adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3133 Commits

Author SHA1 Message Date
Jack Heysel ba64dce5b7 Rubocop offenses 2021-09-03 16:17:30 -05:00
Jack Heysel 3c43bd409d Added docs an Git User-Agent FP 2021-09-03 16:15:39 -05:00
Jack Heysel 21d99a74fb beta commit 2021-09-03 16:15:38 -05:00
Alan Foster 134fef21c4 Improve validation rhosts validation 2021-09-02 13:00:01 +01:00
Alan Foster f96dc59cd4 Spike smb uri support 2021-09-02 13:00:01 +01:00
h00die 77dff0fc13 working admin shell 2021-09-01 17:49:17 -04:00
h00die 3580920dde moving more to libs 2021-09-01 17:36:38 -04:00
h00die 5e17074259 moodle_teacher_enrollement_priv_esc working but not full exploit chain 2021-08-31 16:52:08 -04:00
h00die 176c1f0751 moodle lib and module 2021-08-29 10:50:25 -04:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
space-r7 8b8d138812 Land #15496, specify SSLVersion for servers 2021-08-26 10:57:11 -05:00
space-r7 0530f78d12 add comments and test 2021-08-12 10:18:13 -05:00
space-r7 03e9d82ed8 fix packfile construction, fix git push 
also adds the ability to further customize
commits, including the option to use a custom
email address, name, commit message, etc.
 2021-08-12 10:18:13 -05:00
space-r7 e2f1ad692b add find_obj method and delta object parsing 2021-08-12 10:18:13 -05:00
space-r7 89e6690782 remove pry statements 2021-08-12 10:18:12 -05:00
Shelby Pace 51741c8c01 account for ofs-delta / ref-delta objects 2021-08-12 10:18:12 -05:00
Shelby Pace d0c0372596 add request / response classes 2021-08-12 10:18:12 -05:00
Shelby Pace 2736599373 update comments, remove debugging statements 2021-08-12 10:18:12 -05:00
Shelby Pace 53187648c1 add module 
also includes packfile obj metadata changes
 2021-08-12 10:18:11 -05:00
Shelby Pace 73ad7de0a7 add parent param to git mixin 
add fixes to packfile mixin
 2021-08-12 10:18:11 -05:00
Shelby Pace d7161d0b90 add packfile, pkt line, and module code 2021-08-12 10:18:11 -05:00
Shelby Pace d89554e995 add git mixin changes and usage in git exploits 2021-08-12 10:18:11 -05:00
Shelby Pace 3fb225c9c6 add wrapper methods for creating git objects 
use methods in git_submodule_command_exec
 2021-08-12 10:18:11 -05:00
Christophe De La Fuente 07c9350733 Land #15430, Support for SSH pivoting 2021-08-09 18:34:08 +02:00
Spencer McIntyre 06b671e710 Add the SSLVersion datastore option for servers 
Requires rapid7/rex-socket#37 for the option to be honored.
 2021-08-06 14:44:53 -05:00
A Galway 5e732ddd42 changes parse to take an origin and updates tests 2021-08-03 18:22:23 +01:00
A Galway ff111ecd13 remove silent catches of http-cookie argument errs 2021-07-30 17:33:04 +01:00
agalway-r7 3668230d44 reposition self return in add 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-07-30 16:16:12 +01:00
agalway-r7 33a34af0df improve error handling 
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com>
 2021-07-30 16:06:53 +01:00
A Galway 5219c980f7 adds origin values to cookies without domain 2021-07-28 14:08:25 +01:00
A Galway c7d4155511 add origin to httpcookie and supporting tests 2021-07-28 14:04:48 +01:00
A Galway 80f809bc78 handled cookies without valid domain value 2021-07-26 14:29:03 +01:00
A Galway e3dbd3a990 fixes bug caused by attrs with string keys 2021-07-20 15:02:41 +01:00
Spencer McIntyre 1ddcc9f12b Remove the socket in psexec 
PsExec needs the socket to remain open after the session is established
in order to rebove the service. Remote TCP exploits close and remove
their sockets by default which creates a race condition that can result
in failing to cleanup the service.
 2021-07-14 11:00:45 -04:00
Tim W 39455827aa Land #15254, use obfuscated powershell protection bypasses 2021-07-12 12:20:17 +01:00
Spencer McIntyre 9e61bf5752 Update the rex-powershell gem and unit tests 2021-07-09 15:35:37 -04:00
William Vu ccf6ec9628 RuboCop selectively 2021-07-06 21:14:48 -05:00
William Vu e5fee3b0b8 Improve AutoCheck prints 2021-07-06 21:14:48 -05:00
Spencer McIntyre 325ecfedff Add some error handling while extracting the key 2021-06-08 14:58:58 -04:00
Spencer McIntyre 4ccc468dab Add docs to the SharePoint mixin 2021-06-07 16:04:08 -04:00
Spencer McIntyre 64077e1395 Add and use a new sharepoint mixin 2021-06-07 15:25:07 -04:00
agalway-r7 87d69c7553 Land #15263, adds payload flag to analyze 2021-06-03 16:03:46 +01:00
adfoster-r7 73b269cf7e Land #15225, cookie jar cleanup 2021-06-01 10:49:56 +01:00
Alan Foster 814e510e17 Fix unit tests 2021-05-26 15:30:23 +01:00
Spencer McIntyre 82c078c888 Updates for psexec usage 2021-05-25 14:38:52 -04:00
Spencer McIntyre ebab5f1e85 Update the powershell mixin 2021-05-25 14:38:52 -04:00
Spencer McIntyre 4920800340 Add a null check to the PSH bypass code 
Powershell version 3 does not have
`System.Management.Automation.AmsiUtils` so check that it's present
before setting the field.
 2021-05-25 14:38:52 -04:00
Spencer McIntyre 694617b12c Use an obfuscated stub to bypass PSH protections 2021-05-25 14:36:17 -04:00
Alan Foster c84b651ca6 Remoce initial rhost http url attempt 2021-05-24 00:31:09 +01:00
A Galway 5e4af7241d prevent TLD use in tests & remove HTTP::Cookie DI 2021-05-20 17:49:21 +01:00