01-14 14:43:33 -08:00
h00die f4a195b88a persistence modules cleanup 2026-01-14 13:49:29 -05:00
msutovsky-r7 7b092aeedb Land #20806, adds module for unauthenticated command injection in Control Web Panel API (CVE-2025-67888) 
Adds module for Control Web Panel API Command Injection (CVE-2025-67888)
 2026-01-14 15:44:25 +01:00
Diego Ledda e4f8d4fb13 Merge pull request #20706 from h00die/windows_wmi_persistence 
Update windows wmi to persistence mixin
 2026-01-14 09:37:20 -05:00
Valentin Lobstein b2abdb21de Fix AVideo lab documentation: update file editing instructions 
Updated the note to provide a working method to edit configuration.php. Users can enter the container shell or copy the file out for editing.
 2026-01-14 00:35:39 +01:00
Valentin Lobstein ae4babbcf1 Fix AVideo lab documentation: remove broken sed command 
Removed the broken sed command that doesn't work correctly. Updated note to specify editing /var/www/html/AVideo/videos/configuration.php manually with an editor instead.
 2026-01-14 00:34:35 +01:00
Valentin Lobstein 37f9802b83 Update AVideo lab documentation: remove automatic sed fix, specify file to edit 
Removed mention of automatic sed fix in docker-entrypoint. Updated note to specify that users should manually edit /var/www/html/AVideo/videos/configuration.php if they encounter redirect issues with webSiteRootURL.
 2026-01-14 00:34:10 +01:00
Valentin Lobstein 733455eb53 Change port to 80 in AVideo lab documentation 
Changed HTTP_PORT from 9999 to 80 in the documentation to use the correct URL directly. This fixes the webSiteRootURL issue where AVideo was generating incorrect URLs with the mapped port instead of the container's internal port.
 2026-01-14 00:32:43 +01:00
Valentin Lobstein f6430ee093 Fix MariaDB tc.log corruption issue in AVideo lab setup 
The MariaDB container fails to start with 'Bad magic header in tc log' error
when the data directory has incorrect permissions or was previously corrupted.
This occurs during first-time setup of the AVideo lab environment.

The fix:
- Creates a custom entrypoint script that detects and removes corrupted tc.log
  files by checking the magic header (should be 01 00 00 00)
- Modifies Dockerfile.mariadb to integrate the fix script into the original
  MariaDB entrypoint using sed
- Ensures the fix runs automatically before MariaDB initialization

This allows the lab to start successfully on first run without manual intervention.

Co-authored-by: bwatters-r7 <bwatters-r7@users.noreply.github.com>
 2026-01-13 22:31:38 +01:00
msutovsky-r7 eae97b314a Land #20810, adds module for authenticated RCE in n8n (CVE-2025-68613) 
Adds module for n8n workflow expression RCE (CVE-2025-68613)
 2026-01-13 16:51:06 +01:00
Brendan 10d12570c0 Merge pull request #20791 from Chocapikk/webcheck 
Add Web-Check screenshot API command injection RCE exploit (CVE-2025-32778)
 2026-01-12 17:14:04 -06:00
h00die 6491f74d9d wmi persistence improvements 2026-01-11 07:25:13 -05:00
Jack Heysel cdebe41d6c Revert unintended change 2026-01-09 09:55:22 -08:00
JohannesLks d45e91b130 typo 2026-01-09 10:48:30 -05:00
msutovsky-r7 472016b753 Land #20796, moves udev module into persistence category 
update udev to persistence mixin
 2026-01-09 16:14:08 +01:00
Martin Sutovsky e8efe19598 Moves file upload module into separate PR 2026-01-09 11:19:37 +01:00
Martin Sutovsky fcabe61271 Moves SQLi to RCE module into separate PR 2026-01-09 11:15:47 +01:00
jheysel-r7 b9be6ac259 Merge pull request #20785 from Chocapikk/react2shell-clean 
Update react2shell module: Add Waku framework support
 2026-01-08 17:58:48 -08:00
jheysel-r7 bb98e855e1 Merge pull request #20751 from h00die/sticky_keys 
update windows sticky keys to persistence mixin
 2026-01-08 16:44:04 -08:00
msutovsky-r7 c289ff44b9 Land #20811, adds module for Prison Management System 1.0 RCE (CVE-2024-48594) 
Add Prison Management System 1.0 auth RCE (CVE-2024-48594)
 2026-01-08 12:33:00 +01:00
msutovsky-r7 b39e781500 Land #20700, adds module for Taiga.io RCE (CVE-2025-62368) 
Adds exploit module for authenticated deserialization vulnerability in Taiga.io (CVE-2025-62368)
 2026-01-07 11:53:32 +01:00
jheysel-r7 0d21fd4cc9 Merge pull request #20692 from msutovsky-r7/persistence/multi/python-site-specific-config-hook 
Adds module for python site-specific hook persistence
 2026-01-06 16:19:31 -08:00
h00die 428f31fdd3 review for wmi persistence 2026-01-06 16:36:05 -05:00
h00die bfec7c378b Update documentation/modules/exploit/windows/persistence/accessibility_features_debugger.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-06 14:00:39 -05:00
kali be9b2c9491 Add documentation for prison_management_rce 2026-01-06 12:33:49 +02:00
h00die 2f4db3bd5f review for wmi persistence 2026-01-05 17:06:17 -05:00
DataExplorerX ae8ab28eed Fix msftidy_docs warnings in chain_reply documentation 2026-01-05 16:01:16 +05:30
h00die 37cd1f27b0 move burp files and modernize with persistence mixin 2026-01-04 08:21:06 -05:00
h00die aa9a0f76da burp extension review 2026-01-04 08:06:14 -05:00
h00die 1a59ed08fe add docs for burp extension persistence 2026-01-04 08:06:14 -05:00
h00die d7d7a318ed Add docs and tidy to userinit persistence 2026-01-03 16:27:54 -05:00
h00die c485d9a822 active setup persistence 2026-01-03 10:39:45 -05:00
DataExplorerX 102ef677b1 Add documentation for linux/samba/chain_reply module (CVE-2004-0883) 2025-12-30 16:17:51 +05:30
JohannesLks 2cadcfe6ab add CVE-2025-68613 2025-12-25 11:21:28 -05:00
JohannesLks 455275d087 add module for CVE-2025-67888 2025-12-23 19:21:34 -05:00
Jack Heysel 3c57c71baf Windows support 2025-12-22 19:27:37 -08:00
JohannesLks 0ddb9fe027 Improvements from PR 2025-12-22 05:34:40 -05:00
Jack Heysel a44fc954a2 Cacti Graph Template authenticated RCE 2025-12-22 00:53:13 -08:00
JohannesLks 1be2858a7a Add Module and Documentation for CVE-2025-14558 2025-12-21 16:41:14 -05:00
h00die 3ea866c41d udev persistence 2025-12-21 07:50:48 -05:00
Brendan 3015c9f962 Merge pull request #20792 from sfewer-r7/hpe_oneview_rce 
Add unauth RCE exploit module for HPE OneView (CVE-2025-37164)
 2025-12-19 17:41:51 -06:00
Brendan b12ebc95c0 Merge pull request #20754 from h00die/assist_tech 
assistive technology persistence
 2025-12-19 16:33:21 -06:00
h00die eebfdc5a2a ssh_key persistence on windows now working 2025-12-19 17:26:17 -05:00