adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
kalba-security 17f82a900e linting for confluence_widget_connecter and add catch for all scenarios where clear_response returns nil 2022-07-01 08:43:47 -04:00
kalba-security f6b6ad4bf1 prevent confluence_widget_connector from crashing when the response body in get_java_property is empty 2022-07-01 07:37:54 -04:00
kalba-security b56242c7a2 enable MeterpreterTryToFork by default for aerohive_netconfig_lfi_log_poison_rce 2022-07-01 06:15:13 -04:00
kalba-security 4861bbb337 add sanity check, move check method logic to lib, rescue failed socket creation 2022-07-01 05:13:14 -04:00
krastanoel 2e63a5b48c setting stop_on_success attribute to true 
this attribute is needed by LoginScanner module but will have no effect
 2022-07-01 12:22:31 +07:00
krastanoel cdc6fe471f Use safe navigation operator instead of rescue 2022-07-01 12:06:38 +07:00
yvain 1856baf4b9 censys host search will output certificates to be used with certificates search. 2022-07-01 06:35:09 +02:00
bwatters ef9f5ca463 Add rtf support to cve-2022-30190 AKA Follina 2022-06-30 17:30:06 -05:00
Spencer McIntyre 60da336ad4 Fix a silly typo 2022-06-30 17:38:30 -04:00
Spencer McIntyre 7e35f42eeb Finish up error handling for dfscoerce 2022-06-30 17:15:21 -04:00
Spencer McIntyre 7a982a2c83 Report ACCESS_DENIED as success 
If the listener that handles the incoming connection request replies
with STATUS_ACCESS_DENIED, the API will return ERROR_ACCESS_DENIED to
the caller. This is the behavior of Metasploit's capture module as well
as Responder.
 2022-06-30 15:16:11 -04:00
Spencer McIntyre 81ab873d6c Add petitpotam error handling 2022-06-30 15:12:23 -04:00
Spencer McIntyre 43629a3960 Add the initial dfscoerce module 2022-06-30 15:00:52 -04:00
Christophe De La Fuente 0d19e47b8d Land #16677, Add module for adding/deleting computers via MS-SAMR 2022-06-30 12:12:26 +02:00
krastanoel 738aa7ac0a Deregister STOP_ON_SUCCESS 2022-06-30 11:42:50 +07:00
krastanoel f81e4d5dde use autocheck module and rescue in case the user use ForceExploit against unknown service 2022-06-30 11:38:20 +07:00
NikitaKovaljov 9b909131ff added datastore[TIMEOUT] options to line 77 2022-06-29 21:02:26 +03:00
Christophe De La Fuente 0e3fdd0799 Fix from code review 2022-06-29 19:18:47 +02:00
Spencer McIntyre 2d6e910078 Land #16721, Phpmailer arg injection update 2022-06-29 13:00:48 -04:00
Spencer McIntyre 1b7d8f1e74 Fix a whitespace issue, restore option naming 2022-06-29 12:24:29 -04:00
bcoles bbbec267b6 exploits: Set tftphost option for modules which use Windows TFTP stager 2022-06-29 19:10:52 +10:00
Erik Schweiss 695e1243b8 Update modules/exploits/multi/http/phpmailer_arg_injection.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-06-28 23:08:20 -10:00
yvain d14e610230 forgot to push this 2022-06-28 19:38:47 +02:00
Spencer McIntyre 41ba2d263b Address PR feedback 
Simplify the application_key usage, update docs and catch another
exception.
 2022-06-28 11:53:05 -04:00
krastanoel da63fbbad4 Add FreeSwitch Login auxiliary module 2022-06-28 20:13:24 +07:00
adfoster-r7 6b17905790 Land #16722, Fix notes for SideEffects and Reliability 2022-06-28 10:15:04 +01:00
bcoles 9087f86cce exploit/multi/misc/nomad_exec: Fix notes for SideEffects and Reliability 2022-06-28 17:02:51 +10:00
Erik Schweiss a89e88c462 Merge branch 'rapid7:master' into phpmailer_arg_injection_update 2022-06-27 11:05:41 -10:00
adfoster-r7 22a1e06f02 Land #16702, Fix reference URL link in hikvision_rtsp_bof.rb 2022-06-27 12:23:04 +01:00
Christophe De La Fuente a9d3e7c758 Fix run_as module on x64 systems 2022-06-27 13:21:58 +02:00
Erik 836970e1ae Update phpmailer_arg_injection.rb 
fixed typo
 2022-06-23 13:45:42 -10:00
Erik 8259e8e495 Update phpmailer_arg_injection.rb 
Fixed regex to match legal name tags
 2022-06-23 13:43:21 -10:00
Erik ae8f1c3378 Update on phpmailer_arg_injection.rb #15810 
Added Regex to validate new options
 2022-06-23 13:10:19 -10:00
Erik e9b2fc6ecf Merge branch 'rapid7:master' into master 2022-06-23 12:52:09 -10:00
Erik 96feb8d1be Update phpmailer_arg_injection.rb 
Changed new advanced option to camel case
 2022-06-23 12:47:26 -10:00
Spencer McIntyre fb3d349969 Land #16676, Add 6th getsystem technique 2022-06-23 15:14:52 -04:00
Christophe De La Fuente 369c23a90b Revert to TECHNIQUE datastore option for backwards compatibility 2022-06-23 18:43:18 +02:00
yvain fae64d5e9b passes bot tests for merge 2022-06-23 17:27:47 +02:00
yvain e5f0378146 Web request to cencys updated. 
a few modifications in how we handle the data.
 2022-06-23 17:20:09 +02:00
Grant Willcox 5b6d9538cd Move a send outside of the loop so we can keep reading data vs sending and recieving only the first 4096 bytes of data and then executing the query again 2022-06-22 19:44:53 -05:00
Grant Willcox 477db20c04 Fix bad loop terminator checks and data checks 2022-06-22 17:47:22 -05:00
yvain 938090dacb cencys 2022-06-22 23:01:11 +02:00
Grant Willcox e4ce1c53dd Fix reference URL link 2022-06-22 15:49:43 -05:00
Ashley Donaldson 19b62a5af6 Support several new encryption types for Kerberos. 
Supports DES-CBC-MD5, DES3-CBC-SHA1, AES128, AES256
 2022-06-22 09:13:33 +10:00
bwatters c7820048cd Land #16680, Add a Windows target for Confluence 
Merge branch 'land-16680' into upstream-master
 2022-06-21 17:56:32 -05:00
Jake Baines 4ae74f1a67 Added handling of connection profiles 2022-06-21 13:14:01 -07:00
Jake Baines fe6138dea7 Initial rewrite of Cisco ASA Clientless VPN Brute-force 2022-06-21 12:28:49 -07:00
space-r7 7983f878a8 Land #16597, psh cmd adapter fix for encrypt shell 2022-06-21 09:47:05 -05:00
adfoster-r7 f8901a8b17 Add Kerberos LoginScanner support 2022-06-20 16:38:32 +01:00
yvain 6ae35e23fe cencys related modules update 2022-06-20 10:24:58 +02:00