adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,700 Commits 27 Branches 1,043 Tags
82c8b5418eb3c8e4e09ff5f2cb26f87e2d43a172
Commit Graph

136 Commits

Author SHA1 Message Date
ErikWynter b8856bbb87 fix capitalization of Htlm_fileName JSON parram 2023-05-05 09:59:11 +03:00
Grant Willcox adec2f4fbb Update the login.rb code so we aren't as strict on cookies since older versions sometimes use JSESSIONIDADAPSSO instead of JSESSIONIDSSO for login cookies 2023-05-04 15:40:39 -05:00
Grant Willcox 8c7ae1b6bb Minor update to comments for clarity 2023-05-04 15:12:32 -05:00
ErikWynter c088430bd9 improve sanity checks in login method and other code review fixes 2023-05-04 15:12:31 -05:00
Grant Willcox f27fc28411 Perform review updates 2023-05-04 15:12:31 -05:00
ErikWynter 9b596b3efd minor changes 2023-05-04 15:12:31 -05:00
ErikWynter 1c6c1dffc6 final code review fixes 2023-05-04 15:12:31 -05:00
ErikWynter 9fe7db4648 improve status codes handling 2023-05-04 15:12:30 -05:00
ErikWynter aede036b02 additional changes from code review 2023-05-04 15:12:30 -05:00
Grant Willcox ba687c49aa Fix a few typos 2023-05-04 15:12:29 -05:00
ErikWynter a5e86a0c51 code review improvements, including renaming silent param 2023-05-04 15:12:29 -05:00
Grant Willcox 0fd743d851 Add in fixes from code review 2023-05-04 15:12:29 -05:00
ErikWynter dd075d5c99 library improvements after code review, module update 2023-05-04 15:12:28 -05:00
ErikWynter a2cf29ab98 partial fixes after library code review 2023-05-04 15:12:28 -05:00
Grant Willcox 61d1cf1460 Fix up things identified during review 2023-05-04 15:12:28 -05:00
ErikWynter e639460b9f fix library comments for json_post_data.rb 2023-05-04 15:12:27 -05:00
ErikWynter 47d374497a create adaudit plus mixin and move some stuff there 2023-05-04 15:12:27 -05:00
manishkumarr1017 812d3c7f35 PR Review Changes for optimizing the nagiosxi modules 2023-04-01 14:28:37 +05:30
Grant Willcox 08f07eccb6 Fix initial incorrect parameters in YARD documentation 2023-03-05 20:15:14 -06:00
Spencer McIntyre ac9d60ce9e Land #17281, Added module for CVE-2022-2992 
Added module for CVE-2022-2992 - Gitlab Remote Command Execution via Github import
 2023-02-14 16:57:29 -05:00
space-r7 78ae5f49ce add gitlab prefix back to methods 2023-02-14 15:26:01 -06:00
space-r7 304b90ecc8 split mixins between forms and v4 api used 2023-02-14 12:37:43 -06:00
Spencer McIntyre c3fa924cfa Remove the NGROK_URL option 2023-02-13 14:31:44 -05:00
Spencer McIntyre 210b7a3254 Use #get_json_document instead of JSON.parse 
Also fix typos
 2023-02-13 14:00:13 -05:00
cgranleese-r7 fb196cb378 Testing Ruby 3.2 against CI 2023-01-31 13:19:06 +00:00
Heyder Andrade 8aca86b816 Apply suggestions from code review 2022-12-04 17:29:05 +01:00
Heyder Andrade 5c3ac339d0 Apply suggestions from code review 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2022-12-04 12:13:50 +01:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
Christophe De La Fuente d3057f15b2 Land #17275, Add Exploit For CVE-2022-41082 (ProxyNotShell) 2022-11-30 18:16:19 +01:00
Heyder Andrade 704cee436b Apply suggestions from code review 2022-11-29 15:25:14 +01:00
Heyder Andrade c1236500f1 Apply suggestions from code review 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-29 14:12:39 +01:00
Spencer McIntyre f24df8a051 Change an exception class and drop DOMAIN passing 2022-11-28 10:06:14 -05:00
Spencer McIntyre 009c6c5350 Add the MaxBackendRetries datastore option 2022-11-28 09:45:04 -05:00
Spencer McIntyre 3805a79079 Add support for Exchange Data Access Group (DAG) 
This updates the HttpSsrf class to retry requests to the Powershell
backend when they fail because they were routed to a new server. Now
when the transport is initialized, it will store the backend used by the
first successful request.
 2022-11-23 15:37:58 -05:00
Heyder Andrade a05cbdbc30 Impreve error handling 2022-11-20 12:09:05 +01:00
Heyder Andrade f1b97de78d Added Gitlab mixin 2022-11-19 15:19:29 +01:00
Spencer McIntyre 29d57dde66 Consolidate into ProxyMaybeShell 2022-11-18 17:01:01 -05:00
Christophe De La Fuente d1a7170020 Land #17021, Gitea Git fetch RCE module - CVE-2022-30781 2022-11-17 12:28:29 +01:00
krastanoel 645a1c25a3 Update method documentation and indentation 2022-11-09 16:27:31 +07:00
krastanoel 13bb31feeb Update module 
- move repository migration to execute_command.
NOTE: the stageless payload is still unsuccessfull but keep this anyway for christophe to review.
 2022-11-09 04:52:18 +07:00
krastanoel a50cca27e6 remove cookie_jar manipulation 2022-11-09 00:48:23 +07:00
krastanoel 52d867bbc7 follow Ruby coding convetions 
- combine gitea_version into get_gitea_version for the check method
- validate empty username
 2022-11-09 00:41:30 +07:00
krastanoel c980f4f9ee add more custom error exception 2022-11-09 00:27:12 +07:00
krastanoel 540984804d Apply suggestions from code review 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-11-08 14:09:31 +07:00
Jack Heysel 45ddcf02c9 Remove unused mix in, add low bound to check 2022-11-01 10:42:43 -05:00
jheysel-r7 af9175325b Update lib/msf/core/exploit/remote/http/webmin/login.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-11-01 10:42:42 -05:00
Jack Heysel ad5b03ed96 Finished TODOs and added docs 2022-11-01 10:40:00 -05:00
h00die 06aefb630a string true to bool true 2022-10-03 19:50:04 -04:00
krastanoel aa0dc86bd8 get csrf from the html body instead 2022-10-01 19:59:23 +07:00
krastanoel 02b5f8678c add repository error class 2022-10-01 17:43:42 +07:00