020ee7ca5c
Land #17964 - Pentaho Business Server Auth Bypass and SSTI - CVE-2022-43769 and CVE-2022-43939
2023-05-11 09:28:55 -05:00
9f0a6503b7
require.js is not the only way, account for this new discovery in code
2023-05-10 13:02:02 -05:00
5d4e68d36c
Add Metasploit payload example and remove message that may suggest successful exploitation occurred even when it didn't
2023-05-10 10:36:29 -05:00
1b8f1de7c8
Add in fixes from review, add archive of software, and use uri_encode_mode for encoding parameters.
2023-05-10 10:16:08 -05:00
a485a786ef
Land #17881 , Zyxel chained RCE using LFI and weak password derivation algorithm
2023-05-10 11:49:51 +02:00
07056a74bc
Pentaho Business Server Auth Bypass and SSTI
2023-05-09 14:24:51 -05:00
f773d348e1
Add in notes about reliability of the module, and also add documentation on 7005 test on Windows 2022
2023-05-08 12:11:01 -05:00
c221edb1ec
Add in ADAudit Plus build 6077 testing examples
2023-05-08 11:45:44 -05:00
51ab9746fb
Updates based on cdelafuente-r7 comments
2023-05-06 19:05:21 +00:00
19651633c4
Update the installation instructions to resolve some issues encountered during testing
2023-05-04 18:26:54 -05:00
f27fc28411
Perform review updates
2023-05-04 15:12:31 -05:00
aede036b02
additional changes from code review
2023-05-04 15:12:30 -05:00
0fd743d851
Add in fixes from code review
2023-05-04 15:12:29 -05:00
d5032f0a5d
Minor touchups on documentation for review
2023-05-04 15:12:28 -05:00
32796b429b
add note about payload limitations for builds 7004 and 7005
2023-05-04 15:12:27 -05:00
3b0d8b850b
Fix up some issues identified during review
2023-05-04 15:12:26 -05:00
9f68a5f8d1
add manageengine_adaudit_plus_authenticated_rce exploit module and docs
2023-05-04 15:12:09 -05:00
60149259a2
Land #17856 , RCE exploit for CVE-2023-26359 (Adobe ColdFusion) and an auxiliary module for arbitrary file read via the same vuln.
2023-04-28 19:27:15 +02:00
c39751094a
Updates based on review comments
2023-04-21 11:46:53 +00:00
4131f1abf1
Fixed some bugs in module and added documentation
2023-04-20 08:23:55 +00:00
9c9eac28a7
Land #17874 , VMware Workspace One Access mr_me Hekate LPE
...
Merge branch 'land-17874' into upstream-master
2023-04-18 19:29:39 -05:00
6ae00877ed
Land #17854 , VMware Workspace One Access mr_me Hekate RCE
...
Merge branch 'land-17854' into upstream-master
2023-04-18 09:49:41 -05:00
78e80f8e32
docs fix
2023-04-17 16:41:35 -04:00
162fe21659
Documentation copy pasta correction
2023-04-17 16:39:57 -04:00
d4b668e27b
Update documentation/modules/exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.md
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2023-04-17 16:36:31 -04:00
db853f9a68
Land #17711 , SPIP unauth RCE module
...
This module exploits a publically accessible endpoint in
SPIP that results in code execution in the context of the
user running the webapp (CVE-2023-27372).
2023-04-17 15:30:03 -04:00
a4e1952da3
Add a module for the latest SPIP vuln
2023-04-17 13:41:03 -04:00
396a4b90cc
Land #17892 , update unified_remote_rce docs
2023-04-17 13:53:32 +01:00
37130e5a3d
move asan docs
2023-04-16 10:19:43 -04:00
4b176c8ef5
fix unified_remote_rce docs
2023-04-16 10:11:01 -04:00
5d05754d9b
update the AKB URL to reference the changed CVE
2023-04-14 17:44:38 +01:00
e6211175b3
rename the files to the correct CVE
2023-04-14 15:52:13 +01:00
b5ea420760
On April 12 Adobe reclassified CVE-2023-26360 from an Improper Access Controll vuln to a Deserialization of Untrusted Data vuln. A private report has confirmed that CVE-2023-26359 is a similar yet seperate vuln, so I am changing the CVE associated with these two modules from CVE-2023-26359 to CVE-2023-26360 as we now beliee this is the correct CVE.
2023-04-14 15:49:10 +01:00
08788d3d82
Update logging with rc script info
2023-04-13 14:28:15 -04:00
ae87f35944
fix two typos in documentation
2023-04-13 15:57:48 +01:00
30cf40a4f1
VMware Workspace One Acces LPE
2023-04-12 15:36:17 -04:00
bc57131b73
Moving LPE to separate PR
2023-04-12 15:23:51 -04:00
a6b478e046
Land #17832 , Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503
2023-04-12 11:43:13 +02:00
6119330e29
Update documentation to match current version of modules
2023-04-11 09:48:53 -07:00
375d9b34f1
make on_request_uri compatible with both command staget and teh generic java target
2023-04-11 14:25:07 +01:00
056b0a0e8b
LPE and doc updates
2023-04-07 10:41:10 -04:00
43fe41bea5
RCE exploit for CVE-2023-26359 and an auxiliary module for arbitrary file read via the same vuln.
2023-04-06 14:02:01 +01:00
b7456e20d5
VMware Workspace One Access mr_me Hekate exploit
2023-04-05 23:10:34 -04:00
c22c2904c2
Fix msftidy_docs stuff
2023-04-05 10:53:58 -07:00
15d267a233
Land #17826 , post module for CVE-2023-21768
...
This adds an exploit module for CVE-2023-21768 that
achieves local privilege escalation on Windows 11 2H22.
2023-03-30 12:27:28 -04:00
41fe44ef1a
Merge branch 'master' into unirpc-auth-bypass
2023-03-29 08:03:05 -07:00
6897be4b01
Add two Metasploit modules for UniData vulnerabilities
2023-03-29 08:01:50 -07:00
fcb93fef58
Land #17806 , Optergy BMS Backdoor RCE module
...
This module exploits an undocumented backdoor vulnerability
(CVE-2019-7276) in the Optergy Proton and Enterprise Building
Management System (BMS) applications.
2023-03-28 10:27:35 -04:00
f9c6caa804
Land #17785 , add SolarWinds (SWIS) deser RCE
2023-03-27 15:25:17 -05:00
6d4ee0c071
Add exploit for CVE-2023-21768
2023-03-27 20:08:22 +02:00
Grant Willcox