adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Jack Heysel 77be219bc2 Land #16754, add offsets to ms02_065 
Adds additional offsets for various Windows 2000
Professional targets, adds  docs, fixes default
payload and resolves rubocop violations.
 2022-07-16 16:43:47 -04:00
Ron Bowes 304d717757 Make the path-traversal depth configurable 2022-07-15 15:41:27 -07:00
Ron Bowes 7468f6ecd8 Remove JAVA Arch 2022-07-15 15:35:14 -07:00
Spencer McIntyre 25f50e607c Reduce code, be more permissive 
This makes a few changes that should enable the module to function
better should it be dropped into a fresh MSF installation on its own.
 2022-07-15 16:29:17 -05:00
Grant Willcox 2a8d95c121 Default to having a near empty custom file so that we can still update the default queries without issues vs preventing updates from occuring. If users want to override the defaults, then they accept the risk of not getting updates. Update documentation to also note this. 2022-07-15 16:29:12 -05:00
Grant Willcox 1e05630d26 Make sure that we load ACTIONs from the user's custom file at startup if they have changed anything or added any new ACTIONs 2022-07-15 16:29:12 -05:00
Grant Willcox 2d1acc0369 Refactor code and also add in proper fail_with error codes where needed. Also fix up module and documentation descriptions to be a bit clearer. 2022-07-15 16:29:01 -05:00
Grant Willcox 03ebbaf2d0 Add in RUN_SINGLE_QUERY and associated options, and then update the code and documentation accordingly. This will allow users to run single queries with associated attribute filters if they want to test out single queries at a time without changing YAML files 2022-07-15 16:29:00 -05:00
Grant Willcox 32e5884589 Update error description to be more helpful when debugging. Also update DefaultAction to default to first entry in the list or RUN_QUERY_FILE if no other action is available 2022-07-15 16:28:50 -05:00
Grant Willcox c5f2507ee0 Fix up usage of the word columns where attributes was more appropriate. Also update the multi query logic to match new data format as it was broken before as a result of changes to file format. Finally remove extra parameters that are no longer needed. 2022-07-15 16:28:43 -05:00
Grant Willcox 8c236e789e Rename files to follow proper format. Add in documentation for examples. Then update code so we use Msf::Config.get_config_root to store the config file that we parse to get the actions outside of a Git tracked location. We will still use the default file to populate this non-git tracked location if its not already populated though. 2022-07-15 16:28:43 -05:00
Grant Willcox 3c56e272a1 Remove default actions and move them to default.yaml, then update code accordingly. Also update the initialization code so it will now load the possible actions dynamically from default.yaml. 2022-07-15 16:28:37 -05:00
Grant Willcox 438b4b1bf8 Rework the logic for output and make it a lot neater. Also redo the query logic thanks to help from Alan David Foster so the query itself will specify what fields we need vs us having to manually filter this out later on. Makes it a lot quicker and easier to work with 2022-07-15 16:28:31 -05:00
Grant Willcox 2a1a8aa632 Add in CSV reporting formatting thanks to some help from Alan David Foster 2022-07-15 16:28:30 -05:00
Grant Willcox d4809219b9 Add in JSON output option 2022-07-15 16:28:23 -05:00
Grant Willcox 515bfd296e Add in YAML query file implementation 2022-07-15 16:28:23 -05:00
Grant Willcox 65b9e1cb13 Push initial copy of work up 2022-07-15 16:27:56 -05:00
Ron Bowes 6f33ddd867 Remove a broken error check 2022-07-15 13:49:56 -07:00
Ron Bowes 5f3268eae7 Fix the Arch 2022-07-15 13:46:49 -07:00
Ron Bowes 5257de67f9 Style fixes 2022-07-15 13:43:46 -07:00
adfoster-r7 37f7c15b1e Update mssql login module to support kerberos authentication 2022-07-15 17:33:54 +01:00
adfoster-r7 f2ff7bb913 Add mssql kerberos authentication 2022-07-15 17:26:10 +01:00
bcoles 59685f82f8 ms02_065_msadc: Cleanup and add additional offsets 2022-07-15 00:15:56 +10:00
kalba-security 55079515ca implement code review suggestions 2022-07-14 06:04:14 -07:00
Jack Heysel 662c8bbd87 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 14:00:43 -04:00
Jack Heysel 8f3a0e3856 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 12:11:02 -04:00
Jack Heysel 819d1fa2dd Land #16762, Sourcegraph RCE module 
This module exploits a vuln in the gitserver
component of sourcegraph that results in OS
command execution in the context of gitserver.
 2022-07-13 10:09:06 -04:00
npm-cesium137-io 9a6013b153 citrix_netscaler_config_decrypt refinements 
Refactor error handling when composing KEK fragments to be more
streamlined.

Various tweaks and optimizations.

Updates to documentatation.
 2022-07-13 08:36:18 -04:00
npm-cesium137-io 443920850c Update modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-07-13 07:56:41 -04:00
npm-cesium137-io d227f0aaa2 Update modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-07-13 07:56:12 -04:00
space-r7 ccef129807 Land #16727, set tftphost option 2022-07-12 15:29:42 -05:00
Jack Heysel fdd7a863c8 Land #16736, fix confluence_widget_connector crash 
This change fixes a bug in the confluence_widget_connector 
exploit module to prevent it from crashing when the HTTP
response body received in the get_java_property method is
empty or does not match expected regex.
 2022-07-12 12:27:40 -04:00
Jack Heysel 52fd45b7ab Land #16744 Jboss EAP/AS RCE module 
This module exploits a Java deserialization vulnerability
in JBOSS EAP/AS Remoting Unified Invoker interface for
versions 6.1.0 and prior.
 2022-07-12 10:49:22 -04:00
Jack Heysel 7df6d73741 Added new line to end of file 2022-07-12 09:08:19 -04:00
Jack Heysel 44abcfcb28 Added flavour to fix linux_dropper 2022-07-12 09:06:06 -04:00
Spencer McIntyre 439606b2ac Use a more reliable check method 
The check method will not work regardless of whether or not there is a
cloned repository. The response can be analyzed using a random,
non-existant repo.
 2022-07-11 09:48:08 -04:00
Spencer McIntyre 48cefee585 Cleanup the module based on feedback 2022-07-11 09:09:25 -04:00
adfoster-r7 3e66fc8f4e Fix crash in ms04-007-killbill 2022-07-10 00:07:26 +01:00
Spencer McIntyre 9d979fdf4f Finish up the sourcegraph RCE module 2022-07-08 17:27:22 -04:00
Spencer McIntyre 27ad62c964 Add a decent check method 2022-07-08 16:40:42 -04:00
Ron Bowes 56dd61027f Rubocop 2022-07-08 10:38:42 -07:00
Ron Bowes 8090fdb273 Re-order authors 2022-07-08 10:27:41 -07:00
Ron Bowes 67c60c9c5f Specify the vulnerable version 2022-07-08 10:27:25 -07:00
Ron Bowes bcd4b6e49f Better name 2022-07-08 10:26:09 -07:00
Ron Bowes 9685bc4bc3 Use flat_map instead of map().flatten 2022-07-08 10:25:10 -07:00
Ron Bowes 134ce0d7bd Make the FTP server more realistic, and remove Timeout 2022-07-08 10:21:58 -07:00
bcoles 83bc954e9d ms01_023_printer: cleanup; use HttpClient; add additional targets 2022-07-09 01:36:10 +10:00
Spencer McIntyre 781597bc0e Land #16617, fix race condition in short ranges 2022-07-08 09:56:51 -04:00
Spencer McIntyre 728cf97f6e Land #16718, Fix run_as module on x64 systems 2022-07-08 09:22:22 -04:00
Ashley Donaldson 39f90d95b1 Create sessions for winrm_login successes. 
Reuses the connection, so that authentication doesn't need to happen again
 2022-07-08 16:57:09 +10:00