adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,481 Commits 27 Branches 1,043 Tags
94e5e49052d4f0f165a3220a488ec33a53b082a2
Commit Graph

5760 Commits

Author SHA1 Message Date
Spencer McIntyre 502e415344 Merge pull request #19630 from remmons-r7/cups_ipp_rce 
Exploit module for IPP attributes remote code execution - OpenPrinting CUPS
 2024-11-22 09:22:21 -05:00
Spencer McIntyre 24d3ef16cf Remove some unnecessary code, switch to passive stance 2024-11-21 15:08:43 -05:00
jheysel-r7 05cbd1d9a3 Land #19593 Add exploit for CVE-2023-28324 (Unauthenticated RCE in Ivanti EPM) 
This exploits an unauthenticated RCE in Ivanti's EPM where a .NET remoting client can invoke a method that results in an OS command being executed in the context of NT AUTHORITY\SYSTEM.
 2024-11-20 11:18:58 -08:00
adfoster-r7 e6615d3a74 Merge pull request #19659 from sjanusz-r7/fix-irb-deadlock-error 
Fix IRB deadlock recursive locking on Ctrl+C
 2024-11-19 16:11:09 +00:00
Christophe De La Fuente 7bab1c1980 Fix specs and add algorithm argument 2024-11-18 17:17:58 +01:00
sjanusz-r7 bc45734fed Fix IRB deadlock recursive locking on Ctrl+C 2024-11-18 14:37:01 +00:00
Christophe De La Fuente 35bb832b7c Add create_csr helper under Rex::Proto 
Also update `ms_icpr.rb` to use it
 2024-11-12 12:34:20 +01:00
remmons-r7 4951a9b24d Create mDNS server.rb 2024-11-11 15:54:44 -06:00
Spencer McIntyre c98830834b Merge pull request #19620 from dudu7615/Fixed-spelling-errors-in-command-usage 
Fixed spelling errors in command usage
 2024-11-07 09:14:32 -05:00
dudu 8ffa333a97 Fixed spelling errors in command usage 2024-11-06 20:38:51 +08:00
Spencer McIntyre 5550e073dd Implement suggested changes 2024-10-31 11:29:34 -04:00
bwatters c4c1aae565 Update smb thread logging, fix control flow, use RELAY_TARGET, other suggestions 2024-10-24 15:23:10 -05:00
bwatters 7d86c99ba6 Currently getting a bad username/password message 2024-10-24 15:23:09 -05:00
adfoster-r7 fdfda1f7e3 Fix crash when running meterpreter shell command 2024-10-23 00:35:47 +01:00
Spencer McIntyre 77f63442d7 Add the initial higher level client 2024-10-17 12:54:25 -04:00
Spencer McIntyre 619620733d Add the initial Ivanti Agent Portal RCE 2024-10-17 12:54:25 -04:00
Spencer McIntyre 4dbcde793b Add the definitions for MS-NRTP messages 2024-10-17 12:54:25 -04:00
Spencer McIntyre 8d943efc30 Add the ldapwhoami command support 
See RFC4532 and ruby-ldap/ruby-net-ldap#425
 2024-10-17 11:23:31 -04:00
Spencer McIntyre fd1f14e5ab Add the x509 definitions for ESC15 2024-10-17 11:23:31 -04:00
adfoster-r7 26e041dbfe Merge pull request #19108 from smashery/new_cmd_exec 
New process launch API
 2024-10-17 00:08:06 +01:00
dwelch-r7 9cb3fefb40 Land #19539, Keep LDAP sessions alive 2024-10-15 11:28:08 +01:00
Ashley Donaldson 0ab16ae3af Fix bug when no arguments are present 2024-10-12 14:36:08 +11:00
Ashley Donaldson 5d71aa26e3 Treat old-style path separately to new (unescaped) path 2024-10-12 14:36:08 +11:00
Ashley Donaldson 85d019cd3c Handle CommandLineToArgv behaviour 2024-10-12 14:36:08 +11:00
Ashley Donaldson e9f86c4865 Reworked unix create_process, as it was buggy 2024-10-12 14:36:08 +11:00
Ashley Donaldson 955c675334 Implement new cmd_exec API for PowerShell 2024-10-12 14:36:08 +11:00
Ashley Donaldson 395e74359e Update User Agent strings for October 2024. Add script to automate this in future. 2024-10-11 09:31:07 +11:00
Ashley Donaldson c732fed617 Feedback from code review 2024-10-11 08:22:39 +11:00
Ashley Donaldson 22cf3f05d5 Send a benign LDAP request every 10 minutes to keep sessions alive 2024-10-11 08:22:39 +11:00
Simon Janusz a31261ecf2 Revert "Replace Readline with Reline" 2024-10-02 13:15:12 +01:00
sjanusz-r7 10dee226c6 Replace Readline with Reline 2024-09-04 16:39:41 +01:00
dledda-r7 bcbbc91621 fix(core): fix migrate to pass the debug_build flag. 
Co-authored-by: dwelch-r7 <dean_welch@rapid7.com>
 2024-08-01 09:27:12 -04:00
adeherdt-r7 c5717d42d6 MS-9457 Support NO_AUTH_REQUIRED 
Support the `NO_AUTH_REQUIRED` condition and terminate the scan to avoid further unneeded attempts.
 2024-07-02 14:09:01 +02:00
adeherdt-r7 52142f280f MS-9454 Redis Scanner: Support versions 
Updating the Redis Login Scanner to properly support all versions of Redis and their implementations to handle the `AUTH` command.
 2024-06-28 15:25:49 +02:00
dledda-r7 8a432fb292 fix: default is_weak_key is nil; handling of empty key_dec_data 2024-06-21 04:00:02 -04:00
dledda-r7 80e942b76d fix: better implementation of negotiate_tlv_encryption 2024-06-17 10:57:17 -04:00
dledda-r7 1a8746f076 fix: updated warning messages, inverted is_weak_key logic 2024-06-14 10:19:56 -04:00
dledda-r7 acfaf52611 feat(meterpreter): display a warning when a weak encryption aes_key is used. skip module loading if encryption is weak. 2024-06-13 09:30:17 -04:00
sjanusz-r7 91cb94e725 Add _close method to history manager, use generic method for Msf Config history file 2024-06-03 17:23:51 +01:00
sjanusz-r7 487faf9a1a Allow History Manager writer thread to exit when queue is empty 2024-05-28 15:37:43 +01:00
sjanusz-r7 82c43c3154 Allow HistoryManager to mock input library history 2024-05-23 17:50:19 +01:00
sjanusz-r7 60c09e5ca3 SQL sessions have correct history manager support 2024-05-23 13:57:31 +01:00
Dean Welch 68f7334348 Fix kerberos auth and missing method error when querying with -a 2024-05-15 16:11:40 +01:00
Dean Welch 29c79fb499 Add handling of dead ldap sessions 2024-05-15 15:12:51 +01:00
Dean Welch 0cea2cba75 Add guard clause to not print out session info unless the session is enabled 2024-05-15 15:12:51 +01:00
Dean Welch 7cdea94000 Convert ldap modules to use the new ldap session type 2024-05-15 15:12:51 +01:00
Dean Welch e693b9588c Update ldap modules to support an ldap session 2024-05-15 15:12:51 +01:00
Dean Welch df32ce2db9 Add ldap query support to the ldap session 2024-05-15 15:12:51 +01:00
Dean Welch 9e4f958af7 keep ldap connection open for use in a session 2024-05-15 15:12:51 +01:00
Dean Welch 3cedb20f75 Add initial ldap session support 2024-05-15 15:12:51 +01:00