d9f96571e4
use new ATTCK ref
2025-09-01 18:09:25 -04:00
4591de4cae
last changes for persistence bash module after peer review
2025-09-01 17:49:49 -04:00
fa9d58bb73
update bash_profile to persistence mixin
2025-08-30 15:17:50 -04:00
f1dffd3ad6
Merge pull request #20480 from msutovsky-r7/exploit/pretalx/file-rw
...
Adds modules for Pretalx File Read/Limited File Write (CVE-2023-28459, CVE-2023-28458)
2025-08-27 15:46:39 -05:00
d49870211b
Adding exceptions to exploit module, bug fix for aux module, adds documentation for exploit module
2025-08-22 15:26:46 +02:00
4e113b1768
Addresses comments, adds exception for Pretalx, modifies aux module
2025-08-22 13:59:50 +02:00
2e9b5453ec
Adds description
2025-08-21 15:29:08 +02:00
fb062075e3
Adds target, adds side effects
2025-08-21 15:21:16 +02:00
408f7575e4
Fixing write primitive for exploit module, library update
2025-08-21 15:17:32 +02:00
01c09bcfed
Library fixes, refactoring exploit module
2025-08-21 09:22:21 +02:00
72dcc5a301
Library fix
2025-08-21 07:21:56 +02:00
5735a82df7
Merge pull request #20460 from msutovsky-r7/exploit/ndsudo-priv-esc
...
Adds an exploit for ndsudo privilege escalation (CVE-2024-32019)
2025-08-20 14:13:24 -04:00
e23feb0faf
Adds check for ndsudo binary
2025-08-20 12:49:38 +02:00
aae5356190
Updates the docs
2025-08-20 12:10:11 +02:00
38f81e073f
Fixing documentation, adds more reliable cmd_exec
2025-08-15 07:26:56 +02:00
8251d89e92
Merge pull request #20400 from msutovsky-r7/exploit/pivotx-rce
...
Adds module for PivotX RCE (CVE-2025-52367)
2025-08-12 12:28:28 -07:00
0273f1474f
Added incorrect creds check
2025-08-12 10:42:46 -07:00
e59a24823b
Merge pull request #20387 from h00die-gr3y/wazuh-auth-rce
...
Wazuh Server authenticated RCE [CVE-2025-24016]
2025-08-12 09:22:22 -07:00
94bd9eea98
Removes leftover includes
2025-08-11 16:29:16 +02:00
fbd1c1767f
Finish documentation, adds description and notes
2025-08-11 16:25:56 +02:00
d219efc0ac
Adds documentation, adds check method
2025-08-11 12:25:33 +02:00
936e68eb2e
Module init
2025-08-08 07:53:56 +02:00
9caa2be9a2
Land #20399 , adds module for Pandora ITSM authenticated RCE (CVE-2025-4653)
...
Pandora ITSM auth RCE [CVE-2025-4653]
2025-08-07 08:37:45 +02:00
70f2cbe055
simplified cleaning procedure
2025-08-06 08:22:06 +00:00
c99702c8bf
Land #20446 , adds module for ICTBroadcast Unauthenticated RCE (CVE-2025-2611)
...
Add ICTBroadcast Unauthenticated Remote Code Execution (CVE-2025-2611)
2025-08-05 09:29:36 +02:00
a81884fb9e
Update metadata
2025-08-04 17:53:29 +02:00
2c9053c45e
Refactor fingerprint detection, cookie handling and per-cookie injection
...
- Centralize JS fingerprint checks in `check`
- Memoize `get_valid_cookies` correctly and reuse a single `cookie_jar`
- Update `inject_command` to test payload on each cookie separately
2025-08-04 17:49:34 +02:00
26099da7a2
Update modules/exploits/linux/http/ictbroadcast_unauth_cookie.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2025-08-04 17:03:04 +02:00
46b3012cda
Update modules/exploits/linux/http/ictbroadcast_unauth_cookie.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2025-08-04 17:02:47 +02:00
a6d86fbe59
Update modules/exploits/linux/http/ictbroadcast_unauth_cookie.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2025-08-04 17:02:35 +02:00
50ef5edd90
Add Unauthenticated ICTBroadcast Remote Code Execution (CVE-2025-2611)
2025-08-02 19:46:14 +02:00
c9e0c7171b
Adds cleanup method
2025-08-01 10:01:50 +02:00
2328b40df7
Unifies parenthesis in fail_with calling, whitespaces fixes, changing CheckCode::Unknown to CheckCode::Detected
2025-08-01 09:34:47 +02:00
d2175c372f
Fixes disclosure date
2025-07-31 12:58:28 +02:00
3d0cfd0dfc
update module + documentation based on review comments
2025-07-30 20:24:56 +00:00
4b52708357
update module + documentation based on review comments
2025-07-30 11:39:20 +00:00
edfa84ed42
Uses Rex::MIME::Message instead of manual form-data
2025-07-25 14:24:42 +02:00
54c86cfc10
Addressing comments
2025-07-24 12:19:47 +02:00
05f2012ccc
Merge pull request #20338 from Chocapikk/xorcom
...
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)
2025-07-22 08:19:36 -07:00
75f6e6a748
Refactors code, adds description, fixes CVE
2025-07-22 16:24:35 +02:00
ed5c13330f
Module init
2025-07-21 12:41:38 +02:00
58704e9eab
init module + documentation
2025-07-20 19:06:01 +00:00
abbcdda694
update based on adfoster-r7 comments
2025-07-18 07:22:01 +00:00
18d61d3763
Merge pull request #20356 from msutovsky-r7/exploit/pandorafms_netflow_rce
...
Add module for authenticated PandoraFMS command injection (CVE-2025-5306)
2025-07-17 11:58:54 +02:00
7431958e5c
Update url reference
2025-07-16 22:59:48 +02:00
4e70dfe70d
Rename mixin
2025-07-16 22:40:27 +02:00
7ddae3ec3f
refactor(xorcom): rename helper to completepbx? + pass creds to completepbx_login
2025-07-16 21:48:34 +02:00
b06903810c
feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs
2025-07-16 21:25:17 +02:00
daf6cb3c84
Update modules/exploits/linux/http/xorcom_completepbx_scheduler.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-07-16 19:33:23 +02:00
65b7415bcc
Update modules/exploits/linux/http/xorcom_completepbx_scheduler.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-07-16 19:33:15 +02:00
h00die