adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,623 Commits 27 Branches 1,043 Tags
2cf8ea39f94bbf749ca99cd6ddfc034df407d166
Commit Graph

740 Commits

Author SHA1 Message Date
Jack Heysel 31cf0e2633 Land #18764, Add unauth Jenkins file read module 
This PR adds a new module to exploit CVE-2024-23897, an unauth arbitrary
(first 2 lines) file read on Jenkins.
 2024-03-28 13:29:39 -07:00
jheysel-r7 14938a2d77 Apply suggestions from code review 2024-03-28 14:41:25 -04:00
Dean Welch f132bdbe30 Enforce single module stance 2024-03-25 11:53:23 +00:00
Spencer McIntyre 9b8b7045ff Land #18715, Add Splunk library 2024-03-05 16:17:30 -05:00
Gaurav Jain 985b0ba47f Add reviewed changes to splunk library 2024-03-06 01:32:57 +05:30
sjanusz-r7 3c8f43e23e Align SQL sessions peerhost and peerport 2024-03-04 13:11:32 +00:00
adfoster-r7 d8abd2bcc2 Land #18898, Add rex proto mysql client wrapper 2024-02-29 10:13:47 +00:00
dwelch-r7 a4543b0f41 Land #18897, Update smb login to support additional configuration 2024-02-29 10:07:02 +00:00
adfoster-r7 131585235b Update SMB Login to support additional configuration 2024-02-28 20:24:06 +00:00
sjanusz-r7 b423241e6b Use Rex Post MySQL Client for lib, specs & modules 2024-02-28 18:19:50 +00:00
sjanusz-r7 55a8d6732f Add Rex Proto MySQL Client 2024-02-28 18:19:46 +00:00
Spencer McIntyre 4a51e028d8 Print multiple attributes on individual rows 2024-02-26 17:28:41 -05:00
Spencer McIntyre 4b7f4e2b0d Just show the DN, commas and all 
This way the DN can just be copy-pasted into locations where a DN is
expected.
 2024-02-22 17:36:30 -05:00
sjanusz-r7 1b7c2bbaec SQL sessions consolidation 2024-02-21 16:16:14 +00:00
sjanusz-r7 fc963bd8bb Add Proxies support to creating a session with postgres_login 2024-02-16 14:45:17 +00:00
adfoster-r7 7b56d012e8 Land #18678, add LDAP capture capabilities 2024-02-15 22:11:04 +00:00
adfoster-r7 1d406cfc2a Land #18809, DNS command improvements 2024-02-14 22:12:30 +00:00
Christophe De La Fuente fc5a12431c Land #18664, Add an SMB-based fetch payload for Windows 2024-02-14 14:57:32 +01:00
Zach Goldman d18520adc6 update rhost and rport calls 2024-02-13 13:00:38 -06:00
Zach Goldman c05c6773df adjust session logic in modules 2024-02-13 11:59:09 -06:00
Zach Goldman 94223f05fc update relevant modules to work with sessions 
separate out optional session logic

fixing session handling
 2024-02-09 13:18:49 -06:00
sjanusz-r7 30fc29e0f5 Use PostgreSQL session type for modules 2024-02-09 15:38:06 +00:00
Spencer McIntyre 11ca24e290 Specify the record type for PTR lookups 2024-02-08 11:22:33 -05:00
cgranleese-r7 b060809a8d Addresses logoff PR feedback 2024-02-07 12:51:04 +00:00
cgranleese-r7 e80f0ef8cd Removes session logic from mixins and uses client instead of datastore for rhost and rport 2024-02-06 14:11:16 +00:00
h00die 1e6cf524b9 rubocop on jenkins lib 2024-02-02 16:35:56 -05:00
h00die c37984edb2 jenkins cli ampersand exploit review 2024-02-02 16:35:11 -05:00
cgranleese-r7 0e9cad6d45 Adds MySQL session type 2024-02-02 14:39:37 +00:00
adfoster-r7 48221e594d Land #18704, Leverage the module metadata cache in the module_sets 2024-02-02 14:16:46 +00:00
adfoster-r7 7ac4387d35 Land #18696, Convert MSSQL mixin to class 2024-02-02 14:14:34 +00:00
Zach Goldman 35778e92b2 client consolidation 
convert first module from remote to client

move client to rex

remove metasploit mixin
 2024-02-01 17:23:55 -06:00
Spencer McIntyre b5906418c2 Update the HashCapture mixin 
Use #srvport instead of the datastore and pull in upstream chanes for
the metasploit-credential gem to enable use within payloads.
 2024-01-29 13:35:56 -05:00
Spencer McIntyre 33306fa4dd The SRVPORT is already registered 
The SRVPORT datastore option is registered by the Remote::SMB::Server
mixin so including it here is redundant.
 2024-01-29 13:35:54 -05:00
bwatters d05b85de50 Land #18680, Shared SMB Service 
Merge branch 'land-18680' into upstream-master
 2024-01-26 14:42:11 -06:00
Gaurav Jain 38c9185564 Add reviewed changes 2024-01-26 22:58:00 +05:30
adfoster-r7 15d0d4f0df Land #18663, Add new PostgreSQL Session Type 2024-01-24 10:46:26 +00:00
sjanusz-r7 1fe448f2f4 Revert remote/postgres verbosity changes 2024-01-22 14:27:38 +00:00
Dean Welch 391bc4e69e shuffle platform parsing and code quality 2024-01-19 14:30:34 +00:00
sjanusz-r7 fbdb025542 Notify user on failed Postgres connection 2024-01-19 10:29:44 +00:00
sjanusz-r7 a4305f0ca0 Allow PostgreSQL lib to use session client 2024-01-19 10:29:44 +00:00
Gaurav Jain 97ef243d2e Add Splunk library 2024-01-18 22:47:13 +05:30
Christophe De La Fuente b8aa55c322 Land #18633, WordPress Backup Migration Plugin PHP Filter Chain RCE (CVE-2023-6553) 2024-01-17 18:42:52 +01:00
Dean Welch 2cf045d3c4 Leverage the module metadata cache in the module_sets 2024-01-15 14:56:46 +00:00
Jack Heysel 5e25a99700 Responded to comments 2024-01-12 13:08:32 -05:00
jheysel-r7 43f4705e60 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-09 12:37:59 -05:00
Spencer McIntyre 024bdaec6d Add a proper rex-based service for the SMB server 2024-01-08 16:54:22 -05:00
Spencer McIntyre b10e8d566b Initial Rex SMB service to allow sharing 2024-01-05 17:18:08 -05:00
Jack Heysel e3062d45e0 Module working docs updated 2023-12-20 16:41:52 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
Jack Heysel 5d5ccd25e1 Removed unnecssary files 2023-12-15 10:46:23 -05:00