adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,920 Commits 27 Branches 1,043 Tags
e26d6ca683cf309d255a016de18cafcb66076216
Commit Graph

3838 Commits

Author SHA1 Message Date
Grant Willcox 5961bf700d Land #14314, Pulse Secure Connect Client Credentials Gatherer 2020-12-04 10:04:43 -06:00
bwatters 5d7014bf39 Land #14298, Windows post-exploitation gather module - Memory dumping via Avast AvDump utility 
Merge branch 'land-14298' into upstream-master
 2020-12-02 08:30:38 -06:00
dwelch-r7 3824f3923f Land #14394, Apache Tomcat - AJP 'Ghostcat' File Read/Inclusion 
Apache Tomcat - AJP 'Ghostcat' File Read/Inclusion
 2020-11-30 05:15:29 +00:00
Quentin Kaiser 985aa59e2b Update documentation with scenarios of each branch (9.0.x, 9.1.x) running on Windows 10 with different privileges (unprivileged user, system) where applicable. 2020-11-27 17:15:19 +01:00
Tim W 87eba681e0 Land #14365, Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 19:55:00 +00:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
Graeme Robinson 8e534ffc22 Split scenarios to separate blocks for each target 
As suggested in https://github.com/rapid7/metasploit-framework/pull/14216#discussion_r512868894.
 2020-11-26 13:46:01 +01:00
Graeme Robinson 536e1a1a02 Fix typo in documentation 2020-11-26 13:46:01 +01:00
Graeme Robinson c280bb67e7 Wrap at 140 characters to appease msftidy_docs.rb. 2020-11-26 13:46:01 +01:00
Graeme Robinson 4dc564e62b Added documentation for module. 2020-11-26 13:46:01 +01:00
Spencer McIntyre 95665e916c Land #14416, wordpress plugin 'simple file list' rce 2020-11-25 09:58:26 -05:00
Spencer McIntyre 94c157bc95 Tweak the documentation and module output just a little for clarity 2020-11-25 09:58:07 -05:00
cgranleese-r7 31426576e0 Land #14264, Add exploit/multi/http/kong_gateway_admin_api_rce 2020-11-25 11:09:02 +00:00
Grant Willcox efdc7f062e Land #14241, OpenMediaVault 5.5.11 Authenticated Remote Code Execution 2020-11-24 13:42:53 -06:00
Grant Willcox bd00ce9177 Add in fixes from review 2020-11-24 12:08:51 -06:00
Jared Stroud c5222bead9 adding blog as further references 2020-11-21 22:24:35 -05:00
h00die 92c92f1573 simple file list rce 2020-11-21 08:51:07 -05:00
Spencer McIntyre 1031b12c57 Land #14206, Rockwell FactoryTalk CVE-2020-12027 RCE 2020-11-20 08:49:39 -05:00
Pedro Ribeiro e7196256d4 Update rockwell_factorytalk_rce.md 2020-11-19 17:53:25 +07:00
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
William Vu dcd8ec1d70 Lock JDK to 8u131 to be safe 2020-11-18 15:17:12 -06:00
William Vu 20a90557bf Update module doc 2020-11-18 15:08:12 -06:00
William Vu bcdf5aa586 Clarify Windows target setup further 2020-11-18 14:25:10 -06:00
William Vu 4d610b5500 Clarify using the generic installer for examples 2020-11-18 14:06:13 -06:00
William Vu 83beae731f Add WebLogic Administration Console Handle RCE 
CVE-2020-14882
CVE-2020-14883
 2020-11-18 10:56:02 -06:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 0feff932f2 Change docs to reflect the truth of the "vuln" 2020-11-16 11:38:00 -06:00
SunCSR Team 2d99a07b12 Update and rename documentation/modules/exploit/windows/http/tomcat_ghostcat.md to documentation/modules/auxiliary/admin/http/tomcat_ghostcat.md 2020-11-16 21:03:00 +07:00
SunCSR Team 1bd6b75394 Create tomcat_ghostcat.md 2020-11-16 15:08:14 +07:00
SunCSR Team c7f6188c70 Delete tomcat_ghostcat.md 2020-11-16 15:06:28 +07:00
SunCSR Team 3b95835f5e Rename apache_tomcat_ghostcat.md to tomcat_ghostcat.md 2020-11-16 14:56:33 +07:00
SunCSR Team cc1d335251 Add apache_tomcat_ghostcat.md 2020-11-16 14:44:49 +07:00
Christophe De La Fuente d6b412c58e Land #14340, Add HorizontCMS 1.0.0-beta exploit module and documentation 2020-11-13 13:03:04 +01:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00
William Vu 04bcbd0253 Update module doc 2020-11-11 15:57:29 -06:00
William Vu 42bdae919b Add SaltStack Salt REST API RCE (CVE-2020-16846) 
Leveraging CVE-2020-25592.
 2020-11-11 13:09:26 -06:00
Shelby Pace 65e1ef4cb8 Land #14253, add wp-file-manager rce for wordpress 2020-11-10 08:48:33 -06:00
Tim W e14813485a Land #14331, add msfvenom apk template cmd injection exploit 2020-11-10 17:33:10 +08:00
adfoster-r7 a0106aa603 Land #14269, Add Apache Zookeeper Information Disclosure Auxiliary Module 2020-11-09 20:12:35 +00:00
Grant Willcox 34697ecc11 Apply further fixes from the review process 2020-11-09 12:11:25 -06:00
stasinopoulos 2ee9b47023 Minor update regrarding Options section 2020-11-09 08:59:14 +02:00
stasinopoulos ad5b0af9c6 Fixes n' updates 2020-11-08 10:26:31 +02:00
Christophe De La Fuente 55ccc42cde Land #14319, wp_Loginizer unauth sqli (CVE-2020-27615) 2020-11-05 15:36:10 +01:00
kalba-security e7a20ec47c Add CVE ID to module and docs 2020-11-05 07:05:32 -05:00
Justin Steven 34715de016 Add jdk to msfvenom's APK template dependencies 2020-11-05 20:13:52 +10:00
cgranleese-r7 70985a09e2 Merge pull request #14280 from h00die/mikrofileread 
Land #14280, Mikrotik unauthenticated directory traversal file read
 2020-11-05 09:27:47 +00:00
Karn Ganeshen 55daaecc7b doc updated 2020-11-05 04:06:53 +05:30
h00die dff6a21742 add wp version check 2020-11-04 11:45:06 -05:00
Spencer McIntyre 708de57499 Land #14297, Modified zabbix login to work with newer versions of zabbix 2020-11-02 15:59:22 -05:00
Grant Willcox 7b72120016 Land #14252, Update Avira password gatherer module and associated libaries and add in documentation 2020-11-02 14:37:47 -06:00