adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

13785 Commits

Author SHA1 Message Date
Spencer McIntyre 3e51730ae3 Land #11359, Add the shiro_rememberme_v124_deserialize module 2020-04-28 15:35:06 -04:00
dwelch-r7 779d2cade4 Land #13316, Add missing tag functionality to the RemoteHttpDataService 2020-04-28 15:15:10 +01:00
Adam Galway 8e3add3f5f simplifies get host id, renames endpoints & clean 2020-04-28 13:33:54 +01:00
L 15762f23b4 fixed 2020-04-27 10:50:34 -05:00
L 27c267cb77 fixed 2020-04-27 10:50:34 -05:00
bcoles 1e7556dd24 fixed 
Co-Authored-By: L-codes <20529064+L-codes@users.noreply.github.com>
 2020-04-27 10:50:34 -05:00
L 93d9f3d269 Replace <tab> to <space> 2020-04-27 10:50:09 -05:00
L 42d34201d2 fixed lib/msf/util/java_deserialization.rb 2020-04-27 10:49:57 -05:00
L 3bd15cbb81 Replace "ysoserial" string with randomness for evasion 2020-04-27 10:48:54 -05:00
L 7576a9d1c3 Support ysoserial alongside ysoserial-modified payload (including cmd, bash, powershell, none) 2020-04-27 10:48:53 -05:00
Christophe De La Fuente af239303d2 Land #13257, .NET Deserialization Library Improvements 2020-04-27 13:05:38 +02:00
Adam Galway 0bd43096f1 PRC return tags for del & add, simplified DB call 2020-04-23 17:01:32 +01:00
Tim W 8cff3e0516 add python-reflection to Msf::Util::Exe 2020-04-23 17:47:53 +08:00
William Vu 9633f5daf4 Exploit an LDAP auth bypass to add an admin user 
Thanks to JJ Lehmann and Ofri Ziv of Guardicore Labs for their work.

https://www.guardicore.com/2020/04/pwning-vmware-vcenter-cve-2020-3952/
 2020-04-22 17:38:11 -05:00
William Vu 8b74fd6605 Move discover_base_dn method to mixin 2020-04-22 17:38:11 -05:00
William Vu 88fcf4b9a2 Add and use new LDAP mixin 2020-04-22 17:38:11 -05:00
gwillcox-r7 546333b227 Land #13252, UUID support for OSX x64 reverse_tcp stager 2020-04-22 16:36:10 -05:00
Spencer McIntyre 090cf259ee Add some additional unit testing through rspec 2020-04-22 15:53:59 -04:00
Adam Galway 789b5dec00 adds tag functionality for hosts 2020-04-22 16:47:23 +01:00
Spencer McIntyre 6995a9a775 Add strong and qualified name types for .NET assemblies 2020-04-22 10:38:21 -04:00
Spencer McIntyre 3c4afa805b Cleanup style inconsistencies and update record read logic 2020-04-22 09:18:03 -04:00
Spencer McIntyre c920ca7181 Implement changes from PR feedback 2020-04-21 21:08:05 -04:00
Spencer McIntyre 1615a68abf Land #13263, remove spaces from the Python stager 2020-04-21 12:55:02 -04:00
bwatters-r7 0bbb822fe4 Working through mountpoint issues 2020-04-21 09:54:45 -05:00
Mehmet İnce f174b71549 Recalculate payload cache sizes and update payload format 2020-04-21 16:06:36 +03:00
Alan Foster d43dc330da Land #13298, Fix ExitOnSession usage in to_handler 2020-04-21 13:43:17 +01:00
William Vu c5df5355ac Update my module documentation to the new standard 
Also update CheckModule to match current style and best practices.
 2020-04-20 20:06:52 -05:00
Spencer McIntyre 15b816d14d Fix ExitOnSession usage in to_handler 2020-04-20 20:02:58 -04:00
bwatters-r7 ca148c772e minor import changes searching for bug 2020-04-20 09:32:55 -05:00
gwillcox-r7 129d15b8eb Land #13282, Add Unicode support to search command 2020-04-20 09:29:52 -05:00
cn-kali-team 38176266f9 Check encoding 2020-04-19 09:54:04 +08:00
cn-kali-team c11855f0a0 Check encoding 2020-04-19 09:53:55 +08:00
cn-kali-team cca50b6cfa fix #13150 2020-04-18 13:21:46 +08:00
cn-kali-team 9158e4bb72 fix #13150 2020-04-18 13:19:37 +08:00
bwatters-r7 a8bed1516b Reverse it.... 2020-04-17 16:41:00 -05:00
gwillcox-r7 e5cefbfcf1 Land #13267, Rename tip command to tips 2020-04-17 10:14:38 -05:00
Alan Foster 5e6ce9ff9c Rename tip command to tips 2020-04-17 10:38:26 +01:00
gwillcox-r7 d759fbaed3 Land #13259, Miscellaneous fixes for @wvu's modules and documentation 2020-04-16 22:10:10 -05:00
Alan Foster 6a354fa83d Add additional tips 2020-04-17 00:07:02 +01:00
Mehmet İnce 69b0dd180c Added python stager format without space 2020-04-16 16:21:39 +03:00
Spencer McIntyre 23319489b9 Remove unnecessary logic from ClassWithId 2020-04-15 18:11:45 -04:00
William Vu ebc8a74496 Update lib/msf/core/exploit/cmdstager/http.rb 
Should be clearer now wtf is going on.
 2020-04-15 15:47:51 -05:00
William Vu 6276247bf8 Move Expect mixin to Msf::Exploit::Remote 
I don't think we'll ever see it used beyond remote exploits.
 2020-04-15 15:47:50 -05:00
William Vu 02ba071b84 Punctuate check prints to match CheckCodes 2020-04-15 15:47:50 -05:00
Spencer McIntyre 49580a48ac Refactor exceptions and add more unit testing 2020-04-15 15:13:41 -04:00
Spencer McIntyre e809949089 Add the SOAP formatter 2020-04-15 15:13:41 -04:00
Spencer McIntyre 82dc28e2c4 Use gadget chain classes for identification 2020-04-15 15:13:41 -04:00
Spencer McIntyre 46d5628d79 Add the WindowsIdentity gadget chain 2020-04-15 15:13:41 -04:00
Spencer McIntyre 1799afd5e0 Add gadget chain author credit 2020-04-15 15:13:41 -04:00
Spencer McIntyre dc5bce543e Refactor word and symbol arrays 2020-04-15 15:13:41 -04:00