adbe6070ab
PR feedback
2021-10-21 11:02:09 +01:00
c0ba4bd619
Add kubernetes enum module
2021-10-21 11:01:25 +01:00
2a6f19f0f4
Final lintify
2021-10-21 10:24:00 +02:00
095c02d363
Include CVE-2021-31807 proof-of-concept. Also remove excessive HTTP
...
headers where possible.
2021-10-20 21:01:48 +02:00
94fd173e8e
Update module docs, report the vuln
2021-10-19 16:40:24 -04:00
0213efe588
Use Metasploit's HTTP server to trigger the DoS
2021-10-19 15:06:02 -04:00
d42e119b8f
Minor updates
2021-10-19 12:14:01 -04:00
efcab13785
Add PROPFIND internal ip discovering, fix module, rubocop module, update documentation
2021-10-19 11:56:36 -04:00
165acca028
wp_automatic_plugin
2021-10-17 13:04:38 -04:00
d390535866
bulletproofsecurity info disclosure
2021-10-12 18:43:41 -04:00
f94e2cc513
Switch to using RHOST to avoid default RHOSTS resolving to 8 IPs
2021-10-11 16:16:29 -04:00
60b2b0f009
update modules and docs
2021-10-10 17:01:15 +04:00
256b4edf78
update modules to CVE-2021-42013
2021-10-08 15:22:47 +04:00
5fcc268c78
merge work from @RootUp PR
2021-10-07 23:36:17 +04:00
c58dd6bfd1
Use HttpClient in place of sockets. Lintify.
2021-10-07 19:04:46 +02:00
ec88c088d1
Fix some of the requested changes
2021-10-07 11:14:46 -04:00
e32d112c8f
Rewrite module in ruby
2021-10-07 10:33:05 -04:00
eb10f2ac1f
Fix typo in ruby script. Add documentation .md file.
2021-10-07 14:01:00 +02:00
1db96ad985
Add notes.
2021-10-07 13:57:11 +02:00
fac5f0c987
Add PoC for CVE-2021-31806 Squid DoS Attack
2021-10-07 13:29:56 +02:00
15f25095c5
add notes
2021-10-07 00:04:28 +04:00
9a58750969
Update some references
2021-10-06 13:48:26 -04:00
1d0c8cdc0c
Add Azure AD Login Module
2021-10-06 13:34:46 -04:00
89515736d4
add. apache CVE-2021-41773 RCE
2021-10-06 21:00:59 +04:00
43d77d63ce
ghostcat meta updates
2021-10-03 16:30:12 -04:00
845ea16e5f
Land #15729 , Add nil check for return value
2021-10-01 18:11:51 -04:00
c1c71d34fe
add nil check for the return value of add_printer_driver_ex, since this will return nil if the response can't be mapped to a win32 status code
2021-09-30 19:28:00 -04:00
0873d4db19
Fix #15717 , replacing 'RHOSTS' with 'rhost'
...
As seen in the json file the `RHOSTS` parameter, which is set in Metasploit, is passed as `rhost` to the python script. Therefore `RHOSTS` is not a valid index in the `args` json file, causing the python script to crash as seen in #15717 .
`{
"WORKSPACE":"",
"VERBOSE":"false",
"THREADS":"1",
"ShowProgress":"true",
"ShowProgressPercent":"10",
"targeturi":"/RDWeb/Pages/en-US/login.aspx",
"rport":"443",
"domain":"",
"username":"********",
"password":"",
"timeout":"1250",
"enum_domain":"true",
"verify_service":"true",
"user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0",
"UNPARSED_RHOSTS":"***.***.***.***",
"**rhost**":"***.***.***.***"
}`
2021-09-29 15:49:09 +02:00
b7f7c30f2b
Land #15594 , a wordpress scanner enhancement
...
This adds options to the wordpress scanner to allow the user
to only scan for plugins or themes that metasploit has
modules for.
2021-09-24 15:51:07 -04:00
756fac4921
Land #15677 , add Netgear auth bypass
2021-09-24 14:44:34 -05:00
3b12461e9e
Merge branch 'master' into feat/db-skip
2021-09-24 12:01:30 -04:00
6ed3462517
Add in public data for stolen wifi credentials and cleanup code for the file we have to write for the telnet auxiliary module to work
2021-09-24 10:44:10 -05:00
9deffb1848
Fix up a bug and resolve Christophe's review comments
2021-09-23 16:45:15 -05:00
061240367d
Push up changes to support saving WiFi credentials captured to the database, as well as to fix issues noticed during the review process
2021-09-23 13:31:27 -05:00
2ac4c71537
Add 'keep_cookies' => 'true' to requests so that we don't have to juggle cookies. Also make file write binary to comply with RuboCop
2021-09-22 17:02:24 -05:00
1ca075fb4f
Fix up RuboCop issues
2021-09-22 14:06:06 -05:00
d4474b0706
Add in refined XPATH searches to module, ability to automatically get a session, improved error handling, documenation for module, and general improvements
2021-09-22 14:01:49 -05:00
cd0e0e4fb4
Land #15697 , NTLM parsing refactor
2021-09-22 10:57:28 -04:00
0279c572a1
Fixed rubocop warnings in ntlm_info_enumeration module
2021-09-22 15:44:19 +10:00
5fda1d40f3
Refactored NTLM parsing to use the rubyntlm library
2021-09-22 15:37:22 +10:00
bd6bfd7d70
Fixed rubocop warnings for the modified module
2021-09-22 15:05:53 +10:00
2349393ef0
Display computer information gleaned from NTLM handshake in RDP.
2021-09-22 12:09:19 +10:00
ca6f957de0
Land #15632 , Winrm improvements
2021-09-21 16:43:24 -04:00
9d8193150f
Allow running a shell command separately to the currently interactive shell
2021-09-21 19:12:49 +10:00
4181602047
Even more RuboCop changes, this time to add in the Notes section
2021-09-16 17:25:27 -05:00
91d0a6cc55
Re-auth after the session times out
...
This seems to happen after 8 hours. WinRM doesn't like having bodies
in the authentication requests, so we force the HTTP client to send
an empty one first
2021-09-17 07:32:18 +10:00
72df696d4e
Add in method to enable telnet, further cleanup for Rubocop
2021-09-16 16:11:19 -05:00
381f561f24
Use vars_get in send_request_cgi to be more proper and comply with Rubocop rules
2021-09-16 14:51:23 -05:00
f9c683132c
Improve the password reporting code to use more updated function create_credential_login instead
2021-09-16 13:03:29 -05:00
e9bd10faef
Fix up broken module and RuboCop errors so we actually have functional code
2021-09-16 12:40:58 -05:00
adfoster-r7