adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Arthur RAOUT 889aff9701 Revert accidental changes Merge branch 'upstream-master' into New_x86_xor_encoder 2023-03-08 13:41:26 +01:00
Christophe De La Fuente ecbeceb817 Land #17733, Add Gather Wowza Streaming Engine Credentials 2023-03-07 15:27:52 +01:00
bcoles 3f781de8e9 Add Wowza Streaming Engine Manager Login Utility 2023-03-07 23:42:42 +11:00
Grant Willcox 5c4d730cd3 Add in missing EDB reference 2023-03-06 14:32:01 -06:00
Dean Welch d318a9e0d0 Add advanced option to include Ticket Checksum during forging 2023-03-06 13:21:23 +00:00
Grant Willcox 08f07eccb6 Fix initial incorrect parameters in YARD documentation 2023-03-05 20:15:14 -06:00
bcoles 9dcaf93b29 Replace deprecated File.exists? with File.exist? 2023-03-05 14:30:47 +11:00
space-r7 99fb35fe84 refs/heads instead of refs/head 2023-03-03 17:24:39 -06:00
Grant Willcox 6579dcc977 Land #17723, Fix PHP Base64 encoding 2023-03-03 11:53:46 -06:00
cgranleese-r7 252012f48d Land #17675, Add support for forging inter-realm Kerberos tickets 2023-03-03 14:17:48 +00:00
cgranleese-r7 6259f02051 Land #17684, Add rbcd exploitation documentation to docs site 2023-03-03 13:31:53 +00:00
adfoster-r7 efd79eb638 Add support for forging inter-realm Kerberos tickets 2023-03-03 13:20:39 +00:00
adfoster-r7 0047ce5d3a Add rbcd exploitation documentation to docs site 2023-03-03 13:18:29 +00:00
Grant Willcox 975de9d479 Supply exception message when raising BadcharError and fix typo 2023-03-02 17:46:21 -06:00
jvoisin 5b82c952ba Rubocop pass 2023-03-02 21:43:41 +01:00
jvoisin ae549ce1d4 Fix PHP base64 encoding 2023-03-02 21:40:27 +01:00
bwatters 5b4962e2bd Land #17721, Fix adapted payload stage encoding 
Merge branch 'land-17721' into upstream-master
 2023-03-02 14:03:06 -06:00
Spencer McIntyre a418bd9c65 Land #17638, Lucee Scheduled Job RCE 2023-03-02 08:57:19 -05:00
Arthur RAOUT 7b7377257e fixed 2 rubocop offenses 2023-03-02 13:08:09 +01:00
Arthur RAOUT e178226efa Merge branch 'New_x86_xor_encoder' of github.com:araout42/metasploit-framework into New_x86_xor_encoder 2023-03-02 12:31:21 +01:00
Arthur RAOUT dd7e8328bb no test.rb 2023-03-02 12:31:07 +01:00
Arthur RAOUT 1461f9fb03 slight changes in the comments 2023-03-02 12:30:38 +01:00
Arthur RAOUT 6a81e0f6cb Merge branch 'upstream-master' into New_x86_xor_encoder 2023-03-02 12:10:00 +01:00
Professor Araout 83bcd1cc1b Fix typo in the comments line 41 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-03-02 11:50:56 +01:00
Spencer McIntyre 088f359cee Make stage encoding optional 2023-03-01 12:24:46 -05:00
Spencer McIntyre 3fabcc3421 Use coldfusion to decode base64 data 
This means we don't need to rely on base64 being in the path. Also
invoke ARCH_CMD payloads on Windows through cmd.exe and not
powershell.exe.
 2023-02-28 17:32:56 -05:00
Spencer McIntyre c8aa491378 Fail with Unreachable when res is nil 2023-02-28 17:05:59 -05:00
Jack Heysel 3abd62076c Land #17624, Oracle E-Business Suite Module 
This pull request adds an exploit module for CVE-2022-21587
an arbitrary file upload vulnerability in Oracle Web Applications
Desktop Integrator as shipped with 12.2.3 through to 12.2.11
which results in RCE
 2023-02-28 17:04:20 -05:00
Spencer McIntyre a916163b49 Cleanup files and fixup messages 2023-02-28 16:41:57 -05:00
space-r7 b3e6767125 Land #17676, add SIS login module 2023-02-28 15:41:24 -06:00
space-r7 380a66916f use print instead of vprint 2023-02-28 15:40:03 -06:00
Spencer McIntyre 2be54376bc Land #17699, Add in SCHANNEL support for LDAP 2023-02-27 16:35:30 -05:00
bwatters 87f046f351 Land #17629, Fix #17629 #query_ldap issues 
Merge branch 'land-17698' into upstream-master
 2023-02-27 14:39:19 -06:00
JBince 8b03f2fda8 Reworked payload execution logic 2023-02-27 11:09:34 -06:00
Imran E. Dawoodjee 3f1119c69e Attempt fix for NoMethodError when exploiting 2023-02-26 22:02:08 +08:00
Imran E. Dawoodjee 2f08cf6c46 Improved version check, review round 1 2023-02-26 17:23:54 +08:00
Grant Willcox f6bfa6a61b Add in SCHANNEL support, and update modules to fix a hang when using to_json instead of get_operation_result. 2023-02-24 13:50:04 -06:00
Spencer McIntyre 26d9026fc2 Fix a filter error 
When FILTER was nil, the check would fail causing `()` to be appended to
the LDAP query filter which would cause it to fail.
 2023-02-24 13:51:58 -05:00
Jack Heysel ca6faed172 Check method enhancement 2023-02-24 13:33:10 -05:00
Jack Heysel 5311a491e9 Froxlor 2.0.7 is actually vulnerable too 2023-02-24 13:18:34 -05:00
Jack Heysel 5749b402af Land #17672, disable ClamAV on Linux 
This PR includes a post module that will disable
ClamAV on Linux systems.
 2023-02-23 21:51:48 -05:00
Jack Heysel 9a874c352b Added missing space in fail_with statement 2023-02-23 20:57:19 -05:00
space-r7 eec73fe394 add module changes 2023-02-23 16:34:43 -06:00
Jack Heysel 5e2f0965f3 Changed print_bad to fail_with 2023-02-23 17:33:52 -05:00
Jack Heysel 8db255288b Spelling 2023-02-23 16:40:09 -05:00
Jack Heysel 2ed89dda7e Added nc and python cmd techniques 2023-02-23 16:21:09 -05:00
archcloudlabs 10552cbc87 msftidy and notes 2023-02-22 21:48:35 -05:00
archcloudlabs 9ff4cdfd5c updated w/ socat method 2023-02-22 21:40:26 -05:00
archcloudlabs 55371f9363 removing to_str 2023-02-22 20:36:55 -05:00
space-r7 9621f77bac Land #17640, add Froxlor RCE 2023-02-22 12:11:38 -06:00