ce76f0e62e
Upcase error check for consistency
2022-04-16 07:27:36 -04:00
e34201ce48
fortios_vpnssl_traversal_creds_leak: Add authors, notes, and references
2022-04-16 06:52:59 +00:00
0d3f50522d
Land #16318 Add support to old KEX algorithms
...
This commit fix the issue #16138 by adding
support to old key exchange algorithms in
the net/ssh lib by defining the
append_all_supported_algorithms to true.
2022-04-14 11:29:39 -07:00
b83a4b2a7a
Add in fixes to module and documentation from final review
2022-04-14 12:45:15 -05:00
82be63ffdc
Land #16451 , Use debug versions of extensions if MeterpreterDebugBuild is enabled
2022-04-14 11:34:08 -05:00
bf849eb2a2
Making SSH defaults widely used
2022-04-14 17:27:19 +02:00
f32443b477
Update with debug source code and options, cleanup module code per gwillcox-r7
2022-04-14 10:25:55 -05:00
c4700c9e64
Rubocop
2022-04-14 17:25:48 +02:00
64eccf5578
Rollback changes used for test
2022-04-14 14:48:26 +02:00
92a1e207db
Update modules/post/windows/gather/get_bookmarks.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-04-13 14:50:07 -04:00
d3c8119e25
Removed string from the command input
2022-04-13 18:55:17 +02:00
1305baf6f6
Module should use ssh_defaults
2022-04-13 18:51:43 +02:00
fa86decd09
Apply suggestion from code review
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-04-13 18:25:45 +02:00
aca1b8df9b
Use debug versions of extensions if MeterpreterDebugBuild is enabled
2022-04-13 14:10:57 +01:00
1ddd893b0f
VNC Keyboard Exec: Avoid typing too fast
...
Avoid overloading target's keyboard buffer by inserting small sleeps in long commands
2022-04-13 14:28:17 +02:00
b5dd215cee
Update cached PHP Meterpreter payload size
2022-04-13 13:09:00 +01:00
42a56b2800
Remove the thing I commented out.....
2022-04-12 21:19:20 -05:00
147d6e1df7
Added docs, reverted strip_comments, rubocop'd
2022-04-12 21:14:11 -05:00
5fdf82ff76
Add toggleable logging to console & file to PHP Meterpreter
2022-04-12 17:15:06 +01:00
a4a9bc033a
Fix building the SessionSetup request for MS17-010
...
RubySMB commit 8035d9c2 broke the exploit's SessionSetup request.
2022-04-12 10:45:17 -04:00
b0e4a16fa1
Update cached Python Meterpreter payload sizes
2022-04-12 11:39:56 +01:00
b9052be102
Use libdyld locator to fix osx stager on monterey
...
We locate the dyld_shared_cache in memory to find and resolve the
functions we need in libdyld.dylib. We retain the original dyld location
method on osx versions before Sierra.
Explicitly set length for osx x64 initial stage
The rdx register, used for passing the payload length, is being
clobbered by a system call in the new MacOS version. Instead of relying
on the register being untouched, we set it equal to the payload length.
2022-04-12 11:27:23 +09:00
ab382cddf0
change requireauth to authprompt
2022-04-11 14:26:25 -04:00
f7b58e243c
smtp server can prompt for auth
2022-04-10 11:55:07 -04:00
d06a5db6d6
Enumerate Windows AV via WMI root\SecurityCenter2
...
Query WMI via shell or meterpreter session for deployed AV products
from the root\SecurityCenter2 namespace; record results as notes.
2022-04-09 12:06:41 -04:00
a53be3184a
Improving error handling of Kerberos
2022-04-08 20:48:10 +01:00
1e867ac5a7
Improve kerberos user enum module
2022-04-08 15:55:37 +01:00
2fdcc143c0
Improve usability by turning the payload path into custimizablea module option
2022-04-08 11:10:16 +02:00
cf5bca9166
Improve exploit reliability
2022-04-08 10:47:23 +02:00
6c96fd9ab9
Apply rubocop suggestions
2022-04-08 09:48:41 +02:00
96d86944da
Added precompiled binary and option to strip output, fixed comment-strip bug
2022-04-07 17:09:35 -05:00
5de966cfb1
Land #16382 , CVE-2022-26904 SuperProfile LPE
2022-04-07 12:52:39 -04:00
51e37bbe42
Add in process kill off code for Meterpreter sessions, seems I forgot to include this
2022-04-07 10:48:08 -05:00
7b2e8cf37f
Apply suggestions from code review
...
Co-authored-by: bcoles <bcoles@gmail.com >
2022-04-07 16:57:00 +02:00
3bba17bc56
fail_with should not be used in check
2022-04-07 16:53:17 +02:00
b60dd43405
Add modules notes, with Spring4Shell
2022-04-07 16:46:49 +02:00
53adf24c86
Apply suggestions from code review
...
Co-authored-by: bcoles <bcoles@gmail.com >
2022-04-07 16:40:03 +02:00
32edc6c5b5
variable name changes
2022-04-07 10:23:54 -04:00
4e6176d9ca
Finish exploit CVE-2022-22965
2022-04-07 15:22:18 +02:00
db89fc5e7a
Add module for cve-2022-0995
2022-04-06 13:35:14 -05:00
1fd779c52c
Land #15972 , add LEAK_PARAMS option log4shell scan
2022-04-06 11:17:44 -05:00
4638067723
Fix RuboCop errors
2022-04-06 09:18:05 -05:00
70b1da6df4
Fix a misspelling
2022-04-06 09:04:26 -04:00
04ac668e21
Update the docs for readability
2022-04-06 08:58:09 -04:00
94e0eec249
Land #16082 , Add ShadowMitmDispatcher to the smb_shadow module
2022-04-06 11:45:59 +02:00
d60754ea37
Land #16401 , add CVE-2022-22616 to osx_gatekeeper_bypass
2022-04-06 07:57:32 +01:00
c8c91fcaf3
Add in fix to ensure that we can spawn sessions automatically on Windows 10 20H2 and other systems were we hit a bug with UAC prompts from the exploit DLL itself not triggering the payload
2022-04-05 19:16:48 -05:00
27c8210b27
Update smb_shadow module to fix rubocop errors
...
Use msftidy to fix the rubocop errors.
2022-04-06 07:12:46 +09:00
8495bff61c
Merge master and update the smb_shadow module
...
Add comments detailing the technique used to attack SMBv3. Remove some
comments that are no longer needed. Fix Gemfile.lock conflict.
2022-04-06 07:06:45 +09:00
aa7cba7b72
included store_loot and string interpolation
2022-04-05 16:50:51 -04:00
RageLtMan