adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,230 Commits 27 Branches 1,043 Tags
f87f831aba9f78e1859511fbeddef5ed9da32baa
Commit Graph

801 Commits

Author SHA1 Message Date
Jack Heysel f87f831aba Module updates + Docs 2021-07-08 16:09:02 -05:00
William Vu 8cd00bcb91 Update module doc 2021-07-06 22:25:35 -05:00
Christophe De La Fuente eca20bec92 Update from code review 
- Fix documentation typos
- Rename `MeterpreterBackground` Mettle option to `MeterpreterTryToFork`
 2021-06-30 11:02:11 +02:00
Christophe De La Fuente ccaedd6c9a Last additions and improvements 
- add binaries
- add documentation
- backup `runc` binary in the exploit C file
- add `MeterpreterBackground` options to set Mettle `background` option
- add `WsfDelay` logic
- refactor code
- add cleanup logic
- add restore `runc` binary logic
 2021-06-30 11:02:11 +02:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
M. Cory Billington e62efe0690 Added module and documentation for SuiteCRM Log File RCE 2021-05-22 00:11:19 -05:00
Spencer McIntyre 56388cd696 Land #15146, Add support for extra OSes for CVE-2021-3156 (Baron Samedit) 2021-05-18 18:02:30 -04:00
Spencer McIntyre a8a1cf75b8 Reorder the Fedora targets to be descending 2021-05-18 18:02:12 -04:00
William Vu 637e9cff48 Update vmware_vrops_mgr_ssrf_rce documentation 2021-05-06 18:30:20 -05:00
Ashley Donaldson 5dc8d0e684 Added automatic cleanup for exploit scripts that modify /etc/passwd 2021-05-06 21:50:03 +10:00
Christophe De La Fuente 7f667fab4e Update documentation 2021-05-04 14:12:48 +02:00
Mehmet INCE e3662034ea Update documentation/modules/exploit/linux/http/gravcms_exec.md 
Making consistent with documentation template.

Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-05-03 20:38:17 +03:00
Mehmet INCE 686f8c309a Fix the module documentation 2021-05-03 12:17:24 +03:00
Mehmet INCE 9e04805c0e Adding check method to gravcms exec 2021-05-03 11:14:43 +03:00
Mehmet INCE e3d05395de Add GravCMS exec 2021-05-03 11:14:42 +03:00
Ashley Donaldson 0435e281d9 Updated CVE-2021-3156 documentation to reflect code changes. 2021-05-03 16:45:50 +10:00
William Vu a2047071e2 Refine vmware_vrops_mgr_ssrf_rce module doc again 
I've used this Markdown trick before, but I wasn't sure it'd work here.
 2021-05-02 21:18:53 -05:00
William Vu 8b4a763eb1 Add words to vmware_vrops_mgr_ssrf_rce module doc 
I had dropped this sentence for brevity, but now I realize it's useful.
 2021-05-02 17:24:58 -05:00
William Vu a79ddb5b3c Fix "apache_ofbiz_deserialiation" typo in its doc 2021-05-01 17:23:52 -05:00
Shelby Pace 0535489703 Land #14947, add IGEL OS RCE 2021-04-30 15:49:11 -05:00
Shelby Pace a59eebc937 remove systemd limit modification info 2021-04-30 15:44:22 -05:00
Shelby Pace de22236902 add AutoCheck and update docs output 2021-04-30 15:38:57 -05:00
Spencer McIntyre 994825dcc9 Land #15090, Add exploit for CVE-2021-22502 2021-04-29 14:09:28 -04:00
Spencer McIntyre b2142aada7 Land #15086, Add exploit for CVE-2020-11857 2021-04-29 11:47:17 -04:00
Spencer McIntyre 4373b464ce Update the markdown module docs a bit 2021-04-29 11:46:40 -04:00
Shelby Pace a4af80d3e1 Land #15005, add VMware vRealize SSRF RCE 2021-04-27 09:19:55 -05:00
Shelby Pace 363db0e271 Land #14977, add Apache Druid js rce 2021-04-26 12:01:19 -05:00
Li Hua 9b984ddbed Update microfocus_obr_cmd_injection.md 2021-04-25 11:02:54 +08:00
Pedro Ribeiro 651a34af53 add sploit for MF OBR cmd injection 2021-04-23 21:04:36 +07:00
Pedro Ribeiro 02656a2c31 add clarification - it's for linux only 2021-04-23 19:23:18 +07:00
Pedro Ribeiro 30c333b30d fix typo in shrboadmin 2021-04-23 15:03:34 +07:00
Pedro Ribeiro 71f5955b42 add OBR SSH module 2021-04-23 15:00:06 +07:00
William Vu a62d1dfbcd Add some details back in 2021-04-21 16:02:21 -05:00
William Vu 5111caf536 Address @gwillcox-r7 review 
New words from @gwillcox-r7.
 2021-04-21 13:10:21 -05:00
William Vu d4041cb5f4 Add module doc 2021-04-21 10:42:10 -05:00
Grant Willcox e0f13e44d1 Land #14699, Add Nagios XI snmptrap RCE and docs (CVE-2020-5792) 2021-04-20 14:30:45 -05:00
Grant Willcox 13d3e4ae89 Add in CentOS 7 with NagiosXI 5.6.5 scenario 2021-04-20 14:12:56 -05:00
Grant Willcox f241a050b8 Apply review comments and fixes to documentation and the module 2021-04-20 12:38:34 -05:00
Grant Willcox 4ac9304ca2 Land #14968 - Add Nagios XI Mibs.php Authenticated RCE module and docs (CVE-2020-5791) 2021-04-16 14:37:15 -05:00
Grant Willcox 496e074ec8 Add in fixes to documentation and module from review 2021-04-16 13:14:17 -05:00