adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

13785 Commits

Author SHA1 Message Date
adfoster-r7 f6ed9ef12d Extract db command helpers to standalone module 2022-12-13 17:01:49 +00:00
Spencer McIntyre 024fc87b4c Land #17272, Add F5 MCP post module 
Add F5 MCP post module
 2022-12-12 14:20:31 -05:00
Spencer McIntyre 34451940c7 Fix uploading from shell sessions 2022-12-12 12:02:33 -05:00
Spencer McIntyre 59d4f9b7e9 Fix downloading from shells to a directory 
Prior to this change if the destination argument issued to a shell
session's internal `download` command was a directory, the command would
crash and the shell would be lost.
 2022-12-12 10:42:11 -05:00
Spencer McIntyre a80db73bab Land #17325, add impersonation for get_ticket 
Enable the `get_ticket` module to impersonate a user with S4U2self and S4U2proxy
 2022-12-12 09:10:37 -05:00
adfoster-r7 2ea880c799 Show ssh key with verbose creds command 2022-12-10 00:08:54 +00:00
Grant Willcox c84b2a67d7 Land #17345, Update report api to return nil when no active db 2022-12-09 14:02:28 -06:00
Ashley Donaldson 99e576d023 Fixes crash in meterp when file_version asks for a file that doesn't exist 2022-12-09 11:55:29 +11:00
adfoster-r7 8f22d24577 Update report api to return nil when no active db 2022-12-07 23:09:59 +00:00
Heyder Andrade cf6d5d3a14 It made the gadgets being used more readable 2022-12-06 17:47:49 +01:00
Dean Welch d239e9b007 Don't autoload krb5Pac 2022-12-06 13:01:47 +00:00
Dean Welch 1e2ada3cce Add options validation depending on action in forge_ticket.rb 2022-12-06 12:55:42 +00:00
bwatters 37540572e0 Land #17214, add database functionality to vcenter post module 
Merge branch 'land-17214' into upstream-master
 2022-12-05 12:50:14 -06:00
Dean Welch 405271a52f Add pac BinData Model 2022-12-05 14:03:21 +00:00
adfoster-r7 7a46cff0a1 Land #17305, Adds support to RPC for automatically choosing module payload defaults 2022-12-05 12:59:21 +00:00
cgranleese-r7 4e539df3c3 Adds support to find default payloads 2022-12-05 11:52:11 +00:00
Heyder Andrade 8aca86b816 Apply suggestions from code review 2022-12-04 17:29:05 +01:00
Heyder Andrade 5c3ac339d0 Apply suggestions from code review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-12-04 12:13:50 +01:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
Christophe De La Fuente c6f8bae1ab Fix from code review and updates the KrbUseCachedCredentials logic 2022-12-02 15:28:08 +01:00
h00die 7ec7cdfb97 fix vcenter spec error 2022-12-01 16:43:58 -05:00
Christophe De La Fuente cc61a26668 Add S4U2Self and S4U2Proxy support to impersonate a user 2022-12-01 20:42:13 +01:00
Christophe De La Fuente d3057f15b2 Land #17275, Add Exploit For CVE-2022-41082 (ProxyNotShell) 2022-11-30 18:16:19 +01:00
Ashley Donaldson 5fce80ed1d Added comments to most functions 2022-11-30 11:53:57 +11:00
Ashley Donaldson 97aef31180 Removed vestigial code while we're at it 2022-11-30 11:31:27 +11:00
Ashley Donaldson 1231eefe55 Fixed WQL module while I'm at it 2022-11-30 10:26:19 +11:00
Heyder Andrade 704cee436b Apply suggestions from code review 2022-11-29 15:25:14 +01:00
Heyder Andrade c1236500f1 Apply suggestions from code review 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-29 14:12:39 +01:00
adfoster-r7 750192afa4 Add pkinit error codes 2022-11-29 10:36:10 +00:00
Spencer McIntyre cd828a82c8 Fix the DH key construction for OpenSSL3 2022-11-28 14:54:10 -05:00
Spencer McIntyre abe0549db6 Land #17226, Module to request TGT/TGS tickets 
Module to request TGT/TGS Kerberos tickets from the KDC
 2022-11-28 11:59:17 -05:00
Spencer McIntyre f24df8a051 Change an exception class and drop DOMAIN passing 2022-11-28 10:06:14 -05:00
Spencer McIntyre 009c6c5350 Add the MaxBackendRetries datastore option 2022-11-28 09:45:04 -05:00
Ashley Donaldson 638a1c8f78 Prevent double-delimiter situations in general 2022-11-25 15:32:55 +11:00
Ron Bowes e981dde15f Move the mcp-objects out of the class and into a data/ file (per Jeffrey's request) 2022-11-23 12:49:00 -08:00
Spencer McIntyre 3805a79079 Add support for Exchange Data Access Group (DAG) 
This updates the HttpSsrf class to retry requests to the Powershell
backend when they fail because they were routed to a new server. Now
when the transport is initialized, it will store the backend used by the
first successful request.
 2022-11-23 15:37:58 -05:00
Spencer McIntyre 45391b1714 Land #17279, ducky-script format for msfvenom 
ducky-script format for msfvenom (flipper zero compatible)
 2022-11-23 09:05:57 -05:00
Jiashuo Liang d32df1d3dc Fix linux reverse_tcp_x64 rdx register value 2022-11-23 19:36:37 +08:00
h00die 637ad5f809 make ducky more psh friendly 2022-11-21 17:55:48 -05:00
Heyder Andrade a05cbdbc30 Impreve error handling 2022-11-20 12:09:05 +01:00
h00die 40f97995f8 review comment 2022-11-19 10:37:36 -05:00
h00die f12c660652 review comments 2022-11-19 10:37:36 -05:00
h00die 9a19c4411d wrap up module additions 2022-11-19 10:37:36 -05:00
h00die dff9b35d56 add database stuff to vcenter post module 2022-11-19 10:37:36 -05:00
Heyder Andrade 34d191b06c Added Ruby serialized payload generator 2022-11-19 15:20:49 +01:00
Heyder Andrade f1b97de78d Added Gitlab mixin 2022-11-19 15:19:29 +01:00
h00die 29b7fa5336 ducky_script format for msfvenom 2022-11-18 17:02:52 -05:00
Spencer McIntyre 29d57dde66 Consolidate into ProxyMaybeShell 2022-11-18 17:01:01 -05:00
adfoster-r7 7dcf65d7c3 Fix python reverse http stager crash 2022-11-18 14:32:36 +00:00
Christophe De La Fuente d1a7170020 Land #17021, Gitea Git fetch RCE module - CVE-2022-30781 2022-11-17 12:28:29 +01:00