2839 Commits

Author	SHA1	Message	Date
Christophe De La Fuente	d3057f15b2	Land #17275, Add Exploit For CVE-2022-41082 (ProxyNotShell)	2022-11-30 18:16:19 +01:00
h00die	b866917ee1	review	2022-11-22 16:57:01 -05:00
h00die	637ad5f809	make ducky more psh friendly	2022-11-21 17:55:48 -05:00
h00die	29b7fa5336	ducky_script format for msfvenom	2022-11-18 17:02:52 -05:00
Spencer McIntyre	29d57dde66	Consolidate into ProxyMaybeShell	2022-11-18 17:01:01 -05:00
Spencer McIntyre	fc7594dbc8	Add exploit for CVE-2022-41082 AKA ProxyNotShell	2022-11-18 17:00:27 -05:00
h00die	4c958546b5	update wordpress plugins and themes lists	2022-11-11 10:37:26 -05:00
Spencer McIntyre	189cc81abe	Apply autopep8 changes	2022-10-31 10:35:28 -04:00
Spencer McIntyre	d8dfee5864	Move the python code into python files	2022-10-31 10:35:28 -04:00
Spencer McIntyre	7aa62bfecd	Land #17071, Add in new LDAP queries ... Add in new LDAP queries to help with various attack paths	2022-10-24 09:18:41 -04:00
Spencer McIntyre	4bc98c6cc5	Fix a YAML syntax issue	2022-10-24 09:18:10 -04:00
Grant Willcox	01e4701bef	Reorder queries alphabetically and fix up errors identified during review	2022-10-21 11:18:23 -05:00
space-r7	a9c3c61aa3	Land #17050, make osx payload fileless	2022-10-20 14:13:32 -05:00
space-r7	5910afadd9	add new binary	2022-10-20 13:47:54 -05:00
adfoster-r7	6a682f4fe6	Land #16982, Update Dell iDRAC login scanner to work with v8 and v9	2022-10-14 01:40:35 +01:00
Grant Willcox	abd8ad1d7d	Restore ADCS certificate template gathering option and add in some new fields that should prove to be useful	2022-10-07 12:47:19 -05:00
Grant Willcox	33dc2f1109	Add in DNS zone enumeration option	2022-10-07 12:47:12 -05:00
Grant Willcox	bbf8017570	Add in references for the various queries	2022-10-07 12:47:10 -05:00
Grant Willcox	e7fbda96e3	Add in new LDAP queries to help with various attack paths	2022-10-07 12:47:10 -05:00
h00die	c6e18ee469	cve-2022-1329	2022-10-02 15:59:58 -04:00
bwatters	c17c78bc0f	Land #16995, Add TrustedSec's COFFLoader as Meterpreter Extension ... Merge branch 'land-16995' into upstream-master	2022-09-30 14:14:39 -05:00
bwatters	e27dbd2787	Land #16794,Add exploit for CVE-2022-34918 ... Merge branch 'land-16794' into upstream-master	2022-09-27 16:37:52 -05:00
h00die	0bcdc3fadb	idrac login updates	2022-09-20 16:20:24 -04:00
Spencer McIntyre	37d3c296ad	Add compiler support when mingw is available	2022-09-15 16:06:25 -04:00
Grant Willcox	a41ec9388f	Land #16725, Add ManageEngine ADAudit Plus and DataSecurity Plus Xnode enum modules, docs and mixin (CVE-2020–11532)	2022-09-01 08:46:36 -05:00
Grant Willcox	9dcbf55ea8	Update ldap_query logic to handle binary data	2022-08-29 15:34:18 -05:00
Spencer McIntyre	ae5a9bd41b	Land #16734, Add rtf support to cve-2022-30190 ... Add rtf support to cve-2022-30190 AKA Follina	2022-08-25 17:26:46 -04:00
Grant Willcox	109065e7c7	Fix up LDAP query syntax for some queries	2022-08-24 16:59:13 -05:00
Spencer McIntyre	e03f479659	Add a couple of ADCS related queries	2022-08-24 15:13:19 -04:00
Spencer McIntyre	3c495770b8	Allow configuring a base_dn prefix	2022-08-24 15:13:16 -04:00
Grant Willcox	97bce45e69	Land #16915, Add exploit for CVE-2022-23277 (Exchange RCE)	2022-08-19 11:11:46 -05:00
Spencer McIntyre	62ab42b797	Update vulnerable version numbers and docs	2022-08-17 08:55:46 -04:00
bcoles	e6d4a80e0f	data: powershell: msflag.ps1: Remove "from Metasploit" from flag message	2022-08-12 17:30:40 +10:00
bcoles	4d4f7b8c55	mv scripts/ps/msflag.ps1 data/post/powershell/msflag.ps1	2022-08-08 18:00:36 +10:00
ErikWynter	d6dabd4bfb	additional code review improvements for xnode auxiliary modules/lib/docs	2022-07-28 15:12:00 +03:00
Redouane NIBOUCHA	78dae84871	Updates to the C source code (execl instead of execve, removal of some old comments)	2022-07-25 22:18:47 +02:00
Grant Willcox	14e3c694ff	Fix default LDAP query descriptions due to some typos	2022-07-22 12:13:14 -05:00
Redouane NIBOUCHA	37f1fdd47b	Add module docs, add Ubuntu 22.04 offsets, update check method	2022-07-22 03:30:03 +02:00
Redouane NIBOUCHA	73db035e57	Add more offsets to the exploit, clean up the exploit C source, add check method	2022-07-21 01:22:20 +02:00
Redouane NIBOUCHA	fe2e413426	Add exploit for CVE-2022-34918	2022-07-20 13:51:22 +02:00
Spencer McIntyre	25f50e607c	Reduce code, be more permissive ... This makes a few changes that should enable the module to function better should it be dropped into a fresh MSF installation on its own.	2022-07-15 16:29:17 -05:00
Grant Willcox	c5f2507ee0	Fix up usage of the word columns where attributes was more appropriate. Also update the multi query logic to match new data format as it was broken before as a result of changes to file format. Finally remove extra parameters that are no longer needed.	2022-07-15 16:28:43 -05:00
Grant Willcox	8c236e789e	Rename files to follow proper format. Add in documentation for examples. Then update code so we use Msf::Config.get_config_root to store the config file that we parse to get the actions outside of a Git tracked location. We will still use the default file to populate this non-git tracked location if its not already populated though.	2022-07-15 16:28:43 -05:00
Grant Willcox	3c56e272a1	Remove default actions and move them to default.yaml, then update code accordingly. Also update the initialization code so it will now load the possible actions dynamically from default.yaml.	2022-07-15 16:28:37 -05:00
bwatters	ef9f5ca463	Add rtf support to cve-2022-30190 AKA Follina	2022-06-30 17:30:06 -05:00
kalba-security	ba83b1bdf5	add manageengine adaudit plus and datasecurity plus xnode enum modles and manageengine_xnode lib	2022-06-10 10:32:25 -04:00
bwatters	c751ef46c9	Land #16635, Add 0-day MSWord RCE #Follina CVE-2022-30190 ... Merge branch 'land-16635' into upstream-master	2022-06-06 14:41:31 -05:00
RAMELLA Sébastien	97921b4ed9	fix chmod 644	2022-05-30 22:11:35 +04:00
RAMELLA Sébastien	dfc226cf5f	add. Supposed 0day MSWord RCE	2022-05-30 21:23:18 +04:00
ssst0n3	246a3604b8	set the org to be 0x400000	2022-05-13 10:50:19 +08:00