adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,396 Commits 27 Branches 1,043 Tags
f40a2e8dbc35e44cb10509faee2007d13e567d0c
Commit Graph

1098 Commits

Author SHA1 Message Date
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel 78e80f8e32 docs fix 2023-04-17 16:41:35 -04:00
Jack Heysel 162fe21659 Documentation copy pasta correction 2023-04-17 16:39:57 -04:00
jheysel-r7 d4b668e27b Update documentation/modules/exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.md 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-04-17 16:36:31 -04:00
h00die 37130e5a3d move asan docs 2023-04-16 10:19:43 -04:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Ron Bowes 6119330e29 Update documentation to match current version of modules 2023-04-11 09:48:53 -07:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
Ron Bowes c22c2904c2 Fix msftidy_docs stuff 2023-04-05 10:53:58 -07:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
h00die-gr3y bcef7ee357 updated module and documentation with SUDO option 2023-03-26 18:31:25 +00:00
h00die-gr3y 0c87b0b7cf removed Windows reference from documentation 2023-03-23 10:34:51 +00:00
h00die-gr3y 820e625baa updated documentation 2023-03-22 21:17:54 +00:00
h00die-gr3y 8226fb9022 fixed small typos documentation 2023-03-22 20:04:34 +00:00
h00die-gr3y 28459c286a init commit module and documentation 2023-03-22 18:40:50 +00:00
Jack Heysel 1f2a889d0c Land #17388, Zyxel router RCE 
This module adds a new exploit module for a buffer
overflow in roughly 45 different Zyxel router and VPN models.
 2023-03-21 15:07:04 -04:00
Jack Heysel 31a32ccd9b linting and srvhost check fix 2023-03-17 14:39:02 -04:00
jheysel-r7 764abaf087 Update documentation/modules/exploit/linux/misc/zyxel_multiple_devices_zhttp_lan_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-03-17 12:59:48 -04:00
Grant Willcox c53a22d3fb Land #17750, FortiNAC keyUpload.jsp arbitrary file write CVE-2022-39952 2023-03-14 11:09:40 -05:00
Grant Willcox 7217a60e41 Update documentation to provide better installation instructions 2023-03-14 10:13:27 -05:00
Grant Willcox 4a4b2a28d2 Update documentation to provide better installation instructions 2023-03-14 09:21:08 -05:00
cgranleese-r7 ec7347cd49 Land #17509, tomcat 7 priv esc on rhel based systems (cve-2016-5425) 2023-03-14 10:16:18 +00:00
Grant Willcox 3bd4c15704 Correct architecture and do final fixes 2023-03-13 15:46:42 -05:00
Jack Heysel 2a9ddae531 Updated description 2023-03-09 17:43:14 -05:00
Jack Heysel 06e7c3d702 Responded to comments updated docs 2023-03-09 17:39:53 -05:00
Grant Willcox 100cfbccf9 Fix up some more slight things in documentation. Also tidy up some things in the module 2023-03-08 17:25:56 -06:00
Grant Willcox eeb30d2426 Fix up some typos etc from review in documentation 2023-03-08 16:44:06 -06:00
Jack Heysel dfae7e2fc4 FortiNAC keyUploap.jsp arbitrary file write CVE-2022-39952 2023-03-08 14:06:28 -05:00
Jack Heysel 3abd62076c Land #17624, Oracle E-Business Suite Module 
This pull request adds an exploit module for CVE-2022-21587
an arbitrary file upload vulnerability in Oracle Web Applications
Desktop Integrator as shipped with 12.2.3 through to 12.2.11
which results in RCE
 2023-02-28 17:04:20 -05:00
Jack Heysel 5311a491e9 Froxlor 2.0.7 is actually vulnerable too 2023-02-24 13:18:34 -05:00
space-r7 9621f77bac Land #17640, add Froxlor RCE 2023-02-22 12:11:38 -06:00
sfewer-r7 690abcfe1f improve the documentation, mention some steps required during setup. 2023-02-22 09:42:11 +00:00
Jack Heysel f6ec3855b3 Removed space at EOL 2023-02-22 00:35:42 -05:00
Jack Heysel 0c8df1a67b Updated docs and module suggetsions 2023-02-22 00:33:40 -05:00
Grant Willcox 38d8b70873 Make msftidy_docs.rb happy and then also clarify where to find software download links 2023-02-17 14:56:51 -06:00
Grant Willcox c713da368d Add in a few fixes from the review 2023-02-17 14:52:57 -06:00
sfewer-r7 73e82274dd changes as per @gwillcox-r7 review 2023-02-17 13:10:53 +00:00
Spencer McIntyre ecd5ad29a7 Add module docs 2023-02-15 16:29:42 -05:00
sfewer-r7 d1463df3cc fix documentation issues from msftidy_docs 2023-02-14 10:47:47 +00:00
Jack Heysel ca0b1ffe05 Documentation fixes 2023-02-13 19:56:23 -05:00
Jack Heysel 2e195b2742 Initial commit Froxlor RCE 2023-02-13 19:39:18 -05:00