09bb0337d1
Merge pull request #20997 from Nayeraneru/OptTD
...
Introduce OptTimedelta
2026-03-17 18:41:42 -04:00
3768efbacc
Improve payload size generation script
2026-03-16 22:06:39 +00:00
c882d91155
Merge pull request #21025 from Hemang360/cookie-jar-doc-fix
...
Fix HttpCookie integer conversion and cookie jar docs
2026-03-13 00:08:13 +00:00
e6ee6a7c94
Land #20961 , adds service reporting to Wordpress mixin
...
Update Wordpress Mixin to log services
2026-03-10 09:05:05 +01:00
628275ef59
Revert "This adjusts module options that need a routable address"
2026-03-08 17:37:49 +00:00
c87d6519da
Add linting rule
2026-03-03 09:34:49 -05:00
4b363017ef
minor change for CI
2026-03-03 06:24:42 +02:00
7545328be1
Linting
2026-03-02 15:02:56 +00:00
1a4ae7bfa3
Fix broken module url references
2026-03-02 14:35:48 +00:00
b2500442fe
Fix cookie jar documentation examples and add test
2026-02-27 15:01:16 +05:30
62a466cbed
Land #20819 , adds WSL startup folder persistence module
...
wsl startup folder persistence
2026-02-24 07:59:11 +01:00
e6452f5879
hashing adjustment
2026-02-24 03:15:08 +02:00
8fb5e4fcad
Update spec/lib/msf/core/exploit/http/wordpress/version_spec.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2026-02-24 02:52:46 +02:00
d069cba900
Update Wordpress Mixin to log services
2026-02-23 13:31:32 +01:00
ce2e23ccef
add OptTimedelta datastore option and remove Kerberos-specific clock skew parsing
2026-02-20 22:28:05 +02:00
8b58c62375
Merge pull request #20807 from webbsssss/fix/acunetix-vulnerability-import
...
Fix #17932 : Allow Acunetix vulnerabilities to be imported without complete web_page data
2026-02-13 15:25:54 +00:00
f111ccc5ec
Add working Acunetix import tests
2026-02-13 14:50:18 +00:00
dc2ef2ed77
Update specs after code review
2026-02-10 09:46:37 +00:00
c02ac3920d
Reapply "Vulnerability Report Enhancement"
...
This reverts commit c35537252f
2026-02-10 09:46:37 +00:00
f41eda1128
Add GHSA and OSV reference type support
...
Add support for GHSA (GitHub Security Advisories) and OSV (Open Source
Vulnerabilities) as structured reference types in Metasploit modules.
Convert 49 hardcoded GHSA URLs to structured ['GHSA', 'GHSA-xxxx'] format
across existing modules, and add support for repository-specific GHSA
references with an optional third parameter ['GHSA', 'GHSA-xxxx', 'repo'].
Update reference validation, module validator, and info_fixups to handle
the new reference types correctly.
2026-02-09 15:17:23 +01:00
8af6bae699
Merge pull request #20906 from rudraditya21/fix/ssh-cmd-exec-trailing-newlines
...
Fix SSH command shells dying on cmd_exec with trailing newline
2026-02-09 12:25:11 +00:00
db064a4f49
Merge pull request #20895 from rudraditya21/fixed/ldap-entry-cache-misses
...
added: negative caching for LDAP lookup misses
2026-02-06 13:15:57 +00:00
674934d6d9
fixed: entry cache spec
2026-02-06 17:11:09 +05:30
5e43beca60
Merge pull request #20920 from rudraditya21/fix/cracker-auto-action
...
Handle ACTION=auto with CRACKER_PATH in password crackers
2026-02-03 17:23:49 -05:00
a3dd697f6e
fixed: auto cracker selection with CRACKER_PATH
2026-02-01 21:59:31 +05:30
6fedaeefc6
Merge pull request #20909 from adfoster-r7/align-login-scanner-apis
...
Align login scanner APIs
2026-01-29 15:29:12 +00:00
e70483b785
Rubocop
2026-01-29 14:13:18 +00:00
7d81b1aecb
Align login scanner APIs
2026-01-28 16:56:52 +00:00
5f0ada0c64
fixed: ssh cmd_exec newline handling in command shells
2026-01-27 09:43:55 +05:30
f4e67b6455
Mark additional flakey socket tests
2026-01-26 21:11:13 +00:00
7134f7ab06
added: negative caching for LDAP lookup misses
2026-01-25 10:13:32 +05:30
81bc7640f0
Add missing option KrbClockSkew to specs
2026-01-20 18:16:19 +01:00
eb49dade6f
Merge pull request #20755 from rudraditya21/feature/kerberos-clock-skew
...
Added: Option to adjust kerberos clock
2026-01-19 10:00:54 -08:00
bb07207b9b
Merge pull request #20861 from bcoles/post-linux-system-get_hostname
...
Post::Linux::System.get_hostname: Use session sysinfo if available
2026-01-17 19:38:21 +00:00
350a39c274
Bump mettle
2026-01-16 13:04:57 +00:00
6ae361b103
Merge pull request #20868 from adfoster-r7/fix-udp-sockets-for-php-meterpreter
...
Fix UDP sockets for PHP meterpreter
2026-01-15 15:09:26 -05:00
7f90e1f6a0
Resove method undefined issue
2026-01-15 16:32:46 +00:00
67e279ef8c
Fix UDP sockets for php meterpreter
2026-01-15 16:31:16 +00:00
e245298fc2
Add Linux ARM chmod payloads
2026-01-14 01:04:22 +11:00
385c4f9896
Merge pull request #20733 from bcoles/linux-riscv-tcp-bind-shell
...
Add Linux RISC-V 32-bit/64-bit TCP bind shell payloads
2026-01-05 06:38:23 -05:00
0dee8a82b8
Merge pull request #20734 from bcoles/linux-riscv-command-payload-adapters
...
Add Linux RISC-V command payload adapters
2026-01-05 05:06:21 -05:00
8342493b3b
Merge branch 'rapid7:master' into feature/kerberos-clock-skew
2025-12-28 23:16:27 +05:30
e97c23ca16
wsl startup folder persistence
2025-12-28 11:15:04 -05:00
3fc047db5d
fix: Allow Acunetix vulnerabilities to be imported without complete web_page data ( #17932 )
2025-12-24 22:47:37 +05:30
d4eba39b1d
Merge pull request #20800 from adfoster-r7/add-autocheck-vulnerability-logic
...
Add autocheck report_vuln logic
2025-12-22 15:58:18 -05:00
34ceae4e2c
Add autocheck report_vuln logic
2025-12-22 13:09:32 +00:00
17ea7f0e53
fix: remove ppc meterpreter from payloads_spec
2025-12-16 11:19:45 +01:00
c35537252f
Revert "Vulnerability Report Enhancement"
2025-12-15 12:40:02 +00:00
40ac35c02a
Vulnerability Report enhancement
...
- update `#report_service` and `#report_vuln`
- update vulnerability report when a session is established
- update CheckCode and `#cmd_check` to report a vulnerability when
Vulnerable checkcode is returned
- update `vulns` and `services` commands to display the `resource` and
parent services
- specs
2025-12-15 12:36:50 +01:00
1523d01a8d
Merge pull request #20759 from zeroSteiner/fix/ldap-acceptance/1
...
Drop the ldap_esc_vulnerable_cert_finder tests
2025-12-11 16:30:26 +00:00
Spencer McIntyre