c5717d42d6
MS-9457 Support NO_AUTH_REQUIRED
...
Support the `NO_AUTH_REQUIRED` condition and terminate the scan to avoid further unneeded attempts.
2024-07-02 14:09:01 +02:00
52142f280f
MS-9454 Redis Scanner: Support versions
...
Updating the Redis Login Scanner to properly support all versions of Redis and their implementations to handle the `AUTH` command.
2024-06-28 15:25:49 +02:00
e691f72170
Bump version of framework to 6.4.16
2024-06-27 03:34:27 -05:00
51176e778c
MS-9445 Fix Service Reporting
...
Preliminary pull request to resolve an issue with a service not being properly detected for Redis.
* Ensure service name is properly passed down when detecting vulnerabilities
* Ensure Redis properly detects no-auth requirements
2024-06-26 15:11:29 +02:00
afa973e05e
Fix reids_login scanner when auth is enabled
2024-06-26 13:32:16 +01:00
dc2adc0798
Land #19259 , warn on weak meterpreter keys
...
Fixing meterpreter to support is_weak_key byte flag from mettle
2024-06-24 08:58:40 -04:00
8a432fb292
fix: default is_weak_key is nil; handling of empty key_dec_data
2024-06-21 04:00:02 -04:00
2e51b37f1c
Land #19267 , Escape LDAP query string filters
2024-06-20 10:42:19 +01:00
bccad774fd
Bump version of framework to 6.4.15
2024-06-20 03:37:28 -05:00
a6fd6defcb
Escape LDAP query strings
2024-06-18 17:47:56 -04:00
c1826cd2f3
Land #18829 , Allow multiple HttpServers in module
...
Adding multiple HttpServer services in a module is sometimes complex
since they share the same methods. This usually this causes issues where
on_request_uri needs to be overridden to handle requests coming from
each service. This updates the cmdstager and the Java HTTP ClassLoader
mixins, since these are commonly used in the same module. This also
updates the manageengine_servicedesk_plus_saml_rce_cve_2022_47966 module
to make use of these new changes
2024-06-18 09:51:38 -07:00
80e942b76d
fix: better implementation of negotiate_tlv_encryption
2024-06-17 10:57:17 -04:00
17a6d443b5
Land #19260 , Update windows acceptance tests
2024-06-17 10:19:25 +01:00
1a8746f076
fix: updated warning messages, inverted is_weak_key logic
2024-06-14 10:19:56 -04:00
111d329609
Fix the powershell_base64 encoder
2024-06-13 15:46:02 -04:00
30c9ea2064
Update windows acceptance tests
2024-06-13 18:05:30 +01:00
764dc89997
Update Java::HTTP::ClassLoader and CmdStager::HTTP
...
- Add specific #on_request_uri, #start_service and #resource_uri methods with distinct names
2024-06-13 16:39:24 +02:00
acfaf52611
feat(meterpreter): display a warning when a weak encryption aes_key is used. skip module loading if encryption is weak.
2024-06-13 09:30:17 -04:00
f5aea8c11b
Bump version of framework to 6.4.14
2024-06-13 03:39:08 -05:00
b9b638dd83
Land #19196 , Cacti import package RCE
...
This exploit module leverages an arbitrary file write vulnerability
(CVE-2024-25641) in Cacti versions prior to 1.2.27 to achieve RCE. It
abuses the Import Packages feature to upload a specially crafted package
that embeds a PHP file.
2024-06-12 15:43:46 -07:00
45815a4cb5
Code review
2024-06-12 19:47:02 +02:00
82ca91b351
remove duplicated rescue
2024-06-07 12:18:07 -05:00
9981a24a6c
Land #19235 , Fixes an issue where zip paths were not being created correctly for Java payloads
2024-06-07 12:45:44 +01:00
bf177642b4
Land #19199 , Improves UX for scanner/login modules
2024-06-06 16:03:17 +01:00
d604d28b27
Land #19197 , SQL sessions have correct history manager support
2024-06-06 12:53:30 +01:00
a9078b4d68
Bump version of framework to 6.4.13
2024-06-06 03:33:45 -05:00
b30641022f
Land #19227 , Moodle::Login.moodle_login: fix login success verification regex
2024-06-05 17:12:11 +01:00
798d79ae32
Fixes an issue where zip paths were not being created correctly for Java payloads
2024-06-05 15:38:54 +01:00
91cb94e725
Add _close method to history manager, use generic method for Msf Config history file
2024-06-03 17:23:51 +01:00
36e29535a9
Land #19211 , update db manager to no longer default updated_at to created_at value
2024-06-03 13:19:21 +01:00
cf97b36d98
Align importing timestamps method with msf_ prefix
2024-06-03 11:09:59 +01:00
48f89a2aad
Improves UX for scanner/login modules
2024-06-03 10:56:59 +01:00
f7b69e2fe7
Fix service 'updated at' time not being updated correctly
2024-06-03 10:17:19 +01:00
4eecb8ee96
Moodle::Login.moodle_login: fix login success verification regex
2024-06-03 01:49:04 +10:00
3e75c42183
Land #19217 , fix tab completion crash on Ruby 3.2
2024-05-31 13:44:02 +01:00
ebfbd3d305
Bump version of framework to 6.4.12
2024-05-30 03:39:13 -05:00
2fb35f9700
adds eval patch to File
2024-05-29 15:04:21 -05:00
487faf9a1a
Allow History Manager writer thread to exit when queue is empty
2024-05-28 15:37:43 +01:00
82c43c3154
Allow HistoryManager to mock input library history
2024-05-23 17:50:19 +01:00
60c09e5ca3
SQL sessions have correct history manager support
2024-05-23 13:57:31 +01:00
06cb6aa713
Update cacti_pollers_sqli_rce to use the new library
...
- Update the CSRF token logic in the library
- Update cacti_package_import_rce and cacti_pollers_sqli_rce modules
- Update the FETCH_DELETE logic in cacti_package_import_rce to only
regenerate the payload when necessary
2024-05-23 11:30:48 +02:00
7eefa4b1ee
Bump version of framework to 6.4.11
2024-05-23 03:34:03 -05:00
c6c5f2bf7a
Add module, lib and documentation
2024-05-22 17:38:53 +02:00
ce49fa4e76
don't show regular option groups when viewing advanced options
2024-05-17 15:47:02 +01:00
28396ff23a
Land #19002 , Fix edgecase in Meterpreter job persistence
2024-05-17 14:22:51 +01:00
25a1318052
Land #19170 , Refactor smb lookupsid module
2024-05-17 13:43:52 +01:00
638ad36b12
Fixed names that were missed while refactoring
2024-05-17 10:59:37 +01:00
34ab7d97b2
Follow MS-LSAD and MS-LSAT spec for LSARPC & LookupSids
2024-05-17 10:59:37 +01:00
138a553b36
Add support for configurable RPORT, session & default rports to lookupsid
2024-05-17 10:59:37 +01:00
d569077564
Refactor smb_lookupsid module to use RubySMB
2024-05-17 10:59:37 +01:00
adeherdt-r7