adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,623 Commits 27 Branches 1,043 Tags
2cf8ea39f94bbf749ca99cd6ddfc034df407d166
Commit Graph

73623 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Metasploit 2cf8ea39f9 automatic module_metadata_base.json update 2024-04-12 14:40:38 -05:00
Jack Heysel 1174344b76 Land #18918, Add CrushFTP Module CVE-2023-43177 
This exploit module leverages an Improperly Controlled Modification of
Dynamically-Determined Object Attributes vulnerability (CVE-2023-43177)
to achieve unauthenticated remote code execution. This affects CrushFTP
versions prior to 10.5.1.
 2024-04-12 12:26:16 -07:00
Metasploit 9f22d67210 automatic module_metadata_base.json update 2024-04-12 08:48:42 -05:00
Christophe De La Fuente d36e22fdc6 Land #18936, mongodb ops manager diagnostic archive info disclosure (cve-2023-0342) 2024-04-12 15:22:18 +02:00
Metasploit 2a176e5e15 Bump version of framework to 6.4.4 2024-04-11 03:39:05 -05:00
Metasploit 0df68e8199 automatic module_metadata_base.json update 6.4.3 2024-04-10 11:08:23 -05:00
Spencer McIntyre aa739cd92d Land #18962, rancher audit logs information leak 
new post module: rancher audit logs sensitive information leak (CVE-2023-22649)
 2024-04-10 11:51:54 -04:00
Spencer McIntyre f579ec7a1a Clean table printing, document tested version 2024-04-10 11:31:55 -04:00
Metasploit f8331f4201 automatic module_metadata_base.json update 2024-04-10 06:55:53 -05:00
Spencer McIntyre 76145c3091 Land #19064, SNMP TCP support 2024-04-10 07:38:35 -04:00
cgranleese-r7 53efed1606 Land #19022, Add MySQL Arch & Platform detection by query 2024-04-10 12:24:08 +01:00
adfoster-r7 2346bfe1ee Land #19065, remove db_create mention 2024-04-09 22:30:47 +01:00
Metasploit 894d057715 automatic module_metadata_base.json update 2024-04-09 14:40:06 -05:00
Zach Goldman b8176e13a6 Land #19069, Update create session default values 2024-04-09 15:24:02 -04:00
Metasploit 0b610e4255 automatic module_metadata_base.json update 2024-04-09 09:30:32 -05:00
Spencer McIntyre 8f5052f2e7 Land #19051, Add the Shadow Credentials module 2024-04-09 10:13:08 -04:00
sjanusz-r7 a862b16286 Add MySQL Arch & Platform detection by query 2024-04-09 13:38:07 +01:00
adfoster-r7 8a2b092321 Update create session default values 2024-04-09 12:41:27 +01:00
Noam Rathaus 71538a871f 1. Adjust if end if end to if else end 
2. Use ::Rex::Socket create's Proto
 2024-04-09 08:39:45 +03:00
Ashley Donaldson 29c6e0a1e5 Removed unused function 2024-04-09 07:53:26 +10:00
Spencer McIntyre 397781f2b1 Land #19059, Fix banner issue in psnuffle 2024-04-08 12:03:06 -04:00
Javier Álvarez 2d819cb029 remove db_create mention 2024-04-08 16:53:17 +02:00
Noam Rathaus bf489f0b0d Allow selection of "TCP" for SNMP packets 2024-04-08 17:41:59 +03:00
Noam Rathaus 01d31612c6 Add support for TCP 2024-04-08 17:41:46 +03:00
Metasploit 9982a46538 automatic module_metadata_base.json update 2024-04-08 06:12:17 -05:00
cgranleese-r7 951da5b00c Land #19056, Don't close sockets that we're using for sessions 2024-04-08 11:51:31 +01:00
Ashley Donaldson 4557de9a72 Changes from code review 2024-04-08 11:47:09 +10:00
Ashley Donaldson b1d0918074 Add documentation for module and functions 2024-04-08 11:32:53 +10:00
Ashley Donaldson 1ce29ae21e Make OpenSSL unit test work on all versions 2024-04-08 11:32:53 +10:00
Ashley Donaldson 5852fcbb78 Error handling and unit tests 2024-04-08 11:32:53 +10:00
Ashley Donaldson 9f5444680f Some error handling 2024-04-08 11:32:52 +10:00
Ashley Donaldson 049c3ebd1d Promote constants to top of file 2024-04-08 11:32:52 +10:00
Ashley Donaldson 209d9dfab0 Help user when they've made a typical mistake 2024-04-08 11:32:52 +10:00
Ashley Donaldson 816d834f83 Add dn-binary unit tests 2024-04-08 11:32:51 +10:00
Ashley Donaldson 1b92d3b110 Working writing of certs over ldap 2024-04-08 11:32:51 +10:00
Ashley Donaldson b6acf708f3 Alias get_ticket to pkinit, since many people will search for that 2024-04-08 11:32:50 +10:00
Ashley Donaldson c55f8f20a8 Add shadow credentials module 2024-04-08 11:32:50 +10:00
Ashley Donaldson 8800a74b27 Wrap credential struct with nicer API 2024-04-08 11:32:50 +10:00
Ashley Donaldson e803be425f Initial work on shadow credentials 2024-04-08 11:32:49 +10:00
h00die b83a91a468 review for mongodb ops manager 2024-04-07 05:39:51 -04:00
Noam Rathaus 705cfb5016 Fix empty banner (never set) issue 2024-04-05 19:24:19 +03:00
Metasploit e184f5e708 automatic module_metadata_base.json update 2024-04-05 09:39:59 -05:00
Christophe De La Fuente 34f0afa298 Land #19044, Gibbon Online School Platform Authenticated RCE [CVE-2024-24725] 2024-04-05 16:20:11 +02:00
Metasploit a0d72680e0 automatic module_metadata_base.json update 2024-04-05 08:42:50 -05:00
Dean Welch 87b84b00fb Don't close sockets that we're using for sessions 2024-04-05 14:33:30 +01:00
adfoster-r7 674249687f Land #19020, consolidate session tests 2024-04-05 14:17:40 +01:00
Dean Welch 434e85261b Add postgres client specs 2024-04-05 13:10:15 +01:00
Dean Welch 25a65c0ed7 Consolidate and simplify session tests 2024-04-05 13:10:15 +01:00
adfoster-r7 a3bba29fb6 Land #19045, add initial mssql module acceptance tests 2024-04-05 13:01:41 +01:00
adfoster-r7 9e670d2f52 Land #19052, Update user agent strings for April 24 2024-04-04 23:43:10 +01:00