adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1900 Commits

Author SHA1 Message Date
Christophe De La Fuente ba75b3bb3f Land #18716, gitlab password reset account takeover (CVE-2023-7028) 2024-03-07 14:40:29 +01:00
sjanusz-r7 1667da7b07 Use HTTPS link for postgres_sql reference 2024-03-05 17:49:13 +00:00
sjanusz-r7 3c8f43e23e Align SQL sessions peerhost and peerport 2024-03-04 13:11:32 +00:00
adfoster-r7 76166c0d14 Update SAMR computer and ICPR cert to support SMB sessions 2024-03-01 17:53:58 +00:00
Spencer McIntyre fefc3cb73c Show names for issuance policy OIDs 2024-02-26 17:28:31 -05:00
Spencer McIntyre 257ec484c7 Show names for x509 OID constants 2024-02-22 17:36:30 -05:00
cgranleese-r7 de17261926 Removes session types from module with session type mixin 2024-02-19 10:34:16 +00:00
Dean Welch fa5c4c0193 lowercase session types 2024-02-14 15:45:34 +00:00
Dean Welch 0d4e1ed755 Use mssql option session mixin with mssql modules 2024-02-14 15:37:11 +00:00
Dean Welch 587a8690a1 Use individual session mixins 2024-02-14 15:37:11 +00:00
Dean Welch 08872d0211 Add session type to info hash in the mixin 2024-02-14 15:37:11 +00:00
Dean Welch 0f319bdfb9 Extract SMB and PostgreSQL optional sessions into their own mixins 2024-02-14 15:37:11 +00:00
Zach Goldman d18520adc6 update rhost and rport calls 2024-02-13 13:00:38 -06:00
Zach Goldman c05c6773df adjust session logic in modules 2024-02-13 11:59:09 -06:00
Zach Goldman 94223f05fc update relevant modules to work with sessions 
separate out optional session logic

fixing session handling
 2024-02-09 13:18:49 -06:00
sjanusz-r7 30fc29e0f5 Use PostgreSQL session type for modules 2024-02-09 15:38:06 +00:00
adfoster-r7 9caa2fac17 Land #18747, Add new mssql session type 2024-02-09 15:27:43 +00:00
Zach Goldman 2c60780dc0 Add MSSQL session Type 2024-02-09 07:27:01 -06:00
cgranleese-r7 b060809a8d Addresses logoff PR feedback 2024-02-07 12:51:04 +00:00
cgranleese-r7 e80f0ef8cd Removes session logic from mixins and uses client instead of datastore for rhost and rport 2024-02-06 14:11:16 +00:00
cgranleese-r7 ae1cb57dc3 Updates MySQL modules to now support the new MySQL session type 2024-02-02 14:59:56 +00:00
Zach Goldman 35778e92b2 client consolidation 
convert first module from remote to client

move client to rex

remove metasploit mixin
 2024-02-01 17:23:55 -06:00
h00die 779da83d59 gitlab password reset account takeoever review 2024-01-27 07:44:11 -05:00
h00die e6c4195ad3 gitlab password reset account takeoever review 2024-01-27 07:42:25 -05:00
h00die 482d2b28b1 gitlab password reset account takeoever 2024-01-18 16:19:26 -05:00
adfoster-r7 1ba704b1cb Land #18398, Update deprecated report_auth_info in various modules 2024-01-16 19:30:56 +00:00
adfoster-r7 0075212fa9 Land #18596, Update smb modules to work with smb sessions 2024-01-15 12:07:07 +00:00
adfoster-r7 75c2de8c3d Revert spelling correction 2024-01-08 10:51:35 +00:00
h00die 8beb6255cb fix spelling in aux modules 2024-01-07 15:02:53 -05:00
Gaurav Jain a58f7f0558 Minor fixes to modules to use report_cred 2023-12-16 23:40:30 +05:30
Dean Welch 387c90e91e Add smb session support to psexec_ntdsgrab module 2023-12-12 11:59:07 +00:00
Dean Welch 36cc8f6267 Add smb session support to upload_file module 2023-12-12 11:59:07 +00:00
Dean Welch b0d7695e10 Add smb session support to download_file module 2023-12-12 11:59:07 +00:00
Dean Welch 1f91d2eee9 Add smb session support to delete_file module 2023-12-12 11:59:07 +00:00
adfoster-r7 02c892c3fc Add hierarchical search table support 2023-11-30 16:32:29 +00:00
Spencer McIntyre 708c795890 Land #18560, Forging diamond and sapphire tickets 2023-11-28 11:14:15 -05:00
Ashley Donaldson 10e0206b6e Diamond tickets require AES256 2023-11-28 09:38:06 +11:00
Ashley Donaldson c293c273ba Attempt to decrypt pre-auth kerberos response 2023-11-27 13:09:59 +11:00
Ashley Donaldson 3ca13d9358 Changes from code review. 
Added in the stability/IOC notes, since diamond/sapphire do make requests.
 2023-11-27 10:30:54 +11:00
adfoster-r7 5c09c86349 Land #18448, corrected options confict between module and ldap mixin 2023-11-21 13:33:21 +00:00
Ashley Donaldson 45a5c62308 Fix diamond tickets 2023-11-20 10:11:38 +11:00
Spencer McIntyre 69e5caa1a0 Refactor the ghostcat module to use the AJP defs 2023-11-17 12:58:05 -05:00
Ashley Donaldson 5e9ff17e59 Handle NTHASH tickets, including warning users that it's a terrible idea 2023-11-17 19:24:25 +11:00
Ashley Donaldson 4e6a29d0fb Implement sapphire tickets 2023-11-15 22:31:11 +11:00
Ashley Donaldson bdb13601ae Implement diamond tickets 2023-11-15 16:13:01 +11:00
sfewer-r7 b28668790d allow user to explicitly specify a CLI mode. Valid modes are 'user', 'privileged', and 'global'. 2023-11-06 11:40:22 +00:00
sfewer-r7 10ee87c712 Add an optional CISCO_ADMIN_USERNAME and CISCO_ADMIN_PASSWORD options. If set these admin creds are used to leverage CVE-2023-20273. If not set, then CVE-2023-20198 is used to create a new temp admin account before leveraging CVE-2023-20273 2023-11-06 10:20:07 +00:00
sfewer-r7 a55132b36f strip out "**CLI Line # " from the results and use print_line instead of print_status for cleaner output. 2023-11-03 17:09:08 +00:00
sfewer-r7 c8121ebd8e mention dropping to User EXEC mode via two exit keywords 2023-11-03 16:43:21 +00:00
sfewer-r7 17420289dc Add two auxiliary modules for the recent Cisco IOS XE exploit chain bugs (CVE-2023-20198 and CVE-2023-20273). This allows for unauthenticated remote CLI or OS command execution. 2023-11-03 15:38:35 +00:00