8331f4d2ad
Adds wiki guide for session searching
...
Also tweaks an error message
add readme to directory
2023-10-23 15:33:53 -05:00
7baabd08db
Land #18364 , Add support for filtering sessions
2023-10-19 16:40:42 +01:00
b4b73529d3
add -e flag for stale sessions
...
remove single flag
pivot to search flag
added support for search session type
adds search session id support
remove stale references
reshuffle code
fix time parsing, add command support
fix search list, reduce duplicated code
testing added
killall with search lists table of killed sessions
sessions are no longer represented by ids
addresses feedback on code structure and search behavior
some test reshuffling, switch raised errors to printed ones
add checkin validation, rest of cmd_sessions tests
add time parsing test
refactoring
test reformatting and adjusted error validation
make error handling more explicit, add test context
fixes
sub quotes, make constant
rubocopping
switch before and after to greater than and less than
mbetter incorporate constants
update example
2023-10-19 09:41:18 -05:00
bb19151891
Land #17689 , adding a new column cracked password in creds command to show cracked passwords
2023-10-13 12:25:51 +01:00
05dd2e1473
Land #18351 , Apache Superset RCE (CVE-2023-37941)
2023-10-12 17:10:10 -04:00
6aeffa5a17
Land #18363 , Add support to msfvenom for "-f octal
...
Merge branch 'land-18363' into upstream-master
2023-10-03 16:21:57 -05:00
50e4269c05
Land #18338 , Get crackable ASREP hashes
...
This PR fixes the ASREP roasting workflow and resolves
issue #17988 .
2023-10-02 13:26:43 -04:00
5087e0ffe3
Land #18197 , Ldap login scanner module
...
Adds a new login scanner module for LDAP
2023-10-02 10:56:56 -04:00
76a25c6937
Don't store creds for successful schannel ldap auth
2023-10-02 13:42:25 +01:00
1b25ae5e14
Add comment explaining UNSUPPORTED_LANGS in spec.
2023-09-21 08:53:26 -06:00
75e9a0a834
Add support for base32/64 comments.
...
* Explicitly documents lack of support for VB style comments.
2023-09-21 08:50:58 -06:00
a7f2165029
Send default etypes first, and fall back to RC4 if it doesn't require pre-auth
2023-09-21 21:22:25 +10:00
1d2dde9f81
Add comment support for "octal" format.
...
* Adds failing test that discovers several additional violations.
2023-09-20 17:24:00 -06:00
91ce4c3d9d
Add new spec for Msf::Simple::Payload.
2023-09-20 14:29:47 -06:00
1609836ea2
Don't store passwords to creds if the password wasn't needed for the auth type
2023-09-20 14:30:06 +01:00
c1a44c8b7f
Land #18359 , Forge ticket fix
2023-09-18 13:05:25 +01:00
1d51514730
Add spec for format without comment support.
2023-09-15 12:35:45 -06:00
1378bfbfc7
Land #18294 , pick up netifaces updates, improve error catching
2023-09-15 13:04:26 +01:00
ba9f879f64
Land #18369 , Fix opt address local crash when ipaddr is nil
2023-09-15 11:09:43 +01:00
46832abd49
Land #18358 , Add a Thrift RPC client
...
This PR adds a Thrift RPC client and updates
two modules to make use of the new addition.
2023-09-14 19:01:13 -04:00
871e1f401b
Fix OptAddressLocal crash when IPAddr is nil
2023-09-14 23:10:20 +01:00
0368b23af9
Add some basic specs for the client too
2023-09-14 17:45:09 -04:00
bf9ef45c45
Add some specs for thrift data types
2023-09-14 17:16:32 -04:00
619a46d450
working hashes for apache superset rce
2023-09-14 13:21:01 -04:00
4bff7ddea1
Adds new search keywords to msfconsole
2023-09-13 16:41:05 +01:00
483e8175ca
Update unit tests
2023-09-13 14:11:18 +10:00
28c4902f4a
Land #18180 , Flask unsign library, related modules
...
Apache Supserset Priv Esc (CVE-2023-27524) and Flask unsign Library
2023-09-12 19:02:30 -04:00
a13d45ec2d
add unit test
2023-09-11 12:14:26 -05:00
586f27f44a
Fix issue with username generation always adding domain
2023-09-11 16:35:31 +01:00
1af852b240
Add remote ldap specs
2023-09-11 16:33:01 +01:00
7a06ad8d5d
Add ldap login scanner specs
2023-09-11 16:33:01 +01:00
235c142274
Merge remote-tracking branch 'origin/flask_unsign' into flask_unsign
2023-09-11 10:27:00 -04:00
fdae4953eb
Land #18290 , Prometheus API & Prometheus Node Exporter Interrogator
...
Merge branch 'land-18290' into upstream-master
2023-09-08 12:55:30 -05:00
143e1c82b5
Add validation functionality to FlaskUnsign
2023-09-07 16:19:58 -04:00
213b9f9589
Merge remote-tracking branch 'upstream/master' into flask_unsign
2023-09-06 15:39:37 -04:00
f27439760d
Update mock for unit tests
2023-09-04 10:47:06 +10:00
8217745a85
Land #18257 , Apache nifi h2 rce (CVE-2023-34468)
2023-08-30 13:37:37 +02:00
091c07258b
Land #18298 , Sort addresses
...
Ensure datastore network adapter names are consistently resolved
2023-08-23 09:08:03 -04:00
da3ef0a6f9
Ensure datastore network adapter names are consistently resolved
2023-08-21 00:21:37 +01:00
1878c08293
Land #18276 , Add sasl scram 256 auth support to postgres modules
2023-08-18 14:34:51 +01:00
d84c15cf21
lib and spec updates
2023-08-17 15:29:20 -04:00
97a6fc9549
tables and screen width, ugh
2023-08-16 17:23:31 -04:00
d75c53fffe
prometheus api gather
2023-08-15 20:30:54 -04:00
7629c7d0f4
prometheus node exporter library
2023-08-15 20:30:54 -04:00
e6d1a20a05
Use ruby-mysql for MySQL login scanner
2023-08-14 21:34:41 +02:00
98ac76d54f
Add sasl scram 256 auth support to postgres modules
2023-08-09 16:41:01 +01:00
5756241fb3
Land #18223 , Fix broken msfconsole histories when switching between shell sessions
2023-08-03 16:40:01 +01:00
9932aaaaaa
Add specs for resetting password list when username is specified
2023-07-31 16:22:08 +01:00
449af8daa7
Fix broken msfconsole histories when switching between shell sessions
2023-07-27 16:12:57 +01:00
3d3e2a9e2d
apache supserset exploit
2023-07-11 15:19:33 -04:00
Zach Goldman