adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,905 Commits 27 Branches 1,043 Tags
d8d1ea7ffb8c1a210bffc1925bc700459823aeb4
Commit Graph

18455 Commits

Author SHA1 Message Date
Jack Heysel d8d1ea7ffb Added on_new_session method 2024-05-29 16:04:00 -04:00
Jack Heysel 5d2a6aa4a1 Updated authors 2024-05-28 16:03:56 -04:00
Jack Heysel 9955724f0a Fixed check method, responded to comments 2024-05-28 15:54:28 -04:00
Jack Heysel d13ce0b1b8 rubocop fixes 2024-05-27 15:05:07 -04:00
Jack Heysel 92b259981f Added WRITEABLE_DIR datastore option plus minor improvements 2024-05-27 12:48:17 -04:00
Jack Heysel 576191b34f beta commit 2024-05-10 09:01:58 -07:00
Spencer McIntyre 47c8d7252b Land #18519, Docker kernel module escape 2024-05-06 09:08:08 -04:00
adfoster-r7 4c84f8830f Land #18907, add mssql_version module 2024-05-03 14:33:35 +01:00
adfoster-r7 5e1dc05f09 Fix apache_normalize_path_rce check method 2024-05-01 20:01:38 +01:00
Spencer McIntyre c2bf9ead06 Add support for redhat based containers 
Containers such as Fedora use a different directory for the kernel
headers.
 2024-05-01 13:30:16 -04:00
Spencer McIntyre 2cb0e44740 Don't change the working directory 2024-05-01 10:35:24 -04:00
Spencer McIntyre 67dc01f124 Remove the unnecessary payload space 2024-04-30 16:29:43 -04:00
Spencer McIntyre 434186200a Land #19141, Apache RocketMQ & ActiveMQ fixes 2024-04-29 18:33:47 -04:00
jheysel-r7 6055d8a005 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2024-04-29 17:37:49 -04:00
RadioLogic 15a9b59ccf Made case statements more readable 2024-04-26 21:55:01 -04:00
RadioLogic b51d1b9017 Made shared function with checkcontainer 2024-04-26 21:32:20 -04:00
bwatters 364d491af7 Land #18972, Progress LoadMaster unauthenticated command injection module CVE-2024-1212 
Merge branch 'land-18972' into upstream-master
 2024-04-26 18:18:40 -05:00
bwatters 02c31159ab Add vulnerable versions and fix indention 2024-04-26 17:36:50 -05:00
Jack Heysel 3b57fbf052 ActiveMQ fixes 2024-04-26 14:25:16 -07:00
Jack Heysel 429eaff5ca RocketMQ fixes 2024-04-26 14:24:08 -07:00
RadioLogic 7dabfb15be Ran rubocop again 2024-04-26 14:52:14 -04:00
RadioLogic ca9c60badb Made usermodhelper wait for exec 2024-04-26 14:43:39 -04:00
RadioLogic 81aa572e15 Removed uneeded cd in cleanup 2024-04-26 14:15:24 -04:00
RadioLogic 852f888cc8 Added payload limits 2024-04-26 14:06:32 -04:00
RadioLogic 5adc91b7d5 Reverted back to using relative pathing due to kernel make scripts 2024-04-26 13:46:17 -04:00
Zach Goldman d0a714d1e8 refactor packet parsing code 2024-04-24 15:06:36 -04:00
RadioLogic ecb70eeb8c Rubocop ran on file 2024-04-23 18:53:16 -04:00
RadioLogic f8f7eb919f Removed all use of path traversal for absolute paths 2024-04-23 18:48:33 -04:00
RadioLogic 1c8c91096f Removed port being in documentation as it made no sense 2024-04-23 18:47:30 -04:00
adfoster-r7 718cc0fff4 Land #19122, add EVENT_DEPENDENT to vcenter vmon priv esc 2024-04-23 22:29:53 +01:00
RadioLogic 361fe34167 Update modules/exploits/linux/local/docker_privileged_container_kernel_escape.rb 
Used rex to add in payload

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2024-04-23 17:29:07 -04:00
RadioLogic bee5306ac9 Added suggestions by rubymine 2024-04-23 17:18:30 -04:00
Zach Goldman 26a108aadc Land #19046, Apache Solr Backup Restore RCE [CVE-2023-50386] 2024-04-23 14:08:33 -04:00
Dave Yesland a36244073f Merge pull request #1 from bwatters-r7/update-18972 
Remove Priv Esc to add it to another module and update it to only run…
 2024-04-22 17:53:48 -07:00
Dave Yesland c10bde97ff Merge branch 'rapid7:master' into module/progress_kemp_loadmaster_unauth_cmd_injection 2024-04-22 17:53:32 -07:00
h00die 53c2bf2e74 add EVENT_DEPENDENT to vcenter vmon priv esc 2024-04-22 15:12:27 -04:00
Jack Heysel b8675f0fd7 Land #19005, Add Gambio Webshop Unauth RCE 
A Remote Code Execution vulnerability in Gambio online webshop version
4.9.2.0 and lower allows remote attackers to run arbitrary commands via
unauthenticated HTTP POST request
 2024-04-19 12:18:17 -07:00
Zach Goldman 488653d942 Land #19082, FortiNet FortiClient EMS SQLi to RCE [CVE-2023-48788] 2024-04-19 15:03:22 -04:00
bwatters 4733d1dc04 Land #19101, Exploit module for CVE-2024-4300 - Palo Alto Networks PAN-OS 
Merge branch 'land-19101' into upstream-master
 2024-04-19 12:49:41 -05:00
jheysel-r7 3205fe9e63 Apply suggestions from code review 2024-04-19 13:44:18 -04:00
Jack Heysel 27f5ad8e05 Land #18996, VSCode Malicious Ext module 
This PR adds a new exploit that creates a malicious vsix file. a vsix
file is a VS and VSCode extension file. Once installed, the users
computer will call back with a shell. Its not a bug, its a feature!
 2024-04-18 18:10:46 -07:00
Jack Heysel bcaa5359da Land #18997, Add GitLens VSCode Extension Exploit 
GitKraken GitLens before v.14.0.0 allows an untrusted workspace to
execute git commands. A repo may include its own .git folder including a
malicious config file to execute arbitrary code.
 2024-04-18 17:19:41 -07:00
remmons-r7 5df1052037 Addressing msftidy issues 
C:132: 20: [Correctable] Layout/SpaceAroundBlockParameters: Space before first block parameter detected.
C:132: 30: [Correctable] Layout/SpaceAroundBlockParameters: Space after last block parameter detected.
C:133:  5: [Correctable] Layout/IndentationWidth: Use 2 (not 4) spaces for indentation.
C:143:  4: [Correctable] Layout/TrailingEmptyLines: Final newline missing.
 2024-04-18 18:34:18 -05:00
remmons-r7 982b6aef0a Incorporating PAN-OS module peer review suggestions, adding documentation for the module 2024-04-18 18:21:12 -05:00
h00die a551ef136c remove default shells on gitlens module 2024-04-18 17:31:02 -04:00
h00die-gr3y 331c961412 update module and documentation with tax country logic 2024-04-18 19:13:19 +00:00
remmons-r7 22d3ee5df2 Changing the wording for TARGETURI 2024-04-18 08:25:06 -05:00
remmons-r7 cea9fb66ed Swap out staged payload for unstaged 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-04-18 08:21:18 -05:00
remmons-r7 9741b12d29 Addressing a new issue the linter caught after changes 
W:117:  5: [Correctable] Lint/UselessAssignment: Useless assignment to variable - res.
 2024-04-17 15:44:45 -05:00
remmons-r7 7e191c75e7 Addressing msftidy issues 
Fixes for the following:
W: 80:  5: [Correctable] Lint/UselessAssignment: Useless assignment to variable - res_create_file. Did you mean res_check_created?
C: 90: 81: [Correctable] Style/TrailingCommaInArguments: Avoid comma after the last parameter of a method call.
C: 93:  8: [Correctable] Style/InverseMethods: Use != instead of inverting ==.
C: 93: 42: [Correctable] Style/AndOr: Use && instead of and.
C: 93: 46: [Correctable] Style/InverseMethods: Use != instead of inverting ==.
C: 94: 43: [Correctable] Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
C💯 18: [Correctable] Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
C:131: 18: [Correctable] Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
 2024-04-17 15:40:08 -05:00