adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

11360 Commits

Author SHA1 Message Date
Redouane NIBOUCHA 4b008d6ea8 revert the identify_hash line 2022-12-05 14:17:39 -06:00
Redouane NIBOUCHA 41edc92d5d Update wp_bookingpress_category_services_sqli to use the SQLi library 2022-12-05 14:17:31 -06:00
Grant Willcox 1fec75621c Fix up documentation from review 2022-12-05 14:04:22 -06:00
Jack Heysel f29b4fad75 Add Gather Module for WP BookingPress Plugin SQLi (CVE-2022-0739) 2022-12-05 14:04:03 -06:00
Dean Welch 405271a52f Add pac BinData Model 2022-12-05 14:03:21 +00:00
Christophe De La Fuente 6e7d4edf02 Land #16990, Syncovery for Linux - Login brute-force utility 2022-12-05 14:39:29 +01:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
RadioLogic a3c82246a7 Added archer c7 traversal exploit 2022-12-03 20:03:11 -05:00
Christophe De La Fuente c6f8bae1ab Fix from code review and updates the KrbUseCachedCredentials logic 2022-12-02 15:28:08 +01:00
Christophe De La Fuente cc61a26668 Add S4U2Self and S4U2Proxy support to impersonate a user 2022-12-01 20:42:13 +01:00
Ashley Donaldson 5fce80ed1d Added comments to most functions 2022-11-30 11:53:57 +11:00
Ashley Donaldson 3a93fcb404 Rubocop'd 2022-11-30 11:32:23 +11:00
Ashley Donaldson 97aef31180 Removed vestigial code while we're at it 2022-11-30 11:31:27 +11:00
Ashley Donaldson 1231eefe55 Fixed WQL module while I'm at it 2022-11-30 10:26:19 +11:00
adfoster-r7 34d1b5b37e Fix crash in kerberos get ticket module 2022-11-29 10:17:21 +00:00
Jack Heysel 5d3cfa69b8 Land #17210, add ParseError rescue to snmp modules 
snmp_enum, snmp_enumshares and snmp_enumusers now rescue
SNMP ParseErrors
 2022-11-28 15:37:02 -05:00
Spencer McIntyre abe0549db6 Land #17226, Module to request TGT/TGS tickets 
Module to request TGT/TGS Kerberos tickets from the KDC
 2022-11-28 11:59:17 -05:00
omer citak 9aa1a84b3a added target uri in to "Authorization not requested" error message 2022-11-27 15:35:34 +03:00
RadioLogic 6d676e9ac5 Added vsftpd dos module 2022-11-26 16:00:01 -05:00
bwatters 20e1788d97 Land #17145, Add hashes option and better error handling to wmiexec 
Merge branch 'land-17145' into upstream-master
 2022-11-18 10:16:33 -06:00
Christophe De La Fuente 5280580c08 Fixes from code review 2022-11-18 11:02:32 +01:00
Spencer McIntyre f4a65a220a Support ON_BEHALF_OF in icpr_cert 
Add the code necessary to request certificates on behalf of other users.
This is necessary to exploit templates vulnerable to ESC2 and ESC3.
 2022-11-17 12:12:35 -05:00
Spencer McIntyre eff9a16e00 Use the access mask data type 
Also switch from bit16 to uint16 so it's little endian.
 2022-11-14 12:27:38 -05:00
adfoster-r7 65f6aaca82 Land #17077, Add support for AES keys for silver/golden ticket forging 2022-11-09 16:51:11 +00:00
Dean Welch 23ff829e52 Add support for AES keys for silver/golden ticket forging 2022-11-09 13:01:13 +00:00
Christophe De La Fuente 37fd441b0f Land #17117, Authenticate to Kerberos with PKINIT 2022-11-08 18:54:03 +01:00
adfoster-r7 f84113d96e Land #17235, report service_name in ManageEngineDesktopCentral 2022-11-07 23:57:09 +00:00
Grant Willcox 416cf78ae2 Land #17149, Update ssl_version module to be useful 2022-11-07 15:59:50 -06:00
Jeffrey Martin 27e9d9d272 report service_name in ManageEngineDesktopCentral 
The scanner now reports the service_name in the `Result` object.
 2022-11-07 12:23:59 -06:00
Spencer McIntyre c1d092b70d Minor tweaks 
Filter out enrollable certs by default and print the warning higher. Add
periods to all messages for consistency. Drop the message from
vprint_good to vprint_status when the query works.
 2022-11-07 10:37:12 -05:00
Dean Welch ee46d18505 Add yard docs and address review comments 2022-11-07 12:10:01 +00:00
Dean Welch a110465fe4 Add module for converting kerberos ticket formats 2022-11-07 12:10:01 +00:00
h00die cf0910d831 review comments 2022-11-05 07:23:14 -04:00
Grant Willcox 79ac775443 Perform updates from code review. 2022-11-04 15:44:28 -05:00
Grant Willcox 6a70087b7a Add in ESC2 and ESC3 attacks, rework code to split things up to support multiple ESC attacks, and make ESC attack filters easier to read by indenting them. Also remove some extra code that wasn't being used 2022-11-04 15:44:24 -05:00
Grant Willcox 8922e5b203 Add in first initial implementation of ESC module and updates to associated libraries. 2022-11-04 15:43:34 -05:00
Christophe De La Fuente eb051ec9a7 Add get_ticket module 2022-11-04 18:46:47 +01:00
ErikWynter 0065cff169 add rescuing for SNMP::ParseError to snmp enum modules 2022-11-03 12:04:33 +02:00
adfoster-r7 e647bf8620 Namespace krb5 models 2022-11-02 13:04:52 +00:00
adfoster-r7 1307f01b76 Align with keytab instead of key_tab 2022-11-02 13:04:51 +00:00
adfoster-r7 98d2633859 Add Kerberos ktutil module 2022-11-02 13:04:50 +00:00
h00die c6a8db2c55 review revisions 2022-10-31 22:43:09 -05:00
h00die 39393be901 refinements on ca issuers regex 2022-10-31 22:43:03 -05:00
h00die 1922f24686 ssl_version review comments 2022-10-31 22:43:03 -05:00
Grant Willcox 2b481dce90 Remove auxiliary/scanner/http/ssl.rb and also update the module with some comment like documentation n minor fixes 2022-10-31 22:43:02 -05:00
h00die 189e530c91 updated ssl_version 2022-10-31 22:42:40 -05:00
adfoster-r7 7774b7ddcf Merge remote-tracking branch 'upstream/master' into merge-6.2.25-master-into-kerberos-feature-branch 2022-10-31 23:15:11 +00:00
Spencer McIntyre 52197f544f Print the added account SID 2022-10-31 10:56:17 -04:00
Spencer McIntyre b00f706c0b Handle missing accounts when resolving SIDs 2022-10-31 10:56:17 -04:00
Spencer McIntyre af9e4f0fa9 Update how sAMAccountName is looked up. 
This tweaks how the objects are looked up by the sAMAccountName field.
The sAMAccountName can contain values not ending in $, so lookup what the
user specified first, and then check with the $ suffix if it's not
found.
 2022-10-31 10:56:17 -04:00