adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,215 Commits 27 Branches 1,043 Tags
fc3b08fb8b97539d016878eb774df28362c444e3
Commit Graph

2496 Commits

Author SHA1 Message Date
space-r7 ccef129807 Land #16727, set tftphost option 2022-07-12 15:29:42 -05:00
kalba-security 17f82a900e linting for confluence_widget_connecter and add catch for all scenarios where clear_response returns nil 2022-07-01 08:43:47 -04:00
kalba-security f6b6ad4bf1 prevent confluence_widget_connector from crashing when the response body in get_java_property is empty 2022-07-01 07:37:54 -04:00
Spencer McIntyre 1b7d8f1e74 Fix a whitespace issue, restore option naming 2022-06-29 12:24:29 -04:00
bcoles bbbec267b6 exploits: Set tftphost option for modules which use Windows TFTP stager 2022-06-29 19:10:52 +10:00
Erik Schweiss 695e1243b8 Update modules/exploits/multi/http/phpmailer_arg_injection.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-06-28 23:08:20 -10:00
Erik 836970e1ae Update phpmailer_arg_injection.rb 
fixed typo
 2022-06-23 13:45:42 -10:00
Erik 8259e8e495 Update phpmailer_arg_injection.rb 
Fixed regex to match legal name tags
 2022-06-23 13:43:21 -10:00
Erik ae8f1c3378 Update on phpmailer_arg_injection.rb #15810 
Added Regex to validate new options
 2022-06-23 13:10:19 -10:00
Erik e9b2fc6ecf Merge branch 'rapid7:master' into master 2022-06-23 12:52:09 -10:00
Erik 96feb8d1be Update phpmailer_arg_injection.rb 
Changed new advanced option to camel case
 2022-06-23 12:47:26 -10:00
Spencer McIntyre 339114e3c0 Check the target platform for compatibility 2022-06-15 17:11:56 -04:00
Spencer McIntyre dc3596525e Add Windows targets 2022-06-15 15:23:34 -04:00
bwatters 3875db78ae Land #16644, Add Exploit for CVE-2022-26134 (Confluence RCE) 
Merge branch 'land-16644' into upstream-master
 2022-06-07 16:00:37 -05:00
Spencer McIntyre 1a06f69f95 Works through v7.18 now too 2022-06-06 22:03:21 -04:00
Spencer McIntyre 45c646afea Refactor #encode_ognl 2022-06-06 18:15:44 -04:00
Spencer McIntyre 2c0e034a18 Fix a couple of typos 2022-06-06 18:14:05 -04:00
Spencer McIntyre f55334f0fe Add version detection 2022-06-03 18:26:04 -04:00
Spencer McIntyre 76ec36a091 Remove the Windows targets for now 2022-06-03 16:50:13 -04:00
Spencer McIntyre 29a9ef686a Finish up a draft of the module 2022-06-03 16:47:02 -04:00
Spencer McIntyre cd6bbeb0ba WIP module 2022-06-03 15:27:13 -04:00
Kert Ojasoo 1dc61d02eb Update php_fpm_rce.rb 2022-06-03 11:23:53 +03:00
Christophe De La Fuente 474116d413 Land #16611, DotCMS File Upload to RCE Module (CVE-2022-26352) 2022-06-02 15:30:10 +02:00
jheysel-r7 97caca4f6e Update modules/exploits/multi/http/dotcms_file_upload_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-06-01 10:54:02 -04:00
Jack Heysel bea4207c62 Land PR #16607 - MyBB RCE Module (CVE-2022-24734) 
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
 2022-05-31 11:59:53 -04:00
Jack Heysel 2c02a607ee Responded to PR feedback 2022-05-30 14:46:54 -04:00
Christophe De La Fuente b996f5ee49 Fixes from code review 2022-05-30 16:24:18 +02:00
Christophe De La Fuente 1f304ef2c4 Add module exploit for MyBB RCE - CVE-2022-24734 2022-05-23 17:27:20 +02:00
Jack Heysel 3afb9b2ffe dotCMS file upload to RCE module 2022-05-20 15:57:22 -04:00
Jack Heysel 4f4287eb6b Module working on linux 2022-05-19 09:37:48 -04:00
Spencer McIntyre 19a9ff1198 Update a couple of modules for the new SMB server 2022-05-16 14:39:45 -04:00
adfoster-r7 0196b6fa75 Land #16555, move duplicated retry_until_truthy code into centralized location 2022-05-16 18:31:57 +01:00
Spencer McIntyre 1aceb71971 Rename the function to emphasize truthy 2022-05-13 09:16:01 -04:00
adfoster-r7 6a1fe27406 Land #16442, add vars_form_data to the HTTP client 2022-05-13 10:53:16 +01:00
Spencer McIntyre 05fcbd803e Add a new Retry mixin 2022-05-11 15:41:37 -04:00
adfoster-r7 e4f42d7eaa Update more modules to use the vars_form_data api 2022-05-11 18:18:21 +01:00
bwatters 92715c883f Land #16423, Add module for exploit CVE-2022-22965 
Merge branch 'land-16423' into upstream-master
 2022-05-10 08:44:06 -05:00
Spencer McIntyre ece5e2699a Automatically identify the HTTP method 2022-05-05 10:24:04 -04:00
Spencer McIntyre 7faac7faa4 Update the JSP file to delete itself 2022-05-02 14:34:51 -04:00
Spencer McIntyre 3bdb8e02e2 Use an exponential backoff to retry 2022-05-02 12:30:43 -04:00
Spencer McIntyre 0f8a35e4d3 Whitespace, grammar and timing changes 2022-05-02 10:45:21 -04:00
Jack Heysel 2b8ea72e51 Added autocheck fixed execute_payload method 2022-04-28 08:55:17 -07:00
vleminator 1185cfd99f Add support for payload dropper with windows path (backslash) 2022-04-28 00:02:19 +02:00
vleminator 6c75b7efcb Add WriteableDir as an advanced module option 2022-04-27 23:38:51 +02:00
vleminator 868d35a1ed bugfix encoding of the jsp payload dropper 2022-04-27 23:35:31 +02:00
vleminator 71eb6e6fb6 Refactor code to improve readability and remove unused code 2022-04-27 23:32:36 +02:00
Jack Heysel 5b82a978ea Added reference removed default payload 2022-04-27 09:48:21 -07:00
Jack Heysel 253cb8580a Responded to comments added retry_until_true 2022-04-27 09:45:18 -07:00
vleminator f57bdabb41 Refine the check method to perform less-invasive exploit validation 2022-04-27 14:05:47 +02:00
Jack Heysel a941fea26a Removed unused import added target_uri 2022-04-26 14:11:10 -07:00