f41eda1128
Add GHSA and OSV reference type support
...
Add support for GHSA (GitHub Security Advisories) and OSV (Open Source
Vulnerabilities) as structured reference types in Metasploit modules.
Convert 49 hardcoded GHSA URLs to structured ['GHSA', 'GHSA-xxxx'] format
across existing modules, and add support for repository-specific GHSA
references with an optional third parameter ['GHSA', 'GHSA-xxxx', 'repo'].
Update reference validation, module validator, and info_fixups to handle
the new reference types correctly.
2026-02-09 15:17:23 +01:00
79e2b844dd
fix: fixing meterpreter template for zarch, removing prepends
2026-01-06 14:07:29 -05:00
beddb75ce7
fix: fix correct zarch value for meterpreter_reverse.erb
2026-01-06 09:53:03 -05:00
eaead1d2f3
fix: remove zarch inmemory_loader from stageless meterpreter
2026-01-06 09:53:03 -05:00
892ef86515
fix: remove in_memoryloader for ppc, ppc64le, ppce500v2 and armbe from erb file
2026-01-06 09:53:01 -05:00
6d4cefdff7
fix: fix erb for mettle payload generation
2026-01-06 09:52:28 -05:00
d2a2d1e1c8
fix: removed + character in PayloadLinuxMinKernel
2026-01-06 09:52:20 -05:00
187a7d361a
fix: changes based on review comments
2026-01-06 09:51:51 -05:00
75765fb0eb
fix: including prepends mixin on linux stageless meterpreter
2026-01-06 09:51:26 -05:00
cd0645b502
fix: changing MeterpreterLegacyElf to MeterpreterLinuxMinKernel
2026-01-06 09:51:02 -05:00
3a22eae7c8
feat: add elf-legacy option for systems unsupported by in_memory_loader
2026-01-06 09:50:04 -05:00
753b80322f
fix: updated mettle payload generation and cached_size
2026-01-06 09:49:30 -05:00
0cc080fbe9
fix: updated mettle payload generation and cached_size
2026-01-06 09:49:00 -05:00
e8b441a5d3
Land #20012 , MeterpreterOptions break-up and default extension loading removal
...
MeterpreterOptions break-up and default extension loading removal
2025-08-07 15:28:56 +02:00
f18787e5c5
fix: addressing review comments
2025-08-04 08:35:23 -04:00
81cb85eef0
Make msfbase actually do something useful
...
Signed-off-by: Tod Beardsley <todb@hugesuccess.org >
2025-06-20 13:05:11 -05:00
21e093a41f
Slightly better module popularity counter
...
Signed-off-by: Tod Beardsley <todb@hugesuccess.org >
2025-06-20 12:41:08 -05:00
dd23be9695
fix: modified meterpreter_reverse template for platform-specific MeterpreterOptions
2025-06-02 08:07:13 -04:00
5aa91bd57c
Rubocop: Resolve Rubocop Style/RedundantRegexpArgument violations
2025-05-24 13:34:32 +10:00
48221e594d
Land #18704 , Leverage the module metadata cache in the module_sets
2024-02-02 14:16:46 +00:00
1c4258fd1e
Fix encoded payloads test
2024-01-16 13:31:51 +00:00
2cf045d3c4
Leverage the module metadata cache in the module_sets
2024-01-15 14:56:46 +00:00
a7c547542f
fix spelling in tools folder
2024-01-07 13:28:13 -05:00
5f8767f4cf
M1ssion Dyld Mettle: Aarch64 Payloads
...
This builds on Back from the dyld by adding the required aarch64
assembly code to enable the OSX loader to run on the m1. This enables
the use of native payloads on M1 or M2 devices that do not have Rosetta
installed.
2023-06-19 10:57:37 +02:00
74bb908e56
tools: modules: committer_count: Parse date argument with Time.parse
2023-03-29 01:45:27 +11:00
4f75a44581
Fix Ruby 3.2 crash when running certain tools
2023-03-06 11:03:12 +00:00
0d9cca79b4
Fix crash when generating payload sizes
2022-11-04 02:10:58 +00:00
785a176240
Move logging and error printing to the end; return proper status
2022-06-09 09:18:11 -05:00
9d67ce0186
Add some error handling to update_payload_cache_size script
2022-05-27 08:45:10 -05:00
1f4ee19c05
Expose options for logging to a file in mettle
2022-05-06 14:36:55 +01:00
cb5d449676
add missing payload tests
...
A number of recent payload adds do not conform the patterns
used for suggesting spec configurations. Manually added these
tests to remove warning in rspec run.
2022-04-01 12:01:17 -05:00
550a625dc7
Major rework to support redirects
2022-02-16 23:12:55 -06:00
0ca56600a6
Fix casting issue by ensuring r.ctx_val is cast to a string before it used in a gsub operation. This prevents errors where sometimes the script can crash when r.ctx_val is considered to be a integer due to it containing only numbers and nothing else
2022-02-16 20:05:19 -06:00
d7b442f782
Fix up MSB code so it will properly check MSB URLs
2022-02-16 19:16:02 -06:00
d5ba1afbec
fix URLs not resolving
...
fix URLs not resolving
add csv export to references
fix URLs not resolving
pdf not pd
missed a url change
remove extra recirectedfrom fields
remove extra file
fix ovftool url accidental replacement
2022-02-16 17:22:40 -06:00
6e153a1866
fix tools author
2021-04-30 18:34:52 +07:00
22ae40a072
Remove new AKB reference
...
I'm not sure it adds enough value due to the URL format.
2021-04-03 14:05:45 -05:00
48f743a9f2
Change CVE reference to NVD and add AKB reference
2021-04-03 12:56:26 -05:00
1af4aaeb91
update WPVDB link type
2021-02-06 12:20:03 +01:00
d437a32374
remove msf/util requires
2021-01-18 14:21:54 +00:00
b816373b94
remove msf/ui requires
2021-01-18 14:21:54 +00:00
bad5ccbc49
Remove msf/base requires
2021-01-05 14:59:46 +00:00
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
760f4fc25d
Fix typo, full_name -> fullname
2019-08-12 19:30:43 -05:00
5bd34e7d4c
cleaner read of JSON cache
2019-02-21 23:20:43 -06:00
98e95eeb18
remove unused imports and vars
2019-02-21 23:14:55 -06:00
dd864e8f6e
enhance -f for evasion type
2019-02-21 23:11:39 -06:00
dcaf477097
support -f from JSON
2019-02-21 23:10:07 -06:00
1bae9ccf31
update module authors to consume JSON cache
2019-02-21 22:56:04 -06:00
f2ebdd4cdf
add apple_ios/armle/meterpreter/reverse_tcp
2018-10-10 17:39:51 +08:00
Valentin Lobstein