adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
cn-kali-team 2cca50956b MobaXtrem 2022-09-13 08:14:57 +08:00
cn-kali-team 2726f04e43 Gather_RedisDesktopManager_Password 2022-09-12 20:40:49 +08:00
bcoles ebaca4cd48 enum_patches: Cleanup, print patches as table, store patches as CSV 2022-09-12 13:50:32 +10:00
bcoles 302bcfbc03 enum_domain_tokens: Cleanup and fix group member retrieval 2022-09-10 13:54:39 +10:00
Grant Willcox b5686dc7ca Update documentation to improve some explanations 2022-09-09 15:51:31 -05:00
bcoles 8dc4107bed enum_services: Cleanup and support non-Meterpreter sessions 2022-09-09 15:09:47 -05:00
h00die 66bbe98f5f wifi remote with better cmd stagers 2022-09-09 05:57:36 -04:00
h00die ae91cfa9c5 unified_remote exploit 2022-09-08 17:09:31 -04:00
bcoles 290d70bd19 enum_domain: Cleanup and support non-Meterpreter sessions 2022-09-08 12:34:37 -05:00
jrude b649e26d84 corrections 2022-09-08 19:09:35 +02:00
bwatters 2af5b22272 Land #16983, firefox_xpi_bootstrapped_addon: Add notes, description, references, docs 
Merge branch 'alnd-16983' into upstream-master
 2022-09-08 08:23:32 -05:00
Grant Willcox 446d891705 Land #16901, killav: Cleanup and support non-meterpreter sessions 2022-09-07 14:02:11 -05:00
space-r7 a11569fc53 Land #16944, add Apach Spark RCE 2022-09-07 13:02:27 -05:00
jrude 01556b22d5 Syncovery For Linux - Auth. RCE (CVE-2022-36534) 2022-09-07 13:34:48 +02:00
jrude 8cf9af812b Syncovery Insecure Session Token Generation (CVE-2022-36536) 2022-09-07 13:17:22 +02:00
Jan Rude 9cb136a209 Wording 2022-09-07 13:15:36 +02:00
jrude 1757a5dedf Syncovery login brute-force utility 2022-09-07 12:46:32 +02:00
h00die-gr3y f71ec84f9e updated documentation 2022-09-06 19:36:11 +00:00
h00die c6d453f5b9 fix docs 2022-09-05 08:23:40 -04:00
h00die 3f7e0667f6 wifi mouse rce 2022-09-05 08:16:49 -04:00
bcoles a7d2145e8d firefox_xpi_bootstrapped_addon: Add notes, description, references, docs 2022-09-05 02:23:37 +10:00
h00die 8c4f151c73 update idrac login scanner to work with v8 and v9 2022-09-04 09:59:15 -04:00
Christophe De La Fuente 8ba621a291 Land #16923, Cisco ASA-X with FirePOWER Services Authenticated Command Injection (CVE-2022-20828) 2022-09-02 18:37:37 +02:00
adfoster-r7 edef4022cd Add documentation for kerberos ticket forging 2022-09-02 16:36:40 +01:00
space-r7 53b25d7d69 Land #16934, support dumping mem by process name 2022-09-01 12:58:01 -05:00
dwelch-r7 5f85175f56 Add module for golden/silver ticket forging 2022-09-01 16:12:07 +01:00
Grant Willcox a41ec9388f Land #16725, Add ManageEngine ADAudit Plus and DataSecurity Plus Xnode enum modules, docs and mixin (CVE-2020–11532) 2022-09-01 08:46:36 -05:00
Spencer McIntyre 35c2a2cc7a Land #16903, enum_shares Cleanup and shell support 
enum_shares: Cleanup and support non-meterpreter sessions
 2022-08-31 13:21:31 -04:00
Spencer McIntyre 6965115c8e Land #16786, Zyxel Firewall LPE (CVE-2022-30526) 2022-08-31 08:40:23 -04:00
Spencer McIntyre 69cc144e04 Add module docs 2022-08-30 11:12:36 -04:00
npm-cesium137-io da43f9c069 Refactor thycotic_secretserver_dump MKII 
Removed all logic around the isSalted column since I have no idea what
that flag is actually supposed to represent.

Further optimized Thycotic decryption method for efficiency.

Fixed where the revision digit was being truncated after converting
ss_build to float.

Removed the offline 'decrypt' action as it required setting a reserved
value for session in order to operate.

Minor tweaks & correct typos and formatting.

Updated documentation.
 2022-08-29 11:45:18 -04:00
h00die-gr3y e8083c6fb1 commit module and documentation 2022-08-26 15:39:18 +00:00
h00die-gr3y 21c4e3ce3d commit module and documentation 2022-08-26 15:05:39 +00:00
Spencer McIntyre ae5a9bd41b Land #16734, Add rtf support to cve-2022-30190 
Add rtf support to cve-2022-30190 AKA Follina
 2022-08-25 17:26:46 -04:00
Spencer McIntyre 68eae1664e Tweak the follina docs 2022-08-25 17:10:59 -04:00
Christophe De La Fuente 1b5338da06 Land #16701, Rewrite of Cisco ASA Clientless VPN Brute-force 2022-08-25 16:04:48 +02:00
bcoles 8939d09efa post/windows/gather/memory_dump: Support dumping processes by name 2022-08-24 18:04:29 +10:00
Grant Willcox 70e006c493 Initial updates from personal review, sans module adjustments 2022-08-23 20:48:15 -05:00
Grant Willcox 2369e1562c Add in documentation on how to install the target from scratch 2022-08-23 11:44:09 -05:00
Ron Bowes abd392c372 Add in changes from review 2022-08-23 11:44:03 -05:00
Grant Willcox 5b61b5097f RuboCop documentation, add in Verification steps, and fix up minor issues 2022-08-23 11:44:02 -05:00
Ron Bowes 0e6647c7f9 Add scenarios 2022-08-23 11:43:53 -05:00
Ron Bowes 97f8ec9367 Documentation, output cleanup 2022-08-23 11:43:51 -05:00
Christophe De La Fuente 847cd97927 Land #16925, Fix a payload bug in unrar_cve_2022_30333 2022-08-23 12:59:37 +02:00
Ron Bowes 13d8c41f98 Clean up and better documentation 2022-08-22 11:46:50 -07:00
npm-cesium137-io b5a5fb23fb Add thycotic_secretserver_dump post module 
Initial commit for post module targeting Windows servers with Secret
Server installed.
The module can decrypt secrets from Secret Server version 10.4 - 11.2
provided they are not protected by HSM.
An additional auxiliary module is being developed to perform offline
decryption and recovery of the database using the loot extracted via
this module.
 2022-08-22 14:41:33 -04:00
Spencer McIntyre 07fdc1f1ec Land #16907, ms10_092_schelevator: Cleanup 2022-08-22 11:53:02 -04:00
bcoles b3f9847bc4 enum_ms_product_keys: Cleanup and support non-meterpreter sessions 2022-08-21 16:00:27 +10:00
Jake Baines b4fe31757d Added module for CVE-2022-20828 2022-08-19 12:29:37 -07:00
Jake Baines 2242272ef4 Added CSRF token support. Fixed an issue with HTTP Keep-Alive 👀 2022-08-19 10:51:33 -07:00