adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,134 Commits 27 Branches 1,043 Tags
e52edf447c8c15feb50331f031bf8dfe5e1bcef7
Commit Graph

3907 Commits

Author SHA1 Message Date
Spencer McIntyre e52edf447c Implement feedback from the PR 2024-11-20 13:51:39 -05:00
Spencer McIntyre 9f41937c7a Finish up the exploit module 2024-10-28 17:20:35 -04:00
adfoster-r7 7b400f18fe Fix metabase rce to support older versions 2024-10-17 10:10:50 +01:00
Diego Ledda 9a245e6e06 Land #19485, Module BYOB Unauthenticated RCE (CVE-2024-45256, CVE-2024-45257) 
Land #19485, Module BYOB Unauthenticated RCE (CVE-2024-45256, CVE-2024-45257)
 2024-10-15 17:13:15 +02:00
dledda-r7 3211edd83c docs: review changes 2024-10-09 12:18:35 -04:00
dledda-r7 2762132830 docs: adding motd_persistence docs 2024-10-08 11:22:13 -04:00
jheysel-r7 1cdaeac843 Land #19463 Add Acronis Cyber Default Password RCE 
This adds an RCE module Acronis Cyber Infrastructure Default Password [CVE-2023-45249]
 2024-10-02 16:02:50 -04:00
jheysel-r7 8761226b97 Land #19456 VICIdial Auth RCE module 
This adds a module to exploit CVE-2024-8504 an authenticated RCE in VICIdial
 2024-09-30 17:13:33 -04:00
Chocapikk 10a4b24ed7 Better file clean 2024-09-27 01:17:07 +02:00
h00die-gr3y c43a4f4b0b Fixed cluster ID issue 2024-09-26 21:53:27 +00:00
Brendan dbc020a745 Merge pull request #19441 from Takahiro-Yoko/cve_2023_0386_priv_esc 
Land #19441, Add module: Linux Priv Esc (OverlayFS copying bug) CVE-2023-0386
 2024-09-26 14:07:17 -05:00
Jack Heysel 8e2dbbbd56 Land #19416, Add Traccar RCE module 
This module exploits two vulnerabilities in Traccar v5.1 - v5.12 to
obtain remote code execution: A path traversal vulnerability
CVE-2024-24809 and an unrestricted file upload vulnerability
CVE-2024-31214.
 2024-09-23 15:25:02 -07:00
Valentin Lobstein 5408d0b5ac Update documentation/modules/exploit/unix/webapp/byob_unauth_rce.md 2024-09-23 18:40:26 +02:00
Valentin Lobstein b18cb3ecac Update documentation/modules/exploit/unix/webapp/byob_unauth_rce.md 2024-09-23 18:40:19 +02:00
Chocapikk 9e6adea0dc Add BYOB Unauthenticated RCE module exploiting arbitrary file write and command injection (CVE-2024-45256, CVE-2024-45257) 2024-09-21 04:00:56 +02:00
h00die-gr3y 589b0f8331 updated documentation 2024-09-20 10:29:17 +00:00
h00die-gr3y 8e62f22315 fifth release with the option to use your own SSH private key 2024-09-20 09:50:13 +00:00
h00die-gr3y 8b197a60f9 fourth release addressing review comments of jheysel-r7 2024-09-19 20:54:55 +00:00
Chocapikk ae8df6c34b Add working documentation + working exploit 2024-09-18 17:00:18 +02:00
h00die-gr3y 9971aed96f third release addressing majority of the review comments 2024-09-17 19:23:38 +00:00
H00die.Gr3y d7fa23f30f Apply suggestions from code review 
Co-authored-by: bcoles <bcoles@gmail.com>
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-09-17 19:00:48 +02:00
dledda-r7 0bf524482c Land #19345, Post module Windows LPE CVE-2024-30088 2024-09-17 08:13:21 -04:00
dledda-r7 6e696e24e5 Land #19457, WP Plugin LiteSpeed Cache Account Take Over Module 2024-09-17 06:30:33 -04:00
h00die-gr3y 86c8879270 Added documentation 2024-09-16 19:54:59 +00:00
Jack Heysel 84a8eb7273 Respond to comments 2024-09-16 09:46:57 -07:00
Jack Heysel c11ef15897 Removed unnecessary log lines 2024-09-11 23:49:18 -07:00
Jack Heysel 41cf622f38 Minor docs fix 2024-09-11 23:46:13 -07:00
Jack Heysel c80a03fece WP LiteSpeed exploit CVE-2024-44000 2024-09-11 23:31:26 -07:00
dledda-r7 5e2bf5aaca fix(modules): spip_bigup_unauth_rce minor fix 2024-09-11 11:46:52 -04:00
dledda-r7 62e852176d Land #19444, SPIP BigUp Plugin Unauthenticated RCE 2024-09-11 10:29:12 -04:00
Takah1ro 6b64640f8b Update doc 2024-09-09 21:22:07 +09:00
Takah1ro b8f1bc3da2 Update doc 2024-09-09 08:40:08 +09:00
Chocapikk c75ffb4d43 Update documentation 2024-09-08 07:19:35 +02:00
Chocapikk 43fabb07e5 Update doc + module + (mixin see #19444) 2024-09-08 06:56:13 +02:00
Chocapikk f8675026ec Update documentation again 2024-09-08 06:32:05 +02:00
Chocapikk 289f47fac1 Update documentation with docker setup, working mixin now, update module 2024-09-08 05:59:11 +02:00
Valentin Lobstein 48f8e248a6 Update documentation/modules/exploit/multi/http/spip_bigup_unauth_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-09-07 01:49:57 +02:00
Chocapikk 8608e7021d Add spip_bigup_unauth_rce module 2024-09-06 22:10:18 +02:00
Takah1ro dc81711301 Make timeout user configurable 2024-09-06 08:24:14 +09:00
Takah1ro 3d20dd6ddf Add module: 
Linux Priv Esc (OverlayFS copying bug) CVE-2023-0386
 2024-09-05 22:54:55 +09:00
Chocapikk 7458a2dba3 Remove useless documentation 2024-09-03 20:29:45 +02:00
Chocapikk 36621c05d9 del documentation/modules/exploit/unix/webapp/spip_rce_form.md 2024-08-30 22:22:41 +02:00
Jack Heysel 7bfd814297 Removed memory polling 2024-08-30 12:52:18 -07:00
Chocapikk 586cf482ce Refactoring SPIP Modules for Windows Compatibility and Incorporating SPIP Mixin 2024-08-30 20:37:32 +02:00
adfoster-r7 84ffa524e5 Land #19424, WordPress GiveWP Plugin RCE 2024-08-28 21:09:42 +01:00
adfoster-r7 71ee987079 Add additional documentation steps, and use 0 for the payload http timeout 2024-08-28 19:21:27 +01:00
adfoster-r7 fabb5d1f78 Land #19422, pgAdmin 8.4 RCE / CVE-2024-3116 2024-08-28 18:54:53 +01:00
adfoster-r7 aaf95f9134 Apply suggestions from code review 2024-08-28 18:46:08 +01:00
Valentin Lobstein 2900d45e9f Update documentation/modules/exploit/multi/http/wp_givewp_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-08-28 13:00:32 +02:00
Chocapikk 06a9583cfd Fix typo 2024-08-27 22:16:11 +02:00