adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

3412 Commits

Author SHA1 Message Date
Spencer McIntyre 5d88a28fa4 Update YARD docs for TGT reuse 2022-10-03 09:04:30 -04:00
krastanoel aa0dc86bd8 get csrf from the html body instead 2022-10-01 19:59:23 +07:00
krastanoel 02b5f8678c add repository error class 2022-10-01 17:43:42 +07:00
krastanoel e9d8068078 update and tidy the lib comments 2022-10-01 16:22:21 +07:00
krastanoel cc2db82886 add repository create and migrate helpers 2022-10-01 01:13:28 +07:00
krastanoel 29944a0a1b add repository create and migrate url 2022-10-01 01:12:54 +07:00
krastanoel c5d3867980 add migration error class 2022-10-01 01:11:58 +07:00
krastanoel 88e4261a88 Add common lib for Gitea repository 2022-10-01 01:10:55 +07:00
Spencer McIntyre 421121736d Load and use cached TGTs 2022-09-30 13:23:52 -04:00
Spencer McIntyre a619303f2c Save tickets in a compatible way for retrieval 2022-09-30 13:23:52 -04:00
Spencer McIntyre acbe644588 Document some of the parameter types 2022-09-30 13:23:52 -04:00
Spencer McIntyre 82912aad38 Support delegation from stored TGTs 2022-09-30 13:23:52 -04:00
Spencer McIntyre 081d66330b Add a constructor method for Krb5Ccache 2022-09-30 13:23:52 -04:00
Spencer McIntyre 89c3792886 Allow authenticating with stored TGTs 2022-09-30 13:23:52 -04:00
Spencer McIntyre 6bd9de43d6 Add the #request_service_ticket method 2022-09-30 13:23:52 -04:00
krastanoel cbff63958c Move version check and login to common library 2022-09-30 22:09:01 +07:00
adfoster-r7 5d345e6689 Merge branch 'upstream-master' into feature-kerberos-authentication 2022-09-29 16:42:58 +01:00
cgranleese-r7 50685161ef Allow user_id to be configurable in ticket forging 2022-09-22 14:18:17 +01:00
adfoster-r7 3a281234df Add feature flagged datastore rewrite, with support for option fallback lookups 2022-09-16 12:59:02 +01:00
dwelch-r7 5f85175f56 Add module for golden/silver ticket forging 2022-09-01 16:12:07 +01:00
Spencer McIntyre 009ada3cc4 Fix issues from the rebase 2022-08-18 11:35:29 -04:00
Jeffrey Martin c45262cd46 Land #16800, Add support for OpenSSL 3 2022-08-05 14:20:51 -05:00
Christophe De La Fuente 9c6a198453 Land #16796, Path traversal vulnerability in RARLAB UnRAR < 6.12 with Zimbra RCE module 2022-08-04 19:44:57 +02:00
Ron Bowes a314423e81 Some changes requested by @cdelafuente-r7 2022-08-03 14:51:51 -07:00
adfoster-r7 f65119b353 Support OpenSSL3 and run Ubuntu 22.04 in test matrix 2022-08-03 15:49:53 +01:00
Ron Bowes c66f98bae6 Make lint happy 2022-08-01 10:03:35 -07:00
Ron Bowes e7edafbcfb Throw errors in the rar-generator library rather than returning nil 2022-08-01 09:54:31 -07:00
Ron Bowes d36bee8755 A few simple feedback changes 2022-07-29 10:48:07 -07:00
Spencer McIntyre 7da5f2ad4a Changes from PR feedback 2022-07-28 16:05:22 -04:00
Spencer McIntyre 1ed064c1ea Log when a cached credential is used 2022-07-28 16:03:24 -04:00
Spencer McIntyre 942259d44b Add logging for why credentials are filtered 2022-07-28 16:03:24 -04:00
Spencer McIntyre 95d8b7005e Allow reusing cached and explicit CCACHE files 2022-07-28 16:03:22 -04:00
Ron Bowes f279e8d6ca Split the CVE-2022-30333 unrar module into two different modules with a shared mixin to generate the file 2022-07-27 12:45:47 -07:00
Ashley Donaldson f16e2cfb35 Send TGT to WinRM to allow further access of network resources (kerberos double hop) 2022-07-27 16:19:09 +01:00
Christophe De La Fuente f9a951d034 Land #16737, Remove initial code duplication between mssql clients 2022-07-20 19:44:25 +02:00
bcoles 1dcfc3406a Add Rex::Exploitation::CmdStagerFtpHttp to Msf::Exploit::CmdStager 2022-07-16 18:10:28 +10:00
Spencer McIntyre 1e903807bb Land #16730, Add mssql Kerberos auth support 2022-07-15 15:00:14 -04:00
adfoster-r7 37f7c15b1e Update mssql login module to support kerberos authentication 2022-07-15 17:33:54 +01:00
adfoster-r7 f2ff7bb913 Add mssql kerberos authentication 2022-07-15 17:26:10 +01:00
adfoster-r7 9579e355c1 Land #16749, Add winrm kerberos authentication support 2022-07-15 16:24:36 +01:00
bcoles 39f288bfe3 Rex::Proto::Http: Add evasion options to shuffle GET / POST parameters 2022-07-11 01:37:41 +10:00
Ashley Donaldson d3e7152954 Changes from code review 2022-07-08 11:47:54 +10:00
Spencer McIntyre ade10650a8 Set the NTLM flags for LDAP authentication 
The sign and seal flags need to be removed for LDAP. Because sign and
seal are not set, key56 and key128 can also be removed.

The rest of the flags are taken from
https://github.com/rapid7/ruby_smb/blob/cc5228730f9bc39215322ab6e07fd8da33602bb9/lib/ruby_smb/ntlm.rb#L31
 2022-07-07 13:20:34 -04:00
Ashley Donaldson f9f3be3644 Fix unit tests 2022-07-07 18:04:22 +10:00
Ashley Donaldson b2eb348d94 Added WinRM using Kerberos, including encryption 2022-07-07 13:17:09 +10:00
Spencer McIntyre b8ca08d3ce Support NTLM and kerberos auth in LDAP 2022-07-06 17:12:27 -04:00
Spencer McIntyre 4abef7d373 Remove an unused option and require SmbRhostname 2022-07-06 15:16:50 -04:00
Spencer McIntyre e53bccae85 Set the session key for older SMB dialects too 2022-07-06 15:16:40 -04:00
adfoster-r7 aea37f7137 Add initial SMB Kerberos authentication support 2022-07-06 16:15:33 +01:00
Spencer McIntyre d31ffa27d3 Add and use a new kerberos CCache model definition 2022-07-01 11:57:30 -04:00