adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,922 Commits 27 Branches 1,043 Tags
1e4527d8338b4f431cdc8011c052d3744e29d7ed
Commit Graph

78922 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Valentin Lobstein 1e4527d833 Synchronize local server SSL with DTD_PROTO option instead of forcing HTTP 2025-11-27 22:11:50 +01:00
Valentin Lobstein dd06d4c120 Replace sleep(2) with retry_until_truthy for XXE trigger and add configurable timeout option 2025-11-27 21:37:39 +01:00
Valentin Lobstein 9647236b42 Make SSL configurable via datastore and improve comment accuracy 2025-11-27 21:35:05 +01:00
Valentin Lobstein f4ec54f25e Fix: Make FILE and LOG_PATH required options and improve formatting 2025-11-27 21:33:09 +01:00
Valentin Lobstein ad2bf62939 Randomize XXE entity name in N-able N-Central module 2025-11-22 04:39:29 +01:00
Valentin Lobstein 4e02af64cc Fix N-able N-Central XXE module: improve file extraction, combine report methods, fix SSL handling 2025-11-22 04:37:38 +01:00
Valentin Lobstein 9734a69ae8 Add N-able N-Central authentication bypass and XXE scanner module (CVE-2025-9316, CVE-2025-11700) 2025-11-21 00:18:12 +01:00
jenkins-metasploit 3576e2bcef automatic module_metadata_base.json update 2025-11-18 15:59:02 +00:00
Brendan 069de9fbf8 Merge pull request #20638 from h00die/windows_service_persistence 
update windows service to persistence mixin
 2025-11-18 09:49:06 -06:00
h00die 3209fdc937 remove old file 2025-11-17 19:03:55 -05:00
h00die 7c8fbd1672 rework windows service persistence 2025-11-17 19:02:54 -05:00
h00die a0222d0783 rework windows service persistence 2025-11-17 19:02:53 -05:00
h00die 1ad89ef1ef rewriting service 2025-11-17 19:02:53 -05:00
h00die 06f5c89bf4 throw this away 2025-11-17 19:02:53 -05:00
h00die 92e1720ad5 fix docs 2025-11-17 19:02:53 -05:00
h00die 8c211b4d4a fix sc commands in windows service persistence 2025-11-17 19:02:53 -05:00
h00die 450e1df340 windows service now with persistence mixin 2025-11-17 19:02:50 -05:00
jheysel-r7 8e642d4376 Merge pull request #20689 from zeroSteiner/feat/mod/socket-channel-tests 
Add socket channel tests
 2025-11-17 08:32:14 -08:00
jenkins-metasploit 8062673bfc automatic module_metadata_base.json update 2025-11-17 15:19:06 +00:00
Brendan c3f221e2f2 Merge pull request #20699 from sfewer-r7/fortiweb-exploit-cve 
Update auxiliary/admin/http/fortinet_fortiweb_create_admin with CVE ID and advisory URL
 2025-11-17 09:08:47 -06:00
Spencer McIntyre f2a05ad295 Run them tests 2025-11-14 16:18:47 -05:00
Spencer McIntyre 3497f70692 Fix a UDP binding error and support LHOST/RHOST 2025-11-14 15:54:30 -05:00
sfewer-r7 c1ff36668c disclosure date 2025-11-14 17:06:30 +00:00
sfewer-r7 b1327361e9 add in new CVE ID and vendor advisory 2025-11-14 17:04:33 +00:00
jenkins-metasploit 3aba23186c automatic module_metadata_base.json update 2025-11-14 15:42:34 +00:00
Brendan 9dcea0c20d Merge pull request #20698 from sfewer-r7/fortiweb-exploit 
Add an aux module for the recent FortiWeb exploit (No CVE assigned yet)
 2025-11-14 09:32:03 -06:00
jenkins-metasploit 4cd70a4d15 automatic module_metadata_base.json update 2025-11-14 13:49:09 +00:00
Spencer McIntyre 79145b5c50 Add a test module for UDP and TCP channels 2025-11-14 08:45:22 -05:00
Spencer McIntyre c000e9cfa5 Merge pull request #20687 from dwelch-r7/winrm-error-handling-improvements 
Add error handling for winrm login issues
 2025-11-14 08:39:26 -05:00
Dean Welch 771856ac6b Use print_brute over print_warning 2025-11-14 13:22:54 +00:00
sfewer-r7 06fbe46172 add in aux moduel for recent FortiWeb exploit 2025-11-14 12:02:10 +00:00
jheysel-r7 9cdf7bd9b2 Merge pull request #20695 from zeroSteiner/fix/bump-payloads/2.0.237 
Update metasploit-payloads gem to 2.0.237
 2025-11-13 09:29:56 -08:00
Spencer McIntyre b1f57b303f Update metasploit-payloads gem to 2.0.237 
Includes changes from:
* rapid7/metasploit-payloads#782
* rapid7/metasploit-payloads#781
 2025-11-13 12:11:10 -05:00
jenkins-metasploit 871ac7db61 Bump version of framework to 6.4.99 2025-11-13 11:14:45 +00:00
jenkins-metasploit 7f95c562ae automatic module_metadata_base.json update 6.4.98 2025-11-12 18:54:53 +00:00
jheysel-r7 90ff800e41 Merge pull request #20669 from stfnw/azure-ad-login-default-message 
azure_ad_login: add context to error message
 2025-11-12 10:45:32 -08:00
jenkins-metasploit 667fd73597 automatic module_metadata_base.json update 2025-11-12 11:50:09 +00:00
Diego Ledda c007d3a89f Merge pull request #20674 from msutovsky-r7/exploit/win/cve-2025-59287 
Adds module for unauthenticated deserialization in WSUS (CVE-2025-59287)
 2025-11-12 12:40:32 +01:00
jenkins-metasploit 8648398b11 automatic module_metadata_base.json update 2025-11-11 15:50:51 +00:00
Diego Ledda 29088b4712 Merge pull request #20576 from msutovsky-r7/modules/persistence/linqpad_deserialization 
Moves LINQPad module into persistence category
 2025-11-11 16:41:12 +01:00
Martin Sutovsky 9058f6676b Removes if condition 2025-11-11 11:22:31 +01:00
Spencer McIntyre b545defca5 Merge pull request #20690 from dbono-r7/patch-1 
Update named_pipes.txt
 2025-11-10 17:27:58 -05:00
dbono-r7 7aebd592ef Update named_pipes.txt 
Added the cert pipe for quick unauthenticated for likely Certificate Authority servers.
 2025-11-10 16:00:39 -06:00
Martin Sutovsky 6aeb81a499 Adds MITRE reference, updates docs 2025-11-10 18:32:13 +01:00
jheysel-r7 0c6a8c10c5 Merge pull request #20625 from h00die/fix_exploit_docs_options 
Update exploit docs to use modern h3 for options instead of original spec (bold)
 2025-11-10 08:26:03 -08:00
Martin Sutovsky fc434414d3 Randomizes XML paramater 2025-11-10 16:54:49 +01:00
cgranleese-r7 0e8fd9c603 Merge pull request #20686 from adfoster-r7/bump-mqtt-dependency 
Bump mqtt dependency
 2025-11-10 12:20:20 +00:00
Dean Welch 32874d05cf Add error handling for winrm login issues 2025-11-10 12:01:03 +00:00
adfoster-r7 e5597ee57e Bump mqtt dependency 2025-11-10 11:55:10 +00:00
h00die b646e0e044 docs editing for consistency 2025-11-07 15:42:27 -05:00