adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
kalba-security 6b4aa25490 Add Meterpreter support via Linux target with ARCH_ARMLE and cmdstager 2021-09-23 18:26:13 -04:00
Grant Willcox 9deffb1848 Fix up a bug and resolve Christophe's review comments 2021-09-23 16:45:15 -05:00
adfoster-r7 e81f1b5687 Gracefully fallback to sesion.ui.screenshot when espia is not supported 2021-09-23 21:10:40 +01:00
Grant Willcox 061240367d Push up changes to support saving WiFi credentials captured to the database, as well as to fix issues noticed during the review process 2021-09-23 13:31:27 -05:00
space-r7 64f7581c97 Land #15686, OptRegexp default should be string 2021-09-23 09:22:45 -05:00
Tim W 4d3dda67ea fix msftidy 2021-09-23 13:02:17 +01:00
Tim W 18015e5a0e add support for powershell sessions 2021-09-23 13:02:17 +01:00
Tim W d3a372e92b add support for shell sessions 2021-09-23 13:02:17 +01:00
Tim W fad8aef5f7 add support for 404 and 500 if files are inaccessible 2021-09-23 13:02:17 +01:00
Tim W fdea8bb805 add module to access a sessions filesystem in a browser 2021-09-23 13:02:17 +01:00
Tim W f540c2ad8f move get_drives to file mixin 2021-09-23 13:02:17 +01:00
kalba-security af98d56e17 Update credits to add PoC 2021-09-23 06:22:39 -04:00
kalba-security 0d42c36655 Specify that newer versions may still be vulnerable as no patch has been confirmed by the vendor 2021-09-23 05:19:07 -04:00
kalba-security b81d44020a Add Aerohive NetConfig 10.0r8a LFI and log poisoning to RCE module and docs 2021-09-23 04:57:48 -04:00
Grant Willcox 2ac4c71537 Add 'keep_cookies' => 'true' to requests so that we don't have to juggle cookies. Also make file write binary to comply with RuboCop 2021-09-22 17:02:24 -05:00
Grant Willcox 1ca075fb4f Fix up RuboCop issues 2021-09-22 14:06:06 -05:00
Grant Willcox d4474b0706 Add in refined XPATH searches to module, ability to automatically get a session, improved error handling, documenation for module, and general improvements 2021-09-22 14:01:49 -05:00
Spencer McIntyre cd0e0e4fb4 Land #15697, NTLM parsing refactor 2021-09-22 10:57:28 -04:00
Spencer McIntyre 072911f996 Land #15696, Display computer information from NLA 2021-09-22 10:42:23 -04:00
Spencer McIntyre 6acdced3f0 Land #15506, Add evasion module syscall_inject 2021-09-22 10:17:13 -04:00
Spencer McIntyre 48b76e6149 Revert a change that caused a bug 
Using the capital W in Windows.h would raise a fatal error when
compiling.
 2021-09-22 09:55:17 -04:00
Ashley Donaldson 0279c572a1 Fixed rubocop warnings in ntlm_info_enumeration module 2021-09-22 15:44:19 +10:00
Ashley Donaldson 5fda1d40f3 Refactored NTLM parsing to use the rubyntlm library 2021-09-22 15:37:22 +10:00
Ashley Donaldson bd6bfd7d70 Fixed rubocop warnings for the modified module 2021-09-22 15:05:53 +10:00
Ashley Donaldson 2349393ef0 Display computer information gleaned from NTLM handshake in RDP. 2021-09-22 12:09:19 +10:00
Spencer McIntyre ca6f957de0 Land #15632, Winrm improvements 2021-09-21 16:43:24 -04:00
space-r7 b24b6d8063 Land #15695, fix crash / add logging nmap module 2021-09-21 14:13:11 -05:00
Ashley Donaldson 9d8193150f Allow running a shell command separately to the currently interactive shell 2021-09-21 19:12:49 +10:00
adfoster-r7 c86f52a3ec Land #15679, bug fix for tomcat_mgr_upload module not undeploying app after exploit 2021-09-21 03:34:43 +01:00
adfoster-r7 ed72ca217a Improve setuid nmap module 2021-09-21 01:47:59 +01:00
space-r7 fee037ac18 Land #15670, add opmanager sumpdu deser module 2021-09-20 12:15:26 -05:00
Jeffrey Martin 731b3d5ffe OptRegExp default value as string representation 
OptRegExp default should be string to utilize in a Regex.
This allows for the object to serialize in metadata and via
rpc bridge when transimiteed using msgpack.
 2021-09-17 16:34:46 -05:00
Grant Willcox 4181602047 Even more RuboCop changes, this time to add in the Notes section 2021-09-16 17:25:27 -05:00
Ashley Donaldson 91d0a6cc55 Re-auth after the session times out 
This seems to happen after 8 hours. WinRM doesn't like having bodies
in the authentication requests, so we force the HTTP client to send
an empty one first
 2021-09-17 07:32:18 +10:00
Grant Willcox 72df696d4e Add in method to enable telnet, further cleanup for Rubocop 2021-09-16 16:11:19 -05:00
Spencer McIntyre 4bccc0541f Add a note about exploitable versions 2021-09-16 17:08:23 -04:00
Grant Willcox 381f561f24 Use vars_get in send_request_cgi to be more proper and comply with Rubocop rules 2021-09-16 14:51:23 -05:00
Spencer McIntyre fd0f565095 Add automatic targeting for the CVEs 2021-09-16 15:15:52 -04:00
Grant Willcox f9c683132c Improve the password reporting code to use more updated function create_credential_login instead 2021-09-16 13:03:29 -05:00
space-r7 12af64c4d8 Land #15604, add buffer overflow G-Cam module 2021-09-16 13:02:57 -05:00
Grant Willcox e9bd10faef Fix up broken module and RuboCop errors so we actually have functional code 2021-09-16 12:40:58 -05:00
Grant Willcox 810fa6be6e Change module name to lowercase snakecase, update attribution to conform to standards, store captured creds in database 2021-09-16 12:30:08 -05:00
Spencer McIntyre 9f971e8716 Update the module for CVE-2021-3287 2021-09-16 12:58:30 -04:00
Your Name a2f83c22ba Add Pattern Create 2021-09-16 08:22:57 +01:00
Naveen Sunkavally d1da74d329 bug fix to undeploy app after exploit 2021-09-15 21:54:21 -04:00
Grant Willcox 2e5fc391c7 Add in initial writeup of netgear_PNPX_GetShareFolderList_auth_bypass.rb 2021-09-15 15:31:47 -05:00
Spencer McIntyre 56cd43a8b8 Land #15624, Add module for CVE-2020-27955 2021-09-15 14:54:19 -04:00
space-r7 c491687b78 Land #14631, add Jira user enum module 2021-09-15 12:37:17 -05:00
space-r7 c151937226 Update versions tested and vulnerable versions 2021-09-15 12:35:34 -05:00
adfoster-r7 39ca4660a9 Add meterpreter compatibility metadata to screenshare module 2021-09-15 17:34:57 +01:00