adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

13785 Commits

Author SHA1 Message Date
adfoster-r7 c8f942cc03 Land #17955, Golf a bit the php payload 2023-06-12 16:31:00 +01:00
Spencer McIntyre 834ad18d28 Land #18069, Handle LDAP UnbindRequest 
Remote::JndiInjection: handle LDAP UnbindRequest
 2023-06-12 09:53:38 -04:00
Spencer McIntyre 4c817ce1de Land #17946, CVE-2023-21839 - Oracle Weblogic RCE 
CVE-2023-21839 - Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization
 2023-06-09 14:55:43 -04:00
Grant Willcox 694c1006e4 Add more IPv6 support in to the module 2023-06-09 12:24:35 -05:00
Spencer McIntyre 2acc014014 Fix AS-REQ with PKINIT and NTDS_CA_SECURITY_EXT 2023-06-08 15:10:35 -04:00
Spencer McIntyre 47835b57a7 Add the ALT_SID datastore option 2023-06-08 15:10:27 -04:00
Christophe De La Fuente 451735ad15 Fix exception handler & add doc 2023-06-06 17:43:22 +02:00
cgranleese-r7 18ddd72285 Update jenkins login scanner to work with newer versions 2023-06-06 11:54:55 +01:00
RageLtMan e6b1ae2af8 Remote::JndiInjection: handle LDAP UnbindRequest 2023-06-06 00:54:40 -04:00
Grant Willcox 94ef437f9f Add in YARD documentation 2023-06-05 12:10:10 -05:00
Grant Willcox 9574c79d36 Remove extra code 2023-06-05 12:07:27 -05:00
Ashley Donaldson 795980260b Created mixin to retrieve the architecture of the current shell. 
Currently only supports Windows, but does work on Win2000 upwards.
 2023-06-05 11:10:53 +10:00
Spencer McIntyre 734e0b099e Land #18018, Add in CVE-2023-29084 
Add in CVE-2023-29084 - Zoho ManageEngine ADManager Plus ChangePasswordAction
Authenticated Command Injection
 2023-06-02 12:14:43 -04:00
bwatters 1e9d286c77 Land #18044, Add MIPS64 Linux Fetch Payloads 
Merge branch 'land-18044' into upstream-master
 2023-06-02 10:53:43 -05:00
Grant Willcox 7728e1e2fb Add in new library function for escaping PowerShell literals 2023-06-02 10:22:56 -05:00
Grant Willcox 0f71613b66 Land #18056, Modify command stagers to not go over 100% 2023-06-01 16:06:13 -05:00
Zach Goldman 96f2c96a75 modify command stagers to not go over 100% 2023-06-01 12:07:07 -05:00
Spencer McIntyre 8378435051 Land #17430, Add AWS SSM Sessions 2023-06-01 11:34:40 -04:00
Ashley Donaldson 7f4bda193d Support retrieving Service Pack version on older OSes 2023-06-01 10:48:17 +10:00
Spencer McIntyre 9349dd24e3 Add a proper definition for NtdsCaSecurityExt 2023-05-31 17:31:33 -04:00
shellchocolat 1fbba702de add support to masm formatting 2023-05-31 17:17:17 +02:00
Ashley Donaldson 4b1158d5f1 Use existing shell registry logic 2023-05-31 11:24:33 +10:00
Ashley Donaldson 778a2c47b7 Updated unit tests to use registry 2023-05-31 08:09:54 +10:00
Spencer McIntyre 8a0dfa57a0 Drop size requirement and fix descriptions 
The size requriement is used when the adapted payload is executed from
the command line but that's not the case for the fetch payloads which
execute a command to fetch the payload from a URL. The payload size
doesn't matter because it's included in the executable file hosted at
the URL.
 2023-05-30 15:03:06 -04:00
Grant Willcox 3d63d0b097 Land #18030, Fix missing return in HTTP CmdStagers 2023-05-30 13:14:21 -05:00
Grant Willcox 42d4c73cda Land #18031, Improve help for "edit" and "log" commands 2023-05-30 11:43:21 -05:00
Christophe De La Fuente 7bde39ae73 Fixes from code review 2023-05-30 13:26:56 +02:00
adfoster-r7 e2718eb40c Land #18019, Fixes validation for to_handler command for Evasion and Payload modules 2023-05-30 10:39:01 +01:00
Ashley Donaldson 568e346d11 Support Windows 2000 by using ver command 2023-05-30 13:23:44 +10:00
Ashley Donaldson a94f78ec03 Use direct registry lookups to get version data, to cater for different language packs. 2023-05-30 12:21:12 +10:00
wvu 00451e3aec Improve help for "edit" and "log" commands 
Talking about `LocalEditor` and `LocalPager`.
 2023-05-25 23:22:54 -05:00
wvu 9528339761 Fix missing return in HTTP CmdStagers 
Fetch payloads are cooler, but this was missed in https://github.com/rapid7/metasploit-framework/pull/13426.
 2023-05-25 22:22:23 -05:00
Jack Heysel d8255157c9 Land #18021, Fix #cd for Powershell Sessions 2023-05-25 14:26:01 -04:00
Ashley Donaldson 75ba9110e2 Added module for Windows version comparisons 
Utilised it in various existing modules - this should fix some subtle bugs in specific modules' version detection.
 2023-05-25 14:36:46 +10:00
Spencer McIntyre ed5d516c21 Sync the .NET working path for Powershell sessions 
See: https://github.com/PowerShell/PowerShell/issues/10278
 2023-05-23 15:21:52 -04:00
Spencer McIntyre afb31b0f21 Add a function to escaple cmd.exe string literals 2023-05-23 15:17:39 -04:00
cgranleese-r7 3e327efdc4 Fixes validation for to_hanler command for Evasion and Payload modules 2023-05-23 10:16:06 +01:00
Spencer McIntyre 120dc877ad Pr/collab/17430 (#41) 
* Prevent using post modules with the session

It doesn't work reliably because of winpty and how the output is
mangled.

* Set the limit correctly

* Fix Linux PTY downgrade issues

* Remove filtering

The filtering implementation is incomplete and unnecessary.

Filtering is unnecessary because Linux sessions execute a stub on
session start up that uses a combiantion of stty and a fifo to emulate a
PTY-less session. Windows sessions do not need filtering because they
have been explictly marked as being incompatible with the Post API which
is confused by the extra characters.

The filtering implementation is incomplete because it does not account for
echo fragments that are split across lines. It also does not account for
all of the ANSI escape codes.

* Add module docs for enum_ssm
 2023-05-22 17:11:16 -04:00
space-r7 60f6574bf3 Land #17965, add module for AD CS cert management 2023-05-22 09:50:53 -05:00
Spencer McIntyre dcbc6d19c5 Update #validate_query_result! 
The function required a filter argument, but not every query has a
filter. By removing it, we can reuse the same logic for other operations
including modifications.
 2023-05-22 09:21:20 -04:00
manishkumarr1017 bd9591f621 changing nil datatype to string datatype for the column display 2023-05-19 19:11:06 +05:30
manishkumarr1017 df4a5b9d69 Merge branch 'master' of github.com:manishkumarr1017/metasploit-framework into add_new_column_in_creds 2023-05-19 18:45:38 +05:30
Spencer McIntyre f464401dde Land #17782, Add fetch payloads 
Add http wget cmd based fetch payload for Linux and Windows
 2023-05-18 12:18:27 -04:00
bwatters 548a2d7ab4 Add fetch payloads for Windows and Linux x64 2023-05-18 10:47:29 -05:00
RageLtMan f929d2c90f Drop redundant shell_command in powershell.rb 2023-05-16 15:43:16 -04:00
RageLtMan 713ec6ae76 Merge branch 'master' into feature/aws_ssm_sessions 2023-05-16 14:39:37 -04:00
adfoster-r7 c723a2865e Land #17987, Split recalculate out into multiple functions 2023-05-12 18:27:46 +01:00
Dean Welch 3036a53697 Change name to single_name for consistency 2023-05-12 16:59:33 +01:00
Dean Welch f6855f6aa4 Split recalculate out into multiple functions 2023-05-12 16:30:14 +01:00
dwelch-r7 b752735db1 Land #17967, Fix ruby 3.1 crashes and resource leaks when garbage collecting Meterpreter resources 2023-05-12 14:14:02 +01:00