adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,584 Commits 27 Branches 1,043 Tags
55152da83acd030976ba8d90ff40e0ca9e3cfac0
Commit Graph

1146 Commits

Author SHA1 Message Date
Spencer McIntyre 700d063645 Implement copilot feedback 2026-03-26 14:43:33 -04:00
Spencer McIntyre b743296f48 Reapply "This adjusts module options that need a routable address" 
This reverts commit 628275ef59.
 2026-03-26 14:43:31 -04:00
adfoster-r7 1faa27f7e6 Fix encoding issues in files 2026-03-25 19:01:57 +00:00
Christophe De La Fuente bf1a12301b Merge pull request #20967 from jheysel-r7/fix/lib/smb_relay_ruby_client_support 
Add support for Ruby SMB Client and `smbclient` to be compatible with Msf::Exploit::Remote::SMB::RelayServer
 2026-03-24 18:12:45 +01:00
Jack Heysel 45884fa090 Removed method parse override 2026-03-23 23:10:29 -07:00
Jack Heysel 81b34421a9 Responded to comments 2026-03-19 14:15:49 -07:00
Jack Heysel e9502ce7ed Fix for gss token identification 2026-03-18 16:56:07 -07:00
Jack Heysel a4a34410c7 Mech type update for ruby_smb 2026-03-18 11:18:28 -07:00
Spencer McIntyre 09bb0337d1 Merge pull request #20997 from Nayeraneru/OptTD 
Introduce OptTimedelta
 2026-03-17 18:41:42 -04:00
Nayeraneru 01d88791d2 Removed unnecessary code and module 2026-03-18 00:14:15 +02:00
Jack Heysel 143071ab36 Refactor duplicate code 2026-03-16 19:59:46 -07:00
Jack Heysel e0a4b969ae Add support for simplified single target relaying (smbclient) 2026-03-16 19:42:17 -07:00
msutovsky-r7 b3aa45fb09 Land #20719, adds module for authenticated command injection in FreePBX filestore (CVE-2025-64328) 
Add authenticated RCE module for FreePBX filestore (CVE-2025-64328)
 2026-03-13 11:00:43 +01:00
adfoster-r7 c882d91155 Merge pull request #21025 from Hemang360/cookie-jar-doc-fix 
Fix HttpCookie integer conversion and cookie jar docs
 2026-03-13 00:08:13 +00:00
Valentin Lobstein 16b55848b4 Fix: Remove duplicate Content-Type header from FreePBX requests 
send_request_cgi already sets Content-Type when vars_post is used.
Setting it manually in headers causes a duplicate header.
 2026-03-11 20:09:52 +01:00
Valentin Lobstein 2b0f1c3c21 Fix: Omit default port from Referer header in FreePBX mixin 
FreePBX rejects ajax requests when the Referer includes :80 for HTTP
or :443 for HTTPS. Only include the port when it differs from the
protocol default.
 2026-03-11 20:06:08 +01:00
Valentin Lobstein c42e44e349 Optimize FreePBX module: cache auth/version, reduce verbosity, inline single-use functions 2026-03-11 19:43:29 +01:00
Valentin Lobstein c266e687c2 Add authenticated RCE module for FreePBX filestore (CVE-2025-64328) 2026-03-11 19:43:28 +01:00
Christophe De La Fuente 31665e1b88 Land #20730, Allow toggling the SACL in LDAP queries 
# Release Notes
This update modifies the ldap_query module to skip querying the SACL (System Access Control List) on security descriptors by default. This behavior is now controlled by a new option, LDAP::QuerySacl. This change is necessary when using a non-privileged user to query security descriptors via LDAP; otherwise, querying the SACL will cause the entire query to be blocked, resulting in no security descriptors being returned.
 2026-03-11 16:36:35 +01:00
msutovsky-r7 e6ee6a7c94 Land #20961, adds service reporting to Wordpress mixin 
Update Wordpress Mixin to log services
 2026-03-10 09:05:05 +01:00
msutovsky-r7 c6aabc1c75 Land #21001, adds module for SPIP Saisies plugin (CVE-2025-71243) 
Add SPIP Saisies plugin RCE module (CVE-2025-71243)
 2026-03-09 10:34:52 +01:00
adfoster-r7 628275ef59 Revert "This adjusts module options that need a routable address" 2026-03-08 17:37:49 +00:00
Spencer McIntyre 821e3c28f1 Replace old patterns with srvhost_addr 2026-03-03 09:37:27 -05:00
Spencer McIntyre 3f2a07bdca Update #make_steal_credentials_payload to just take url 2026-03-03 09:37:27 -05:00
Spencer McIntyre 1b528c78f0 Swap usages to #bindhost and #srvhost_addr 2026-03-03 09:37:26 -05:00
Spencer McIntyre 83a82ed043 Remove the extra argument 2026-03-03 09:37:26 -05:00
adfoster-r7 9df6879a95 Update modules to use srvhost method 2026-03-03 09:37:25 -05:00
Spencer McIntyre a0fb02bd45 Default the address in the SMB share mixin 2026-03-03 09:34:49 -05:00
Spencer McIntyre 92e77de800 Update to use OptAddressRourtable for SRVHOST 2026-03-03 09:34:48 -05:00
sjanusz-r7 ccc8367db5 Working Kerberoast and AS-REP modules with LDAP sessions 2026-03-02 15:33:36 +00:00
Hemang Bhagat bfbc425469 Remove type check 
Co-authored-by: gardnerapp <70026825+gardnerapp@users.noreply.github.com>
 2026-03-01 15:12:44 +05:30
Hemang360 a6eb33b657 Fix httpcookie constructor to handle non string value 2026-02-27 14:58:37 +05:30
Christophe De La Fuente 6a20b24d9c Land #20740, Separate SSL and SRVSSL options for client and server connections 2026-02-26 18:11:02 +01:00
Valentin Lobstein 44806b805f Fix: Add http_server_ssl alias to resolve HttpClient/HttpServer mixin conflict 2026-02-26 17:23:39 +01:00
Valentin Lobstein f2856c28b3 Update lib/msf/core/exploit/remote/socket_server.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2026-02-26 17:21:17 +01:00
Valentin Lobstein 3720803cdc Update lib/msf/core/exploit/remote/http_server.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2026-02-26 17:21:03 +01:00
Valentin Lobstein a26036ca7b Update lib/msf/core/exploit/remote/http_server.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2026-02-26 17:20:37 +01:00
msutovsky-r7 7e937b3d5a Land #21010, adds reporting the service to Gitlab mixin 
Update Gitlab mixin logs
 2026-02-26 16:14:35 +01:00
Martin Sutovsky 0e60332411 Minor code changes 2026-02-25 14:46:34 +01:00
Martin Sutovsky 98b3357e2a Adds beyondtrust lib, moves functionality into library, shares those functions to two modules 2026-02-24 16:16:05 +01:00
Nayeraneru ae24f73a73 more simplification for gitlab_version function 2026-02-24 02:42:10 +02:00
Nayera 8df17c6c50 Simplifying version handling in GitLab exploit module 2026-02-24 02:26:14 +02:00
Nayera dd6a2f97e9 Apply suggestion from @msutovsky-r7 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2026-02-24 02:19:32 +02:00
Nayera b227635c7b Fix service name reporting for WordPress exploit 2026-02-23 13:31:32 +01:00
Nayeraneru 9aa58fcb52 Refactor WordPress service reporting 2026-02-23 13:31:32 +01:00
Nayera d069cba900 Update Wordpress Mixin to log services 2026-02-23 13:31:32 +01:00
Nayeraneru a8dcc9616c update gitlab mixin logs 2026-02-23 05:40:59 +02:00
Valentin Lobstein a8f66a23d9 Feat: Add SPIP Saisies plugin RCE module (CVE-2025-71243) 2026-02-21 09:32:53 +01:00
Valentin Lobstein fc9b342a2f Fix: Separate SSL and SRVSSL using datastore fallback for backwards compatibility 
Add SRVSSL option with fallbacks: ['SSL'] so modules that use both
HttpClient and HttpServer can control server SSL independently from
client SSL. Old scripts that set SSL continue to work via the fallback.
 2026-02-21 08:46:57 +01:00
Nayeraneru ce2e23ccef add OptTimedelta datastore option and remove Kerberos-specific clock skew parsing 2026-02-20 22:28:05 +02:00