f8a67b83e6
Update lib/msf/core/exploit/pgadmin.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2025-04-17 08:01:15 -07:00
1cade8f18f
Reponded to comments
2025-04-15 10:10:26 -07:00
4f76ff1633
Apply suggestions from code review
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2025-04-15 10:07:53 -07:00
cbc33ea9ce
Remove extra space
2025-04-11 16:02:36 -07:00
4c5e0203dd
Refactor pgAdmin modules to use new lib
2025-04-11 15:55:46 -07:00
053f0e854c
Merge pull request #20024 from cgranleese-r7/add-support-for-network-capture-decryption
...
Add support for network capture decryption
2025-04-11 13:43:22 +01:00
c79f7db38b
Adds enhanced support for network capture decryption
2025-04-11 13:34:40 +01:00
4cec129e1c
Responded to comments
2025-04-10 10:53:05 -07:00
290a35b0f6
pgAdmin Query Tool Authenticated RCE (CVE-2025-2945)
2025-04-09 17:32:10 -07:00
7f8a762922
Update ms_icpr and creds to reflect the changes in the Pkcs12 data model
...
- a separate field is now used for metadata (`private_metadata`) when
creating a new Pkcs12
- the `creds` command now support adding an encrypted Pkcs12 with a password
2025-04-01 19:12:41 +02:00
865626fbd2
Update Pkcs12-related code to report CA and ADCS Template to the database
...
- Update the `creds` command to add Pkcs12 private credentials with
metadata.
- Update `ms_icpr` module to store metadata.
2025-04-01 19:07:48 +02:00
33e3a0bd09
Merge pull request #19984 from zeroSteiner/feat/lib/adcs-mm-updates/2
...
Feat/lib/adcs mm updates/2
2025-03-31 10:23:10 -07:00
08e227faca
Merge pull request #19934 from sfewer-r7/bugfix-cisco-iosxe-rce
...
Improve exploit/linux/misc/cisco_ios_xe_rce (CVE-2023-20198 + CVE-2023-20273)
2025-03-27 16:51:16 -07:00
d38dd96861
Renames LDAP datastore options
2025-03-25 17:07:25 +00:00
02e3a55570
Catch additional exceptions for failures
2025-03-21 12:02:23 -04:00
2e842179b7
Merge pull request #19757 from smashery/cms_refactor
...
Refactor Cms ASN.1 definitions
2025-03-19 13:38:34 -04:00
f8760a9e3b
Update from code review
2025-03-14 15:28:39 +01:00
d4fd890fed
Add the smb_to_ldap relay module and documentation
2025-03-14 15:28:39 +01:00
d47ec03ca7
Refactor CMS data structures used in pkinit functionality
2025-03-14 10:42:32 +11:00
c3ffdb12f5
Merge pull request #19946 from zeroSteiner/feat/mod/relay/ms08-068-warning
...
Add a warning for MS08-068 when applicable
2025-03-05 11:11:20 -08:00
0116d0c04b
Actually count the hosts
...
RangeWalker handles many more formats for specifying multiple hosts, so
simply checking for a space is insufficient.
2025-03-05 13:44:33 -05:00
b43dc8be08
Switch relay modules, add ESC8 check method
2025-03-05 13:44:33 -05:00
dbce82416c
Add a warning for MS08-068 when applicable
2025-03-05 13:31:26 -05:00
54465f30f2
Land #19917 , Add NIST SP 800 Crypto Primitives
...
Land #19917 , Add NIST SP 800 Crypto Primitives
2025-03-04 17:50:01 +01:00
60a496eec9
bugfix the URI to work as expected for both HTTP and HTTPS, also some appliences (C8000v) need the _http portion of this URI path to be cchanges from all lowercase for CVE-2023-20198 to work as expected.
2025-03-03 20:20:26 +00:00
11818c2812
Switch to using Rex's Crypto module
2025-02-27 10:52:09 -05:00
7e0b3af790
Land #19879 , Add MsDtypSecurityDescriptor to_sddl_text
...
Land #19879 , Add MsDtypSecurityDescriptor to_sddl_text
2025-02-27 15:28:27 +01:00
8dd032e529
Land #19897 , Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
...
Land #19897 , Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
2025-02-25 13:14:18 +01:00
3487b485e9
Fix an API change from an old commit ( #19880 )
2025-02-25 10:15:33 +00:00
79411eace8
added code sugesstions from dledda-r7
2025-02-24 15:51:32 +00:00
ece33ee8ec
added documentation
2025-02-23 09:54:26 +00:00
b3a5da976b
Apply suggestions from code review
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2025-02-22 10:35:45 +01:00
47a2079d19
initial module and laravel crypto killer mixin
2025-02-21 18:09:28 +00:00
c9dc97c242
Update some modules to print the SDDL
2025-02-13 17:19:43 -05:00
dfb1ed6d30
Land #19842 , fixing jtr_format for NTLM hashes
2025-02-07 13:24:10 +01:00
6232463701
Merge pull request #19835 from cdelafuente-r7/fix/kerberos/ticket_lookup
...
Kerberos ticket lookup fix
2025-01-28 13:01:05 -08:00
8e68d1d5f2
Fixed spacing
2025-01-28 10:40:13 -08:00
9d50fb66bc
Fix jtr_format assignment in HashCapture module
2025-01-28 10:14:36 -08:00
4c0f407b39
favor SecureRandom.bytes over Rex::Text.rand_text_alphanumeric
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2025-01-24 16:15:16 +00:00
de6b14e506
change how a Sec-WebSocket-Key is computed to make connect_ws be spec compliant
2025-01-24 14:46:52 +00:00
25bd5d736c
Fix comparision case for service name hostname
2025-01-24 14:26:58 +01:00
f7554d2467
Update lib/msf/core/exploit/remote/ms_icpr.rb
2025-01-16 09:36:30 -08:00
b5a116f85e
Update lib/msf/core/exploit/remote/ms_icpr.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2025-01-16 09:25:33 -08:00
42abf6be5b
Fix icpr_cert to error when ESC15 is patched
2025-01-13 17:51:21 -08:00
31930f47dd
Merge pull request #19700 from jheysel-r7/fix_send_request_cgi_bang
...
Fix query param in reconfig_redirect_opts!
2024-12-11 23:30:51 +00:00
f36d786736
Merge pull request #19696 from smashery/add_user_module
...
Add user module
2024-12-10 11:26:49 -05:00
8b93f1a087
Merge branch 'master' into smb_change_pw
2024-12-09 09:37:45 -05:00
909476ee64
Merge pull request #19671 from smashery/ldap_change_pw
...
LDAP Change Password module
2024-12-06 17:13:50 -05:00
c7b96f89b0
Unset opts query if no location.query
2024-12-05 18:24:12 -08:00
a544805659
Fix query in reconfig_redirect_opts!
2024-12-05 18:18:06 -08:00
jheysel-r7