adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,839 Commits 27 Branches 1,043 Tags
60de839b60f214ed264f64343293e60bd00a8096
Commit Graph

252 Commits

Author SHA1 Message Date
Spencer McIntyre e6b7669114 Address PR feedback from module hacking 2021-12-16 11:12:11 -05:00
Spencer McIntyre 5e5e73a1d8 Add module metadata and more checks 2021-12-15 08:45:25 -05:00
Jeffrey Martin 21a6a18d92 trade URI.encode & URI.escape for Ruby 3 
Ruby 3 removed the `URI.escape` methods however access to
the a parse for the same RFC is stil available at `URI::DEFAULT_PARSER.escape`.

Per the Ruby forum [comment](https://bugs.ruby-lang.org/issues/17309#note-1) this should equal.
 2021-11-22 14:11:03 -06:00
Ashley Donaldson f020c99a85 Implement suggestions from code review 2021-11-16 11:07:48 +11:00
Ashley Donaldson cab04d33f5 Use existing Rex::UserAgent class; keep UA string consistent across an MSF session 2021-11-10 10:05:45 +11:00
Ashley Donaldson 551ef90c5f Use default User agent string for generic auxiliary modules 2021-11-09 18:55:49 +11:00
Ashley Donaldson 839722720a Updated the default metasploit user agent string to be more modern 
Selected from a set of currently-modern browser UA strings
 2021-11-09 18:20:41 +11:00
alanfoster 9346a43e4a Improve kube exec reliability 2021-11-05 02:38:44 +00:00
adfoster-r7 b306641755 Print token claims 2021-10-21 11:05:51 +01:00
adfoster-r7 f28ced60ee Correctly store extracted loot 2021-10-21 11:02:10 +01:00
adfoster-r7 adbe6070ab PR feedback 2021-10-21 11:02:09 +01:00
adfoster-r7 c0ba4bd619 Add kubernetes enum module 2021-10-21 11:01:25 +01:00
adfoster-r7 2f86b332f5 Land #15733, Add Module For Kubernetes Pod Authenticated Code Execution 2021-10-21 10:46:20 +01:00
dwelch-r7 dcb42da269 Land #15612, Add multiple moodle modules 2021-10-11 23:18:55 +01:00
Grant Willcox 8b9b1092f6 Land #15706, Display TCP forwarding information for sessions and jobs for reverse shells 2021-10-07 13:23:06 -05:00
Ashley Donaldson 5196071c22 Keep other instances of via_string to the same convention 2021-10-04 23:51:57 +11:00
Spencer McIntyre d8f2b18649 Implement review feedback 2021-10-01 14:44:13 -04:00
Spencer McIntyre 32540247cb Move the Kubernetes client into a library file 2021-10-01 10:32:12 -04:00
Spencer McIntyre e04882689a Support an explicit HTTP comm 2021-09-30 16:54:01 -04:00
Spencer McIntyre 1aa4bc4f66 Raise exceptions WebSocket connection failure 2021-09-29 17:55:05 -04:00
Spencer McIntyre ac319e730b Document the new WebSocket functionality 2021-09-29 17:55:05 -04:00
Spencer McIntyre 7e8afcdaf6 Add a WebSocket implementation for Rex 2021-09-29 17:55:05 -04:00
Ashley Donaldson 2349393ef0 Display computer information gleaned from NTLM handshake in RDP. 2021-09-22 12:09:19 +10:00
Spencer McIntyre 1bd3a764a6 Fixup issues from testing 2021-09-14 16:32:25 -04:00
Jack Heysel e30ccafd86 Refeactor lfs.rb, revert rubocop changes on library files 2021-09-07 13:43:10 -04:00
h00die 65aae010ce more libs for moodle and teacher priv esc to rce module 2021-09-04 13:31:11 -04:00
Jack Heysel f9c4c35431 Update the target_suitable? method 2021-09-03 16:17:35 -05:00
Jack Heysel ba64dce5b7 Rubocop offenses 2021-09-03 16:17:30 -05:00
Jack Heysel 3c43bd409d Added docs an Git User-Agent FP 2021-09-03 16:15:39 -05:00
Alan Foster 134fef21c4 Improve validation rhosts validation 2021-09-02 13:00:01 +01:00
Alan Foster f96dc59cd4 Spike smb uri support 2021-09-02 13:00:01 +01:00
h00die 77dff0fc13 working admin shell 2021-09-01 17:49:17 -04:00
h00die 3580920dde moving more to libs 2021-09-01 17:36:38 -04:00
h00die 5e17074259 moodle_teacher_enrollement_priv_esc working but not full exploit chain 2021-08-31 16:52:08 -04:00
h00die 176c1f0751 moodle lib and module 2021-08-29 10:50:25 -04:00
space-r7 8b8d138812 Land #15496, specify SSLVersion for servers 2021-08-26 10:57:11 -05:00
Christophe De La Fuente 07c9350733 Land #15430, Support for SSH pivoting 2021-08-09 18:34:08 +02:00
Spencer McIntyre 06b671e710 Add the SSLVersion datastore option for servers 
Requires rapid7/rex-socket#37 for the option to be honored.
 2021-08-06 14:44:53 -05:00
A Galway 5e732ddd42 changes parse to take an origin and updates tests 2021-08-03 18:22:23 +01:00
A Galway ff111ecd13 remove silent catches of http-cookie argument errs 2021-07-30 17:33:04 +01:00
agalway-r7 3668230d44 reposition self return in add 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-07-30 16:16:12 +01:00
agalway-r7 33a34af0df improve error handling 
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com>
 2021-07-30 16:06:53 +01:00
A Galway 5219c980f7 adds origin values to cookies without domain 2021-07-28 14:08:25 +01:00
A Galway c7d4155511 add origin to httpcookie and supporting tests 2021-07-28 14:04:48 +01:00
A Galway 80f809bc78 handled cookies without valid domain value 2021-07-26 14:29:03 +01:00
A Galway e3dbd3a990 fixes bug caused by attrs with string keys 2021-07-20 15:02:41 +01:00
Spencer McIntyre 1ddcc9f12b Remove the socket in psexec 
PsExec needs the socket to remain open after the session is established
in order to rebove the service. Remote TCP exploits close and remove
their sockets by default which creates a race condition that can result
in failing to cleanup the service.
 2021-07-14 11:00:45 -04:00
Tim W 39455827aa Land #15254, use obfuscated powershell protection bypasses 2021-07-12 12:20:17 +01:00
William Vu ccf6ec9628 RuboCop selectively 2021-07-06 21:14:48 -05:00
William Vu e5fee3b0b8 Improve AutoCheck prints 2021-07-06 21:14:48 -05:00