adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
79,032 Commits 27 Branches 1,043 Tags
dcd3a62e884cd3fb72a888fa7f793d1e7fb00a6e
Commit Graph

4443 Commits

Author SHA1 Message Date
Brendan e998b91aee Merge pull request #20717 from sfewer-r7/fortiweb-exploit-rce 
Add exploit module for Fortinet FortiWeb (CVE-2025-64446 + CVE-2025-58034)
 2025-11-25 14:14:31 -06:00
Brendan 1912fe2a95 Merge pull request #20702 from Zedeldi/igel-os-modules 
IGEL OS modules
 2025-11-25 13:59:44 -06:00
sfewer-r7 fa03ac8b66 on 7.4.8 the command nohup is not available. we must execute our payload in a new session, so we use a python stub to essentially call setsid. This has been tested to work on both 8.0.1 and 7.4.8. Teh payload cmd/unix/reverse_python isnot working as it previously was, so I am removing from the list of confirmed paylaods. The other two, cmd/unix/reverse_bash and cmd/unix/reverse_openssl work fine on both versions 2025-11-25 11:25:41 +00:00
Zedeldi 4b2798f357 Correct vulnerable version information 2025-11-24 17:10:51 +00:00
Zedeldi ce926fd3d1 Update vulnerable IGEL OS version to < 11.09.310 2025-11-24 11:57:18 +00:00
Zedeldi 933fb7bdf1 Add clean-up information 2025-11-24 11:43:46 +00:00
Zedeldi 002795c5be Update module information in documentation 2025-11-24 11:24:23 +00:00
Brendan 21777b8969 Merge pull request #20685 from msutovsky-r7/persistence/windows/notepad++_persistence 
Adds notepad++ persistence module for Windows
 2025-11-21 14:28:28 -06:00
msutovsky-r7 8f2525aba7 Land #20705, adds modules for Flowise RCEs (CVE-2025-59528, CVE-2025-8943) 
Add Flowise RCE exploits (CVE-2025-59528, CVE-2025-8943)
 2025-11-21 21:20:22 +01:00
Zedeldi b13137886a Add IGEL OS and vulnerability summary to documentation 2025-11-21 13:09:28 +00:00
sfewer-r7 aff76622fa add in the unauth RCE exploit module for CVE-2025-64446 + CVE-2025-58034 2025-11-21 12:22:25 +00:00
msutovsky-r7 e2097ee1bc Land #20701, adds windows WSL registry persistence module 
Windows WSL registry persistence
 2025-11-20 15:15:22 +01:00
Valentin Lobstein 6ab2452153 Fix documentation inconsistency: update ports for Flowise 3.0.1 (3005) and add Basic Auth service example 2025-11-19 22:58:27 +01:00
Valentin Lobstein 8fbbc3e043 Update flowise_custommcp_rce documentation: add Basic Auth testing scenario 2025-11-19 22:24:28 +01:00
Valentin Lobstein 44cf2e309f Add Flowise RCE exploits (CVE-2025-59528, CVE-2025-8943) with shared mixin, documentation, and Docker Compose setup 2025-11-19 22:12:49 +01:00
Valentin Lobstein df1c157471 Improve Flowise CustomMCP RCE exploit stability with Basic Auth support and HTTP response validation 2025-11-19 20:12:31 +01:00
Valentin Lobstein b26c4f5c7b Add Flowise Custom MCP RCE exploit (CVE-2025-8943) 2025-11-18 22:25:39 +01:00
Valentin Lobstein 88aadcc856 Add Flowise Custom MCP RCE exploit (CVE-2025-8943) 2025-11-18 22:03:59 +01:00
h00die a0222d0783 rework windows service persistence 2025-11-17 19:02:53 -05:00
h00die 92e1720ad5 fix docs 2025-11-17 19:02:53 -05:00
h00die 450e1df340 windows service now with persistence mixin 2025-11-17 19:02:50 -05:00
Zedeldi c6db0d4285 Move IGEL OS persistence module to linux/persistence 2025-11-17 18:42:28 +00:00
Zedeldi c37f7872a3 Add documentation for IGEL OS modules 2025-11-17 16:33:15 +00:00
h00die e3560e43cf windows wsl registry persistence 2025-11-16 08:35:44 -05:00
Martin Sutovsky 58eec7d319 Adds docs 2025-11-12 16:28:54 +01:00
Diego Ledda c007d3a89f Merge pull request #20674 from msutovsky-r7/exploit/win/cve-2025-59287 
Adds module for unauthenticated deserialization in WSUS (CVE-2025-59287)
 2025-11-12 12:40:32 +01:00
Diego Ledda 29088b4712 Merge pull request #20576 from msutovsky-r7/modules/persistence/linqpad_deserialization 
Moves LINQPad module into persistence category
 2025-11-11 16:41:12 +01:00
Martin Sutovsky 6aeb81a499 Adds MITRE reference, updates docs 2025-11-10 18:32:13 +01:00
Martin Sutovsky 2cbf32ce40 Adds documentation base 2025-11-10 12:27:13 +01:00
h00die b646e0e044 docs editing for consistency 2025-11-07 15:42:27 -05:00
h00die fb02ec4554 remove 4 space indents in options 2025-11-07 15:42:27 -05:00
h00die caa2873a14 more adjustments 2025-11-07 15:42:27 -05:00
h00die d8c73f6684 replace bold options with h3 2025-11-07 15:42:23 -05:00
Diego Ledda 110cb837aa Merge pull request #20672 from h00die-gr3y/centreon_auth_rce 
Centreon authenticated command injection leading to RCE via broker engine "reload" parameter [CVE-2025-5946]
 2025-11-05 16:29:29 +01:00
Martin Sutovsky 5ad76f82d1 Adds more docs, adds description 2025-11-04 13:49:43 +01:00
Martin Sutovsky 98467f3a21 Adds msf payload to module, adds docs 2025-11-04 12:28:03 +01:00
h00die-gr3y 408eceb2d9 small update documentation 2025-11-03 10:27:44 +00:00
h00die-gr3y 85b4233345 updated module based on review comments and added documentation 2025-11-03 10:21:31 +00:00
Diego Ledda 13dc61e2e8 Merge pull request #20523 from h00die/modern_persistence_upstart 
update upstart to persistence mixin
 2025-10-31 12:28:59 +01:00
msutovsky-r7 af5baeb3c6 Land #20660, adds windows task scheduler persistence module 
Windows task scheduler persistence
 2025-10-31 10:16:19 +01:00
msutovsky-r7 c804e5fb55 Land #20643, expands diamorphine privilege escalation module to other rootkits 
Add Rootkit Privilege Escalation Signal Hunter
 2025-10-31 10:00:21 +01:00
bcoles 676a2ed4b1 Add Rootkit Privilege Escalation Signal Hunter 2025-10-31 17:22:19 +11:00
msutovsky-r7 09f1d1ae57 Land #20650, adds module for NCR Command Center Agent unauthenticated RCE (CVE-2021-3122) 
Add NCR Command Center Agent Unauthenticated RCE (CVE-2021-3122)
 2025-10-30 08:26:42 +01:00
msutovsky-r7 56480df99f Land #20662, adds windows startup folder persistence module 
windows persistence: startup folder
 2025-10-29 13:23:35 +01:00
Martin Sutovsky 44c3d9b5db Fixes documentation, removes unused parameters, code cleanup 2025-10-29 07:58:47 +01:00
Martin Sutovsky 5bf842c15e Moves module to persistence category, docs reformat 2025-10-29 07:57:19 +01:00
h00die c0b3f40b3e upstart review 2025-10-27 19:45:38 -04:00
h00die fd04f465eb windows persistence: startup folder 2025-10-27 15:35:52 -04:00
msutovsky-r7 d839a84a12 Land #20631, moves windows registry module into persistence category 
update windows registry to persistence mixin
 2025-10-27 14:57:48 +01:00
h00die c210a897ac windows persistence: task scheduler 2025-10-26 16:17:16 -04:00