adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,283 Commits 27 Branches 1,043 Tags
d89df446bfde2a39773feba4f747d43d12f4e601
Commit Graph

4085 Commits

Author SHA1 Message Date
Christophe De La Fuente 24fa34e7b9 Land #19188, Netis MW5360 unauthenticated RCE [CVE-2024-22729] 2024-06-24 13:40:51 +02:00
Christophe De La Fuente 8fc6e20cec Update other modules to use java_class_loader_start_service and cmdstager_start_service 2024-06-14 12:57:42 +02:00
h00die-gr3y 4e26704d73 Update addressing cdelafuente-r7 comments 2024-06-12 18:57:29 +00:00
h00die-gr3y 6a77c2e562 Final tweaks in check method 2024-06-08 11:33:55 +00:00
h00die-gr3y 0e3471d543 Final draft 2024-06-07 19:47:06 +00:00
h00die-gr3y 55fa94995b Updated check method 2024-06-06 22:23:35 +00:00
adfoster-r7 1281f4726f Land #19209, update fileformat modules to show the default template datastore values 2024-05-31 15:12:48 +01:00
Jack Heysel 80ee458410 Land #19151, Add Flowmon Priv Esc Feature Module 
Privilege escalation module for Progress Flowmon unpatched feature
 2024-05-29 11:35:53 -04:00
Zach Goldman 847b29178a change nil guards to default values, nil or blank guards for certain datastore options 2024-05-29 09:34:58 -05:00
Jack Heysel cc7aeb4364 Fix module cleanup 2024-05-29 08:39:06 -04:00
Jack Heysel 72f332aba0 Land #19150, Add Flowmon Command Injection Module 
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
 2024-05-29 08:28:37 -04:00
Jack Heysel e57f4d3cb5 Change xml to html in get_html_document 2024-05-28 16:29:55 -04:00
h00die-gr3y e7d65fe60a Update based on bwatters-r7 comments 2024-05-27 17:45:07 +00:00
Jack Heysel 2c6fc11639 Responded to comments, clean up /etc/sudoers file 2024-05-23 16:56:35 -04:00
Jack Heysel a0597007e4 Minor fixes, respond to comments 2024-05-23 14:02:28 -04:00
Dave Yesland 1b55b6512f Rubocop fixes 2024-05-22 12:43:27 -07:00
Dave Yesland b3bc4a6c68 Update progress_flowmon_sudo_privesc_2024.rb 2024-05-21 13:48:20 -07:00
Dave Yesland de99a74540 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:45:36 -07:00
Dave Yesland 5a60a9a3d9 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:42:43 -07:00
Dave Yesland a517a218ab Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:41:44 -07:00
Dave Yesland 90a0be67b6 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:54 -07:00
Dave Yesland 1ddc60b185 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:44 -07:00
h00die-gr3y 66a7fbf0ea Update based on jvoisin comments 2024-05-21 20:21:35 +00:00
cgranleese-r7 67154a12e0 Land #19104, CHAOS rat xss to rce 2024-05-21 11:10:57 +01:00
h00die-gr3y 31babb6ca1 Fixed disclosure date 2024-05-19 12:23:21 +00:00
h00die-gr3y 6d844ae9c8 first release module 2024-05-19 12:16:14 +00:00
h00die d1739f32c2 review of chaos rat 2024-05-13 16:55:43 -04:00
Spencer McIntyre 80fdde5fdc Land #19100, Add Loadmaster sudo priv esc 
Add Kemp Progress Loadmaster sudo abuse priv esc
 2024-05-10 10:21:38 -04:00
bwatters b28e263a2b Update debug statements and add protection against bad die name 2024-05-10 08:54:23 -05:00
bwatters 948b18b08c Add a check to the file delete 2024-05-09 15:52:29 -05:00
Spencer McIntyre 47c8d7252b Land #18519, Docker kernel module escape 2024-05-06 09:08:08 -04:00
bwatters b044bcab01 Add command payloads and checks for overwritten files 2024-05-03 13:06:16 -05:00
Spencer McIntyre c2bf9ead06 Add support for redhat based containers 
Containers such as Fedora use a different directory for the kernel
headers.
 2024-05-01 13:30:16 -04:00
DaveYesland c2a561630d Add local privesc module for Flowmon 2024-05-01 09:07:34 -07:00
DaveYesland a7e97e50ad Add module for flowmon cmd injection CVE-2024-2389 2024-05-01 08:42:55 -07:00
Spencer McIntyre 2cb0e44740 Don't change the working directory 2024-05-01 10:35:24 -04:00
Spencer McIntyre 67dc01f124 Remove the unnecessary payload space 2024-04-30 16:29:43 -04:00
bwatters d94971598b Add documentation and fix some debug prints 2024-04-29 15:28:34 -05:00
RadioLogic 15a9b59ccf Made case statements more readable 2024-04-26 21:55:01 -04:00
RadioLogic b51d1b9017 Made shared function with checkcontainer 2024-04-26 21:32:20 -04:00
bwatters 364d491af7 Land #18972, Progress LoadMaster unauthenticated command injection module CVE-2024-1212 
Merge branch 'land-18972' into upstream-master
 2024-04-26 18:18:40 -05:00
bwatters 02c31159ab Add vulnerable versions and fix indention 2024-04-26 17:36:50 -05:00
RadioLogic 7dabfb15be Ran rubocop again 2024-04-26 14:52:14 -04:00
RadioLogic ca9c60badb Made usermodhelper wait for exec 2024-04-26 14:43:39 -04:00
RadioLogic 81aa572e15 Removed uneeded cd in cleanup 2024-04-26 14:15:24 -04:00
RadioLogic 852f888cc8 Added payload limits 2024-04-26 14:06:32 -04:00
RadioLogic 5adc91b7d5 Reverted back to using relative pathing due to kernel make scripts 2024-04-26 13:46:17 -04:00
h00die 7f02902ba1 add event_dependent to chaos_xss 2024-04-24 16:53:24 -04:00
h00die 512da4bc45 chaos rat xss to rce 2024-04-24 16:51:58 -04:00
RadioLogic ecb70eeb8c Rubocop ran on file 2024-04-23 18:53:16 -04:00