adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
gardnerapp 9ee838d08e Update modules/post/windows/gather/checkvm.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-10-16 17:21:32 -04:00
sfewer-r7 1c027ac05c add an RCE exploit for CVE-2023-22515 2023-10-16 20:50:18 +01:00
h00die b3b1595ef4 vmware aria ssh keys exploit 2023-10-16 13:06:17 -04:00
sjanusz-r7 daa8b8ae99 Use Metasploit-Payloads Crypto to decrypt payloads 2023-10-13 14:42:10 +01:00
sjanusz-r7 b428736e03 Add support for injection of encrypted dll payloads 2023-10-13 14:42:10 +01:00
sjanusz-r7 1140efc8b4 Support adding encrypted files to archives & jars 2023-10-13 14:42:10 +01:00
cgranleese-r7 9def455f65 Land #18449, Update mysql authbypass hashdump module to correctly close sockets 2023-10-13 11:43:59 +01:00
emirpolatt 0cb56c1de5 Some fixes 2023-10-13 02:16:17 -07:00
emirpolatt e48ead5e8c Fingerprint reduction with Rex::Text.rand_text_alpha(8) 2023-10-13 02:11:57 -07:00
emirpolatt 84f5c7321e Reducing fingerprinting via Rex::Text.rand_text_alpha(8) 2023-10-13 02:02:13 -07:00
emirpolatt 9219a3e90a Adding AttackerKB analysis URL 2023-10-13 01:56:14 -07:00
Wolfgang Hotwagner 469d33f31c Added some CMDStagerFlavors 2023-10-13 08:49:18 +00:00
Ashley Donaldson 776c0644e0 Corresponding change from RubySMB code review 2023-10-13 11:11:22 +11:00
Spencer McIntyre 05dd2e1473 Land #18351, Apache Superset RCE (CVE-2023-37941) 2023-10-12 17:10:10 -04:00
Hynek Petrak b2f847706f Update vmware_vcenter_vmdir_auth_bypass.rb 
Few more instances corrected
 2023-10-12 19:08:51 +02:00
Jack Heysel d31a485d63 Land #18383, improves enum_computers module 
This PR adds a variety of improvements to the
enum_computers module including shell and powershell
support as well as improvements to run on non-english
systems.
 2023-10-12 13:01:54 -04:00
adfoster-r7 075fe09c2f Fix mysql authbypass running out of sockets 2023-10-12 17:40:33 +01:00
adfoster-r7 80d2fa738d Land #18296, update more mysql modules to support newer authentication methods 2023-10-12 17:19:02 +01:00
Wolfgang Hotwagner 2dae0a2398 moved token-check outside of get_csrf_magic 2023-10-12 15:09:10 +00:00
Hynek Petrak 060dc84c18 corrected options confict between module and ldap mixin 2023-10-12 16:52:57 +02:00
Wolfgang Hotwagner 2c757bc85b Refactoring 2023-10-12 14:37:58 +00:00
Spencer McIntyre 86b7ec4518 Address comments from the review 2023-10-12 09:50:19 -04:00
Spencer McIntyre 4f734379d3 Add module docs and print some messages 2023-10-12 09:27:26 -04:00
Spencer McIntyre 0799f9d860 Add a check method and populate module metadata 2023-10-12 09:27:26 -04:00
Spencer McIntyre 7a226ba285 Randomize components in the MAR file 2023-10-12 09:27:26 -04:00
Spencer McIntyre 5a6dc7f9a6 Initial commit of CVE-2023-43654 2023-10-12 09:27:26 -04:00
Wolfgang Hotwagner 58f9a39f72 replaced custom timer with rex::stopwatch 
updated documentation
 2023-10-12 11:46:56 +00:00
Wolfgang Hotwagner e0dd5117aa added platform=linux and changed the payload to a fetch-payload 2023-10-12 11:12:32 +00:00
Rory McKinley 1b172768b4 Use upstream ruby-mysql in Remote::MYSQL 
* ... and dependents
 2023-10-12 13:08:35 +02:00
cgranleese-r7 3da17d2775 Addresses PR feedback 2023-10-12 10:59:29 +01:00
emirpolatt 2b05dab554 Fix: Msftidy Warnings 2023-10-11 12:19:40 -07:00
emirpolatt b8dcafc0f6 Revert "CVE-2023-27253 - PfSense 2.6.0 'Backup & Restore' OS Command Injection Module" 
This reverts commit c65685deae.
 2023-10-11 12:15:22 -07:00
emirpolatt 9ef1d1746a CVE-2023-22515 - Atlassian Confluence Data Center and Server Broken Access Control Leads to Authentication Bypass 2023-10-11 12:09:22 -07:00
Spencer McIntyre 45be501a50 Raise a more specific error message 
Check for and raise a more specific error message when the internal
database fails to mount because the path is incorrect.
 2023-10-10 15:21:35 -04:00
Spencer McIntyre 59da2865d9 Use an exec-in-place gadget for Python 
This adds a Python deserialization gadget that will exec arbitrary
Python code in place. It is only compatible with Python 3.x due to
differences in Python's exec function and statement between 2 and 3.
 2023-10-10 14:01:24 -04:00
Corey 5ffac9af0c pull changes 2023-10-09 15:29:14 -04:00
Corey 0863645fdb remove false positive 2023-10-09 15:27:12 -04:00
gardnerapp b0929fe445 Update modules/post/windows/gather/checkvm.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-10-09 15:24:26 -04:00
gardnerapp 93d5736f72 Update modules/post/windows/gather/checkvm.rb 
correct spelling

Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-10-09 15:23:19 -04:00
Corey 9f795574cd Change spelling error 2023-10-09 15:18:38 -04:00
Corey dabf0b54e3 Add @processes and @services to run 2023-10-09 15:16:30 -04:00
JustAnda7 7876912eab Changes-as-per-comments 2023-10-08 02:49:46 -04:00
Wolfgang Hotwagner f0862d4d76 Refactoring 2023-10-06 23:02:17 +00:00
Jack Heysel fb834b235a Land #18417, Add Kibana Upgrade Assistant RCE 
Kibana before version 7.6.3 suffers from a prototype
pollution bug within the Upgrade Assistant. This PR adds
an exploit module to exploit the bug. There is no CVE
for this issue at the moment.
 2023-10-06 17:29:02 -04:00
Wolfgang Hotwagner 2f23d53e90 Exploit module for CVE-2023-26035 
This commit adds a exploit module for an unauthenticated remote
code execution vulnerability in Zoneminder.
This exploit allows to choose between dropper and in-memory
payloads and works reliable.
 2023-10-06 16:47:30 +00:00
h00die 931a67d290 kibana telemetry rce rewritten to use fetch payloads 2023-10-06 09:55:10 -04:00
h00die a2a9becc73 convert cmd_stager to fetch payloads 2023-10-06 07:40:17 -04:00
h00die 5e0538a239 review comments round 1 2023-10-05 13:12:33 -04:00
Spencer McIntyre 9eb0c336ab Land #18414, Exploit module for CVE-2023-40044 
Exploit module for CVE-2023-40044 (WS_FTP unauthenticated RCE)
 2023-10-04 10:21:54 -04:00
sfewer-r7 8431d11654 leverage Rex::MIME::Message instead of creating the multipart data manualy 2023-10-04 09:39:25 +01:00