adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,763 Commits 27 Branches 1,043 Tags
3c9c057fc3c241c19c1be80787b7fc061663118c
Commit Graph

2524 Commits

Author SHA1 Message Date
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
space-r7 8b8d138812 Land #15496, specify SSLVersion for servers 2021-08-26 10:57:11 -05:00
space-r7 0530f78d12 add comments and test 2021-08-12 10:18:13 -05:00
space-r7 03e9d82ed8 fix packfile construction, fix git push 
also adds the ability to further customize
commits, including the option to use a custom
email address, name, commit message, etc.
 2021-08-12 10:18:13 -05:00
space-r7 e2f1ad692b add find_obj method and delta object parsing 2021-08-12 10:18:13 -05:00
space-r7 89e6690782 remove pry statements 2021-08-12 10:18:12 -05:00
Shelby Pace 51741c8c01 account for ofs-delta / ref-delta objects 2021-08-12 10:18:12 -05:00
Shelby Pace d0c0372596 add request / response classes 2021-08-12 10:18:12 -05:00
Shelby Pace 2736599373 update comments, remove debugging statements 2021-08-12 10:18:12 -05:00
Shelby Pace 53187648c1 add module 
also includes packfile obj metadata changes
 2021-08-12 10:18:11 -05:00
Shelby Pace 73ad7de0a7 add parent param to git mixin 
add fixes to packfile mixin
 2021-08-12 10:18:11 -05:00
Shelby Pace d7161d0b90 add packfile, pkt line, and module code 2021-08-12 10:18:11 -05:00
Shelby Pace d89554e995 add git mixin changes and usage in git exploits 2021-08-12 10:18:11 -05:00
Shelby Pace 3fb225c9c6 add wrapper methods for creating git objects 
use methods in git_submodule_command_exec
 2021-08-12 10:18:11 -05:00
Christophe De La Fuente 07c9350733 Land #15430, Support for SSH pivoting 2021-08-09 18:34:08 +02:00
Spencer McIntyre 06b671e710 Add the SSLVersion datastore option for servers 
Requires rapid7/rex-socket#37 for the option to be honored.
 2021-08-06 14:44:53 -05:00
A Galway 5e732ddd42 changes parse to take an origin and updates tests 2021-08-03 18:22:23 +01:00
A Galway ff111ecd13 remove silent catches of http-cookie argument errs 2021-07-30 17:33:04 +01:00
agalway-r7 3668230d44 reposition self return in add 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-07-30 16:16:12 +01:00
agalway-r7 33a34af0df improve error handling 
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com>
 2021-07-30 16:06:53 +01:00
A Galway 5219c980f7 adds origin values to cookies without domain 2021-07-28 14:08:25 +01:00
A Galway c7d4155511 add origin to httpcookie and supporting tests 2021-07-28 14:04:48 +01:00
A Galway 80f809bc78 handled cookies without valid domain value 2021-07-26 14:29:03 +01:00
A Galway e3dbd3a990 fixes bug caused by attrs with string keys 2021-07-20 15:02:41 +01:00
Spencer McIntyre 1ddcc9f12b Remove the socket in psexec 
PsExec needs the socket to remain open after the session is established
in order to rebove the service. Remote TCP exploits close and remove
their sockets by default which creates a race condition that can result
in failing to cleanup the service.
 2021-07-14 11:00:45 -04:00
Tim W 39455827aa Land #15254, use obfuscated powershell protection bypasses 2021-07-12 12:20:17 +01:00
Spencer McIntyre 9e61bf5752 Update the rex-powershell gem and unit tests 2021-07-09 15:35:37 -04:00
William Vu ccf6ec9628 RuboCop selectively 2021-07-06 21:14:48 -05:00
William Vu e5fee3b0b8 Improve AutoCheck prints 2021-07-06 21:14:48 -05:00
Spencer McIntyre 325ecfedff Add some error handling while extracting the key 2021-06-08 14:58:58 -04:00
Spencer McIntyre 4ccc468dab Add docs to the SharePoint mixin 2021-06-07 16:04:08 -04:00
Spencer McIntyre 64077e1395 Add and use a new sharepoint mixin 2021-06-07 15:25:07 -04:00
agalway-r7 87d69c7553 Land #15263, adds payload flag to analyze 2021-06-03 16:03:46 +01:00
adfoster-r7 73b269cf7e Land #15225, cookie jar cleanup 2021-06-01 10:49:56 +01:00
Alan Foster 814e510e17 Fix unit tests 2021-05-26 15:30:23 +01:00
Spencer McIntyre 82c078c888 Updates for psexec usage 2021-05-25 14:38:52 -04:00
Spencer McIntyre ebab5f1e85 Update the powershell mixin 2021-05-25 14:38:52 -04:00
Spencer McIntyre 4920800340 Add a null check to the PSH bypass code 
Powershell version 3 does not have
`System.Management.Automation.AmsiUtils` so check that it's present
before setting the field.
 2021-05-25 14:38:52 -04:00
Spencer McIntyre 694617b12c Use an obfuscated stub to bypass PSH protections 2021-05-25 14:36:17 -04:00
Alan Foster c84b651ca6 Remoce initial rhost http url attempt 2021-05-24 00:31:09 +01:00
A Galway 5e4af7241d prevent TLD use in tests & remove HTTP::Cookie DI 2021-05-20 17:49:21 +01:00
Spencer McIntyre f3f479fda9 Handle powershell protection bypasses in MSF 2021-05-17 16:00:00 -04:00
Adam Cammack e0e8cafda5 Explicitly autotarget analyze results 
Doesn't really do anything that wasn't done already, but will provide a
good entry point for better and more flexible targeting use, e.g. by
breaking down the OS name with Recog when needed.
 2021-05-14 08:45:14 -05:00
adfoster-r7 0f73031833 Land #15165, Add documentation for the new CookieJar functionality 2021-05-12 19:29:21 +01:00
A Galway 6b61eed3cd documention 2021-05-07 14:14:46 +01:00
A Galway a22ebdf76d cookie cleanup 2021-05-07 12:46:38 +01:00
Alan Foster 0be7452c28 Ensure cookie jars are correctly duped 2021-05-06 12:11:26 +01:00
adfoster-r7 6c6d7699ed Land #14831, Add CookieJar support to http_client 2021-04-30 14:08:04 +01:00
bwatters 619e01bfa3 Land #11257, Add PSH generation methods to Util::Exe 
Merge branch 'land-11257' into upstream-master
 2021-04-23 13:52:53 -05:00
bwatters 63e14cf69f Update method options, method comments, and comment on to_win32pe_psh_rc4 behavior 2021-04-23 13:51:01 -05:00