34ceae4e2c
Add autocheck report_vuln logic
2025-12-22 13:09:32 +00:00
c35537252f
Revert "Vulnerability Report Enhancement"
2025-12-15 12:40:02 +00:00
3dc70b751a
Report the ICertPassage protocol using the new API
2025-12-15 12:36:51 +01:00
d66e93afc0
Merge pull request #20658 from jheysel-r7/feat/mod/cert_details_update
...
Add Updates to LDAP ESC Vulnerable Cert Finder
2025-12-05 10:55:52 -05:00
0e2af23287
Add Updates to LDAP ESC Vulnerable Cert Finder
...
Add CertificateAuthorityRhost to avoid DNS failures
2025-12-04 17:03:36 -08:00
0f795d715e
Merge pull request #20741 from SaiSakthidar/remove-cain
...
Remove CAIN
2025-12-03 16:12:17 -05:00
98dd33a3cd
Remove CAIN
2025-12-03 15:42:57 -05:00
c425f1519c
Support relaying to MSSQL server that require TLS
2025-12-02 16:10:07 -05:00
47b742ba0c
Land #20482 , fixes bug in HTTP-based login scanners
...
Fix HTTP-based login scanners when using SSL with custom port
2025-11-25 16:23:39 +01:00
4a012dd06a
Merge pull request #20637 from zeroSteiner/feat/mod/smb-to-mssql
...
Add an SMB to MSSQL NTLM Relay module
2025-11-24 09:17:45 -08:00
6215da4754
Apply review suggestions: use case/when, improve error handling, simplify code
2025-11-20 22:41:08 +01:00
11c64b8f10
Update lib/msf/core/exploit/remote/http/flowise.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2025-11-20 21:55:10 +01:00
000d310914
MSSQL auto auth should look at the domain
...
If the domain is set, using NTLM where the domain is used, otherwise use
plaintext / sql authentiction.
2025-11-20 13:32:33 -05:00
6ab2452153
Fix documentation inconsistency: update ports for Flowise 3.0.1 (3005) and add Basic Auth service example
2025-11-19 22:58:27 +01:00
44cf2e309f
Add Flowise RCE exploits (CVE-2025-59528, CVE-2025-8943) with shared mixin, documentation, and Docker Compose setup
2025-11-19 22:12:49 +01:00
e99c1f648d
Expands fix for all HTTP-based login scanners
2025-11-18 16:42:59 +01:00
100ac4b973
Remove unneeded code
2025-10-23 13:05:36 -04:00
79b7b54e11
Finish the smb_to_mssql relay module
2025-10-21 11:28:23 -04:00
67f407275c
Initial non-functioning smb-to-mssql module
2025-10-21 11:21:00 -04:00
c2ccac414d
Remove the USE_WINDOWS_AUTHENT option
...
It's redundant with the Mssql::Auth option which is an enum and supports
all the authentication mechanisms. This eliminates the ambiguity between
the meaning and precedence of the options.
2025-10-21 11:20:51 -04:00
5252e92954
Merge pull request #20568 from bcoles/vbsobfuscate
...
Msf::Exploit::VBSObfuscate: Add VBS obfuscation library
2025-10-03 13:36:43 -07:00
1da518ec82
Responded to comments
2025-10-01 17:35:36 -07:00
66d59a7ddc
Update reg checks when DC and CA are separate
2025-10-01 17:35:36 -07:00
3d1d49b71a
Merge pull request #20517 from cgranleese-r7/adds-postgres-ssl-support
...
Adds SSL support to the postgres_login module
2025-09-26 08:53:47 -04:00
5b0565a4a1
Msf::Exploit::VBSObfuscate: Add VBS obfuscation library
2025-09-26 03:06:20 +10:00
96a83143f1
Merge pull request #20479 from msutovsky-r7/exploit/sitecore/postauth-rce
...
Adds modules for Sitecore XP post-auth remote code executions (CVE-2025-34510, CVE-2025-34511)
2025-09-11 11:25:27 -07:00
4104497498
Merge pull request #20502 from zeroSteiner/feat/refactor-pe-compiling
...
Update PE EXE Templates
2025-09-10 12:37:35 +02:00
c4936d1b0f
adjustments to the persistence lib and modules
2025-09-09 10:02:06 -04:00
dbb631ffb6
Adds SSL support to the postgres_login module
2025-09-09 09:56:36 +01:00
fa64376c5c
Adds comments for login function
2025-09-01 15:50:21 +02:00
3af8bd97ad
Consistently use the same technique for exe-service
2025-08-28 17:39:57 -04:00
c163cb3141
Land #20490 , adds the HTTP::Auth option to HTTP modules
...
This adds the `HTTP::Auth` Option to HTTP Modules
2025-08-28 16:13:38 +02:00
196e19808d
Add some error handling for kerberos options
2025-08-28 10:00:19 -04:00
f1dffd3ad6
Merge pull request #20480 from msutovsky-r7/exploit/pretalx/file-rw
...
Adds modules for Pretalx File Read/Limited File Write (CVE-2023-28459, CVE-2023-28458)
2025-08-27 15:46:39 -05:00
2533ddf441
Rubocoping
2025-08-26 12:42:28 +02:00
b43b4c9f37
Updates library, addressing comments
2025-08-25 17:49:34 +02:00
c1074c138e
Move the options into the mixin
2025-08-22 16:05:12 -04:00
7fdb1e03fa
Tie in Kerberos authentication for HTTP modules
2025-08-22 15:58:18 -04:00
4e113b1768
Addresses comments, adds exception for Pretalx, modifies aux module
2025-08-22 13:59:50 +02:00
fb062075e3
Adds target, adds side effects
2025-08-21 15:21:16 +02:00
01c09bcfed
Library fixes, refactoring exploit module
2025-08-21 09:22:21 +02:00
72dcc5a301
Library fix
2025-08-21 07:21:56 +02:00
da5b20faa4
Creating lib file for shared functionality, adding more reliable check method for CVE-2025-34511, docs init
2025-08-20 10:59:22 +02:00
0557d63127
Add database ref opts for kerberos and pkcs12
2025-08-18 15:56:47 +01:00
13b3af325f
Apply the ACEs for Authenticated Users
2025-08-15 11:57:30 -04:00
c843e36402
Merge pull request #20469 from adfoster-r7/improve-kerberos-file-load-error-messages
...
Improve Kerberos file load error messages
2025-08-15 12:51:52 +01:00
bebb43f8f6
Improve kerberos file load error messages
2025-08-15 12:38:45 +01:00
487c204b52
Merge pull request #20381 from h00die/persistence_phase_1
...
Persistence libraries/Mixins
2025-08-15 12:40:55 +02:00
4200f51fdf
Merge pull request #20445 from zeroSteiner/feat/lib/ldap-adds/2
...
Don't look up the local system SID
2025-08-12 07:59:10 -07:00
332a55cb4f
Fix error in kerberos authenticator
2025-08-11 16:48:37 +01:00
adfoster-r7