adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,608 Commits 27 Branches 1,043 Tags
eba2df0a8a0ebd2b888b0402971ffce417112b99
Commit Graph

31775 Commits

Author SHA1 Message Date
sjanusz eba2df0a8a Fix smb enumshare to work with SMB1/2/3 2021-11-22 12:36:59 +00:00
Grant Willcox 9023c61ac8 Land #15851, User Agent Refresh 2021-11-17 15:08:52 -06:00
Grant Willcox 1d20393452 We should be safe to change the user agent for Google as well since we are communicating with Google's servers and as far as I can tell changing the user agent doesn't really change the results at all 2021-11-17 15:08:27 -06:00
Christophe De La Fuente 6c57ee376a Land #15755, Azure Active Directory Login Scanner Module 2021-11-17 15:53:22 +01:00
Jeffrey Martin f208e59541 ensure realm reported on credential 
remove default DOMAIN to make input required
 2021-11-16 15:36:04 -06:00
Jeffrey Martin 8c15fde679 adjust service reporting 2021-11-16 14:23:33 -06:00
Jeffrey Martin 5af7847b52 ensure address in an IP when reporting service 2021-11-16 12:39:41 -06:00
Jeffrey Martin 680f068adc move text encode into XML generation 2021-11-16 12:39:41 -06:00
Jeffrey Martin 7b3c9f9d13 utilize AuthBrute more 2021-11-16 12:34:17 -06:00
Ashley Donaldson f020c99a85 Implement suggestions from code review 2021-11-16 11:07:48 +11:00
Grant Willcox d7047cdb6f Land #15867, Update example modules 2021-11-15 15:32:45 -06:00
Grant Willcox a620b425dd Fix a few capitalization errors 2021-11-15 14:56:25 -06:00
Grant Willcox fc05f53688 Reword comments a bit to make it cleare to end users how to use some of the libraries we provide 2021-11-15 14:54:13 -06:00
h00die e2ec4438a4 further update examples 2021-11-15 15:16:08 -05:00
Spencer McIntyre a100cd77ae Land #15858, Add exploit for CVE-2021-42237 2021-11-15 14:24:47 -05:00
Spencer McIntyre b428863d9e Land #15875, Bash payload works outside of bash 2021-11-15 10:46:05 -05:00
Ashley Donaldson 7549aaaf61 Remove warning now that bash payloads should work in this situation 2021-11-15 15:56:59 +11:00
Ashley Donaldson 40e45bdaed Ensure bash payload executes from a bash context 2021-11-15 14:44:11 +11:00
h00die 93a1473e49 fix return add http timeout 2021-11-13 04:46:38 -05:00
h00die 69c0c367fe rubocop and example updates 2021-11-13 04:33:24 -05:00
space-r7 b6dcb03b45 Land #15843, add Jetty WEB-INF file disclosure 2021-11-12 11:31:27 -06:00
space-r7 9ab969f8fe set default port, change checkcodes 2021-11-12 11:30:42 -06:00
Grant Willcox 7e01e33e51 Make the XML generation into a function that accepts an argument and do further cleanup to simplify the code around this 2021-11-11 23:56:11 -06:00
bwatters 4505d7e834 Land #15700, Add Aerohive NetConfig <= 10.0r8a RCE (CVE-2020-16152) module 
Merge branch 'land-15700' into upstream-master
 2021-11-11 17:03:54 -06:00
Grant Willcox 8d55b16ade Fix one more mistake and rename document and module to a more easy to find name 2021-11-11 16:42:58 -06:00
Grant Willcox be4fa90f1a Fix up wvu's review comments 2021-11-11 14:39:40 -06:00
space-r7 f055429189 Land #15806, add BillQuick SQLi module 2021-11-11 11:51:19 -06:00
space-r7 93038f43ce replace fail_with() calls with CheckCode returns 2021-11-11 11:37:55 -06:00
adfoster-r7 51914ae858 Land #15861, Lint smb enumshares module 2021-11-11 11:01:55 +00:00
sjanusz fb8ea12de8 Lint SMB EnumShares module 2021-11-11 10:46:24 +00:00
Grant Willcox 9d6f0a0eb2 Update XML to reduce it to the bare minimum needed to get the exploit working. Possible I could do more but in my tests it seems everything in here now is needed 2021-11-10 16:25:08 -06:00
Grant Willcox 27310dc002 Add in exploit and documentation for CVE-2021-42237 2021-11-10 15:52:22 -06:00
Ashley Donaldson 360a0b866a Updated cached sizes because of new UA string 2021-11-10 17:27:02 +11:00
Ashley Donaldson 527057c700 Updated user agent strings in some modules where it shouldn't impact exploitability 2021-11-10 11:12:38 +11:00
Ashley Donaldson cab04d33f5 Use existing Rex::UserAgent class; keep UA string consistent across an MSF session 2021-11-10 10:05:45 +11:00
h00die 28672f3ea5 review 2021-11-09 16:19:20 -05:00
Grant Willcox 3af93cbacc Fix up changes from timwr's review so long 2021-11-09 10:36:50 -06:00
Grant Willcox 780a9370a2 First draft of code, documentation, and exploit DLL plus exploit code 2021-11-09 10:36:40 -06:00
space-r7 1dd26bca03 Land #15802, add OMIGOD LPE 2021-11-09 10:30:50 -06:00
h00die 8f713d00ae remove period 2021-11-09 04:11:23 -05:00
h00die 0fe49cce22 review comments 2021-11-09 04:04:16 -05:00
Ashley Donaldson 551ef90c5f Use default User agent string for generic auxiliary modules 2021-11-09 18:55:49 +11:00
h00die 23ba4a1f3a jetty updates 2021-11-08 14:09:43 -05:00
h00die ea59e89cba jetty web-inf file disclosure 2021-11-08 14:04:08 -05:00
Uli Heilmeier c3c7279de0 sap_router_portscanner: rename validate function 
cmd_run of command_dispatcher/auxiliary.rb calls a validate function
without an argument. As the validate function requires a range argument
running the sap_router_portscanner module fails.

Fix this issue by renaming the function.
 2021-11-07 20:05:20 +01:00
h00die e067535b72 billquick review updates 2021-11-06 06:29:56 -04:00
Matthew Dunn 5b8b718a3d Use fail_with instead of return 2021-11-05 11:49:02 -04:00
Spencer McIntyre 69e9a53b14 Land #15829, Improve Kubernetes exec reliability 2021-11-05 10:35:40 -04:00
Spencer McIntyre 56a544c184 Fix two minor issues in kubernetes/exec 2021-11-05 10:35:22 -04:00
Christophe De La Fuente 836422f9ac Land #15776, Wordpress automatic plugin aux module 2021-11-05 12:47:27 +01:00