adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,639 Commits 27 Branches 1,043 Tags
d5df47692cdaed055643bea02a5cfd2b9eebc992
Commit Graph

813 Commits

Author SHA1 Message Date
Grant Willcox d5df47692c Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come 2021-08-17 18:01:14 -05:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
space-r7 0561ae978f fix typos, pihole version in docs 2021-07-29 11:13:58 -05:00
William Vu 2164d7ed5a Add log IOC 2021-07-12 20:54:54 -05:00
William Vu 1812a71d3d Add module doc 2021-07-12 13:07:05 -05:00
William Vu 6fbaecf919 Backport print changes to recent modules 2021-07-08 21:26:35 -05:00
Grant Willcox 570ba091f6 Update some typos in the documentation and also update the exploit module to handle various cases whereby the dbus-send command might end up timing out due to TIMEOUT being too low and to fix some final issues found during testing 2021-07-08 16:24:01 -05:00
Grant Willcox 9f88ef0954 Fix up review comments 2021-07-08 16:22:29 -05:00
Jack Heysel 0f67dd5212 Fixed get_cmd_delay, reponded to comments 2021-07-08 16:20:38 -05:00
Jack Heysel 9a07039e7e Updated docs 2021-07-08 16:09:15 -05:00
Jack Heysel f87f831aba Module updates + Docs 2021-07-08 16:09:02 -05:00
William Vu 8cd00bcb91 Update module doc 2021-07-06 22:25:35 -05:00
Christophe De La Fuente eca20bec92 Update from code review 
- Fix documentation typos
- Rename `MeterpreterBackground` Mettle option to `MeterpreterTryToFork`
 2021-06-30 11:02:11 +02:00
Christophe De La Fuente ccaedd6c9a Last additions and improvements 
- add binaries
- add documentation
- backup `runc` binary in the exploit C file
- add `MeterpreterBackground` options to set Mettle `background` option
- add `WsfDelay` logic
- refactor code
- add cleanup logic
- add restore `runc` binary logic
 2021-06-30 11:02:11 +02:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
h00die 3f1bb4b51e rename module, add docs 2021-05-30 14:48:39 -04:00
M. Cory Billington e62efe0690 Added module and documentation for SuiteCRM Log File RCE 2021-05-22 00:11:19 -05:00
Spencer McIntyre 56388cd696 Land #15146, Add support for extra OSes for CVE-2021-3156 (Baron Samedit) 2021-05-18 18:02:30 -04:00
Spencer McIntyre a8a1cf75b8 Reorder the Fedora targets to be descending 2021-05-18 18:02:12 -04:00
William Vu 637e9cff48 Update vmware_vrops_mgr_ssrf_rce documentation 2021-05-06 18:30:20 -05:00
Ashley Donaldson 5dc8d0e684 Added automatic cleanup for exploit scripts that modify /etc/passwd 2021-05-06 21:50:03 +10:00
Christophe De La Fuente 7f667fab4e Update documentation 2021-05-04 14:12:48 +02:00
Mehmet INCE e3662034ea Update documentation/modules/exploit/linux/http/gravcms_exec.md 
Making consistent with documentation template.

Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-05-03 20:38:17 +03:00
Mehmet INCE 686f8c309a Fix the module documentation 2021-05-03 12:17:24 +03:00
Mehmet INCE 9e04805c0e Adding check method to gravcms exec 2021-05-03 11:14:43 +03:00
Mehmet INCE e3d05395de Add GravCMS exec 2021-05-03 11:14:42 +03:00
Ashley Donaldson 0435e281d9 Updated CVE-2021-3156 documentation to reflect code changes. 2021-05-03 16:45:50 +10:00
William Vu a2047071e2 Refine vmware_vrops_mgr_ssrf_rce module doc again 
I've used this Markdown trick before, but I wasn't sure it'd work here.
 2021-05-02 21:18:53 -05:00
William Vu 8b4a763eb1 Add words to vmware_vrops_mgr_ssrf_rce module doc 
I had dropped this sentence for brevity, but now I realize it's useful.
 2021-05-02 17:24:58 -05:00
William Vu a79ddb5b3c Fix "apache_ofbiz_deserialiation" typo in its doc 2021-05-01 17:23:52 -05:00
Shelby Pace 0535489703 Land #14947, add IGEL OS RCE 2021-04-30 15:49:11 -05:00
Shelby Pace a59eebc937 remove systemd limit modification info 2021-04-30 15:44:22 -05:00
Shelby Pace de22236902 add AutoCheck and update docs output 2021-04-30 15:38:57 -05:00
Spencer McIntyre 994825dcc9 Land #15090, Add exploit for CVE-2021-22502 2021-04-29 14:09:28 -04:00
Spencer McIntyre b2142aada7 Land #15086, Add exploit for CVE-2020-11857 2021-04-29 11:47:17 -04:00
Spencer McIntyre 4373b464ce Update the markdown module docs a bit 2021-04-29 11:46:40 -04:00
Shelby Pace a4af80d3e1 Land #15005, add VMware vRealize SSRF RCE 2021-04-27 09:19:55 -05:00
Shelby Pace 363db0e271 Land #14977, add Apache Druid js rce 2021-04-26 12:01:19 -05:00
Li Hua 9b984ddbed Update microfocus_obr_cmd_injection.md 2021-04-25 11:02:54 +08:00