adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,623 Commits 27 Branches 1,043 Tags
2cf8ea39f94bbf749ca99cd6ddfc034df407d166
Commit Graph

1864 Commits

Author SHA1 Message Date
Christophe De La Fuente d36e22fdc6 Land #18936, mongodb ops manager diagnostic archive info disclosure (cve-2023-0342) 2024-04-12 15:22:18 +02:00
Ashley Donaldson 4557de9a72 Changes from code review 2024-04-08 11:47:09 +10:00
Ashley Donaldson b1d0918074 Add documentation for module and functions 2024-04-08 11:32:53 +10:00
h00die b83a91a468 review for mongodb ops manager 2024-04-07 05:39:51 -04:00
bwatters 3dc638909f Land #18906, Add template data files for ESC2 and ESC3 
Merge branch 'land-18906' into upstream-master
 2024-03-29 15:29:52 -05:00
Jack Heysel 31cf0e2633 Land #18764, Add unauth Jenkins file read module 
This PR adds a new module to exploit CVE-2024-23897, an unauth arbitrary
(first 2 lines) file read on Jenkins.
 2024-03-28 13:29:39 -07:00
adfoster-r7 decba4350e Additional changes to documentation 2024-03-25 10:53:08 +00:00
Zach Goldman 2c307f1bb3 Adds session documentation 
add more console output, add to pentesting side

split out session, help, query, query_interactive sections

add multiline examples

update mysql, smb
 2024-03-21 09:52:10 -05:00
Christophe De La Fuente 0252429715 Land #18775, Adding new module for MinIO (CVE-2023-28432) 2024-03-11 14:46:59 +01:00
h00die b41e38bca3 mongodb ops manager diagnostic archive info disclosure 2024-03-07 17:05:25 -05:00
Spencer McIntyre 7bce40308a Update module data to improve discoverability 2024-03-07 13:28:22 -05:00
Christophe De La Fuente ba75b3bb3f Land #18716, gitlab password reset account takeover (CVE-2023-7028) 2024-03-07 14:40:29 +01:00
Christophe De La Fuente e20558ec35 Land #18821, Gitlab public email disclosure CVE-2023-5612 2024-03-06 17:39:24 +01:00
Spencer McIntyre 23e0abe2f6 Land #18686, ssh_version module 2024-03-06 10:32:01 -05:00
h00die 8b6f7594e4 ssh_version module 2024-03-05 17:18:24 -05:00
h00die c4837d09e9 ssh_version module 2024-03-05 17:15:43 -05:00
h00die 7f6be50855 review of ssh_version improvements 2024-03-03 17:59:00 -05:00
h00die f2d836d008 review of ssh_version improvements 2024-03-03 09:18:52 -05:00
cgranleese-r7 d52220cccb Fixes the create session datastore option from appearing for payloads 2024-02-22 14:58:41 +00:00
adfoster-r7 7b56d012e8 Land #18678, add LDAP capture capabilities 2024-02-15 22:11:04 +00:00
n00bhaxor 35f8c6ce8a Added fixes suggested by reviewer. Added a fix for redirects due to workspaces being case-insensitive. 2024-02-14 09:09:52 -05:00
n00bhaxor fdcd9e26ad Adding module for gitlab_email_disclosure 2024-02-09 20:51:45 -05:00
cudalac 2b01b86374 Adding new module for MinIO 2024-01-31 13:33:04 -05:00
h00die bf6d2de53d docs 2024-01-30 18:03:57 -05:00
h00die c6c1414908 docs 2024-01-30 17:57:52 -05:00
h00die 064a2f3468 updates to jenkins ccli ampersand file read 2024-01-30 17:12:10 -05:00
h00die 482d2b28b1 gitlab password reset account takeoever 2024-01-18 16:19:26 -05:00
h00die a8bc6cc27f ssh_version module docs 2024-01-11 14:56:09 -05:00
h00die d57c9fb464 ssh_version module 2024-01-11 14:48:21 -05:00
Jack Heysel beef573fb8 Land #18635, Authenticated Splunk Info Disclosure 
This PR adds a module for an authenticated Splunk information
disclosure. This module gathers information about the host
machine and the Splunk install including OS version, build,
CPU arch, Splunk licnese keys etc.
 2023-12-28 11:20:52 -05:00
h00die 0394f5f7ad splunk 6.6.0+ 2023-12-20 20:47:04 -05:00
Spencer McIntyre 6fc0704930 Land #18477, Add docs for nessus_rest_login 2023-12-20 16:49:09 -05:00
Spencer McIntyre 300c53d005 Fix typos and tweak the section order 2023-12-20 16:31:52 -05:00
n00bhaxor a31de9eb05 Adding Splunk Info Disclosure module. 2023-12-20 14:07:50 -05:00
sjanusz-r7 f5e81aee2a Add docs for ssh_identify_pubkey using Metasploitable2 as target 2023-12-13 17:00:46 +00:00
Jack Heysel 603e5b2bff Land #18569, Add a module to perform ASREP-roasts 
This adds a module to gather credential material from accounts
with Requires Pre-Authentication disabled. The module supports two
mechanisms, Brute Forcing using a list of usernames or using a LDAP
query to request the relevant usernames, followed by requesting TGTs.
 2023-12-11 19:58:06 -05:00
Aleksa Zatezalo bc16684046 Update nessus_rest_login.md 2023-12-09 22:57:22 -05:00
Aleksa Zatezalo 93cfdd88cb Rename nessus_http_login.md to nessus_rest_login.md 2023-12-09 22:57:03 -05:00
Jack Heysel 509ec2c9b5 Land #18591, add ownCloud auxiliary module 
This module can extract sensitive environment variables from
the ownCloud target including ownCloud, DB, Redis, SMTP and
S3 credentials.
 2023-12-05 10:50:57 -05:00
jheysel-r7 76657c8f14 `Update documentation/modules/auxiliary/gather/owncloud_phpinfo_reader.md 2023-12-05 10:20:51 -05:00
Zach Goldman 3d6ddf769e Land #17667, Update password crackers 2023-12-04 10:45:53 -05:00
h00die befc87f9f0 owncloud exploit 2023-12-03 15:45:44 -05:00
h00die ea803063b1 owncloud phpinfo reader 2023-12-03 11:04:38 -05:00
Ashley Donaldson 11bcd43562 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-11-30 17:30:59 +11:00
Spencer McIntyre 708c795890 Land #18560, Forging diamond and sapphire tickets 2023-11-28 11:14:15 -05:00
Ashley Donaldson c293c273ba Attempt to decrypt pre-auth kerberos response 2023-11-27 13:09:59 +11:00
Ashley Donaldson 3ca13d9358 Changes from code review. 
Added in the stability/IOC notes, since diamond/sapphire do make requests.
 2023-11-27 10:30:54 +11:00
Ashley Donaldson 622277e960 Added documentation for ASREP module 2023-11-24 08:45:26 +11:00
h00die bba178e87f crack windows 2023-11-21 17:11:15 -05:00
h00die 4bca269e01 doc overhaul 2023-11-21 17:11:15 -05:00