adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
h00die e9296d1add saltstack review 2024-01-10 17:04:03 -05:00
h00die b8e2feebe0 ssh_version module 2024-01-09 17:52:17 -05:00
bwatters 57c882cab5 Land #18604, Add Post Windows Gather to perform Mikrotik Winbox "Keep Password" credentials extraction 
Merge branch 'land-18604' into upstream-master
 2024-01-09 15:38:35 -06:00
jheysel-r7 43f4705e60 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-01-09 12:37:59 -05:00
h00die 077cad34ab non-working module 2024-01-08 19:47:24 -05:00
siddolo dc6d84d823 Update modules/post/windows/gather/credentials/winbox_settings.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-01-09 00:43:10 +01:00
adfoster-r7 6ffebfc822 Land #18679, Aux modules spelling 2024-01-08 11:22:58 +00:00
adfoster-r7 75c2de8c3d Revert spelling correction 2024-01-08 10:51:35 +00:00
h00die 4cb904535e rubocop telegram/send_message 2024-01-07 15:04:17 -05:00
h00die 8beb6255cb fix spelling in aux modules 2024-01-07 15:02:53 -05:00
h00die 04c0dede5e fix spelling in some modules 2024-01-07 14:06:31 -05:00
Jeffrey Martin 6d298c379b remove unused advanced option 2024-01-07 13:02:04 -06:00
h00die-gr3y 85897a2596 update adding aarch64 architecture and some new targets 2024-01-06 17:26:38 +00:00
h00die 80e9f1b97d saltstack salt-master review 2024-01-06 06:38:59 -05:00
bwatters a0bc08c6ec Quick change to add support for more sessions and to only read the file once 2024-01-05 17:33:54 -06:00
Gaurav Jain 98667edf76 Add suggested changes 2024-01-05 22:31:51 +05:30
h00die-gr3y 94a84960a2 Improved check for v3.x routers to obtain exact version 2024-01-05 16:20:29 +00:00
h00die-gr3y eb902457f2 small update to module for mt6000 vuln test 2024-01-05 13:19:54 +00:00
bwatters cdfa421d15 Land #18515, Add java target for ManageEngine ServiceDesk Plus CVE-2022-47966 
Merge branch 'land-18515' into upstream-master
 2024-01-04 17:25:08 -06:00
Spencer McIntyre 2028fbd226 Land #18404, Working Module for CVE-2023-38146 2024-01-04 12:20:26 -05:00
bwatters f341f72c72 add AKA 2024-01-04 11:11:23 -06:00
h00die-gr3y adf455e8cb Third release of module and documentation 2024-01-04 14:01:37 +00:00
h00die-gr3y b2312c97d3 Second release of module and documentation 2024-01-04 09:26:16 +00:00
h00die-gr3y 9fdac8fd28 First release of module 2024-01-03 19:43:49 +00:00
adfoster-r7 a9f5c11d68 Land #18484, add ability to follow payload override in shell to meterpreter 2024-01-03 12:05:29 +00:00
Jeffrey Martin 2ab1b7a310 adjustments to NTLM LDAP support 
* invert storage test for callback
* do not override service instance domain and hostname
* remove wrapping `Array` on `context_data` in response
* generate NTLM Type1 message instead of hardcoded blob
 2024-01-02 13:08:48 -06:00
h00die-gr3y 08c5e6a689 Draft release of module. Not ready for review 2023-12-31 10:19:34 +00:00
Spencer McIntyre 97c3ccc8af Keep the service running when a session is opened 2023-12-29 14:03:27 -05:00
Spencer McIntyre d67d39ace6 Add error checking to #setup 2023-12-29 14:03:23 -05:00
Julien Voisin ed421c21ca Add a way to get the buildid via perf 2023-12-29 17:24:27 +01:00
Kevin Joensen 3b8f684d08 Fixed check module function 2023-12-29 16:18:50 +01:00
Kevin Joensen 2f023f7315 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-29 14:50:47 +01:00
Jack Heysel 11d58ef2e8 Land #18631, Improve vScalation Priv Esc Check 
This PR adds an improvement to the check method of the
vcenter_java_wrapper_vmon_priv_esc module. Before the module
would attempt to run stat on a file before checking if the file
existed on the system. This fixes that issue.
 2023-12-28 13:16:11 -05:00
Jack Heysel 63eb5f2a35 Land #18632, Add improvements to glibc tunables 
This PR adds improvements to the glibc tunables module. In the
event the file command is not present on the target the module
will try to use the readelf command in order to get the ld.so
BuildID to determine whether or not the target is compatible with
exploit.
 2023-12-28 12:41:52 -05:00
Jack Heysel beef573fb8 Land #18635, Authenticated Splunk Info Disclosure 
This PR adds a module for an authenticated Splunk information
disclosure. This module gathers information about the host
machine and the Splunk install including OS version, build,
CPU arch, Splunk licnese keys etc.
 2023-12-28 11:20:52 -05:00
jheysel-r7 8b970af7f6 Update modules/auxiliary/gather/splunk_raw_server_info.rb 2023-12-27 12:40:18 -05:00
jheysel-r7 f950711da1 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-12-27 12:37:17 -05:00
Gaurav Jain d0beea91bd Add exploit for CVE-2022-42889 2023-12-25 00:43:50 +05:30
h00die 357bdc8c10 ansible post library 2023-12-24 11:49:27 -05:00
h00die b654275ec4 add saltstack lib 2023-12-23 13:52:52 -05:00
h00die 11c12fcb6d review comments 2023-12-23 13:23:34 -05:00
h00die e72242949e review comments 2023-12-23 12:22:57 -05:00
h00die a5698f6aa6 review comments 2023-12-23 12:18:06 -05:00
Christophe De La Fuente 3182cb4000 Land #18612, Craft CMS unauthenticed RCE [CVE-2023-41892] 2023-12-22 10:59:39 +01:00
Balgogan 0a2dea523f Add suggested changes 2023-12-22 00:04:54 +01:00
bwatters ce43db0904 Fix TBDs and give better documentation. 2023-12-21 16:18:36 -06:00
h00die-gr3y 4c404765a4 Final update to the module based on cdelafuente-r7 comments 2023-12-21 12:06:21 +00:00
h00die 91c58ba268 asan local better check 2023-12-20 21:00:17 -05:00
h00die 526da210ad asan local better check 2023-12-20 20:58:00 -05:00
h00die 0394f5f7ad splunk 6.6.0+ 2023-12-20 20:47:04 -05:00