adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,675 Commits 27 Branches 1,043 Tags
c8c91fcaf321876fcdae2cfd5ea4aa7ed7718fa9
Commit Graph

2625 Commits

Author SHA1 Message Date
Spencer McIntyre da1e4853b8 Land #16317, Free UDP ports after use 2022-03-17 16:39:09 -04:00
Grant Willcox ce062973cb Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations. 2022-03-17 11:29:05 -05:00
Grant Willcox c1d6dced8d Update library code to read exchange versions from exchange_versions.json and populate exchange_versions.json with initial info 2022-03-17 11:29:01 -05:00
Grant Willcox 419c9ea554 Fix review comments to simplify regex, and also add in new is_exchange? function to check if a target is running Exchange Server or not. 2022-03-17 11:29:00 -05:00
Grant Willcox 1f53e9d1c4 Rubocop and fix a mistake on commenting too much of the code out from testing 2022-03-17 11:29:00 -05:00
Grant Willcox 269cd5cfed Add in Exchange Version mixin and module example 2022-03-17 11:28:53 -05:00
Ashley Donaldson 7fe9d0b2b6 Don't start the DNS server twice 2022-03-17 08:02:31 +11:00
adfoster-r7 a62ca2259e Land #16316, deref services correctly 2022-03-11 12:08:42 +00:00
Ashley Donaldson d5373a7278 Removed redundant cleanup calls which exploit_driver will call anyway 2022-03-11 12:08:51 +11:00
Ashley Donaldson 6f159fa54e Consistent handling of DNS and LDAP servers wrt ServiceManager 2022-03-10 11:01:37 +11:00
Ashley Donaldson 9761d68c19 Rename stop_service to cleanup_service for services that use reference counting 2022-03-10 10:28:25 +11:00
Ashley Donaldson c9d43aafe6 Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity 2022-03-10 09:06:25 +11:00
adfoster-r7 3b524360ed Explicitly specify server/client versions, fix logger crash, and specify jtr format 2022-03-09 01:37:22 +00:00
adfoster-r7 22f88f9ab7 Add docs 2022-03-08 23:52:24 +00:00
adfoster-r7 6f2a7d6167 Add note that SMB v1 is not supported 2022-03-08 23:52:24 +00:00
adfoster-r7 53772fa366 Gracefully handle relay host timeout, fix typos, and move SMBHashCapture location 2022-03-08 23:52:24 +00:00
adfoster-r7 bcb0850e07 Rename SMBHOST 2022-03-08 23:52:23 +00:00
adfoster-r7 144fc5eddf Add smarter targetlist support 2022-03-08 23:52:23 +00:00
adfoster-r7 25265c7a7b Linting 2022-03-08 23:52:23 +00:00
adfoster-r7 3e68e298a1 Add targets 2022-03-08 23:52:23 +00:00
adfoster-r7 e02021ee91 Fix database cred reporting and error handling 2022-03-08 23:52:23 +00:00
adfoster-r7 507b1dab2b Apply PR feedback 2022-03-08 23:52:22 +00:00
adfoster-r7 b4fe2502aa Update smb_relay to support smb 2 and smb3 2022-03-08 23:52:22 +00:00
adfoster-r7 ad2fab6fee Land #16153, read full response on smtp send/recv 2022-03-04 01:24:46 +00:00
Spencer McIntyre 6be3443680 Land #16103, LPE in polkit's pkexec (CVE-2021-4034) 2022-03-03 09:24:11 -05:00
bwatters 06e897436c Add Fedora results to docs and some minor final cleanup 2022-03-02 09:12:01 -06:00
bwatters 0081811c52 Land #16185, Firefox CVE-2020-26950 use after free browser exploit 
Merge branch 'land-16185' into upstream-master
 2022-02-28 14:38:23 -06:00
Jeffrey Martin abe55c8f91 raise RuntimeError on incomplete or extra data 2022-02-24 14:02:44 -06:00
Tim W 480c44e9cb refactor DEBUG_EXPLOIT code into mixin 2022-02-16 11:38:04 +00:00
bwatters 0239ef1cc6 Land #16117, Updates for Log4Shell 2022-02-15 16:39:00 -06:00
adfoster-r7 18b4ce8a13 Update replicant pattern to increment refs 2022-02-15 16:08:35 +00:00
Jeffrey Martin af3fa09896 refactor smtp delivery to support continuation 
When dealing with SMTP servers the communication needs to flow
a known protocol. To ensure the socket is in the correct state
after a send and receive it needs to be read until a line return
a response code followed by a `space` and additional data and `\r\n`
or the response code immediately followed by `\r\n` is returned.
 2022-02-14 16:55:49 -06:00
Tim W a13ae3882b Land #16174, fix specifying the mode on File.read for ruby 3 on multiple modules 2022-02-13 12:08:13 +00:00
alanfoster 395ab1d77e Specify mode rb on file reads 2022-02-12 21:39:12 +00:00
Jeffrey Martin 5bc60f5bf7 clear any additional response on smtp connect 
When connecting to an SMTP server after `HELO` and auth
complete there can be additional data sent from the client
that sits in the socket queue. Adding a `get_once` after connection
has settled ensure any pending for extension responses are cleared.
 2022-02-10 14:25:05 -06:00
bwatters 9635fde12d Add support and templates for aarch64 targets 2022-02-10 10:49:02 -06:00
Jake Baines 9758251278 Initial commit of CVE-2021-37343 2022-02-05 18:21:18 -08:00
Spencer McIntyre 965493191f Add and use a Log4Shell mixin 2022-02-03 16:09:49 -05:00
Redouane NIBOUCHA 51814a4a8b Refactor the code, using if(CONDITION,sleep(...),0) only 2022-01-30 23:49:07 +00:00
Redouane NIBOUCHA e329d78a46 Use = instead of <> for blind queries (fixes some wordpress plugin SQLis) 2022-01-30 23:01:08 +00:00
Spencer McIntyre d46822184f Updates for Log4Shell 2022-01-28 14:56:44 -05:00
Spencer McIntyre dd2d512851 Support session -1 for ListenerComm options 2022-01-24 11:42:39 -05:00
bwatters 4cf3ae352c Land #16050, Log4Shell: vCenter RCE 
Merge branch 'land-16050' into upstream-master
 2022-01-19 16:30:33 -06:00
space-r7 383ada6ae2 Land #16016, fix RHOSTS in dcerpc scanner 2022-01-13 13:15:24 -06:00
Spencer McIntyre 7b1398f0ae Allow overriding check module datastore options 2022-01-13 11:51:39 -05:00
Spencer McIntyre 62a814fa59 Refactor Log4shell exploit code into reusable bits 2022-01-13 09:45:02 -05:00
Spencer McIntyre e093154865 Refactor the BeanFactory gadget code 2022-01-12 16:58:31 -05:00
space-r7 199eae5e99 Land #16012, add pi-hole aux module and lib 2022-01-12 09:21:11 -06:00
bwatters f17d460a7a Remove now unused deregister_tcp_options method 2022-01-06 15:48:24 -06:00
h00die 990e4a1e7a pihole new module and lib 2022-01-02 11:48:41 -05:00