adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

11360 Commits

Author SHA1 Message Date
Spencer McIntyre b146f098a2 Update to use the moved DCERPC definitions 2022-01-31 09:03:07 -05:00
h00die b71f9e7e45 wp_plugin RegistrationMagic sqli 2022-01-30 16:08:06 -05:00
Jake Baines 3371051f11 Switch to using the sqli library 2022-01-30 05:16:01 -08:00
Jake Baines 901adf510f Fixed rubocop issue 2022-01-30 03:54:20 -08:00
Jake Baines 3f719474b2 Merge branch 'grandstream_CVE_2020_5724' of github.com:jbaines-r7/metasploit-framework into grandstream_CVE_2020_5724 2022-01-30 03:48:37 -08:00
Jake Baines 65c296818f Addressed review items 2022-01-30 03:48:31 -08:00
Jake Baines f9c113f63d Addressed various review items 2022-01-30 03:42:15 -08:00
Marek Šuppa c1fefd0856 fix: Missing comma 
* Fix missing comma in a list of useragents
 2022-01-29 00:51:56 +01:00
Spencer McIntyre d46822184f Updates for Log4Shell 2022-01-28 14:56:44 -05:00
Jake Baines 45bd890c2d Update grandstream_ucm62xx_sql_account_guess.rb 
Spelling in the description
 2022-01-22 15:55:30 -05:00
Jake Baines 642b04ca45 Merge branch 'rapid7:master' into grandstream_CVE_2020_5724 2022-01-22 15:38:55 -05:00
Jake Baines e7198f7e20 Module for dumping the users table from Grandstream UCM62xx IP PBX before 1.20.22 2022-01-22 04:10:35 -08:00
Grant Willcox 1186529204 Land #16020, Adding Modbus Service Device ID 0x2B 2022-01-20 12:53:37 -06:00
Grant Willcox 05fe2fadbb Apply RuboCop rules to modbusclient.rb 2022-01-20 12:23:01 -06:00
Grant Willcox 577f5f81b9 Fix up spacing errors and fix a potential OOB reference issue 2022-01-20 12:14:51 -06:00
VanSnitza 899fbfcb85 Update modbusclient.rb 2022-01-20 17:36:02 +01:00
VanSnitza b3fb678055 Update modules/auxiliary/scanner/scada/modbusclient.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-01-20 17:16:24 +01:00
VanSnitza 2f76c602f2 Update modbusclient.rb 2022-01-20 16:37:11 +01:00
VanSnitza 0765b1ffb1 Update modules/auxiliary/scanner/scada/modbusclient.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-01-20 11:42:06 +01:00
Spencer McIntyre c446e83e67 Parse the NTLM Type 1 message 2022-01-18 16:43:10 -05:00
Grant Willcox 50eabd3de0 Add further input validation 2022-01-18 16:43:10 -05:00
Grant Willcox bbc789e91a Apply additional error handling and improve quality of error messages 2022-01-18 16:43:10 -05:00
Alex 9c83c7c2b7 Added error handling to catch malformed NTML hashes 
As mentioned in #15720 with some NTML responses the code crashes, unable to enumerate the domain. To prevent this behavior a try and except block was added, to inform the user about the crash.
 2022-01-18 16:43:10 -05:00
Grant Willcox 8852eaa6b8 Land #16049 - Reference Fixes 2022-01-18 13:46:25 -06:00
shoxxdj 57efcefe82 improve wordpress_scanner module 2022-01-17 11:32:48 +01:00
space-r7 383ada6ae2 Land #16016, fix RHOSTS in dcerpc scanner 2022-01-13 13:15:24 -06:00
Pedro Ribeiro 053fbe2a28 fix cisco advisory links 2022-01-13 18:55:39 +00:00
Pedro Ribeiro ea00da0a03 fix NUUO advisory links 2022-01-13 18:54:56 +00:00
Pedro Ribeiro 09d6b1388c fix kaseya links 2022-01-13 18:47:11 +00:00
Pedro Ribeiro b08e22a153 fix nvrmini reset link 2022-01-13 18:43:41 +00:00
Christophe De La Fuente e10331b22d Land #15656, Allow authenticated user creation in vmware_vcenter_vmdir_auth_bypass 2022-01-13 17:04:12 +01:00
shoxxdj 42142a4ba4 add option to retrieve users from wordpress API 2022-01-13 16:56:23 +01:00
adfoster-r7 6223ee671f Land #16045, fix msftidy error in pihole_domains_api_exec 2022-01-12 16:19:48 +00:00
adfoster-r7 64d97193b3 Land #16043, Fix wordpress scanner crash when scanning themes 2022-01-12 16:16:57 +00:00
Christophe De La Fuente b0743e15d9 Update documentation and fix vulnarable/non-vulnerable status message 2022-01-12 16:51:40 +01:00
space-r7 4065e61951 fix msftidy error in pihole_domains_api_exec 2022-01-12 09:34:15 -06:00
space-r7 199eae5e99 Land #16012, add pi-hole aux module and lib 2022-01-12 09:21:11 -06:00
shoxxdj 372c4782a2 bugfix in files loop 2022-01-12 09:31:38 +01:00
Spencer McIntyre 877bab6f2a Land #15969, Log4j2 HTTP Header Injection Exploit 2022-01-11 16:52:08 -05:00
h00die 43549488fe peer review comments 2022-01-08 15:26:47 -05:00
Spencer McIntyre 9b03d0272a Add check and auto-HTTP_HEADER capabilities 2022-01-07 17:30:39 -05:00
h00die 4df91dd3ec f5 big-ip module and doc updates 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul dfa75c6bca Update some descriptions and output messages 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul dd6768f174 Fix the last style issue 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul b8e7c327cf Update references 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 8e5a977aab Remove redundant characters in the cookie regex 
The metacharacter '\w' already contains numbers and underscores.
 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 32d12385c6 Fix more style issues 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul 5d00c4106d Fix some style issues 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul fd74b260b7 Add myself to the authors 2022-01-07 12:17:43 -05:00
Paul-Emmanuel Raoul da049a4d22 Store the cookie name, pool name and route domain 
The cookie name, pool name and route domain are now stored in the
database as notes since they can contain useful recon information.

See https://github.com/rapid7/metasploit-framework/issues/12187.
 2022-01-07 12:17:43 -05:00