adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,768 Commits 27 Branches 1,043 Tags
ff15b581ed084f2104610d232ec4875bdfd8ab9a
Commit Graph

77768 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
happybear-21 ff15b581ed resolved: issues 2025-06-29 12:34:38 +05:30
happybear-21 e77abd9bbc added: automatic admin_allow_langedit permission checking and enabling capability 2025-06-28 16:20:49 +05:30
happybear-21 93a8334699 fixed: build issue 2025-06-27 20:16:07 +05:30
happybear-21 840ae0f317 resolved: issues 2025-06-27 19:42:35 +05:30
happybear-21 016f4ea142 resolved: issues 2025-06-26 10:26:05 +05:30
happybear-21 d787444137 Add exploit module for ISPConfig language_edit.php PHP Code Injection (CVE-2023-46818) 
- Adds modules/exploits/linux/http/ispconfig_lang_edit_php_code_injection.rb
- Adds documentation for the module in documentation/modules/exploit/linux/http/ispconfig_lang_edit_php_code_injection.md
- Module targets ISPConfig < 3.2.11p1 with admin_allow_langedit enabled
- References and implementation based on PoC and advisories at https://github.com/SyFi/CVE-2023-46818
 2025-06-25 22:27:52 +05:30
adfoster-r7 256ad33585 Merge pull request #20353 from cgranleese-r7/add-validation-for-arch-values 
Add validation for arch values
6.4.71 		2025-06-25 17:13:01 +01:00
cgranleese-r7 00c88caffb Updates incorrect arch values in modules 2025-06-25 16:57:27 +01:00
cgranleese-r7 a9a8ac7762 Adds validation for arch values 2025-06-25 16:57:23 +01:00
adfoster-r7 bbcac720e5 Merge pull request #20351 from cgranleese-r7/fix-non-printable-chars-in-module-description-and-name 
Fix non-printable non-ascii chars in module description and name
 2025-06-25 15:39:59 +01:00
cgranleese-r7 04a18fb3ca Updates modules to remove non-printable chars 2025-06-25 14:19:56 +01:00
cgranleese-r7 64504319e6 Updates module validation to check description and name for non-printable chars 2025-06-25 14:19:43 +01:00
Diego Ledda fda250d604 Merge pull request #19910 from msutovsky-r7/fix/add-PPC64-template 
Fixing PPC64 template and payloads
 2025-06-25 12:33:39 +02:00
msutovsky-r7 fde78bf73f Land #20324, adds exploit for UNC path in .url files (CVE-2025-33053) 
Adds exploit module for Internet Shortcut UNC path vulnerability (CVE-2025-33053)
 2025-06-25 11:23:23 +02:00
Diego Ledda 6d843385ec Merge pull request #20301 from msutovsky-r7/exploit/cve-2021-25094 
Adds module for Tatsu WP plugin (CVE-2021-25094)
 2025-06-25 10:58:22 +02:00
adfoster-r7 f91f525e1e Merge pull request #20350 from cgranleese-r7/adds-sentinel-values-to-modules-missing-one-or-more-notes 
Adds sentinel notes to modules that are missing stability, reliability or side effects
 2025-06-25 09:50:09 +01:00
cgranleese-r7 40ca2b3b1b Adds sentinel notes to modules that are missing stability, reliability or side effects 2025-06-25 09:32:01 +01:00
Diego Ledda afdad8ed4c chore(wp_tatsu_rce): msftidy_docs fix 2025-06-25 10:16:49 +02:00
adfoster-r7 82018b6c52 Merge pull request #20343 from cgranleese-r7/adds-sentinel-vales-to-modules-without-notes 
Adds sentinel values to modules without notes
 2025-06-25 09:12:31 +01:00
DevBuiHieu e198cf635f Merge pull request #2 from msutovsky-r7/collab/webdav_working_dir_exploit 
Minor code changes, updates documentation
 2025-06-24 21:43:43 +07:00
Martin Sutovsky 13cd2d2e51 Minor code changes, updates documentation 2025-06-24 16:22:42 +02:00
msutovsky-r7 a67c883e0c Removes unnecessary header 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-06-24 15:48:38 +02:00
Spencer McIntyre 12245519f5 Merge pull request #20206 from adfoster-r7/update-mettle 
Update mettle 1.0.42
 2025-06-24 08:49:25 -04:00
DevBuiHieu fa0d01f55c Update modules/exploits/windows/fileformat/cve_2025_33053.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-06-24 19:24:06 +07:00
DevBuiHieu 78f982e133 Merge pull request #1 from msutovsky-r7/collab/webdav_working_dir_exploit 
Internet Shortcut UNC Module Upgrade
 2025-06-24 18:33:19 +07:00
cgranleese-r7 30c15535b4 Adds a check to skip modules with execellent ranking and sentinel values 2025-06-24 12:13:08 +01:00
cgranleese-r7 a454217bd4 Update info -d markdown 2025-06-24 11:21:49 +01:00
Martin Sutovsky dd6bb2c8dc Remove debug statements 2025-06-24 12:10:46 +02:00
Martin Sutovsky 3d9cc6063d Adds SMB server to send payload 2025-06-24 12:10:19 +02:00
Martin Sutovsky 6aa24a0762 Adds researchers in author section, base for WebDAV server 2025-06-23 15:38:09 +02:00
cgranleese-r7 37388ca1be Adds sentinel values to modules missing notes 2025-06-23 12:24:58 +01:00
adfoster-r7 0972888802 Update Mettle 1.0.42 2025-06-23 11:58:29 +01:00
adfoster-r7 4c4a864b06 Merge pull request #20326 from 00nx/patch-1 
Add total number of currently defined aliases
 2025-06-23 11:28:02 +01:00
adfoster-r7 be8864fe84 Merge pull request #20339 from bcoles/exploit-windows-fileformat-ms_visual_basic_vbp 
exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document
 2025-06-23 10:41:14 +01:00
cgranleese-r7 b16732c3bf Updates enforce notes rubocop rule to add notes to modules that are missing notes 2025-06-23 10:40:02 +01:00
adfoster-r7 8c2d0f50bc Merge pull request #20342 from cgranleese-r7/runs-trailing-comma-in-arguements-rubocop-on-modules 
Runs Style/TrailingCommaInArguments Rubocop against modules
 2025-06-23 10:02:57 +01:00
cgranleese-r7 ade9b54d94 Runs Style/TrailingCommaInArguments Rubocop against modules 2025-06-23 09:30:35 +01:00
msutovsky-r7 b37b6487e3 Land #20340, adds documentation and cleans up exploit/windows/browser/ms08_070_visual_studio_msmask 
exploit/windows/browser/ms08_070_visual_studio_msmask: Cleanup and add documentation
 2025-06-23 08:05:22 +02:00
adfoster-r7 51e71dc754 Merge pull request #20332 from todb/update-module-counter 
Update module counter
 2025-06-22 23:13:32 +01:00
bcoles e1dec29ef9 exploit/windows/browser/ms08_070_visual_studio_msmask: Cleanup and add documentation 2025-06-23 00:38:44 +10:00
bcoles c0baf1888b exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document 2025-06-23 00:11:54 +10:00
adfoster-r7 b8c375d087 Merge pull request #20337 from bcoles/exploit-linux-http-opentsdb_key_cmd_injection 
opentsdb_key_cmd_injection: Set Arch to ARCH_CMD
 2025-06-22 14:51:04 +01:00
adfoster-r7 17125b492a Merge pull request #20335 from bcoles/rubocop-Lint/DetectMetadataTrailingLeadingWhitespace 
Rubocop: Lint/DetectMetadataTrailingLeadingWhitespace: Except BadChars
 2025-06-22 14:36:07 +01:00
bcoles cede07596f opentsdb_key_cmd_injection: Set Arch to ARCH_CMD 2025-06-22 12:39:04 +10:00
bcoles 8ab259122e Land #20336: opennms_horizon_authenticated_rce: Set Arch to ARCH_CMD 2025-06-22 12:31:22 +10:00
Ahmed Ezzat 0307bab692 Update opennms_horizon_authenticated_rce.rb 
Fix Arch
 2025-06-21 20:37:33 +03:00
bcoles e65532a7fc Rubocop: Lint/DetectMetadataTrailingLeadingWhitespace: Except BadChars 2025-06-21 21:31:33 +10:00
Tod Beardsley 81cb85eef0 Make msfbase actually do something useful 
Signed-off-by: Tod Beardsley <todb@hugesuccess.org>
 2025-06-20 13:05:11 -05:00
Tod Beardsley 21e093a41f Slightly better module popularity counter 
Signed-off-by: Tod Beardsley <todb@hugesuccess.org>
 2025-06-20 12:41:08 -05:00
adfoster-r7 04a6185f3a Merge pull request #20329 from cgranleese-r7/runs-layout-rubocop-on-modules 
Runs Rubocop to fix layout in modules
 2025-06-20 16:59:31 +01:00