adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,922 Commits 27 Branches 1,043 Tags
1e4527d8338b4f431cdc8011c052d3744e29d7ed
Commit Graph

2116 Commits

Author SHA1 Message Date
sfewer-r7 c1ff36668c disclosure date 2025-11-14 17:06:30 +00:00
sfewer-r7 b1327361e9 add in new CVE ID and vendor advisory 2025-11-14 17:04:33 +00:00
sfewer-r7 06fbe46172 add in aux moduel for recent FortiWeb exploit 2025-11-14 12:02:10 +00:00
Spencer McIntyre 9dc5696cc4 Update dash characters in module references 2025-10-07 14:03:32 -04:00
Spencer McIntyre fd21209e4d Add missing CVEs from VulnCheck 2025-10-07 13:59:13 -04:00
Jack Heysel 74d229e11f Multiple CA testing 2025-10-02 18:14:00 -07:00
Jack Heysel 7b3c82f2e6 Responded to comments 2025-09-25 13:35:41 -07:00
Jack Heysel e9ab1d0839 Update esc_update_ldap module so shadow creds not required 2025-09-23 14:37:55 -07:00
Christophe De La Fuente 788b9c27b4 Use sub-technique and add missing modules 2025-09-16 18:39:23 +02:00
Christophe De La Fuente 7ce2bdc979 Add T1003 "OS credential dumping" MITRE technique 2025-09-09 10:45:46 +02:00
adfoster-r7 0557d63127 Add database ref opts for kerberos and pkcs12 2025-08-18 15:56:47 +01:00
adfoster-r7 ced20bf15a Consolidate pkcs12 cert file reads 2025-08-11 14:28:47 +01:00
Jack Heysel ff724d0b5c Deregister SMBUser 2025-07-30 15:28:56 -07:00
Jack Heysel e88883c82b ESC9, ESC10 ESC16 exploit support 2025-07-30 15:08:14 -07:00
Jack Heysel e328a8f8c4 Fix update action in ad_cs_cert_template 2025-07-15 17:20:36 -07:00
Brendan 36675ccd9a Merge pull request #20349 from sfewer-r7/0day-cve-2024-51978 
Add auxiliary module for multiple Brother devices authentication bypass (CVE-2024-51978)
 2025-07-09 13:07:25 -05:00
sfewer-r7 df24090fc0 fix typo in message 2025-07-09 14:59:54 +01:00
sfewer-r7 ab913b0416 make this error message not that no password may be present on the device 2025-07-09 14:58:59 +01:00
sfewer-r7 34952d73f6 display the AuthCookie if one is received 2025-07-09 10:15:30 +01:00
jheysel-r7 79d67dd1f0 Merge pull request #20345 from zeroSteiner/feat/lib/ldap-adds/1 
Add an Active Directory LDAP Mixin
 2025-07-08 14:37:23 -07:00
Spencer McIntyre 2ab90df4b2 Check for full permissions on certs too 2025-07-08 15:46:43 -04:00
Spencer McIntyre 8b8b350950 Use the new function instead of the old 2025-07-08 15:01:54 -04:00
Spencer McIntyre 7cacc4cd45 Update the ad_cs_cert_template module too 2025-07-08 15:01:54 -04:00
Spencer McIntyre c2a06e341d Expand on the matcher logic 2025-07-08 15:01:46 -04:00
Stephen Fewer 56354849f0 favor AUTO over ANY for this enum usage 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-07-01 15:05:09 +01:00
Stephen Fewer 14512d7d17 favor AUTO over ANY for this enum 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-07-01 15:04:57 +01:00
Stephen Fewer 18b00cebbb Use a more permissive regex to pull out the logbox name value 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:39:36 +01:00
sfewer-r7 6bdebf6ee3 add the salt_table_index value in the failure message 2025-06-26 16:35:21 +01:00
Stephen Fewer 84dda69ee0 this status message should explicitly say it has generated the *default* password 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:34:04 +01:00
Stephen Fewer a7b26ac74d fail with a message that includes the unexpected length value 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:32:08 +01:00
Stephen Fewer f66389bbbf include the password in the verbose status message 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:31:31 +01:00
sfewer-r7 c6ffcdb2f8 This resolves the 'Proto is not included in the list' error during create_credential 2025-06-26 16:11:38 +01:00
adfoster-r7 a0bb2d8c89 Merge pull request #20298 from bcoles/modules-SSL 
Modules: Convert SSL default option to Boolean in several modules
 2025-06-26 15:00:59 +01:00
cgranleese-r7 04a18fb3ca Updates modules to remove non-printable chars 2025-06-25 14:19:56 +01:00
Spencer McIntyre cf48211910 Update the RBCD module to use the new mixin 2025-06-24 11:27:52 -04:00
sfewer-r7 14191f6166 use Base64.strict_encode64 2025-06-24 10:16:49 +01:00
sfewer-r7 edea803c75 add in references 2025-06-24 10:14:59 +01:00
bcoles b483312eca Modules: Convert SSL default option to Boolean in several modules 2025-06-23 19:38:36 +10:00
cgranleese-r7 ade9b54d94 Runs Style/TrailingCommaInArguments Rubocop against modules 2025-06-23 09:30:35 +01:00
sfewer-r7 83a03efa3b aux module for CVE-2024-51978 2025-06-20 16:41:39 +01:00
cgranleese-r7 a4b14d8b64 Runs Rubocop to fix layout in modules 2025-06-20 15:18:01 +01:00
bwatters-r7 b1d5319fcb Fix some spacing inssues 2025-06-09 09:17:11 -05:00
bwatters-r7 8f2b364e7b Fix errant space in CVE number 2025-06-06 10:06:21 -05:00
Spencer McIntyre 66a9f332b1 Merge pull request #20283 from cdelafuente-r7/fix/20249/ldap/certifried 
Fix the cve_2022_26923_certifried module after the datastore option changes
 2025-06-05 13:08:06 -04:00
Brendan cc98ef58d4 Merge pull request #20140 from h4x-x0r/CVE-2023-2915 
ThinManager Path Traversal Delete (CVE-2023-2915) Module
 2025-06-05 10:08:42 -05:00
h4x-x0r 2425eb08d2 Update thinmanager_traversal_delete.rb 2025-06-05 02:57:40 +01:00
Brendan 312d052a5c Merge pull request #20141 from h4x-x0r/CVE-2023-2917 
ThinManager Path Traversal Upload (CVE-2023-2917) Module
 2025-06-04 16:48:39 -05:00
Brendan 10d443d5d9 Merge pull request #20138 from h4x-x0r/CVE-2023-27855 
ThinManager Path Traversal Upload (CVE-2023-27855) Module
 2025-06-04 12:41:34 -05:00
Christophe De La Fuente b488403c73 Fix cve_2022_26923_certifried module after the datastore option changes 2025-06-04 11:22:26 +02:00
Simon Janusz d497156f84 Merge pull request #20258 from zeroSteiner/fix/issue/20251 
Update the ldap options for shadow credentials
 2025-06-03 17:45:18 +01:00