adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,235 Commits 27 Branches 1,043 Tags
daee69e1d0f5b30ac1bc858dbaba2cd5cd0e9b52
Commit Graph

5617 Commits

Author SHA1 Message Date
vtoutain daee69e1d0 Fix msftidy errors 2023-05-10 11:55:50 +02:00
vtoutain df6c2bf7eb Documentation update 
Modified the layout according to reviews, updated scenarios output, and added the JSON example output.
 2023-04-24 11:47:21 +02:00
vtoutain e565a8f962 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-24 11:44:52 +02:00
space-r7 365b7c099c Land #17895, add Joomla api scanner 2023-04-21 09:50:24 -05:00
h00die 17f674e3fa review comments 2023-04-20 16:23:52 -04:00
vtoutain d875741c87 Fixed documentation typos 2023-04-19 11:43:08 +02:00
vtoutain 35c7d3918d Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-19 11:24:37 +02:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
vtoutain e4ae9e0997 Merge branch 'rapid7:master' into dolibarr_16_contact_dump 2023-04-18 11:37:13 +02:00
Jack Heysel 78e80f8e32 docs fix 2023-04-17 16:41:35 -04:00
Jack Heysel 162fe21659 Documentation copy pasta correction 2023-04-17 16:39:57 -04:00
jheysel-r7 d4b668e27b Update documentation/modules/exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-04-17 16:36:31 -04:00
Jack Heysel db853f9a68 Land #17711, SPIP unauth RCE module 
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
 2023-04-17 15:30:03 -04:00
jvoisin a4e1952da3 Add a module for the latest SPIP vuln 2023-04-17 13:41:03 -04:00
adfoster-r7 396a4b90cc Land #17892, update unified_remote_rce docs 2023-04-17 13:53:32 +01:00
dsecbypass 3b710293f5 Dolibarr 16 unauthenticated contact database dump 
Auxiliary module and documentation.
 2023-04-17 14:52:05 +02:00
h00die 32b6741cd8 joomla api cve-2023-23752 2023-04-16 22:54:54 -04:00
h00die 37130e5a3d move asan docs 2023-04-16 10:19:43 -04:00
h00die 4b176c8ef5 fix unified_remote_rce docs 2023-04-16 10:11:01 -04:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
Ron Bowes 6119330e29 Update documentation to match current version of modules 2023-04-11 09:48:53 -07:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
Ron Bowes c22c2904c2 Fix msftidy_docs stuff 2023-04-05 10:53:58 -07:00
Jack Heysel 15d267a233 Land #17826, post module for CVE-2023-21768 
This adds an exploit module for CVE-2023-21768 that
achieves local privilege escalation on Windows 11 2H22.
 2023-03-30 12:27:28 -04:00
dwelch-r7 ab08cd2d1c Land #17753, Update get_ticket to support using forged golden tickets 2023-03-30 14:15:48 +01:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
space-r7 9cd024a7a2 Land #17828, add AMQP login scanner module 2023-03-29 09:24:48 -05:00
space-r7 72ec93d27a Land #17827, add AMQP version scanner module 2023-03-28 16:00:42 -05:00
Jack Heysel fcb93fef58 Land #17806, Optergy BMS Backdoor RCE module 
This module exploits an undocumented backdoor vulnerability
(CVE-2019-7276) in the Optergy Proton and Enterprise Building
Management System (BMS) applications.
 2023-03-28 10:27:35 -04:00
Spencer McIntyre 97d67c6a79 Add an AMQP login scanner 2023-03-27 16:53:03 -04:00
Spencer McIntyre 95e8a1c175 Initial AMQP version scanner 2023-03-27 16:44:11 -04:00
space-r7 f9c6caa804 Land #17785, add SolarWinds (SWIS) deser RCE 2023-03-27 15:25:17 -05:00
Christophe De La Fuente 6d4ee0c071 Add exploit for CVE-2023-21768 2023-03-27 20:08:22 +02:00
h00die-gr3y bcef7ee357 updated module and documentation with SUDO option 2023-03-26 18:31:25 +00:00
jheysel-r7 0d6195a9ae Merge branch 'master' into proftpd_modcopy_exec 2023-03-24 21:16:54 -04:00
Jack Heysel b7ac6d45d5 Land #17789, proftpd_modcopy_exec enhancements 
This PR add documentation, notes, a reference URL, and a few
general code improvements to the check and exploit methods.
 2023-03-24 21:08:28 -04:00
Spencer McIntyre 3ca177eb1f Add the exploit for CVE-2022-38108 2023-03-23 17:28:58 -04:00
h00die-gr3y 0c87b0b7cf removed Windows reference from documentation 2023-03-23 10:34:51 +00:00
bcoles 69daea95d6 exploit/unix/ftp/proftpd_modcopy_exec: Add docs and resolve RuboCop violations 2023-03-23 18:13:20 +11:00
h00die-gr3y 820e625baa updated documentation 2023-03-22 21:17:54 +00:00
h00die-gr3y 8226fb9022 fixed small typos documentation 2023-03-22 20:04:34 +00:00
h00die-gr3y 28459c286a init commit module and documentation 2023-03-22 18:40:50 +00:00
space-r7 67ac2dc584 Land #17771, add monitorr file upload rce 2023-03-22 13:00:38 -05:00
Jack Heysel 1f2a889d0c Land #17388, Zyxel router RCE 
This module adds a new exploit module for a buffer
overflow in roughly 45 different Zyxel router and VPN models.
 2023-03-21 15:07:04 -04:00