adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,317 Commits 27 Branches 1,043 Tags
ed5dd4dd20d22decbef21937f91ef121bb6f93fb
Commit Graph

1674 Commits

Author SHA1 Message Date
William Vu ed5dd4dd20 Add module doc 2020-03-12 17:36:53 -05:00
Christophe De La Fuente f7d8c43722 Land #13040, SQL Server Reporting Services ViewState deserialization RCE 2020-03-12 18:26:01 +01:00
Spencer McIntyre 77e21de4bd Add additional docs for setting up an environment 2020-03-11 15:05:51 -04:00
Adam Galway 0e163c69ab Land #12975, exploits RCE backdoor in PHPStudy 2020-03-10 11:56:26 +00:00
Christophe De La Fuente 7c54066b0e Land #13004, Nagios XI RCE module 2020-03-09 15:57:58 +01:00
kalba-security 96ae2cf9a2 Incorporate additional suggestions from code review. 2020-03-09 11:56:15 +02:00
Spencer McIntyre 4c004d51a7 Add an exploit for CVE-2020-0618 2020-03-06 16:21:37 -05:00
kalba-security 8b778bffc0 Incorporate suggestions from code review 2020-03-06 15:50:34 +02:00
William Vu 9840951f0d Land #12574, Chrome CVE-2019-5825 exploit 2020-03-05 13:44:40 -06:00
William Vu 87b8182131 Land #12384, Chrome CVE-2018-17463 exploit 2020-03-05 13:44:27 -06:00
Spencer McIntyre eb90bee4a7 Land #12863, add exploit for PHP-FPM Underflow RCE 2020-03-05 11:43:43 -05:00
dwelch-r7 4fe7678b01 Land #12910, Add exploit module for apache activemq traversal 2020-03-05 15:05:13 +00:00
Shelby Pace 5698f6e51f Land #13003, add OpenSMTPD LPE module 2020-03-04 13:32:25 -06:00
Adam Galway 83132dd733 Land #13008, module for Chrome 80 JScreate exploit 2020-03-04 14:49:59 +00:00
Tim W 9f55e4163f add documentation 2020-03-04 21:31:14 +08:00
William Vu 865d15975b Add automatic grammar selection by version number 2020-03-03 18:44:48 -06:00
William Vu 975eb742cb Add old grammar target and refactor check 2020-03-03 17:41:04 -06:00
William Vu 260aa0533a Add check method and reorder mixins for super 
Also fix copypasta'd vulnerable commit.
 2020-03-03 17:41:04 -06:00
William Vu 9be6b0a81e Add module doc 2020-03-03 17:41:04 -06:00
William Vu ba924b3047 Land #13014, Exchange ECP ViewState exploit 2020-03-03 17:23:17 -06:00
kalba-security cd6c01ae9d Add suggestions from code review. 2020-03-03 20:17:13 +02:00
Shelby Pace 12faf3fad5 Land #12959, add eyes of network rce module 2020-03-02 15:22:51 -06:00
Spencer McIntyre b3867dc200 Finish up the cve-2020-0688 module 2020-03-02 10:51:25 -05:00
Tim W 327917c015 add documentation 2020-02-29 15:07:49 +08:00
Tim W 889f91241a add documentation 2020-02-29 14:30:59 +08:00
William Vu e92b9ef97c Use AutoCheck mixin in OpenSMTPD CVE-2020-7247 
Also updates the check to be more precise. I had originally copied the
check method from the Morris worm Sendmail exploit:

220 simh Sendmail 5.51/5.17 ready at Wed, 18 Dec 85 11:14:07 PST

Note that there was no "ESMTP" string in 1985's Sendmail.
 2020-02-28 10:42:02 -06:00
kalba-security 5ee7fcaf4a Add simple changes suggested in code review. 2020-02-28 12:14:38 +02:00
kalba-security a4ded39d62 Remove unnecessary empty lines in docs. Mostly to restart the Travis CI build check because it got stuck. 2020-02-28 10:34:14 +02:00
kalba-security 99ed3afab3 Change filenames for consistency with existing modules 2020-02-27 17:08:23 +02:00
kalba-security 280d1767b4 Add Nagios XI < 5.6.6. exploit module and documentation 2020-02-27 16:58:15 +02:00
William Vu 8820944696 Fix exploit/unix/smtp/opensmtpd_mail_from_rce 2020-02-27 02:11:08 -06:00
Brent Cook f59ec03c42 Land #12465, add Android Binder UAF (CVE-2019-2215) 2020-02-23 01:06:33 -08:00
Brent Cook ef8ec13c88 added module docs and testing notes 2020-02-23 01:04:30 -08:00
airevan adaa9e239a Add phpstudy backdoor exploit module 2020-02-23 10:23:32 +08:00
Christophe De La Fuente f9077bcd8d Land #12704, OpenNetAdmin 18.1.1 Remote Code Execution exploit 2020-02-21 15:49:26 +01:00
bwatters-r7 c9e4ca34c3 Land #12921, Updating regex in ms16_075_reflection_juicy exploit windows version check 
Merge branch 'land-12921' into upstream-master
 2020-02-20 21:10:37 -06:00
Onur ER e4456c9006 Update opennetadmin_ping_cmd_injection.md 2020-02-21 04:14:21 +03:00
Onur ER 1fe1506b42 Update documentation/modules/exploit/unix/webapp/opennetadmin_ping_cmd_injection.md 
Co-Authored-By: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-02-21 03:06:56 +03:00
William Vu de6306fa35 Fix message, once more with feeling 2020-02-20 11:26:21 -06:00
William Vu 9c69059a24 Fix DisablePayloadHandler warning once and for all 2020-02-20 10:35:47 -06:00
Christophe De La Fuente f484e6c83c Land #12862, Apache James 2.3.2 arbitrary file write exploit module 2020-02-20 10:41:13 +01:00
mattaberegg 739928b56a Added line break to docs 2020-02-19 17:56:13 -08:00
Shelby Pace db8555e007 Land #12942, add Diamorphine privilege escalation 2020-02-19 10:36:39 -06:00
kalba-security 9980a96917 Move documentation to correct directory 2020-02-19 16:57:38 +02:00
William Vu 0264802756 Reformat module doc 2020-02-18 23:28:08 -06:00
William Vu a34ffb3694 Fix typos in module doc 2020-02-18 23:27:15 -06:00
William Vu 6ad9956af8 Correct module doc filename 2020-02-18 23:24:46 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Christophe De La Fuente 828d974db5 Update code and documentation 
- Add `OperationMaxRetries` option documentation
- Add default value to `TARGETURI` and update the documentation
- Remove `PosOffset` advanced option and hardcode the value
- Update `Description`
- Move URI encoding logic to `send_crafted_request`
- Refactor `send_crafted_request` to handle the HTTP parameter and final & (%26)
 2020-02-17 18:25:10 +01:00
Christophe De La Fuente 226f4b0a53 Line wrap to 80 columns and small fix 
- Line wrap documentation to 80 columns
- Line wrap `Description` field to 80 columns
- Remove unnecessary unless statement
 2020-02-17 13:06:32 +01:00