adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
66,898 Commits 27 Branches 1,043 Tags
78f2ea39e99e548e4532899d2e50e36bfef074bf
Commit Graph

32661 Commits

Author SHA1 Message Date
Spencer McIntyre 78f2ea39e9 Use some pretty libral error handling 2022-06-15 08:51:28 -04:00
Spencer McIntyre 41567b1eb4 Add the DELETE_COMPUTER action 2022-06-13 17:46:34 -04:00
Spencer McIntyre 084fc194ea Add the LOOKUP_COMPUTER action 2022-06-13 17:20:34 -04:00
Spencer McIntyre 74936f69a3 Add the ADD_COMPUTER action 2022-06-13 17:03:51 -04:00
Spencer McIntyre 45674fbcc2 Add the initial samr module 2022-06-02 14:12:47 -04:00
Jack Heysel bea4207c62 Land PR #16607 - MyBB RCE Module (CVE-2022-24734) 
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
 2022-05-31 11:59:53 -04:00
Christophe De La Fuente dac355d9cf Land #16492, nfs_mount more intelligent mountability 2022-05-31 11:56:19 +02:00
h00die c6936bd42f nfs mount more intelligent 2022-05-30 13:03:03 -04:00
Christophe De La Fuente b996f5ee49 Fixes from code review 2022-05-30 16:24:18 +02:00
adfoster-r7 a98f9a69c4 Land #16621, Fix timeout of duplicated sessions 2022-05-27 17:30:56 +01:00
sjanusz 7b75bd6e27 Cache remote Python binary name 2022-05-27 10:21:59 +01:00
Spencer McIntyre 9b36364acd Land #16619, fix of improper neighbor filtering 
Fixes #16618
 2022-05-25 13:03:39 -04:00
Spencer McIntyre 5f5444936f Land #16488, Windows Task Scheduler Mixin 2022-05-25 12:37:03 -04:00
sjanusz 17a37a9d4d Detect more Python binaries & don't run last cmd_exec as channelized 2022-05-25 15:21:40 +01:00
adfoster-r7 d225d4663c Land #16413, update local exploit suggester 2022-05-25 13:24:11 +01:00
Christophe De La Fuente 52a8191821 Fix vss_persistence module and remove Windows 7 target 2022-05-25 13:11:34 +02:00
sjanusz 5d2ab0c55e Sort arch, platforms, session types before outputting 2022-05-25 10:25:32 +01:00
Jack Heysel 44ce4d422e Land #16610, New Print Nightmare Exploit 
Updates existing Print Nightmare module to use the
new SMB Server added in #16481.
 2022-05-24 16:24:47 -04:00
NikitaKovaljov 3eb8f8cf2e fix of improper NA filtering. 2022-05-24 19:01:36 +03:00
sjanusz fbac2ae429 Fix crash on sessions without native_arch support 2022-05-24 16:27:16 +01:00
sjanusz 0e241557e9 Add session type column, refactor to not use post mixin, use native_arch 2022-05-24 14:28:21 +01:00
Spencer McIntyre 1524020643 Use moved_from to deprecate the module 2022-05-24 09:16:30 -04:00
Christophe De La Fuente 63dea932ad Land #16481, Update Msf::Exploit::Remote::SMB::Server::Share 2022-05-24 11:50:06 +02:00
Christophe De La Fuente 1f304ef2c4 Add module exploit for MyBB RCE - CVE-2022-24734 2022-05-23 17:27:20 +02:00
sjanusz 1677dbcf6d Add setting of module target 2022-05-23 14:23:48 +01:00
sjanusz 7103a619c2 Add validation opts, tables, custom stylers to exploit suggester 2022-05-19 16:22:47 +01:00
Jack Heysel 19abce7045 Land #16505, Fix Lotus Domino Hash Parsing 
This fixes an issue with the regex that was parsing
Lotus Domino hashes. The fix also changes the
regex to xml parsing
 2022-05-19 10:00:36 -04:00
Christophe De La Fuente 5fd18ef864 Fixes from review 2022-05-19 14:54:07 +02:00
adfoster-r7 2cbd64b759 Land #16487, fix deprecation warning in auxiliary/capture/server/mssql as well as updating johntheripper format 2022-05-19 00:40:03 +01:00
Spencer McIntyre e629264678 Check size for compatibility with powershell 2022-05-17 09:28:07 -04:00
Christophe De La Fuente 7992cb2072 Update vss_persistenceand persistence_exe modules to includes 
changes in `TaskScheduler` mixin
 2022-05-17 14:52:47 +02:00
Christophe De La Fuente 14cd7bc335 Add task scheduler mixin and update persistence_exe and vss_persistence modules 2022-05-17 14:52:47 +02:00
Spencer McIntyre 02e7a65b93 Just move the auxiliary module into an exploit 2022-05-16 17:44:31 -04:00
Spencer McIntyre 36921a00f6 Merge branch 'feat/mod/cve-2021-1675-retry' into feat/mod/cve-2021-1675 2022-05-16 14:59:32 -04:00
Spencer McIntyre d278ad9be1 Add the printnightmare exploit 2022-05-16 14:56:46 -04:00
Spencer McIntyre 75d137fce5 Rubocop and add todo to printnightmare 2022-05-16 14:56:46 -04:00
Spencer McIntyre 19a9ff1198 Update a couple of modules for the new SMB server 2022-05-16 14:39:45 -04:00
Spencer McIntyre edd977165c Revert option changes for the capture NTLM provider 2022-05-16 14:39:45 -04:00
Spencer McIntyre b79b550d6c Centralize the log adapter 
This should eventually be updated to map the levels to the framework
logger and appropriate module-print_* function.
 2022-05-16 14:39:45 -04:00
Spencer McIntyre 7c15b144c4 Update the SMB capture server 2022-05-16 14:39:44 -04:00
Spencer McIntyre 906fdd6a05 Update the MSSQL capture module 
Remove the apparently unused reference to the SMB server mixin.
 2022-05-16 14:39:44 -04:00
Spencer McIntyre 475f6eee8c Capture hash when serving files over SMB 2022-05-16 14:39:44 -04:00
Spencer McIntyre 879591f686 Land #16499, Specify peer hostname for SNI 2022-05-16 14:21:57 -04:00
adfoster-r7 0196b6fa75 Land #16555, move duplicated retry_until_truthy code into centralized location 2022-05-16 18:31:57 +01:00
Spencer McIntyre f9a5d8285a Use the retry mixin for printnightmare 
This module gets disconnected from the named pipe. Use the new retry
mixin to avoid waiting for a standard delay.
 2022-05-16 09:53:57 -04:00
adfoster-r7 db694efd36 Improve relative redirect handling 2022-05-16 12:03:24 +01:00
Grant Willcox 133b9e307a Land #16563, Zyxel Firewall Unauthenticated Command Injection (CVE-2022-30525) 2022-05-13 18:55:30 -05:00
Grant Willcox 2eb31cf765 Add in edits from review 2022-05-13 15:32:12 -05:00
bwatters 1fe04caadd Land #16406, Create get_bookmarks.rb 
Merge branch 'land-16406' into upstream-master
 2022-05-13 13:42:31 -05:00
Spencer McIntyre 1aceb71971 Rename the function to emphasize truthy 2022-05-13 09:16:01 -04:00