adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,009 Commits 27 Branches 1,043 Tags
ea0d400e798dac904b7bec45ccd842e2bda3da41
Commit Graph

35800 Commits

Author SHA1 Message Date
h00die 05fb1d3eaa x11 library update 2024-07-11 12:34:49 +00:00
h00die 45312a506d further x11 revisions 2024-04-26 14:49:22 -04:00
h00die 83d1dcb1d4 move x11 to be more modular, forgot to grab spec files :( 2024-04-25 15:48:14 -04:00
h00die 7a27c0f010 some review on x11 2024-04-22 15:07:57 -04:00
h00die 4f6903481c remove screenshot functionality for time being 2024-03-22 16:37:22 -04:00
h00die a524682f63 x11 screenshot module progress 2024-03-04 17:40:01 -05:00
h00die 69b89c5d95 WIP x11 screenshots and lib 2024-03-01 15:15:39 -05:00
h00die bd956e7aef WIP x11 screenshots and lib 2024-03-01 15:14:43 -05:00
h00die 75d007b44c WIP x11 screenshots and lib 2024-02-27 12:52:22 -05:00
h00die 453f8bbeff more x11 progress, now working on screenshots, WIP 2024-02-26 15:16:47 -05:00
h00die 5e42df8cd4 more x11 progress 2024-02-23 13:53:07 -05:00
h00die e7ca9485ed working xspy code 2024-02-22 15:34:20 -05:00
h00die 794e304cee working but ugly code 2024-02-22 15:31:16 -05:00
adfoster-r7 b762d2ba65 Land #18795, Move CreateSession from advanced into basic options 2024-02-13 10:00:35 +00:00
Spencer McIntyre 202db99004 Land #18801, Fix revision number checks 
Fix revision number checks in cve_2022_26904_superprofile.rb
 2024-02-12 15:52:16 -05:00
Spencer McIntyre 45365c8666 Land #18800, Fix revision number checks 
Fix revision number checks for cve_2021_40449.rb
 2024-02-12 15:19:56 -05:00
Spencer McIntyre ce0498377d Land #18798, fix version checks 
windows/local/cve_2020_0787_bits_arbitrary_file_move (and similar) fails due to incorrect revision_number checks
 2024-02-12 15:11:07 -05:00
Spencer McIntyre 8eb5aa6aa6 Land #18799, Fix revision number checks 
Fix revision number checks for cve_2020_17136.rb
 2024-02-12 15:01:45 -05:00
adfoster-r7 5fa1ce8ed2 Add support for newer sqlcmd versions 2024-02-12 11:51:02 +00:00
cgranleese-r7 699afaff45 Adds some notification message about 6.4 release features 2024-02-12 11:37:47 +00:00
cgranleese-r7 5d165466ff Move CreateSession from advanced into basic options 2024-02-12 11:35:27 +00:00
cgranleese-r7 285fbe5ac5 Land #18812, Revert mssql_login TDSENCRYPTION value to false 2024-02-09 17:03:10 +00:00
adfoster-r7 37ee910d2f Revert mssql_login TDSENCRYPTION value to false 2024-02-09 16:07:45 +00:00
sjanusz-r7 30fc29e0f5 Use PostgreSQL session type for modules 2024-02-09 15:38:06 +00:00
adfoster-r7 9caa2fac17 Land #18747, Add new mssql session type 2024-02-09 15:27:43 +00:00
Zach Goldman 2c60780dc0 Add MSSQL session Type 2024-02-09 07:27:01 -06:00
adfoster-r7 8b71afdd53 Land #18759, Updates MySQL modules to now support the new MySQL session type 2024-02-08 12:39:51 +00:00
cgranleese-r7 b060809a8d Addresses logoff PR feedback 2024-02-07 12:51:04 +00:00
upsidedwn 4b5d04e59e Fix revision number checks in cve_2022_26904_superprofile.rb 2024-02-07 11:30:42 +08:00
upsidedwn ccb446f2ae Fix revision number checks for cve_2021_40449.rb 2024-02-07 11:28:00 +08:00
upsidedwn 436efad4ca Fix revision number checks 2024-02-07 11:25:41 +08:00
upsidedwn 47d30696bc Fix revision_number checks 2024-02-07 11:20:12 +08:00
cgranleese-r7 e80f0ef8cd Removes session logic from mixins and uses client instead of datastore for rhost and rport 2024-02-06 14:11:16 +00:00
Christophe De La Fuente d546db6055 Land #18780, runc cwd priv esc (docker) (cve-2024-21626) 2024-02-05 13:12:02 +01:00
h00die cf2f76e6a2 cve-2024-21626 review 2024-02-02 16:27:02 -05:00
Jack Heysel 85974d16c2 Land #18769, Add Cacti RCE via SQLi Module 
This exploit module leverages a SQLi (CVE-2023-49085) and
a LFI (CVE-2023-49084) vulnerability in Cacti versions prior
to 1.2.26 to achieve RCE
 2024-02-02 11:46:10 -05:00
cgranleese-r7 577304cf7c Updates more modules 2024-02-02 14:59:56 +00:00
cgranleese-r7 ae1cb57dc3 Updates MySQL modules to now support the new MySQL session type 2024-02-02 14:59:56 +00:00
cgranleese-r7 0e9cad6d45 Adds MySQL session type 2024-02-02 14:39:37 +00:00
adfoster-r7 48221e594d Land #18704, Leverage the module metadata cache in the module_sets 2024-02-02 14:16:46 +00:00
adfoster-r7 7ac4387d35 Land #18696, Convert MSSQL mixin to class 2024-02-02 14:14:34 +00:00
Christophe De La Fuente b91648f065 Fix typos 2024-02-02 11:45:51 +01:00
Christophe De La Fuente 1ff1302df7 Use exceptions instead of returning a boolean in do_login 2024-02-02 11:39:13 +01:00
adfoster-r7 372b792b8c Land #18761, Add alert to show user the new session options available in Metasploit 6.4 2024-02-02 10:25:32 +00:00
Jack Heysel be2d2d61ca Land #18762, Add exploit module for CVE-2024-0204 
This pull request adds an exploit module for CVE-2024-0204
in Fortra GoAnywhere MFT. GoAnywhere MFT versions 6.x from
6.0.1, and 7.x before 7.4.1 are vulnerable.
 2024-02-01 22:36:32 -05:00
Zach Goldman 35778e92b2 client consolidation 
convert first module from remote to client

move client to rex

remove metasploit mixin
 2024-02-01 17:23:55 -06:00
h00die 1c73cf938f cve-2024-21626 2024-02-01 15:28:04 -05:00
sfewer-r7 b259c5d6a7 store the credentials we create in the DB 2024-02-01 19:48:01 +00:00
sfewer-r7 612feac5f1 add in vendor advisory URL 2024-02-01 19:47:23 +00:00
Christophe De La Fuente 81eba7a6e7 Use FileDropper mixin and fix typo 2024-02-01 17:23:05 +01:00