adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,455 Commits 27 Branches 1,043 Tags
dcad2aea9df8d33b25b59bc3b2f42ec79ab01d1f
Commit Graph

37617 Commits

Author SHA1 Message Date
jheysel-r7 b1d0eedc26 Merge pull request #19712 from smashery/naa_creds 
NAA creds from SCCM
 2025-03-03 13:50:31 -08:00
Jack Heysel 4d57710d92 Make timeout configurable and nil check content 2025-03-03 11:47:10 -08:00
msutovsky-r7 3c4d0aae2f Land #19899, D-Tale remote code execution module 
Add D-Tale RCE module (CVE-2024-3408, CVE-2025-0655)
 2025-03-03 13:04:45 +01:00
Takah1ro 47351e4959 Use FETCH_DELETE as default 2025-03-03 20:52:55 +09:00
Takah1ro 65d2b6380b Update vulnerable version 2025-03-02 12:14:25 +09:00
Takah1ro 77c3ce52e0 Improve: 
* Support the prior to 3.13.0 versions
* CVE-2024-3408 bypass for authentication
 2025-03-01 11:58:28 +09:00
Takah1ro 316ecd4d04 Use FETCH_FILELESS as default 2025-03-01 11:55:43 +09:00
Spencer McIntyre b3602b2ade Merge pull request #19919 from jheysel-r7/fix/nil_check/esc_cert_finder 
Ldap vulnerable cert finder minor fix for ESC13 detection
 2025-02-28 07:46:06 -05:00
Jack Heysel 62b8ded001 Vuln cert finder minor fix plus doc update 2025-02-27 22:42:27 -08:00
Diego Ledda 7e0b3af790 Land #19879, Add MsDtypSecurityDescriptor to_sddl_text 
Land #19879, Add MsDtypSecurityDescriptor to_sddl_text
 2025-02-27 15:28:27 +01:00
Spencer McIntyre c49b49bdcd Merge pull request #19893 from bwatters-r7/fix/loadmaster_priv_esc_cve 
Remove errant CVE reference.
 2025-02-26 14:24:09 -05:00
Takah1ro 40726d1859 Remove unnecessary & guard operator 2025-02-26 21:13:55 +09:00
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
Diego Ledda f046e70b76 Land #19894, SimpleHelp Path Traversal CVE-2024-57727 
Land #19894, SimpleHelp Path Traversal CVE-2024-57727
 2025-02-25 12:00:34 +01:00
msutovsky-r7 576ff2fb5c Land #19878, MyScada MyPro Manager Credential Harverster Module 
mySCADA MyPRO Manager Credential Harvester (CVE-2025-24865 & CVE-2025-22896) Module
 2025-02-25 11:35:59 +01:00
Diego Ledda 33d0c0c9fd Land #19881, NetAlertX File Read (CVE-2024-48766) 
Land #19881, NetAlertX File Read (CVE-2024-48766)
 2025-02-25 10:42:52 +01:00
Martin Sutovsky 183d5823cc Rollback of fix for check method 2025-02-25 10:21:31 +01:00
Jack Heysel e4ee651c9b Updated docs, fixed Notes 2025-02-24 10:26:01 -08:00
h00die-gr3y 79411eace8 added code sugesstions from dledda-r7 2025-02-24 15:51:32 +00:00
Martin Sutovsky fae3d8390a Calling check method fix & Additional documentation 2025-02-24 15:52:00 +01:00
Martin Sutovsky e883da86cc Adding report_vuln 2025-02-24 12:19:59 +01:00
Martin Sutovsky f7342139b4 Code refactor based on PR 2025-02-24 12:05:04 +01:00
h00die-gr3y 41e690445e simplified some code sections 2025-02-23 12:59:52 +00:00
Takah1ro 4d4b88c94e Add D-Tale unauth RCE module (CVE-2025-0655) 2025-02-23 09:33:42 +09:00
H00die.Gr3y b3a5da976b Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-22 10:35:45 +01:00
h00die-gr3y 47a2079d19 initial module and laravel crypto killer mixin 2025-02-21 18:09:28 +00:00
Jack Heysel fc25e177fc SimpleHelp Path Traversal CVE-2024-57727 2025-02-21 08:15:46 -08:00
h00die-gr3y 215957465c added default options and updated documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y 15c20272ea removed linux dropper code and tested with PR 19850 2025-02-20 13:19:41 -06:00
h00die-gr3y f857e5fe67 fixed code review and updated documentation 2025-02-20 13:19:41 -06:00
H00die.Gr3y 38b3741a15 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-20 13:19:41 -06:00
h00die-gr3y 682be79920 first release module and documentation 2025-02-20 13:19:41 -06:00
h00die-gr3y baac1fc9d0 init commit module 2025-02-20 13:19:40 -06:00
Martin Sutovsky 2cdaf98c74 Fixing descriptions, filename, adding correct CVE and code reformat 2025-02-20 19:48:36 +01:00
msutovsky-r7 27120235d4 Merge branch 'rapid7:master' into netalert_file_read 2025-02-20 19:47:55 +01:00
Brendan c7d59ce829 Merge pull request #19875 from dledda-r7/fix/aarch64-sigill-raspberrypi 
Fix SIGILL on staged meterpreter on RaspberryPi4
 2025-02-20 10:14:07 -06:00
h4x-x0r 0aad255e13 updated 
updated
 2025-02-20 15:40:05 +00:00
bwatters-r7 c8aea65c7a Remove errant CVE reference. 2025-02-20 08:19:23 -06:00
Diego Ledda 4374484147 Land #19850, Add fetch payloads for aarch64, armbe, armle, mipsbe, mipsle, ppc, ppc64, ppc64le 
Land #19850, Add fetch payloads for aarch64, armbe, armle, mipsbe, mipsle, ppc, ppc64, ppc64le
 2025-02-20 11:43:17 +01:00
bwatters-r7 8cbcdd1f6c Add PPC64LE Fetch payloads 2025-02-19 18:10:55 -06:00
bwatters-r7 87ec9ee137 Remove CBEA64 arch values so PPC64 arches have only 1 arch value 
Multiple arches broke payload adaptyers and we do not use them, anyway
 2025-02-19 17:57:39 -06:00
Brendan 66d657f385 Merge pull request #19810 from h00die/fix_loadmaster_2024 
Fix loadmaster privesc check method and refs
 2025-02-18 19:34:00 -06:00
Martin Sutovsky bd42b23ef0 Land #19883, module for unauthenticated RCE in InvokeAI 2025-02-18 14:01:11 +01:00
msutovsky-r7 7cf02c5b14 Update modules/auxiliary/scanner/http/netalertx_file_read.rb 
Co-authored-by: Takahiro Yokoyama <tkhr.y0k0yama@gmail.com>
 2025-02-18 13:44:21 +01:00
Takahiro Yokoyama 6eaae79dc2 Update modules/exploits/linux/http/invokeai_rce_cve_2024_12029.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-02-18 21:21:19 +09:00
Takah1ro 32db7ee6ae Use plain payload 2025-02-18 08:22:15 +09:00
Takah1ro 3ce313ac89 Rubocop formatting 2025-02-18 08:14:56 +09:00
Takahiro Yokoyama a26572d318 Update modules/exploits/linux/http/invokeai_rce_cve_2024_12029.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-02-18 08:09:25 +09:00
msutovsky-r7 05c9550d43 Land #19877, BeyondTrust Privileged Remote Access & Remote Support RCE Module 
Exploit module for BeyondTrust Privileged Remote Access & Remote Support (CVE-2024-12356, CVE-2025-1094)
 2025-02-17 17:43:15 +01:00
sfewer-r7 65e2a20a5d We can remove this line as it is redundant. The regex that follows will check for the same thing as part of its matching expression. Thanks msutovsky-r7 for spoting this. 2025-02-17 16:33:11 +00:00