adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,154 Commits 27 Branches 1,043 Tags
441b671edd1531ceb457017fa7600aeee42072f7
Commit Graph

37475 Commits

Author SHA1 Message Date
Spencer McIntyre 441b671edd Update to include return values 2025-01-29 16:34:25 -05:00
Spencer McIntyre 210b780f83 Refactor reporting template permissions 2025-01-29 16:34:25 -05:00
Spencer McIntyre e072468042 Some adjustments for ESC4 compatibility with MSP 2025-01-29 16:34:25 -05:00
Spencer McIntyre 7b03844312 Consolidate the report details 2025-01-29 16:34:25 -05:00
Spencer McIntyre 1aa4a1f8c8 Resolve the CA address via DNS records in LDAP 2025-01-29 16:34:25 -05:00
Spencer McIntyre 3fb94b46c4 Update the ESC finder module's reporting 2025-01-29 16:34:25 -05:00
Christophe De La Fuente 1885b650ba Fix ldap_login and smb_login 2025-01-29 11:10:30 +01:00
Spencer McIntyre 936e0dfb75 Merge pull request #19833 from cdelafuente-r7/fix/mod/petitpotam 
Fix PetitPotam UUID when using EsfRPC with `lsarpc` named pipe
 2025-01-27 13:09:14 -05:00
Christophe De La Fuente b3c2ae4f51 Move EfsrpcOverLsarpc module under the MetasploitModule class 2025-01-27 08:35:00 +01:00
0xAryan ddf07a3d60 Link fix for exploit/multi/http/nibbleblog_file_upload 2025-01-26 19:20:12 +05:30
Spencer McIntyre 4a8ad46249 Merge pull request #19816 from jheysel-r7/esc_4_detection 
Add ESC4 detection to ldap_esc_vulnerable_cert_finder module
 2025-01-24 15:37:10 -05:00
jheysel-r7 bd45ae36a8 Merge pull request #19826 from zeroSteiner/fix/mod/ldap-query/run-single-base 
Update ldap_query datastore option usage
 2025-01-24 09:50:57 -08:00
Jack Heysel 105559e771 Remove typo 2025-01-24 07:35:12 -08:00
Christophe De La Fuente 45e6daea7d Use the correct UUID when using EsfRPC with lsarpc namedpipe 2025-01-24 11:01:15 +01:00
Jack Heysel b8f82e0fe4 Add ESC4 detection to ldap_esc_vulnerable_cert_finder module 2025-01-23 19:13:13 -08:00
Brendan 378ac00c7d Merge pull request #19750 from dledda-r7/feat/prepend-multi-arch 
Fix Prepends in Linux Payloads
 2025-01-23 14:26:44 -06:00
Martin Sutovsky 34f3957aea Land #19772, adding module for CraftCMS FTP template exploit 2025-01-23 20:21:17 +01:00
Spencer McIntyre a6ec468063 Use the BASE_DN and don't require QUERY_ATTRIBUTES 2025-01-22 16:15:52 -05:00
Martin Sutovsky 159b2bb6dc Land #19805, new module for LibreNMS Authenticated RCE 2025-01-20 15:33:37 +01:00
Takah1ro 393b2167cd Fix after applied suggestion 2025-01-20 21:24:16 +09:00
Takahiro Yokoyama 39351486e9 Update modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-01-20 21:07:34 +09:00
Takah1ro b0d5cf1f6a Stage the command to a file if failed to limit 2025-01-19 10:43:20 +09:00
Takah1ro 22523badab Update login check 2025-01-19 08:11:44 +09:00
Takah1ro 54bd55b186 Update vulnerable version 2025-01-18 10:18:10 +09:00
Takah1ro c93609eaa7 Lint formatting and make payload shorter 2025-01-18 08:56:15 +09:00
Takahiro Yokoyama fc005f5624 Update modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-01-18 08:49:13 +09:00
Takah1ro 70146e52d9 Make payload shorter 2025-01-17 22:11:08 +09:00
Takah1ro ca304ae5c4 Avoid to split payload 2025-01-17 21:21:48 +09:00
Takah1ro 61b10a44a3 Update default wait time 2025-01-17 12:43:34 +09:00
Takah1ro 8978486895 Use retry_until_truthy 2025-01-17 08:59:06 +09:00
Takah1ro 4f4a0f9cd5 Add nil check 2025-01-17 08:48:33 +09:00
Takah1ro 9540837b37 Use keep_cookies 2025-01-17 08:46:30 +09:00
Takah1ro f9204fe691 Update message about delete devices for clarity 2025-01-17 08:21:33 +09:00
Takahiro Yokoyama 23a9695ea5 Update modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb 
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com>
 2025-01-17 08:17:49 +09:00
Takah1ro 99bfc21d5f Revert 2025-01-16 22:06:40 +09:00
Takah1ro 5087e460b0 Split long line 2025-01-16 21:57:54 +09:00
Takah1ro 8b127d3afa Add warning when all RETRY will ran out 2025-01-16 21:19:19 +09:00
Martin Sutovsky 99e95dd760 Land #19752, Prometheus pprof endpoint check 2025-01-16 10:50:58 +01:00
Takah1ro 4e53c967c2 Update message 2025-01-16 12:59:18 +09:00
h00die 1e7c86c947 fix prometheus ppof check 2025-01-15 17:54:20 -05:00
Brendan 9bd8590b99 Merge pull request #19793 from sfewer-r7/CVE-2024-55956 
Cleo LexiCom, VLTrader, and Harmony Unauthenticated Remote Code Execution (CVE-2024-55956)
 2025-01-15 15:04:45 -06:00
Jack Heysel 2254a1f213 Responded to comments 2025-01-15 09:22:44 -08:00
msutovsky-r7 0630187870 Land #19798, fixing link and code cleanup 
Fix nsfw link in mssql_clr_payload, and rubocop the module
 2025-01-15 16:41:34 +01:00
Takah1ro 01ea602675 Update version check message 2025-01-15 21:41:25 +09:00
Takah1ro 3298880c21 Add version check 2025-01-15 21:39:54 +09:00
Takah1ro 12a2cdf3bf Remove store_valid_credential 2025-01-15 21:08:08 +09:00
Takah1ro d21be52b71 Lint formatting 2025-01-15 21:07:10 +09:00
Takahiro Yokoyama 0bdee81bcc Apply suggestions from code review 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-01-15 21:04:14 +09:00
dledda-r7 e39af38c73 fix(payloads): updating prepend mixin in payloads 2025-01-15 04:32:42 -05:00
dledda-r7 4565a04510 fix(payloads): updating prepend mixin in payloads 2025-01-14 09:31:03 -05:00