adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,110 Commits 27 Branches 1,043 Tags
d7531ef74c448c2fe2ce06336c7e4792f2dee4db
Commit Graph

36318 Commits

Author SHA1 Message Date
sfewer-r7 bf9b3f1d2a add documentation 2024-06-10 17:41:55 +01:00
sfewer-r7 c6de00968f typo 2024-06-10 17:17:39 +01:00
sfewer-r7 3a19a54c59 remove dead link 2024-06-10 17:17:28 +01:00
sfewer-r7 998724f683 first commit for cve-2024-4577 2024-06-07 15:44:05 +01:00
sfewer-r7 e325d23526 first commit for cve-2024-4577 2024-06-07 15:43:40 +01:00
adfoster-r7 bf177642b4 Land #19199, Improves UX for scanner/login modules 2024-06-06 16:03:17 +01:00
Christophe De La Fuente 120fa0f2fe Land #19208, Add exploit module for CVE-2024-5084: WordPress Hash Form Plugin RCE 2024-06-05 10:17:02 +02:00
Christophe De La Fuente 67ec4baa66 PR-19208: Add DefaultTarget to the info hash 2024-06-05 10:14:48 +02:00
cgranleese-r7 60e5393102 Updates login/scanner modules to make use of ReportSummary mixin 2024-06-03 11:02:15 +01:00
cgranleese-r7 48f89a2aad Improves UX for scanner/login modules 2024-06-03 10:56:59 +01:00
Chocapikk 6b127249fa Add suggestions 2024-05-31 20:56:03 +02:00
alanfoster 562e1dc453 Add osx aarch64 bind tcp payload 2024-05-31 18:21:24 +01:00
alanfoster 7955381de5 Add osx aarch64 shell reverse tcp payload 2024-05-31 18:05:15 +01:00
alanfoster dbeeadefc7 Add osx aarch64 exec payload 2024-05-31 17:51:38 +01:00
adfoster-r7 1281f4726f Land #19209, update fileformat modules to show the default template datastore values 2024-05-31 15:12:48 +01:00
Jack Heysel 80ee458410 Land #19151, Add Flowmon Priv Esc Feature Module 
Privilege escalation module for Progress Flowmon unpatched feature
 2024-05-29 11:35:53 -04:00
Zach Goldman 847b29178a change nil guards to default values, nil or blank guards for certain datastore options 2024-05-29 09:34:58 -05:00
Jack Heysel cc7aeb4364 Fix module cleanup 2024-05-29 08:39:06 -04:00
Jack Heysel 72f332aba0 Land #19150, Add Flowmon Command Injection Module 
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
 2024-05-29 08:28:37 -04:00
Jack Heysel e57f4d3cb5 Change xml to html in get_html_document 2024-05-28 16:29:55 -04:00
Chocapikk bea708d24c Add exploit module for CVE-2024-5084: WordPress Hash Form Plugin RCE 2024-05-28 18:27:02 +02:00
Christophe De La Fuente f274c46bd2 Land #19103, jasmin ransomware sqli and dir travers (CVE-2024-30851) 2024-05-27 11:23:42 +02:00
Jack Heysel 2c6fc11639 Responded to comments, clean up /etc/sudoers file 2024-05-23 16:56:35 -04:00
Jack Heysel a0597007e4 Minor fixes, respond to comments 2024-05-23 14:02:28 -04:00
Dave Yesland 1b55b6512f Rubocop fixes 2024-05-22 12:43:27 -07:00
Dave Yesland b3bc4a6c68 Update progress_flowmon_sudo_privesc_2024.rb 2024-05-21 13:48:20 -07:00
Dave Yesland de99a74540 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:45:36 -07:00
Dave Yesland 5a60a9a3d9 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:42:43 -07:00
Dave Yesland a517a218ab Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:41:44 -07:00
Dave Yesland 90a0be67b6 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:54 -07:00
Dave Yesland 1ddc60b185 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:44 -07:00
Jack Heysel 6e9e4a5aed Land #19102, Northstar C2 Stored XSS to Agent RCE 
Add exploit module for CVE-2024-28741, Northstar C2 Stored XSS to Agent
RCE
 2024-05-21 14:57:44 -04:00
Jack Heysel 10acd86390 Land #19071, Add AVideo RCE module 
Add module for CVE-2024-31819 which exploits an LFI in AVideo which uses
PHP Filter Chaining to turn the LFI into unauthenticated RCE
 2024-05-21 14:27:15 -04:00
adfoster-r7 6d2041b1cb Fix crashing mipsle modules 2024-05-21 12:52:12 +01:00
cgranleese-r7 67154a12e0 Land #19104, CHAOS rat xss to rce 2024-05-21 11:10:57 +01:00
bwatters f8c69e434d Land #19173, Add CarotDAV FTP PackRat module 
Merge branch 'land-19173' into upstream-master
 2024-05-17 16:49:33 -05:00
bwatters 8a68eebbf6 Land #19171, Add Sylpheed Email PackRat module 
Merge branch 'land-19171' into upstream-master
 2024-05-17 10:39:56 -05:00
Jacob 175e16a29a Removed unused regex search 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-17 09:59:20 -05:00
Jacob a8f1d35773 Re-structured artifact enumeration option 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-17 09:59:20 -05:00
-Pink-Panther 39630f1d2b Added post module for Adi IRC Client 2024-05-17 09:58:23 -05:00
adfoster-r7 25a1318052 Land #19170, Refactor smb lookupsid module 2024-05-17 13:43:52 +01:00
sjanusz-r7 34ab7d97b2 Follow MS-LSAD and MS-LSAT spec for LSARPC & LookupSids 2024-05-17 10:59:37 +01:00
sjanusz-r7 138a553b36 Add support for configurable RPORT, session & default rports to lookupsid 2024-05-17 10:59:37 +01:00
sjanusz-r7 d569077564 Refactor smb_lookupsid module to use RubySMB 2024-05-17 10:59:37 +01:00
Jacob 6de0048354 Removed unused regex search 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-16 19:15:00 -05:00
-Pink-Panther d08247776c Re-arranged Author list 2024-05-16 19:12:54 -05:00
-Pink-Panther cf15b1f858 Added post module for Quassel IRC Client 2024-05-16 19:12:54 -05:00
bwatters d54b3920b2 Land #19165, Add Halloy IRC PackRat module 
Merge branch 'land-19165' into upstream-master
 2024-05-16 16:59:47 -05:00
Chocapikk da31761336 Lint 2024-05-15 22:13:53 +02:00
Valentin Lobstein 3900680a96 Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-15 22:07:45 +02:00