adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,922 Commits 27 Branches 1,043 Tags
1e4527d8338b4f431cdc8011c052d3744e29d7ed
Commit Graph

1029 Commits

Author SHA1 Message Date
Jack Heysel 1da518ec82 Responded to comments 2025-10-01 17:35:36 -07:00
Jack Heysel 66d59a7ddc Update reg checks when DC and CA are separate 2025-10-01 17:35:36 -07:00
Spencer McIntyre 3d1d49b71a Merge pull request #20517 from cgranleese-r7/adds-postgres-ssl-support 
Adds SSL support to the postgres_login module
 2025-09-26 08:53:47 -04:00
jheysel-r7 96a83143f1 Merge pull request #20479 from msutovsky-r7/exploit/sitecore/postauth-rce 
Adds modules for Sitecore XP post-auth remote code executions (CVE-2025-34510, CVE-2025-34511)
 2025-09-11 11:25:27 -07:00
cgranleese-r7 dbb631ffb6 Adds SSL support to the postgres_login module 2025-09-09 09:56:36 +01:00
Martin Sutovsky fa64376c5c Adds comments for login function 2025-09-01 15:50:21 +02:00
msutovsky-r7 c163cb3141 Land #20490, adds the HTTP::Auth option to HTTP modules 
This adds the `HTTP::Auth` Option to HTTP Modules
 2025-08-28 16:13:38 +02:00
Spencer McIntyre 196e19808d Add some error handling for kerberos options 2025-08-28 10:00:19 -04:00
Brendan f1dffd3ad6 Merge pull request #20480 from msutovsky-r7/exploit/pretalx/file-rw 
Adds modules for Pretalx File Read/Limited File Write (CVE-2023-28459, CVE-2023-28458)
 2025-08-27 15:46:39 -05:00
Martin Sutovsky 2533ddf441 Rubocoping 2025-08-26 12:42:28 +02:00
Martin Sutovsky b43b4c9f37 Updates library, addressing comments 2025-08-25 17:49:34 +02:00
Spencer McIntyre c1074c138e Move the options into the mixin 2025-08-22 16:05:12 -04:00
Spencer McIntyre 7fdb1e03fa Tie in Kerberos authentication for HTTP modules 2025-08-22 15:58:18 -04:00
Martin Sutovsky 4e113b1768 Addresses comments, adds exception for Pretalx, modifies aux module 2025-08-22 13:59:50 +02:00
Martin Sutovsky fb062075e3 Adds target, adds side effects 2025-08-21 15:21:16 +02:00
Martin Sutovsky 01c09bcfed Library fixes, refactoring exploit module 2025-08-21 09:22:21 +02:00
Martin Sutovsky 72dcc5a301 Library fix 2025-08-21 07:21:56 +02:00
Martin Sutovsky da5b20faa4 Creating lib file for shared functionality, adding more reliable check method for CVE-2025-34511, docs init 2025-08-20 10:59:22 +02:00
adfoster-r7 0557d63127 Add database ref opts for kerberos and pkcs12 2025-08-18 15:56:47 +01:00
Spencer McIntyre 13b3af325f Apply the ACEs for Authenticated Users 2025-08-15 11:57:30 -04:00
cgranleese-r7 c843e36402 Merge pull request #20469 from adfoster-r7/improve-kerberos-file-load-error-messages 
Improve Kerberos file load error messages
 2025-08-15 12:51:52 +01:00
adfoster-r7 bebb43f8f6 Improve kerberos file load error messages 2025-08-15 12:38:45 +01:00
jheysel-r7 4200f51fdf Merge pull request #20445 from zeroSteiner/feat/lib/ldap-adds/2 
Don't look up the local system SID
 2025-08-12 07:59:10 -07:00
adfoster-r7 332a55cb4f Fix error in kerberos authenticator 2025-08-11 16:48:37 +01:00
adfoster-r7 ced20bf15a Consolidate pkcs12 cert file reads 2025-08-11 14:28:47 +01:00
Tanush-Jain becdda1591 added fixed pkinit file 2025-08-04 17:51:36 -04:00
Spencer McIntyre 90b60c78ac Don't look up the local system SID 2025-08-01 17:37:29 -04:00
Martin Sutovsky ce1d0d1c27 Removes redundant code, unifies fail_with calling, adds advanced option for wait time 2025-08-01 10:51:52 +02:00
Martin Sutovsky d081d83aa6 Adds additional functionality for Pretalx 2025-07-31 14:53:49 +02:00
Martin Sutovsky 0d556253d3 Fix 2025-07-31 12:57:14 +02:00
Jack Heysel e88883c82b ESC9, ESC10 ESC16 exploit support 2025-07-30 15:08:14 -07:00
Jack Heysel a1c95e64ba Fixed unnecesary merge conflict additions 2025-07-30 11:59:51 -07:00
Jack Heysel 8179de6cea ESC9 ESC10 and ESC16 detection 2025-07-30 11:46:57 -07:00
Martin Sutovsky 38096c6988 Adding Pretalx functionality, expanding auxiliary module 2025-07-30 15:42:34 +02:00
Dean Welch 0ce1617288 Bump rails to 7.2 2025-07-28 12:29:58 +01:00
Martin Sutovsky b276c50115 Making Pretalx functionality more robust 2025-07-28 10:53:24 +02:00
jheysel-r7 05f2012ccc Merge pull request #20338 from Chocapikk/xorcom 
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)
 2025-07-22 08:19:36 -07:00
Valentin Lobstein 56f6a65e21 Update lib/msf/core/exploit/remote/http/xorcom_complete_pbx.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-07-19 04:04:25 +02:00
Valentin Lobstein 4a1f9e541e Update lib/msf/core/exploit/remote/http/xorcom_complete_pbx.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-07-19 04:04:14 +02:00
Chocapikk 4e70dfe70d Rename mixin 2025-07-16 22:40:27 +02:00
Chocapikk 1863eddcd4 chore: add magic encoding comment to Ruby files 2025-07-16 22:32:20 +02:00
Chocapikk 1fb6d488a8 Rename file 2025-07-16 22:30:28 +02:00
Chocapikk 7ddae3ec3f refactor(xorcom): rename helper to completepbx? + pass creds to completepbx_login 2025-07-16 21:48:34 +02:00
Chocapikk b06903810c feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs 2025-07-16 21:25:17 +02:00
Spencer McIntyre 566020abbf Cache the result of whoami 2025-07-08 15:43:41 -04:00
Spencer McIntyre 23c02d6873 Note the permissions required for checking permissions 2025-07-08 15:01:54 -04:00
Spencer McIntyre 2650956fce Add special handling for more groups 
Add handling for the special `Authenticated Users` and `Users` groups.
 2025-07-08 15:01:54 -04:00
Spencer McIntyre a93d20ccfe Add some basic tests 2025-07-08 15:01:54 -04:00
Spencer McIntyre d0d3a2719d Add some commented code for debugging 
Squash me
 2025-07-08 15:01:54 -04:00
Spencer McIntyre 7cacc4cd45 Update the ad_cs_cert_template module too 2025-07-08 15:01:54 -04:00