adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,839 Commits 27 Branches 1,043 Tags
60de839b60f214ed264f64343293e60bd00a8096
Commit Graph

2570 Commits

Author SHA1 Message Date
Grant Willcox 5c2afd6750 Land #15882, Prevent payloads being used if can't clean up files 2021-12-16 15:05:27 -06:00
Spencer McIntyre e6b7669114 Address PR feedback from module hacking 2021-12-16 11:12:11 -05:00
Spencer McIntyre 5e5e73a1d8 Add module metadata and more checks 2021-12-15 08:45:25 -05:00
Jeffrey Martin 21a6a18d92 trade URI.encode & URI.escape for Ruby 3 
Ruby 3 removed the `URI.escape` methods however access to
the a parse for the same RFC is stil available at `URI::DEFAULT_PARSER.escape`.

Per the Ruby forum [comment](https://bugs.ruby-lang.org/issues/17309#note-1) this should equal.
 2021-11-22 14:11:03 -06:00
Ashley Donaldson f54f03fc92 Prevent payloads being used if can't clean up files 2021-11-17 15:40:16 +11:00
Ashley Donaldson f020c99a85 Implement suggestions from code review 2021-11-16 11:07:48 +11:00
Ashley Donaldson cab04d33f5 Use existing Rex::UserAgent class; keep UA string consistent across an MSF session 2021-11-10 10:05:45 +11:00
Ashley Donaldson 551ef90c5f Use default User agent string for generic auxiliary modules 2021-11-09 18:55:49 +11:00
Ashley Donaldson 839722720a Updated the default metasploit user agent string to be more modern 
Selected from a set of currently-modern browser UA strings
 2021-11-09 18:20:41 +11:00
alanfoster 9346a43e4a Improve kube exec reliability 2021-11-05 02:38:44 +00:00
Spencer McIntyre 78d2389cb2 Switch the prepend_protections_bypass 
Switch to setting Powershell::prepend_protections_bypass to be
automatically determined by the module. If the generated command is too
large, disable the setting and regenerate the command.
 2021-10-21 16:42:04 -04:00
Spencer McIntyre 48a89d7c9a Don't encode the final powershell command 
It's unnecessary to encode the final Powershell command in this context
because the modified YSoSerial payload will properly treat the entire
string as the OS command to run.
 2021-10-21 16:40:21 -04:00
adfoster-r7 b306641755 Print token claims 2021-10-21 11:05:51 +01:00
adfoster-r7 f28ced60ee Correctly store extracted loot 2021-10-21 11:02:10 +01:00
adfoster-r7 adbe6070ab PR feedback 2021-10-21 11:02:09 +01:00
adfoster-r7 c0ba4bd619 Add kubernetes enum module 2021-10-21 11:01:25 +01:00
adfoster-r7 2f86b332f5 Land #15733, Add Module For Kubernetes Pod Authenticated Code Execution 2021-10-21 10:46:20 +01:00
dwelch-r7 dcb42da269 Land #15612, Add multiple moodle modules 2021-10-11 23:18:55 +01:00
Grant Willcox 8b9b1092f6 Land #15706, Display TCP forwarding information for sessions and jobs for reverse shells 2021-10-07 13:23:06 -05:00
Ashley Donaldson 5196071c22 Keep other instances of via_string to the same convention 2021-10-04 23:51:57 +11:00
Spencer McIntyre d8f2b18649 Implement review feedback 2021-10-01 14:44:13 -04:00
Spencer McIntyre 32540247cb Move the Kubernetes client into a library file 2021-10-01 10:32:12 -04:00
Spencer McIntyre e04882689a Support an explicit HTTP comm 2021-09-30 16:54:01 -04:00
Spencer McIntyre 1aa4bc4f66 Raise exceptions WebSocket connection failure 2021-09-29 17:55:05 -04:00
Spencer McIntyre ac319e730b Document the new WebSocket functionality 2021-09-29 17:55:05 -04:00
Spencer McIntyre 7e8afcdaf6 Add a WebSocket implementation for Rex 2021-09-29 17:55:05 -04:00
adfoster-r7 959527a4c4 Land #15669, Add meterpreter compatibility metadata to screenshare module 2021-09-27 15:18:01 +01:00
Ashley Donaldson 2349393ef0 Display computer information gleaned from NTLM handshake in RDP. 2021-09-22 12:09:19 +10:00
Spencer McIntyre 56cd43a8b8 Land #15624, Add module for CVE-2020-27955 2021-09-15 14:54:19 -04:00
adfoster-r7 39ca4660a9 Add meterpreter compatibility metadata to screenshare module 2021-09-15 17:34:57 +01:00
Tim W ddd1d37d4b fix module description 2021-09-15 16:25:18 +01:00
Spencer McIntyre 1bd3a764a6 Fixup issues from testing 2021-09-14 16:32:25 -04:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
Jack Heysel e30ccafd86 Refeactor lfs.rb, revert rubocop changes on library files 2021-09-07 13:43:10 -04:00
h00die 65aae010ce more libs for moodle and teacher priv esc to rce module 2021-09-04 13:31:11 -04:00
Jack Heysel 99352ad107 Move methods from lfs.rb, fix fail_with types 2021-09-03 16:17:35 -05:00
Jack Heysel f9c4c35431 Update the target_suitable? method 2021-09-03 16:17:35 -05:00
Jack Heysel ba64dce5b7 Rubocop offenses 2021-09-03 16:17:30 -05:00
Jack Heysel 3c43bd409d Added docs an Git User-Agent FP 2021-09-03 16:15:39 -05:00
Jack Heysel 21d99a74fb beta commit 2021-09-03 16:15:38 -05:00
Alan Foster 134fef21c4 Improve validation rhosts validation 2021-09-02 13:00:01 +01:00
Alan Foster f96dc59cd4 Spike smb uri support 2021-09-02 13:00:01 +01:00
h00die 77dff0fc13 working admin shell 2021-09-01 17:49:17 -04:00
h00die 3580920dde moving more to libs 2021-09-01 17:36:38 -04:00
h00die 5e17074259 moodle_teacher_enrollement_priv_esc working but not full exploit chain 2021-08-31 16:52:08 -04:00
h00die 176c1f0751 moodle lib and module 2021-08-29 10:50:25 -04:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
space-r7 8b8d138812 Land #15496, specify SSLVersion for servers 2021-08-26 10:57:11 -05:00
space-r7 0530f78d12 add comments and test 2021-08-12 10:18:13 -05:00
space-r7 03e9d82ed8 fix packfile construction, fix git push 
also adds the ability to further customize
commits, including the option to use a custom
email address, name, commit message, etc.
 2021-08-12 10:18:13 -05:00