adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71,113 Commits 27 Branches 1,043 Tags
f3adc3f79fbfa9fbeab13664f652fa88963ebfa1
Commit Graph

5797 Commits

Author SHA1 Message Date
dwelch-r7 1af22cfd22 Land #18096, Add initial proxies datastore support for kerberos workflows 2023-07-21 11:37:04 +01:00
adfoster-r7 08a2a293a9 Add proxies datastore support to kerberos 2023-07-21 11:19:50 +01:00
bwatters 01434662fa Land #18182, Add module and doc for cve-2023-26876 
Merge branch 'land-18182' into upstream-master
 2023-07-18 20:10:47 -05:00
bwatters 297c484a1c Land #18173, Add Openfire Authentication Bypass RCE [CVE-2023-32315] 
Merge branch 'land-18173' into upstream-master
 2023-07-18 18:13:20 -05:00
cgranleese-r7 a0f04a7018 Land #17681, Add datastore option for Jenkins home directory 2023-07-18 14:17:15 +01:00
rodnt ddb1cc0497 Fix all warns from msftidy rename the docs with the correct name 2023-07-17 23:57:39 +00:00
rodnt 1e75365f8e Update with all changes proposed by smcintyre-r7 2023-07-13 23:38:55 +00:00
rodnt 3f0d0ee34c Merge branch 'rapid7:master' into piwigo_cve_26876 2023-07-13 09:59:43 -03:00
rodnt fb8947aa49 change the comment at mysql image 2023-07-13 12:58:30 +00:00
101719434+rodnt@users.noreply.github.com 5b638bb37b add module and doc for cve-2023-26876 2023-07-12 15:45:40 -03:00
Jack Heysel 10c1b79c37 Land #17861, pfSense Config Data RCE as root 
This module exploits a vulnerability in pfSense version
2.6.0 and below which allows for authenticated users to
execute arbitrary operating systems commands as root.
 2023-07-12 14:32:06 -04:00
emirpolatt 34f25fbb65 pfSense Config Data Remote Command Execution as root (CVE-2023-27253) Module 2023-07-12 13:27:02 -04:00
adfoster-r7 5cb5c18550 Land #18170, Add module for SmarterMail Build 6985 - dotNET Deserialization Remote Code Execution (CVE-2019-7214) 2023-07-10 23:56:09 +01:00
Jack Heysel 420147d02e Land #18164, WooCommerce Payments auxiliary module 
This module exploits an auth bypass and priv esc vulnerability
in order to create an admin wordpress user.
 2023-07-10 17:19:56 -04:00
jheysel-r7 5261d842bc Update documentation/modules/auxiliary/scanner/http/wp_woocommerce_payments_add_user.md 2023-07-10 14:18:50 -04:00
h00die-gr3y a3ea55f2a6 added documentation 2023-07-08 12:30:54 +00:00
ismaildawoodjee 1706812099 Implemented requested changes 
* Small fixes in Description - removed backticks
* Implemented Windows Command target
* Removed PowerShell Stager, in Targets and in exploit method
* Implemented Rex::Socket::Tcp in place of TCPSocket

* Updated TARGET section in documentation
* Added TARGET 0 - Windows Command scenario
* Removed PowerShell Stager scenario
* Replaced 'Using configured payload' lines to use Windows Command payload
  for the 2nd, 3rd, and 4th scenarios. Did not rerun the scenarios, however
 2023-07-07 04:14:20 -04:00
Ismail Dawoodjee 24ef4e1b90 Update documentation/modules/exploit/windows/http/smartermail_rce.md 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-07-06 18:49:49 +03:00
ismaildawoodjee ad0d3e79a9 SmarterMail RCE module and documentation 2023-07-06 08:00:28 -04:00
Grant Willcox 3abcb3ebaa Explain ADMINID field more 2023-07-05 13:10:41 -05:00
Grant Willcox ce19ce5b72 Apply fixes from review 2023-07-05 12:24:51 -05:00
Jack Heysel f1b5cd46f4 Apache RocketMQ update config RCE 2023-07-05 12:38:51 -04:00
h00die f77e7db637 woocommerce payments auth bypass 2023-07-04 13:09:27 -04:00
h00die 375a315b3d woocommerce payments auth bypass 2023-07-04 13:05:07 -04:00
Spencer McIntyre 67f7a33d77 Land #18114, .NET assembly execution enhancements 
Allow .NET assembly execution within the meterpreter process
 2023-06-27 09:32:43 -04:00
Joshua Rogers 1e7af0457a Update jenkins_gather.md 
Change Windows default to C:\ProgramData\Jenkins\.jenkins.
 2023-06-26 21:29:27 +02:00
Jack Heysel bf1e6bddd1 Land #18134, Add exploit for CVE-2023-25194 
This exploits a Java deserialization vulnerbility
in Apache Druid which arises from a JNDI injection
within Apache Kafka clients.
 2023-06-23 16:52:04 -04:00
dwelch-r7 d68eb84334 Land #18065, Updates jenkins_gather module to work with newer version of Jenkins 2023-06-23 10:44:06 +01:00
cgranleese-r7 9176d0d3e0 Updates jenkins_gather to work with newer version of Jenkins 2023-06-23 10:02:03 +01:00
Heyder Andrade b026b38851 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-06-23 09:36:50 +02:00
Spencer McIntyre b5e028b47c Land #18100, Add MOVEit CVE-2023-34362 2023-06-22 14:23:44 -04:00
Spencer McIntyre dfd450561e Tweak some messages and cleanup markdown table 2023-06-22 14:23:25 -04:00
Redwaysecurity.com 77bb6759a6 Review suggestions 2023-06-22 18:12:13 +02:00
bwatters 5f667e1d79 Address code review 2023-06-22 10:22:43 -05:00
dwelch-r7 e298788a28 Land #18049, Update jenkins login scanner to work with newer versions 2023-06-22 14:04:24 +01:00
Redwaysecurity.com e2fc3c5eff Fixed documentation offenses 2023-06-22 14:48:16 +02:00
Redwaysecurity.com a8332e6064 Added exploit for CVE-2023-25194 2023-06-22 14:17:32 +02:00
bwatters 2adea08f67 Add documentation & code cleanup 2023-06-21 15:41:50 -05:00
cgranleese-r7 0609d246f3 adds more future proofing to implementation 2023-06-21 14:19:24 +01:00
Ashley Donaldson 6e438d338e Modify execute_dotnet_assembly to run in existing processes (including our own process) and receive output. 2023-06-21 12:04:09 +10:00
space-r7 9776a6eb4a Land #18078, add SID support for icpr_cert 
pulls in latest changes
 2023-06-15 13:39:31 -05:00
space-r7 5b77805d68 Land #18078, add support for SID in icpr_cert 2023-06-15 13:17:09 -05:00
adfoster-r7 51dc30909a Land #17670, add module to exploit CVE-2019-16328 2023-06-14 23:30:33 +01:00
Spencer McIntyre ae4faca1ba Update module docs to discuss KB5014754 changes 2023-06-14 16:18:04 -04:00
Jack Heysel c98cc00de9 Land #18075, RocketMQ version scanner 2023-06-13 18:15:34 -04:00
space-r7 7af22bfd41 Land #18077, add Symmetricom unauth cmd injection 2023-06-13 17:07:16 -05:00
space-r7 0d85c9e380 add module documentation 2023-06-13 13:14:51 -05:00
h00die-gr3y 4479d94658 Updates based on review comments from space-r7 and jvoisin 2023-06-12 19:28:08 +00:00
h00die-gr3y 7cd3854208 Removed Webshell upload and updated documentation 2023-06-12 13:58:59 +00:00
h00die-gr3y db8a49cc99 Updated documentation 2023-06-10 12:14:05 +00:00