adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,113 Commits 27 Branches 1,043 Tags
d2ed326b16ff5dc8f95633e287c19eb467c5ac6c
Commit Graph

3522 Commits

Author SHA1 Message Date
msutovsky-r7 ea51c45bf5 Land #20859, breaks up utils/exe.rb into separated files 
utils/exe.rb break-up
 2026-02-20 12:41:15 +01:00
Diego Ledda 81e54d42e4 Merge pull request #20856 from msutovsky-r7/exploit/cve-2026-21858 
Adds module for Ni8mare (CVE-2026-21858)
 2026-02-16 10:06:14 -05:00
msutovsky-r7 7e03a89304 Land #20798, adds module for FreeBSD rtsold/rtsol command injection (CVE-2025-14558) 
Add module for rtsold/rtsol DNSSL Command Injection (CVE-2025-14558)
 2026-02-13 10:57:03 +01:00
jheysel-r7 4adf87ac18 Merge pull request #20929 from jheysel-r7/feat/mod/cve-2026-24061 
GNU Inetutils Telnet Auth Bypass (CVE-2026-24061)
 2026-02-11 11:12:29 -08:00
JohannesLks 9512135c84 Merge branch 'master' into rtsold_dnssl_cmdinject 2026-02-10 16:19:53 -05:00
JohannesLks 53b4f2921d chore: lint 2026-02-10 14:58:33 -05:00
JohannesLks b59dfdf352 Refactor rtsold: move RA methods to ipv6.rb 
. Move packet building to library, fix link-local address usage, and add CheckCode message.
 2026-02-10 14:41:12 -05:00
Martin Sutovsky fc0257bcad Adds default fmt argument to to_executable in msf/core/exploit/exe, comments refactor, adds to_win32pe_dll 2026-02-10 11:52:43 +01:00
Christophe De La Fuente c02ac3920d Reapply "Vulnerability Report Enhancement" 
This reverts commit c35537252f.
 2026-02-10 09:46:37 +00:00
Simon Janusz db064a4f49 Merge pull request #20895 from rudraditya21/fixed/ldap-entry-cache-misses 
added: negative caching for LDAP lookup misses
 2026-02-06 13:15:57 +00:00
msutovsky-r7 0a5eb04be1 Removes puts 2026-02-04 11:59:41 -05:00
Martin Sutovsky 6a1babf6c3 Updates docs, fixes JWT, module cleanup 2026-02-04 12:40:41 +01:00
Martin Sutovsky dbe8b5574f Updates JWT 2026-02-04 07:52:21 +01:00
Rudraditya Thakur 366bc5335b updated: ldap_entry_cache var with max_size argument 2026-02-04 11:22:36 +05:30
Jack Heysel a868bc95b2 GNU Inetutils Telnet Auth Bypass 2026-02-03 17:45:59 -08:00
Martin Sutovsky 9a18fcf49b Fixes JWT payload and base64 encoding 2026-02-02 14:13:51 +01:00
Martin Sutovsky a6e750518d Fixes basic JWT encoding, code refactors, add better failure codes and messages 2026-02-02 11:17:26 +01:00
Martin Sutovsky 32eaa4e80b Adds base for JWT signing 2026-02-02 08:05:32 +01:00
Brendan e7f8b07476 Merge pull request #20882 from karanabe/icpr_cert-rsa-keysize 
Add RSAKeySize option to satisfy AD CS template minimums
 2026-01-30 15:56:58 -06:00
Rudraditya Thakur 0dcebd7ef3 added: max_size as word argument 2026-01-30 21:29:30 +05:30
Rudraditya Thakur 7134f7ab06 added: negative caching for LDAP lookup misses 2026-01-25 10:13:32 +05:30
karanabe 2e1d688659 Use OptEnum for RSA key size options 2026-01-23 16:22:13 +09:00
Spencer McIntyre c0e9288ac5 Merge pull request #20799 from jheysel-r7/feat/cacti_graph_template_rce 
Cacti Graph Template Authenticated RCE [CVE-2025-24367]
 2026-01-22 14:26:38 -05:00
Spencer McIntyre 18a4cf8c00 Use the ssl setting for HttpServer#start_service 2026-01-22 13:49:28 -05:00
Jack Heysel 34cebd1453 Update CheckCode messaging 2026-01-22 15:03:32 +01:00
Jack Heysel 99e032f4af SmarterTools SmarterMail Unauth File Upload RCE [CVE-2025-52691] 2026-01-22 15:03:30 +01:00
adfoster-r7 5ba95b5def Merge pull request #20888 from jheysel-r7/fix/bad_successor_service_auth_fix_2 
Fixes the base service authenticator for BadSuccessor
 2026-01-21 11:37:28 +00:00
jheysel-r7 c47a74d0dd Merge pull request #20770 from vognik/Splunk_2022-43571_CVE-2024-36985 
Add Splunk RCE Exploits (CVE-2022-43571 & CVE-2024-36985)
 2026-01-20 12:36:51 -08:00
Jack Heysel e3e388d57d Fixes the base service authenticator for BadSuccessor 2026-01-20 09:24:36 -08:00
vognik 9e320dd168 add suggestions from @jheysel-r7 2026-01-19 18:45:01 -08:00
jheysel-r7 eb49dade6f Merge pull request #20755 from rudraditya21/feature/kerberos-clock-skew 
Added: Option to adjust kerberos clock
 2026-01-19 10:00:54 -08:00
karanabe 61c1b8280f Add configurable RSA key size for ICPR 2026-01-18 20:21:55 +09:00
Jack Heysel 4b610957ce Fix Kerberos Base Service Authenticator 2026-01-16 12:31:34 -08:00
Spencer McIntyre 658c251b66 Merge pull request #20472 from jheysel-r7/feat/mod/badsuccessor 
Add BadSuccessor dMSA Privilege Escalation in Windows 2025
 2026-01-14 15:43:35 -05:00
Jack Heysel c1023fd62a Add BadSuccessor dMSA Privilege Escalation in Windows 2025 2026-01-14 12:34:45 -08:00
Rudraditya Thakur 4fbc647903 fixed: merge conflict 2025-12-28 23:41:36 +05:30
Rudraditya Thakur 8342493b3b Merge branch 'rapid7:master' into feature/kerberos-clock-skew 2025-12-28 23:16:27 +05:30
adfoster-r7 34ceae4e2c Add autocheck report_vuln logic 2025-12-22 13:09:32 +00:00
vognik 9fbf4e1d67 replace vprint_status with print_status in login.rb module 2025-12-18 08:59:55 -08:00
vognik 59dc9dd59c fix error handling 2025-12-17 09:57:03 -08:00
vognik 6d059bd62e improve csrf token parsing 2025-12-17 09:53:28 -08:00
vognik 1d4b8ce10e add pagination support to get_apps function 2025-12-16 10:03:08 -08:00
cgranleese-r7 c35537252f Revert "Vulnerability Report Enhancement" 2025-12-15 12:40:02 +00:00
Spencer McIntyre 3dc70b751a Report the ICertPassage protocol using the new API 2025-12-15 12:36:51 +01:00
vognik 35dd55159d extracted get_apps url into uris.rb 2025-12-13 11:35:25 -08:00
vognik ebd736272f fix variables naming 2025-12-13 11:21:08 -08:00
vognik b35c8b3926 remove unused function calls 2025-12-12 20:31:14 -08:00
vognik ee404d9453 add splunk modules (cve-2022-43571 and cve-2024-36985) 2025-12-12 13:16:57 -08:00
Rudraditya Thakur c49a376280 added: Option to adjust kerberos clock (issue-> #20587) 
- Added KrbClockSkew advanced option and parser to offset Kerberos timestamps
- Propagate skew through Kerberos client/authenticators (LDAP/SMB/HTTP/WinRM/MSSQL) and scanners
- Updated docs for new option and extended kerberos client specs for clock skew handling
- Clean up kerberos client error handling/style per rubocop
 2025-12-08 01:47:51 +05:30
Diego Ledda d66e93afc0 Merge pull request #20658 from jheysel-r7/feat/mod/cert_details_update 
Add Updates to LDAP ESC Vulnerable Cert Finder
 2025-12-05 10:55:52 -05:00