adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,110 Commits 27 Branches 1,043 Tags
d7531ef74c448c2fe2ce06336c7e4792f2dee4db
Commit Graph

1515 Commits

Author SHA1 Message Date
sfewer-r7 bf9b3f1d2a add documentation 2024-06-10 17:41:55 +01:00
sfewer-r7 c6de00968f typo 2024-06-10 17:17:39 +01:00
sfewer-r7 3a19a54c59 remove dead link 2024-06-10 17:17:28 +01:00
sfewer-r7 998724f683 first commit for cve-2024-4577 2024-06-07 15:44:05 +01:00
sfewer-r7 e325d23526 first commit for cve-2024-4577 2024-06-07 15:43:40 +01:00
h00die 9ed9ea8c38 add event_dependent to northstar_c2 2024-04-24 16:54:58 -04:00
h00die dd5a8c629f northstar_c2 adjustments 2024-04-24 16:54:02 -04:00
h00die 9fb217fb59 northstar c2 exploit 2024-04-24 16:54:02 -04:00
Zach Goldman 488653d942 Land #19082, FortiNet FortiClient EMS SQLi to RCE [CVE-2023-48788] 2024-04-19 15:03:22 -04:00
Spencer McIntyre 727849202d Land #19087, chore: remove repetitive words 2024-04-17 09:59:46 -04:00
sjanusz-r7 010f044117 Add https prefix to module URL references 2024-04-17 13:00:41 +01:00
fanqiaojun 6b2bdc893b chore: remove repetitive words 
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net>
 2024-04-15 11:06:50 +08:00
Jack Heysel dae9657433 FortiClient EMS Exploit Module 2024-04-12 10:00:07 -07:00
bwatters e58c6b9df2 Land #18721, SharePoint Unauth RCE Exploit Chain (CVE-2023-29357 & CVE-2023-24955) 
Merge branch 'land-18721' into upstream-master
 2024-03-26 12:42:22 -05:00
errorxyz 97513d473f Update manageengine_endpoint_central and servicedesk_plus default payloads 2024-02-23 00:00:18 +05:30
Jack Heysel 4e4303c274 Fixed backup_bdc_metadata initialization 2024-02-15 09:26:54 -05:00
Gaurav Jain 184ed3a162 Add suggested changes 2024-02-09 02:22:20 +05:30
Gaurav Jain 4dc21bae45 Merge branch 'rapid7:master' into manageengine 2024-02-08 15:11:15 +05:30
Gaurav Jain 25804edbf4 Add java targets for manageengine cve-2022-47966 modules 2024-02-08 01:55:52 +05:30
Jack Heysel ad45681116 Updated jwt_token format 2024-02-06 16:42:56 -05:00
Jack Heysel 92bbc47bd8 Changed tabs to spaces fixed msftidy 2024-02-06 15:54:33 -05:00
Jack Heysel 4bb871453e Rubocop 2024-02-06 15:44:06 -05:00
Jack Heysel 326b50bd4d Responded to comments 2024-02-06 15:22:21 -05:00
adfoster-r7 094d6ee36b Add additional reliability and stability notes to modules 2024-01-22 23:29:57 +00:00
Kevin Joensen dfa54d02b9 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-01-22 10:10:14 +01:00
Jack Heysel aa30a00c0e Rubocop 2024-01-21 19:45:29 -05:00
Jack Heysel 7a5fe5b32c Randomized payload plus minor fixes 2024-01-21 19:04:14 -05:00
jheysel-r7 be631e5213 Apply remaining suggestions from jvoisin 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-19 20:32:49 -05:00
jheysel-r7 5f1fa2a678 Apply suggestions from jvoisin 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-19 20:30:53 -05:00
Jack Heysel 9e5783a3e7 Rubocop 2024-01-19 15:42:39 -05:00
Jack Heysel 31ebc8273a Added AutoCheck check in exploit method 2024-01-19 15:40:35 -05:00
Jack Heysel 854ec41db1 Initial commit 2024-01-19 15:22:22 -05:00
Kevin Joensen 3b8f684d08 Fixed check module function 2023-12-29 16:18:50 +01:00
Kevin Joensen 2f023f7315 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-29 14:50:47 +01:00
Kevin Joensen 5de0e4e234 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-13 14:30:00 +01:00
Kevin Joensen 52a23e3afb Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-13 14:29:49 +01:00
Kevin Joensen 83dccfafaf added retry_until_truthy and sensor deletion upon payload running 2023-12-07 15:16:42 +01:00
Kevin Joensen 2718c078d2 removed WfsDelay 2023-12-01 10:15:55 +01:00
Kevin Joensen d26db0b1dd changed datastore['TARGETURI'] to target_uri.path 2023-12-01 10:15:13 +01:00
Kevin Joensen 26e7807154 updated URI to TARGETURI 2023-12-01 10:09:06 +01:00
Kevin Joensen 9105966b20 Fixed debug string 2023-12-01 10:07:28 +01:00
Kevin Joensen 7dbd938e3b fixed linting with rubocop and msftidy.rb 2023-11-27 18:44:10 +01:00
Kevin Joensen 3ffeef36f6 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-27 11:48:50 +01:00
Kevin Joensen ebc18db0ac Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-27 11:48:12 +01:00
Kevin Joensen 4906ea228d updated fields to have random values 2023-11-27 09:39:18 +01:00
Kevin Joensen 27b2cdf5b1 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Remove obsolete slash in normalize_uri parameters

Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-25 13:09:15 +01:00
Kevin Joensen 32380d8a26 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Remove obsolete slash in normalize_uri parameters

Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-25 13:09:03 +01:00
Kevin Joensen a04943063e Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Removes quotes from normalize_uri parameters.

Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-25 13:07:08 +01:00
Kevin Joensen 8c007c0ef7 added exploit for CVE-2023-32781 - PRTG authenticated RCE 2023-11-23 19:28:02 +01:00
Jemmy Wang f83f183fe2 Apply Code Suggestions from review 2023-11-03 00:04:20 +08:00