adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3133 Commits

Author SHA1 Message Date
Dean Welch ee46d18505 Add yard docs and address review comments 2022-11-07 12:10:01 +00:00
Dean Welch a110465fe4 Add module for converting kerberos ticket formats 2022-11-07 12:10:01 +00:00
Grant Willcox 79ac775443 Perform updates from code review. 2022-11-04 15:44:28 -05:00
Grant Willcox 8922e5b203 Add in first initial implementation of ESC module and updates to associated libraries. 2022-11-04 15:43:34 -05:00
Christophe De La Fuente eb051ec9a7 Add get_ticket module 2022-11-04 18:46:47 +01:00
Spencer McIntyre 6e453a3f4f Fix a bug in #extract_user_and_realm 
While iterating over asn_san_seq, if the tag doesn't match either of the
two conditions, user and domain will be nil which leads to a problem
later on.
 2022-11-03 10:51:52 -04:00
Jack Heysel 45ddcf02c9 Remove unused mix in, add low bound to check 2022-11-01 10:42:43 -05:00
jheysel-r7 af9175325b Update lib/msf/core/exploit/remote/http/webmin/login.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:42:42 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
adfoster-r7 7774b7ddcf Merge remote-tracking branch 'upstream/master' into merge-6.2.25-master-into-kerberos-feature-branch 2022-10-31 23:15:11 +00:00
Spencer McIntyre fa7d677d45 Consolidate and improve LDAP error handling 2022-10-31 10:56:17 -04:00
Christophe De La Fuente 4ec7eea436 Fixes from code review 2022-10-28 15:33:34 +02:00
Christophe De La Fuente 52904b8cb6 Add support to Kerberos 
- Add kerberos authenticator to `scanner/smb/smb_login` and the
  corresponding login scanner library
- Add new options: `UseCachedCredentials` and `StoreCredentialCache`
- Add `use_cached_credentials` attribute to
  Kerberos::ServiceAuthenticator::Base. This enables/disables the use of
  cached Kerberos credentials from the database.
- Add `store_credential_cache` attribute to
  Kerberos::ServiceAuthenticator::Base. This enables/disables storing
  Kerberos TGS MIT Credential Cache to the database.
 2022-10-21 16:16:10 +02:00
Matthew Dunn 1e50ba3415 Move to Hashes module, address requested changes 
Fix rubocop

Move identify to hashes module up one layer, use full reference to identify_hash instead of full include

Fix SMTP require

Remove hashes require statement

Remove hashes require statement

Remove hashes require statement

Remove hashes require statement

Address remaining requested changes, reference constants directly

Add all the missing direct references

Co-Authored-By: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-17 17:28:31 -04:00
Ashley Donaldson 09e740d48d Changes from code review 2022-10-17 17:19:50 +11:00
Ashley Donaldson c7bab60a3e Fix to support DNS entries in certificate files 2022-10-07 15:17:07 +11:00
Ashley Donaldson 80bb1867bc Added documentation for the module 2022-10-07 14:24:37 +11:00
Ashley Donaldson 793a05f9f3 Added comments for new functions 2022-10-07 11:55:47 +11:00
Ashley Donaldson b5a076a1f1 Neaten parameter and error handling 2022-10-07 11:24:39 +11:00
Ashley Donaldson 58c30f10aa Send and Receive PKINIT responses 2022-10-07 01:04:10 +11:00
h00die 06aefb630a string true to bool true 2022-10-03 19:50:04 -04:00
Spencer McIntyre 5d88a28fa4 Update YARD docs for TGT reuse 2022-10-03 09:04:30 -04:00
krastanoel aa0dc86bd8 get csrf from the html body instead 2022-10-01 19:59:23 +07:00
krastanoel 02b5f8678c add repository error class 2022-10-01 17:43:42 +07:00
krastanoel e9d8068078 update and tidy the lib comments 2022-10-01 16:22:21 +07:00
krastanoel cc2db82886 add repository create and migrate helpers 2022-10-01 01:13:28 +07:00
krastanoel 29944a0a1b add repository create and migrate url 2022-10-01 01:12:54 +07:00
krastanoel c5d3867980 add migration error class 2022-10-01 01:11:58 +07:00
krastanoel 88e4261a88 Add common lib for Gitea repository 2022-10-01 01:10:55 +07:00
Spencer McIntyre 421121736d Load and use cached TGTs 2022-09-30 13:23:52 -04:00
Spencer McIntyre a619303f2c Save tickets in a compatible way for retrieval 2022-09-30 13:23:52 -04:00
Spencer McIntyre acbe644588 Document some of the parameter types 2022-09-30 13:23:52 -04:00
Spencer McIntyre 82912aad38 Support delegation from stored TGTs 2022-09-30 13:23:52 -04:00
Spencer McIntyre 081d66330b Add a constructor method for Krb5Ccache 2022-09-30 13:23:52 -04:00
Spencer McIntyre 89c3792886 Allow authenticating with stored TGTs 2022-09-30 13:23:52 -04:00
Spencer McIntyre 6bd9de43d6 Add the #request_service_ticket method 2022-09-30 13:23:52 -04:00
krastanoel cbff63958c Move version check and login to common library 2022-09-30 22:09:01 +07:00
adfoster-r7 5d345e6689 Merge branch 'upstream-master' into feature-kerberos-authentication 2022-09-29 16:42:58 +01:00
cgranleese-r7 50685161ef Allow user_id to be configurable in ticket forging 2022-09-22 14:18:17 +01:00
adfoster-r7 3a281234df Add feature flagged datastore rewrite, with support for option fallback lookups 2022-09-16 12:59:02 +01:00
dwelch-r7 5f85175f56 Add module for golden/silver ticket forging 2022-09-01 16:12:07 +01:00
Spencer McIntyre 009ada3cc4 Fix issues from the rebase 2022-08-18 11:35:29 -04:00
Jeffrey Martin c45262cd46 Land #16800, Add support for OpenSSL 3 2022-08-05 14:20:51 -05:00
Christophe De La Fuente 9c6a198453 Land #16796, Path traversal vulnerability in RARLAB UnRAR < 6.12 with Zimbra RCE module 2022-08-04 19:44:57 +02:00
Ron Bowes a314423e81 Some changes requested by @cdelafuente-r7 2022-08-03 14:51:51 -07:00
adfoster-r7 f65119b353 Support OpenSSL3 and run Ubuntu 22.04 in test matrix 2022-08-03 15:49:53 +01:00
Ron Bowes c66f98bae6 Make lint happy 2022-08-01 10:03:35 -07:00
Ron Bowes e7edafbcfb Throw errors in the rar-generator library rather than returning nil 2022-08-01 09:54:31 -07:00
Ron Bowes d36bee8755 A few simple feedback changes 2022-07-29 10:48:07 -07:00
Spencer McIntyre 7da5f2ad4a Changes from PR feedback 2022-07-28 16:05:22 -04:00