adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

7658 Commits

Author SHA1 Message Date
RAMELLA Sébastien 3ab06461af fix. second review 2022-06-02 00:58:20 +04:00
RAMELLA Sébastien dd1814903c fix. SRVHOST default value 2022-06-02 00:07:15 +04:00
RAMELLA Sébastien 8c19a02835 fix. first review 2022-06-01 20:15:08 +04:00
RAMELLA Sébastien 7f89e92da3 add more informations about 2022-05-31 00:12:30 +04:00
RAMELLA Sébastien 97921b4ed9 fix chmod 644 2022-05-30 22:11:35 +04:00
RAMELLA Sébastien dfc226cf5f add. Supposed 0day MSWord RCE 2022-05-30 21:23:18 +04:00
Spencer McIntyre 5f5444936f Land #16488, Windows Task Scheduler Mixin 2022-05-25 12:37:03 -04:00
Christophe De La Fuente 52a8191821 Fix vss_persistence module and remove Windows 7 target 2022-05-25 13:11:34 +02:00
Spencer McIntyre 1524020643 Use moved_from to deprecate the module 2022-05-24 09:16:30 -04:00
Christophe De La Fuente 5fd18ef864 Fixes from review 2022-05-19 14:54:07 +02:00
Christophe De La Fuente 7992cb2072 Update vss_persistenceand persistence_exe modules to includes 
changes in `TaskScheduler` mixin
 2022-05-17 14:52:47 +02:00
Christophe De La Fuente 14cd7bc335 Add task scheduler mixin and update persistence_exe and vss_persistence modules 2022-05-17 14:52:47 +02:00
Spencer McIntyre 02e7a65b93 Just move the auxiliary module into an exploit 2022-05-16 17:44:31 -04:00
Spencer McIntyre d278ad9be1 Add the printnightmare exploit 2022-05-16 14:56:46 -04:00
Spencer McIntyre 19a9ff1198 Update a couple of modules for the new SMB server 2022-05-16 14:39:45 -04:00
Spencer McIntyre b79b550d6c Centralize the log adapter 
This should eventually be updated to map the levels to the framework
logger and appropriate module-print_* function.
 2022-05-16 14:39:45 -04:00
Spencer McIntyre 475f6eee8c Capture hash when serving files over SMB 2022-05-16 14:39:44 -04:00
Grant Willcox b920c04b75 Land #16548, Add Powershell Command Adapter 2022-05-10 16:47:57 -05:00
Spencer McIntyre dd5aee4956 Increase the size of psexec commands 2022-05-09 11:55:57 -04:00
Jeff McJunkin d1034c8b57 s4u_persistence.rb: Allow all post-Vista builds 
Currently this module doesn't account for Server builds 2016 and above, nor Windows 10 builds. This PR fixes the `sysinfo` comparison to allow later builds.

Note: Many other modules have this problem, and it's probably worth Rapid7 staff time to standardize the usage of build comparisons inside modules.
 2022-04-21 15:33:42 -07:00
Spencer McIntyre 8e2bd3c5a9 Land #16475, ManageEngine ADSelfService Plus RCE 2022-04-20 15:22:36 -04:00
Spencer McIntyre bf1f786813 Title case the target name 2022-04-20 15:22:07 -04:00
Jake Baines aba48a6905 Improve JSON cleanup, fix jjs specific wording, and moved JJS_PATH to defaultoptions 2022-04-20 06:27:43 -07:00
Jack Heysel 4417a335ff Land #16379, Make SSH defaults widely used 
Refactored a number of modules to use ssh_client_defaults
 2022-04-19 22:08:45 -07:00
Brendan Coles 94ed9ae28b Modules: Prefer CVE references over cve.mitre.org URL references 2022-04-19 20:42:23 +00:00
Jake Baines ae54c8c3d9 Initial implementation of authenticated RCE against ManageEngine ADSelfService Plus (CVE-2022-28810) 2022-04-19 10:33:54 -07:00
Jack Heysel 37e334f95d Rubocop 2022-04-18 09:36:52 -07:00
Spencer McIntyre a4a9bc033a Fix building the SessionSetup request for MS17-010 
RubySMB commit 8035d9c2 broke the exploit's SessionSetup request.
 2022-04-12 10:45:17 -04:00
Spencer McIntyre 5de966cfb1 Land #16382, CVE-2022-26904 SuperProfile LPE 2022-04-07 12:52:39 -04:00
Grant Willcox 51e37bbe42 Add in process kill off code for Meterpreter sessions, seems I forgot to include this 2022-04-07 10:48:08 -05:00
Grant Willcox 4638067723 Fix RuboCop errors 2022-04-06 09:18:05 -05:00
Grant Willcox c8c91fcaf3 Add in fix to ensure that we can spawn sessions automatically on Windows 10 20H2 and other systems were we hit a bug with UAC prompts from the exploit DLL itself not triggering the payload 2022-04-05 19:16:48 -05:00
usiegl00 27c8210b27 Update smb_shadow module to fix rubocop errors 
Use msftidy to fix the rubocop errors.
 2022-04-06 07:12:46 +09:00
usiegl00 8495bff61c Merge master and update the smb_shadow module 
Add comments detailing the technique used to attack SMBv3. Remove some
comments that are no longer needed. Fix Gemfile.lock conflict.
 2022-04-06 07:06:45 +09:00
usiegl00 09ae52fecd Update smb_shadow and shadow_mitm_dispatcher 
Remove duplicated print_status messages. Use respond_to? instead of
methods.include?. Simplify payload generation. Fix naming for the rst
capture thread.
 2022-04-05 20:03:14 +09:00
Grant Willcox db4b22df5e Update the exploit code to output errors in a better format, and fix a potential issue when trying to delete folders recursively. Also update exploit module to try kill msiexec.exe if its still running to prevent it holding onto handles when it shouldn't be. 2022-04-04 17:58:52 -05:00
Grant Willcox bba40bcd21 Add in fixes from code review 2022-04-04 12:05:21 -05:00
Grant Willcox 7e5123cd24 Add initial code from Hajap Zairy Al-Sharif 2022-04-04 11:56:14 -05:00
usiegl00 7e010cbde2 Merge master and update smb_shadow + dispatcher 
The smb_shadow module can confirm the server smb version supported with
the ConfirmServerDialect option. The shadow_mitm_dispatcher closes each
stream before opening a new one to prevent leaking file descriptors.
 2022-04-02 10:39:02 +09:00
Grant Willcox 57473850c1 Fix up RuboCop errors as last change made it so that we had an unless elsif statement which isn't valid in Ruby 2022-03-31 12:52:16 -05:00
Grant Willcox 743138abed Add in initial fixes from review and remove extra BREAKAWAY_FROM_JOB code changes not directly related to this PR as we'll raise a separate PR for those 2022-03-31 12:13:29 -05:00
Grant Willcox 51df37de87 Add in documentation and also update the module to handle NarratorQuickstart.exe which sometimes comes up and can lead to visual indicators 2022-03-28 17:53:53 -05:00
Grant Willcox bd3e0c1b53 Add in support for exploiting domain joined systems 2022-03-28 16:14:19 -05:00
Grant Willcox b408197cb7 Another round of RuboCop 2022-03-25 17:37:05 -05:00
Grant Willcox 393765a2f0 Add in UAC checks to ensure PromptOnSecureDesktop is set appropriately before attempting to exploit. Also clean up some of the extra code to prevent unneeded cmd level commands from running 2022-03-25 17:26:48 -05:00
Grant Willcox 56e21ae3a2 Update check code to now use cmd_exe as other call was hanging forever, and also update the check code to use Meterpreter functions if available vs always running shell commands. 2022-03-25 15:25:48 -05:00
Grant Willcox f7c271aaf4 Add in fixes from Spencer's quick initial review of module to address typos and proper check code return values 2022-03-25 14:14:56 -05:00
Grant Willcox e82c25841c RuboCop module to pass tests 2022-03-25 12:45:00 -05:00
Grant Willcox 561c5d513e Update module's on_new_session code 2022-03-25 12:16:44 -05:00
Grant Willcox 8e73710843 Add in on_new_session method to do automatic cleanup with supported session types. Think this is only Meterpreter at the moment 2022-03-24 14:36:29 -05:00