adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,003 Commits 27 Branches 1,043 Tags
df0ca500c04bcc668d58ea97fb516fd02471d84f
Commit Graph

30993 Commits

Author SHA1 Message Date
agalway-r7 1858b574ec Land #15305, Authenticated RCE module for NSClient++ 2021-06-09 15:38:34 +01:00
Yann Castel c7b7b871c9 missing variable e for rescue 2021-06-09 11:13:39 +02:00
Yann Castel 674eb51f86 add scenario + small changes 2021-06-09 08:59:35 +02:00
Hakyac dc40cddb04 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:38:01 +02:00
Hakyac d2bf8ae912 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:34:40 +02:00
Yann Castel 2df710158e conflict fixed 2021-06-08 15:29:38 +02:00
Yann Castel 31515faccb various changes 2021-06-08 15:26:50 +02:00
Hakyac ce0c699213 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:11:25 +02:00
Hakyac 1f2f04b0d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:10:08 +02:00
Yann Castel cf5848ab3e add comment for second token generation 2021-06-08 14:31:03 +02:00
Hakyac 9e0b7cb171 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:21:04 +02:00
Hakyac 21bfa629d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:52 +02:00
Hakyac 38c63a6966 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:32 +02:00
Yann Castel e9305dc622 rubocop ok 2021-06-08 09:32:51 +02:00
Yann Castel bf96b88446 add default port + set ssl to true 2021-06-07 16:48:16 +02:00
Yann Castel 212039fa6b rubocop ok 2021-06-07 16:30:42 +02:00
Yann Castel 6a7e30749d initial commit 2021-06-07 14:39:10 +02:00
Grant Willcox 69690ef09e Fix RuboCop issues with sudo_baron_samedit.rb that were causing failures in some builds 2021-06-04 12:03:13 -05:00
Spencer McIntyre 1d003e9dee Land #15293, Redis extractor improvements 2021-06-04 10:23:07 -04:00
Spencer McIntyre eea2f10f2e Use ALL_CAPS for normal datastore options 2021-06-04 10:22:42 -04:00
Spencer McIntyre 0903fc8b37 Land #15284, fix a localization issue 2021-06-04 09:39:49 -04:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
adfoster-r7 34002bcf72 Land #15291, remove unneeded Msf::Post::File mixin from FortiOS module 2021-06-03 16:07:37 +01:00
Shelby Pace 8b737c2c60 Land #15231, add SuiteCRM log file rce 2021-06-03 09:11:00 -05:00
Grant Willcox bd8a96aa23 Apply minor RuboCop edit 2021-06-03 07:57:31 -05:00
Grant Willcox 107a6a3ce2 Fix up module by removing an import that was causing crashes 2021-06-03 07:48:12 -05:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
William Vu 6498554084 Clean up NetMotion Mobility exploit and docs 
Refactor target selection once again.
 2021-06-02 23:47:01 -05:00
Ashley Donaldson 3920c0873c Fix bugs in redis_extractor module 
- Long values were truncated because the network didn't pull enough data, so parsing failed
- Race condition if value was deleted between scan and retrieval of value
- Also support retrieving a subset of keys (e.g. it stores session IDs, there are thousands of them and we only need a few)
 2021-06-03 11:54:02 +10:00
William Vu 37a7ee2e28 Clean up f5_icontrol_rest_ssrf_rce 
Escalate a warning and prefer a variable.
 2021-06-02 20:32:47 -05:00
mcorybillington d2b539e3c9 authentication fix from add cookie jar merge 2021-06-02 16:54:09 -05:00
Shelby Pace 3056e8f946 add cookie jar and AutoCheck 2021-06-02 13:09:33 -05:00
Shelby Pace 187ab078c0 Land #15122, add Cacti sqli to rce exploit 2021-06-01 11:40:23 -05:00
Shelby Pace 598f925fd3 remove extra spaces 2021-06-01 11:37:45 -05:00
pingport80 8d57d9cfec fix localization issue in module linux/gather/ppp_chap_secrets 2021-06-01 21:33:33 +05:30
Spencer McIntyre 74e324e8c1 Land #15260, Add #pidof to Msf::Post::Process 
Add the #pidof method to Msf::Post::Process and update #get_processes to
fallback to the shell version if it fails for some reason.
 2021-06-01 09:53:08 -04:00
pingport80 fe8e586b22 fall to shell when meterpreter fails get_processes 
shift `pidof` to `Msf::Post::Process`
 2021-06-01 18:51:39 +05:30
h00die d849376ae6 rebase and rubocop 2021-05-29 15:56:50 -04:00
h00die 7e758f8b74 review comments 2021-05-29 15:55:24 -04:00
h00die 825cc9d284 upgraded to meterp 2021-05-29 15:55:24 -04:00
h00die 95331c9ada set default payload 2021-05-29 15:55:24 -04:00
h00die 94d122f573 more suggestions 2021-05-29 15:55:24 -04:00
Alan Foster 38929227d7 Update cacti rce to use cookie jar api 2021-05-29 15:55:24 -04:00
h00die fde3334b70 some review comments 2021-05-29 15:55:24 -04:00
h00die 721a47ad7f cacti 1.2.12 sql to rce 2021-05-29 15:55:24 -04:00
mcorybillington dea7f50d36 Cover log file restoriation in all failure cases 2021-05-29 09:25:10 -05:00
M. Cory Billington 1451e9b56b Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:32 -05:00
M. Cory Billington fa1ad1b32e Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:28 -05:00
M. Cory Billington b4f699fb15 Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:23 -05:00
Spencer McIntyre 4ae442496b Land #15267, Shodan search fix for max pages 2021-05-27 09:21:09 -04:00