adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,852 Commits 27 Branches 1,043 Tags
f5aafdcfdfd153695d91890cf7ed0fab9d3df1bd
Commit Graph

2813 Commits

Author SHA1 Message Date
Takah1ro dc8531e37f Fix after applied suggestions (escape ') 2025-04-22 21:57:05 +09:00
Takahiro Yokoyama f579235b95 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-04-22 21:53:05 +09:00
Takah1ro e1b5109c70 Add BentoML RCE module (CVE-2025-32375) 2025-04-17 20:46:43 +09:00
Takahiro Yokoyama 5945e0db0e Update modules/exploits/linux/http/bentoml_rce_cve_2025_27520.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-04-16 22:05:04 +09:00
Takah1ro edcc30699a Make user be able to specify a particular endpoint 2025-04-16 21:47:31 +09:00
Takah1ro 4463bb2ced Support a pure-python payload 2025-04-16 21:25:36 +09:00
Takah1ro 6d936a72b1 Delete ARTIFACTS_ON_DISK 2025-04-16 20:54:22 +09:00
Takah1ro e51cd24383 Add BentoML RCE module (CVE-2025-27520) 2025-04-15 22:46:42 +09:00
msutovsky-r7 fe9a0ad25b Land #20008, PandoraFMS Auth RCE module 
Pandora FMS authenticated RCE [CVE-2024-12971]
 2025-04-08 07:50:28 +02:00
h00die-gr3y 40ba981c98 update based on reviewer suggestions 2025-04-07 14:29:51 +00:00
Takah1ro 39e4093310 Rubocop formatting after applied suggestions 2025-04-07 21:03:58 +09:00
Takahiro Yokoyama 7aabe06f66 Apply suggestions from code review 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-04-07 20:59:57 +09:00
Takah1ro ec6f4022cd Make the Ruby code error-safe 2025-04-07 20:28:57 +09:00
Takah1ro f42083db03 Increased the size of email to avoid duplicate 2025-04-07 20:23:31 +09:00
Takahiro Yokoyama 35c1ccccdb Update modules/exploits/linux/http/appsmith_rce_cve_2024_55964.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-04-07 20:06:55 +09:00
h00die-gr3y 76fb34a5db small update in description of the module and documentation 2025-04-06 10:49:03 +00:00
h00die-gr3y 8a72fd6861 init module and documentation 2025-04-06 10:33:56 +00:00
Takah1ro 139dd50333 Add Appsmith RCE module (CVE-2024-55964) 2025-04-05 14:56:04 +09:00
Spencer McIntyre bf1f919d9f Merge pull request #19957 from msutovsky-r7/auxmodule-eramba-update 
Auxmodule eramba update
 2025-03-25 13:54:24 -04:00
Martin Sutovsky 95f9e22eff Addressing comments 2025-03-20 20:46:38 +01:00
Martin Sutovsky df027f3fdd Update documentation, adding more precise check, removing unnecessary characters 2025-03-20 15:18:55 +01:00
msutovsky-r7 741a222e9a Land #19961, fixing incorrect URL in the InvoiceNinja module 
BUGFIX invoiceninja module - fixed invalid attackerkb reference
 2025-03-14 11:15:23 +01:00
msutovsky-r7 9961bfbc58 Land #19950, module for InvoiceShelf unauthenticated PHP deserialization 
InvoiceShelf unauthenticated PHP deserialization vulnerability [CVE-2024-55556]
 2025-03-14 10:21:56 +01:00
h00die-gr3y 84012fd60c fixed invalid attackerkb reference 2025-03-14 08:23:10 +00:00
h00die-gr3y 0ca2599f48 update based on review comments 2025-03-14 08:04:22 +00:00
Martin Sutovsky 9886f78575 Upgrade Eramba RCE module 2025-03-13 12:34:50 +01:00
h00die-gr3y 1ca57c86fc added base64 encoding in php payload execution 2025-03-11 21:30:32 +00:00
h00die-gr3y e341398871 small update on module and documentation 2025-03-10 19:35:37 +00:00
h00die-gr3y 281b728000 initial module and documentation 2025-03-07 17:34:22 +00:00
msutovsky-r7 196d95b2bf Land #19944, adding dynamic session for module CVE-2025-0655 
Update dtale_rce_cve_2025_0655.rb to use dynamically generated session
 2025-03-07 14:35:51 +01:00
Takah1ro edb47d968c Update function name after applied suggestion 2025-03-07 08:05:00 +09:00
Takahiro Yokoyama 233c710d82 Update modules/exploits/linux/http/dtale_rce_cve_2025_0655.rb 
Co-authored-by: Simon Janusz <85949464+sjanusz-r7@users.noreply.github.com>
 2025-03-07 07:54:50 +09:00
adfoster-r7 8604c72ef4 Merge pull request #19895 from cgranleese-r7/update-dead-module-references 
Update dead module references
 2025-03-05 16:57:05 +00:00
Takah1ro bf5ae87a3d Use dynamically generated session 2025-03-05 12:56:01 +09:00
msutovsky-r7 3c4d0aae2f Land #19899, D-Tale remote code execution module 
Add D-Tale RCE module (CVE-2024-3408, CVE-2025-0655)
 2025-03-03 13:04:45 +01:00
Takah1ro 47351e4959 Use FETCH_DELETE as default 2025-03-03 20:52:55 +09:00
Takah1ro 65d2b6380b Update vulnerable version 2025-03-02 12:14:25 +09:00
Takah1ro 77c3ce52e0 Improve: 
* Support the prior to 3.13.0 versions
* CVE-2024-3408 bypass for authentication
 2025-03-01 11:58:28 +09:00
Takah1ro 316ecd4d04 Use FETCH_FILELESS as default 2025-03-01 11:55:43 +09:00
cgranleese-r7 df8b0de0c8 Fixes some invalid links 2025-02-28 11:29:59 +00:00
cgranleese-r7 0017fbdf56 Updates more dead links 2025-02-28 10:30:14 +00:00
cgranleese-r7 810e7c4518 Adds scripts to find and replace dead module reference links 2025-02-28 09:20:48 +00:00
Takah1ro 40726d1859 Remove unnecessary & guard operator 2025-02-26 21:13:55 +09:00
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
h00die-gr3y 79411eace8 added code sugesstions from dledda-r7 2025-02-24 15:51:32 +00:00
h00die-gr3y 41e690445e simplified some code sections 2025-02-23 12:59:52 +00:00
Takah1ro 4d4b88c94e Add D-Tale unauth RCE module (CVE-2025-0655) 2025-02-23 09:33:42 +09:00
H00die.Gr3y b3a5da976b Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-22 10:35:45 +01:00
h00die-gr3y 47a2079d19 initial module and laravel crypto killer mixin 2025-02-21 18:09:28 +00:00
h00die-gr3y 215957465c added default options and updated documentation 2025-02-20 13:19:41 -06:00