adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,045 Commits 27 Branches 1,043 Tags
e78babea90465954268ce9cb28c699b5cf817841
Commit Graph

741 Commits

Author SHA1 Message Date
bwatters 76c6632305 Land #16673, qdPM 9.1 - Authenticated Remote Code Execution (CVE-2020-7246) 
Merge branch 'land-16673' into upstream-master
 2022-09-29 09:46:27 -05:00
alex d5dcca899d Fix description scenario 2022-09-23 10:51:36 +03:00
c0rs efbe06f944 Add module Veritas Backup Exec Agent Remote Code Execution 2022-09-13 18:18:52 +03:00
bcoles a7d2145e8d firefox_xpi_bootstrapped_addon: Add notes, description, references, docs 2022-09-05 02:23:37 +10:00
Jack Heysel 52fd45b7ab Land #16744 Jboss EAP/AS RCE module 
This module exploits a Java deserialization vulnerability
in JBOSS EAP/AS Remoting Unified Invoker interface for
versions 6.1.0 and prior.
 2022-07-12 10:49:22 -04:00
Heyder Andrade d6b6f47b09 change doc file 2022-07-08 02:36:18 +02:00
Erik Wynter 3ad42dd153 change option names to H3 for weblogic_deserialize_asyncresponseservice docs 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-07-07 19:04:26 +03:00
Heyder Andrade bbf56c7f4c Delete jboss_remoting_unified_invoker.md 2022-07-05 00:33:30 +02:00
Heyder Andrade 1ccc91d23c Rename doc file 2022-07-05 00:25:56 +02:00
Heyder Andrade b8834e1534 Added documentation 2022-07-05 00:19:17 +02:00
kalba-security 12522d1407 fix cve in weblogic_deserialize_asyncresponseservice docs and run msftidy_docs 2022-07-01 10:34:27 -04:00
Spencer McIntyre 1b7d8f1e74 Fix a whitespace issue, restore option naming 2022-06-29 12:24:29 -04:00
Erik e9b2fc6ecf Merge branch 'rapid7:master' into master 2022-06-23 12:52:09 -10:00
Erik 84aa9ceeb9 Update phpmailer_arg_injection.md 
Added options to the module docs for the new options
 2022-06-23 12:50:33 -10:00
giacomo270197 4c17a3c342 Fixed documentation spelling and presentation. Changed to new file upload API 2022-06-16 18:59:39 +02:00
giacomo270197 91d83e966c Changed documentation to fit targets and added installation instructions. Added requests to delete .htaccess 2022-06-16 16:24:17 +02:00
Spencer McIntyre a96bc36d9c Update the docs with the Windows target 2022-06-15 17:24:44 -04:00
giacomo270197 feb13174be Fixed documentation presentation 2022-06-14 10:41:43 +02:00
giacomo270197 cb1e72461f Renamed username to email to better reflect the user input nature. Created module documentation under /documentation/modules/exploit/multi/http/qdpm_authenticated_rce.md 2022-06-14 10:35:43 +02:00
Spencer McIntyre 1a06f69f95 Works through v7.18 now too 2022-06-06 22:03:21 -04:00
Spencer McIntyre 2c0e034a18 Fix a couple of typos 2022-06-06 18:14:05 -04:00
Spencer McIntyre 1aec2e8649 Note version in the docs 2022-06-03 18:29:28 -04:00
Spencer McIntyre 600fba7fa1 Add module docs 2022-06-03 17:26:15 -04:00
Christophe De La Fuente 474116d413 Land #16611, DotCMS File Upload to RCE Module (CVE-2022-26352) 2022-06-02 15:30:10 +02:00
Jack Heysel 2c02a607ee Responded to PR feedback 2022-05-30 14:46:54 -04:00
Christophe De La Fuente b996f5ee49 Fixes from code review 2022-05-30 16:24:18 +02:00
Jack Heysel 9d9d81a855 Docs update 2022-05-24 10:16:36 -04:00
Christophe De La Fuente bac9be956f Add documentation 2022-05-23 17:27:42 +02:00
Jack Heysel 3afb9b2ffe dotCMS file upload to RCE module 2022-05-20 15:57:22 -04:00
Grant Willcox 5a04f8253c Land #16551, Add docker documentation for tomcat mgr upload 2022-05-10 12:03:18 -05:00
Grant Willcox 6a7be290ff Add in minor changes to improve overall formatting and presentation of documentation 2022-05-10 12:02:45 -05:00
adfoster-r7 ff410b23a0 Add documentation for tomcat mgr upload 2022-05-10 17:01:40 +01:00
bwatters 92715c883f Land #16423, Add module for exploit CVE-2022-22965 
Merge branch 'land-16423' into upstream-master
 2022-05-10 08:44:06 -05:00
bwatters 43f2b4dcf9 Quick update to the vulhub guidance 2022-05-10 08:42:02 -05:00
Spencer McIntyre 7646bf9e0a Update the module docs 2022-05-05 11:26:37 -04:00
dwelch-r7 a76600f4a9 Land #16462, add support for armle/aarch64 architectures 2022-05-03 15:48:50 +01:00
vleminator f8887dbf1c Reflect changes in the console output 2022-04-28 00:22:44 +02:00
Jack Heysel 253cb8580a Responded to comments added retry_until_true 2022-04-27 09:45:18 -07:00
jheysel-r7 266d3bb9ca Apply suggestions from @bcoles code review 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-04-26 13:40:25 -07:00
Jack Heysel ca0be9c145 Add WSO2 file upload RCE module 2022-04-26 12:29:12 -07:00
Brendan Coles 02d911e655 gdb_server_exec: Cleanup and add support for armle/aarch64 architectures 2022-04-25 19:25:06 +00:00
Brendan Coles 66fe338297 Move getsimplecms_unauth_code_exec.md documentation to http dir 2022-04-16 16:53:34 +00:00
vleminator 525480d592 Change the doc to reflect changes to the module. Additionally, the different target options are showcased 2022-04-08 11:11:27 +02:00
vleminator fe59475c9f Change the documentation to resemble the correct exploit filename 2022-04-07 15:43:07 +02:00
vleminator 4e6176d9ca Finish exploit CVE-2022-22965 2022-04-07 15:22:18 +02:00
Spencer McIntyre 211626e7ce Fix the check method, add docs 2022-03-31 09:01:08 -04:00
Spencer McIntyre 42e0c027ab Land #16248, Added Apache APISIX RCE module 2022-03-07 09:47:04 -05:00
Spencer McIntyre 9ef50a2d23 Fixup typos 2022-03-04 12:34:14 -05:00
Heyder Andrade 4d5716d891 Updated documentation 2022-03-04 02:21:42 +01:00
Heyder Andrade 236efab669 Update documentation 
Add referece to CVE-2022-24112
msftidy_docs
 2022-03-03 02:20:56 +01:00