adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,151 Commits 27 Branches 1,043 Tags
de9cd59ea5bd3348a4dcdc6eb0f0c398cd89d9a7
Commit Graph

3658 Commits

Author SHA1 Message Date
h00die-gr3y de9cd59ea5 added pwd derivation and report credential function including updates based on review comments 2023-04-18 19:17:00 +00:00
h00die-gr3y e0926890ab init commit module 2023-04-14 13:07:12 +00:00
h00die-gr3y 5584685f24 init commit module 2023-04-14 13:05:42 +00:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
Ron Bowes 7dc1faa689 Better error handling, and fix version detection 2023-04-11 09:34:24 -07:00
Ron Bowes 1a8671311d Move the offsets into a field separate from 'targets' 2023-04-07 10:26:56 -07:00
Ron Bowes 02072418f0 Expand the comment about why we're checking for \xff (since it can't appear in the payload) 2023-04-07 10:10:13 -07:00
Ryuuuuu 9985538846 Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb 
fix nil exception

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-04-07 09:55:00 +09:00
Ron Bowes ce111f158a Better error handling 2023-04-06 10:35:33 -07:00
Ron Bowes 523931aa4c Change target options for stack overflow exploit 2023-04-05 15:24:49 -07:00
Ron Bowes c345fe78b8 Fix up error handling and other comments from the PR 2023-04-05 15:13:35 -07:00
Ron Bowes c07ca83d6c Fix the metadata and add an in-memory target 2023-04-05 14:07:12 -07:00
Ron Bowes 04a9ae7335 Add check methods 2023-04-05 10:55:28 -07:00
cgranleese-r7 e004be00fe Converted to Active Support 2023-04-05 16:53:01 +01:00
cgranleese-r7 c3a7da54d5 reduces code duplication 2023-04-04 10:27:11 +01:00
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
Ryuuuuu 8b3d799104 fix check function which always prints vulnerable 2023-04-04 10:07:06 +09:00
Ron Bowes 7cb6213334 Fix an msftidy error 2023-03-29 09:56:04 -07:00
Ron Bowes 54ed192401 Add URLs 2023-03-29 08:10:52 -07:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
adfoster-r7 f626b55831 Land #17825, Update zimbra_slapper_priv_esc.rb 2023-03-28 18:36:18 +01:00
Jack Heysel fcb93fef58 Land #17806, Optergy BMS Backdoor RCE module 
This module exploits an undocumented backdoor vulnerability
(CVE-2019-7276) in the Optergy Proton and Enterprise Building
Management System (BMS) applications.
 2023-03-28 10:27:35 -04:00
Jack Heysel f3c12ba176 Land #17808, Update broken secunia references 
The Secunia links in the framework were dead. They have
now been restored using the wayback machine to grab
replacement links from the earliest date possible.
 2023-03-27 17:20:13 -04:00
dm-ct 38f7cbdfc6 Update zimbra_slapper_priv_esc.rb 
fixing reference to use an archive link as the sites down.
 2023-03-27 16:46:07 +01:00
h00die-gr3y bcef7ee357 updated module and documentation with SUDO option 2023-03-26 18:31:25 +00:00
adfoster-r7 d04c8e1bce Update broken secunia references 2023-03-23 10:43:57 +00:00
h00die-gr3y 28459c286a init commit module and documentation 2023-03-22 18:40:50 +00:00
Jack Heysel 1f2a889d0c Land #17388, Zyxel router RCE 
This module adds a new exploit module for a buffer
overflow in roughly 45 different Zyxel router and VPN models.
 2023-03-21 15:07:04 -04:00
Jack Heysel f5d1aab01a Changed send_request_cgi to raw 2023-03-21 14:26:05 -04:00
Jack Heysel 31a32ccd9b linting and srvhost check fix 2023-03-17 14:39:02 -04:00
jheysel-r7 56761a2f6d Update modules/exploits/linux/misc/zyxel_multiple_devices_zhttp_lan_rce.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-03-17 13:01:02 -04:00
jheysel-r7 6b853b57c6 Update modules/exploits/linux/misc/zyxel_multiple_devices_zhttp_lan_rce.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-03-17 13:00:15 -04:00
jheysel-r7 df365b55a4 Update modules/exploits/linux/misc/zyxel_multiple_devices_zhttp_lan_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2023-03-17 12:57:06 -04:00
Grant Willcox c53a22d3fb Land #17750, FortiNAC keyUpload.jsp arbitrary file write CVE-2022-39952 2023-03-14 11:09:40 -05:00
cgranleese-r7 ec7347cd49 Land #17509, tomcat 7 priv esc on rhel based systems (cve-2016-5425) 2023-03-14 10:16:18 +00:00
Grant Willcox 3bd4c15704 Correct architecture and do final fixes 2023-03-13 15:46:42 -05:00
h00die 8dfe58e617 review comment 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-03-13 14:42:26 -04:00
Jack Heysel 2a9ddae531 Updated description 2023-03-09 17:43:14 -05:00
Jack Heysel 06e7c3d702 Responded to comments updated docs 2023-03-09 17:39:53 -05:00
jheysel-r7 63e2376f64 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2023-03-09 12:31:30 -05:00
Grant Willcox 100cfbccf9 Fix up some more slight things in documentation. Also tidy up some things in the module 2023-03-08 17:25:56 -06:00
Jack Heysel d31220ef1e Updated references 2023-03-08 14:17:34 -05:00
Jack Heysel 263223b783 Last second file reorganization fix 2023-03-08 14:08:46 -05:00
Jack Heysel dfae7e2fc4 FortiNAC keyUploap.jsp arbitrary file write CVE-2022-39952 2023-03-08 14:06:28 -05:00
bcoles 9dcaf93b29 Replace deprecated File.exists? with File.exist? 2023-03-05 14:30:47 +11:00
Jack Heysel 3abd62076c Land #17624, Oracle E-Business Suite Module 
This pull request adds an exploit module for CVE-2022-21587
an arbitrary file upload vulnerability in Oracle Web Applications
Desktop Integrator as shipped with 12.2.3 through to 12.2.11
which results in RCE
 2023-02-28 17:04:20 -05:00
Jack Heysel ca6faed172 Check method enhancement 2023-02-24 13:33:10 -05:00
Jack Heysel 5311a491e9 Froxlor 2.0.7 is actually vulnerable too 2023-02-24 13:18:34 -05:00