d2ed326b16
Merge pull request #20950 from g0tmi1k/vsftpd_234_backdoor
...
vsftpd_234_backdoor: Add check & targets
2026-02-20 18:46:34 -06:00
cf497a8d6e
Merge pull request #20938 from Chocapikk/fix-beyondtrust-mech-list-fallback
...
Fix BeyondTrust PRA/RS exploit failing on older instances
2026-02-20 17:38:40 -06:00
250ef3b2d8
Merge pull request #20992 from adfoster-r7/add-check-method-alias-to-ms17-010-scanner-module
...
Add check method to ms17-010 scanner module
2026-02-20 13:27:32 +00:00
577f6f662f
Add check method to ms17-010 scanner module
2026-02-20 13:12:39 +00:00
f2262a84cc
Land #20841 , adds persistence module for Windows feature active setup
...
active setup persistence
2026-02-20 10:46:45 +01:00
993017d045
Rubocopes
2026-02-20 09:51:10 +01:00
bc81140d4f
vsftpd_234_backdoor: Add Linux fetch payload support
...
Fetch over CmdStager (& multiple targets)
2026-02-20 08:45:15 +00:00
53ac84be03
vsftpd_234_backdoor: Reconfig default target
2026-02-20 08:45:11 +00:00
5c29007f85
vsftpd_234_backdoor: Add comments
2026-02-20 08:17:41 +00:00
dc2ec5ef39
vsftpd_234_backdoor: Be more verbose
2026-02-20 08:17:37 +00:00
7161c2cbe6
vsftpd_234_backdoor: Checks & raises for exploit
2026-02-20 08:14:11 +00:00
037826daf5
vsftpd_234_backdoor: Add check
2026-02-20 08:10:45 +00:00
855b436235
Update modules/exploits/windows/persistence/registry_active_setup.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2026-02-19 15:46:33 -05:00
b6f37bef11
Land #20976 , adds module for StoryChief WP plugin (CVE-2025-7441)
...
Add StoryChief WordPress 1.0.42 unauthenticated RCE module (CVE-2025-7441)
2026-02-19 10:06:25 +01:00
c6f7d03d03
Merge pull request #20919 from h00die/emacs
...
emacs extension persistence
2026-02-18 10:58:13 -05:00
f369cac6d7
Apply suggestion from @jvoisin
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2026-02-18 12:24:09 +01:00
8af82dc7eb
Merge pull request #20844 from 6a6f656c/userinit
...
Windows Userinit persistence
2026-02-18 06:05:04 -05:00
9c7347d6b5
Trriged failed_with and Removed unnecessary line
2026-02-18 02:20:36 +02:00
faca50288d
Enhance CheckCode::Safe message for clarity
...
Update CheckCode::Safe to include a detailed message.
2026-02-18 00:14:18 +02:00
1c6fb0d11d
fix compatibility with session.sys
2026-02-17 16:37:05 -05:00
c24c58709d
Apply suggestion from @dledda-r7
2026-02-17 14:09:02 +01:00
236fb33b6b
Apply suggestion from @dledda-r7
...
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com >
2026-02-17 07:17:42 -05:00
ab30bd15f0
Apply suggestion from @dledda-r7
...
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com >
2026-02-17 07:17:17 -05:00
81e54d42e4
Merge pull request #20856 from msutovsky-r7/exploit/cve-2026-21858
...
Adds module for Ni8mare (CVE-2026-21858)
2026-02-16 10:06:14 -05:00
bc9c62a74b
Update modules/auxiliary/gather/ni8mare_cve_2026_21858.rb
2026-02-16 15:48:02 +01:00
fb7c6a8231
Adds rescue block for JSON parsing, adds check for incorrect username and empty files
2026-02-16 14:58:40 +01:00
c4ca44e4f9
Merge pull request #20972 from adfoster-r7/fix-false-positives-on-lg-simple-editor-check-methods
...
Fix false positives on lg simple editor check methods
2026-02-16 12:45:20 +00:00
65d37019ad
Fix false positives on lg simple editor check methods
2026-02-16 10:51:28 +00:00
8ee79fa524
Add StoryChief WordPress 1.0.42 unauthenticated RCE module
2026-02-16 00:44:20 +02:00
bbfe139e7f
Merge branch 'master' into multi/http/churchcrm_unauth_rce
2026-02-13 15:01:52 +01:00
b1758de52b
Adding version control on the check method
2026-02-13 14:42:07 +01:00
d90b3fdc89
Resolving compatibility issues
...
In the last version of ChurchCRM (6.8.0), in order to be correct, the
url in the post request needed to end with a '/'. This issues is now
fixed and the exploit work again on the 6.8.0 version.
2026-02-13 14:36:52 +01:00
efcd0411e4
Adding a code to the check method
2026-02-13 14:04:40 +01:00
fe302d30e1
Refactoring the code
2026-02-13 13:43:00 +01:00
dcf4221cff
Adding support for fetch payload
2026-02-13 13:23:40 +01:00
a4ec3cd40d
Merge pull request #20917 from sfewer-r7/solarwinds-webhelpdesk-rce
...
Add exploit module for SolarWinds Web Help Desk (CVE-2025-40536 + CVE-2025-40551)
2026-02-13 06:51:42 -05:00
3e98c7a045
Changing code according to Rubocop
2026-02-13 11:35:11 +01:00
06eba2245e
Creating a check method
2026-02-13 11:34:46 +01:00
7e03a89304
Land #20798 , adds module for FreeBSD rtsold/rtsol command injection (CVE-2025-14558)
...
Add module for rtsold/rtsol DNSSL Command Injection (CVE-2025-14558)
2026-02-13 10:57:03 +01:00
867624cad3
Removing default option
...
The default option has been remove in favor of metasploit's default
selection.
2026-02-13 10:42:42 +01:00
dc2e73b44a
Adding a failwith if the injection fail
2026-02-13 09:57:39 +01:00
aacbd1d180
Changing PHP injection logic
...
The PHP payload is injected directly into the PHP code injection. The
cleanup method has been remove in favor of a InitialAutoRunScript that
clear the config file.
2026-02-13 09:52:48 +01:00
78f4b8f97d
Merge branch 'master' into multi/http/churchcrm_unauth_rce
2026-02-13 08:50:23 +01:00
7a3f20a895
Merge pull request #20943 from g0tmi1k/twiki_maketext
...
twiki_maketext: Add versions to description
2026-02-12 15:21:11 -06:00
35b52df28a
Merge pull request #20849 from haicenhacks/haicen_xerte
...
Add three modules for exploiting Xerte Online Toolkits
2026-02-12 15:01:42 -05:00
12b7a440fa
force manual interface selection
2026-02-12 13:45:06 -05:00
803e6d3991
adds auto-check and fixes print statements
2026-02-12 12:58:01 -05:00
0af126cba9
adds ability to create a project if none exist.
2026-02-12 12:50:00 -05:00
930bb4fecd
fixes error in .htaccess policy generation
2026-02-12 12:43:16 -05:00
b4f26d0329
conform to uri normalization pattern
2026-02-12 12:42:33 -05:00
Brendan