adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,845 Commits 27 Branches 1,043 Tags
5b3edd4cb2accbf2bd8eb835470f6e9cd59cd2f6
Commit Graph

893 Commits

Author SHA1 Message Date
bwatters 8266f2ffdc Land #15113, post gather module for saltstack salt #15113 
Merge branch 'land-15113' into upstream-master
 2021-05-17 15:33:20 -05:00
h00die b2f8bc6958 guard on nil minions 2021-05-15 09:38:15 -04:00
Ashley Donaldson 929197b85e Fix rubocop errors 2021-05-04 11:34:22 +10:00
Ashley Donaldson 2ac4eeb141 Check VAS configuration to find defined kerberos location. 
Also verify root prior to exploitation (gives better error message)
 2021-05-04 11:31:11 +10:00
h00die 75ed65a0ab properly name saltstack salt 2021-05-03 19:34:37 -04:00
Ashley Donaldson 4cd7637274 Fixed Rubocop errors added since this module was forked 2021-05-03 13:28:07 +10:00
Ashley Donaldson f0a442b77d Retrieve configured kerberos ticket location before retrieving tickets 
Rather than assume that file-configured kerberos tickets will be at /tmp/krb5_*, let's check the config file.
Also allows us to give more meaningful error messages and point people in the direction of where to look if it doesn't work.
 2021-05-03 13:07:45 +10:00
h00die 2c76671436 add windows minion file 2021-05-02 10:01:06 -04:00
h00die 2c0c7791a0 more error handling, updated docs 2021-05-02 08:19:43 -04:00
Ashley Donaldson 86a7b7b915 Forked a long time ago, so let's get it closer to the main branch 2021-05-02 14:23:56 +10:00
h00die fde1696ae2 windows and osx updates 2021-04-30 20:59:54 -04:00
h00die 938b4741a9 saltstack doc update and tested 2021-04-10 13:46:19 -04:00
Vladimir Ivanov 690e687e7e Updates from code review 
Update modules/post/multi/sap/smdagent_get_properties.rb
Update modules/auxiliary/admin/sap/cve_2020_6207_solman_rce.rb
Update documentation for auxiliary module cve_2020_6207_solman_rce.md
Update documentation for post module smdagent_get_properties.md
Move setup_xml_and_variables to `run` method in auxiliary module cve_2020_6207_solman_rce.rb
Delete list_dir, read_file, file_exist in post module smdagent_get_properties.rb
 2021-04-06 21:23:39 +02:00
Vladimir Ivanov 1f4046c45f Update references and delete check_addr in post module smdagent_get_properties.rb 2021-03-29 22:58:48 +03:00
Ivanov Vladimir a803d7a0d1 CVE-2019-0307 
Add post module smdagent_get_properties.rb
Add lib sap_smd_agent_unencrypted_property.rb
Update auxiliary module cve_2020_6207_solman_rce.rb
Update lib sap_sol_man_eem_miss_auth.rb
 2021-03-29 20:29:30 +03:00
friedrico 3b5cdd767f Base64 encoding is set iff encoding attribute is set to base64 and not when it "could be due to length and alphabet of the password" 2021-03-17 08:49:28 +01:00
Security Curious 59086989f7 Update Firefox Default Profile Directory 
The default firefox profile directory now no longer ends in `.default`
but instead `.default-release`. For backwards compat the new regex
supports both. For more information see:

https://support.mozilla.org/bm/questions/1264072#answer-1235567

It's possible we might want to also support things like
`.default-nightly`, etc but really if we want to do more than grab
the default profile we should read the `profiles.ini` file to get
an itemized list of profiles from Firefox itself. This would also
future-proof this script.

Since profiles are not generally used by most Firefox users just going
for the simpler solution of looking for `.default-release`.
 2021-03-10 21:43:04 -05:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
agalway-r7 8a339f54c1 Land #14734, updates and runs rubocop against recent modules 
Rubocop recently landed modules
 2021-02-19 13:48:47 +00:00
agalway-r7 275e9c5454 Land #14696, Further Zeitwerk lands to improve boot speed 
Zeitwerk rex folder
 2021-02-19 10:33:37 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Tim W 0ab4213630 use & disown 2021-02-11 12:26:27 +00:00
Tim W c5ba97100f fix osx shell_to_meterpreter to use python reflection 2021-02-11 11:38:43 +00:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
Brendan Coles f45ca6d045 local_exploit_suggester: Use session.session_host rather than rhost 2021-01-22 22:00:30 +00:00
CSharperMantle d99c2ac783 linguistic fixes of 'does not exists' 2020-12-23 11:36:38 +08:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
h00die d989c44214 more updates 2020-12-04 13:29:31 -05:00
h00die 5ac5a0c68a print command outputs 2020-12-01 17:26:51 -05:00
h00die 797e1ec35b now saves creds 2020-11-29 07:45:59 -05:00
h00die 79caa33589 gather roster, gather data from minions 2020-11-28 17:49:32 -05:00
h00die 600007a0d7 worked out a bunch of syntax and added some catches 2020-11-26 11:11:37 -05:00
h00die 48affc5c90 dont read files that dont exist 2020-11-25 05:10:39 -05:00
h00die 1082f31c38 beta draft 2020-11-24 19:36:58 -05:00
Tim W 634a2f3c61 prevent upgrading of meterpreter sessions with shell_to_meterpreter 2020-11-20 17:26:21 +00:00
Tim W fd3f64ed0a fix encoding and comspec in shell_to_meterpreter 2020-11-18 22:46:09 +08:00
Grant Willcox 69c68823d2 Land #14226, convert myworkspace.id to myworkspace_id for no db compat 2020-10-08 08:49:53 -05:00
Grant Willcox 339c1941ef Add in myworkspace.id patch for the other missing modules 2020-10-07 17:08:00 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Shelby Pace 1b66f4a9de include Android::Priv mixin 2020-09-23 18:42:07 -05:00
Grant Willcox 35fec19faa Fix Android code so that if we have root permissions we use dumpsys to get the package versions, otherwise just enumerate the installed software, but not the versions as we did before, but this time print out a warning. 2020-09-23 12:05:04 -05:00
Grant Willcox 8951b2a0d2 Add additional support for two other common MacOS package managers, HomeBrew and MacPorts 2020-09-23 11:46:08 -05:00
Grant Willcox f6b032b744 Add warning about Linux results to documentation and to the module's description field 2020-09-18 10:35:59 -05:00
Grant Willcox de4008984a Add in a few more package managers, think I'll stop after this given the diminishing returns atm 2020-09-17 18:00:36 -05:00
Grant Willcox 02bf9561e5 Switch over to using a packager manager orientated approach for gathering installed software on Linux 2020-09-17 17:18:29 -05:00
Grant Willcox 83a8f87438 Fix some mistakes with the command for some package managers that weren't returning the version numbers as expected 2020-09-17 16:08:35 -05:00
Grant Willcox bc9986f72c Apply RuboCop edits and also edit the %w[] entries so they didn't include the stray single quotes in the resulting string 2020-09-16 15:14:52 -05:00
Grant Willcox 798e5cce61 Add in casting the results of cmd_exec calls to strings using .to_s as @bcoles recommended and also check for potential cases where no results are returned. This should make the code more defensive and help protect against potential failure cases 2020-09-16 15:06:11 -05:00
Grant Willcox 3e10ec5fc9 Redo the checks using the command_exists? command that @bcoles recommended 2020-09-16 12:49:36 -05:00
Grant Willcox e3ffa39e57 Implement the case change from the review as mentioned by @wvu-r7 2020-09-16 12:15:40 -05:00