adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,110 Commits 27 Branches 1,043 Tags
d7531ef74c448c2fe2ce06336c7e4792f2dee4db
Commit Graph

938 Commits

Author SHA1 Message Date
Stephen Fewer d7531ef74c fix typo in documentation 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-06-13 15:09:56 +01:00
sfewer-r7 bf9b3f1d2a add documentation 2024-06-10 17:41:55 +01:00
h00die a89d418725 review of northstar c2 2024-05-16 15:17:28 -04:00
h00die 19af4ae4e6 mermaid flow chart 2024-04-24 16:54:02 -04:00
h00die 9fb217fb59 northstar c2 exploit 2024-04-24 16:54:02 -04:00
Zach Goldman 488653d942 Land #19082, FortiNet FortiClient EMS SQLi to RCE [CVE-2023-48788] 2024-04-19 15:03:22 -04:00
fanqiaojun 6b2bdc893b chore: remove repetitive words 
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net>
 2024-04-15 11:06:50 +08:00
Jack Heysel dae9657433 FortiClient EMS Exploit Module 2024-04-12 10:00:07 -07:00
bwatters e58c6b9df2 Land #18721, SharePoint Unauth RCE Exploit Chain (CVE-2023-29357 & CVE-2023-24955) 
Merge branch 'land-18721' into upstream-master
 2024-03-26 12:42:22 -05:00
adfoster-r7 decba4350e Additional changes to documentation 2024-03-25 10:53:08 +00:00
Zach Goldman 2c307f1bb3 Adds session documentation 
add more console output, add to pentesting side

split out session, help, query, query_interactive sections

add multiline examples

update mysql, smb
 2024-03-21 09:52:10 -05:00
Jack Heysel 4e4303c274 Fixed backup_bdc_metadata initialization 2024-02-15 09:26:54 -05:00
Jack Heysel 326b50bd4d Responded to comments 2024-02-06 15:22:21 -05:00
bwatters 46a0052286 Land #18568, added exploit for CVE-2023-32781 - PRTG authenticated RCE 
Merge branch 'land-18568' into upstream-master
 2024-01-22 11:35:38 -06:00
jheysel-r7 5f1fa2a678 Apply suggestions from jvoisin 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-19 20:30:53 -05:00
Jack Heysel 854ec41db1 Initial commit 2024-01-19 15:22:22 -05:00
bwatters ce43db0904 Fix TBDs and give better documentation. 2023-12-21 16:18:36 -06:00
bwatters 78bac2636b Add documentation 2023-12-20 18:44:05 -06:00
Kevin Joensen 2f3e207277 Fixed documentation for exploit 2023-12-15 13:58:10 +01:00
Jemmy Wang 9f9f18c73f Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-11-02 10:10:26 +08:00
Jemmy Wang 00ccebe8ce Upadte documentation for AjaxPro Deserializaion RCE 2023-10-31 13:31:10 +08:00
Jemmy Wang 40683ff591 Add document for AjaxPro Deserialization RCE Module 2023-10-28 01:37:34 +08:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
sfewer-r7 623b589fb5 When I removed the PowerShell target I forgot to update the documentation, this commit updates the documentation to reflect the changes made to the exploit module. 2023-10-04 17:03:28 +01:00
sfewer-r7 1695a12c9c Explicitly state both the release name (e.g. 2022.0.2) and the version number (e.g. 8.8.2) in a more consistent way. 2023-10-02 17:40:11 +01:00
sfewer-r7 53ed4a632b add in exploit module for CVE-2023-40044 - WS_FTP unauthenticated RCE via .NET deserialization. 2023-10-02 11:42:19 +01:00
Christophe De La Fuente 1058291af9 Land #18314, Windows Error Reporting RCE (CVE-2023-36874) 2023-09-27 15:25:06 +02:00
Christophe De La Fuente 2c9932b242 Update documentation - Options section 2023-09-27 15:17:04 +02:00
bwatters 0b84feaf60 updates from code review 2023-09-26 14:03:31 -05:00
bwatters b4a1bb8fa2 Add docs and support for shell sessions; update exe to work without runtime lib. 2023-09-19 17:50:18 -05:00
cgranleese-r7 23dc1a487d Land #18321, Add Ivanti Avalanche MDM Buffer Overflow Exploit (CVE-2023-32560) 2023-09-18 10:43:45 +01:00
Ege Balcı cf4757a6cb Update installation steps. 2023-09-14 18:51:48 +02:00
Ege Balcı 9fbfe63b2f Update documentation/modules/exploit/windows/misc/ivanti_avalanche_mdm_bof.md 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-09-14 16:39:15 +00:00
Simon Janusz 8b56dc0117 Land #18250, CVE-2023-28252: Windows CLFS Driver Privilege Escalation 2023-09-14 10:18:29 +01:00
bwatters 946794c3f8 Land #18341, add CVE-2023-38831 for Winrar 6.22 
Merge branch 'land-18341' into upstream-master
 2023-09-07 15:59:36 -05:00
xaitax d5f355d8de WinRAR 6.22 (CVE-2023-38831) 2023-09-04 18:56:22 +02:00
Ege Balcı a552132fc3 Update documentation/modules/exploit/windows/misc/ivanti_avalanche_mdm_bof.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-09-01 01:53:17 +00:00
Ege Balcı 48cb2db70b Update scenario 2023-09-01 03:48:08 +02:00
jheysel-r7 ef55c4f2c1 Update documentation/modules/exploit/windows/local/cve_2023_28252_clfs_driver.md 2023-08-30 12:11:37 -04:00
Ege Balcı 1d9c7fde77 Add LG Simple Editor Unauthenticated RCE (CVE-2023-40498) Exploit 2023-08-29 17:58:43 +02:00
Christophe De La Fuente 7fa2586e34 Land #18247, Netgear NMS RCE CVE-2023-38096/8 2023-08-28 11:23:08 +02:00
Ege Balcı 8ba2343164 Update documentation/modules/exploit/windows/misc/ivanti_avalanche_mdm_bof.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-08-26 16:26:39 +00:00
Ege Balcı b10d677308 Doc update. 2023-08-25 21:18:48 +02:00
Ege Balcı a971867ca6 Add Ivanti Avalanche MDM Buffer Overflow Exploit (CVE-2023-32560) 2023-08-25 19:26:06 +02:00
Ege Balcı 0fe335aff2 Update documentation/modules/exploit/windows/http/netgear_nms_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-08-24 16:10:30 +00:00
Ismail Dawoodjee c216c5a184 Fix lines in SmarterMail RCE docs for linting with msftidy_docs 2023-08-23 23:07:07 +08:00
Jack Heysel bcfc892195 General code clean up 2023-08-04 14:27:14 -04:00
bwatters e8456a6625 Add documentation and fix null filename catch 2023-08-03 18:30:20 -05:00
Jack Heysel 29c2361a9c Module clean up, docs, metadata, rubocop 2023-08-02 18:53:20 -04:00
Ege Balcı 329920eeb2 Add Netgear NMS RCE (CVE-2023-38096/8) exploit 2023-08-02 18:03:57 +02:00