adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,638 Commits 27 Branches 1,043 Tags
8cfcfa3f7873e80d9188300aab2caf6727b4fa00
Commit Graph

37710 Commits

Author SHA1 Message Date
bwatters-r7 37175955cd Fix some https bugs and generate non-piped commands properly 2025-04-01 11:16:21 -05:00
jheysel-r7 ccb0c1a320 Merge pull request #19993 from h00die-gr3y/cmd-enc-base64 
BUGFIX: cmd encoder base64
 2025-03-31 18:42:31 -07:00
jheysel-r7 33e3a0bd09 Merge pull request #19984 from zeroSteiner/feat/lib/adcs-mm-updates/2 
Feat/lib/adcs mm updates/2
 2025-03-31 10:23:10 -07:00
h00die-gr3y 9a60caf36d added comment with explanation 2025-03-31 09:36:01 +00:00
h00die-gr3y dde6bdc211 bug fix cmd encoder base64 2025-03-30 11:11:00 +00:00
jheysel-r7 e841a45db2 Merge pull request #19985 from sjanusz-r7/add-pfsense-login-scanner 
Add pfSense Login Scanner module
 2025-03-28 11:12:43 -07:00
sjanusz-r7 9865ecc785 Address pfSense Login Scanner feedback 2025-03-28 17:35:10 +00:00
sjanusz-r7 fdd3234c90 Explicitly register SSL option as true, add proof logging to pfSense Login 2025-03-28 15:42:37 +00:00
jheysel-r7 5505bb5ef1 Merge pull request #19947 from machang-r7/machang-r7-module-cve-2025-27218 
Create sitecore_xp_cve_2025_27218.rb
 2025-03-28 07:40:28 -07:00
Diego Ledda 985cea3278 Land #19980, Add CMSMadeSimple (CMSMS) File Manager Auth RCE (CVE-2023-36969) 
Land #19980, Add CMSMadeSimple (CMSMS) File Manager Auth RCE (CVE-2023-36969)
 2025-03-28 12:24:30 +01:00
jheysel-r7 08e227faca Merge pull request #19934 from sfewer-r7/bugfix-cisco-iosxe-rce 
Improve exploit/linux/misc/cisco_ios_xe_rce (CVE-2023-20198 + CVE-2023-20273)
 2025-03-27 16:51:16 -07:00
Spencer McIntyre 81215645f4 Merge pull request #19606 from cgranleese-r7/rename-ldap-datastore-values 
Renames LDAP datastore options
 2025-03-27 16:26:54 -04:00
Jack Heysel fa0c29837e Update author, rubocop, msftidy_docs 2025-03-27 09:36:10 -07:00
Jack Heysel d54e8d8749 Add check method that returns Detected 2025-03-27 09:28:28 -07:00
tastyrce 43c929d56e Update checking for authentication 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-03-27 22:13:04 +11:00
tastyrce 10ea4f7f9f use keep_cookies to store cookies 2025-03-27 03:22:11 -04:00
tastyrce e62038cfe5 improve version parsing 2025-03-27 02:01:03 -04:00
tastyrce cbfcc5bd13 add condition for http code 2025-03-27 00:40:13 -04:00
tastyrce f1175420f8 remove get and post wrappers 2025-03-27 00:37:40 -04:00
jheysel-r7 26869588db Merge pull request #19987 from zeroSteiner/fix/mod/ivanti-login 
Update the Ivanti and Sonicwall Bruteforce modules
 2025-03-26 15:06:10 -07:00
Spencer McIntyre 30d071e098 Make the same changes for sonicwall 2025-03-26 17:25:13 -04:00
Spencer McIntyre 7476ea9006 Brute force modules should be named service_login 2025-03-26 16:14:16 -04:00
Spencer McIntyre 72c3ebec53 This #initialize method must take one argument 2025-03-26 16:14:06 -04:00
Spencer McIntyre 83963d19b5 Set the workspace when reporting 2025-03-26 14:53:04 -04:00
sjanusz-r7 3b4db23b8e Add pfSense Login Scanner module 2025-03-26 14:25:59 +00:00
Jack Heysel 24a785d6b0 Target and metadata updates 2025-03-25 11:56:15 -07:00
Diego Ledda 9c42bdd103 Land #19974, GLPI Inventory Plugin Unauth Blind Boolean SQLi (CVE-2025-24799) 
Land #19974, GLPI Inventory Plugin Unauth Blind Boolean SQLi (CVE-2025-24799)
 2025-03-25 19:45:54 +01:00
Jack Heysel abeeb091fd Rubocop 2025-03-25 11:18:48 -07:00
Spencer McIntyre bf1f919d9f Merge pull request #19957 from msutovsky-r7/auxmodule-eramba-update 
Auxmodule eramba update
 2025-03-25 13:54:24 -04:00
cgranleese-r7 d38dd96861 Renames LDAP datastore options 2025-03-25 17:07:25 +00:00
tastyrce e70c8aa921 RuboCop Fixes 2025-03-22 02:37:41 -04:00
tastyrce d0bd559602 add cmsms exploit module 2025-03-22 02:35:27 -04:00
Spencer McIntyre 02e3a55570 Catch additional exceptions for failures 2025-03-21 12:02:23 -04:00
Spencer McIntyre 389e8af223 Add additional common SIDs 2025-03-21 10:01:04 -04:00
msutovsky-r7 c7c0047ea2 Land #19802, module for CVE-2024-30085 
Working Draft for cve-2024-30085
 2025-03-20 21:46:26 +01:00
Jack Heysel cde6034614 Account for all vulnerable version DB schemas 2025-03-20 13:09:17 -07:00
Martin Sutovsky 95f9e22eff Addressing comments 2025-03-20 20:46:38 +01:00
e2002e 584d7dad35 fix resolvable() 2025-03-20 16:26:33 +01:00
e2002e d16c3e93ba Merge https://github.com/rapid7/metasploit-framework 2025-03-20 16:25:13 +01:00
e2002e 4be6f49f6d use a variable for the domain; use .present? for resolvable 2025-03-20 16:23:09 +01:00
Martin Sutovsky df027f3fdd Update documentation, adding more precise check, removing unnecessary characters 2025-03-20 15:18:55 +01:00
bwatters-r7 ec67435de9 Rebase and squash for CVE-2024-30085 2025-03-20 09:03:28 -05:00
Jack Heysel 86fec44853 Respond to comments, update reliability 2025-03-20 06:41:46 -07:00
cgranleese-r7 4764ebbe39 Land #19932, Fix crash when running mssql payload against sessions 2025-03-20 11:20:06 +00:00
Jack Heysel e3d9561be1 GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi (CVE-2025-24799) 2025-03-19 12:50:40 -07:00
Brendan 413c1931f7 Merge pull request #19832 from cdelafuente-r7/mod/relay/smb_to_ldap 
SMB to LDAP relay module
 2025-03-17 11:14:24 -05:00
adfoster-r7 9917f574c0 Merge pull request #19913 from h00die/hash_validator 
hash_cracker_validator script to verify hash cracking
 2025-03-17 15:50:07 +00:00
msutovsky-r7 e484855c05 Land #19960, adding more robust check for CVE-2024-30038 
Fix check method for Windows Kernel Time of Check Time of Use LPE (CVE-2024-30038)
 2025-03-17 10:13:14 +01:00
e2002e 7bbd6406e7 use new domain name. 2025-03-15 03:18:44 +01:00
Christophe De La Fuente 5305e04891 Add a check for the LDAP session feature 2025-03-14 15:28:39 +01:00