adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

11360 Commits

Author SHA1 Message Date
Dean Welch c55d4ceda0 Add smb session support to windows_secrets_dump module 2023-12-12 11:59:07 +00:00
Dean Welch 387c90e91e Add smb session support to psexec_ntdsgrab module 2023-12-12 11:59:07 +00:00
Dean Welch 36cc8f6267 Add smb session support to upload_file module 2023-12-12 11:59:07 +00:00
Dean Welch b0d7695e10 Add smb session support to download_file module 2023-12-12 11:59:07 +00:00
Dean Welch 1f91d2eee9 Add smb session support to delete_file module 2023-12-12 11:59:07 +00:00
cgranleese-r7 5f396245f2 Land #18539, Add Smb session type 2023-12-12 11:45:19 +00:00
Jack Heysel 603e5b2bff Land #18569, Add a module to perform ASREP-roasts 
This adds a module to gather credential material from accounts
with Requires Pre-Authentication disabled. The module supports two
mechanisms, Brute Forcing using a list of usernames or using a LDAP
query to request the relevant usernames, followed by requesting TGTs.
 2023-12-11 19:58:06 -05:00
h00die 5b8e7594f2 add cves to snmp modules 2023-12-06 16:52:10 -05:00
Jack Heysel 509ec2c9b5 Land #18591, add ownCloud auxiliary module 
This module can extract sensitive environment variables from
the ownCloud target including ownCloud, DB, Redis, SMTP and
S3 credentials.
 2023-12-05 10:50:57 -05:00
Jack Heysel abfec99735 Added loop with key value pairs 2023-12-04 20:09:56 -05:00
Dean Welch cd8cc75cf3 Add smb session type 2023-12-04 17:55:11 +00:00
dwelch-r7 45c54797ac Land #18581, Add hierarchical search table support 2023-12-04 17:11:00 +00:00
Zach Goldman 3d6ddf769e Land #17667, Update password crackers 2023-12-04 10:45:53 -05:00
h00die 0f7e00d30e owncloud exploit 2023-12-03 15:57:36 -05:00
h00die befc87f9f0 owncloud exploit 2023-12-03 15:45:44 -05:00
h00die ea803063b1 owncloud phpinfo reader 2023-12-03 11:04:38 -05:00
Ashley Donaldson b6dbc81f44 Fixed the pluralisation 2023-12-01 08:03:32 +11:00
adfoster-r7 02c892c3fc Add hierarchical search table support 2023-11-30 16:32:29 +00:00
Ashley Donaldson 25f02ebc7c Better error message in TGT retrieval failure 2023-11-30 17:47:54 +11:00
Ashley Donaldson a0258e3ff6 Nicer pluralisation 2023-11-30 17:43:35 +11:00
Ashley Donaldson 11bcd43562 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-11-30 17:30:59 +11:00
Spencer McIntyre 708c795890 Land #18560, Forging diamond and sapphire tickets 2023-11-28 11:14:15 -05:00
h00die 147aa3df33 fixes 2023-11-28 08:04:49 -05:00
Ashley Donaldson 10e0206b6e Diamond tickets require AES256 2023-11-28 09:38:06 +11:00
Ashley Donaldson 7ab487612c Default to NTLM auth, since plaintext will almost certainly never work 2023-11-27 17:52:12 +11:00
Ashley Donaldson c293c273ba Attempt to decrypt pre-auth kerberos response 2023-11-27 13:09:59 +11:00
Ashley Donaldson 3ca13d9358 Changes from code review. 
Added in the stability/IOC notes, since diamond/sapphire do make requests.
 2023-11-27 10:30:54 +11:00
Ashley Donaldson 622277e960 Added documentation for ASREP module 2023-11-24 08:45:26 +11:00
Ashley Donaldson 2ead152173 Add specific module to perform ASREP-roasting 2023-11-24 07:43:49 +11:00
h00die bba178e87f crack windows 2023-11-21 17:11:15 -05:00
h00die 4bca269e01 doc overhaul 2023-11-21 17:11:15 -05:00
h00die 46909f63bc linux cracker enhancements 2023-11-21 17:11:15 -05:00
h00die 06b6e969e4 better aix crack 2023-11-21 17:11:15 -05:00
h00die aa27b140cf crack aix rewrite 2023-11-21 17:11:15 -05:00
h00die 38313e9962 rubocop 2023-11-21 17:11:15 -05:00
adfoster-r7 5c09c86349 Land #18448, corrected options confict between module and ldap mixin 2023-11-21 13:33:21 +00:00
Ashley Donaldson 45a5c62308 Fix diamond tickets 2023-11-20 10:11:38 +11:00
Spencer McIntyre 69e5caa1a0 Refactor the ghostcat module to use the AJP defs 2023-11-17 12:58:05 -05:00
Ashley Donaldson 5e9ff17e59 Handle NTHASH tickets, including warning users that it's a terrible idea 2023-11-17 19:24:25 +11:00
Ashley Donaldson 4e6a29d0fb Implement sapphire tickets 2023-11-15 22:31:11 +11:00
Ashley Donaldson bdb13601ae Implement diamond tickets 2023-11-15 16:13:01 +11:00
bwatters 77a93e452f Land #18507, Exploit & Auxiliary modules for CVE-2023-20198 and CVE-2023-20273 (Cisco IOS XE) 
Merge branch 'land-18507' into upstream-master
 2023-11-08 09:05:40 -06:00
sfewer-r7 b28668790d allow user to explicitly specify a CLI mode. Valid modes are 'user', 'privileged', and 'global'. 2023-11-06 11:40:22 +00:00
sfewer-r7 10ee87c712 Add an optional CISCO_ADMIN_USERNAME and CISCO_ADMIN_PASSWORD options. If set these admin creds are used to leverage CVE-2023-20273. If not set, then CVE-2023-20198 is used to create a new temp admin account before leveraging CVE-2023-20273 2023-11-06 10:20:07 +00:00
sfewer-r7 a55132b36f strip out "**CLI Line # " from the results and use print_line instead of print_status for cleaner output. 2023-11-03 17:09:08 +00:00
sfewer-r7 c8121ebd8e mention dropping to User EXEC mode via two exit keywords 2023-11-03 16:43:21 +00:00
sfewer-r7 17420289dc Add two auxiliary modules for the recent Cisco IOS XE exploit chain bugs (CVE-2023-20198 and CVE-2023-20273). This allows for unauthenticated remote CLI or OS command execution. 2023-11-03 15:38:35 +00:00
h00die c55290a44a date and link on grafana dir traversal module 2023-11-02 07:43:01 -04:00
Christophe De La Fuente ec3cf74ff3 Land #18492, Add module for Citrix Bleed (CVE-2023-4966) 2023-10-30 17:25:53 +01:00
Spencer McIntyre 6e9facbefb Merge pull request #18419 from smashery/dcsync_kerberos 
DCSync using Kerberos Pass-the-Ticket
 2023-10-30 09:41:22 -04:00