adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,558 Commits 27 Branches 1,043 Tags
d6488dc0c35dbd5e97dc3622be89d260278bfdb2
Commit Graph

3568 Commits

Author SHA1 Message Date
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Christophe De La Fuente 7ca256560d Land #18542, Vinchin Backup & Recovery Command Injection 2023-12-20 18:56:50 +01:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die-gr3y 9ac3739605 Minor changes to the documentation 2023-12-17 13:51:30 +00:00
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00
Jack Heysel d9aa7f914e Added newline to PoC and removed empty file 2023-12-14 18:42:09 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
Jack Heysel 862194d63f Documentation and rubocop changes 2023-12-11 19:01:35 -05:00
bwatters daa6d5363f Land #18577, Added RCE Module for Splunk Enterprise (CVE-2023-46214) 
Merge branch 'land-18577' into upstream-master
 2023-12-11 15:52:05 -06:00
cgranleese-r7 f794268020 Land #18578, Docker cgroup escape (CVE-2022-0492) 2023-12-06 16:07:08 +00:00
h00die eca611aaac review 2023-12-05 16:18:39 -05:00
Christophe De La Fuente 10d4b9233b Land #18463, D-Link Router UPnP unauthenticed LAN RCE via a crafted M-SEARCH packet 2023-12-05 10:58:15 +01:00
Balgogan ab9576f83d Add changes 2023-12-01 10:55:04 +01:00
h00die 22242732d9 working cve-2022-0492 2023-11-28 15:25:53 -05:00
h00die b171b5e77c working cve-2022-0492 2023-11-28 15:16:18 -05:00
h00die 4ae62a431b not-working docker escape 2023-11-28 13:44:08 -05:00
Balgogan b2fa201a7d Implement check 2023-11-28 16:45:44 +01:00
Balgogan 0146527e55 Add splunk_xslt_authenticated_rce 2023-11-28 15:40:05 +01:00
Balgogan 402434bbf2 Add module output 2023-11-28 08:41:35 +01:00
Valentin Lobstein bfd22f8f01 Update documentation/modules/exploit/multi/http/wp_royal_elementor_addons_rce.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-11-28 08:15:14 +01:00
Balgogan 31daaf58fe Add wp_royal_elementor_addons_rce 2023-11-23 05:15:28 +01:00
Balgogan 2750deedee Update 2023-11-21 18:28:28 +01:00
Balgogan f0ab3a7140 Fix typo 2023-11-21 02:13:58 +01:00
Balgogan 58425df0ef Update vinchin_backup_recovery_cmd_inject exploit and documentation 2023-11-21 02:09:24 +01:00
Balgogan 42cdda7200 Vinchin 2023-11-16 18:10:42 +01:00
Valentin Lobstein 24fc989305 Merge branch 'rapid7:master' into master 2023-11-16 16:09:36 +01:00
h00die-gr3y 6e1580e5f5 added target DIR-845L 2023-11-13 14:48:59 +00:00
h00die-gr3y 51523e0971 release updating dlink_upnp_msearch_exec exploit module 2023-11-13 12:15:04 +00:00
Jack Heysel 1da4333611 Land #18434, Add module for Zoneminder RCE 
This PR adds an RCE module for the Zoneminder video
surveillance software system (CVE-2023-26035).
 2023-11-10 15:15:01 -05:00
Wolfgang Hotwagner 5d5f711dcd updated documentation 2023-11-09 22:40:36 +00:00
Balgogan c5cfc995c2 Add vinchin_backup_recovery_cmd_inject 2023-11-09 19:47:27 +01:00
bwatters 77a93e452f Land #18507, Exploit & Auxiliary modules for CVE-2023-20198 and CVE-2023-20273 (Cisco IOS XE) 
Merge branch 'land-18507' into upstream-master
 2023-11-08 09:05:40 -06:00
sfewer-r7 25ef7d1272 add the RCE exploit 2023-11-06 17:12:40 +00:00
bwatters e8d45b00ba Land #18501, Exploit module for CVE-2023-46604 - Apache ActiveMQ 
Merge branch 'land-18501' into upstream-master
 2023-11-06 09:30:48 -06:00
Christophe De La Fuente 1cde6198b5 Land #18481, MagnusBilling unauthenticated RCE [CVE-2023-30258] 2023-11-03 20:42:27 +01:00
Jack Heysel c27412a1ac Land #18494, Add AjaxPro Deserialization RCE 
This PR adds a module which leverages an insecure
deserialization of data to get remote code execution
on the target OS in the context of the user running
the website which utilized AjaxPro.
 2023-11-02 13:54:17 -04:00
Stephen Fewer 00104ce467 Update documentation to specify bin directory 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-02 17:41:21 +00:00
Stephen Fewer 8b70c3ec77 Update documentation/modules/exploit/multi/misc/apache_activemq_rce_cve_2023_46604.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-02 17:40:54 +00:00
Spencer McIntyre d26742a266 Add check code annotations, update AJP link 2023-11-02 08:53:56 -04:00
sfewer-r7 05f0b6a70c change the verification stesp to be for alinux target, as the testing steps above are for linux 2023-11-02 10:28:21 +00:00
sfewer-r7 58d03a3dab add in documentation 2023-11-02 10:26:02 +00:00
Jemmy Wang 9f9f18c73f Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-11-02 10:10:26 +08:00
Spencer McIntyre 9c67b92a4d Rename the other TMUI RCE module 2023-11-01 16:55:42 -04:00
Spencer McIntyre 7b53592b4f Add module docs 2023-11-01 16:55:41 -04:00
h00die-gr3y ad6e4618df third release module with minor text changes 2023-10-31 09:29:13 +00:00