adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Brendan Coles 04552d7998 windows/gather/enum_domains: Return early if no domains are found 2022-01-28 11:06:53 +00:00
usiegl00 dbc8a70b7c Merge remote-tracking branch 'origin/master' into mitm_dispatcher 2022-01-28 10:24:50 +09:00
usiegl00 0259e586a9 Update smb_shadow module and rename MitmDispatcher 
The MitmDispatcher is now the ShadowMitmDispatcher to help prevent name
confusion. Updated the ShadowMitmDispatcher to use native rex lib calls
to decode binary fields.
 2022-01-28 08:39:07 +09:00
bwatters f3f3f8726c update payload cache sizes 2022-01-27 09:18:08 -06:00
Dhiraj Mishra ad190fe80f Spaces at EOL 2022-01-27 12:51:36 +04:00
Dhiraj Mishra 4828bc58e6 Spaces at EOL and Date 2022-01-27 12:43:41 +04:00
Dhiraj Mishra dbca5eeb07 Some linting 2022-01-27 12:32:33 +04:00
Dhiraj Mishra 4c0340b26c cve_2021_4034_pwnkit_lpe_pkexec 2022-01-26 23:05:36 +04:00
agalway-r7 0e0834302d Land #16099, cleans up smb_relay module via rubocop 2022-01-26 10:28:52 +00:00
adfoster-r7 a17dfcc849 Rubocop smb relay module 2022-01-26 00:47:19 +00:00
Grant Willcox 44f040ad78 Land #16056, Exploit Module for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-24 21:03:46 -06:00
Grant Willcox 15751a0f78 Minor langauge fix and final typo 2022-01-24 21:01:34 -06:00
Spencer McIntyre 3cd2b1b929 Update naming for consistency and the module 2022-01-24 10:35:40 -06:00
Jake Baines 04d06a2df1 Switched to proper fail_with calls in exploit failure 2022-01-24 04:13:43 -08:00
Jake Baines 2c989ec714 Addressed multiple review comments (spelling, doc details, randomization, etc) 2022-01-22 14:09:58 -08:00
Jake Baines 45bd890c2d Update grandstream_ucm62xx_sql_account_guess.rb 
Spelling in the description
 2022-01-22 15:55:30 -05:00
Jake Baines 642b04ca45 Merge branch 'rapid7:master' into grandstream_CVE_2020_5724 2022-01-22 15:38:55 -05:00
Jake Baines e7198f7e20 Module for dumping the users table from Grandstream UCM62xx IP PBX before 1.20.22 2022-01-22 04:10:35 -08:00
Grant Willcox d064bbe9a5 Land #16053, Log4Shell Unifi Controller RCE 2022-01-21 12:51:38 -06:00
Spencer McIntyre 458d584f83 Add details to check codes and PR feedback 2022-01-21 09:40:23 -05:00
usiegl00 5cc716fa0d Add MitmDispatcher to the smb_shadow module 
The MitmDispatcher reduces code repetition and enables the use of
standard RubySMB syntax. I have noticed increased power draw when using
the new dispatcher compared to the previous (less stateful) approach.
 2022-01-21 14:57:07 +09:00
Grant Willcox 1186529204 Land #16020, Adding Modbus Service Device ID 0x2B 2022-01-20 12:53:37 -06:00
Grant Willcox 05fe2fadbb Apply RuboCop rules to modbusclient.rb 2022-01-20 12:23:01 -06:00
Grant Willcox 577f5f81b9 Fix up spacing errors and fix a potential OOB reference issue 2022-01-20 12:14:51 -06:00
VanSnitza 899fbfcb85 Update modbusclient.rb 2022-01-20 17:36:02 +01:00
VanSnitza b3fb678055 Update modules/auxiliary/scanner/scada/modbusclient.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-01-20 17:16:24 +01:00
Spencer McIntyre 579627f5c7 Update docs, note OS X support 2022-01-20 10:47:11 -05:00
VanSnitza 2f76c602f2 Update modbusclient.rb 2022-01-20 16:37:11 +01:00
Spencer McIntyre ba469a4b2c Add version detection to the Unifi exploit 2022-01-20 09:26:48 -05:00
Brendan Coles c17c2636ae post/osx/gather/hashdump: Add 'meterpreter' to supported SessionTypes 2022-01-20 13:11:24 +00:00
Brendan Coles a31052afbd post/multi/manage/sudo: Abort if session type is Meterpreter 2022-01-20 12:44:29 +00:00
VanSnitza 0765b1ffb1 Update modules/auxiliary/scanner/scada/modbusclient.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-01-20 11:42:06 +01:00
Spencer McIntyre 3d80a46e67 Check the HTTP response from the trigger 2022-01-19 17:51:31 -05:00
Spencer McIntyre ef344d9d12 Add the Unifi Log4Shell RCE exploit 2022-01-19 17:51:31 -05:00
bwatters 4cf3ae352c Land #16050, Log4Shell: vCenter RCE 
Merge branch 'land-16050' into upstream-master
 2022-01-19 16:30:33 -06:00
Grant Willcox 8bb3e39fd7 Land #16036, Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 10:58:42 -06:00
Grant Willcox 66cff164cf Land #16063, local_admin_search_enum: Fix typo: @domain_controller 2022-01-19 10:24:59 -06:00
Brendan Coles ee2feb1207 Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 00:04:15 +00:00
Spencer McIntyre c446e83e67 Parse the NTLM Type 1 message 2022-01-18 16:43:10 -05:00
Grant Willcox 50eabd3de0 Add further input validation 2022-01-18 16:43:10 -05:00
Grant Willcox bbc789e91a Apply additional error handling and improve quality of error messages 2022-01-18 16:43:10 -05:00
Alex 9c83c7c2b7 Added error handling to catch malformed NTML hashes 
As mentioned in #15720 with some NTML responses the code crashes, unable to enumerate the domain. To prevent this behavior a try and except block was added, to inform the user about the crash.
 2022-01-18 16:43:10 -05:00
Grant Willcox 8852eaa6b8 Land #16049 - Reference Fixes 2022-01-18 13:46:25 -06:00
Brendan Coles c29e30c58e local_admin_search_enum: Fix typo: @domain_controller 2022-01-18 15:08:30 +00:00
shoxxdj 57efcefe82 improve wordpress_scanner module 2022-01-17 11:32:48 +01:00
Brendan Coles 2bb5edac9e local_exploit_suggester: Print session_host if session is valid 2022-01-16 03:24:41 +00:00
Jake Baines 4ebb702405 Added an exploit for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-15 12:46:56 -08:00
Spencer McIntyre 96a5d656bd Final cleanups and reference updates 2022-01-14 08:41:37 -05:00
Spencer McIntyre 3f04b80d8b Add vCenter Log4Shell docs 2022-01-13 14:50:28 -05:00
space-r7 383ada6ae2 Land #16016, fix RHOSTS in dcerpc scanner 2022-01-13 13:15:24 -06:00