adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,922 Commits 27 Branches 1,043 Tags
1e4527d8338b4f431cdc8011c052d3744e29d7ed
Commit Graph

38979 Commits

Author SHA1 Message Date
Valentin Lobstein 1e4527d833 Synchronize local server SSL with DTD_PROTO option instead of forcing HTTP 2025-11-27 22:11:50 +01:00
Valentin Lobstein dd06d4c120 Replace sleep(2) with retry_until_truthy for XXE trigger and add configurable timeout option 2025-11-27 21:37:39 +01:00
Valentin Lobstein 9647236b42 Make SSL configurable via datastore and improve comment accuracy 2025-11-27 21:35:05 +01:00
Valentin Lobstein f4ec54f25e Fix: Make FILE and LOG_PATH required options and improve formatting 2025-11-27 21:33:09 +01:00
Valentin Lobstein ad2bf62939 Randomize XXE entity name in N-able N-Central module 2025-11-22 04:39:29 +01:00
Valentin Lobstein 4e02af64cc Fix N-able N-Central XXE module: improve file extraction, combine report methods, fix SSL handling 2025-11-22 04:37:38 +01:00
Valentin Lobstein 9734a69ae8 Add N-able N-Central authentication bypass and XXE scanner module (CVE-2025-9316, CVE-2025-11700) 2025-11-21 00:18:12 +01:00
h00die 3209fdc937 remove old file 2025-11-17 19:03:55 -05:00
h00die 7c8fbd1672 rework windows service persistence 2025-11-17 19:02:54 -05:00
h00die a0222d0783 rework windows service persistence 2025-11-17 19:02:53 -05:00
h00die 1ad89ef1ef rewriting service 2025-11-17 19:02:53 -05:00
h00die 06f5c89bf4 throw this away 2025-11-17 19:02:53 -05:00
h00die 8c211b4d4a fix sc commands in windows service persistence 2025-11-17 19:02:53 -05:00
h00die 450e1df340 windows service now with persistence mixin 2025-11-17 19:02:50 -05:00
sfewer-r7 c1ff36668c disclosure date 2025-11-14 17:06:30 +00:00
sfewer-r7 b1327361e9 add in new CVE ID and vendor advisory 2025-11-14 17:04:33 +00:00
Brendan 9dcea0c20d Merge pull request #20698 from sfewer-r7/fortiweb-exploit 
Add an aux module for the recent FortiWeb exploit (No CVE assigned yet)
 2025-11-14 09:32:03 -06:00
Spencer McIntyre c000e9cfa5 Merge pull request #20687 from dwelch-r7/winrm-error-handling-improvements 
Add error handling for winrm login issues
 2025-11-14 08:39:26 -05:00
Dean Welch 771856ac6b Use print_brute over print_warning 2025-11-14 13:22:54 +00:00
sfewer-r7 06fbe46172 add in aux moduel for recent FortiWeb exploit 2025-11-14 12:02:10 +00:00
jheysel-r7 90ff800e41 Merge pull request #20669 from stfnw/azure-ad-login-default-message 
azure_ad_login: add context to error message
 2025-11-12 10:45:32 -08:00
Diego Ledda c007d3a89f Merge pull request #20674 from msutovsky-r7/exploit/win/cve-2025-59287 
Adds module for unauthenticated deserialization in WSUS (CVE-2025-59287)
 2025-11-12 12:40:32 +01:00
Diego Ledda 29088b4712 Merge pull request #20576 from msutovsky-r7/modules/persistence/linqpad_deserialization 
Moves LINQPad module into persistence category
 2025-11-11 16:41:12 +01:00
Martin Sutovsky 9058f6676b Removes if condition 2025-11-11 11:22:31 +01:00
Martin Sutovsky 6aeb81a499 Adds MITRE reference, updates docs 2025-11-10 18:32:13 +01:00
Martin Sutovsky fc434414d3 Randomizes XML paramater 2025-11-10 16:54:49 +01:00
Dean Welch 32874d05cf Add error handling for winrm login issues 2025-11-10 12:01:03 +00:00
Martin Sutovsky 5ea47e5ac3 Adds formatting to XML data, adds automatic plugin ID extraction 2025-11-06 16:46:58 +01:00
Martin Sutovsky 570c7c0bf4 Changes CheckCode to Detected 2025-11-06 16:21:42 +01:00
Martin Sutovsky b0afe5e24b Randomizes parameters that can be randomized 2025-11-06 15:06:30 +01:00
Martin Sutovsky 904e752662 Code refactor 2025-11-06 14:52:49 +01:00
Martin Sutovsky cb0011649c Adds SCREEN_EFFECTS to SideEffects 2025-11-06 14:50:31 +01:00
Martin Sutovsky f586fff090 Adds clear message if exploit fails 2025-11-06 14:46:02 +01:00
Diego Ledda 110cb837aa Merge pull request #20672 from h00die-gr3y/centreon_auth_rce 
Centreon authenticated command injection leading to RCE via broker engine "reload" parameter [CVE-2025-5946]
 2025-11-05 16:29:29 +01:00
h00die-gr3y 34c424f473 update based on dledda-r7 comments 2025-11-05 09:20:13 +00:00
Martin Sutovsky 5ad76f82d1 Adds more docs, adds description 2025-11-04 13:49:43 +01:00
Martin Sutovsky f195ebd453 Code refactor 2025-11-04 13:36:33 +01:00
Martin Sutovsky 98467f3a21 Adds msf payload to module, adds docs 2025-11-04 12:28:03 +01:00
Martin Sutovsky e885da1f0b Add rce for wsus 2025-11-03 20:47:28 +01:00
h00die-gr3y 61dfc293d9 update based on dledda-r7 comments 2025-11-03 14:37:23 +00:00
Martin Sutovsky 96edf7bad4 Updates 2025-11-03 14:25:39 +01:00
h00die-gr3y 85b4233345 updated module based on review comments and added documentation 2025-11-03 10:21:31 +00:00
h00die-gr3y 83e7fc2667 update attackerkb reference 2025-11-02 18:26:34 +00:00
h00die-gr3y e01456bcf4 init commit module 2025-11-02 17:45:22 +00:00
Stefan Walter 00661fa43a azure_ad_login: add context to error message 
Include domain and username in the default/catch-all error message,
so that this information is not lost.
 2025-11-01 13:19:01 +01:00
Diego Ledda 13dc61e2e8 Merge pull request #20523 from h00die/modern_persistence_upstart 
update upstart to persistence mixin
 2025-10-31 12:28:59 +01:00
msutovsky-r7 af5baeb3c6 Land #20660, adds windows task scheduler persistence module 
Windows task scheduler persistence
 2025-10-31 10:16:19 +01:00
msutovsky-r7 c804e5fb55 Land #20643, expands diamorphine privilege escalation module to other rootkits 
Add Rootkit Privilege Escalation Signal Hunter
 2025-10-31 10:00:21 +01:00
bcoles 676a2ed4b1 Add Rootkit Privilege Escalation Signal Hunter 2025-10-31 17:22:19 +11:00
msutovsky-r7 09f1d1ae57 Land #20650, adds module for NCR Command Center Agent unauthenticated RCE (CVE-2021-3122) 
Add NCR Command Center Agent Unauthenticated RCE (CVE-2021-3122)
 2025-10-30 08:26:42 +01:00