adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,067 Commits 27 Branches 1,043 Tags
fa1e7ae0169c1929be06febfa2d036bd81607644
Commit Graph

4207 Commits

Author SHA1 Message Date
sfewer-r7 fa1e7ae016 close all CMFL tags and chain the getRuntime and exec calls for berevity 2023-04-11 11:22:13 +01:00
sfewer-r7 43fe41bea5 RCE exploit for CVE-2023-26359 and an auxiliary module for arbitrary file read via the same vuln. 2023-04-06 14:02:01 +01:00
SubcomandanteMeowcos a54f3d4707 fix broken module references 
doing these "by domain" now, piecemeal.

this PR fixes all broken references to the "insecurety" website, which is long dead.
 2023-04-01 05:17:02 -07:00
adfoster-r7 0a559bfded Land #17704, Apache Solr RCE via Velocity Template: Attempt fix for NoMethodError when exploiting 2023-03-29 15:12:04 +01:00
Jack Heysel f3c12ba176 Land #17808, Update broken secunia references 
The Secunia links in the framework were dead. They have
now been restored using the wayback machine to grab
replacement links from the earliest date possible.
 2023-03-27 17:20:13 -04:00
adfoster-r7 d04c8e1bce Update broken secunia references 2023-03-23 10:43:57 +00:00
space-r7 67ac2dc584 Land #17771, add monitorr file upload rce 2023-03-22 13:00:38 -05:00
space-r7 3fe0801d92 use target_uri.path in requests 2023-03-22 12:50:11 -05:00
h00die-gr3y e3df74ee5b Updates addressing review points of space-r7 2023-03-20 21:04:58 +00:00
H00die.Gr3y 871a251c94 Apply suggestions from code review 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-03-20 21:44:11 +01:00
h00die-gr3y 5903addbd6 Updates adressing majority of review points 2023-03-19 15:13:09 +00:00
Christophe De La Fuente 0df12fd694 Land #17754, Open web analytics 1.7.3 remote code execution 2023-03-17 10:15:33 +01:00
H00die.Gr3y 04e0fc70bf Apply suggestions from code review 
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com>
 2023-03-16 19:25:03 +01:00
Pflegusch 3baa894840 Add DefangedMode to warn the user 2023-03-16 18:07:28 +01:00
Christophe De La Fuente daadb4f523 Land #17775 - Add exploit for Bitbucket env var RCE (CVE-2022-43781) 2023-03-16 11:01:07 +01:00
Pflegusch 027793cce6 Remove unused variable res in check_connection 2023-03-15 19:00:26 +01:00
Pflegusch ac72c12734 Set timeout of 1s to make session available much quicker 2023-03-15 18:59:22 +01:00
Pflegusch d06e2d9e3d Remove nvd url 2023-03-15 18:56:23 +01:00
space-r7 22c05105d3 address review comments 
reduces some code duplication, sets privileged to true,
and modifies documentation to reflect lhost / rhost opts
 2023-03-15 11:18:03 -05:00
Pflegusch ee0334dd40 since file got deleted, one can not trigger the payload anymore by opening the php url 2023-03-15 01:05:10 +01:00
space-r7 fddcae3d93 don't always create repo 2023-03-14 19:03:58 -05:00
Pflegusch 0cbebc8a4c Remove malicious .php file at the end of the exploit 2023-03-15 01:03:20 +01:00
Pflegusch 103def70e4 More detailed error message for failed regex match 2023-03-15 00:07:20 +01:00
Pflegusch d72d47e502 Update Failure Codes and check for nil in the helper functions 2023-03-14 23:59:57 +01:00
Pflegusch 897aaf9572 Use Failure::UnexpectedReply when password cant be changed 2023-03-14 23:41:48 +01:00
Pflegusch 2310b0d942 Use Failure::NotFound when no valid cache file is found 2023-03-14 23:40:29 +01:00
Pflegusch 86f4a16cff Check if cache_request is not nil 2023-03-14 23:38:57 +01:00
Pflegusch e160e51711 Fix typos, update docs with advanced option SearchLimit, implement SearchLimit into module 2023-03-14 23:29:55 +01:00
Pflegusch 887551bf2c Use UnexptectedReply instead of Unknown 2023-03-14 22:29:38 +01:00
Pflegusch 8db10af8c0 check if res is not nil in addition to res.code 2023-03-14 22:28:52 +01:00
Pflegusch dff139d6d7 remove fail_with in check_connection as suggested 2023-03-14 22:24:08 +01:00
Pflegusch 2ce3aeed2b Add CONFIG_CHANGES to the side effects 2023-03-14 22:16:10 +01:00
Pflegusch c0ee250b6b Add some more URL references 2023-03-14 22:14:16 +01:00
Pflegusch cfaad7fb84 prepend AutoCheck 2023-03-14 22:10:44 +01:00
Pflegusch 9e64f02742 Use default values in option declaration instead of DefaultOptions 2023-03-14 22:08:05 +01:00
Pflegusch ac6e94770e use Failure::Unreachable and use unless instead of if/else 2023-03-14 22:03:31 +01:00
Pflegusch 311314984f Remove base64 requirement 2023-03-14 21:47:29 +01:00
Pflegusch cc4e455530 Remove directory datastore option and make username and password required 2023-03-14 21:46:45 +01:00
space-r7 1eeaff255e make username / password opts required 2023-03-13 16:45:48 -05:00
space-r7 4bb843fe70 add documentation, adjust method of getting ids 2023-03-13 15:31:41 -05:00
space-r7 4eef052fcd add usage of linux cmdstager, cleanup, description 2023-03-13 13:24:15 -05:00
h00die-gr3y 07d7248de8 initial module commit 2023-03-13 13:32:14 +00:00
Pflegusch 94e9504727 Use metasploit payload instead of hardcoded one 2023-03-11 14:47:32 +01:00
Pflegusch 3f7f28dd4f make use of full_uri and change regex 2023-03-11 14:25:04 +01:00
space-r7 2fbc80a44f add base cmdstager support for windows target 2023-03-09 16:24:12 -06:00
Pflegusch 38511f4d89 Rename establish_connection function 2023-03-09 17:06:07 +01:00
Pflegusch e66fd8f5ae Use rand_text_alphanumeric function 2023-03-09 17:03:48 +01:00
Pflegusch 69839d1924 Remove get_proxy_protocol function 2023-03-09 17:02:10 +01:00
Pflegusch 614f4b6d89 Make installation path of owa configurable 2023-03-09 16:32:28 +01:00
h00die-gr3y fc711131a2 added MIME, added break in mixin and added link with installation instructions 2023-03-09 09:28:46 -06:00