adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

73452 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
adfoster-r7 d76dd4a7fb Improve visual indentation logic for tables 2024-02-22 14:43:29 +00:00
Gaurav Jain b2cb102c9b Merge branch 'rapid7:master' into manageengine 2024-02-22 17:20:28 +05:30
Gaurav Jain 51dcd5c971 Update splunk cve-2023-32707 to use reviewed changes 2024-02-22 17:13:44 +05:30
adfoster-r7 4af5c5438f Land #18830, SQL sessions consolidation 2024-02-22 11:42:11 +00:00
Metasploit c5eb4eb8a9 Bump version of framework to 6.3.58 2024-02-22 03:35:01 -06:00
Christophe De La Fuente a1a0df74eb Land #18866, Update Windows 11 Mimikatz support - update metasploit-payloads gem to 2.0.166 6.3.57 2024-02-22 09:50:35 +01:00
sfewer-r7 eded0e7788 POST the payload.encoded data when we trigger the ASHX file, this way we dont drop the Metasploit payload to disk. 2024-02-21 23:38:35 +00:00
sjanusz-r7 085071da02 Convert generic SQL mixin into a class 2024-02-21 18:01:55 +00:00
sfewer-r7 f6b1c9b1ce add in docs 2024-02-21 17:44:16 +00:00
sfewer-r7 e0ee7940d0 CISA has assigned this vulnerability CVE-2024-1709 2024-02-21 17:12:08 +00:00
sfewer-r7 2839683af5 use Rex::RandomIdentifier::Generator to generate identifiers. 2024-02-21 17:08:40 +00:00
Metasploit aefebd996a automatic module_metadata_base.json update 2024-02-21 11:07:58 -06:00
Jack Heysel 0aa20c73a4 Land #18832, Add exploit module CVE-2023-47218 
The PR adds a module targeting CVE-2023-47218, an
unauthenticated command injection vuln affecting QNAP
QTS and QuTH Hero.
 2024-02-21 08:48:30 -08:00
sjanusz-r7 1b7c2bbaec SQL sessions consolidation 2024-02-21 16:16:14 +00:00
sfewer-r7 10f11c94e1 improve the error description for failure messages 2024-02-21 16:11:50 +00:00
sfewer-r7 9828ffa870 add an in-memory payload target 2024-02-21 16:07:01 +00:00
sfewer-r7 2d8b0f414d remove redundant slashes in other calls to normalize_uri 2024-02-21 16:04:19 +00:00
sfewer-r7 61c1a513a5 drop the leading forward slash 2024-02-21 15:59:25 +00:00
dwelch-r7 cc565a1731 Land #18871, Fix crash when using webconsole 2024-02-21 14:05:16 +00:00
adfoster-r7 82c2eb9899 Fix crash when using webconsole 2024-02-21 13:53:17 +00:00
sfewer-r7 6d473b2424 remove debug prints 2024-02-21 13:30:06 +00:00
sfewer-r7 c529749f77 fix tabs 2024-02-21 13:14:35 +00:00
cgranleese-r7 7b618d4f41 Land #18817, Improve options display optional session types 2024-02-21 13:03:45 +00:00
Dean Welch bf1608a4ad Show session/rhost options separate from each other 2024-02-21 12:51:11 +00:00
Metasploit f70667124f automatic module_metadata_base.json update 2024-02-20 17:56:50 -06:00
bwatters d21e4080a9 Land #18792, Ivanti Connect Secure - Unauth RCE (CVE-2024-21893 + CVE-2024-21887) #18792 
Merge branch 'land-18792' into upstream-master
 2024-02-20 17:40:12 -06:00
Spencer McIntyre b79790cff6 Update metasploit-payloads gem to 2.0.166 
Includes changes from:
* rapid7/metasploit-payloads#698
 2024-02-20 13:35:42 -05:00
adfoster-r7 06b3004af4 Land #18864, allias ls and dir commands inside new SMB session type prompt 2024-02-20 18:22:45 +00:00
cgranleese-r7 a30a7f81e5 Land #18865, Consolidate option dumps 2024-02-20 18:09:02 +00:00
Dean Welch e288592beb Add yard docs and small tidy up 2024-02-20 16:15:16 +00:00
Dean Welch 901a972a71 Remove extra CI test run 2024-02-20 14:48:04 +00:00
cgranleese-r7 4fcb4a4e3a Land #18863, Expose MSSQL initial connection info in client 2024-02-20 14:17:34 +00:00
cgranleese-r7 768ad16d8c Alias ls and dir inside new smb session type prompt 2024-02-20 14:15:30 +00:00
Dean Welch 175d584ff7 Consolidate option dump remove condition datastore condition on tests 2024-02-20 14:09:17 +00:00
sjanusz-r7 200d03c417 Expose MSSQL initial connection info in client 2024-02-20 11:36:10 +00:00
Metasploit a3d8b0f77a automatic module_metadata_base.json update 2024-02-19 10:41:33 -06:00
cgranleese-r7 e66f6c106b Land #18847, Add Proxies support to creating a session with postgres_login 2024-02-19 16:20:09 +00:00
cgranleese-r7 3be5988679 Land #18848, Add Proxies support to creating a session with mssql_login 2024-02-19 16:10:37 +00:00
Metasploit 2cc8281db7 automatic module_metadata_base.json update 2024-02-19 08:42:51 -06:00
cgranleese-r7 c2a217efcd Land #18854, Add Proxies support to creating a session with mysql_login 2024-02-19 14:27:22 +00:00
adfoster-r7 5735c7cb89 Land #18857, Documentation: Updated instructions for setting up msfdb 2024-02-19 13:38:03 +00:00
dwelch-r7 6db865a46c Land #18850, Fix failing ldap server tests 2024-02-19 12:39:52 +00:00
sjanusz-r7 b2f36e41c4 Add Proxies support to creating a session with mysql_login 2024-02-19 12:22:51 +00:00
sfewer-r7 edf2bae69a add native java payload support 2024-02-19 11:37:34 +00:00
Metasploit 66696d201b automatic module_metadata_base.json update 2024-02-19 05:33:15 -06:00
cgranleese-r7 db3b2de3f3 Land #18855, Use database_name for SQL sessions 2024-02-19 11:10:02 +00:00
dwelch-r7 0108f1f214 Land #18861, Removes SessionType values from modules with OptionalSession mixin 2024-02-19 10:57:41 +00:00
cgranleese-r7 de17261926 Removes session types from module with session type mixin 2024-02-19 10:34:16 +00:00
sfewer-r7 60bc412026 file_dropper_exist? needs to test if teh path if either a file or a directory, the logic for shell sessions on wqindows is testing if a path if a file and not a directory. this is wrong. Origionally FileDropper only supported cleaningup files, so this logic made sense (it was copied over from teh File post moduile) but FileDropper has since supported directories so teh logic here neds to reflect that. 2024-02-19 09:12:17 +00:00
sjanusz-r7 64ab62f2c3 Use database_name for SQL sessions 2024-02-17 03:31:58 +00:00