adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

46254 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Auxilus 3f93055a72 Add pipe_auditor 2018-02-24 11:14:03 +05:30
Auxilus be77cb2a2b Add pipe_auditor 2018-02-24 11:04:41 +05:30
Auxilus a1587bcd68 Update smb_ms17_010.rb 2018-02-24 09:05:35 +05:30
Auxilus 46af6239df Update smb_ms17_010.rb 2018-02-24 08:50:39 +05:30
Auxilus 9bae6246b2 Check for accessible named pipe on vuln targets 
```
msf5 auxiliary(scanner/smb/smb_ms17_010) > run

[+] 192.168.0.2:445       - Host is likely VULNERABLE to MS17-010! - Windows 7 Ultimate 7601 Service Pack 1 x64 (64-bit)
[*] 192.168.0.2:445       - Checking for accessible named pipes
[+] 192.168.0.2:445       - Found accessible named pipe: netlogon
[+] 192.168.0.2:445       - Found accessible named pipe: lsarpc
[+] 192.168.0.2:445       - Found accessible named pipe: samr
[+] 192.168.0.2:445       - Found accessible named pipe: browser
[+] 192.168.0.2:445       - Found accessible named pipe: atsvc
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
```
 2018-02-24 03:20:34 +05:30
James Barnett 133b34827f Fix false+ login in a few more places 2018-02-23 13:16:41 -06:00
James Barnett 1c9c1dc1fc Add password spray option to brute force 2018-02-23 12:30:11 -06:00
Brent Cook 2e568aa660 Land #9607, upgrade osx shells to osx meterpreter 2018-02-23 11:11:44 -06:00
Brent Cook 4365bd3af5 bump rex-exploitation 2018-02-23 11:10:49 -06:00
Brent Cook cd728defed Merge branch 'master' into land-9607- 2018-02-23 11:09:20 -06:00
r4wd3r aafd67d416 Adjust rid_hijack.md documentation file 2018-02-23 04:30:22 +01:00
h00die c7bbc6eca4 juniper post enum module 2018-02-22 21:08:21 -05:00
UserExistsError e19a071910 add bind_named_pipe x86 2018-02-22 19:03:37 -07:00
Matthew Kienow ecad74cf99 Add cmd_vulns search and delete operations 2018-02-22 19:05:18 -05:00
William Vu 7663e5c1f6 Land #9601, ms17_010_eternalblue reliability fixes 2018-02-22 15:30:45 -06:00
James Barnett 9cad71f003 Merge branch 'master' into owa_login_improvements 2018-02-22 15:02:52 -06:00
James Barnett 5815b626d9 Dont save email addresses as valid 
Also add module doc for owa_login module
 2018-02-22 14:58:11 -06:00
James Barnett 08f10d7da1 Comments 2018-02-22 14:51:17 -06:00
James Barnett 1cee532526 Merge branch 'rapid7/master' into goliath 2018-02-22 14:49:45 -06:00
James Barnett e396dbabcd Dont save email addresses as valid users 
Also add initial module doc for owa_login
 2018-02-22 14:48:35 -06:00
Matthew Kienow 22752518ea WIP remote vuln read, update, delete 2018-02-22 13:53:22 -05:00
Brent Cook 65b0d9555f Land #9611, Fix bug causing all OWA logins to appear valid 2018-02-22 11:55:36 -06:00
r4wd3r d3851ed89c Add rid_hijack module documentation. 2018-02-22 18:49:11 +01:00
James Barnett e531dbc976 Fix bug causing all logins to appear valid 
The headers we were looking for were a little too loose
and were incorrectly identifying all responses as successful
login attempts
 2018-02-22 11:25:35 -06:00
dmohanty-r7 0f0270b144 Land #9610, lock ruby_smb to '0.0.18' 2018-02-22 11:03:40 -06:00
Brent Cook d737f77b84 bump gems, lock ruby_smb for now 2018-02-22 10:45:49 -06:00
bwatters-r7 4b8a8fa2b1 Land #9441, Create exploit for AsusWRT LAN RCE 
Merge branch 'land-9441' into upstream-master
 2018-02-22 10:40:45 -06:00
Matthew Kienow 7ad7188824 Fix comment typo 2018-02-22 11:29:44 -05:00
Jacob Robles 738d6ab33a Land #9604, Fix logged errors when running without Python 3.6 / gmpy2 2018-02-22 08:11:30 -06:00
Brent Cook 99e278fa29 Land #9584, Fix reverse_php_ssl infinite loop 2018-02-22 07:03:52 -06:00
Brent Cook 855fbc1689 Land #9602, Create sessions with the Fortinet SSH backdoor scanner 2018-02-22 06:04:18 -06:00
Tim W bfec2e8293 add more cmd_exec tests 2018-02-22 17:14:56 +08:00
Trevor Sibanda 77b3673e38 Fix reverse_php_ssl infinite loop 2018-02-22 08:42:54 +00:00
Tim W 78309f30cd add test for cmd_exec 2018-02-22 16:41:37 +08:00
Green-m 73292c25f8 Update persistence_exe.rb 2018-02-22 14:17:40 +08:00
Green-m 473fef8107 Update persistence_exe.rb 2018-02-22 12:55:56 +08:00
Green-m 6a143bf265 Update persistence_exe.rb 2018-02-22 12:55:31 +08:00
Brendan Coles f98b4b0540 require 'rubygems/package' 2018-02-22 04:28:56 +00:00
Green-m 9600acabc5 Update persistence_exe.rb 2018-02-22 12:00:47 +08:00
Brent Cook 7e665ab287 check for extra libraries explicitly, fail gracefully 2018-02-21 21:54:58 -06:00
Brent Cook 3f88e59516 handle Python 3.5/3.6 differences so we always have a UTF-8 string 2018-02-21 21:54:27 -06:00
William Vu a9d6845f25 Add module doc 2018-02-21 21:50:08 -06:00
William Vu 3880f6a65e Finally fix "Unknown admin user ''" after 2yrs 
The failed password auth was necessary after all. I misread the PoC. :'(

Apparently the password auth sets the username, while the backdoored
keyboard-interactive auth sets the password.
 2018-02-21 20:44:35 -06:00
William Vu cc2495dd9c Explain fortinet-backdoor -> FortinetBackdoor 2018-02-21 17:05:30 -06:00
William Vu a5d78b82d4 Add require for Net::SSH::CommandStream 2018-02-21 15:51:53 -06:00
William Vu 854ac67b8e Use start_session in fortinet_backdoor 
Still get "Unknown admin user ''" from a shell channel request,
@busterb's more complete implementation notwithstanding.

Hoping we fix this in a subsequent commit or related PR.

Please see #6612 and #9524.
 2018-02-21 15:33:34 -06:00
Aaron Soto af45c1764b Tweak exception handling and timing of ms17_010_eternalblue 2018-02-21 13:40:04 -06:00
James Barnett d4440d049d Merge branch 'goliath' of github.com:clee-r7/metasploit-framework into goliath 2018-02-21 11:16:31 -06:00
James Barnett 3005a8b7ce Merge branch 'rapid7/master' into goliath 2018-02-21 11:16:05 -06:00
Brent Cook 78822fd799 Land #9524, prefer 'shell' channels over 'exec' channels for ssh CommandStream 2018-02-21 06:59:09 -06:00