adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,051 Commits 27 Branches 1,043 Tags
052d233bd973e6a7e8b39da038962ceffa4cc6de
Commit Graph

5167 Commits

Author SHA1 Message Date
bwatters 052d233bd9 Land #17006, Gather_RedisDesktopManager_Password 
Merge branch 'land-17006' into upstream-master
 2022-10-03 15:10:30 -05:00
Jack Heysel 9ad513dade Land #16933, Thycotic Secret Server post module 
This PR adds a post exploitation module that exports
and decrypts Thycotic Secret Server credentials
 2022-09-30 13:16:05 -04:00
bwatters 9e74b9887d Land #17048, enum_tokens: Cleanup 
Merge branch 'land-17048' into upstream-master
 2022-09-29 15:58:46 -05:00
jheysel-r7 e06acc7df0 Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md 2022-09-29 13:59:01 -04:00
jheysel-r7 e8d4bcdcc6 Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md 2022-09-29 13:58:37 -04:00
jheysel-r7 713d63654b Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md 2022-09-29 13:58:22 -04:00
bwatters 76c6632305 Land #16673, qdPM 9.1 - Authenticated Remote Code Execution (CVE-2020-7246) 
Merge branch 'land-16673' into upstream-master
 2022-09-29 09:46:27 -05:00
Jack Heysel 379f303ea8 Land #17061, Mobile Mouse Server RCE 
This PR includes a module that uses default
configuration in Unified Remote to spawn a
run prompt and return a shell.
 2022-09-28 10:48:41 -04:00
bwatters e27dbd2787 Land #16794,Add exploit for CVE-2022-34918 
Merge branch 'land-16794' into upstream-master
 2022-09-27 16:37:52 -05:00
bwatters 3170eac829 Land #16981, enum_domain_tokens: Cleanup and fix group member retrieval 
Merge branch 'land-16981' into upstream-master
 2022-09-27 09:47:34 -05:00
h00die a39b1c9fe5 msftidy_docs 2022-09-26 15:56:43 -04:00
h00die 61f576d3e1 mobile mouse server exploit 2022-09-26 15:45:42 -04:00
Grant Willcox a48c2d9e72 Land #17033, hikvision password reset via inproper authorization logic - CVE-2017-7921 2022-09-23 15:01:04 -05:00
Grant Willcox 0908006466 Land #16985, wifi mouse rce - CVE-2022-3218 2022-09-23 14:46:49 -05:00
Grant Willcox b62f163696 Update documentation on module and exploit a little more to make things a bit clearer 2022-09-23 14:08:18 -05:00
Grant Willcox 2958a43a6a Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored 2022-09-23 12:19:29 -05:00
Jack Heysel 2b5e85cd27 Land #17012, Veritas Backup Agent RCE 
This module exploits a chain of the vulnerabilities CVE-2021-27876,
CVE-2021-27877 and CVE-2021-27878 in Veritas Backup Exec Agent which
leads to remote code execution with privileges of system or root user
 2022-09-23 12:31:46 -04:00
h00die-gr3y f2d357eda1 updated documentation with camera specifications 2022-09-23 09:38:37 -05:00
Grant Willcox edc37835e5 Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review 2022-09-23 09:38:35 -05:00
Grant Willcox 3ca34568c2 Clean up some of the documentation and module code and descriptions 2022-09-23 09:38:12 -05:00
h00die-gr3y 5ed7ff7f52 init commit module and documentation 2022-09-23 09:38:05 -05:00
alex d5dcca899d Fix description scenario 2022-09-23 10:51:36 +03:00
cgranleese-r7 c74f480177 Land #17049, enum_domain_group_users module clean up 2022-09-22 17:51:12 +01:00
cgranleese-r7 0029628db8 Land #17051, wmic_command module cleanup 2022-09-22 16:17:33 +01:00
Jack Heysel 12f3325f3e Land #16732, VIDIdial Multiple SQLi 
This PR adds a module which exploits several
authenticated sqli in VICIdial
 2022-09-22 10:47:42 -04:00
bcoles ce48afd0db wmic_command: Cleanup 2022-09-23 00:25:13 +10:00
bcoles 9eab7eadab enum_domain_group_users: Cleanup 2022-09-22 17:05:19 +10:00
bcoles eef42884e0 enum_tokens: Cleanup 2022-09-22 12:04:24 +10:00
h00die 6d608ea41e vicidial sqli module docs update 2022-09-21 16:57:18 -04:00
h00die eb516f402e wifi mouse doc updates 2022-09-21 16:38:50 -04:00
h00die 32402c0e6d wifi mouse doc updates 2022-09-21 16:35:08 -04:00
Grant Willcox 605db0160d Fix up documentation 2022-09-21 15:02:04 -05:00
Spencer McIntyre 415383b48d Land #17042, Add exploit for CVE-2022-36804 2022-09-21 13:07:32 -04:00
Christophe De La Fuente 4943d86ec6 Land #16989, Unified Remote RCE 2022-09-21 14:06:33 +02:00
space-r7 f2e003cdb0 add documentation 2022-09-20 18:45:48 -05:00
Grant Willcox bd4a062e5f Land #17023, Fix #16999 by using a compatible default action 2022-09-19 17:33:01 -05:00
Grant Willcox 5d7c7b0a09 Update documentation and change up the code to use action.name vs datastore['ACTION'] since that is no longer populated 2022-09-19 17:31:51 -05:00
bwatters 88f14950a0 Land #16688, Add Mimipenguin 
Merge branch 'land-16688' into upstream-master
 2022-09-19 12:43:16 -05:00
h00die 271171f6d2 unified now with invisible feature 2022-09-18 19:02:59 -04:00
Spencer McIntyre eae1adb8bb Add getsystem module docs 2022-09-16 14:59:50 -04:00
Grant Willcox cee6b6a111 Land #17003, enum_patches: Cleanup, print patches as table, store patches as CSV 2022-09-15 18:07:11 -05:00
Grant Willcox d278d6aa81 Add in missing require to make module work, then fix up some minor things observed during review process 2022-09-15 17:44:25 -05:00
Christophe De La Fuente 52ff168c5e Land #16914, Add PAN-OS auth command injection module (CVE-2020-2038) 2022-09-15 17:58:07 +02:00
Grant Willcox e7d2fdfe0a Rename module and fix up some issues with documentation 2022-09-14 17:03:42 -05:00
Grant Willcox a7b049510b Relocate documentation file to proper location and update documentation a little bit to explain some cases 
Update documentation with proper explanation of how to add users since last one was adding users to the wrong table.
 2022-09-13 16:12:21 -05:00
Jack Heysel 6c27c05d10 parent 3892d29cc5 
author Jack Heysel <jack_heysel@rapid7.com> 1658964871 -0400
committer Grant Willcox <gwillcox@rapid7.com> 1663093141 -0500
gpgsig -----BEGIN PGP SIGNATURE-----

 iQIzBAABCgAdFiEEMZiWHhSP9eUn4xpf014FwPK4HoMFAmMgyZUACgkQ014FwPK4
 HoP5RxAAjvQs9/bVQSVJXMNVxa5J3Tefi+BnkJyxUAABsYJR/KpKfHMzGxhdA9ED
 Rc48cKuaGRscorSdNZJPtRMs1JlrvYLbovTomUoOuyZypKInNdkIhjo24WyandBX
 5f4AgmsKFtnfFnxAHQ/jsq25Sa0hgDS/x64q1+aFMupZzm7o9xJrMokqPIu8C1hC
 AhdV1jx3xP7jTpTz2YDOUPM3WNZINFNJHZU5JtdCIfciJX1oCbkEdzUZFiiZg6Ui
 fZEUDAVQrkZfhcTrLYBBTOgalMjmM4gM9q/X0vHTm6XbEuNN69diw7t3Z7Qa2maY
 FU3N8E5mDy2ebpRWF4FOHa3KwEcUwpx17/sIJOfhlFRFazxVDR6DGch4GQg0r5lz
 VVN7GEMPqepyCJcBTaagpeeyw/pM/peysrC04amd5ash/6sQ5whS8xIJW1jeN/nf
 rVTwJs1kzy28t0wLqeHB+j4OZNm+hqZYrZ0A9VcJT5EBArG8Zlgr+xXcFXhONBk8
 GZe/yiMsHPPv+vfSvOo/JVZAbIXpcFRzHjbs1JjFVQq635bWceGWs72xHNEKlssC
 MtaL1h0wzV7BilBL2ohMY0ou/gDTqWao3xYGvqfxgYBy/6IQCcV2SmPYLNel+VEt
 sc7fqO5R+R/HDUWHv1bEfYKebgaX6pqrzgrqaxwGd6vmSHEEslU=
 =BXw+
 -----END PGP SIGNATURE-----

Initial changes

Add in documentation improvements for installation

Update Docker install instructions again and also fix a bug with too strict checking on a cookie

Move module into gather type module, remove the scanner import, and update the documentation accordingly so that the check method can work

Updated docs
 2022-09-13 16:08:57 -05:00
Jack Heysel 1c99daa836 Updated error handling 2022-09-13 12:40:59 -04:00
c0rs efbe06f944 Add module Veritas Backup Exec Agent Remote Code Execution 2022-09-13 18:18:52 +03:00
Christophe De La Fuente 3c9b57c415 Land #16911, enum_ms_product_keys: Cleanup and support non-meterpreter sessions 2022-09-13 16:06:55 +02:00
Spencer McIntyre 6467fb3a8f Land #16906, enum_snmp improvements 
enum_snmp: Cleanup and support non-Meterpreter sessions
 2022-09-13 09:05:15 -04:00