adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,066 Commits 27 Branches 1,043 Tags
ebfbd3d3052e1c6ec21319c8bbfecfaaef576fa6
Commit Graph

36301 Commits

Author SHA1 Message Date
Jack Heysel 80ee458410 Land #19151, Add Flowmon Priv Esc Feature Module 
Privilege escalation module for Progress Flowmon unpatched feature
 2024-05-29 11:35:53 -04:00
Jack Heysel cc7aeb4364 Fix module cleanup 2024-05-29 08:39:06 -04:00
Jack Heysel 72f332aba0 Land #19150, Add Flowmon Command Injection Module 
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
 2024-05-29 08:28:37 -04:00
Jack Heysel e57f4d3cb5 Change xml to html in get_html_document 2024-05-28 16:29:55 -04:00
Christophe De La Fuente f274c46bd2 Land #19103, jasmin ransomware sqli and dir travers (CVE-2024-30851) 2024-05-27 11:23:42 +02:00
Jack Heysel 2c6fc11639 Responded to comments, clean up /etc/sudoers file 2024-05-23 16:56:35 -04:00
Jack Heysel a0597007e4 Minor fixes, respond to comments 2024-05-23 14:02:28 -04:00
Dave Yesland 1b55b6512f Rubocop fixes 2024-05-22 12:43:27 -07:00
Dave Yesland b3bc4a6c68 Update progress_flowmon_sudo_privesc_2024.rb 2024-05-21 13:48:20 -07:00
Dave Yesland de99a74540 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:45:36 -07:00
Dave Yesland 5a60a9a3d9 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:42:43 -07:00
Dave Yesland a517a218ab Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:41:44 -07:00
Dave Yesland 90a0be67b6 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:54 -07:00
Dave Yesland 1ddc60b185 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:44 -07:00
Jack Heysel 6e9e4a5aed Land #19102, Northstar C2 Stored XSS to Agent RCE 
Add exploit module for CVE-2024-28741, Northstar C2 Stored XSS to Agent
RCE
 2024-05-21 14:57:44 -04:00
Jack Heysel 10acd86390 Land #19071, Add AVideo RCE module 
Add module for CVE-2024-31819 which exploits an LFI in AVideo which uses
PHP Filter Chaining to turn the LFI into unauthenticated RCE
 2024-05-21 14:27:15 -04:00
adfoster-r7 6d2041b1cb Fix crashing mipsle modules 2024-05-21 12:52:12 +01:00
cgranleese-r7 67154a12e0 Land #19104, CHAOS rat xss to rce 2024-05-21 11:10:57 +01:00
bwatters f8c69e434d Land #19173, Add CarotDAV FTP PackRat module 
Merge branch 'land-19173' into upstream-master
 2024-05-17 16:49:33 -05:00
bwatters 8a68eebbf6 Land #19171, Add Sylpheed Email PackRat module 
Merge branch 'land-19171' into upstream-master
 2024-05-17 10:39:56 -05:00
Jacob 175e16a29a Removed unused regex search 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-17 09:59:20 -05:00
Jacob a8f1d35773 Re-structured artifact enumeration option 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-17 09:59:20 -05:00
-Pink-Panther 39630f1d2b Added post module for Adi IRC Client 2024-05-17 09:58:23 -05:00
adfoster-r7 25a1318052 Land #19170, Refactor smb lookupsid module 2024-05-17 13:43:52 +01:00
sjanusz-r7 34ab7d97b2 Follow MS-LSAD and MS-LSAT spec for LSARPC & LookupSids 2024-05-17 10:59:37 +01:00
sjanusz-r7 138a553b36 Add support for configurable RPORT, session & default rports to lookupsid 2024-05-17 10:59:37 +01:00
sjanusz-r7 d569077564 Refactor smb_lookupsid module to use RubySMB 2024-05-17 10:59:37 +01:00
Jacob 6de0048354 Removed unused regex search 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-16 19:15:00 -05:00
-Pink-Panther d08247776c Re-arranged Author list 2024-05-16 19:12:54 -05:00
-Pink-Panther cf15b1f858 Added post module for Quassel IRC Client 2024-05-16 19:12:54 -05:00
bwatters d54b3920b2 Land #19165, Add Halloy IRC PackRat module 
Merge branch 'land-19165' into upstream-master
 2024-05-16 16:59:47 -05:00
Chocapikk da31761336 Lint 2024-05-15 22:13:53 +02:00
Valentin Lobstein 3900680a96 Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-15 22:07:45 +02:00
Valentin Lobstein c815c2b15c Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-15 22:07:19 +02:00
Valentin Lobstein 7d2c06a246 Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-15 22:07:04 +02:00
Valentin Lobstein cd10c2d208 Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-15 22:06:53 +02:00
Dean Welch 0cea2cba75 Add guard clause to not print out session info unless the session is enabled 2024-05-15 15:12:51 +01:00
Dean Welch 7cdea94000 Convert ldap modules to use the new ldap session type 2024-05-15 15:12:51 +01:00
Dean Welch e693b9588c Update ldap modules to support an ldap session 2024-05-15 15:12:51 +01:00
Dean Welch 55cb49c60e Add back in useful base dn discovery print out 2024-05-15 15:12:51 +01:00
Dean Welch df32ce2db9 Add ldap query support to the ldap session 2024-05-15 15:12:51 +01:00
Dean Welch 9e4f958af7 keep ldap connection open for use in a session 2024-05-15 15:12:51 +01:00
Dean Welch 3cedb20f75 Add initial ldap session support 2024-05-15 15:12:51 +01:00
Jacob 7a33970ef8 Re-structured artifact enumeration option 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-15 14:58:51 +01:00
Jacob 554c5c3cb4 Re-structured artifact enumeration option 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-15 14:52:58 +01:00
Jacob 121d3ded85 Re-structured artifact enumeration option 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-15 14:07:48 +01:00
Jacob 8259db4756 Removed unused regex search 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2024-05-15 14:06:58 +01:00
h00die d1739f32c2 review of chaos rat 2024-05-13 16:55:43 -04:00
Spencer McIntyre 733c014223 Land #19115, read/write registry key SD 
Module to read/write registry key security descriptor remotely
 2024-05-13 15:41:54 -04:00
Jack Heysel b1cd5b3476 Land #19132, Add LDAPS Channel Binding 
Add channel binding information to Metasploits NTLM and Kerberos
authentication for the LDAP protocol. This enables users to authenticate
to domain controllers where the hardened security configuration setting
is in place
 2024-05-13 11:31:10 -07:00