adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

20644 Commits

Author SHA1 Message Date
h00die b654275ec4 add saltstack lib 2023-12-23 13:52:52 -05:00
Metasploit d461187d58 Bump version of framework to 6.3.49 2023-12-21 12:07:52 -06:00
Jack Heysel e3062d45e0 Module working docs updated 2023-12-20 16:41:52 -05:00
Spencer McIntyre a4d602669b Land #18623, Add File.expand_path to generate -o 
Add File.expand_path to fix no such file error
 2023-12-18 14:26:00 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
Jack Heysel 5d5ccd25e1 Removed unnecssary files 2023-12-15 10:46:23 -05:00
Simon Janusz b019b2ff89 Land #18619, Fix crash when running the favorites command 2023-12-15 11:35:53 +00:00
adfoster-r7 742148511a Update favorites command to support hierarchical search output 2023-12-15 10:15:14 +00:00
Metasploit e3810a4db6 Bump version of framework to 6.3.48 2023-12-14 12:08:41 -06:00
jheysel-r7 ef178298b2 Update lib/msf/core/exploit/remote/http/atlassian/confluence/version.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-12-14 11:55:30 -05:00
adfoster-r7 5852077d84 Land #18614, Fix net-ssh lib now requiring ssh key type 2023-12-14 13:12:10 +00:00
sjanusz-r7 ff6db7f337 Enable Metasploit Payloads file warning messages by default 2023-12-14 12:55:43 +00:00
Spencer McIntyre 0f4644df9e Land #18609, Fix empty download_exec payload 
Fix empty cmd/windows/powershell/download_exec payload

Closes #18607
 2023-12-13 15:56:44 -05:00
sjanusz-r7 560f668906 Fix net-ssh lib now requiring ssh key type 2023-12-12 14:22:06 +00:00
Dean Welch 7e88279299 Add smb session support to scanner modules 2023-12-12 11:59:07 +00:00
Dean Welch cf24bca946 Add smb session support to smb_relay module 2023-12-12 11:59:07 +00:00
Dean Welch 1f91d2eee9 Add smb session support to delete_file module 2023-12-12 11:59:07 +00:00
cgranleese-r7 5f396245f2 Land #18539, Add Smb session type 2023-12-12 11:45:19 +00:00
Dean Welch fb815f5faf Code review changes 2023-12-12 10:46:40 +00:00
Jack Heysel 603e5b2bff Land #18569, Add a module to perform ASREP-roasts 
This adds a module to gather credential material from accounts
with Requires Pre-Authentication disabled. The module supports two
mechanisms, Brute Forcing using a list of usernames or using a LDAP
query to request the relevant usernames, followed by requesting TGTs.
 2023-12-11 19:58:06 -05:00
Jack Heysel 862194d63f Documentation and rubocop changes 2023-12-11 19:01:35 -05:00
Jack Heysel 16dd06bbac Added payload plugin mixin 2023-12-11 18:24:13 -05:00
Corey 64108de524 Add expand_path 2023-12-11 16:43:01 -05:00
Simon Janusz d93e1fb446 Land #18606, Update to rpc_plugin to use HashWithIndifferentAccess 2023-12-11 17:32:15 +00:00
adfoster-r7 a28e9fb841 Fix empty cmd/windows/powershell/download_exec payload 2023-12-08 01:00:45 +00:00
Jack Heysel 3bad98afc6 Land #18488, add kerberos_tickets post module 
Adds a module to manage kerberos tickets from a compromised
host. This PR also includes rail gun enhancements.
 2023-12-07 19:12:48 -05:00
Metasploit 62b47afee1 Bump version of framework to 6.3.47 2023-12-07 12:07:47 -06:00
Lore 479190acf6 Update to HashWithIndifferentAccess 2023-12-07 09:23:13 -06:00
Dean Welch 0cd90259fc Fix issue where session was required for modules that support smb sessions 2023-12-06 13:41:44 +00:00
Jack Heysel 9f126a4d24 Land #18446, Make DomainControllerRhost optional 
This PR makes the DomainControllerRhosts option optional,
even when auth is set to kerberos. This change requires
rapid7/rex-socket#64 which was released in the rex-socket 1.5.5 gem.
 2023-12-05 17:47:45 -05:00
Spencer McIntyre f000c39b4a Update to mark DomainControllerRhost as optional 2023-12-05 16:23:35 -05:00
Dean Welch 82b9fda14e Get address/port from socket rather than the smb client 2023-12-05 14:14:03 +00:00
Zach Goldman 56afed78ff fix optenum, add documentation, fix issue with unset values 2023-12-04 18:03:28 -06:00
Dean Welch 232643f426 Validate session exists if provided 2023-12-04 17:55:15 +00:00
Dean Welch aee99ee52a Don't report unknown session arch/platform unless module has a specified arch/platform 2023-12-04 17:55:15 +00:00
Dean Welch 3c16ec2ad8 Fix session validation when smb sessions are disabled 2023-12-04 17:55:15 +00:00
Dean Welch 152056b001 DRY up post mixin/optional session 2023-12-04 17:55:15 +00:00
Dean Welch 25b34101f1 use session instead of client 2023-12-04 17:55:15 +00:00
Dean Welch 4026d99d0f Add smb session tests 2023-12-04 17:55:15 +00:00
Dean Welch cc8fdc0427 Add alias for run_simple to exploit_simple 2023-12-04 17:55:15 +00:00
Dean Welch cd8cc75cf3 Add smb session type 2023-12-04 17:55:11 +00:00
adfoster-r7 2d24087bd7 Add additional feature flag developer notes 2023-12-04 17:18:43 +00:00
dwelch-r7 45c54797ac Land #18581, Add hierarchical search table support 2023-12-04 17:11:00 +00:00
Zach Goldman 3d6ddf769e Land #17667, Update password crackers 2023-12-04 10:45:53 -05:00
Metasploit 456eecdc52 Bump version of framework to 6.3.46 2023-11-30 12:04:41 -06:00
Simon Janusz b900964d06 Land #18580, Allow external modules to specify default options 2023-11-30 17:36:20 +00:00
adfoster-r7 02c892c3fc Add hierarchical search table support 2023-11-30 16:32:29 +00:00
adfoster-r7 15bf3cb472 Land #18571, add clearer RHOST error messages 2023-11-30 14:09:12 +00:00
adfoster-r7 6f1fa8daff Allow external modules to specify default options 2023-11-28 22:29:36 +00:00
Jack Heysel e6321e46c4 Land #18565, Add kerberos cache TGT lookup logic 
This PR adds an enhancement to adjust the cache lookup logic.
If no TGT for the specific host is found, it will try again but
with any host.
 2023-11-28 12:00:48 -05:00