metasploit-gs

Author	SHA1	Message	Date
Ashley Donaldson	09e740d48d	Changes from code review	2022-10-17 17:19:50 +11:00
Heyder Andrade	aece783cee	Added reference to user auto-detect method	2022-10-17 01:11:27 +02:00
Heyder Andrade	0b09e564f1	Improved documentation	2022-10-16 14:25:54 +02:00
Heyder Andrade	835b44ca7a	Added documentation	2022-10-16 13:42:21 +02:00
Ron Bowes	a2a2dcbf6f	Check in zimbra_postfix_priv_esc.rb	2022-10-14 13:21:41 -07:00
adfoster-r7	6a682f4fe6	Land #16982 , Update Dell iDRAC login scanner to work with v8 and v9	2022-10-14 01:40:35 +01:00
Grant Willcox	a3e32ffafa	Add TARGET 0 to documentation	2022-10-12 20:00:33 -05:00
Grant Willcox	e9f54aa5b8	Update documentation with better wording, and add randomization of parameter name to module along with cleanup code for deleting uploaded files	2022-10-12 19:16:52 -05:00
Jack Heysel	9652823393	Reverted check method to upload shell	2022-10-12 19:16:44 -05:00
Jack Heysel	3c27c8e5aa	Condensed payload, changed base64 encoding to hex	2022-10-12 19:12:35 -05:00
Jack Heysel	e4eac96b4b	Add Module for pfSense pfBlockerNG unauth RCE as root	2022-10-12 19:12:22 -05:00
Grant Willcox	f92d913f0c	Land #17116 , Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit	2022-10-12 11:53:47 -05:00
bwatters	4aa2b76bde	Land #17092 , netlm_downgrade Cleanup and support non-Meterpreter sessions Merge branch 'land-17092' into upstream-master	2022-10-12 11:40:20 -05:00
Grant Willcox	487a26ee0f	Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs	2022-10-12 11:19:47 -05:00
Ayantaker	9abaa00b9e	Adding some changes to documentation as per review comments	2022-10-12 11:36:35 -04:00
三米前有蕉皮	20015d7351	Update documentation/modules/post/windows/gather/credentials/navicat.md Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>	2022-10-12 13:52:12 +08:00
三米前有蕉皮	7caf2eb9dc	Update documentation/modules/post/windows/gather/credentials/navicat.md Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>	2022-10-12 11:29:25 +08:00
Ayantaker	e75438d0b2	Documentation fix and minor fixes Fixed the documentation according to msftidy's suggestion and removed a few unessary parts of code	2022-10-11 18:17:52 -04:00
Grant Willcox	45aa09411e	First round of edits from review	2022-10-11 15:46:04 -05:00
Grant Willcox	c587360e90	Minor typo fixes	2022-10-11 10:52:42 -05:00
h00die	69d1497ae1	netrc and fetchmailrc docs	2022-10-08 10:43:25 -04:00
JustAnda7	412a07df54	Fixed #16674	2022-10-07 14:35:21 -04:00
Ashley Donaldson	80bb1867bc	Added documentation for the module	2022-10-07 14:24:37 +11:00
Ayantaker	c8cd6a7864	Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit CVE-2022-22947 exploits Spring Cloud Gateway. The module has been tested with Spring Cloud gateway version 3.1.0 on Linux kali 5.18.0-kali5-amd64	2022-10-06 15:48:36 -04:00
Ron Bowes	48dd4693df	Add docs for CVE-2022-41352 (zimbra cpio), and fix some text	2022-10-06 10:46:48 -07:00
Jack Heysel	60c21da50e	Land #17009 , Add MobaXterm cred gather module This module determines if MobaXterm is installed and if it is dumps all saved session information from the target	2022-10-05 14:14:27 -04:00
Jack Heysel	0145264046	Land #17093 , add Enlightenment priv esc module This PR adds a local priv esc for Enlightenment on Ubuntu which exploit a simple cmd injection	2022-10-04 14:09:18 -04:00
space-r7	63af4e3702	Land #17067 , add remote mouse rce	2022-10-04 11:40:33 -05:00
Jack Heysel	edc0c622fc	Land #17099 , Wordpress Elementor plugin RCE This PR adds a new authenticated exploit module against 3 versions of Elementor, a plugin for Wordpress.	2022-10-03 16:59:38 -04:00
h00die	b7073df1e0	review comments	2022-10-03 16:53:14 -04:00
bwatters	052d233bd9	Land #17006 , Gather_RedisDesktopManager_Password Merge branch 'land-17006' into upstream-master	2022-10-03 15:10:30 -05:00
h00die	68b2aec6fb	review comments	2022-10-03 15:25:53 -04:00
krastanoel	95503be49a	Update documentation	2022-10-03 19:57:25 +07:00
h00die-gr3y	08640f0d65	Updated documentation	2022-10-02 20:20:20 +00:00
h00die	c6e18ee469	cve-2022-1329	2022-10-02 15:59:58 -04:00
h00die-gr3y	7ae0f552f3	init commit module and documentation	2022-10-02 19:47:47 +00:00
cn-kali-team	3fa2268aa1	fix username	2022-10-03 00:07:30 +08:00
cn-kali-team	2f3378fc4a	Gather_Navicat	2022-10-02 23:48:09 +08:00
h00die	e78babea90	cve-2022-37706	2022-10-01 11:24:29 -04:00
bcoles	3ffbc99d9f	netlm_downgrade: Cleanup and support non-Meterpreter sessions	2022-10-01 22:35:11 +10:00
Jack Heysel	9ad513dade	Land #16933 , Thycotic Secret Server post module This PR adds a post exploitation module that exports and decrypts Thycotic Secret Server credentials	2022-09-30 13:16:05 -04:00
krastanoel	36f3a7ce11	update options description	2022-09-30 16:57:59 +07:00
bwatters	9e74b9887d	Land #17048 , enum_tokens: Cleanup Merge branch 'land-17048' into upstream-master	2022-09-29 15:58:46 -05:00
jheysel-r7	e06acc7df0	Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md	2022-09-29 13:59:01 -04:00
jheysel-r7	e8d4bcdcc6	Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md	2022-09-29 13:58:37 -04:00
jheysel-r7	713d63654b	Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md	2022-09-29 13:58:22 -04:00
adfoster-r7	5d345e6689	Merge branch 'upstream-master' into feature-kerberos-authentication	2022-09-29 16:42:58 +01:00
bwatters	76c6632305	Land #16673 , qdPM 9.1 - Authenticated Remote Code Execution (CVE-2020-7246) Merge branch 'land-16673' into upstream-master	2022-09-29 09:46:27 -05:00
Jack Heysel	379f303ea8	Land #17061 , Mobile Mouse Server RCE This PR includes a module that uses default configuration in Unified Remote to spawn a run prompt and return a shell.	2022-09-28 10:48:41 -04:00
bwatters	e27dbd2787	Land #16794,Add exploit for CVE-2022-34918 Merge branch 'land-16794' into upstream-master	2022-09-27 16:37:52 -05:00

... 20 21 22 23 24 ...

6278 Commits