adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,334 Commits 27 Branches 1,043 Tags
f26c14f05ab7aecb995567be75a0f24dfd93d6b5
Commit Graph

38668 Commits

Author SHA1 Message Date
cgranleese-r7 dbb631ffb6 Adds SSL support to the postgres_login module 2025-09-09 09:56:36 +01:00
msutovsky-r7 7820c6caec Land #20504, moves bash_profile module to persistence category 
update bash_profile to persistence mixin
 2025-09-02 14:31:42 +02:00
h00die d9f96571e4 use new ATTCK ref 2025-09-01 18:09:25 -04:00
h00die 4591de4cae last changes for persistence bash module after peer review 2025-09-01 17:49:49 -04:00
msutovsky-r7 9283562ee5 Land #20493, adds XWiki unauthenticated exploit module (CVE-2025-24893) 
Add XWiki Unauthenticated RCE (CVE-2025-24893)
 2025-09-01 13:37:31 +02:00
h00die fa9d58bb73 update bash_profile to persistence mixin 2025-08-30 15:17:50 -04:00
msutovsky-r7 5d59fbd333 Land #19903, adds module for periodic script persistence 
Add OSX Periodic Script Peristence
 2025-08-29 20:12:12 +02:00
Martin Sutovsky 2681e7cfed Update docs 2025-08-29 17:53:07 +02:00
Martin Sutovsky 57f14339d9 Adds x64 to BSD target 2025-08-29 14:47:11 +02:00
Vognik 071a4a34fc fix tests 2025-08-29 08:41:43 +04:00
Maksim Rogov 9b1d07dea8 removed unnecessary fail_with from check function 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-29 06:55:59 +03:00
Martin Sutovsky ae64436441 Fixes payload delivery, updates targets 2025-08-28 15:47:24 +02:00
msutovsky-r7 c5e5cb84f1 Land #20266, adds UDP keyboard exploit module for Remote for Mac 2025.6 
Adds UDP Keyboard RCE for Remote for Mac 2025.6
 2025-08-28 09:47:16 +02:00
Martin Sutovsky f9b8a9b95e Adds more robust check method 2025-08-28 09:11:01 +02:00
Martin Sutovsky 6c65db52c5 Code rebase, fixing according to the comments 2025-08-28 09:00:12 +02:00
Chokri Hammedi a251694e2f Update modules/exploits/osx/misc/remote_for_mac_udp_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-28 08:57:56 +02:00
Chokri Hammedi eda79be4bd Update modules/exploits/osx/misc/remote_for_mac_udp_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-28 08:57:56 +02:00
Chokri Hammedi 2d1f700935 Update modules/exploits/osx/misc/remote_for_mac_udp_rce.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-28 08:57:55 +02:00
root 8a6d12a2f4 Add exploit for Remote for Mac 2025.6 unauthenticated UDP RCE 2025-08-28 08:57:55 +02:00
root 374407fc79 Add exploit for Remote for Mac 2025.6 unauthenticated UDP RCE 2025-08-28 08:57:54 +02:00
Brendan f1dffd3ad6 Merge pull request #20480 from msutovsky-r7/exploit/pretalx/file-rw 
Adds modules for Pretalx File Read/Limited File Write (CVE-2023-28459, CVE-2023-28458)
 2025-08-27 15:46:39 -05:00
Spencer McIntyre c56bfcaa5b Merge pull request #20488 from mwalas-r7/fix/ssl-version-scanner 
Fixed listing weak ciphers in ssl_version scan
 2025-08-26 16:14:23 -04:00
Marcin Walas 6c77f7479d Fixed showing weak ciphers in ssl_version scan 2025-08-25 21:41:29 +02:00
Maksim Rogov bdad398541 Update Payload Generation 2025-08-25 15:49:30 +03:00
Vognik 92ddf5646a Code Review Edits from @msutovsky-r7 2025-08-24 19:13:16 +04:00
Vognik 7289c25faa Fix Tests 2025-08-24 12:12:22 +04:00
Vognik 2b01ba6200 Add XWiki Unauthenticated RCE (CVE-2025-24893) 2025-08-23 18:56:24 +04:00
Vlad Dmitrievich baa5469a21 Fix legacy method override in torchserver_cve_2023_43654 
I think `Msf::Exploit::Remote::Java::HTTP::ClassLoader` module had `on_request_uri` method, that was later renamed to `java_class_loader_on_request_uri`.
 2025-08-22 17:01:41 +03:00
Martin Sutovsky d49870211b Adding exceptions to exploit module, bug fix for aux module, adds documentation for exploit module 2025-08-22 15:26:46 +02:00
Martin Sutovsky 4e113b1768 Addresses comments, adds exception for Pretalx, modifies aux module 2025-08-22 13:59:50 +02:00
Martin Sutovsky 2e9b5453ec Adds description 2025-08-21 15:29:08 +02:00
Martin Sutovsky fb062075e3 Adds target, adds side effects 2025-08-21 15:21:16 +02:00
Martin Sutovsky 408f7575e4 Fixing write primitive for exploit module, library update 2025-08-21 15:17:32 +02:00
Martin Sutovsky 01c09bcfed Library fixes, refactoring exploit module 2025-08-21 09:22:21 +02:00
Martin Sutovsky 72dcc5a301 Library fix 2025-08-21 07:21:56 +02:00
Spencer McIntyre 5735a82df7 Merge pull request #20460 from msutovsky-r7/exploit/ndsudo-priv-esc 
Adds an exploit for ndsudo privilege escalation (CVE-2024-32019)
 2025-08-20 14:13:24 -04:00
Martin Sutovsky e23feb0faf Adds check for ndsudo binary 2025-08-20 12:49:38 +02:00
Martin Sutovsky aae5356190 Updates the docs 2025-08-20 12:10:11 +02:00
Corey 88d7a1ab04 fix coonflicts and rubocop 2025-08-19 12:37:53 -04:00
Corey df917720eb Remove payload file 2025-08-19 12:33:56 -04:00
adfoster-r7 0557d63127 Add database ref opts for kerberos and pkcs12 2025-08-18 15:56:47 +01:00
Diego Ledda be3d77715e Merge pull request #20382 from Chocapikk/depicter-fix 
Fix `auxiliary/gather/wp_depicter_sqli_cve_2025_2011`
 2025-08-18 12:08:45 +02:00
Spencer McIntyre 170fbcb2bd Add two more report filters 2025-08-15 15:34:13 -04:00
Spencer McIntyre 1c41c734f0 Fix a missing ESC16 check 2025-08-15 15:11:52 -04:00
Spencer McIntyre 25c72d4858 Handle some edge cases in report filtering 2025-08-15 14:49:48 -04:00
Spencer McIntyre f3719b884a Document the new report filtering option 2025-08-15 11:57:30 -04:00
Spencer McIntyre c8f72a83c0 Refactor to remove redundant code 2025-08-15 11:57:30 -04:00
Spencer McIntyre 2338ad7c84 Implement the desired filtering 2025-08-15 11:57:30 -04:00
Spencer McIntyre fa33c84612 Evaluate permissions for templates and CAs 2025-08-15 11:57:30 -04:00
Martin Sutovsky 38f81e073f Fixing documentation, adds more reliable cmd_exec 2025-08-15 07:26:56 +02:00