adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
70,151 Commits 27 Branches 1,043 Tags
de9cd59ea5bd3348a4dcdc6eb0f0c398cd89d9a7
Commit Graph

34282 Commits

Author SHA1 Message Date
h00die-gr3y de9cd59ea5 added pwd derivation and report credential function including updates based on review comments 2023-04-18 19:17:00 +00:00
h00die-gr3y e0926890ab init commit module 2023-04-14 13:07:12 +00:00
h00die-gr3y 5584685f24 init commit module 2023-04-14 13:05:42 +00:00
dwelch-r7 f9d5459a9c Land #17872, Ensure identify hashes helper is accessible to modules 2023-04-13 16:20:20 +01:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Grant Willcox d19c9e7732 Land #17867, fix always vulnerable in Auxiliary module surgenews_user_creds 2023-04-12 19:32:39 -05:00
Grant Willcox 0ed25cd2cc Fix RuboCop issues 2023-04-12 19:05:30 -05:00
Grant Willcox 0e3a341ac9 Land #17864, Correct incorrect log format 2023-04-12 17:05:35 -05:00
adfoster-r7 8e2169ed47 Ensure identify hashes helper is accessible to modules 2023-04-12 13:28:56 +01:00
adfoster-r7 e8365aba85 Land #17870, Fixes linting errors on SCTP payloads 2023-04-12 13:24:01 +01:00
Christophe De La Fuente a6b478e046 Land #17832, Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503 2023-04-12 11:43:13 +02:00
cgranleese-r7 a313e36c1d Fixes linting errors on SCTP payloads 2023-04-12 10:24:19 +01:00
cgranleese-r7 e6c1aecd26 Land #17502, Adds SCTP Sessions 2023-04-12 10:15:43 +01:00
Ryuuuuu 585479474b fix bug which prints always vulnerable (change code suggested code by @bcoles) 2023-04-12 08:25:34 +00:00
Ryuuuuu e3983eac1f Correct incorrect log format 2023-04-12 13:04:13 +09:00
Ryuuuuu 29c24438a6 Correct incorrect log format when no files found 2023-04-12 13:01:49 +09:00
Ron Bowes 7dc1faa689 Better error handling, and fix version detection 2023-04-11 09:34:24 -07:00
Ron Bowes 1a8671311d Move the offsets into a field separate from 'targets' 2023-04-07 10:26:56 -07:00
Ron Bowes 02072418f0 Expand the comment about why we're checking for \xff (since it can't appear in the payload) 2023-04-07 10:10:13 -07:00
adfoster-r7 42902bb5e5 Land #17851, fix check function which always prints vulnerable 2023-04-07 14:24:45 +01:00
Ryuuuuu 9985538846 Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb 
fix nil exception

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-04-07 09:55:00 +09:00
Ron Bowes ce111f158a Better error handling 2023-04-06 10:35:33 -07:00
Steve E f0189cc886 revert another get_once 2023-04-06 11:43:50 +01:00
Steve E 656c562816 Added notes, revert to get_once 2023-04-06 11:01:32 +01:00
Steve Embling cc79fe039a Merge branch 'rapid7:master' into weblogic-t3s-support 2023-04-06 10:38:29 +01:00
Ron Bowes 523931aa4c Change target options for stack overflow exploit 2023-04-05 15:24:49 -07:00
Ron Bowes c345fe78b8 Fix up error handling and other comments from the PR 2023-04-05 15:13:35 -07:00
Ron Bowes c07ca83d6c Fix the metadata and add an in-memory target 2023-04-05 14:07:12 -07:00
Ron Bowes 04a9ae7335 Add check methods 2023-04-05 10:55:28 -07:00
cgranleese-r7 e004be00fe Converted to Active Support 2023-04-05 16:53:01 +01:00
Christophe De La Fuente 5d63175b56 Land #17823, php_cgi_arg_injection: Fix check regex match to detect code html tag 2023-04-05 16:44:52 +02:00
cgranleese-r7 769e2e760c stop point 2023-04-04 10:27:15 +01:00
cgranleese-r7 c3a7da54d5 reduces code duplication 2023-04-04 10:27:11 +01:00
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
Ryuuuuu 8b3d799104 fix check function which always prints vulnerable 2023-04-04 10:07:06 +09:00
adfoster-r7 f7cee703ce Land #17835, cisco_dcnm_auth_bypass: Fix TARGETURI URL normalization 2023-04-03 11:47:56 +01:00
SubcomandanteMeowcos a54f3d4707 fix broken module references 
doing these "by domain" now, piecemeal.

this PR fixes all broken references to the "insecurety" website, which is long dead.
 2023-04-01 05:17:02 -07:00
bcoles 2711ba4b3a cisco_dcnm_auth_bypass: Fix TARGETURI URL normalization 2023-03-31 23:53:41 +11:00
Jack Heysel 15d267a233 Land #17826, post module for CVE-2023-21768 
This adds an exploit module for CVE-2023-21768 that
achieves local privilege escalation on Windows 11 2H22.
 2023-03-30 12:27:28 -04:00
jheysel-r7 152ef4a86b Update modules/exploits/windows/local/cve_2023_21768_afd_lpe.rb 2023-03-30 11:28:46 -04:00
jheysel-r7 6f400052b1 Update modules/exploits/windows/local/cve_2023_21768_afd_lpe.rb 2023-03-30 11:00:55 -04:00
dwelch-r7 ab08cd2d1c Land #17753, Update get_ticket to support using forged golden tickets 2023-03-30 14:15:48 +01:00
space-r7 1f32004901 Land #17813, ssh_enumusers set CHECK_FALSE to true 2023-03-29 12:31:31 -05:00
Ron Bowes 7cb6213334 Fix an msftidy error 2023-03-29 09:56:04 -07:00
Ron Bowes 54ed192401 Add URLs 2023-03-29 08:10:52 -07:00
Ron Bowes 41fe44ef1a Merge branch 'master' into unirpc-auth-bypass 2023-03-29 08:03:05 -07:00
Ron Bowes 6897be4b01 Add two Metasploit modules for UniData vulnerabilities 2023-03-29 08:01:50 -07:00
space-r7 9cd024a7a2 Land #17828, add AMQP login scanner module 2023-03-29 09:24:48 -05:00
adfoster-r7 0a559bfded Land #17704, Apache Solr RCE via Velocity Template: Attempt fix for NoMethodError when exploiting 2023-03-29 15:12:04 +01:00
adfoster-r7 e1ecdac2a5 Land #17724, Add ticket checksum to kerberos ticket creation 2023-03-29 09:01:39 +01:00