adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,852 Commits 27 Branches 1,043 Tags
f5aafdcfdfd153695d91890cf7ed0fab9d3df1bd
Commit Graph

3365 Commits

Author SHA1 Message Date
jheysel-r7 eba2b6c1bf Merge pull request #19760 from cdelafuente-r7/feat/pkcs12/certs_command/pkinit 
Add certs command & use pkinit if kerberos tickets are not available in cache
 2025-04-22 11:11:54 -07:00
Christophe De La Fuente 226853f535 Fix EKU lookup in certificate 2025-04-22 19:08:45 +02:00
jheysel-r7 f8a67b83e6 Update lib/msf/core/exploit/pgadmin.rb 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-04-17 08:01:15 -07:00
Jack Heysel 1cade8f18f Reponded to comments 2025-04-15 10:10:26 -07:00
jheysel-r7 4f76ff1633 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-04-15 10:07:53 -07:00
Jack Heysel cbc33ea9ce Remove extra space 2025-04-11 16:02:36 -07:00
Jack Heysel 4c5e0203dd Refactor pgAdmin modules to use new lib 2025-04-11 15:55:46 -07:00
adfoster-r7 053f0e854c Merge pull request #20024 from cgranleese-r7/add-support-for-network-capture-decryption 
Add support for network capture decryption
 2025-04-11 13:43:22 +01:00
cgranleese-r7 c79f7db38b Adds enhanced support for network capture decryption 2025-04-11 13:34:40 +01:00
Jack Heysel 4cec129e1c Responded to comments 2025-04-10 10:53:05 -07:00
Jack Heysel 290a35b0f6 pgAdmin Query Tool Authenticated RCE (CVE-2025-2945) 2025-04-09 17:32:10 -07:00
Christophe De La Fuente 7e42746eb0 Code review and fixes 
- Fix Pkcs12 filer to use case insensitive username and realm
- Handle nil values in `StoredPkcs12`
- Use `fallbacks` options in `ldap_login`
- Small fixes
 2025-04-08 18:21:39 +02:00
Christophe De La Fuente 630c2c03bc Update certs command, pkcs12 matching and specs 
- use the `status`, certificate's `not_before`/`not_after` and check if the TLS
  OID is present to filter pkcs12 before using them with PKInit
- add the `activate`, `deactivate` and `export` capabilities to the
  certs command
- add specs
 2025-04-02 18:23:14 +02:00
Christophe De La Fuente e7535d8fae Add certs command & use pkinit if kerberos tickets are not available in cache 2025-04-02 18:23:14 +02:00
Christophe De La Fuente 7f8a762922 Update ms_icpr and creds to reflect the changes in the Pkcs12 data model 
- a separate field is now used for metadata (`private_metadata`) when
  creating a new Pkcs12
- the `creds` command now support adding an encrypted Pkcs12 with a password
 2025-04-01 19:12:41 +02:00
Christophe De La Fuente 865626fbd2 Update Pkcs12-related code to report CA and ADCS Template to the database 
- Update the `creds` command to add Pkcs12 private credentials with
  metadata.
- Update `ms_icpr` module to store metadata.
 2025-04-01 19:07:48 +02:00
jheysel-r7 33e3a0bd09 Merge pull request #19984 from zeroSteiner/feat/lib/adcs-mm-updates/2 
Feat/lib/adcs mm updates/2
 2025-03-31 10:23:10 -07:00
jheysel-r7 08e227faca Merge pull request #19934 from sfewer-r7/bugfix-cisco-iosxe-rce 
Improve exploit/linux/misc/cisco_ios_xe_rce (CVE-2023-20198 + CVE-2023-20273)
 2025-03-27 16:51:16 -07:00
cgranleese-r7 d38dd96861 Renames LDAP datastore options 2025-03-25 17:07:25 +00:00
Spencer McIntyre 02e3a55570 Catch additional exceptions for failures 2025-03-21 12:02:23 -04:00
Spencer McIntyre 2e842179b7 Merge pull request #19757 from smashery/cms_refactor 
Refactor Cms ASN.1 definitions
 2025-03-19 13:38:34 -04:00
Christophe De La Fuente f8760a9e3b Update from code review 2025-03-14 15:28:39 +01:00
Christophe De La Fuente d4fd890fed Add the smb_to_ldap relay module and documentation 2025-03-14 15:28:39 +01:00
Ashley Donaldson d47ec03ca7 Refactor CMS data structures used in pkinit functionality 2025-03-14 10:42:32 +11:00
jheysel-r7 c3ffdb12f5 Merge pull request #19946 from zeroSteiner/feat/mod/relay/ms08-068-warning 
Add a warning for MS08-068 when applicable
 2025-03-05 11:11:20 -08:00
Spencer McIntyre 0116d0c04b Actually count the hosts 
RangeWalker handles many more formats for specifying multiple hosts, so
simply checking for a space is insufficient.
 2025-03-05 13:44:33 -05:00
Spencer McIntyre b43dc8be08 Switch relay modules, add ESC8 check method 2025-03-05 13:44:33 -05:00
Spencer McIntyre dbce82416c Add a warning for MS08-068 when applicable 2025-03-05 13:31:26 -05:00
Diego Ledda 54465f30f2 Land #19917, Add NIST SP 800 Crypto Primitives 
Land #19917, Add NIST SP 800 Crypto Primitives
 2025-03-04 17:50:01 +01:00
sfewer-r7 60a496eec9 bugfix the URI to work as expected for both HTTP and HTTPS, also some appliences (C8000v) need the _http portion of this URI path to be cchanges from all lowercase for CVE-2023-20198 to work as expected. 2025-03-03 20:20:26 +00:00
Spencer McIntyre 11818c2812 Switch to using Rex's Crypto module 2025-02-27 10:52:09 -05:00
Diego Ledda 7e0b3af790 Land #19879, Add MsDtypSecurityDescriptor to_sddl_text 
Land #19879, Add MsDtypSecurityDescriptor to_sddl_text
 2025-02-27 15:28:27 +01:00
Diego Ledda 8dd032e529 Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin 
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin
 2025-02-25 13:14:18 +01:00
Spencer McIntyre 3487b485e9 Fix an API change from an old commit (#19880) 2025-02-25 10:15:33 +00:00
h00die-gr3y 79411eace8 added code sugesstions from dledda-r7 2025-02-24 15:51:32 +00:00
h00die-gr3y ece33ee8ec added documentation 2025-02-23 09:54:26 +00:00
H00die.Gr3y b3a5da976b Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-02-22 10:35:45 +01:00
h00die-gr3y 47a2079d19 initial module and laravel crypto killer mixin 2025-02-21 18:09:28 +00:00
Spencer McIntyre c9dc97c242 Update some modules to print the SDDL 2025-02-13 17:19:43 -05:00
Martin Sutovsky dfb1ed6d30 Land #19842, fixing jtr_format for NTLM hashes 2025-02-07 13:24:10 +01:00
jheysel-r7 6232463701 Merge pull request #19835 from cdelafuente-r7/fix/kerberos/ticket_lookup 
Kerberos ticket lookup fix
 2025-01-28 13:01:05 -08:00
Jack Heysel 8e68d1d5f2 Fixed spacing 2025-01-28 10:40:13 -08:00
Jack Heysel 9d50fb66bc Fix jtr_format assignment in HashCapture module 2025-01-28 10:14:36 -08:00
Stephen Fewer 4c0f407b39 favor SecureRandom.bytes over Rex::Text.rand_text_alphanumeric 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2025-01-24 16:15:16 +00:00
sfewer-r7 de6b14e506 change how a Sec-WebSocket-Key is computed to make connect_ws be spec compliant 2025-01-24 14:46:52 +00:00
Christophe De La Fuente 25bd5d736c Fix comparision case for service name hostname 2025-01-24 14:26:58 +01:00
jheysel-r7 f7554d2467 Update lib/msf/core/exploit/remote/ms_icpr.rb 2025-01-16 09:36:30 -08:00
jheysel-r7 b5a116f85e Update lib/msf/core/exploit/remote/ms_icpr.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2025-01-16 09:25:33 -08:00
Jack Heysel 42abf6be5b Fix icpr_cert to error when ESC15 is patched 2025-01-13 17:51:21 -08:00
adfoster-r7 31930f47dd Merge pull request #19700 from jheysel-r7/fix_send_request_cgi_bang 
Fix query param in reconfig_redirect_opts!
 2024-12-11 23:30:51 +00:00