adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,213 Commits 27 Branches 1,043 Tags
d020b2fb5fa3c19360bff5d694e5446d6f331bd4
Commit Graph

17694 Commits

Author SHA1 Message Date
William Vu 48f743a9f2 Change CVE reference to NVD and add AKB reference 2021-04-03 12:56:26 -05:00
Jeffrey Martin 97a1871715 Land #14988, fix rails 5 bug for password cracker custom_wordlists 2021-04-01 16:01:23 -05:00
h00die a8da6aedd9 fix rails 5 bug for wordlist 2021-04-01 13:49:21 -04:00
Metasploit 93f36f8f7a Bump version of framework to 6.0.39 2021-04-01 12:04:32 -05:00
adfoster-r7 838cf3afe8 Land #14937, Improves performance of show command 2021-03-30 18:20:08 +01:00
cgranleese-r7 9485834219 Corrects the count, so tables will start at zero 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-03-30 17:42:09 +01:00
Spencer McIntyre 48e120d4e9 Fix a bug from a missed reference and update the rex-socket gem 2021-03-29 13:56:25 -04:00
Spencer McIntyre 35106f7b99 Wire in the new RangeWalker improvements 2021-03-29 13:56:25 -04:00
Grant Willcox 80ae750df5 Land #14697, Add Nagios XI mixin and auxiliary scanner module and docs 2021-03-26 18:12:16 -05:00
kalba-security 514f97f4fe Fix bug in nagios_xi_version regex 2021-03-26 14:18:25 -04:00
kalba-security 83e31aeaa4 Use safe navigation operator for get_nsp regex 2021-03-26 13:44:17 -04:00
Grant Willcox 9039b5687f Fix up version regex and also fix a description to be a little more accurate 2021-03-26 11:57:03 -05:00
Grant Willcox 1dbf1656d3 Update to introduce wrapping on some comments and also to fix up the CVE output a bit 2021-03-26 11:46:51 -05:00
cgranleese-r7 975e41d521 Adds a new method to use metadata cache for show command 2021-03-26 15:08:29 +00:00
Spencer McIntyre 006faaab9a Land #14924, Add auxiliary and exploit modules for CVE-2020-6207 in SAP Solution Manager 2021-03-25 17:48:56 -04:00
Alan Foster 2e92bd1227 Fix switching between pry and irb 2021-03-25 20:08:26 +00:00
kalba-security 65b35e4e6a Remove unnecessary empty check for nagios_rce_version_prior hash 2021-03-25 15:06:27 -04:00
kalba-security 122dbbea1e Add additional supported modules. Align results when printing in scanner. 2021-03-25 15:01:05 -04:00
kalba-security 6d1986e8ca Avoid mixing return types in login.rb 2021-03-25 14:13:55 -04:00
Metasploit 9033dd19bc Bump version of framework to 6.0.38 2021-03-25 12:04:45 -05:00
kalba-security 707f163e15 Avoid type mixing as much as possible, add other feedback from code review 2021-03-25 11:19:31 -04:00
Vladimir Ivanov 0487e451cf Updated payload 
Updated make_rce_payload, renamed get_agent_os to check_agent in lib sap_sol_man_eem_miss_auth.rb
Updated action_ssrf, action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command, exploit in exploit module cve_2020_6207_solman_rs.rb
 2021-03-25 14:20:54 +03:00
Vladimir Ivanov 391e013d89 Removed var lhost, lport in exploit module cve_2020_6207_solman_rs.rb 
Changed fail reason if agent_name is nil in lib sap_sol_man_eem_miss_auth.rb
 2021-03-25 11:26:14 +03:00
Grant Willcox 0905202e6c Land #14878, Wrap loader to enable tweaks 2021-03-24 11:22:48 -05:00
Vladimir Ivanov 924f7feb76 Updated Arch in the exploit module cve_2020_6207_solman_rs.rb 
Corrected by rubocop library sap_sol_man_eem_miss_auth.rb
 2021-03-24 16:26:01 +03:00
Vladimir Ivanov abe8c73be9 Added get_agent_os in lib sap_sol_man_eem_miss_auth.rb 2021-03-24 16:03:20 +03:00
dwelch-r7 a9d38ecc15 Land #14430, Add warnings for no db connection while using uuid tracking 2021-03-24 12:12:18 +00:00
Vladimir Ivanov 567f78c532 Update PAYLOAD_XML, check_response in lib sap_sol_man_eem_miss_auth.rb 
Delete class var agents in auxiliary and exploit modules
 2021-03-24 11:21:57 +03:00
Vladimir Ivanov ce8a3eea12 Update check_response in lib sap_sol_man_eem_miss_auth.rb 2021-03-23 23:57:40 +03:00
Vladimir Ivanov 2c18435e6e Update pretty_agents_table in lib sap_sol_man_eem_miss_auth.rb 
Change output in auxiliary and exploit modules
 2021-03-23 23:00:34 +03:00
Grant Willcox 7580100964 Land #14938, Add time command 2021-03-23 14:35:24 -05:00
Vladimir Ivanov 81a22503d9 Update enable_eem, script_action in lib sap_sol_man_eem_miss_auth.rb 2021-03-23 22:20:46 +03:00
Grant Willcox 26055e12ff Land #14934, Fix encoding issues when downloading a utf-8 directory directly within Meterpreter 2021-03-23 14:04:41 -05:00
Tim W 95c384c0cb fix downloading utf-8 file into a ascii name 2021-03-23 17:35:25 +00:00
Alan Foster 9bb8eaaded Add time command 2021-03-23 16:45:29 +00:00
Vladimir Ivanov 4399fa73fc Update make_rce_payload, make_soap_body in lib sap_sol_man_eem_miss_auth.rb 
Update rce command in auxiliary module cve_2020_6207_solman_rce.rb
 2021-03-23 19:02:59 +03:00
Vladimir Ivanov d5ac1f8078 Update make_ssrf_payload, make_rce_payload, make_soap_body in lib sap_sol_man_eem_miss_auth.rb 2021-03-23 17:41:06 +03:00
Vladimir Ivanov 70a46d411e Update make_agents_array in lib sap_sol_man_eem_miss_auth.rb 2021-03-23 16:18:27 +03:00
Spencer McIntyre 79967f2179 Land #14844, Move on_session_open event to after the session has been bootstrapped 2021-03-23 08:50:18 -04:00
dwelch-r7 88f9f926f2 Remove duplicate event 2021-03-23 11:42:26 +00:00
Vladimir Ivanov d76224066f Rename option URIPATH to TARGETURI 2021-03-23 13:33:39 +03:00
Vladimir Ivanov 113dce79de Move lib/metasploit/framework/sap_solman/client.rb to lib/msf/core/exploit/remote/http/sap_sol_man_eem_miss_auth.rb 2021-03-23 13:20:27 +03:00
Tim W afecde20d5 Fix #14888, fix downloading a utf-8 directory directly 2021-03-22 22:16:32 +00:00
Alan Foster d63ff8a559 Fix search command for single characters 2021-03-22 19:02:31 +00:00
Vladimir Ivanov 4738bcc3c4 Correct style in client.rb 2021-03-22 13:10:50 +03:00
Vladimir Ivanov 42726a70c0 client.rb - library for auxiliary and exploit modules 
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
 2021-03-21 16:51:21 +03:00
Grant Willcox 2126caf6a7 Land #14917, Add sort by category and reverse search results flags to the search command 2021-03-19 15:29:57 -05:00
Grant Willcox 9713402caf Add in more documentation to the help output, add support for searching by if modules have a check method or not, and support outputting an appropriate error message if the -s option is used with an invalid parameter 2021-03-19 15:01:58 -05:00
pingport80 332a076cec define sort, sort_options and desc 2021-03-19 15:01:56 -05:00
pingport80 bdf87c8080 add missing end 2021-03-19 15:01:56 -05:00