adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity
78,211 Commits 27 Branches 1,043 Tags
add-database-ref-opts-for-kerberos-and-pkcs12
Commit Graph

78211 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
adfoster-r7 d13dc197b7 Add database ref opts for kerberos and pkcs12 2025-08-18 11:13:13 +01:00
Diego Ledda be3d77715e Merge pull request #20382 from Chocapikk/depicter-fix 
Fix `auxiliary/gather/wp_depicter_sqli_cve_2025_2011`
 2025-08-18 12:08:45 +02:00
jenkins-metasploit bcc59f1ec7 automatic module_metadata_base.json update 2025-08-16 00:04:52 +00:00
jheysel-r7 0830de8404 Merge pull request #20471 from zeroSteiner/feat/mod/ldap/esc-finder-updates 
Update the ldap_esc_vulnerable_cert_finder to check enrollment permissions
 2025-08-15 16:52:29 -07:00
Spencer McIntyre 170fbcb2bd Add two more report filters 2025-08-15 15:34:13 -04:00
Spencer McIntyre 1c41c734f0 Fix a missing ESC16 check 2025-08-15 15:11:52 -04:00
Spencer McIntyre 25c72d4858 Handle some edge cases in report filtering 2025-08-15 14:49:48 -04:00
Spencer McIntyre f3719b884a Document the new report filtering option 2025-08-15 11:57:30 -04:00
Spencer McIntyre c8f72a83c0 Refactor to remove redundant code 2025-08-15 11:57:30 -04:00
Spencer McIntyre 2338ad7c84 Implement the desired filtering 2025-08-15 11:57:30 -04:00
Spencer McIntyre fa33c84612 Evaluate permissions for templates and CAs 2025-08-15 11:57:30 -04:00
Spencer McIntyre 13b3af325f Apply the ACEs for Authenticated Users 2025-08-15 11:57:30 -04:00
cgranleese-r7 c843e36402 Merge pull request #20469 from adfoster-r7/improve-kerberos-file-load-error-messages 
Improve Kerberos file load error messages
 2025-08-15 12:51:52 +01:00
adfoster-r7 bebb43f8f6 Improve kerberos file load error messages 2025-08-15 12:38:45 +01:00
Diego Ledda 487c204b52 Merge pull request #20381 from h00die/persistence_phase_1 
Persistence libraries/Mixins
 2025-08-15 12:40:55 +02:00
Metasploit 996b1d0632 Bump version of framework to 6.4.82 2025-08-14 16:20:34 -05:00
Metasploit 6ef226f43e Bump version of framework to 6.4.81 6.4.81 2025-08-14 13:39:23 -05:00
jenkins-metasploit b59fd1c61a automatic module_metadata_base.json update 6.4.80 2025-08-13 10:07:02 +00:00
Diego Ledda eb003f704d Merge pull request #20386 from xHector1337/payload/windows/x64/download_exec 
Port payload/windows/download_exec to x64
 2025-08-13 11:58:22 +02:00
jenkins-metasploit 7ca82b47fb automatic module_metadata_base.json update 2025-08-12 19:37:04 +00:00
jheysel-r7 8251d89e92 Merge pull request #20400 from msutovsky-r7/exploit/pivotx-rce 
Adds module for PivotX RCE (CVE-2025-52367)
 2025-08-12 12:28:28 -07:00
Jack Heysel 0273f1474f Added incorrect creds check 2025-08-12 10:42:46 -07:00
jenkins-metasploit 3e882a3767 automatic module_metadata_base.json update 2025-08-12 16:30:43 +00:00
jheysel-r7 e59a24823b Merge pull request #20387 from h00die-gr3y/wazuh-auth-rce 
Wazuh Server authenticated RCE [CVE-2025-24016]
 2025-08-12 09:22:22 -07:00
jheysel-r7 4200f51fdf Merge pull request #20445 from zeroSteiner/feat/lib/ldap-adds/2 
Don't look up the local system SID
 2025-08-12 07:59:10 -07:00
jenkins-metasploit e1407833c2 automatic module_metadata_base.json update 2025-08-12 10:34:11 +00:00
cgranleese-r7 ec7d47c271 Merge pull request #20461 from adfoster-r7/improve-login-summary-for-ldap-scanner 
Improve login summary for ldap schannel scanner
 2025-08-12 11:25:50 +01:00
Diego Ledda 3122426ebe Update modules/payloads/singles/windows/x64/download_exec.rb 
update cache size
 2025-08-12 11:39:44 +02:00
Umut abe932cdee Update payloads_spec.rb 2025-08-12 12:34:47 +03:00
Diego Ledda b6d9172d5b chore(rubocop): remove extra white-space 2025-08-12 11:05:21 +02:00
dwelch-r7 9dee394cab Merge pull request #20463 from adfoster-r7/update-display-module-action-wording 
Update display module action wording
 2025-08-11 17:50:09 +01:00
dwelch-r7 003870e295 Merge pull request #20462 from adfoster-r7/fix-error-in-kerberos-authenticator 
Fix logging error in kerberos authenticator
 2025-08-11 17:49:31 +01:00
adfoster-r7 7c3ba83dd4 Update display module action wording 2025-08-11 17:02:35 +01:00
adfoster-r7 332a55cb4f Fix error in kerberos authenticator 2025-08-11 16:48:37 +01:00
adfoster-r7 a1630c0b81 Improve login summary for ldap schannel scanner 2025-08-11 16:47:02 +01:00
jenkins-metasploit 3817ed2e70 automatic module_metadata_base.json update 2025-08-11 15:02:00 +00:00
adfoster-r7 2734daec0f Merge pull request #20459 from adfoster-r7/consolidate-pkcs12-cert-file-reads 
Consolidate pkcs12 cert file reads
 2025-08-11 15:53:38 +01:00
adfoster-r7 ced20bf15a Consolidate pkcs12 cert file reads 2025-08-11 14:28:47 +01:00
cgranleese-r7 d25fd0825c Merge pull request #20458 from adfoster-r7/fix-rendering-issue-on-kerberos-docs 
Fix rendering issue on kerberos docs
 2025-08-11 13:10:59 +01:00
Umut af0fe9e5cc run rubocop -A 2025-08-11 14:22:28 +03:00
adfoster-r7 093d9f9a99 Fix rendering issue on kerberos docs 2025-08-11 12:13:53 +01:00
msutovsky-r7 b23775124b Land #20451, adds support for lwp-request GET fetch adapter 
Msf::Payload::Adapter::Fetch: Add lwp-request GET fetch adapter
 2025-08-11 12:54:41 +02:00
Metasploit b8dad8d85f Bump version of framework to 6.4.80 2025-08-08 10:16:11 -05:00
jenkins-metasploit 5e6d442860 automatic module_metadata_base.json update 6.4.79 2025-08-07 13:46:28 +00:00
msutovsky-r7 e8b441a5d3 Land #20012, MeterpreterOptions break-up and default extension loading removal 
MeterpreterOptions break-up and default extension loading removal
 2025-08-07 15:28:56 +02:00
jenkins-metasploit 6a26428029 automatic module_metadata_base.json update 2025-08-07 06:46:55 +00:00
msutovsky-r7 9caa2be9a2 Land #20399, adds module for Pandora ITSM authenticated RCE (CVE-2025-4653) 
Pandora ITSM auth RCE [CVE-2025-4653]
 2025-08-07 08:37:45 +02:00
jenkins-metasploit 41698afa32 automatic module_metadata_base.json update 2025-08-06 19:33:05 +00:00
Brendan b6dc0860e7 Merge pull request #20409 from sfewer-r7/sharepoint-hax 
Exploit module for Microsoft SharePoint ToolPane Unauthenticated RCE (CVE-2025-53770 and CVE-2025-53771)
 2025-08-06 14:24:28 -05:00
sfewer-r7 0a923a611d reword the language around our usage of CVE-2025-53770 to make it clear that this module is leveraging the authentication bypass for both CVE-2025-49706 and CVE-2025-53771, and the unsafe deserialization for CVE-2025-49704. 2025-08-06 15:33:57 +01:00