adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

3412 Commits

Author SHA1 Message Date
jheysel-r7 05f2012ccc Merge pull request #20338 from Chocapikk/xorcom 
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)
 2025-07-22 08:19:36 -07:00
Valentin Lobstein 56f6a65e21 Update lib/msf/core/exploit/remote/http/xorcom_complete_pbx.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-07-19 04:04:25 +02:00
Valentin Lobstein 4a1f9e541e Update lib/msf/core/exploit/remote/http/xorcom_complete_pbx.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-07-19 04:04:14 +02:00
Chocapikk 4e70dfe70d Rename mixin 2025-07-16 22:40:27 +02:00
Chocapikk 1863eddcd4 chore: add magic encoding comment to Ruby files 2025-07-16 22:32:20 +02:00
Chocapikk 1fb6d488a8 Rename file 2025-07-16 22:30:28 +02:00
Chocapikk 7ddae3ec3f refactor(xorcom): rename helper to completepbx? + pass creds to completepbx_login 2025-07-16 21:48:34 +02:00
Chocapikk b06903810c feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs 2025-07-16 21:25:17 +02:00
Spencer McIntyre 566020abbf Cache the result of whoami 2025-07-08 15:43:41 -04:00
Spencer McIntyre 23c02d6873 Note the permissions required for checking permissions 2025-07-08 15:01:54 -04:00
Spencer McIntyre 2650956fce Add special handling for more groups 
Add handling for the special `Authenticated Users` and `Users` groups.
 2025-07-08 15:01:54 -04:00
Spencer McIntyre a93d20ccfe Add some basic tests 2025-07-08 15:01:54 -04:00
Spencer McIntyre d0d3a2719d Add some commented code for debugging 
Squash me
 2025-07-08 15:01:54 -04:00
Spencer McIntyre 7cacc4cd45 Update the ad_cs_cert_template module too 2025-07-08 15:01:54 -04:00
Spencer McIntyre c2a06e341d Expand on the matcher logic 2025-07-08 15:01:46 -04:00
Spencer McIntyre 23c85a26fe Add some documentation for the methods 2025-06-24 11:27:52 -04:00
Spencer McIntyre b8ecd50f32 Add and use a generic LDAP entry cache 2025-06-24 11:27:52 -04:00
Spencer McIntyre cf53956128 Add a method to get domain info 2025-06-24 11:27:52 -04:00
Spencer McIntyre 7b1af9fc09 Initial implementation of #adds_sd_grants_permissions? 2025-06-24 11:27:52 -04:00
Spencer McIntyre 70f7dfebc3 Initial commit of AD DS LDAP mixin 2025-06-24 11:27:52 -04:00
adfoster-r7 fb02b4ade5 Revert "Bump rails version to 7.2" 2025-06-17 12:20:49 +01:00
Dean Welch b87ef99cd8 Bump rails version to 7.2 2025-06-12 16:41:10 +01:00
Spencer McIntyre f3b650a409 Major refactoring of PHP payloads and related exploits 2025-05-30 09:06:38 -04:00
Spencer McIntyre dcaeb5266c Define the system_block module function 2025-05-30 09:06:38 -04:00
bcoles 5aa91bd57c Rubocop: Resolve Rubocop Style/RedundantRegexpArgument violations 2025-05-24 13:34:32 +10:00
cgranleese-r7 f6faa5598b Fixes modules to now correctly use a hash with report note 2025-05-22 10:59:50 +01:00
Spencer McIntyre 57c69049f7 Merge pull request #20175 from smashery/ruby-kerberoasting 
Ruby kerberoasting
 2025-05-16 10:28:52 -04:00
Brendan 13d18f2c83 Update lib/msf/core/exploit/remote/http/wordpress/login.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2025-05-13 17:32:48 -05:00
bwatters-r7 ce8ceaddbc Change check for redirect to be less specific 2025-05-13 10:59:16 -05:00
Ashley Donaldson 6d3fc7b732 Neatening kerberoasting modifications 2025-05-13 18:26:25 +10:00
Ashley Donaldson abba784190 Fix AES kerberoast hashcat format. Change when hashes are displayed in module. 2025-05-13 18:26:25 +10:00
Ashley Donaldson 365db3c52e Support different hash type JTR formats 2025-05-13 18:26:25 +10:00
Ashley Donaldson 1e56168905 Move kerberoasting to Ruby code 2025-05-13 18:26:25 +10:00
Spencer McIntyre be8f4f929c Fix an issue in the ESC8 module 2025-05-05 13:40:33 -04:00
Spencer McIntyre d95146e315 Use retry to speed things up but also wait longer 2025-05-05 11:06:09 -04:00
Spencer McIntyre 6ab275a120 Remove a couple of debug prints 2025-05-05 10:58:41 -04:00
Jack Heysel 4a746a3963 Relocate find_management_point method 2025-05-01 20:35:41 -07:00
jheysel-r7 c47c9b95fd Merge branch 'master' into get_naa_creds_via_relay 2025-05-01 20:33:35 -07:00
jheysel-r7 3141152393 Merge pull request #20017 from zeroSteiner/feat/mod/ldap/passwords 
Add LAPSv1 and LAPSv2 LDAP Module
 2025-04-30 14:02:30 -07:00
Spencer McIntyre bdca86f39f Map the GKDI endpoint as a workaround 2025-04-29 14:01:42 -04:00
jheysel-r7 eba2b6c1bf Merge pull request #19760 from cdelafuente-r7/feat/pkcs12/certs_command/pkinit 
Add certs command & use pkinit if kerberos tickets are not available in cache
 2025-04-22 11:11:54 -07:00
Christophe De La Fuente 226853f535 Fix EKU lookup in certificate 2025-04-22 19:08:45 +02:00
jheysel-r7 f8a67b83e6 Update lib/msf/core/exploit/pgadmin.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-04-17 08:01:15 -07:00
Jack Heysel 1cade8f18f Reponded to comments 2025-04-15 10:10:26 -07:00
jheysel-r7 4f76ff1633 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-04-15 10:07:53 -07:00
Jack Heysel cbc33ea9ce Remove extra space 2025-04-11 16:02:36 -07:00
Jack Heysel 4c5e0203dd Refactor pgAdmin modules to use new lib 2025-04-11 15:55:46 -07:00
adfoster-r7 053f0e854c Merge pull request #20024 from cgranleese-r7/add-support-for-network-capture-decryption 
Add support for network capture decryption
 2025-04-11 13:43:22 +01:00
cgranleese-r7 c79f7db38b Adds enhanced support for network capture decryption 2025-04-11 13:34:40 +01:00
Jack Heysel 4cec129e1c Responded to comments 2025-04-10 10:53:05 -07:00