adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,481 Commits 27 Branches 1,043 Tags
94e5e49052d4f0f165a3220a488ec33a53b082a2
Commit Graph

328 Commits

Author SHA1 Message Date
Christophe De La Fuente ae213813b5 Updates from code review 2024-10-22 14:41:02 +02:00
Spencer McIntyre 6ca0bb74fd Add workflow docs 2024-10-17 11:23:31 -04:00
Spencer McIntyre 2e4315b3c9 Add support to icpr_cert for ESC15 2024-10-17 11:23:31 -04:00
jheysel-r7 05ff8359b8 Merge pull request #19436 from h4x-x0r/CVE-2024-6670 
WhatsUp Gold SQL Injection (CVE-2024-6670) Module
 2024-09-26 17:04:30 -04:00
jheysel-r7 d11c2be4ea Merge pull request #19375 from h4x-x0r/CVE-2024-20419 
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419) Module
 2024-09-24 12:19:54 -04:00
h4x-x0r 64f595c431 cleanup, version check, documentation 
cleanup, version check, documentation
 2024-09-02 15:41:08 +01:00
bwatters 4af2294709 Land #19386, Ivanti Virtual Traffic Manager (vTM) Authentication Bypass (CVE-2024-7593) Module 
Merge branch 'land-19386' into upstream-master
 2024-08-27 09:39:10 -05:00
bwatters 84431b0a4e Land #19380, Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Merge branch 'land-19380' into upstream-master
 2024-08-26 18:09:09 -05:00
h4x-x0r 9c72a85134 Verified more versions 
Verified exploit against more affected versions
 2024-08-14 06:33:45 +01:00
h4x-x0r 75201b0892 Updated references 
references, affected versions, credits
 2024-08-14 05:15:36 +01:00
h4x-x0r 7bfc386973 Updated 
added error handling, documentation, version check, store_valid_credential
 2024-08-14 04:57:08 +01:00
h4x-x0r 26d6347919 Code cleanup 
Code cleanup
 2024-08-11 06:15:24 +01:00
h4x-x0r 5fa18a66ee Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module
 2024-08-11 05:41:07 +01:00
h4x-x0r 8a72124e9d Code cleanup and error handling added 
Code cleanup and error handling added
 2024-08-09 21:11:20 +01:00
h4x-x0r 4384d32c83 Cisco SSM On-Prem Account Takeover (CVE-2024-20419) 
Cisco SSM On-Prem Account Takeover (CVE-2024-20419)
 2024-08-09 18:59:54 +01:00
Spencer McIntyre 733c014223 Land #19115, read/write registry key SD 
Module to read/write registry key security descriptor remotely
 2024-05-13 15:41:54 -04:00
Spencer McIntyre 69d603e6fc Switch to an enum option for the signing 2024-05-03 10:27:10 -04:00
Christophe De La Fuente 91be90c43e Add registry_security_descriptor module and documentation 2024-04-30 20:57:32 +02:00
Ashley Donaldson 631e4e34db Update LDAP doco with current options 2024-04-24 15:40:11 +10:00
fanqiaojun 6b2bdc893b chore: remove repetitive words 
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net>
 2024-04-15 11:06:50 +08:00
Ashley Donaldson 4557de9a72 Changes from code review 2024-04-08 11:47:09 +10:00
Ashley Donaldson b1d0918074 Add documentation for module and functions 2024-04-08 11:32:53 +10:00
bwatters 3dc638909f Land #18906, Add template data files for ESC2 and ESC3 
Merge branch 'land-18906' into upstream-master
 2024-03-29 15:29:52 -05:00
Spencer McIntyre 7bce40308a Update module data to improve discoverability 2024-03-07 13:28:22 -05:00
h00die 482d2b28b1 gitlab password reset account takeoever 2024-01-18 16:19:26 -05:00
Spencer McIntyre 708c795890 Land #18560, Forging diamond and sapphire tickets 2023-11-28 11:14:15 -05:00
Ashley Donaldson c293c273ba Attempt to decrypt pre-auth kerberos response 2023-11-27 13:09:59 +11:00
Ashley Donaldson 3ca13d9358 Changes from code review. 
Added in the stability/IOC notes, since diamond/sapphire do make requests.
 2023-11-27 10:30:54 +11:00
adfoster-r7 5c09c86349 Land #18448, corrected options confict between module and ldap mixin 2023-11-21 13:33:21 +00:00
Stephen Fewer 64c9968328 Update cisco_ios_xe_os_exec_cve_2023_20273.md, which was missing CISCO_ADMINUSERNAME and CISCO_ADMIN_PASSWORD in the show options command output 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-11-08 09:16:12 +00:00
sfewer-r7 8364ae896b add the CLI command to sue to enable testing the WebUI 2023-11-06 17:11:39 +00:00
sfewer-r7 b28668790d allow user to explicitly specify a CLI mode. Valid modes are 'user', 'privileged', and 'global'. 2023-11-06 11:40:22 +00:00
sfewer-r7 10ee87c712 Add an optional CISCO_ADMIN_USERNAME and CISCO_ADMIN_PASSWORD options. If set these admin creds are used to leverage CVE-2023-20273. If not set, then CVE-2023-20198 is used to create a new temp admin account before leveraging CVE-2023-20273 2023-11-06 10:20:07 +00:00
Stephen Fewer be1229747f fix another typo on documentation 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-06 09:47:38 +00:00
Stephen Fewer 22cb55b36b fix type on documentation 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-11-06 09:47:23 +00:00
sfewer-r7 a55132b36f strip out "**CLI Line # " from the results and use print_line instead of print_status for cleaner output. 2023-11-03 17:09:08 +00:00
sfewer-r7 c8121ebd8e mention dropping to User EXEC mode via two exit keywords 2023-11-03 16:43:21 +00:00
sfewer-r7 17420289dc Add two auxiliary modules for the recent Cisco IOS XE exploit chain bugs (CVE-2023-20198 and CVE-2023-20273). This allows for unauthenticated remote CLI or OS command execution. 2023-11-03 15:38:35 +00:00
Spencer McIntyre 15aaa90379 Land #18447, CVE-2023-22515 Confluence Auth Bypass 
CVE-2023-22515 - Atlassian Confluence Data Center and Server Authentication Bypass
 2023-10-19 17:35:17 -04:00
Spencer McIntyre ee0e5b9eda Tidy the docs, fix the username 
The username can not contain capital letters, or the operation will
fail.
 2023-10-19 17:19:55 -04:00
emirpolatt 258ac6421b Fix fail_with response code compare and documentation fixes 2023-10-19 17:19:30 -04:00
Hynek Petrak 060dc84c18 corrected options confict between module and ldap mixin 2023-10-12 16:52:57 +02:00
emirpolatt 9ef1d1746a CVE-2023-22515 - Atlassian Confluence Data Center and Server Broken Access Control Leads to Authentication Bypass 2023-10-11 12:09:22 -07:00
h00die 557a15a115 spelling fixes on docs 2023-10-10 14:46:18 -04:00
dwelch-r7 1af22cfd22 Land #18096, Add initial proxies datastore support for kerberos workflows 2023-07-21 11:37:04 +01:00
adfoster-r7 08a2a293a9 Add proxies datastore support to kerberos 2023-07-21 11:19:50 +01:00
Spencer McIntyre ae4faca1ba Update module docs to discuss KB5014754 changes 2023-06-14 16:18:04 -04:00
Spencer McIntyre 0a3247f1a7 Add documentation 2023-05-22 10:29:03 -04:00
adfoster-r7 ab57c09dc2 Update get_ticket to support using forged golden tickets 2023-03-09 12:21:29 +00:00
adfoster-r7 0047ce5d3a Add rbcd exploitation documentation to docs site 2023-03-03 13:18:29 +00:00