d7531ef74c
fix typo in documentation
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-06-13 15:09:56 +01:00
bf9b3f1d2a
add documentation
2024-06-10 17:41:55 +01:00
120fa0f2fe
Land #19208 , Add exploit module for CVE-2024-5084: WordPress Hash Form Plugin RCE
2024-06-05 10:17:02 +02:00
67ec4baa66
PR-19208: Add DefaultTarget to the info hash
2024-06-05 10:14:48 +02:00
6b127249fa
Add suggestions
2024-05-31 20:56:03 +02:00
80ee458410
Land #19151 , Add Flowmon Priv Esc Feature Module
...
Privilege escalation module for Progress Flowmon unpatched feature
2024-05-29 11:35:53 -04:00
72f332aba0
Land #19150 , Add Flowmon Command Injection Module
...
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
2024-05-29 08:28:37 -04:00
4fdf6df1e7
Fix doc
2024-05-28 20:16:33 +02:00
bea708d24c
Add exploit module for CVE-2024-5084: WordPress Hash Form Plugin RCE
2024-05-28 18:27:02 +02:00
2c6fc11639
Responded to comments, clean up /etc/sudoers file
2024-05-23 16:56:35 -04:00
a0597007e4
Minor fixes, respond to comments
2024-05-23 14:02:28 -04:00
0de89d3b2d
Update documentation/modules/exploit/linux/local/progress_flowmon_sudo_privesc_2024.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-21 13:42:52 -07:00
6e9e4a5aed
Land #19102 , Northstar C2 Stored XSS to Agent RCE
...
Add exploit module for CVE-2024-28741, Northstar C2 Stored XSS to Agent
RCE
2024-05-21 14:57:44 -04:00
10acd86390
Land #19071 , Add AVideo RCE module
...
Add module for CVE-2024-31819 which exploits an LFI in AVideo which uses
PHP Filter Chaining to turn the LFI into unauthenticated RCE
2024-05-21 14:27:15 -04:00
67154a12e0
Land #19104 , CHAOS rat xss to rce
2024-05-21 11:10:57 +01:00
a89d418725
review of northstar c2
2024-05-16 15:17:28 -04:00
da31761336
Lint
2024-05-15 22:13:53 +02:00
3560860e33
Update documentation/modules/exploit/multi/http/avideo_wwbnindex_unauth_rce.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-15 22:07:29 +02:00
d1739f32c2
review of chaos rat
2024-05-13 16:55:43 -04:00
80fdde5fdc
Land #19100 , Add Loadmaster sudo priv esc
...
Add Kemp Progress Loadmaster sudo abuse priv esc
2024-05-10 10:21:38 -04:00
b28e263a2b
Update debug statements and add protection against bad die name
2024-05-10 08:54:23 -05:00
47c8d7252b
Land #18519 , Docker kernel module escape
2024-05-06 09:08:08 -04:00
b044bcab01
Add command payloads and checks for overwritten files
2024-05-03 13:06:16 -05:00
ca669d8f08
Update docs to reflect changes
2024-05-01 13:45:20 -04:00
c2a561630d
Add local privesc module for Flowmon
2024-05-01 09:07:34 -07:00
a7e97e50ad
Add module for flowmon cmd injection CVE-2024-2389
2024-05-01 08:42:55 -07:00
d94971598b
Add documentation and fix some debug prints
2024-04-29 15:28:34 -05:00
364d491af7
Land #18972 , Progress LoadMaster unauthenticated command injection module CVE-2024-1212
...
Merge branch 'land-18972' into upstream-master
2024-04-26 18:18:40 -05:00
19af4ae4e6
mermaid flow chart
2024-04-24 16:54:02 -04:00
9fb217fb59
northstar c2 exploit
2024-04-24 16:54:02 -04:00
512da4bc45
chaos rat xss to rce
2024-04-24 16:51:58 -04:00
1c8c91096f
Removed port being in documentation as it made no sense
2024-04-23 18:47:30 -04:00
26a108aadc
Land #19046 , Apache Solr Backup Restore RCE [CVE-2023-50386]
2024-04-23 14:08:33 -04:00
a36244073f
Merge pull request #1 from bwatters-r7/update-18972
...
Remove Priv Esc to add it to another module and update it to only run…
2024-04-22 17:53:48 -07:00
c10bde97ff
Merge branch 'rapid7:master' into module/progress_kemp_loadmaster_unauth_cmd_injection
2024-04-22 17:53:32 -07:00
b8675f0fd7
Land #19005 , Add Gambio Webshop Unauth RCE
...
A Remote Code Execution vulnerability in Gambio online webshop version
4.9.2.0 and lower allows remote attackers to run arbitrary commands via
unauthenticated HTTP POST request
2024-04-19 12:18:17 -07:00
488653d942
Land #19082 , FortiNet FortiClient EMS SQLi to RCE [CVE-2023-48788]
2024-04-19 15:03:22 -04:00
4733d1dc04
Land #19101 , Exploit module for CVE-2024-4300 - Palo Alto Networks PAN-OS
...
Merge branch 'land-19101' into upstream-master
2024-04-19 12:49:41 -05:00
2ad13ac836
Added note about shell from a different IP than RHOST IP
2024-04-19 11:45:56 -05:00
4f3ee3f78a
Incorporate documentation wording change from suggestion
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2024-04-19 08:50:20 -05:00
27f5ad8e05
Land #18996 , VSCode Malicious Ext module
...
This PR adds a new exploit that creates a malicious vsix file. a vsix
file is a VS and VSCode extension file. Once installed, the users
computer will call back with a shell. Its not a bug, its a feature!
2024-04-18 18:10:46 -07:00
bcaa5359da
Land #18997 , Add GitLens VSCode Extension Exploit
...
GitKraken GitLens before v.14.0.0 allows an untrusted workspace to
execute git commands. A repo may include its own .git folder including a
malicious config file to execute arbitrary code.
2024-04-18 17:19:41 -07:00
982b6aef0a
Incorporating PAN-OS module peer review suggestions, adding documentation for the module
2024-04-18 18:21:12 -05:00
331c961412
update module and documentation with tax country logic
2024-04-18 19:13:19 +00:00
bae1a2e20f
gitlens review
2024-04-17 16:06:32 -04:00
727849202d
Land #19087 , chore: remove repetitive words
2024-04-17 09:59:46 -04:00
84ea514180
Land #19026 , Add pgadmin exploit CVE-2024-2044
...
This adds an exploit for pgAdmin <= 8.3 which is a path traversal
vulnerability in the session management that allows a Python pickle
object to be loaded and deserialized. This also adds a new Python
deserialization gadget chain to execute the code in a new thread so the
target application doesn't block the HTTP request.
2024-04-16 14:12:41 -07:00
9cf4372f2b
Clean up some of the module's documentation
2024-04-16 13:36:21 -04:00
409f0e45a6
Remove Priv Esc to add it to another module and update it to only run once
2024-04-15 15:44:22 -05:00
6b2bdc893b
chore: remove repetitive words
...
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net >
2024-04-15 11:06:50 +08:00
Stephen Fewer