dc70aa0896
Land #19247 , PHP CGI Arg injection RCE
...
XAMPP installs running on Windows system configured to use Japanese or
Chinese (simplified or traditional) locales are vulnerable to a PHP CGI
argument injection vulnerability. This exploit module returns a session
running in the context of the Administrator user
2024-06-17 11:27:38 -07:00
d7531ef74c
fix typo in documentation
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-06-13 15:09:56 +01:00
18fe758416
Finish up and document the deserialization RCE
2024-06-12 08:58:37 -04:00
2d63038196
Update documentation/modules/exploit/windows/http/rejetto_hfs_rce_cve_2024_23692.md
...
fix a typo in the documentation.
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2024-06-11 16:23:56 +01:00
bf9b3f1d2a
add documentation
2024-06-10 17:41:55 +01:00
c8208704be
add in exploit module for CVE-2024-23692
2024-06-06 18:04:14 +01:00
a89d418725
review of northstar c2
2024-05-16 15:17:28 -04:00
19af4ae4e6
mermaid flow chart
2024-04-24 16:54:02 -04:00
9fb217fb59
northstar c2 exploit
2024-04-24 16:54:02 -04:00
488653d942
Land #19082 , FortiNet FortiClient EMS SQLi to RCE [CVE-2023-48788]
2024-04-19 15:03:22 -04:00
6b2bdc893b
chore: remove repetitive words
...
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net >
2024-04-15 11:06:50 +08:00
dae9657433
FortiClient EMS Exploit Module
2024-04-12 10:00:07 -07:00
e58c6b9df2
Land #18721 , SharePoint Unauth RCE Exploit Chain (CVE-2023-29357 & CVE-2023-24955)
...
Merge branch 'land-18721' into upstream-master
2024-03-26 12:42:22 -05:00
decba4350e
Additional changes to documentation
2024-03-25 10:53:08 +00:00
2c307f1bb3
Adds session documentation
...
add more console output, add to pentesting side
split out session, help, query, query_interactive sections
add multiline examples
update mysql, smb
2024-03-21 09:52:10 -05:00
4e4303c274
Fixed backup_bdc_metadata initialization
2024-02-15 09:26:54 -05:00
326b50bd4d
Responded to comments
2024-02-06 15:22:21 -05:00
46a0052286
Land #18568 , added exploit for CVE-2023-32781 - PRTG authenticated RCE
...
Merge branch 'land-18568' into upstream-master
2024-01-22 11:35:38 -06:00
5f1fa2a678
Apply suggestions from jvoisin
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2024-01-19 20:30:53 -05:00
854ec41db1
Initial commit
2024-01-19 15:22:22 -05:00
ce43db0904
Fix TBDs and give better documentation.
2023-12-21 16:18:36 -06:00
78bac2636b
Add documentation
2023-12-20 18:44:05 -06:00
2f3e207277
Fixed documentation for exploit
2023-12-15 13:58:10 +01:00
9f9f18c73f
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-02 10:10:26 +08:00
00ccebe8ce
Upadte documentation for AjaxPro Deserializaion RCE
2023-10-31 13:31:10 +08:00
40683ff591
Add document for AjaxPro Deserialization RCE Module
2023-10-28 01:37:34 +08:00
557a15a115
spelling fixes on docs
2023-10-10 14:46:18 -04:00
623b589fb5
When I removed the PowerShell target I forgot to update the documentation, this commit updates the documentation to reflect the changes made to the exploit module.
2023-10-04 17:03:28 +01:00
1695a12c9c
Explicitly state both the release name (e.g. 2022.0.2) and the version number (e.g. 8.8.2) in a more consistent way.
2023-10-02 17:40:11 +01:00
53ed4a632b
add in exploit module for CVE-2023-40044 - WS_FTP unauthenticated RCE via .NET deserialization.
2023-10-02 11:42:19 +01:00
1058291af9
Land #18314 , Windows Error Reporting RCE (CVE-2023-36874)
2023-09-27 15:25:06 +02:00
2c9932b242
Update documentation - Options section
2023-09-27 15:17:04 +02:00
0b84feaf60
updates from code review
2023-09-26 14:03:31 -05:00
b4a1bb8fa2
Add docs and support for shell sessions; update exe to work without runtime lib.
2023-09-19 17:50:18 -05:00
23dc1a487d
Land #18321 , Add Ivanti Avalanche MDM Buffer Overflow Exploit (CVE-2023-32560)
2023-09-18 10:43:45 +01:00
cf4757a6cb
Update installation steps.
2023-09-14 18:51:48 +02:00
9fbfe63b2f
Update documentation/modules/exploit/windows/misc/ivanti_avalanche_mdm_bof.md
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2023-09-14 16:39:15 +00:00
8b56dc0117
Land #18250 , CVE-2023-28252: Windows CLFS Driver Privilege Escalation
2023-09-14 10:18:29 +01:00
946794c3f8
Land #18341 , add CVE-2023-38831 for Winrar 6.22
...
Merge branch 'land-18341' into upstream-master
2023-09-07 15:59:36 -05:00
d5f355d8de
WinRAR 6.22 (CVE-2023-38831)
2023-09-04 18:56:22 +02:00
a552132fc3
Update documentation/modules/exploit/windows/misc/ivanti_avalanche_mdm_bof.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-09-01 01:53:17 +00:00
48cb2db70b
Update scenario
2023-09-01 03:48:08 +02:00
ef55c4f2c1
Update documentation/modules/exploit/windows/local/cve_2023_28252_clfs_driver.md
2023-08-30 12:11:37 -04:00
1d9c7fde77
Add LG Simple Editor Unauthenticated RCE (CVE-2023-40498) Exploit
2023-08-29 17:58:43 +02:00
7fa2586e34
Land #18247 , Netgear NMS RCE CVE-2023-38096/8
2023-08-28 11:23:08 +02:00
8ba2343164
Update documentation/modules/exploit/windows/misc/ivanti_avalanche_mdm_bof.md
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-26 16:26:39 +00:00
b10d677308
Doc update.
2023-08-25 21:18:48 +02:00
a971867ca6
Add Ivanti Avalanche MDM Buffer Overflow Exploit (CVE-2023-32560)
2023-08-25 19:26:06 +02:00
0fe335aff2
Update documentation/modules/exploit/windows/http/netgear_nms_rce.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-08-24 16:10:30 +00:00
c216c5a184
Fix lines in SmarterMail RCE docs for linting with msftidy_docs
2023-08-23 23:07:07 +08:00
Jack Heysel