adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,147 Commits 27 Branches 1,043 Tags
fdd7a863c8a1ac062086e71cb00a569194d2d313
Commit Graph

16467 Commits

Author SHA1 Message Date
Jack Heysel fdd7a863c8 Land #16736, fix confluence_widget_connector crash 
This change fixes a bug in the confluence_widget_connector 
exploit module to prevent it from crashing when the HTTP
response body received in the get_java_property method is
empty or does not match expected regex.
 2022-07-12 12:27:40 -04:00
Jack Heysel 52fd45b7ab Land #16744 Jboss EAP/AS RCE module 
This module exploits a Java deserialization vulnerability
in JBOSS EAP/AS Remoting Unified Invoker interface for
versions 6.1.0 and prior.
 2022-07-12 10:49:22 -04:00
Jack Heysel 7df6d73741 Added new line to end of file 2022-07-12 09:08:19 -04:00
Jack Heysel 44abcfcb28 Added flavour to fix linux_dropper 2022-07-12 09:06:06 -04:00
adfoster-r7 3e66fc8f4e Fix crash in ms04-007-killbill 2022-07-10 00:07:26 +01:00
Spencer McIntyre 728cf97f6e Land #16718, Fix run_as module on x64 systems 2022-07-08 09:22:22 -04:00
Heyder Andrade 2f7cf90b7f mixin didn't work with linux_dropper payload 
- Fixed exception handling variable attribution
- Tried to change JavaDeserialization Util to JavaDeserialization mixin
instead
- Changed the fail reason when the connection is unsuccessful
 2022-07-08 02:30:26 +02:00
space-r7 f958b0a053 Land #16738, correct CVE/lint for weblogic module 2022-07-07 18:08:13 -05:00
space-r7 52ac281991 change wording in fail_with() 2022-07-07 18:05:56 -05:00
Jack Heysel 4da72a9b01 Land #16735, Fix defaults for aerohive module 
This change sets the MeterpreterTryToFork advanced
payload option to true by default for the Linux target
in the aerohive_netconfig_lfi_log_poison_rce module.
 2022-07-07 16:21:56 -04:00
kalba-security 7d32338702 remove ARTIFACTS_ON_DISK from weblogic_deserialize_asyncresponseservice notes 2022-07-07 05:26:59 -07:00
Spencer McIntyre f7209bfc75 Land #16724, Modernize ms01_026_dbldecode 
Use HttpClient; remove meterpreter code; fix stager
 2022-07-05 09:36:58 -04:00
Heyder Andrade 50ca5f0ce2 Add description 2022-07-05 00:25:07 +02:00
bcoles 04aa05faa2 ms01_026_dbldecode: Use HttpClient; remove meterpreter code; fix stager 2022-07-03 18:22:55 +10:00
Heyder Andrade 0ea033be55 Add module for jboss remoting unified invoker RCE 2022-07-01 21:39:42 +02:00
kalba-security 48598b8c5b correct CVE and add linting for weblogic_deserialize_asyncresponseservice 2022-07-01 10:27:51 -04:00
kalba-security 17f82a900e linting for confluence_widget_connecter and add catch for all scenarios where clear_response returns nil 2022-07-01 08:43:47 -04:00
kalba-security f6b6ad4bf1 prevent confluence_widget_connector from crashing when the response body in get_java_property is empty 2022-07-01 07:37:54 -04:00
kalba-security b56242c7a2 enable MeterpreterTryToFork by default for aerohive_netconfig_lfi_log_poison_rce 2022-07-01 06:15:13 -04:00
Christophe De La Fuente 0e3fdd0799 Fix from code review 2022-06-29 19:18:47 +02:00
Spencer McIntyre 2d6e910078 Land #16721, Phpmailer arg injection update 2022-06-29 13:00:48 -04:00
Spencer McIntyre 1b7d8f1e74 Fix a whitespace issue, restore option naming 2022-06-29 12:24:29 -04:00
Erik Schweiss 695e1243b8 Update modules/exploits/multi/http/phpmailer_arg_injection.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-06-28 23:08:20 -10:00
adfoster-r7 6b17905790 Land #16722, Fix notes for SideEffects and Reliability 2022-06-28 10:15:04 +01:00
bcoles 9087f86cce exploit/multi/misc/nomad_exec: Fix notes for SideEffects and Reliability 2022-06-28 17:02:51 +10:00
Erik Schweiss a89e88c462 Merge branch 'rapid7:master' into phpmailer_arg_injection_update 2022-06-27 11:05:41 -10:00
Christophe De La Fuente a9d3e7c758 Fix run_as module on x64 systems 2022-06-27 13:21:58 +02:00
Erik 836970e1ae Update phpmailer_arg_injection.rb 
fixed typo
 2022-06-23 13:45:42 -10:00
Erik 8259e8e495 Update phpmailer_arg_injection.rb 
Fixed regex to match legal name tags
 2022-06-23 13:43:21 -10:00
Erik ae8f1c3378 Update on phpmailer_arg_injection.rb #15810 
Added Regex to validate new options
 2022-06-23 13:10:19 -10:00
Erik e9b2fc6ecf Merge branch 'rapid7:master' into master 2022-06-23 12:52:09 -10:00
Erik 96feb8d1be Update phpmailer_arg_injection.rb 
Changed new advanced option to camel case
 2022-06-23 12:47:26 -10:00
Grant Willcox e4ce1c53dd Fix reference URL link 2022-06-22 15:49:43 -05:00
Spencer McIntyre 339114e3c0 Check the target platform for compatibility 2022-06-15 17:11:56 -04:00
Spencer McIntyre dc3596525e Add Windows targets 2022-06-15 15:23:34 -04:00
Grant Willcox a075c676a6 Fix spacing issue 2022-06-10 08:47:41 -05:00
dwelch-r7 3f06e237b7 Correctly format the notes sections 2022-06-10 14:01:57 +01:00
bwatters 3875db78ae Land #16644, Add Exploit for CVE-2022-26134 (Confluence RCE) 
Merge branch 'land-16644' into upstream-master
 2022-06-07 16:00:37 -05:00
Spencer McIntyre 1a06f69f95 Works through v7.18 now too 2022-06-06 22:03:21 -04:00
Spencer McIntyre 45c646afea Refactor #encode_ognl 2022-06-06 18:15:44 -04:00
Spencer McIntyre 2c0e034a18 Fix a couple of typos 2022-06-06 18:14:05 -04:00
bwatters c751ef46c9 Land #16635, Add 0-day MSWord RCE #Follina CVE-2022-30190 
Merge branch 'land-16635' into upstream-master
 2022-06-06 14:41:31 -05:00
Spencer McIntyre f55334f0fe Add version detection 2022-06-03 18:26:04 -04:00
Spencer McIntyre 76ec36a091 Remove the Windows targets for now 2022-06-03 16:50:13 -04:00
Spencer McIntyre 29a9ef686a Finish up a draft of the module 2022-06-03 16:47:02 -04:00
Spencer McIntyre cd6bbeb0ba WIP module 2022-06-03 15:27:13 -04:00
Kert Ojasoo 1dc61d02eb Update php_fpm_rce.rb 2022-06-03 11:23:53 +03:00
Christophe De La Fuente 474116d413 Land #16611, DotCMS File Upload to RCE Module (CVE-2022-26352) 2022-06-02 15:30:10 +02:00
RAMELLA Sébastien 3ab06461af fix. second review 2022-06-02 00:58:20 +04:00
RAMELLA Sébastien dd1814903c fix. SRVHOST default value 2022-06-02 00:07:15 +04:00