adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

73452 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Christophe De La Fuente 44c5422e07 Land #18922, JetBrains TeamCity Unauthenticated RCE exploit module (CVE-2024-27198) 2024-03-13 20:16:27 +01:00
cgranleese-r7 d2c599eaf4 Land #18954, Ensure modules honor spooler settings 2024-03-13 16:48:30 +00:00
sfewer-r7 6d84f0e898 reduce the size of teh exploit method by spinngin out two new methods create_payload_plugin and auth_new_admin_user. several if/unless blocks were flattened to be inline if/unless 2024-03-13 09:58:51 +00:00
sfewer-r7 4bd105202a improve the readability of the XML 2024-03-13 09:29:43 +00:00
sfewer-r7 b04e84ed99 clarify we must call this a second time 2024-03-13 09:17:18 +00:00
sfewer-r7 df2c94f873 anther typo 2024-03-13 09:14:23 +00:00
Stephen Fewer b9e82375c1 typo 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-03-13 09:13:11 +00:00
Stephen Fewer d7bf7bc2ea Use Failure::NoAccess as a better failure error, as we are trying to login 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-03-13 09:12:56 +00:00
Stephen Fewer 46dd21d69d use ||= to assign new hash if needed 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-03-13 09:11:42 +00:00
Christophe De La Fuente fbbaf69050 Land #18949, notify the user the DNS feature requires a restart 2024-03-12 20:15:15 +01:00
Christophe De La Fuente 8989b3226f Update the wording for the DNS feature warning restart message 2024-03-12 20:14:22 +01:00
adfoster-r7 4292488925 Ensure modules honor spooler settings 2024-03-12 18:01:23 +00:00
Metasploit 923f4c9f7b automatic module_metadata_base.json update 2024-03-12 11:45:17 -05:00
adfoster-r7 81e96d3e71 Land #18952, Updates Postgres hashdump module to now work with newer versions of Postgres 2024-03-12 16:29:01 +00:00
cgranleese-r7 1baf86842e Land #18951, Update acceptance test readme 2024-03-12 16:26:08 +00:00
dwelch-r7 d88185bff0 Land #18945, Fix crash when running http crawler with database connected 2024-03-12 16:13:44 +00:00
cgranleese-r7 a33e7a72b0 Updates Postgres hashdump module to now work with newer versions of Postgres 2024-03-12 16:13:04 +00:00
adfoster-r7 9a9c27bb60 Fix crash when running http crawler with database connected 2024-03-12 15:47:32 +00:00
adfoster-r7 290656faaf Update acceptance test readme 2024-03-12 15:25:23 +00:00
Metasploit b52d79ec49 automatic module_metadata_base.json update 2024-03-12 09:27:23 -05:00
cgranleese-r7 4e0e3da74c Land #18835, clean up code duplication 2024-03-12 14:09:22 +00:00
Spencer McIntyre a366f6a819 The DNS feature requires a restart, so flag it 
Also rename DNS_FEATURE to simply DNS because in this context, the
FEATURE suffix is redundant.
 2024-03-12 09:58:52 -04:00
Christophe De La Fuente f4fedc2195 Land #18868, Add documentation for the new DNS command 2024-03-12 14:08:08 +01:00
Spencer McIntyre c8d50bda0f Add documentation for the new DNS command 2024-03-12 08:59:08 -04:00
Dean Welch 689caf4bd1 Add upload/download/delete/mkdir/rmdir to smb session 2024-03-12 11:56:29 +00:00
Christophe De La Fuente 69f368b8f4 Land #18944, Fix saving and loading DNS rules from the config 2024-03-12 12:10:58 +01:00
cgranleese-r7 d964edde11 Land #18932, Add postgres acceptance tests 2024-03-12 10:36:46 +00:00
Adrian Șendroiu 2007e6d8fb Fix inconsistent casing in windows/local/wmi_persistence 2024-03-12 12:17:46 +02:00
Spencer McIntyre 65cc577694 Fix saving and loading DNS rules from the config 2024-03-11 14:55:36 -04:00
sfewer-r7 1e371d0e4a resolve teh Java payload issue on Linux by leveraging PayloadServlet, runnign teh payload in a thread, and forcing teh default optiosn for Spawn to be 0 2024-03-11 18:06:44 +00:00
SickMcNugget 67fcd57a1f Merge branch 'runc_priv_esc' of github.com:SickMcNugget/metasploit-framework into runc_priv_esc 2024-03-11 22:23:55 +08:00
SickMcNugget 6c1b4c1421 Update check to account for backports 2024-03-11 22:19:18 +08:00
Metasploit 172a200525 automatic module_metadata_base.json update 2024-03-11 09:10:38 -05:00
Zach Goldman 7ce91df66e clean up code duplication 2024-03-11 09:09:46 -05:00
Christophe De La Fuente 0252429715 Land #18775, Adding new module for MinIO (CVE-2023-28432) 2024-03-11 14:46:59 +01:00
adfoster-r7 49a5f0d113 Land #18937, fix docs typo 2024-03-11 10:27:57 +00:00
sfewer-r7 0513654f10 Fix edge case for java payloads when Spawn is set to 0, all access to the plugin will block. We can still get a session if we fall through here. We cant delete the plugin as access will block because we did not spawn. 2024-03-08 17:09:14 +00:00
sfewer-r7 ab0327fb33 clarify we are using SpEL not OGNL here 2024-03-08 15:57:46 +00:00
cudalac 980c5053f4 Peer Review 2024-03-08 08:54:38 -05:00
Josh 4078707933 fix typo 2024-03-07 23:28:29 +01:00
Metasploit 1d764c1780 automatic module_metadata_base.json update 2024-03-07 08:05:54 -06:00
Christophe De La Fuente ba75b3bb3f Land #18716, gitlab password reset account takeover (CVE-2023-7028) 2024-03-07 14:40:29 +01:00
cgranleese-r7 169ea31673 Land #18930, Adds a help command within the interactive query prompt 2024-03-07 12:07:15 +00:00
adfoster-r7 0139ed61d1 Land #18931, adds notification when initially entering a SQL shell within SQL session types 2024-03-07 11:50:05 +00:00
cgranleese-r7 0fad7bbe1c Adds a notification when initially interatcing with SQL shell via command 2024-03-07 11:34:45 +00:00
Dean Welch 2a68e04292 Update help message 2024-03-07 11:03:07 +00:00
adfoster-r7 e7bc17cab3 Add postgres acceptance tests 2024-03-07 10:35:45 +00:00
Metasploit b91b718077 Bump version of framework to 6.3.60 2024-03-07 03:34:49 -06:00
adfoster-r7 a3a331a07a Land #18926, updates new sessions to have a consistent local file system API 6.3.59 2024-03-06 17:03:58 +00:00
Metasploit 05a7698773 automatic module_metadata_base.json update 2024-03-06 11:00:31 -06:00