638a1c8f78
Prevent double-delimiter situations in general
2022-11-25 15:32:55 +11:00
ed954eec0c
Bump version of framework to 6.2.29
2022-11-24 12:09:06 -06:00
e981dde15f
Move the mcp-objects out of the class and into a data/ file (per Jeffrey's request)
2022-11-23 12:49:00 -08:00
3805a79079
Add support for Exchange Data Access Group (DAG)
...
This updates the HttpSsrf class to retry requests to the Powershell
backend when they fail because they were routed to a new server. Now
when the transport is initialized, it will store the backend used by the
first successful request.
2022-11-23 15:37:58 -05:00
45391b1714
Land #17279 , ducky-script format for msfvenom
...
ducky-script format for msfvenom (flipper zero compatible)
2022-11-23 09:05:57 -05:00
d32df1d3dc
Fix linux reverse_tcp_x64 rdx register value
2022-11-23 19:36:37 +08:00
2265370c5f
Land #17288 , Add #bit_names to MsDtypAccessMask
...
Support for Windows Access mask to MsDtypAccessMask
2022-11-22 09:01:16 -05:00
28157b677b
Support for Access Mask in MsDtypAccess
2022-11-22 04:50:54 -05:00
637ad5f809
make ducky more psh friendly
2022-11-21 17:55:48 -05:00
a05cbdbc30
Impreve error handling
2022-11-20 12:09:05 +01:00
40f97995f8
review comment
2022-11-19 10:37:36 -05:00
f12c660652
review comments
2022-11-19 10:37:36 -05:00
9a19c4411d
wrap up module additions
2022-11-19 10:37:36 -05:00
dff9b35d56
add database stuff to vcenter post module
2022-11-19 10:37:36 -05:00
34d191b06c
Added Ruby serialized payload generator
2022-11-19 15:20:49 +01:00
f1b97de78d
Added Gitlab mixin
2022-11-19 15:19:29 +01:00
29b7fa5336
ducky_script format for msfvenom
2022-11-18 17:02:52 -05:00
29d57dde66
Consolidate into ProxyMaybeShell
2022-11-18 17:01:01 -05:00
7dcf65d7c3
Fix python reverse http stager crash
2022-11-18 14:32:36 +00:00
39da40e4b5
Bump version of framework to 6.2.28
2022-11-17 12:21:32 -06:00
f4a65a220a
Support ON_BEHALF_OF in icpr_cert
...
Add the code necessary to request certificates on behalf of other users.
This is necessary to exploit templates vulnerable to ESC2 and ESC3.
2022-11-17 12:12:35 -05:00
d1a7170020
Land #17021 , Gitea Git fetch RCE module - CVE-2022-30781
2022-11-17 12:28:29 +01:00
944fd07502
Add three post-modules and a mixin for communicating with F5's MCP
2022-11-16 12:09:58 -08:00
b4f285d9b2
Land #17243 , Improve railgun tlv packet logging
...
Improve tlv packet logging for railgun
2022-11-16 09:26:07 -05:00
fa125e1943
Land #17261 , Fix Port Forwarding For Ruby 3
2022-11-15 08:27:00 -06:00
2459371a47
Print the portfwd relay more descriptively
...
Closes #17158
This updates the output of the portfwd command to show if it's a forward
(normal) portforward or if it's a reverse port forward where the
compromised host is the one listening.
2022-11-15 08:50:23 -05:00
218e8c2d0c
Fix a Ruby 3 syntax issue
...
Closes #17124
This fixes a Ruby 3 syntax issue in how the parameters are passed. The
issue caused TcpServerChannels to fail to enqueue new client
connections.
2022-11-14 17:01:51 -05:00
eff9a16e00
Use the access mask data type
...
Also switch from bit16 to uint16 so it's little endian.
2022-11-14 12:27:38 -05:00
ef28a963bf
Adds error handling for users who do not have git available on their machine
2022-11-11 13:33:39 +00:00
bcf8c96128
Bump version of framework to 6.2.27
2022-11-10 12:17:58 -06:00
02e35a1754
Land #17244 , Fix an error when a hostname fails to resolve
2022-11-10 11:07:58 -06:00
7fa29c4345
Don't bother with the address type
...
The address is returned in the packed format so it's always a string of
either length 0 (resolution failed), length 4 (IPv4) or length 16
(IPv6).
Anything else is invalid and will actually cause Rex::Socket.addr_ntoa
to throw an error. All meterpreters today return the IP address in one
of those three correct lengths.
2022-11-10 11:13:30 -05:00
0be10c5a33
Update code to use .blank? to simplify logic, and to also strip multiple trailing :'s. Update specs accordingly.
2022-11-09 13:00:34 -06:00
8efc6c5304
Land #17103 , Consolidate KdcOptionFlags and TicketFlags
2022-11-09 17:27:17 +00:00
7c2134d941
Consolidate KdcOptionFlags and TicketFlags
2022-11-09 17:08:26 +00:00
65f6aaca82
Land #17077 , Add support for AES keys for silver/golden ticket forging
2022-11-09 16:51:11 +00:00
f7b37a533f
fix: Handle search terms ending in colons.
2022-11-09 09:58:22 -06:00
83b3bfa19c
Fix an error when a hostname fails to resolve
2022-11-09 08:49:19 -05:00
23ff829e52
Add support for AES keys for silver/golden ticket forging
2022-11-09 13:01:13 +00:00
db3d8f1bbc
Improve tlv packet logging for railgun
2022-11-09 11:31:27 +00:00
645a1c25a3
Update method documentation and indentation
2022-11-09 16:27:31 +07:00
13bb31feeb
Update module
...
- move repository migration to execute_command.
NOTE: the stageless payload is still unsuccessfull but keep this anyway for christophe to review.
2022-11-09 04:52:18 +07:00
37fd441b0f
Land #17117 , Authenticate to Kerberos with PKINIT
2022-11-08 18:54:03 +01:00
a50cca27e6
remove cookie_jar manipulation
2022-11-09 00:48:23 +07:00
52d867bbc7
follow Ruby coding convetions
...
- combine gitea_version into get_gitea_version for the check method
- validate empty username
2022-11-09 00:41:30 +07:00
be1200401a
Land #17223 , Improves the reload_lib -a commands ability to track modified files
2022-11-08 11:35:20 -06:00
c980f4f9ee
add more custom error exception
2022-11-09 00:27:12 +07:00
e70861fc87
Land #17239 , Fix broken kerberos login module
2022-11-08 11:21:17 -05:00
30fe07801b
Fix broken kerberos login module
2022-11-08 15:49:21 +00:00
65e4e1b76d
Land #17221 , Fix crash with payload sizes
...
Fix crash when generating payload sizes
2022-11-08 10:26:27 -05:00
Ashley Donaldson