adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,893 Commits 27 Branches 1,043 Tags
4a8bb687969e1bbe820bb2bf4d3d439a2ec1b060
Commit Graph

5127 Commits

Author SHA1 Message Date
cgranleese-r7 c74f480177 Land #17049, enum_domain_group_users module clean up 2022-09-22 17:51:12 +01:00
cgranleese-r7 0029628db8 Land #17051, wmic_command module cleanup 2022-09-22 16:17:33 +01:00
Jack Heysel 12f3325f3e Land #16732, VIDIdial Multiple SQLi 
This PR adds a module which exploits several
authenticated sqli in VICIdial
 2022-09-22 10:47:42 -04:00
bcoles ce48afd0db wmic_command: Cleanup 2022-09-23 00:25:13 +10:00
bcoles 9eab7eadab enum_domain_group_users: Cleanup 2022-09-22 17:05:19 +10:00
h00die 6d608ea41e vicidial sqli module docs update 2022-09-21 16:57:18 -04:00
Spencer McIntyre 415383b48d Land #17042, Add exploit for CVE-2022-36804 2022-09-21 13:07:32 -04:00
Christophe De La Fuente 4943d86ec6 Land #16989, Unified Remote RCE 2022-09-21 14:06:33 +02:00
space-r7 f2e003cdb0 add documentation 2022-09-20 18:45:48 -05:00
Grant Willcox bd4a062e5f Land #17023, Fix #16999 by using a compatible default action 2022-09-19 17:33:01 -05:00
Grant Willcox 5d7c7b0a09 Update documentation and change up the code to use action.name vs datastore['ACTION'] since that is no longer populated 2022-09-19 17:31:51 -05:00
bwatters 88f14950a0 Land #16688, Add Mimipenguin 
Merge branch 'land-16688' into upstream-master
 2022-09-19 12:43:16 -05:00
h00die 271171f6d2 unified now with invisible feature 2022-09-18 19:02:59 -04:00
Spencer McIntyre eae1adb8bb Add getsystem module docs 2022-09-16 14:59:50 -04:00
Grant Willcox cee6b6a111 Land #17003, enum_patches: Cleanup, print patches as table, store patches as CSV 2022-09-15 18:07:11 -05:00
Grant Willcox d278d6aa81 Add in missing require to make module work, then fix up some minor things observed during review process 2022-09-15 17:44:25 -05:00
Christophe De La Fuente 52ff168c5e Land #16914, Add PAN-OS auth command injection module (CVE-2020-2038) 2022-09-15 17:58:07 +02:00
Grant Willcox a7b049510b Relocate documentation file to proper location and update documentation a little bit to explain some cases 
Update documentation with proper explanation of how to add users since last one was adding users to the wrong table.
 2022-09-13 16:12:21 -05:00
Jack Heysel 6c27c05d10 parent 3892d29cc5 
author Jack Heysel <jack_heysel@rapid7.com> 1658964871 -0400
committer Grant Willcox <gwillcox@rapid7.com> 1663093141 -0500
gpgsig -----BEGIN PGP SIGNATURE-----

 iQIzBAABCgAdFiEEMZiWHhSP9eUn4xpf014FwPK4HoMFAmMgyZUACgkQ014FwPK4
 HoP5RxAAjvQs9/bVQSVJXMNVxa5J3Tefi+BnkJyxUAABsYJR/KpKfHMzGxhdA9ED
 Rc48cKuaGRscorSdNZJPtRMs1JlrvYLbovTomUoOuyZypKInNdkIhjo24WyandBX
 5f4AgmsKFtnfFnxAHQ/jsq25Sa0hgDS/x64q1+aFMupZzm7o9xJrMokqPIu8C1hC
 AhdV1jx3xP7jTpTz2YDOUPM3WNZINFNJHZU5JtdCIfciJX1oCbkEdzUZFiiZg6Ui
 fZEUDAVQrkZfhcTrLYBBTOgalMjmM4gM9q/X0vHTm6XbEuNN69diw7t3Z7Qa2maY
 FU3N8E5mDy2ebpRWF4FOHa3KwEcUwpx17/sIJOfhlFRFazxVDR6DGch4GQg0r5lz
 VVN7GEMPqepyCJcBTaagpeeyw/pM/peysrC04amd5ash/6sQ5whS8xIJW1jeN/nf
 rVTwJs1kzy28t0wLqeHB+j4OZNm+hqZYrZ0A9VcJT5EBArG8Zlgr+xXcFXhONBk8
 GZe/yiMsHPPv+vfSvOo/JVZAbIXpcFRzHjbs1JjFVQq635bWceGWs72xHNEKlssC
 MtaL1h0wzV7BilBL2ohMY0ou/gDTqWao3xYGvqfxgYBy/6IQCcV2SmPYLNel+VEt
 sc7fqO5R+R/HDUWHv1bEfYKebgaX6pqrzgrqaxwGd6vmSHEEslU=
 =BXw+
 -----END PGP SIGNATURE-----

Initial changes

Add in documentation improvements for installation

Update Docker install instructions again and also fix a bug with too strict checking on a cookie

Move module into gather type module, remove the scanner import, and update the documentation accordingly so that the check method can work

Updated docs
 2022-09-13 16:08:57 -05:00
Jack Heysel 1c99daa836 Updated error handling 2022-09-13 12:40:59 -04:00
Christophe De La Fuente 3c9b57c415 Land #16911, enum_ms_product_keys: Cleanup and support non-meterpreter sessions 2022-09-13 16:06:55 +02:00
Spencer McIntyre 6467fb3a8f Land #16906, enum_snmp improvements 
enum_snmp: Cleanup and support non-Meterpreter sessions
 2022-09-13 09:05:15 -04:00
bcoles a0030ac667 enum_snmp: Cleanup and support non-Meterpreter sessions 2022-09-13 17:45:10 +10:00
bcoles ebaca4cd48 enum_patches: Cleanup, print patches as table, store patches as CSV 2022-09-12 13:50:32 +10:00
Grant Willcox b5686dc7ca Update documentation to improve some explanations 2022-09-09 15:51:31 -05:00
bcoles 8dc4107bed enum_services: Cleanup and support non-Meterpreter sessions 2022-09-09 15:09:47 -05:00
h00die ae91cfa9c5 unified_remote exploit 2022-09-08 17:09:31 -04:00
bcoles 290d70bd19 enum_domain: Cleanup and support non-Meterpreter sessions 2022-09-08 12:34:37 -05:00
bwatters 2af5b22272 Land #16983, firefox_xpi_bootstrapped_addon: Add notes, description, references, docs 
Merge branch 'alnd-16983' into upstream-master
 2022-09-08 08:23:32 -05:00
Grant Willcox 446d891705 Land #16901, killav: Cleanup and support non-meterpreter sessions 2022-09-07 14:02:11 -05:00
space-r7 a11569fc53 Land #16944, add Apach Spark RCE 2022-09-07 13:02:27 -05:00
h00die-gr3y f71ec84f9e updated documentation 2022-09-06 19:36:11 +00:00
bcoles a7d2145e8d firefox_xpi_bootstrapped_addon: Add notes, description, references, docs 2022-09-05 02:23:37 +10:00
Christophe De La Fuente 8ba621a291 Land #16923, Cisco ASA-X with FirePOWER Services Authenticated Command Injection (CVE-2022-20828) 2022-09-02 18:37:37 +02:00
space-r7 53b25d7d69 Land #16934, support dumping mem by process name 2022-09-01 12:58:01 -05:00
Grant Willcox a41ec9388f Land #16725, Add ManageEngine ADAudit Plus and DataSecurity Plus Xnode enum modules, docs and mixin (CVE-2020–11532) 2022-09-01 08:46:36 -05:00
Spencer McIntyre 35c2a2cc7a Land #16903, enum_shares Cleanup and shell support 
enum_shares: Cleanup and support non-meterpreter sessions
 2022-08-31 13:21:31 -04:00
Spencer McIntyre 6965115c8e Land #16786, Zyxel Firewall LPE (CVE-2022-30526) 2022-08-31 08:40:23 -04:00
Spencer McIntyre 69cc144e04 Add module docs 2022-08-30 11:12:36 -04:00
h00die-gr3y e8083c6fb1 commit module and documentation 2022-08-26 15:39:18 +00:00
h00die-gr3y 21c4e3ce3d commit module and documentation 2022-08-26 15:05:39 +00:00
Spencer McIntyre ae5a9bd41b Land #16734, Add rtf support to cve-2022-30190 
Add rtf support to cve-2022-30190 AKA Follina
 2022-08-25 17:26:46 -04:00
Spencer McIntyre 68eae1664e Tweak the follina docs 2022-08-25 17:10:59 -04:00
Christophe De La Fuente 1b5338da06 Land #16701, Rewrite of Cisco ASA Clientless VPN Brute-force 2022-08-25 16:04:48 +02:00
bcoles 8939d09efa post/windows/gather/memory_dump: Support dumping processes by name 2022-08-24 18:04:29 +10:00
Grant Willcox 70e006c493 Initial updates from personal review, sans module adjustments 2022-08-23 20:48:15 -05:00
Grant Willcox 2369e1562c Add in documentation on how to install the target from scratch 2022-08-23 11:44:09 -05:00
Ron Bowes abd392c372 Add in changes from review 2022-08-23 11:44:03 -05:00
Grant Willcox 5b61b5097f RuboCop documentation, add in Verification steps, and fix up minor issues 2022-08-23 11:44:02 -05:00
Ron Bowes 0e6647c7f9 Add scenarios 2022-08-23 11:43:53 -05:00