adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,806 Commits 27 Branches 1,043 Tags
e66fd8f5aec3372de3ba7cff9502df80b445a7cc
Commit Graph

4151 Commits

Author SHA1 Message Date
Pflegusch e66fd8f5ae Use rand_text_alphanumeric function 2023-03-09 17:03:48 +01:00
Pflegusch 69839d1924 Remove get_proxy_protocol function 2023-03-09 17:02:10 +01:00
Pflegusch 614f4b6d89 Make installation path of owa configurable 2023-03-09 16:32:28 +01:00
Pflegusch 2de53712bd Use Rex::Version for version comparison 2023-03-09 15:59:42 +01:00
Pflegusch 94ceeb075a Redirect is not necessary - replace with simple send_request_cgi request 2023-03-09 15:41:15 +01:00
Pflegusch ee95eb2883 fix typo: establish_connection 2023-03-09 15:09:32 +01:00
Pflegusch 14b5c08a62 Fix the double slash in the shell url 2023-03-09 14:28:15 +01:00
Pflegusch d59175a463 make it work for https and http and remove the tmp self signed cert bypass 2023-03-09 13:58:56 +01:00
Pflegusch f0dbf54c69 use fail_with in get_cache_content function 2023-03-09 11:04:00 +01:00
Pflegusch 7068d4c3f1 remove LPORT, RPORT and SSL from DefaultOptions 2023-03-09 11:03:24 +01:00
Pflegusch 76b05a7092 Change DisclosureDate according to nvd.nist.gov 2023-03-08 21:52:13 +01:00
Pflegusch b37be28191 Working module open web analytics 1.7.3 rce 2023-03-08 21:30:52 +01:00
Spencer McIntyre a418bd9c65 Land #17638, Lucee Scheduled Job RCE 2023-03-02 08:57:19 -05:00
Spencer McIntyre 3fabcc3421 Use coldfusion to decode base64 data 
This means we don't need to rely on base64 being in the path. Also
invoke ARCH_CMD payloads on Windows through cmd.exe and not
powershell.exe.
 2023-02-28 17:32:56 -05:00
Spencer McIntyre c8aa491378 Fail with Unreachable when res is nil 2023-02-28 17:05:59 -05:00
Spencer McIntyre a916163b49 Cleanup files and fixup messages 2023-02-28 16:41:57 -05:00
JBince 8b03f2fda8 Reworked payload execution logic 2023-02-27 11:09:34 -06:00
JBince 75fb5e883d Exploit update based on feedback 2023-02-19 09:16:56 -06:00
JBince ce9933fc4c Feedback changes + rubocop & msftidy changes 2023-02-17 08:16:49 -06:00
JBince a3a6ae9c4a feedback fixes 2023-02-16 14:33:03 -06:00
Spencer McIntyre ac9d60ce9e Land #17281, Added module for CVE-2022-2992 
Added module for CVE-2022-2992 - Gitlab Remote Command Execution via Github import
 2023-02-14 16:57:29 -05:00
space-r7 78ae5f49ce add gitlab prefix back to methods 2023-02-14 15:26:01 -06:00
space-r7 304b90ecc8 split mixins between forms and v4 api used 2023-02-14 12:37:43 -06:00
JBince 9c3cfd8bdb Added documentation, cleaned up functions, rubocop fixes 2023-02-13 15:19:45 -06:00
Spencer McIntyre c3fa924cfa Remove the NGROK_URL option 2023-02-13 14:31:44 -05:00
Spencer McIntyre 210b7a3254 Use #get_json_document instead of JSON.parse 
Also fix typos
 2023-02-13 14:00:13 -05:00
JBince 2a386981bd Updated Module & Payloads + Rubocop Fixes 2023-02-13 09:03:57 -06:00
JBince f4c5e34a1b Added improved functionality on both Windows and Unix installs 2023-02-12 14:42:22 -06:00
JBince fcfc39296f Added improved functionality on both Windows and Unix installs 2023-02-12 14:39:11 -06:00
JBince d5b7ad30a1 Created module 2023-02-10 17:01:57 -06:00
Frycos e963582e18 Update fortra_goanywhere_rce_cve_2023_0669.rb 
Name typo
 2023-02-09 23:06:59 +01:00
Spencer McIntyre c7279e9a0a Add credit for CVE-2023-0669; fix path in docs 2023-02-09 13:02:40 -05:00
bcoles de8a6e1445 Move fortra_goanywhere_rce_cve_2023_0669 module documentation to documentation directory 2023-02-09 23:12:45 +11:00
cgranleese-r7 508f5c7e52 Land #17619, Run rubocop on exploit modules 2023-02-09 10:11:53 +00:00
Spencer McIntyre c997952d83 Land #17607, Fortra RCE CVE-2023-0669 
Fortra deserialization RCE CVE-2023-0669 (ETR)
 2023-02-08 12:56:09 -05:00
adfoster-r7 656ded4b86 Add module notes 2023-02-08 15:46:07 +00:00
Spencer McIntyre 2b008af097 Move the module to reflect it targets Windows too 2023-02-08 10:24:27 -05:00
adfoster-r7 25ee41df68 Run rubocop on exploit modules 2023-02-08 15:20:32 +00:00
cgranleese-r7 10144a9f13 Land #17615, Add missing module notes for stability reliability and side effects 2023-02-08 12:28:47 +00:00
adfoster-r7 433bafdccf Add missing module notes for stability reliability and side effects 2023-02-08 11:45:17 +00:00
bwatters 8ee67085c8 Land #17556, ManageEngine ADSelfService Plus RCE (CVE-2022-47966) 
Merge branch 'land-17556' into upstream-master
 2023-02-07 16:57:22 -06:00
bwatters 53c67653f5 Land #17527, ManageEngine ServiceDesk Plus RCE (CVE-2022-47966) 
Merge branch 'land-17527' into upstream-master
 2023-02-06 17:37:31 -06:00
adfoster-r7 6870efc34a Land #17426, Update all references to old Wiki to point to new docs site 2023-02-01 23:49:20 +00:00
Christophe De La Fuente f676568d89 Fix CVE 2023-01-30 12:18:08 +01:00
Christophe De La Fuente a5ba1245c2 Fix CVE 2023-01-30 12:15:14 +01:00
bcoles e11aaa8027 modules/exploits/multi/local: Resolve Rubocop and msftidy_docs violations 2023-01-28 15:02:24 +11:00
Christophe De La Fuente 85d5b041aa Add minimum build number check 2023-01-27 18:03:19 +01:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Christophe De La Fuente e01239cf7b Add exploit module and documentation 2023-01-26 21:53:14 +01:00
Christophe De La Fuente ed2dd2fc0c Add randomization in the XML when possible & fix BadChars issue 2023-01-26 18:42:09 +01:00