adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,558 Commits 27 Branches 1,043 Tags
d6488dc0c35dbd5e97dc3622be89d260278bfdb2
Commit Graph

18030 Commits

Author SHA1 Message Date
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
h00die-gr3y 4c404765a4 Final update to the module based on cdelafuente-r7 comments 2023-12-21 12:06:21 +00:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Jack Heysel 77fb5d02b2 Fixed up indentation and rubocop complaints 2023-12-20 13:16:32 -05:00
jheysel-r7 342492557d Apply suggestions from code review 2023-12-20 13:09:13 -05:00
jheysel-r7 6a16602a08 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-12-20 13:08:33 -05:00
Christophe De La Fuente 7ca256560d Land #18542, Vinchin Backup & Recovery Command Injection 2023-12-20 18:56:50 +01:00
Jack Heysel d65ceb9abc Rubocop 2023-12-19 13:54:23 -05:00
Jack Heysel b86df4820c Responded to comments from jvoisin 2023-12-19 13:50:09 -05:00
jheysel-r7 96241f509a Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-12-19 13:18:45 -05:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 44b4b3b5bc Update version parsing 2023-12-19 12:16:17 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel e858628292 Execute python payload in memory 2023-12-19 00:46:11 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
Jack Heysel c6a6809700 Updated attribution 2023-12-18 19:41:49 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00
h00die-gr3y db099f8f4c Third release of module 2023-12-16 16:06:05 +00:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
Jack Heysel c1459df10f Check method improvement 2023-12-14 12:42:23 -05:00
jheysel-r7 a14b28e941 Update modules/exploits/multi/http/atlassian_confluence_unauth_backup.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-12-14 11:55:48 -05:00
h00die-gr3y d00249f083 Second release with manual cleanup of php* files 2023-12-14 12:57:07 +00:00
cgranleese-r7 5f396245f2 Land #18539, Add Smb session type 2023-12-12 11:45:19 +00:00
Jack Heysel 862194d63f Documentation and rubocop changes 2023-12-11 19:01:35 -05:00
Jack Heysel 61414fab27 Refactored module to use mixin 2023-12-11 18:24:37 -05:00
bwatters daa6d5363f Land #18577, Added RCE Module for Splunk Enterprise (CVE-2023-46214) 
Merge branch 'land-18577' into upstream-master
 2023-12-11 15:52:05 -06:00
Balgogan 374d724567 Lint 2023-12-11 15:36:10 +01:00
Valentin Lobstein 78c57c1c5c Update modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-11 15:22:33 +01:00
Valentin Lobstein cb0ee49f71 Update modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-11 15:22:09 +01:00
h00die-gr3y ff44932113 first draft release of module 2023-12-10 21:09:40 +00:00
cgranleese-r7 f794268020 Land #18578, Docker cgroup escape (CVE-2022-0492) 2023-12-06 16:07:08 +00:00
Christophe De La Fuente 10d4b9233b Land #18463, D-Link Router UPnP unauthenticed LAN RCE via a crafted M-SEARCH packet 2023-12-05 10:58:15 +01:00
Christophe De La Fuente 7cd1b75497 Update deprecation date and message 2023-12-05 10:51:12 +01:00
Dean Welch 152056b001 DRY up post mixin/optional session 2023-12-04 17:55:15 +00:00
Dean Welch cd8cc75cf3 Add smb session type 2023-12-04 17:55:11 +00:00
h00die f1fc6b7cdd review comments, adding new payloads 2023-12-01 16:06:48 -05:00
Balgogan ab9576f83d Add changes 2023-12-01 10:55:04 +01:00
bwatters 56da86fe6b Land #18579, Use the new style of Windows version detection for CVE-2022-3699 
Merge branch 'land-18579' into upstream-master
 2023-11-29 14:28:35 -06:00
h00die b171b5e77c working cve-2022-0492 2023-11-28 15:16:18 -05:00
Spencer McIntyre 7307c9810b Use the new style of Windows version detection 
This will become more important once the Windows Meterpreter returns a
more accurate string for the sysinfo OS field.
 2023-11-28 14:35:26 -05:00
h00die 4ae62a431b not-working docker escape 2023-11-28 13:44:08 -05:00
Balgogan 47e7453930 Enhance Splunk RCE module description for clarity and detail 2023-11-28 17:59:16 +01:00
Balgogan 4967d3e95d Remove spaces 2023-11-28 17:48:07 +01:00
Balgogan f2f34f64c8 Add suggested changes 2023-11-28 17:45:13 +01:00
Balgogan b2fa201a7d Implement check 2023-11-28 16:45:44 +01:00
Balgogan a1f31d909a Add splunk_xslt_authenticated_rce 2023-11-28 15:51:39 +01:00
Balgogan 0146527e55 Add splunk_xslt_authenticated_rce 2023-11-28 15:40:05 +01:00
Valentin Lobstein fc35a116bb Update modules/exploits/multi/http/wp_royal_elementor_addons_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-11-28 08:15:27 +01:00