adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,110 Commits 27 Branches 1,043 Tags
d7531ef74c448c2fe2ce06336c7e4792f2dee4db
Commit Graph

4075 Commits

Author SHA1 Message Date
adfoster-r7 1281f4726f Land #19209, update fileformat modules to show the default template datastore values 2024-05-31 15:12:48 +01:00
Jack Heysel 80ee458410 Land #19151, Add Flowmon Priv Esc Feature Module 
Privilege escalation module for Progress Flowmon unpatched feature
 2024-05-29 11:35:53 -04:00
Zach Goldman 847b29178a change nil guards to default values, nil or blank guards for certain datastore options 2024-05-29 09:34:58 -05:00
Jack Heysel cc7aeb4364 Fix module cleanup 2024-05-29 08:39:06 -04:00
Jack Heysel 72f332aba0 Land #19150, Add Flowmon Command Injection Module 
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
 2024-05-29 08:28:37 -04:00
Jack Heysel e57f4d3cb5 Change xml to html in get_html_document 2024-05-28 16:29:55 -04:00
Jack Heysel 2c6fc11639 Responded to comments, clean up /etc/sudoers file 2024-05-23 16:56:35 -04:00
Jack Heysel a0597007e4 Minor fixes, respond to comments 2024-05-23 14:02:28 -04:00
Dave Yesland 1b55b6512f Rubocop fixes 2024-05-22 12:43:27 -07:00
Dave Yesland b3bc4a6c68 Update progress_flowmon_sudo_privesc_2024.rb 2024-05-21 13:48:20 -07:00
Dave Yesland de99a74540 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:45:36 -07:00
Dave Yesland 5a60a9a3d9 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:42:43 -07:00
Dave Yesland a517a218ab Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:41:44 -07:00
Dave Yesland 90a0be67b6 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:54 -07:00
Dave Yesland 1ddc60b185 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:44 -07:00
cgranleese-r7 67154a12e0 Land #19104, CHAOS rat xss to rce 2024-05-21 11:10:57 +01:00
h00die d1739f32c2 review of chaos rat 2024-05-13 16:55:43 -04:00
Spencer McIntyre 80fdde5fdc Land #19100, Add Loadmaster sudo priv esc 
Add Kemp Progress Loadmaster sudo abuse priv esc
 2024-05-10 10:21:38 -04:00
bwatters b28e263a2b Update debug statements and add protection against bad die name 2024-05-10 08:54:23 -05:00
bwatters 948b18b08c Add a check to the file delete 2024-05-09 15:52:29 -05:00
Spencer McIntyre 47c8d7252b Land #18519, Docker kernel module escape 2024-05-06 09:08:08 -04:00
bwatters b044bcab01 Add command payloads and checks for overwritten files 2024-05-03 13:06:16 -05:00
Spencer McIntyre c2bf9ead06 Add support for redhat based containers 
Containers such as Fedora use a different directory for the kernel
headers.
 2024-05-01 13:30:16 -04:00
DaveYesland c2a561630d Add local privesc module for Flowmon 2024-05-01 09:07:34 -07:00
DaveYesland a7e97e50ad Add module for flowmon cmd injection CVE-2024-2389 2024-05-01 08:42:55 -07:00
Spencer McIntyre 2cb0e44740 Don't change the working directory 2024-05-01 10:35:24 -04:00
Spencer McIntyre 67dc01f124 Remove the unnecessary payload space 2024-04-30 16:29:43 -04:00
bwatters d94971598b Add documentation and fix some debug prints 2024-04-29 15:28:34 -05:00
RadioLogic 15a9b59ccf Made case statements more readable 2024-04-26 21:55:01 -04:00
RadioLogic b51d1b9017 Made shared function with checkcontainer 2024-04-26 21:32:20 -04:00
bwatters 364d491af7 Land #18972, Progress LoadMaster unauthenticated command injection module CVE-2024-1212 
Merge branch 'land-18972' into upstream-master
 2024-04-26 18:18:40 -05:00
bwatters 02c31159ab Add vulnerable versions and fix indention 2024-04-26 17:36:50 -05:00
RadioLogic 7dabfb15be Ran rubocop again 2024-04-26 14:52:14 -04:00
RadioLogic ca9c60badb Made usermodhelper wait for exec 2024-04-26 14:43:39 -04:00
RadioLogic 81aa572e15 Removed uneeded cd in cleanup 2024-04-26 14:15:24 -04:00
RadioLogic 852f888cc8 Added payload limits 2024-04-26 14:06:32 -04:00
RadioLogic 5adc91b7d5 Reverted back to using relative pathing due to kernel make scripts 2024-04-26 13:46:17 -04:00
h00die 7f02902ba1 add event_dependent to chaos_xss 2024-04-24 16:53:24 -04:00
h00die 512da4bc45 chaos rat xss to rce 2024-04-24 16:51:58 -04:00
RadioLogic ecb70eeb8c Rubocop ran on file 2024-04-23 18:53:16 -04:00
RadioLogic f8f7eb919f Removed all use of path traversal for absolute paths 2024-04-23 18:48:33 -04:00
RadioLogic 1c8c91096f Removed port being in documentation as it made no sense 2024-04-23 18:47:30 -04:00
adfoster-r7 718cc0fff4 Land #19122, add EVENT_DEPENDENT to vcenter vmon priv esc 2024-04-23 22:29:53 +01:00
RadioLogic 361fe34167 Update modules/exploits/linux/local/docker_privileged_container_kernel_escape.rb 
Used rex to add in payload

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2024-04-23 17:29:07 -04:00
RadioLogic bee5306ac9 Added suggestions by rubymine 2024-04-23 17:18:30 -04:00
Zach Goldman 26a108aadc Land #19046, Apache Solr Backup Restore RCE [CVE-2023-50386] 2024-04-23 14:08:33 -04:00
Dave Yesland a36244073f Merge pull request #1 from bwatters-r7/update-18972 
Remove Priv Esc to add it to another module and update it to only run…
 2024-04-22 17:53:48 -07:00
Dave Yesland c10bde97ff Merge branch 'rapid7:master' into module/progress_kemp_loadmaster_unauth_cmd_injection 2024-04-22 17:53:32 -07:00
h00die 53c2bf2e74 add EVENT_DEPENDENT to vcenter vmon priv esc 2024-04-22 15:12:27 -04:00
remmons-r7 5df1052037 Addressing msftidy issues 
C:132: 20: [Correctable] Layout/SpaceAroundBlockParameters: Space before first block parameter detected.
C:132: 30: [Correctable] Layout/SpaceAroundBlockParameters: Space after last block parameter detected.
C:133:  5: [Correctable] Layout/IndentationWidth: Use 2 (not 4) spaces for indentation.
C:143:  4: [Correctable] Layout/TrailingEmptyLines: Final newline missing.
 2024-04-18 18:34:18 -05:00