7bab1c1980
Fix specs and add algorithm argument
2024-11-18 17:17:58 +01:00
96f6f66429
Land #19550 , Fix username/password generation in case both PASSWORD_SPRAY and USER_AS_PASS are enabled
2024-11-06 13:56:05 +00:00
e709a18128
Merge pull request #19404 from bwatters-r7/smb2http_relay
...
SMB to NTLM HTTP Relay with ESC8 module
2024-11-05 14:12:08 -05:00
316a967414
Update the ESC8 module for the new changes
2024-11-04 09:37:08 -05:00
b2075e5e6b
Merge pull request #19553 from smashery/offered-etype-fix
...
Only retrieve cached credentials that match the requested KrbOfferedEncryptionTypes
2024-10-28 09:47:26 -04:00
26e041dbfe
Merge pull request #19108 from smashery/new_cmd_exec
...
New process launch API
2024-10-17 00:08:06 +01:00
9972587fef
Handle weird PowerShell edge case
2024-10-16 16:04:39 +11:00
205adfe2fd
Handle edge case in command shell when input contains backslash-quote combination already
2024-10-16 10:26:29 +11:00
0cf227ff00
Change API. Support backwards compatibility for PHP
2024-10-12 14:36:09 +11:00
0ab16ae3af
Fix bug when no arguments are present
2024-10-12 14:36:08 +11:00
d9ed8ec4dc
Rework unix command line based on testing
2024-10-12 14:36:08 +11:00
7d30c67b01
Fix error sending legacy args
2024-10-12 14:36:08 +11:00
85d019cd3c
Handle CommandLineToArgv behaviour
2024-10-12 14:36:08 +11:00
e9f86c4865
Reworked unix create_process, as it was buggy
2024-10-12 14:36:08 +11:00
e0aca71029
Add unix shell to create_process API
2024-10-12 14:36:08 +11:00
72e657a19c
Implement new cmd_exec API for Windows cmd
2024-10-12 14:36:08 +11:00
955c675334
Implement new cmd_exec API for PowerShell
2024-10-12 14:36:08 +11:00
617270265d
Only retrieve cached credentials that match the requested OfferedEncryptionTypes
2024-10-11 16:23:26 +11:00
fa2b7e54a6
Fix unit tests
2024-10-11 08:22:40 +11:00
8c5bead4a0
Added spec to reproduce the username/password generation error in case PASSWORD_SPRAY and USER_AS_PASS are both enabled
...
Added minimal code to fix the issue, extracting the code to generate username:username credentials in the PASSWORD_SPRAY case
2024-10-10 21:15:50 +02:00
a31261ecf2
Revert "Replace Readline with Reline"
2024-10-02 13:15:12 +01:00
10dee226c6
Replace Readline with Reline
2024-09-04 16:39:41 +01:00
604227fb4d
Update rpc compatible modules to handle unknown sessions
2024-07-15 10:38:56 +01:00
1e0db9ec83
Land #10113 , Azure CLI steal tokens post module.
2024-07-03 11:32:04 -04:00
c5717d42d6
MS-9457 Support NO_AUTH_REQUIRED
...
Support the `NO_AUTH_REQUIRED` condition and terminate the scan to avoid further unneeded attempts.
2024-07-02 14:09:01 +02:00
52142f280f
MS-9454 Redis Scanner: Support versions
...
Updating the Redis Login Scanner to properly support all versions of Redis and their implementations to handle the `AUTH` command.
2024-06-28 15:25:49 +02:00
afa973e05e
Fix reids_login scanner when auth is enabled
2024-06-26 13:32:16 +01:00
b4975f6a23
updates to azure cli creds
2024-06-24 17:06:04 -04:00
a6fd6defcb
Escape LDAP query strings
2024-06-18 17:47:56 -04:00
434455757d
tested azure_cli_creds against data files
2024-06-16 20:25:47 -04:00
6dffb3aed5
Update azure_spec.rb
2024-06-07 08:54:17 -04:00
7594a4103c
moving azure_cli_files around and stubbing out content
...
Update azure lib with process_context_contents
Update azure_spec.rb
Update azure.rb
Update azure_spec.rb
Update azure_cli_creds.rb
fix lint warning
add function to print consolehost_history
print_consolehost_history spec updates
fixing azure_cli spec, and errors
2024-06-06 17:31:19 -04:00
adad32d442
Remove redundant 'require' for History Manager specs
2024-06-05 14:05:40 +01:00
91cb94e725
Add _close method to history manager, use generic method for Msf Config history file
2024-06-03 17:23:51 +01:00
82c43c3154
Allow HistoryManager to mock input library history
2024-05-23 17:50:19 +01:00
60c09e5ca3
SQL sessions have correct history manager support
2024-05-23 13:57:31 +01:00
ce49fa4e76
don't show regular option groups when viewing advanced options
2024-05-17 15:47:02 +01:00
0bba494d1d
Fix edgecase in Meterpreter job persistence
2024-05-16 11:16:55 +01:00
7cdea94000
Convert ldap modules to use the new ldap session type
2024-05-15 15:12:51 +01:00
e693b9588c
Update ldap modules to support an ldap session
2024-05-15 15:12:51 +01:00
9e4f958af7
keep ldap connection open for use in a session
2024-05-15 15:12:51 +01:00
3cedb20f75
Add initial ldap session support
2024-05-15 15:12:51 +01:00
b1cd5b3476
Land #19132 , Add LDAPS Channel Binding
...
Add channel binding information to Metasploits NTLM and Kerberos
authentication for the LDAP protocol. This enables users to authenticate
to domain controllers where the hardened security configuration setting
is in place
2024-05-13 11:31:10 -07:00
4233822965
Land #19172 , Adds the features configuration to the debug command output
2024-05-13 12:55:44 +01:00
7ee36ebc29
Adds a test for the new method
2024-05-13 11:19:37 +01:00
2bf402fa52
Add channel binding spec
2024-05-08 16:40:46 -04:00
1b9f24204a
Land #19159 , improve error handling for postgres platform/arch detection
2024-05-08 12:09:36 +01:00
3d044c4241
Fixes an issue were a regex mactch could have returned nil
2024-05-07 16:46:34 +01:00
8c76143a9d
Land #19127 , Ldap signing
2024-05-07 17:28:36 +02:00
4c84f8830f
Land #18907 , add mssql_version module
2024-05-03 14:33:35 +01:00
Christophe De La Fuente