adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,798 Commits 27 Branches 1,043 Tags
fbda738da98a60146a0bef98b68fc8fc595eb8f5
Commit Graph

5519 Commits

Author SHA1 Message Date
bcoles 3f781de8e9 Add Wowza Streaming Engine Manager Login Utility 2023-03-07 23:42:42 +11:00
cgranleese-r7 6259f02051 Land #17684, Add rbcd exploitation documentation to docs site 2023-03-03 13:31:53 +00:00
adfoster-r7 0047ce5d3a Add rbcd exploitation documentation to docs site 2023-03-03 13:18:29 +00:00
Spencer McIntyre a418bd9c65 Land #17638, Lucee Scheduled Job RCE 2023-03-02 08:57:19 -05:00
JBince 1245124afa updated docs to reflect changes from smcintyre-r7 2023-02-28 19:58:39 -06:00
Jack Heysel 3abd62076c Land #17624, Oracle E-Business Suite Module 
This pull request adds an exploit module for CVE-2022-21587
an arbitrary file upload vulnerability in Oracle Web Applications
Desktop Integrator as shipped with 12.2.3 through to 12.2.11
which results in RCE
 2023-02-28 17:04:20 -05:00
Spencer McIntyre a916163b49 Cleanup files and fixup messages 2023-02-28 16:41:57 -05:00
space-r7 b3e6767125 Land #17676, add SIS login module 2023-02-28 15:41:24 -06:00
JBince 8b03f2fda8 Reworked payload execution logic 2023-02-27 11:09:34 -06:00
Jack Heysel 5311a491e9 Froxlor 2.0.7 is actually vulnerable too 2023-02-24 13:18:34 -05:00
Jack Heysel 5749b402af Land #17672, disable ClamAV on Linux 
This PR includes a post module that will disable
ClamAV on Linux systems.
 2023-02-23 21:51:48 -05:00
space-r7 9621f77bac Land #17640, add Froxlor RCE 2023-02-22 12:11:38 -06:00
Imran E. Dawoodjee 62439bbcd0 Update documentation 2023-02-22 22:52:43 +08:00
Imran E. Dawoodjee 2b5b17916f Update docs, improved robustness of module+lib 2023-02-22 22:41:14 +08:00
sfewer-r7 690abcfe1f improve the documentation, mention some steps required during setup. 2023-02-22 09:42:11 +00:00
Jack Heysel f6ec3855b3 Removed space at EOL 2023-02-22 00:35:42 -05:00
Jack Heysel 0c8df1a67b Updated docs and module suggetsions 2023-02-22 00:33:40 -05:00
Imran E. Dawoodjee 6e9a7a9d07 Minor fixes 2023-02-20 23:45:59 +08:00
archcloudlabs f61c3bcefc initial commit of disable_av documentation 2023-02-19 19:49:39 -05:00
Imran E. Dawoodjee bdc435f5c8 Add login module for Softing Secure Integration Server 2023-02-19 22:25:22 +08:00
Grant Willcox 38d8b70873 Make msftidy_docs.rb happy and then also clarify where to find software download links 2023-02-17 14:56:51 -06:00
Grant Willcox c713da368d Add in a few fixes from the review 2023-02-17 14:52:57 -06:00
JBince ce9933fc4c Feedback changes + rubocop & msftidy changes 2023-02-17 08:16:49 -06:00
sfewer-r7 73e82274dd changes as per @gwillcox-r7 review 2023-02-17 13:10:53 +00:00
JBince a3a6ae9c4a feedback fixes 2023-02-16 14:33:03 -06:00
Spencer McIntyre ecd5ad29a7 Add module docs 2023-02-15 16:29:42 -05:00
Spencer McIntyre ac9d60ce9e Land #17281, Added module for CVE-2022-2992 
Added module for CVE-2022-2992 - Gitlab Remote Command Execution via Github import
 2023-02-14 16:57:29 -05:00
sfewer-r7 d1463df3cc fix documentation issues from msftidy_docs 2023-02-14 10:47:47 +00:00
Jack Heysel ca0b1ffe05 Documentation fixes 2023-02-13 19:56:23 -05:00
Jack Heysel 2e195b2742 Initial commit Froxlor RCE 2023-02-13 19:39:18 -05:00
Grant Willcox d012145726 Land #17599, Cisco RV LAN Exploit - CVE-2022-20705 and CVE-2022-20707 2023-02-13 17:50:06 -06:00
JBince 1dadd113dd msftidy changes to documentation 2023-02-13 15:27:07 -06:00
JBince 9c3cfd8bdb Added documentation, cleaned up functions, rubocop fixes 2023-02-13 15:19:45 -06:00
Grant Willcox 45e453d687 Fix up remaining review comments 2023-02-13 15:07:25 -06:00
Spencer McIntyre c3fa924cfa Remove the NGROK_URL option 2023-02-13 14:31:44 -05:00
Spencer McIntyre 210b7a3254 Use #get_json_document instead of JSON.parse 
Also fix typos
 2023-02-13 14:00:13 -05:00
sfewer-r7 6b29b14c46 add in module documentation 2023-02-10 12:41:55 +00:00
Grant Willcox f2a86327d0 Minor fixes from review 2023-02-09 15:34:25 -06:00
Spencer McIntyre c7279e9a0a Add credit for CVE-2023-0669; fix path in docs 2023-02-09 13:02:40 -05:00
bcoles de8a6e1445 Move fortra_goanywhere_rce_cve_2023_0669 module documentation to documentation directory 2023-02-09 23:12:45 +11:00
Stephen Wildow 427c181e9a Utilized msftidy_docs.rb to clean up missing sections, excessively long lines, spaces at EOL, and space end of file. Removed credit section. Expanded on installation procedure. Modified steps procedure to include Verify options and removed failure status. Removed Targets section. Scenarios have device, target, and architecture. 2023-02-08 19:18:14 -05:00
Jack Heysel 19bcf8be7f Working hardcoded payload 2023-02-08 18:14:11 -05:00
bwatters 01a78f972c Land #17567, ManageEngine Endpoint Central RCE (CVE-2022-47966) 
Merge branch 'land-17567' into upstream-master
 2023-02-08 13:06:53 -06:00
Stephen Wildow 35749a000a Added docs. Performed code linting with rubocop. 2023-02-07 20:27:07 -05:00
bwatters 8ee67085c8 Land #17556, ManageEngine ADSelfService Plus RCE (CVE-2022-47966) 
Merge branch 'land-17556' into upstream-master
 2023-02-07 16:57:22 -06:00
Matthew Dunn 52fa2e5be6 Add example for version 5.5.6 with CVE-2021-25297 2023-02-07 14:18:53 -06:00
Grant Willcox 489ab24876 Add in additional case documentation for the various targets and CVEs and fix a bug in the code 2023-02-07 14:18:45 -06:00
Matthew Dunn 8ba7a28caf Add quotes to set-time command in docs 2023-02-07 14:18:45 -06:00
Matthew Dunn 90e07ef5ed Switch to match over scan and add troubleshooting steps 2023-02-07 14:18:37 -06:00
Matthew Dunn 1cb06b11ac Adjust exploit and docs to support versions 5.5.6-5.7.5 2023-02-07 14:18:09 -06:00