adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,006 Commits 27 Branches 1,043 Tags
e586bb04cf41e01ead52236c20fdce6840361aaa
Commit Graph

695 Commits

Author SHA1 Message Date
Brendan Coles 6cdb484d7c Add Aerospike Database UDF Lua Code Execution exploit 2020-12-05 14:15:22 +00:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 0feff932f2 Change docs to reflect the truth of the "vuln" 2020-11-16 11:38:00 -06:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00
William Vu 04bcbd0253 Update module doc 2020-11-11 15:57:29 -06:00
William Vu 42bdae919b Add SaltStack Salt REST API RCE (CVE-2020-16846) 
Leveraging CVE-2020-25592.
 2020-11-11 13:09:26 -06:00
youkergav 23c6c415eb Added python alternative and check function 2020-10-09 03:58:55 -04:00
youkergav 38fb644169 Architecture updates; base64 password; compliance 2020-09-25 23:58:48 -04:00
youkergav 17483f838e Bug fixes per requests 2020-09-25 00:01:52 -04:00
youkergav 49a5dfc139 Spelling and grammer fixes 2020-09-24 03:29:07 -04:00
youkergav 35dd9cb517 Add Login to User with Su on Linux / Unix Systems 2020-09-24 02:36:26 -04:00
Christophe De La Fuente 2d1b378a18 Land #14122, Jenkins Deserialization RCE (CVE-2017-1000353) 2020-09-22 12:32:09 +02:00
Shelby Pace 2ae50e9304 Land #14025, add Artica Proxy auth bypass / rce 2020-09-21 15:27:53 -05:00
h00die ee77cc8e78 Land #14123, vyos restricted shell escape and priv escalation 2020-09-19 09:13:38 -04:00
Brendan Coles 6208f8795a vyos_restricted_shell_privesc: support login as admin user 2020-09-18 15:49:25 +00:00
Shelby Pace 74669f4052 Land #14135, add tp-link command injection 2020-09-18 09:47:02 -05:00
Shelby Pace f4bfad0439 msftidy_docs changes 2020-09-18 09:42:14 -05:00
Pietro Oliva 5f204257a5 Remove unnecessary comma, fix docs 2020-09-18 10:15:23 -04:00
Pietro Oliva d3f68d0fe4 Fix double shell issue 2020-09-18 09:23:02 -04:00
Shelby Pace 510d119579 add steps for producing serialized object 2020-09-17 13:58:48 -05:00
Shelby Pace f5f010a1b0 Update documentation/modules/exploit/linux/http/jenkins_cli_deserialization.md 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-09-17 09:11:43 -05:00
Pietro Oliva 072f35c270 -Updated module to work using CmdStager 
-Updated documentation accordingly
-Removed unnecessary includes and simplified code
 2020-09-16 19:51:15 -04:00
Shelby Pace 0f0d6a233b Land #14074, add Mida eFramework command injection 2020-09-16 10:24:51 -05:00
0xsysenter b0f329a238 Update documentation/modules/exploit/linux/http/tp_link_ncxxx_bonjour_command_injection.md 
improved documentation

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-15 21:00:06 +02:00
0xsysenter a987065eae Update documentation/modules/exploit/linux/http/tp_link_ncxxx_bonjour_command_injection.md 
improved documentation

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-15 20:59:31 +02:00
William Vu 5ba3301d16 Fix nexus_repo_manager_el_injection.md scenario 
Missed in 966194d2b7.
 2020-09-15 13:14:36 -05:00
Pietro Oliva 19d8527275 Added module documentation 2020-09-15 12:32:27 -04:00
Niboucha Redouane 3a09337935 Remove AUTH_BYPASS target 2020-09-15 01:51:34 +02:00
Brendan Coles 485c51c88c Add VyOS restricted-shell Escape and Privilege Escalation 2020-09-11 18:19:25 +00:00
Brendan Coles febe38e1ce resolve qa comments 2020-09-11 17:16:10 +00:00
Shelby Pace d86f9427c9 change version check and add sleep 2020-09-11 11:49:14 -05:00
Shelby Pace 926398dd6f add remaining docs info 2020-09-10 18:25:34 -05:00
Shelby Pace 89d07c472a add documentation 2020-09-09 18:55:23 -05:00
Brendan Coles f5717e2a17 Add software URL 2020-08-31 15:50:37 +00:00
Niboucha Redouane 82d8b92e24 add module documentation 2020-08-30 16:57:01 +02:00
Brendan Coles 9d33ebd54a Add Mida Solutions eFramework ajaxreq.php Command Injection 2020-08-30 12:46:00 +00:00
gwillcox-r7 27ae6c4edd Land #13986, Add CVE-2020-16205 exploit for Geutebruck G-CAM 2020-08-17 09:24:32 -05:00
gwillcox-r7 8f80d9b8b6 Minor updates to the documentation to reflect the fact that the username and password could be something other than root/admin 2020-08-17 09:12:02 -05:00
Spencer McIntyre ea1f3d60f1 Adjust XML whitespace and add commands to the setup docs 2020-08-17 10:03:44 -04:00
William Vu eda222434f Execute commands in a shell 2020-08-14 21:46:34 -05:00
William Vu d3febe3284 Set SSL as a DefaultOption and update RPORT 2020-08-14 21:46:34 -05:00
William Vu 46b6368597 Add Apache OFBiz XML-RPC Java deserialization 2020-08-14 21:46:34 -05:00
ddouhine 5e7c821d6d Update geutebruck_testaction_exec.md 2020-08-14 23:15:12 +02:00
gwillcox-r7 dc21773f10 Apply updates to make the English a bit neater r.e affected versions. Also applied updates to make the markdown have bullet points so it displays better. Finally modified up the module description to explain the actual issue a bit more, but it might still need work 2020-08-13 15:13:55 -05:00
ddouhine 42a2a77a7e Update geutebruck_testaction_exec.md 
or now... (forgot the msftidy_docs just before)
 2020-08-13 14:29:29 -05:00
ddouhine e4f760691e Update geutebruck_testaction_exec.md 
it should be better now :)
 2020-08-13 14:29:29 -05:00
ddouhine a14a2fe8d2 Add documentation for Geutebruck G-CAM exploit 2020-08-13 14:29:28 -05:00
bwatters fade2c76b5 Land #13904, Added Module: priviledged docker container escape 
Merge branch 'land-13904' into upstream-master
 2020-08-04 14:39:17 -05:00
Matthew Rollings f379f56b86 Update documentation/modules/exploit/linux/local/docker_priviledged_container_escape.md 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:43:58 +01:00