adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,700 Commits 27 Branches 1,043 Tags
82c8b5418eb3c8e4e09ff5f2cb26f87e2d43a172
Commit Graph

2968 Commits

Author SHA1 Message Date
Grant Willcox 0f71613b66 Land #18056, Modify command stagers to not go over 100% 2023-06-01 16:06:13 -05:00
Zach Goldman 96f2c96a75 modify command stagers to not go over 100% 2023-06-01 12:07:07 -05:00
wvu 9528339761 Fix missing return in HTTP CmdStagers 
Fetch payloads are cooler, but this was missed in https://github.com/rapid7/metasploit-framework/pull/13426.
 2023-05-25 22:22:23 -05:00
Jack Heysel d8255157c9 Land #18021, Fix #cd for Powershell Sessions 2023-05-25 14:26:01 -04:00
Spencer McIntyre afb31b0f21 Add a function to escaple cmd.exe string literals 2023-05-23 15:17:39 -04:00
space-r7 60f6574bf3 Land #17965, add module for AD CS cert management 2023-05-22 09:50:53 -05:00
Spencer McIntyre dcbc6d19c5 Update #validate_query_result! 
The function required a filter argument, but not every query has a
filter. By removing it, we can reuse the same logic for other operations
including modifications.
 2023-05-22 09:21:20 -04:00
Spencer McIntyre f464401dde Land #17782, Add fetch payloads 
Add http wget cmd based fetch payload for Linux and Windows
 2023-05-18 12:18:27 -04:00
bwatters 548a2d7ab4 Add fetch payloads for Windows and Linux x64 2023-05-18 10:47:29 -05:00
adfoster-r7 eb959e2e40 Land #17060, GSoC Project: Implement HTTP-Trace enabled login scanners 2023-05-11 15:45:01 +01:00
ErikWynter b8856bbb87 fix capitalization of Htlm_fileName JSON parram 2023-05-05 09:59:11 +03:00
Grant Willcox adec2f4fbb Update the login.rb code so we aren't as strict on cookies since older versions sometimes use JSESSIONIDADAPSSO instead of JSESSIONIDSSO for login cookies 2023-05-04 15:40:39 -05:00
Grant Willcox 8c7ae1b6bb Minor update to comments for clarity 2023-05-04 15:12:32 -05:00
ErikWynter c088430bd9 improve sanity checks in login method and other code review fixes 2023-05-04 15:12:31 -05:00
Grant Willcox f27fc28411 Perform review updates 2023-05-04 15:12:31 -05:00
ErikWynter 9b596b3efd minor changes 2023-05-04 15:12:31 -05:00
ErikWynter 1c6c1dffc6 final code review fixes 2023-05-04 15:12:31 -05:00
ErikWynter 9fe7db4648 improve status codes handling 2023-05-04 15:12:30 -05:00
ErikWynter aede036b02 additional changes from code review 2023-05-04 15:12:30 -05:00
Grant Willcox ba687c49aa Fix a few typos 2023-05-04 15:12:29 -05:00
ErikWynter a5e86a0c51 code review improvements, including renaming silent param 2023-05-04 15:12:29 -05:00
Grant Willcox 0fd743d851 Add in fixes from code review 2023-05-04 15:12:29 -05:00
ErikWynter dd075d5c99 library improvements after code review, module update 2023-05-04 15:12:28 -05:00
ErikWynter a2cf29ab98 partial fixes after library code review 2023-05-04 15:12:28 -05:00
Grant Willcox 61d1cf1460 Fix up things identified during review 2023-05-04 15:12:28 -05:00
ErikWynter e639460b9f fix library comments for json_post_data.rb 2023-05-04 15:12:27 -05:00
ErikWynter 47d374497a create adaudit plus mixin and move some stuff there 2023-05-04 15:12:27 -05:00
Jack Heysel cda2e9610b Land #17820, optimising the nagiosxi modules 
This PR refactors the authenticated nagiosxi modules and mixins..
 2023-04-14 16:21:26 -04:00
dwelch-r7 275963eca2 Land #17353, Persist icpr cert as pkcs12 credential 2023-04-12 13:16:18 +01:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
adfoster-r7 875ad34b62 Persist icpr cert as pkcs12 credential 
Update creds command to support pkcs12
 2023-04-11 16:25:25 +01:00
Ron Bowes ce111f158a Better error handling 2023-04-06 10:35:33 -07:00
Ron Bowes c345fe78b8 Fix up error handling and other comments from the PR 2023-04-05 15:13:35 -07:00
Ron Bowes 04a9ae7335 Add check methods 2023-04-05 10:55:28 -07:00
bwatters c93a4d0e30 So we don't actually use an http server when we use cmdstager::flavor certutil 2023-04-03 15:06:26 -05:00
manishkumarr1017 812d3c7f35 PR Review Changes for optimizing the nagiosxi modules 2023-04-01 14:28:37 +05:30
dwelch-r7 ab08cd2d1c Land #17753, Update get_ticket to support using forged golden tickets 2023-03-30 14:15:48 +01:00
Ron Bowes 4cab9b1a34 Make rubocop happy 2023-03-29 08:05:05 -07:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
adfoster-r7 e1ecdac2a5 Land #17724, Add ticket checksum to kerberos ticket creation 2023-03-29 09:01:39 +01:00
space-r7 f9c6caa804 Land #17785, add SolarWinds (SWIS) deser RCE 2023-03-27 15:25:17 -05:00
Spencer McIntyre bfac7e6e0b Add a formatter_compatible_gadget_chains function 2023-03-23 17:28:58 -04:00
Spencer McIntyre ff3b68a352 Add the ObjectDataProvider+JsonNetFormatter 2023-03-23 17:28:58 -04:00
adfoster-r7 d6e9e8d3bb Land #17735, fix some incorrect YARD parameters 2023-03-22 15:20:12 +00:00
3V3RYONE 9c20d0f84b Implemented HTTP-Trace for login scanners via HttpLoggerSubscriber API 2023-03-15 00:57:33 +05:30
h00die-gr3y fc711131a2 added MIME, added break in mixin and added link with installation instructions 2023-03-09 09:28:46 -06:00
Grant Willcox deafceed00 Update documentation, library, and Gemspec from review 2023-03-09 09:28:27 -06:00
h00die-gr3y d3f84af790 Included mixin for PHP code injection at PNGs 2023-03-09 09:28:14 -06:00
adfoster-r7 ab57c09dc2 Update get_ticket to support using forged golden tickets 2023-03-09 12:21:29 +00:00