adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,481 Commits 27 Branches 1,043 Tags
94e5e49052d4f0f165a3220a488ec33a53b082a2
Commit Graph

37061 Commits

Author SHA1 Message Date
h00die 94e5e49052 ubuntu needrestart lpe 2024-11-22 15:44:45 -05:00
Spencer McIntyre 502e415344 Merge pull request #19630 from remmons-r7/cups_ipp_rce 
Exploit module for IPP attributes remote code execution - OpenPrinting CUPS
 2024-11-22 09:22:21 -05:00
Spencer McIntyre 0ec9b1bcb9 Fix a multicast socket issue 2024-11-21 15:14:46 -05:00
Spencer McIntyre 24d3ef16cf Remove some unnecessary code, switch to passive stance 2024-11-21 15:08:43 -05:00
jheysel-r7 d95d549992 Land #19531 ProjectSend r1335 - r1605 RCE module 2024-11-21 09:53:36 -08:00
ostrichgolf 68eb6599fd Create projectsend_unauth_rce 2024-11-21 09:34:58 -08:00
adfoster-r7 d9d7f1a898 Merge pull request #19654 from h00die/strapi 
strapi 3.0.0 beta 17.4 password reset (CVE-2019-18818)
 2024-11-21 12:35:30 +00:00
jheysel-r7 afbbba09e8 Land #19584 Judge0 sandbox escape CVE-2024-28185, CVE-2024-28189 2024-11-20 14:35:38 -08:00
Takah1ro da6f8cd552 Add Judge0 module and document 2024-11-20 14:15:38 -08:00
jheysel-r7 05cbd1d9a3 Land #19593 Add exploit for CVE-2023-28324 (Unauthenticated RCE in Ivanti EPM) 
This exploits an unauthenticated RCE in Ivanti's EPM where a .NET remoting client can invoke a method that results in an OS command being executed in the context of NT AUTHORITY\SYSTEM.
 2024-11-20 11:18:58 -08:00
Spencer McIntyre e52edf447c Implement feedback from the PR 2024-11-20 13:51:39 -05:00
Spencer McIntyre f7e210d3e9 Merge pull request #19624 from cdelafuente-r7/fix/mod/ms_icpr 
Fix a crash when generating CSRs with OpenSSL 3.4.0
 2024-11-19 10:58:52 -05:00
adfoster-r7 1ed2d7e258 Merge pull request #19658 from cdelafuente-r7/fix/mod/get_ticket/file_read 
Fix `auxiliary/admin/kerberos/get_ticket` issue on Windows
 2024-11-18 16:08:27 +00:00
Christophe De La Fuente 2970c99471 Use binread instead 2024-11-18 15:32:08 +01:00
Spencer McIntyre dd7e1786e1 Merge pull request #19643 from smashery/dcsync_individual 
DCsync individual accounts and groups
 2024-11-18 09:25:21 -05:00
Christophe De La Fuente 7c512b7054 Read the certificate in binary mode 2024-11-18 15:11:36 +01:00
h00die dfebca457c strapi review 2024-11-16 15:47:54 -05:00
h00die 6629d5dff2 strapi password reset 2024-11-15 15:12:34 -05:00
Spencer McIntyre 5d9add4450 Merge pull request #19640 from jheysel-r7/pyload_js2py_cve_2024_39205 
Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397)
 2024-11-15 09:24:37 -05:00
adfoster-r7 d039bead93 Merge pull request #19601 from sjanusz-r7/add-teamcity-login-scanner 
Add JetBrains TeamCity HTTP Login Scanner
 2024-11-15 12:49:10 +00:00
Ashley Donaldson 717940590a Clearer datastore option description 2024-11-15 11:11:41 +11:00
Jack Heysel 92e42a63ea Rubocop 2024-11-14 12:47:35 -08:00
Jack Heysel 4e1f33336c Ofuscation and Gemfile update 2024-11-14 12:44:19 -08:00
Ashley Donaldson 715fa3c559 Msftidy fixes 2024-11-14 17:58:00 +11:00
Ashley Donaldson 67c33fa95f Fix bug: DCSync only once, rather than once per DC that exists in the domain 
- Also only DCSync each user once (if they're specified multiple times in KRB_USERS)
- Also be resilient to spaces in the comma-sepration
 2024-11-14 15:13:59 +11:00
Jack Heysel 2ba8a6c08d Responded to comments 2024-11-13 17:23:08 -08:00
Jack Heysel 497ce5e9da Linting and Rex::RandomIdentifier update 2024-11-13 08:28:52 -08:00
adfoster-r7 2a022b8215 Merge pull request #19635 from adfoster-r7/update-kerberos-enumusers-description 
Update Kerberos enumusers description
 2024-11-13 15:50:53 +00:00
Ashley Donaldson 1705203ad8 Support DCSyncing by group too 2024-11-13 17:22:11 +11:00
Jack Heysel d2ef3cb6a9 Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397) 2024-11-12 16:05:07 -08:00
Brendan 19e182ce65 Land #19557, Add Palo Alto Expedition RCE (CVE-2024-5910 & CVE-2024-9464) Module 
Palo Alto Expedition RCE (CVE-2024-5910 & CVE-2024-9464) Module
 2024-11-12 16:42:06 -06:00
Christophe De La Fuente 24e19e4ebb Update the ESC8 relay module to use the new helper 
It also fixes some unrelated minor issues found in the module and the documentation
 2024-11-12 18:23:31 +01:00
h4x-x0r 6f6f92823a fixed typo 
fixed typo
 2024-11-12 15:15:15 +00:00
h4x-x0r fb102ec409 Update modules/exploits/linux/http/paloalto_expedition_rce.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-11-12 09:03:22 -06:00
adfoster-r7 ffa12f6ba5 Update Kerberos enumusers description 2024-11-12 13:45:47 +00:00
Ashley Donaldson 6c3e13a31f Able to query just a subset of users 2024-11-12 17:04:40 +11:00
remmons-r7 720312ba1c Create cups_ipp_remote_code_execution.rb 2024-11-11 15:51:09 -06:00
bwatters-r7 03928a56bd Add staging file delete and code cleanup 2024-11-11 14:42:19 -06:00
bwatters-r7 0308f46f74 Stage cmd payloads to a file before executing 2024-11-08 19:27:58 -06:00
Spencer McIntyre e709a18128 Merge pull request #19404 from bwatters-r7/smb2http_relay 
SMB to NTLM HTTP Relay with ESC8 module
 2024-11-05 14:12:08 -05:00
bwatters-r7 be21e2d4c6 Switch print to call out available templates 2024-11-04 13:37:23 -06:00
sjanusz-r7 68ec0c82f1 TeamCity: Lint 2024-11-04 16:58:32 +00:00
sjanusz-r7 386441d3d2 TeamCity: Consolidate HTTP TeamCity into module 2024-11-04 16:33:29 +00:00
sjanusz-r7 7c1692cb84 TeamCity: Modify authors 2024-11-04 16:33:28 +00:00
sjanusz-r7 cba8962d29 Add JetBrains TeamCity HTTP Login Scanner 2024-11-04 16:33:28 +00:00
Spencer McIntyre 006ed90f1c Move the ESC8 module and document the attack 2024-11-04 09:37:12 -05:00
Spencer McIntyre 7d8baee574 Add some error handling and more logging 2024-11-04 09:37:12 -05:00
Spencer McIntyre 316a967414 Update the ESC8 module for the new changes 2024-11-04 09:37:08 -05:00
Spencer McIntyre 3b0195918c Merge pull request #19529 from NtAlexio2/pipe_dcerpc_auditor_rport 
Allow settings the RPORT option for pipe_dcerpc_auditor
 2024-11-01 11:11:45 -04:00
dwelch-r7 1bfa0755a8 Land #19518, Add support for RISC-V 32-bit / 64-bit Little Endian payloads 2024-11-01 11:18:30 +00:00