adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,481 Commits 27 Branches 1,043 Tags
94e5e49052d4f0f165a3220a488ec33a53b082a2
Commit Graph

1967 Commits

Author SHA1 Message Date
Christophe De La Fuente 2970c99471 Use binread instead 2024-11-18 15:32:08 +01:00
Christophe De La Fuente 7c512b7054 Read the certificate in binary mode 2024-11-18 15:11:36 +01:00
Christophe De La Fuente ae213813b5 Updates from code review 2024-10-22 14:41:02 +02:00
Spencer McIntyre 8e38010d6e Add an ESC15 template 2024-10-17 11:23:31 -04:00
jheysel-r7 05ff8359b8 Merge pull request #19436 from h4x-x0r/CVE-2024-6670 
WhatsUp Gold SQL Injection (CVE-2024-6670) Module
 2024-09-26 17:04:30 -04:00
h4x-x0r c20b1d8a03 minor fixes 
minor fixes
 2024-09-26 04:01:36 +01:00
jheysel-r7 d11c2be4ea Merge pull request #19375 from h4x-x0r/CVE-2024-20419 
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419) Module
 2024-09-24 12:19:54 -04:00
Jack Heysel f254eeb65e Added error handling 2024-09-23 14:16:26 -07:00
h4x-x0r 322188a112 Refactoring 
Refactored code to remove duplicate requests
 2024-09-23 13:29:46 +01:00
h4x-x0r 05f591d005 Cleanup and check method added 
Cleanup and check method added
 2024-09-12 15:43:20 +01:00
h4x-x0r 75627ccba7 Update whatsup_gold_sqli.rb 2024-09-02 15:45:45 +01:00
h4x-x0r fdd740b235 cleanup 
cleanup
 2024-09-02 15:44:27 +01:00
h4x-x0r 64f595c431 cleanup, version check, documentation 
cleanup, version check, documentation
 2024-09-02 15:41:08 +01:00
h4x-x0r 686da13ff5 WhatsUp Gold SQL Injection (CVE-2024-6670) 
WhatsUp Gold SQL Injection (CVE-2024-6670)
 2024-09-02 16:09:10 +01:00
bwatters 4af2294709 Land #19386, Ivanti Virtual Traffic Manager (vTM) Authentication Bypass (CVE-2024-7593) Module 
Merge branch 'land-19386' into upstream-master
 2024-08-27 09:39:10 -05:00
bwatters 84431b0a4e Land #19380, Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Merge branch 'land-19380' into upstream-master
 2024-08-26 18:09:09 -05:00
h4x-x0r 3f3690bebb code cleanup 
code cleanup
 2024-08-19 21:17:16 +01:00
h4x-x0r 9690f01df6 code cleanup 
code cleanup
 2024-08-19 16:25:50 +01:00
h4x-x0r 82f51bb9b7 code cleanup 
code cleanup
 2024-08-16 15:43:34 +01:00
h4x-x0r 5a94869809 cleanup 
cleanup
 2024-08-16 14:12:41 +01:00
h4x-x0r 3577ae8ffb Code cleanup 
Code cleanup
 2024-08-16 13:57:38 +01:00
h4x-x0r 8ad328a510 Code cleanup 
Code cleanup
 2024-08-16 07:07:16 +01:00
h4x-x0r 947cefe43a Fixed get_cookies 
Fixed get_cookies
 2024-08-14 17:42:11 +01:00
h4x-x0r 765e9b9ae4 Improved error handling 
Improved error handling
 2024-08-14 17:25:36 +01:00
h4x-x0r ea2b5920ac cleanup 
cleanup
 2024-08-14 06:44:43 +01:00
h4x-x0r 9c72a85134 Verified more versions 
Verified exploit against more affected versions
 2024-08-14 06:33:45 +01:00
h4x-x0r 75201b0892 Updated references 
references, affected versions, credits
 2024-08-14 05:15:36 +01:00
h4x-x0r 7bfc386973 Updated 
added error handling, documentation, version check, store_valid_credential
 2024-08-14 04:57:08 +01:00
h4x-x0r be62cc97a7 Auth Bypass 
Auth Bypass
 2024-08-14 02:00:06 +01:00
h4x-x0r 17149db5a3 code cleanup 
code cleanup
 2024-08-13 23:23:35 +01:00
h4x-x0r b96bc116f5 Code cleanup 
Code cleanup
 2024-08-13 23:18:26 +01:00
h4x-x0r c53e5d3c4e Code cleanup and added store_valid_credential 
added store_valid_credential
code cleanup
 2024-08-13 23:12:50 +01:00
h4x-x0r 733e2ab9fc Added store_valid_credential 
Added store_valid_credential
 2024-08-13 23:00:13 +01:00
h4x-x0r 14e4a11d24 Added store_valid_credential 
Added store_valid_credential
 2024-08-13 20:54:56 +01:00
h4x-x0r 26d6347919 Code cleanup 
Code cleanup
 2024-08-11 06:15:24 +01:00
h4x-x0r 5fa18a66ee Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module 
Control iD iDSecure Authentication Bypass (CVE-2023-6329) Module
 2024-08-11 05:41:07 +01:00
h4x-x0r 8a72124e9d Code cleanup and error handling added 
Code cleanup and error handling added
 2024-08-09 21:11:20 +01:00
h4x-x0r 4384d32c83 Cisco SSM On-Prem Account Takeover (CVE-2024-20419) 
Cisco SSM On-Prem Account Takeover (CVE-2024-20419)
 2024-08-09 18:59:54 +01:00
h4x-x0r 8bef9b5f72 Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276) 
Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
 2024-08-08 17:52:38 +01:00
adfoster-r7 62a3f73e70 Update rubocop target ruby version 2024-07-24 16:47:17 +01:00
Dean Welch 7cdea94000 Convert ldap modules to use the new ldap session type 2024-05-15 15:12:51 +01:00
Dean Welch e693b9588c Update ldap modules to support an ldap session 2024-05-15 15:12:51 +01:00
Dean Welch df32ce2db9 Add ldap query support to the ldap session 2024-05-15 15:12:51 +01:00
Spencer McIntyre 733c014223 Land #19115, read/write registry key SD 
Module to read/write registry key security descriptor remotely
 2024-05-13 15:41:54 -04:00
Christophe De La Fuente f1ee10f486 Code review #2 2024-05-13 12:01:54 +02:00
Spencer McIntyre bef50de25a Update error handling for some LDAP modules 2024-05-08 16:40:34 -04:00
adfoster-r7 4c84f8830f Land #18907, add mssql_version module 2024-05-03 14:33:35 +01:00
Christophe De La Fuente 6849e909d0 Code review 
- remove `#auxiliary_commands`, it is not necessary anymore
- move the connection logic to a separate method
- make sure the connection to Winreg is setup when using direct `read`
  and `write` commands
- fix wrong method call to `save_to_file`
 2024-04-30 20:57:32 +02:00
Christophe De La Fuente 91be90c43e Add registry_security_descriptor module and documentation 2024-04-30 20:57:32 +02:00
Dean Welch 1c8a4706d7 Fix recursive call to ldap_open 2024-04-26 12:33:43 +01:00