adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Christophe De La Fuente ae48236d07 Land #18122, rocketmq version lib 2023-07-05 18:11:25 +02:00
Grant Willcox da6cdd1d5b Fix up datastore setting code 2023-07-05 10:55:14 -05:00
h00die 8d686e5a28 woocommerce payments auth bypass 2023-07-04 13:06:27 -04:00
h00die 375a315b3d woocommerce payments auth bypass 2023-07-04 13:05:07 -04:00
h00die c9249fd9b7 basics 2023-07-02 12:37:58 -04:00
Grant Willcox 3ab7b3ddc7 Add in autocheck and expand check logic for Windows 11 targets 2023-06-30 16:41:03 -05:00
Grant Willcox 17ffd4e0f6 Add in description about why versions after 22000.194 aren't affected 2023-06-30 16:40:53 -05:00
Wrathdemon 7870bfe94e fix #15890: Support Windows 11 in Capcom.sys LPE Module 2023-06-30 16:40:43 -05:00
adfoster-r7 085943bd78 Add Ruby 3.3.0-preview1 to test suite 2023-06-29 22:53:17 +01:00
Guilhem RIOUX 068a81a638 First remove the check after the triggering payload as it is not reliable. Adding the documentation after checking it with the dev tool 2023-06-28 08:53:50 +02:00
Ashley Donaldson afe359281c Remove manual signature handling, and figure it out for the user. 2023-06-28 09:22:01 +10:00
Grant Willcox 1b7e1343f8 Fix up some points noted during review 2023-06-27 11:32:44 -05:00
Grant Willcox c11dd0efc4 Fix up RuboCop errors 2023-06-27 11:23:41 -05:00
Guilhem RIOUX 8cae031d97 update after rubocop and advice 2023-06-27 16:08:55 +02:00
Spencer McIntyre 67f7a33d77 Land #18114, .NET assembly execution enhancements 
Allow .NET assembly execution within the meterpreter process
 2023-06-27 09:32:43 -04:00
Spencer McIntyre df0f7de098 Fix an ARGUMENT handling error 
`datastore['ARGUMENT']` can be `nil` when it's been unset. Avoid an
error when appending it to cln_params by checking that it's present.
 2023-06-27 09:29:59 -04:00
Ashley Donaldson 0d0906840e Fix memory protection bug 2023-06-27 09:59:52 +10:00
Spencer McIntyre 7da9ea07aa Land #17796, AWS EC2 enum: implement reporting 2023-06-26 17:31:38 -04:00
Spencer McIntyre fd89ac6893 Fix REGION related issues 
Fixes hanging when REGION is invalid. Fixes a stack trace when REGION is
an empty string.
 2023-06-26 17:18:13 -04:00
Joshua Rogers cac515b8db Update jenkins_gather.rb 
Change the default Windows location to C:\ProgramData\Jenkins\.jenkins\.
 2023-06-26 21:27:59 +02:00
Ashley Donaldson 624643be4a Catch errors and give meaningful error messages 2023-06-25 22:12:22 +10:00
RageLtMan 60523c0f9b Apply @smcintyre-r7's logic fix 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2023-06-23 18:48:21 -04:00
Jack Heysel bf1e6bddd1 Land #18134, Add exploit for CVE-2023-25194 
This exploits a Java deserialization vulnerbility
in Apache Druid which arises from a JNDI injection
within Apache Kafka clients.
 2023-06-23 16:52:04 -04:00
dwelch-r7 d68eb84334 Land #18065, Updates jenkins_gather module to work with newer version of Jenkins 2023-06-23 10:44:06 +01:00
cgranleese-r7 9176d0d3e0 Updates jenkins_gather to work with newer version of Jenkins 2023-06-23 10:02:03 +01:00
Heyder Andrade b026b38851 Apply suggestions from code review 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-06-23 09:36:50 +02:00
Ashley Donaldson a7ce4c7fa8 Free memory from the C++ side, rather than the Ruby side. 2023-06-23 09:57:53 +10:00
Spencer McIntyre b5e028b47c Land #18100, Add MOVEit CVE-2023-34362 2023-06-22 14:23:44 -04:00
Spencer McIntyre dfd450561e Tweak some messages and cleanup markdown table 2023-06-22 14:23:25 -04:00
bwatters a05bde217c Ensure any users we create are deleted 2023-06-22 12:18:07 -05:00
Redwaysecurity.com 77bb6759a6 Review suggestions 2023-06-22 18:12:13 +02:00
bwatters 5f667e1d79 Address code review 2023-06-22 10:22:43 -05:00
bwatters a2c2a9193f Update error catching logic 2023-06-22 08:27:44 -05:00
dwelch-r7 e298788a28 Land #18049, Update jenkins login scanner to work with newer versions 2023-06-22 14:04:24 +01:00
Redwaysecurity.com a8332e6064 Added exploit for CVE-2023-25194 2023-06-22 14:17:32 +02:00
Ashley Donaldson 461240639c Check PID validity before getting its bitness 2023-06-22 16:05:48 +10:00
Jack Heysel 64b441be2a Rspec tests, get_broker_port addition 2023-06-22 01:29:33 -04:00
Jeffrey Martin 1b562dd02b Revert "Improve AMSI bypass on new Windows" 
This reverts commit f97ab80224, reversing
changes made to c8f942cc03.

This change impacted the default `psexec` powershell target and needs further
testing to be reintroduced.
 2023-06-21 16:35:41 -05:00
bwatters 2adea08f67 Add documentation & code cleanup 2023-06-21 15:41:50 -05:00
bwatters 52907ac794 Add space limitation 2023-06-21 12:56:59 -05:00
bwatters 10c6e6328f Add user cleanup and update error handling 2023-06-21 12:00:34 -05:00
bwatters 9d16b0043b Add check method 2023-06-21 11:26:04 -05:00
bwatters 957339b3c0 Simplify output 2023-06-21 08:34:02 -05:00
Nishant Desai 823824163e Documentation-of-Capturing-Simple-Auth 2023-06-21 13:29:25 +00:00
cgranleese-r7 0609d246f3 adds more future proofing to implementation 2023-06-21 14:19:24 +01:00
Ashley Donaldson 6e438d338e Modify execute_dotnet_assembly to run in existing processes (including our own process) and receive output. 2023-06-21 12:04:09 +10:00
bwatters d63c14dc17 Ugly, but working 2023-06-20 20:06:57 -05:00
Guilhem RIOUX 784f76b355 update after rubocop 2023-06-19 14:31:23 +02:00
usiegl00 1c5b88c59f Update CachedSize for Mettle 2023-06-19 12:23:40 +02:00
usiegl00 22101f15cc Update Aarch64 Payloads for RuboCop 
Use msftidy to fix the rubocop errors.
 2023-06-19 11:20:23 +02:00