metasploit-gs

Author	SHA1	Message	Date
Takah1ro	ec8dba87fb	Update failure and print about session id	2025-01-02 11:30:03 +09:00
Takah1ro	3b947cf1c5	Update vulnerable version	2025-01-02 09:57:00 +09:00
Takah1ro	6e0c945a42	Improve check for version 4	2024-12-30 13:00:25 +09:00
Takah1ro	68ae0d40ea	Add timeout option	2024-12-29 13:02:32 +09:00
Takah1ro	e4111cdc97	Update to use FETCH_DELETE	2024-12-29 12:33:39 +09:00
Takah1ro	af432a3b72	Improve stability	2024-12-29 12:00:09 +09:00
Takah1ro	cb34508321	Avoid using single quote in payload	2024-12-28 20:09:18 +09:00
Takah1ro	02ad81066d	Add cleanup	2024-12-28 18:04:56 +09:00
Takahiro Yokoyama	c7d7407179	Update modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb Co-authored-by: bcoles <bcoles@gmail.com>	2024-12-28 18:04:09 +09:00
Takah1ro	90d9bb769d	Update vulnerable version	2024-12-28 15:53:31 +09:00
Takah1ro	43230b02a5	Review fix * use send_request_cgi * add check if sudo without password possible * base64 encode payload	2024-12-28 15:42:15 +09:00
Takah1ro	340d4bcd58	Add selenium firefox rce module	2024-12-28 12:27:18 +09:00
Brendan	7ddffc790c	Merge pull request #19460 from gardnerapp/game_overlay Land #19460, CVE-2023-2640, CVE-2023-32629 Game Overlay Ubuntu Privilege Escalation	2024-12-18 14:44:57 -06:00
bwatters-r7	59229ee612	Update payload name, fix payload escapes & quotation, add unix cmd support	2024-12-17 16:52:24 -06:00
jheysel-r7	c7f7cfd848	Land #19656 Close ssh session on error	2024-12-11 17:00:17 -08:00
adfoster-r7	136599a29a	Merge pull request #19714 from bwatters-r7/update/projectsend-cveinfo Add CVE info to projectsend module	2024-12-11 13:54:06 +00:00
bwatters-r7	5311b7014e	Add CVE info to projectsend module	2024-12-11 07:37:43 -06:00
adfoster-r7	2421ca768f	Merge pull request #19705 from ostrichgolf/projectsend_rce Add CVE to ProjectSend module	2024-12-07 14:24:20 +00:00
ostrichgolf	2952dbb0b8	Add CVE to module	2024-12-07 14:23:30 +01:00
Diego Ledda	be30a06af4	Land #19430 , Moodle RCE (CVE-2024-43425) Module Land #19430, Moodle RCE (CVE-2024-43425) Module	2024-12-06 12:15:35 +01:00
jheysel-r7	e8911f9129	Land #19402 vCenter Sudo LPE (CVE-2024-37081)	2024-12-04 18:25:05 -08:00
h00die	bca3626cf2	peer review	2024-12-04 18:39:43 -05:00
jheysel-r7	21cf475cbb	Land #19595 Ivanti Connect Secure auth RCE via OpenSSL (CVE-2024-37404)	2024-12-04 08:26:07 -08:00
Diego Ledda	ab2ca41eb8	Land #19629 , Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220) Land #19629, Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220)	2024-12-04 16:49:56 +01:00
jheysel-r7	fa3716408f	Add comment explaining payload architecture restraints	2024-12-03 18:33:43 -08:00
jheysel-r7	2d1af7d809	Land #19648 Add exploit module for FortiManager (CVE-2024-47575)	2024-12-02 18:31:25 -08:00
jheysel-r7	5a837d1ef6	fix a typo	2024-12-02 18:16:43 -08:00
jheysel-r7	a230a353e4	Land #19613 Asterisk authenticated rce via AMI (CVE-2024-42365)	2024-12-02 08:21:35 -08:00
Christophe De La Fuente	a46b2f437f	Use TARGET_URI when checking the redirection URI	2024-12-02 16:45:12 +01:00
Christophe De La Fuente	3dcb9d58ab	Code review	2024-12-02 14:02:07 +01:00
Christophe De La Fuente	c943cc6378	Add module and documentation	2024-12-02 14:02:07 +01:00
h00die	d13bccca05	peer review	2024-11-28 20:24:25 -05:00
sjanusz-r7	566e12b69e	Add error_callback to SSH Command Stream	2024-11-25 16:43:59 +00:00
sfewer-r7	68e9b39ffa	register teh Rex socket we create via add_socket. This lets teh frameowkr close the socket after we get a session, and will wait up to WfsDelay for that to happen. This lets us remove the other timeout we had, and teh user can always adjust WfsDelay if needed. (Thanks Spencer)	2024-11-22 12:42:08 +00:00
sfewer-r7	e5cdf6097d	favor File.binread over File.read	2024-11-22 12:40:19 +00:00
sfewer-r7	f59bfe98a3	remove the default payload and the default fetch command, and let the framework choose them for us.	2024-11-22 12:39:34 +00:00
sfewer-r7	2ba112a5a4	We can use OptPath here instead of OptString. Also are these are optional, and we dont specify a default, we can omit the nil default value.	2024-11-22 12:38:46 +00:00
sfewer-r7	000ffb2406	make the check routine return a message for Detected.	2024-11-22 12:37:50 +00:00
jheysel-r7	d95d549992	Land #19531 ProjectSend r1335 - r1605 RCE module	2024-11-21 09:53:36 -08:00
ostrichgolf	68eb6599fd	Create projectsend_unauth_rce	2024-11-21 09:34:58 -08:00
h00die	0f6da56a52	vcenter sudo module	2024-11-21 04:34:15 -05:00
jheysel-r7	afbbba09e8	Land #19584 Judge0 sandbox escape CVE-2024-28185, CVE-2024-28189	2024-11-20 14:35:38 -08:00
Takah1ro	da6f8cd552	Add Judge0 module and document	2024-11-20 14:15:38 -08:00
bwatters-r7	441a3215b2	Catch up to head on other branch	2024-11-19 08:59:22 -06:00
h00die	6bd049e346	operator working	2024-11-18 20:09:13 -05:00
gardnerapp	19770cf870	Remove unneeded file and rudocop corrections Update modules/exploits/linux/local/gameoverlay_privesc.rb Co-authored-by: Brendan <bwatters@rapid7.com> Give bwatters7 credit, add docs Experiment with randomized bash copy and Rex::File.join remove unused line Add missing parenthesis fix problem with bash copy Remove rex::join, call proper method for generating payload add exploit::exe mixin, bash copy randomization Rubocop changes Remove nc	2024-11-18 17:01:08 -06:00
gardnerapp	6e09722f67	Rubocop changes and arch tracking for payload Update modules/exploits/linux/local/gameoverlay_privesc.rb Co-authored-by: Brendan <bwatters@rapid7.com> Rubocop changes	2024-11-18 16:59:37 -06:00
gardnerapp	c6425f7245	Break out command building to make it easier to read Update modules/exploits/linux/local/gameoverlay_privesc.rb Co-authored-by: Brendan <bwatters@rapid7.com>	2024-11-18 16:58:56 -06:00
gardnerapp	e506c34e13	Update modules/exploits/linux/local/gameoverlay_privesc.rb Co-authored-by: Brendan <bwatters@rapid7.com>	2024-11-18 16:57:17 -06:00
gardnerapp	883a0f8985	Update modules/exploits/linux/local/gameoverlay_privesc.rb Co-authored-by: Brendan <bwatters@rapid7.com>	2024-11-18 16:57:17 -06:00

1 2 3 4 5 ...

4329 Commits