024fc87b4c
Land #17272 , Add F5 MCP post module
...
Add F5 MCP post module
2022-12-12 14:20:31 -05:00
aaef7726db
Land #17330 , Fix enumerating emails via ProxyShell
2022-12-06 14:02:53 +01:00
1fec75621c
Fix up documentation from review
2022-12-05 14:04:22 -06:00
96da805014
Fix enumerating emails via ProxyShell
...
The ResolveNames endpoint used to gather emails addresses for targeting
only returns 100 at a time. This updates the module to check if the
search result contains all entries and when it does, it recurses into
itself with a refined search prefix. All results are returned to match
the original functionality instead of enumerating and halting once one
that's suitable for exploitation has been found.
2022-12-02 15:58:50 -05:00
d3057f15b2
Land #17275 , Add Exploit For CVE-2022-41082 (ProxyNotShell)
2022-11-30 18:16:19 +01:00
e981dde15f
Move the mcp-objects out of the class and into a data/ file (per Jeffrey's request)
2022-11-23 12:49:00 -08:00
b866917ee1
review
2022-11-22 16:57:01 -05:00
637ad5f809
make ducky more psh friendly
2022-11-21 17:55:48 -05:00
29b7fa5336
ducky_script format for msfvenom
2022-11-18 17:02:52 -05:00
29d57dde66
Consolidate into ProxyMaybeShell
2022-11-18 17:01:01 -05:00
fc7594dbc8
Add exploit for CVE-2022-41082 AKA ProxyNotShell
2022-11-18 17:00:27 -05:00
4c958546b5
update wordpress plugins and themes lists
2022-11-11 10:37:26 -05:00
189cc81abe
Apply autopep8 changes
2022-10-31 10:35:28 -04:00
d8dfee5864
Move the python code into python files
2022-10-31 10:35:28 -04:00
7aa62bfecd
Land #17071 , Add in new LDAP queries
...
Add in new LDAP queries to help with various attack paths
2022-10-24 09:18:41 -04:00
4bc98c6cc5
Fix a YAML syntax issue
2022-10-24 09:18:10 -04:00
01e4701bef
Reorder queries alphabetically and fix up errors identified during review
2022-10-21 11:18:23 -05:00
a9c3c61aa3
Land #17050 , make osx payload fileless
2022-10-20 14:13:32 -05:00
5910afadd9
add new binary
2022-10-20 13:47:54 -05:00
6a682f4fe6
Land #16982 , Update Dell iDRAC login scanner to work with v8 and v9
2022-10-14 01:40:35 +01:00
abd8ad1d7d
Restore ADCS certificate template gathering option and add in some new fields that should prove to be useful
2022-10-07 12:47:19 -05:00
33dc2f1109
Add in DNS zone enumeration option
2022-10-07 12:47:12 -05:00
bbf8017570
Add in references for the various queries
2022-10-07 12:47:10 -05:00
e7fbda96e3
Add in new LDAP queries to help with various attack paths
2022-10-07 12:47:10 -05:00
c6e18ee469
cve-2022-1329
2022-10-02 15:59:58 -04:00
c17c78bc0f
Land #16995 , Add TrustedSec's COFFLoader as Meterpreter Extension
...
Merge branch 'land-16995' into upstream-master
2022-09-30 14:14:39 -05:00
e27dbd2787
Land #16794,Add exploit for CVE-2022-34918
...
Merge branch 'land-16794' into upstream-master
2022-09-27 16:37:52 -05:00
0bcdc3fadb
idrac login updates
2022-09-20 16:20:24 -04:00
37d3c296ad
Add compiler support when mingw is available
2022-09-15 16:06:25 -04:00
a41ec9388f
Land #16725 , Add ManageEngine ADAudit Plus and DataSecurity Plus Xnode enum modules, docs and mixin (CVE-2020–11532)
2022-09-01 08:46:36 -05:00
9dcbf55ea8
Update ldap_query logic to handle binary data
2022-08-29 15:34:18 -05:00
ae5a9bd41b
Land #16734 , Add rtf support to cve-2022-30190
...
Add rtf support to cve-2022-30190 AKA Follina
2022-08-25 17:26:46 -04:00
109065e7c7
Fix up LDAP query syntax for some queries
2022-08-24 16:59:13 -05:00
e03f479659
Add a couple of ADCS related queries
2022-08-24 15:13:19 -04:00
3c495770b8
Allow configuring a base_dn prefix
2022-08-24 15:13:16 -04:00
97bce45e69
Land #16915 , Add exploit for CVE-2022-23277 (Exchange RCE)
2022-08-19 11:11:46 -05:00
62ab42b797
Update vulnerable version numbers and docs
2022-08-17 08:55:46 -04:00
e6d4a80e0f
data: powershell: msflag.ps1: Remove "from Metasploit" from flag message
2022-08-12 17:30:40 +10:00
4d4f7b8c55
mv scripts/ps/msflag.ps1 data/post/powershell/msflag.ps1
2022-08-08 18:00:36 +10:00
d6dabd4bfb
additional code review improvements for xnode auxiliary modules/lib/docs
2022-07-28 15:12:00 +03:00
78dae84871
Updates to the C source code (execl instead of execve, removal of some old comments)
2022-07-25 22:18:47 +02:00
14e3c694ff
Fix default LDAP query descriptions due to some typos
2022-07-22 12:13:14 -05:00
37f1fdd47b
Add module docs, add Ubuntu 22.04 offsets, update check method
2022-07-22 03:30:03 +02:00
73db035e57
Add more offsets to the exploit, clean up the exploit C source, add check method
2022-07-21 01:22:20 +02:00
fe2e413426
Add exploit for CVE-2022-34918
2022-07-20 13:51:22 +02:00
25f50e607c
Reduce code, be more permissive
...
This makes a few changes that should enable the module to function
better should it be dropped into a fresh MSF installation on its own.
2022-07-15 16:29:17 -05:00
c5f2507ee0
Fix up usage of the word columns where attributes was more appropriate. Also update the multi query logic to match new data format as it was broken before as a result of changes to file format. Finally remove extra parameters that are no longer needed.
2022-07-15 16:28:43 -05:00
8c236e789e
Rename files to follow proper format. Add in documentation for examples. Then update code so we use Msf::Config.get_config_root to store the config file that we parse to get the actions outside of a Git tracked location. We will still use the default file to populate this non-git tracked location if its not already populated though.
2022-07-15 16:28:43 -05:00
3c56e272a1
Remove default actions and move them to default.yaml, then update code accordingly. Also update the initialization code so it will now load the possible actions dynamically from default.yaml.
2022-07-15 16:28:37 -05:00
ef9f5ca463
Add rtf support to cve-2022-30190 AKA Follina
2022-06-30 17:30:06 -05:00
Spencer McIntyre