adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
bwatters d3b0c538a1 Probably need to figure out how to get the requested filename.... 2023-12-12 10:09:13 -06:00
bwatters 62d3cfa72d Still not working, but closer 2023-12-12 10:09:13 -06:00
bwatters ce55c1cd78 Fix silly file name disagreement 2023-12-12 10:09:13 -06:00
bwatters 486f42896f Non-Working Draft Module 2023-12-12 10:09:13 -06:00
Dean Welch 58f79c7b47 Fix typo 2023-12-12 11:59:07 +00:00
Dean Welch 7e88279299 Add smb session support to scanner modules 2023-12-12 11:59:07 +00:00
Dean Welch cf24bca946 Add smb session support to smb_relay module 2023-12-12 11:59:07 +00:00
Dean Welch c55d4ceda0 Add smb session support to windows_secrets_dump module 2023-12-12 11:59:07 +00:00
Dean Welch 387c90e91e Add smb session support to psexec_ntdsgrab module 2023-12-12 11:59:07 +00:00
Dean Welch 36cc8f6267 Add smb session support to upload_file module 2023-12-12 11:59:07 +00:00
Dean Welch b0d7695e10 Add smb session support to download_file module 2023-12-12 11:59:07 +00:00
Dean Welch 1f91d2eee9 Add smb session support to delete_file module 2023-12-12 11:59:07 +00:00
cgranleese-r7 5f396245f2 Land #18539, Add Smb session type 2023-12-12 11:45:19 +00:00
Jack Heysel 603e5b2bff Land #18569, Add a module to perform ASREP-roasts 
This adds a module to gather credential material from accounts
with Requires Pre-Authentication disabled. The module supports two
mechanisms, Brute Forcing using a list of usernames or using a LDAP
query to request the relevant usernames, followed by requesting TGTs.
 2023-12-11 19:58:06 -05:00
Jack Heysel 862194d63f Documentation and rubocop changes 2023-12-11 19:01:35 -05:00
Jack Heysel 61414fab27 Refactored module to use mixin 2023-12-11 18:24:37 -05:00
bwatters daa6d5363f Land #18577, Added RCE Module for Splunk Enterprise (CVE-2023-46214) 
Merge branch 'land-18577' into upstream-master
 2023-12-11 15:52:05 -06:00
Zach Goldman 90d3d6fc0a testing for opt_enum changes 2023-12-11 09:08:54 -06:00
Balgogan 374d724567 Lint 2023-12-11 15:36:10 +01:00
Valentin Lobstein 78c57c1c5c Update modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-11 15:22:33 +01:00
Valentin Lobstein cb0ee49f71 Update modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-11 15:22:09 +01:00
h00die-gr3y ff44932113 first draft release of module 2023-12-10 21:09:40 +00:00
Jack Heysel 3bad98afc6 Land #18488, add kerberos_tickets post module 
Adds a module to manage kerberos tickets from a compromised
host. This PR also includes rail gun enhancements.
 2023-12-07 19:12:48 -05:00
siddolo 48e2e09dfc msftidy fix 2023-12-07 19:23:33 +01:00
Kevin Joensen 83dccfafaf added retry_until_truthy and sensor deletion upon payload running 2023-12-07 15:16:42 +01:00
siddolo 05800296f3 RuboCop fixes and msftidy fixes 2023-12-07 13:45:19 +01:00
siddolo 4039ea523a RuboCop Fixes 2023-12-07 13:19:13 +01:00
siddolo 32e5dfb12d Windows gather credentials for Mikrotik Winbox 'Keep Password' feature 2023-12-07 13:14:37 +01:00
adfoster-r7 45880850f5 Land #18603, add cves to snmp modules 2023-12-06 22:47:06 +00:00
h00die 5b8e7594f2 add cves to snmp modules 2023-12-06 16:52:10 -05:00
cgranleese-r7 f794268020 Land #18578, Docker cgroup escape (CVE-2022-0492) 2023-12-06 16:07:08 +00:00
Jack Heysel 509ec2c9b5 Land #18591, add ownCloud auxiliary module 
This module can extract sensitive environment variables from
the ownCloud target including ownCloud, DB, Redis, SMTP and
S3 credentials.
 2023-12-05 10:50:57 -05:00
Christophe De La Fuente 10d4b9233b Land #18463, D-Link Router UPnP unauthenticed LAN RCE via a crafted M-SEARCH packet 2023-12-05 10:58:15 +01:00
Christophe De La Fuente 7cd1b75497 Update deprecation date and message 2023-12-05 10:51:12 +01:00
Jack Heysel abfec99735 Added loop with key value pairs 2023-12-04 20:09:56 -05:00
Zach Goldman 56afed78ff fix optenum, add documentation, fix issue with unset values 2023-12-04 18:03:28 -06:00
Zach Goldman 095540cea6 Enhance ability to follow payload override in shell to meterpreter 
Update modules/post/multi/manage/shell_to_meterpreter.rb

Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>

payload override
 2023-12-04 12:01:28 -06:00
Dean Welch 152056b001 DRY up post mixin/optional session 2023-12-04 17:55:15 +00:00
Dean Welch cd8cc75cf3 Add smb session type 2023-12-04 17:55:11 +00:00
dwelch-r7 45c54797ac Land #18581, Add hierarchical search table support 2023-12-04 17:11:00 +00:00
Zach Goldman 3d6ddf769e Land #17667, Update password crackers 2023-12-04 10:45:53 -05:00
h00die 0f7e00d30e owncloud exploit 2023-12-03 15:57:36 -05:00
h00die befc87f9f0 owncloud exploit 2023-12-03 15:45:44 -05:00
h00die ea803063b1 owncloud phpinfo reader 2023-12-03 11:04:38 -05:00
h00die f1fc6b7cdd review comments, adding new payloads 2023-12-01 16:06:48 -05:00
Balgogan ab9576f83d Add changes 2023-12-01 10:55:04 +01:00
Kevin Joensen 2718c078d2 removed WfsDelay 2023-12-01 10:15:55 +01:00
Kevin Joensen d26db0b1dd changed datastore['TARGETURI'] to target_uri.path 2023-12-01 10:15:13 +01:00
Kevin Joensen 26e7807154 updated URI to TARGETURI 2023-12-01 10:09:06 +01:00
Kevin Joensen 9105966b20 Fixed debug string 2023-12-01 10:07:28 +01:00