adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Matthew Dunn 774f9c6e48 Use the right quotation marks 2022-10-05 13:19:36 -04:00
Matthew Mathur 24e1a026d4 Update locked error message 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-10-05 13:03:34 -04:00
adfoster-r7 46910b9390 Land #17105, set keep_cookies value to boolean true instead of string true 2022-10-05 11:37:37 +01:00
Matthew Dunn 4a2d485228 Update error conditions to include account disablement 2022-10-04 16:57:59 -04:00
Jack Heysel 0145264046 Land #17093, add Enlightenment priv esc module 
This PR adds a local priv esc for Enlightenment on Ubuntu
which exploit a simple cmd injection
 2022-10-04 14:09:18 -04:00
space-r7 63af4e3702 Land #17067, add remote mouse rce 2022-10-04 11:40:33 -05:00
cn-kali-team 819dcd7889 update 2022-10-04 17:57:28 +08:00
h00die 06aefb630a string true to bool true 2022-10-03 19:50:04 -04:00
Jack Heysel edc0c622fc Land #17099, Wordpress Elementor plugin RCE 
This PR adds a new authenticated exploit module against
3 versions of Elementor, a plugin for Wordpress.
 2022-10-03 16:59:38 -04:00
h00die b7073df1e0 review comments 2022-10-03 16:53:14 -04:00
bwatters 052d233bd9 Land #17006, Gather_RedisDesktopManager_Password 
Merge branch 'land-17006' into upstream-master
 2022-10-03 15:10:30 -05:00
h00die 68b2aec6fb review comments 2022-10-03 15:25:53 -04:00
h00die fffc080286 use vars_form_data 2022-10-03 14:43:12 -04:00
krastanoel bd15798be7 support windows platform 2022-10-03 19:57:09 +07:00
Christophe De La Fuente 117d7026e4 Fix from code review 2022-10-03 10:41:15 +02:00
h00die c6e18ee469 cve-2022-1329 2022-10-02 15:59:58 -04:00
h00die-gr3y 7ae0f552f3 init commit module and documentation 2022-10-02 19:47:47 +00:00
cn-kali-team 3fa2268aa1 fix username 2022-10-03 00:07:30 +08:00
cn-kali-team 2f3378fc4a Gather_Navicat 2022-10-02 23:48:09 +08:00
h00die de184226f6 repeatable sessions 2022-10-01 11:30:21 -04:00
h00die e78babea90 cve-2022-37706 2022-10-01 11:24:29 -04:00
bcoles 3ffbc99d9f netlm_downgrade: Cleanup and support non-Meterpreter sessions 2022-10-01 22:35:11 +10:00
krastanoel e3fc3544cd still could not yet support windows 2022-10-01 17:44:44 +07:00
krastanoel 15c956c2d6 Update module 
- add command stagers logic
- set default uripath
 2022-10-01 16:19:43 +07:00
krastanoel 046bb356fb adjust uripath 2022-10-01 15:17:28 +07:00
bcoles 5f92d9418d Modules: Fix Stability/SideEffects/Reliability notes for several modules 2022-10-01 17:54:59 +10:00
h00die b62dd604b1 fix passwords on command prompt 2022-09-30 16:34:05 -04:00
Jack Heysel 1c6ed2d9b4 Land #17070, Grafana auth bypass enhancement 
Remove unneccessary use of len cookie
 2022-09-30 14:32:44 -04:00
krastanoel 2331f21f9e Update module 
- adjust create, migrate and delete repository with the common lib
 2022-10-01 01:16:18 +07:00
Jack Heysel ae1af7f543 Merge branch 'master' into upstream-master 2022-09-30 13:21:50 -04:00
Jack Heysel 9ad513dade Land #16933, Thycotic Secret Server post module 
This PR adds a post exploitation module that exports
and decrypts Thycotic Secret Server credentials
 2022-09-30 13:16:05 -04:00
bwatters f4d1430656 Land #17085, Update ranking for nft_set_elem_init 
Merge branch 'land-17085' into upstream-master
 2022-09-30 12:04:41 -05:00
krastanoel 953221d518 Handle datastore username empty string 2022-09-30 22:23:40 +07:00
krastanoel 381bdbae7f Update module 
- adjust check method using common lib
- handle autocheck false
 2022-09-30 22:14:45 +07:00
bwatters 89ef91c9cd Update ranking for nft_set_elem_init 2022-09-30 09:57:54 -05:00
cgranleese-r7 38b05cb802 Updates deprecated method in rlogin module 2022-09-30 14:28:42 +01:00
krastanoel 7e46ba4575 use fail with instead checkcode 2022-09-30 16:50:34 +07:00
krastanoel e1284ea17d handle get_csrf check caller separately 2022-09-30 16:45:49 +07:00
cn-kali-team 331f8063d7 Only used in the current session 2022-09-30 11:38:34 +08:00
bwatters 9e74b9887d Land #17048, enum_tokens: Cleanup 
Merge branch 'land-17048' into upstream-master
 2022-09-29 15:58:46 -05:00
h00die 1215bf7784 cve 2022-09-29 16:35:09 -04:00
h00die a31e3ea96b remote mouse comments 2022-09-29 16:21:59 -04:00
adfoster-r7 71231ec7e1 Land #17073, fix broken sessions in rservices modules 2022-09-29 19:55:49 +01:00
jheysel-r7 3b150ab3db Update modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb 2022-09-29 13:58:54 -04:00
jheysel-r7 30e27d832e Update modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb 2022-09-29 13:58:30 -04:00
adfoster-r7 5d345e6689 Merge branch 'upstream-master' into feature-kerberos-authentication 2022-09-29 16:42:58 +01:00
bwatters 76c6632305 Land #16673, qdPM 9.1 - Authenticated Remote Code Execution (CVE-2020-7246) 
Merge branch 'land-16673' into upstream-master
 2022-09-29 09:46:27 -05:00
cn-kali-team 1d1308b870 Use the set master password only when using the specified path,Print once 2022-09-29 22:15:33 +08:00
Christophe De La Fuente 8f3c8a49ed Fix non-admin error 
- Remove unecessary `print_error`
- Do not fail when an error occurs in the early processes and action is
  ALL or DOMAIN
- Print error about NoLMHash policy only once
- rubocop fixes
 2022-09-29 12:47:14 +02:00
cgranleese-r7 730746f873 Fixes broken sessions in rservices modules 2022-09-29 09:44:29 +01:00