adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1126 Commits

Author SHA1 Message Date
bwatters-r7 2db93c9051 Land #12002, Feature/reverse ssh 
Merge branch 'land-12002' into upstream-master
 2020-02-21 09:17:51 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
William Vu 7646e43ccf Land #12776, PROTOCOL option for sunrpc_portmapper 2020-01-16 14:21:22 -06:00
William Vu bb583672bf Fix style 2020-01-16 14:21:09 -06:00
William Vu 002fe64057 Update pulse_secure_file_disclosure, too 
Since I bypassed query/vars_get, send_request_cgi is fine now.
 2020-01-14 00:34:06 -06:00
William Vu 72d06b0e9c Update Pulse Secure file disclosure module 
Just the comment.
 2020-01-13 22:27:29 -06:00
Brent Cook ce991071e4 Land #12524, update most python code with python 3 compatibility 2019-12-23 14:49:08 -06:00
Jeffrey Martin e416f0d886 Land #12363, Adding Chrome Debugger Gather Auxiliary Module 2019-12-12 10:13:51 -06:00
Nicholas Starke db05b11fae Uppercasing Parameters and Dregistering Options 
This commit uppercases all default parameters and de-registers
certain options like SSL and VHOST.
 2019-12-12 09:57:10 -06:00
Nicholas Starke 16910f7e02 Parameter Checks and Success Messaging 
This commit adds additional parameter checks for nil and adds
a little more descriptive success message that includes the path
to the loot storage location.
 2019-12-11 07:35:55 -06:00
Nicholas Starke 5d65741bb5 Changing Global Variables to Instance Variables 2019-12-06 10:35:43 -06:00
Nicholas Starke 6d523da790 Fixing require statements and scope 
Made the 'succeeded' variable global in scope and added two
'require' statements that seemed to be necessary for the module
to work properly.
 2019-12-05 14:43:46 -06:00
Nicholas Starke 335aef59da Adding failing condition 
This commit adds a failure code if the module does not
successfully receive a response from the remote chrome process.
 2019-12-05 14:17:30 -06:00
William Vu 7d77c0fd5a Land #12543, myworkspace.id to myworkspace_id fix 2019-11-12 03:09:08 -06:00
Nicholas Starke 986b1dfbd5 Addressing comments on pull request 
I have updated this module as per the comments left on the pull request.
This includes adding a timeout configuration option and adding a check
for the webSocketDebuggerUrl key
 2019-11-10 15:43:01 -06:00
layderv 247546f96d Fix: auxiliary/kerberos_enumusers stops after first match 2019-11-06 09:46:24 +00:00
Cristina c9948c037d Apply suggestions from code review 
- Change executable in shebang from python3 to python
- Revert changes to files that will only run as python2

Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2019-11-01 19:20:22 -07:00
Cristina Muñoz 10b5df1c4f Change all python2.7 shebangs to python3. 
Remove utf-8 encoding declarations, as this is the default for python3.
 2019-10-31 15:10:58 -07:00
Cristina Muñoz 8563a29003 Convert all python code to python3. Fixes #12506. 2019-10-31 14:16:14 -07:00
William Vu 128b9cd44b Reword related module info 2019-10-31 13:07:41 -05:00
William Vu df535676a7 Add related module info 2019-10-31 12:48:52 -05:00
William Vu a86388b53f Add module traits 2019-10-30 18:55:16 -05:00
William Vu 5d71af2dc5 Clarify dumped files are looted regardless 2019-10-29 23:10:57 -05:00
William Vu b55af213aa Set PRINT to true now that it's limited to manual 2019-10-29 22:59:26 -05:00
William Vu 1f5f720058 Rewrite module 2019-10-29 22:21:31 -05:00
William Vu 52ed19f5b8 Merge remote-tracking branch 'upstream/master' into pr/12220 2019-10-29 21:30:37 -05:00
Nicholas Starke 73569fef38 Removing Invalid CVE Identifier 
CVE Identifier was invalid, I removed that and made a
few other minor formatting / procedural changes, including
doing the check for the options before sending any network traffic.
 2019-09-25 16:52:50 -05:00
Nicholas Starke 90cd20b381 Minor Formatting Changes 
I forgot to run msftidy before pushing.  This commit
address two formatting issues and adds a place holder for
CVE, even though I don't think this is a CVE candidate.
 2019-09-25 16:21:27 -05:00
Nicholas Starke f77497883b Adding Chrome Debugger Gather Auxiliary Module 
This module can retrieve a file from a remote host that is
running a chrome session in headless mode on all network interfaces.
It can also make a web request from the remote host and send back the
full contents.
 2019-09-25 15:58:34 -05:00
dwelch-r7 134765dc40 Remove targets from aux modules 2019-09-23 15:29:38 +01:00
Dezzy ec81ee8f08 Update modules/auxiliary/gather/pulse_secure_file_disclosure.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-08-26 08:21:02 -05:00
Dezzy f796f55cea Update modules/auxiliary/gather/pulse_secure_file_disclosure.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-08-26 08:20:44 -05:00
Dezzy e103194ec4 Update modules/auxiliary/gather/pulse_secure_file_disclosure.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-08-26 08:20:36 -05:00
Dezzy dbcdfe8332 Create pulse_secure_file_disclosure.rb 2019-08-21 15:58:58 -05:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Brendan Coles cd1669f2b2 Use identify_hash for creds 2019-07-03 08:33:26 +00:00
Brendan Coles 9539408e33 Add support for retrieving xymonpasswd 2019-07-01 10:51:34 +00:00
Brendan Coles 1a7fb79cfc Add config retrieval 2019-06-30 04:03:17 +00:00
Brendan Coles a4da66fabe Add Xymon Daemon Gather Client Host Information module 2019-06-29 16:48:39 +00:00
RageLtMan f874f50748 Update Author fields for several modules 
Add hirura to authors list for the Ruby reverse_ssh payloads.

Update all modules with author-per-line name references to be
consistent (useful given the difference in names between commiter
in git log and GitHub account).

Next steps:
  See if HrrRbSsh client-side implementation can be fleshed out
enough to create alternative payload outputs for both of the Ruby
modules (using TARGET/ACTION to select between net/ or hrr_).
 2019-06-25 20:49:26 -04:00
Jeffrey Martin 1833c97c8c more require for pdf-reader 
In ruby 2,5+ on windows the ttfunk dependency loading causes ruby to crash so
only load this only when specifically required.
 2019-05-29 22:36:50 -05:00
Jacob Robles c36a72875c Fix end line 2019-05-23 12:35:45 -05:00
Wei Chen 7660b3cf7e Update oats_downloadservlet_traversal 2019-05-22 14:36:20 -05:00
Wei Chen 831c0cc7d6 Update syntax changes 2019-05-13 14:13:39 -05:00
Wei Chen ee00d05d3c Fix a typo 2019-05-09 08:43:06 -05:00
Wei Chen c70c6abe13 Add CVE-2019-2557 - OATS Directory Traversal 2019-05-07 14:56:04 -05:00
Jacob Robles 39aae367a5 Land #11765, Update NUUO mixin, move code to Rex 2019-04-25 09:35:47 -05:00
Jacob Robles b0498d0991 Update nuuo bruteforce module 
Module was updated to use the changes
in the nuuo mixin
 2019-04-24 07:01:42 -05:00
L 3c237b945f fixed 2019-04-21 12:00:20 +08:00
Jacob Robles e0266b4543 Update nuuo module 
aux:nuuo_cms_file_download
 2019-04-19 14:26:35 -05:00