adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
79,821 Commits 27 Branches 1,043 Tags
dc2ef2ed771844bf65e124fd3f7dcc0bfaea4f61
Commit Graph

5261 Commits

Author SHA1 Message Date
Valentin Lobstein f41eda1128 Add GHSA and OSV reference type support 
Add support for GHSA (GitHub Security Advisories) and OSV (Open Source
Vulnerabilities) as structured reference types in Metasploit modules.

Convert 49 hardcoded GHSA URLs to structured ['GHSA', 'GHSA-xxxx'] format
across existing modules, and add support for repository-specific GHSA
references with an optional third parameter ['GHSA', 'GHSA-xxxx', 'repo'].

Update reference validation, module validator, and info_fixups to handle
the new reference types correctly.
 2026-02-09 15:17:23 +01:00
jheysel-r7 f31776caf0 Merge pull request #20778 from h00die/ssh_keys 
Update and combine ssh key persistence with mixin
 2026-01-27 06:39:10 -08:00
h00die 0b68476817 Update modules/exploits/multi/persistence/ssh_key.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-26 16:44:46 -05:00
h00die 048163ea89 ssh_key persistence review 2026-01-24 16:36:54 -05:00
Spencer McIntyre c0e9288ac5 Merge pull request #20799 from jheysel-r7/feat/cacti_graph_template_rce 
Cacti Graph Template Authenticated RCE [CVE-2025-24367]
 2026-01-22 14:26:38 -05:00
Spencer McIntyre 18a4cf8c00 Use the ssl setting for HttpServer#start_service 2026-01-22 13:49:28 -05:00
Jack Heysel e9a6a6fd45 Responded to comments 2026-01-22 15:03:32 +01:00
Jack Heysel 96b788e1e8 Increase length of cron job name 2026-01-22 15:03:32 +01:00
Jack Heysel 0e0a6cc9cd Removed duplicate platform 2026-01-22 15:03:31 +01:00
Jack Heysel 2e484d552e Finishing touches 2026-01-22 15:03:31 +01:00
Jack Heysel 99e032f4af SmarterTools SmarterMail Unauth File Upload RCE [CVE-2025-52691] 2026-01-22 15:03:30 +01:00
msutovsky-r7 537a1c5395 Land #19821, adds Burpsuite persistence module 
Burp extension persistence
 2026-01-22 11:03:08 +01:00
jheysel-r7 719874a7f4 Merge pull request #20750 from MatDupas/add-exploit-oracle-ebs-cve-2025-61882-module 
Add exploit oracle ebs CVE 2025 61882 module
 2026-01-21 16:08:09 -08:00
Jack Heysel 927f5330f4 Rubocop fixes 2026-01-21 14:56:08 -08:00
Jack Heysel c45309e9ab Added payload length guards 2026-01-21 11:34:21 -08:00
jheysel-r7 b6da204725 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2026-01-21 10:09:12 -08:00
MatDupas b46649769e Fix formatting issues in oracle_ebs exploit script 2026-01-21 09:00:52 +01:00
MatDupas a05863f6f6 Clean up comment in generate_xsl_payload method 
Removed comment about generating XSLT payload.
 2026-01-21 08:57:10 +01:00
MatDupas cb3df4b4de Refactor payload options in Oracle EBS exploit 2026-01-21 08:56:01 +01:00
MatDupas c5df078b41 Clarify payload option comment in exploit module 
Updated the comment for the payload option to clarify usage.
 2026-01-21 08:54:53 +01:00
Martin Sutovsky ffb725f4da Rubocopes 2026-01-21 08:16:39 +01:00
h00die 0234dc7a26 Update modules/exploits/multi/persistence/burp_extension.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-01-20 19:28:18 -05:00
h00die ad343cb383 Update modules/exploits/multi/persistence/burp_extension.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-01-20 19:27:46 -05:00
h00die cf43e496b1 Update modules/exploits/multi/persistence/burp_extension.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-01-20 19:27:08 -05:00
jheysel-r7 c47a74d0dd Merge pull request #20770 from vognik/Splunk_2022-43571_CVE-2024-36985 
Add Splunk RCE Exploits (CVE-2022-43571 & CVE-2024-36985)
 2026-01-20 12:36:51 -08:00
MatDupas c351514291 Refine description for Oracle EBS CVE-2025-61882 exploit 
Updated the description of the Oracle E-Business Suite CVE-2025-61882 RCE exploit module to provide more detailed information about the exploit mechanism and affected versions.
 2026-01-20 21:09:25 +01:00
MatDupas 37c69a9bf1 Refactor Oracle EBS CVE-2025-61882 exploit module 
Updated the Oracle E-Business Suite exploit module to fix rubocop linting errors
 2026-01-20 09:12:05 +01:00
vognik 9e320dd168 add suggestions from @jheysel-r7 2026-01-19 18:45:01 -08:00
MatDupas bff88db29b Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2026-01-19 15:07:45 +01:00
MatDupas 9377662118 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2026-01-19 15:06:47 +01:00
MatDupas 68f7d42bb8 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2026-01-19 15:04:59 +01:00
MatDupas 47d0b1c208 Clarify default payload comment in exploit module 
Updated the comment for the default payload option to clarify its usage.
 2026-01-19 10:47:47 +01:00
MatDupas 141fa5a169 Refactor smuggling payload creation and session handling 
Refactor HTTP request smuggling logic and error handling.
 2026-01-19 10:41:23 +01:00
MatDupas daf0fc89fc Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-19 10:34:24 +01:00
MatDupas 21a1245a77 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-17 16:13:55 +01:00
MatDupas ec31ff1351 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-17 16:08:43 +01:00
MatDupas 607f4651a5 Update modules/exploits/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2026-01-17 12:26:52 +01:00
h00die 7ccf574e99 burp extension all working 2026-01-16 08:44:27 -05:00
Brendan ade984aead Merge pull request #20793 from Chocapikk/avideo-v2 
Add AVideo notify.ffmpeg.json.php unauthenticated RCE exploit (CVE-2025-34433)
 2026-01-15 17:36:07 -06:00
h00die fa83217a07 burp extension java target working 2026-01-15 16:15:48 -05:00
h00die 1a6aaa91d0 fix up windows implementation 2026-01-13 16:50:21 -05:00
msutovsky-r7 eae97b314a Land #20810, adds module for authenticated RCE in n8n (CVE-2025-68613) 
Adds module for n8n workflow expression RCE (CVE-2025-68613)
 2026-01-13 16:51:06 +01:00
Martin Sutovsky fec9388c33 Adds comment 2026-01-13 16:31:01 +01:00
Diego Ledda 9463ed4453 Merge pull request #20855 from h00die/fix_persistence_windows 
Enhance Persistences
 2026-01-13 10:20:46 -05:00
Martin Sutovsky 7b55f22afb Fixes payload delivery and execution to support all vulnerable versions 2026-01-13 15:37:12 +01:00
Brendan 10d12570c0 Merge pull request #20791 from Chocapikk/webcheck 
Add Web-Check screenshot API command injection RCE exploit (CVE-2025-32778)
 2026-01-12 17:14:04 -06:00
h00die 52ad17690f add arch to windows modules and triggered execution attck to most persistence 2026-01-09 16:21:07 -05:00
jheysel-r7 dc5039b84c Update modules/exploits/multi/http/cacti_graph_template_rce.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2026-01-09 09:46:08 -08:00
Martin Sutovsky 5e8ec214e9 Fixes cleanup 2026-01-09 11:58:53 +01:00
jheysel-r7 ae4a5ac986 Merge pull request #20786 from zeroSteiner/feat/lib/mod-merge-target-info 
Merge target info into the module info
 2026-01-08 18:01:14 -08:00