adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
64,053 Commits 27 Branches 1,043 Tags
ec9f0b524229ecfbebc4e76c57fa53ebec504afd
Commit Graph

2799 Commits

Author SHA1 Message Date
Spencer McIntyre c994f8e933 Land #16507, Add WSO2 file upload RCE module 2022-04-29 09:58:55 -04:00
Spencer McIntyre 21f8494366 Land #16509, Ensure HTML is escaped in markdown codeblocks 2022-04-27 15:18:50 -04:00
adfoster-r7 9f6950c6c8 Ensure HTML is escaped in markdown codeblocks 2022-04-27 19:51:05 +01:00
Jack Heysel 253cb8580a Responded to comments added retry_until_true 2022-04-27 09:45:18 -07:00
jheysel-r7 266d3bb9ca Apply suggestions from @bcoles code review 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-04-26 13:40:25 -07:00
Jack Heysel ca0be9c145 Add WSO2 file upload RCE module 2022-04-26 12:29:12 -07:00
Jake Baines de453b8970 Update documentation/modules/exploit/linux/redis/redis_debian_sandbox_escape.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-04-26 14:42:57 -04:00
Jake Baines d20fd996bd Fix spelling mistakes 2022-04-26 03:38:23 -07:00
Jake Baines 71a4023c0d Initial commit of Redis sandbox escape CVE-2022-0543 2022-04-26 03:32:11 -07:00
Grant Willcox e2c6c36b2b Land #1642, Add module for cve-2022-0995 2022-04-21 09:12:47 -05:00
Grant Willcox 78d4ac8592 Update module reliability and also fix issues from bcoles's review 2022-04-20 19:04:27 -05:00
bwatters d9a241defb Fix overzealous source code edit and some version copy/pasta errors 2022-04-20 14:31:32 -05:00
Jake Baines aba48a6905 Improve JSON cleanup, fix jjs specific wording, and moved JJS_PATH to defaultoptions 2022-04-20 06:27:43 -07:00
Jake Baines ae54c8c3d9 Initial implementation of authenticated RCE against ManageEngine ADSelfService Plus (CVE-2022-28810) 2022-04-19 10:33:54 -07:00
Brendan Coles 66fe338297 Move getsimplecms_unauth_code_exec.md documentation to http dir 2022-04-16 16:53:34 +00:00
Grant Willcox b83a4b2a7a Add in fixes to module and documentation from final review 2022-04-14 12:45:15 -05:00
bwatters 83f4473c2a Correct Ubuntu target version 2022-04-14 12:01:38 -05:00
bwatters 03d01d2f72 Remove stray markup 2022-04-14 10:29:54 -05:00
bwatters f32443b477 Update with debug source code and options, cleanup module code per gwillcox-r7 2022-04-14 10:25:55 -05:00
bwatters 147d6e1df7 Added docs, reverted strip_comments, rubocop'd 2022-04-12 21:14:11 -05:00
Spencer McIntyre 5de966cfb1 Land #16382, CVE-2022-26904 SuperProfile LPE 2022-04-07 12:52:39 -04:00
Christophe De La Fuente 94e0eec249 Land #16082, Add ShadowMitmDispatcher to the smb_shadow module 2022-04-06 11:45:59 +02:00
Tim W d60754ea37 Land #16401, add CVE-2022-22616 to osx_gatekeeper_bypass 2022-04-06 07:57:32 +01:00
usiegl00 8495bff61c Merge master and update the smb_shadow module 
Add comments detailing the technique used to attack SMBv3. Remove some
comments that are no longer needed. Fix Gemfile.lock conflict.
 2022-04-06 07:06:45 +09:00
space-r7 4c8c32b3ff set file header to Contents dir, check safari vers 2022-04-05 10:16:59 -05:00
Grant Willcox e800dcb597 Add in documentation file 2022-04-04 12:05:28 -05:00
usiegl00 7e010cbde2 Merge master and update smb_shadow + dispatcher 
The smb_shadow module can confirm the server smb version supported with
the ConfirmServerDialect option. The shadow_mitm_dispatcher closes each
stream before opening a new one to prevent leaking file descriptors.
 2022-04-02 10:39:02 +09:00
space-r7 0505dff7e3 add option in verification steps 2022-04-01 18:03:49 -05:00
space-r7 e9e1e26def add support for CVE-2022-22616, update docs 2022-04-01 17:50:33 -05:00
Spencer McIntyre 211626e7ce Fix the check method, add docs 2022-03-31 09:01:08 -04:00
Grant Willcox 51df37de87 Add in documentation and also update the module to handle NarratorQuickstart.exe which sometimes comes up and can lead to visual indicators 2022-03-28 17:53:53 -05:00
Brendan Coles 4cd021ce4b Add exploit/android/adb/adb_server_exec documentation 2022-03-21 00:37:15 +00:00
bwatters b4de9fa92a Land #16344, Add module for CVE-2022-21999 and More Railgun Definitions 
Merge branch 'land-16344' into upstream-master
 2022-03-16 08:37:05 -05:00
space-r7 4a8707982a fix module name in output 2022-03-14 09:35:56 -05:00
space-r7 c646d01671 add systems tested 2022-03-14 09:17:43 -05:00
space-r7 99664efed7 use full user name, add test output to docs 2022-03-14 09:15:36 -05:00
space-r7 07e6eef201 rename module, modify check 2022-03-10 17:02:58 -06:00
space-r7 b747e55dda Land #16303, add Dirty Pipe exploit 2022-03-10 11:16:28 -06:00
space-r7 872b9c9a7c modify docs to reflect changes, remove 'return' 2022-03-10 10:39:32 -06:00
Tim W bcc9d01958 add documentation 2022-03-09 08:34:20 +00:00
adfoster-r7 22f88f9ab7 Add docs 2022-03-08 23:52:24 +00:00
Spencer McIntyre 42e0c027ab Land #16248, Added Apache APISIX RCE module 2022-03-07 09:47:04 -05:00
red 23a09be333 Fix typo in document of cve_2021_4034 
ContOS => CentOS
 2022-03-05 23:58:31 +08:00
space-r7 f116f9e701 add docs 2022-03-04 15:54:58 -06:00
Spencer McIntyre 9ef50a2d23 Fixup typos 2022-03-04 12:34:14 -05:00
Heyder Andrade 4d5716d891 Updated documentation 2022-03-04 02:21:42 +01:00
bwatters fb658fbb13 Land #16245, pfSense Authenticated File Write (CVE-2021-41282) 
Merge branch 'land-16245' into upstream-master
 2022-03-03 15:08:34 -06:00
Spencer McIntyre 6be3443680 Land #16103, LPE in polkit's pkexec (CVE-2021-4034) 2022-03-03 09:24:11 -05:00
Heyder Andrade 236efab669 Update documentation 
Add referece to CVE-2022-24112
msftidy_docs
 2022-03-03 02:20:56 +01:00
bwatters e649fe3f69 Fix some markdown issues, update docs and add arch check for payloads 2022-03-02 16:30:52 -06:00