adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,154 Commits 27 Branches 1,043 Tags
441b671edd1531ceb457017fa7600aeee42072f7
Commit Graph

76154 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Spencer McIntyre 441b671edd Update to include return values 2025-01-29 16:34:25 -05:00
Spencer McIntyre 210b780f83 Refactor reporting template permissions 2025-01-29 16:34:25 -05:00
Spencer McIntyre e072468042 Some adjustments for ESC4 compatibility with MSP 2025-01-29 16:34:25 -05:00
Spencer McIntyre 7b03844312 Consolidate the report details 2025-01-29 16:34:25 -05:00
Spencer McIntyre 1aa4a1f8c8 Resolve the CA address via DNS records in LDAP 2025-01-29 16:34:25 -05:00
Spencer McIntyre f0f1aa9eb3 Add initial MsDnsp data structures 2025-01-29 16:34:25 -05:00
Spencer McIntyre 3fb94b46c4 Update the ESC finder module's reporting 2025-01-29 16:34:25 -05:00
jenkins-metasploit 7d1c008377 automatic module_metadata_base.json update 6.4.47 2025-01-29 21:19:01 +00:00
jheysel-r7 aa78924f67 Merge pull request #19843 from cdelafuente-r7/fix/mod/ldap_smb_login 
Fix ldap_login and smb_login
 2025-01-29 13:12:46 -08:00
Christophe De La Fuente 1885b650ba Fix ldap_login and smb_login 2025-01-29 11:10:30 +01:00
jenkins-metasploit 157763b2af automatic module_metadata_base.json update 2025-01-28 21:07:20 +00:00
jheysel-r7 6232463701 Merge pull request #19835 from cdelafuente-r7/fix/kerberos/ticket_lookup 
Kerberos ticket lookup fix
 2025-01-28 13:01:05 -08:00
Spencer McIntyre 936e0dfb75 Merge pull request #19833 from cdelafuente-r7/fix/mod/petitpotam 
Fix PetitPotam UUID when using EsfRPC with `lsarpc` named pipe
 2025-01-27 13:09:14 -05:00
Christophe De La Fuente b3c2ae4f51 Move EfsrpcOverLsarpc module under the MetasploitModule class 2025-01-27 08:35:00 +01:00
jenkins-metasploit 589b9067e6 automatic module_metadata_base.json update 2025-01-26 17:05:58 +00:00
adfoster-r7 fbe9edfa0c Merge pull request #19836 from 0xAryan/nibbleblog_link_fix 
Link fix for exploit/multi/http/nibbleblog_file_upload
 2025-01-26 16:59:14 +00:00
0xAryan ddf07a3d60 Link fix for exploit/multi/http/nibbleblog_file_upload 2025-01-26 19:20:12 +05:30
jenkins-metasploit f6e49e43c7 automatic module_metadata_base.json update 2025-01-24 20:43:24 +00:00
Spencer McIntyre 4a8ad46249 Merge pull request #19816 from jheysel-r7/esc_4_detection 
Add ESC4 detection to ldap_esc_vulnerable_cert_finder module
 2025-01-24 15:37:10 -05:00
jenkins-metasploit 93d16732f2 automatic module_metadata_base.json update 2025-01-24 17:57:22 +00:00
jheysel-r7 bd45ae36a8 Merge pull request #19826 from zeroSteiner/fix/mod/ldap-query/run-single-base 
Update ldap_query datastore option usage
 2025-01-24 09:50:57 -08:00
adfoster-r7 47fe31754e Merge pull request #19834 from sfewer-r7/fix-http_client-websockets 
Fix Exploit::Remote::HttpClient#connect_ws to be spec compliant
 2025-01-24 16:43:17 +00:00
Stephen Fewer 4c0f407b39 favor SecureRandom.bytes over Rex::Text.rand_text_alphanumeric 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2025-01-24 16:15:16 +00:00
Jack Heysel 105559e771 Remove typo 2025-01-24 07:35:12 -08:00
sfewer-r7 de6b14e506 change how a Sec-WebSocket-Key is computed to make connect_ws be spec compliant 2025-01-24 14:46:52 +00:00
Christophe De La Fuente 25bd5d736c Fix comparision case for service name hostname 2025-01-24 14:26:58 +01:00
Christophe De La Fuente 45e6daea7d Use the correct UUID when using EsfRPC with lsarpc namedpipe 2025-01-24 11:01:15 +01:00
Jack Heysel b8f82e0fe4 Add ESC4 detection to ldap_esc_vulnerable_cert_finder module 2025-01-23 19:13:13 -08:00
jenkins-metasploit d8e9093e64 automatic module_metadata_base.json update 2025-01-23 20:32:51 +00:00
Brendan 378ac00c7d Merge pull request #19750 from dledda-r7/feat/prepend-multi-arch 
Fix Prepends in Linux Payloads
 2025-01-23 14:26:44 -06:00
jenkins-metasploit ed64b57b6f automatic module_metadata_base.json update 2025-01-23 19:28:55 +00:00
Martin Sutovsky 34f3957aea Land #19772, adding module for CraftCMS FTP template exploit 2025-01-23 20:21:17 +01:00
jheysel-r7 1939257618 Merge pull request #19825 from adfoster-r7/add-documentation-for-ldap-test-system 
Add documentation for ldap test system
 2025-01-23 06:29:14 -08:00
Metasploit 3131b6b02d Bump version of framework to 6.4.47 2025-01-23 03:32:43 -06:00
adfoster-r7 4767f5e457 Add documentation for ldap test system 2025-01-23 01:34:04 +00:00
Spencer McIntyre a6ec468063 Use the BASE_DN and don't require QUERY_ATTRIBUTES 2025-01-22 16:15:52 -05:00
dwelch-r7 cfaaa16d91 Merge pull request #19820 from adfoster-r7/pin-concurrent-ruby-version 
Pin concurrent-ruby version
6.4.46 		2025-01-21 12:17:04 +00:00
adfoster-r7 e1ffe82145 Pin concurrent-ruby version 2025-01-21 10:16:37 +00:00
jenkins-metasploit 0e72da606c automatic module_metadata_base.json update 2025-01-20 14:43:22 +00:00
Martin Sutovsky 159b2bb6dc Land #19805, new module for LibreNMS Authenticated RCE 2025-01-20 15:33:37 +01:00
Takah1ro 393b2167cd Fix after applied suggestion 2025-01-20 21:24:16 +09:00
Takahiro Yokoyama 39351486e9 Update modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-01-20 21:07:34 +09:00
Takah1ro b0d5cf1f6a Stage the command to a file if failed to limit 2025-01-19 10:43:20 +09:00
Takah1ro 22523badab Update login check 2025-01-19 08:11:44 +09:00
Takah1ro 54bd55b186 Update vulnerable version 2025-01-18 10:18:10 +09:00
Takah1ro c93609eaa7 Lint formatting and make payload shorter 2025-01-18 08:56:15 +09:00
Takahiro Yokoyama fc005f5624 Update modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-01-18 08:49:13 +09:00
Takah1ro 70146e52d9 Make payload shorter 2025-01-17 22:11:08 +09:00
Takah1ro ca304ae5c4 Avoid to split payload 2025-01-17 21:21:48 +09:00
dledda-r7 763ff9275e fix(payloads): fix x86 prepends 2025-01-17 02:04:13 -05:00