adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Jack Heysel e4eac96b4b Add Module for pfSense pfBlockerNG unauth RCE as root 2022-10-12 19:12:22 -05:00
Grant Willcox f92d913f0c Land #17116, Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 2022-10-12 11:53:47 -05:00
bwatters 4aa2b76bde Land #17092, netlm_downgrade Cleanup and support non-Meterpreter sessions 
Merge branch 'land-17092' into upstream-master
 2022-10-12 11:40:20 -05:00
Grant Willcox 487a26ee0f Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs 2022-10-12 11:19:47 -05:00
cn-kali-team f553e6e0f7 update 2022-10-12 21:55:05 +08:00
cn-kali-team d77a965345 update 2022-10-12 21:54:23 +08:00
三米前有蕉皮 bff7d4c320 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 13:53:26 +08:00
三米前有蕉皮 13e92407c1 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-12 13:51:45 +08:00
三米前有蕉皮 1c788b797c Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 13:51:05 +08:00
三米前有蕉皮 2c2d82dd42 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 11:30:05 +08:00
三米前有蕉皮 70400960f4 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-12 11:28:36 +08:00
三米前有蕉皮 dc5b2ae4a6 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-12 10:41:01 +08:00
三米前有蕉皮 0c9e874a65 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 10:31:16 +08:00
Ayantaker e75438d0b2 Documentation fix and minor fixes 
Fixed the documentation according to msftidy's suggestion and removed a few unessary parts of code
 2022-10-11 18:17:52 -04:00
Grant Willcox 45aa09411e First round of edits from review 2022-10-11 15:46:04 -05:00
h00die-gr3y ae0f94beb7 Addressed all commit suggestions 2022-10-09 15:49:58 +00:00
H00die.Gr3y 462b80cf6f Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:59:59 +04:00
H00die.Gr3y 2b4785915d Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:59:40 +04:00
H00die.Gr3y 7bae00975a Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:59:23 +04:00
H00die.Gr3y c280e2d57b Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:59:08 +04:00
H00die.Gr3y c1dd09771f Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:58:36 +04:00
H00die.Gr3y afb87ee87d Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:58:28 +04:00
H00die.Gr3y b37c26da87 Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:58:15 +04:00
H00die.Gr3y b11dbc90a9 Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:58:04 +04:00
H00die.Gr3y cbab556e7d Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:57:54 +04:00
H00die.Gr3y 784393e41e Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:57:45 +04:00
H00die.Gr3y 11f5cff45d Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:57:30 +04:00
H00die.Gr3y 316c3f5302 Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:57:17 +04:00
H00die.Gr3y a14ded588b Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-09 14:57:04 +04:00
h00die 4950124ea0 use more Post::File functions 2022-10-08 09:50:25 -04:00
h00die a3eee73efb review comments 2022-10-08 09:16:57 -04:00
Ayan Saha f67a7f395f Modified unix_cmd payload as per suggestion 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-08 02:26:11 +05:30
Ayan Saha ec57260c66 Adding suggested code 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-08 02:25:35 +05:30
bwatters ef0ca2edbb Land #17057, Msf::Post::Windows::ExtAPI: Remove load_extapi method 
Merge branch 'land-17057' into upstream-master
 2022-10-07 15:54:52 -05:00
Ayantaker 32db330ff6 Fixing the rubocop issue 2022-10-07 11:08:01 -04:00
JustAnda7 36f4c702b3 Fixed #16674 2022-10-07 01:59:52 -04:00
Ashley Donaldson 793a05f9f3 Added comments for new functions 2022-10-07 11:55:47 +11:00
Ashley Donaldson b5a076a1f1 Neaten parameter and error handling 2022-10-07 11:24:39 +11:00
Ashley Donaldson 063a768959 Store ccache 2022-10-07 09:56:11 +11:00
Jack Heysel 6db965cf72 Land #17075, windows_secrets_dump non-admin fix 
The module was failing early for non-administrative users.
This fixes the issue so the module now throws warnings where
it was previously failing early.
 2022-10-06 17:31:15 -04:00
Ayantaker 910ee931c2 Fixing the description of the module 2022-10-06 15:55:32 -04:00
Ayantaker c8cd6a7864 Adding CVE-2022-22947 Spring Cloud Gateway RCE Exploit 
CVE-2022-22947 exploits Spring Cloud Gateway. The module has been tested with Spring Cloud gateway version 3.1.0 on Linux kali 5.18.0-kali5-amd64
 2022-10-06 15:48:36 -04:00
Ron Bowes 48dd4693df Add docs for CVE-2022-41352 (zimbra cpio), and fix some text 2022-10-06 10:46:48 -07:00
Ron Bowes 08c29f7f28 Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-06 10:23:53 -07:00
Ashley Donaldson 58c30f10aa Send and Receive PKINIT responses 2022-10-07 01:04:10 +11:00
h00die 525d2ff4ea check files exist before suid checking them 2022-10-05 19:59:20 -04:00
h00die 6db9ee743e check files exist before suid checking them 2022-10-05 19:43:07 -04:00
Jack Heysel 60c21da50e Land #17009, Add MobaXterm cred gather module 
This module determines if MobaXterm is installed and if
it is dumps all saved session information from the target
 2022-10-05 14:14:27 -04:00
adfoster-r7 c595c5cc8b Land #17108, Update Azure AD Scanner Error Code Check for Disabled Accounts 2022-10-05 18:52:39 +01:00
三米前有蕉皮 9155f42553 Update modules/post/windows/gather/credentials/moba_xterm.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-10-06 01:39:28 +08:00