adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
79,032 Commits 27 Branches 1,043 Tags
dcd3a62e884cd3fb72a888fa7f793d1e7fb00a6e
Commit Graph

1154 Commits

Author SHA1 Message Date
Valentin Lobstein 6ab2452153 Fix documentation inconsistency: update ports for Flowise 3.0.1 (3005) and add Basic Auth service example 2025-11-19 22:58:27 +01:00
Valentin Lobstein 8fbbc3e043 Update flowise_custommcp_rce documentation: add Basic Auth testing scenario 2025-11-19 22:24:28 +01:00
Valentin Lobstein 44cf2e309f Add Flowise RCE exploits (CVE-2025-59528, CVE-2025-8943) with shared mixin, documentation, and Docker Compose setup 2025-11-19 22:12:49 +01:00
Valentin Lobstein df1c157471 Improve Flowise CustomMCP RCE exploit stability with Basic Auth support and HTTP response validation 2025-11-19 20:12:31 +01:00
Valentin Lobstein b26c4f5c7b Add Flowise Custom MCP RCE exploit (CVE-2025-8943) 2025-11-18 22:25:39 +01:00
Valentin Lobstein 88aadcc856 Add Flowise Custom MCP RCE exploit (CVE-2025-8943) 2025-11-18 22:03:59 +01:00
h00die caa2873a14 more adjustments 2025-11-07 15:42:27 -05:00
h00die d8c73f6684 replace bold options with h3 2025-11-07 15:42:23 -05:00
vognik 74c7f98ad9 code review changes from @msutovsky-r7 2025-10-20 09:00:24 -07:00
vognik 9ad83f6454 Add Vvveb CMS Authenticated RCE (CVE-2025-8518) 2025-10-18 17:12:05 -07:00
h00die 1e9dd04505 update periodic_script to new persistence mechanism 2025-10-13 17:48:00 -04:00
Diego Ledda c718a965d7 Merge pull request #20508 from h00die/modern_persistence_cron 
update cron to persistence mixin
 2025-09-18 12:04:00 +02:00
msutovsky-r7 32aa0d84e4 Land #20525, moves obsidian plugin module to persistence category and mixin 
update obsidian to persistence mixin
 2025-09-16 14:58:15 +02:00
h00die 5abe0f57b7 Update documentation/modules/exploit/multi/persistence/at.md 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-09-12 14:13:27 +02:00
h00die fd1d70ef93 update at persistence to mixin 2025-09-12 14:13:26 +02:00
h00die 785397bb0c cron to multi with persistence mixin 2025-09-09 11:50:31 -04:00
jheysel-r7 7972017936 Merge pull request #20397 from vognik/CVE-2025-34300 
Add Lighthouse Studio unauthenticated RCE (CVE-2025-34300)
 2025-09-08 16:48:29 -07:00
jheysel-r7 0e325e6217 Update documentation/modules/exploit/multi/http/lighthouse_studio_unauth_rce_CVE_2025_34300.md 2025-09-08 16:29:00 -07:00
h00die 5c1673bb20 update obsidian to persistence mixin 2025-09-06 15:05:21 -04:00
msutovsky-r7 9283562ee5 Land #20493, adds XWiki unauthenticated exploit module (CVE-2025-24893) 
Add XWiki Unauthenticated RCE (CVE-2025-24893)
 2025-09-01 13:37:31 +02:00
msutovsky-r7 5d59fbd333 Land #19903, adds module for periodic script persistence 
Add OSX Periodic Script Peristence
 2025-08-29 20:12:12 +02:00
Martin Sutovsky 2681e7cfed Update docs 2025-08-29 17:53:07 +02:00
Maksim Rogov 16b3a352e8 Apply suggestion from @msutovsky-r7 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-25 10:49:49 +03:00
Maksim Rogov 51ca11a9d4 Apply suggestion from @msutovsky-r7 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-24 18:14:28 +03:00
Vognik 7317922be8 Added Documentation 2025-08-24 07:46:59 +04:00
Vognik b13f59128c Added Setup Guide for Windows 2025-08-18 08:20:32 +04:00
bcoles a7ab23d083 Add Malicious XDG Desktop File module 2025-08-04 19:23:02 +10:00
gardnerapp 92d246da13 Update documentation/modules/exploit/multi/local/periodic_script_persistence.md 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-07-29 13:20:00 -04:00
Maksim Rogov 9696cc57db Merge branch 'rapid7:master' into CVE-2025-34300 2025-07-25 11:02:03 +04:00
Maksim Rogov 6e5d474b21 Apply suggestion from @jheysel-r7 in Docs 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-07-24 06:23:01 +03:00
Vognik 38b0bd15e1 Code Review Edits 2025-07-24 07:19:25 +04:00
Vognik 75e1158457 Fixed docs formatting 2025-07-21 03:16:40 +04:00
Vognik e7667d406a Add Lighthouse Studio unauthenticated RCE (CVE-2025-34300) 2025-07-20 15:23:38 +04:00
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
Corey 2351a6a9bc Minor changes to options, add documentation 2025-07-08 13:30:22 -04:00
Valentin Lobstein b9ee9ba88c Update wingftp_null_byte_rce.md 2025-07-03 19:43:06 +02:00
Valentin Lobstein ef3ddec3dd Update documentation/modules/exploit/multi/http/wingftp_null_byte_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2025-07-03 19:41:34 +02:00
Chocapikk 5b268bd4b4 Fix documentation and typos 2025-07-01 22:50:01 +02:00
Chocapikk 1a4a15e83b Add WingFTP unauthenticated RCE (CVE-2025-47812) 2025-07-01 19:15:15 +02:00
Diego Ledda 6d843385ec Merge pull request #20301 from msutovsky-r7/exploit/cve-2021-25094 
Adds module for Tatsu WP plugin (CVE-2021-25094)
 2025-06-25 10:58:22 +02:00
Diego Ledda afdad8ed4c chore(wp_tatsu_rce): msftidy_docs fix 2025-06-25 10:16:49 +02:00
msutovsky-r7 a67c883e0c Removes unnecessary header 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-06-24 15:48:38 +02:00
Diego Ledda c0dfbf43f2 Merge pull request #20235 from Chocapikk/vbulletin_replace_ad_template_rce 
vBulletin replaceAdTemplate Remote Code Execution
 2025-06-19 14:20:16 +02:00
Martin Sutovsky 4fe750a946 Removing redundant comment 2025-06-13 10:33:58 +02:00
Martin Sutovsky 3abe9b46c0 Addressing comments 2025-06-13 10:32:39 +02:00
Martin Sutovsky 0b2e4bc337 Adds module for CVE-2021-25094 2025-06-11 19:03:00 +02:00
Maksim Rogov ed643c3bc6 Update roundcube_auth_rce_cve_2025_49113.md 2025-06-09 18:42:52 +03:00
Maksim Rogov d97b09a898 Rename roundcube_unauth_rce_cve_2025_49113.md to roundcube_auth_rce_cve_2025_49113.md 2025-06-07 16:46:30 +03:00
Maksim Rogov bd811a3cd1 Update roundcube_unauth_rce_cve_2025_49113.md 2025-06-07 04:45:54 +03:00