7776588577
Address PR #20768 review feedback
...
- gladinet.rb: Fix machineKey regex to match decryptionKey then validationKey explicitly
- gladinet.rb: Remove DEFAULT_WEB_CONFIG_PATH constant, inline in each module's datastore option
- gladinet_storage_access_ticket_forge.rb: Inline version check
- gladinet_storage_access_ticket_forge.rb: Inline FILEPATH default value (with C:\ for absolute path)
- gladinet_storage_lfi_cve_2025_11371.rb: Inline version check
- gladinet_storage_lfi_cve_2025_11371.rb: Inline valid_response? method (removed)
- gladinet_storage_lfi_cve_2025_11371.rb: Inline FILEPATH default value (without C:\, stripped by build_lfi_path)
- gladinet_storage_lfi_cve_2025_11371.rb: Use vars_get with encode_params instead of manual URL building
- gladinet_viewstate_deserialization: Remove nil fallback (mandatory option with default)
- gladinet_viewstate_deserialization: Remove DEFAULT_MACHINE_KEY constant, inline in datastore option
- gladinet_viewstate_deserialization: Remove duplicate detect_app_type/extract_build_version (already in shared lib)
Note: Suggestion to rename gladinet? to is_gladinet? was NOT applied.
msftidy enforces Naming/PredicatePrefix convention which requires predicate
methods to NOT have 'is_' prefix (gladinet? is correct, is_gladinet? is not).
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2026-02-04 08:38:35 +01:00
628c5ee7af
Update Gladinet modules: fix AutoCheck in auxiliary modules and update documentation with real outputs
2026-02-04 08:38:32 +01:00
478345506e
Add Gladinet CentreStack/Triofox auxiliary modules and exploit
2026-02-04 08:38:31 +01:00
e55d22a7cd
Merge pull request #20739 from cdelafuente-r7/add_mitre_tech_kerb_unconst_deleg
...
Add MITRE ATT&CK techniques to Kerberos and unconstrained delegation modules
2026-02-03 16:11:37 -05:00
0c0e290cc2
Code review 2
2026-02-03 21:53:05 +01:00
b85b2d4528
Add comments and remove T1077_WINDOWS_ADMIN_SHARES (deprecated)
2026-02-02 12:03:17 +01:00
f4a195b88a
persistence modules cleanup
2026-01-14 13:49:29 -05:00
e4f8d4fb13
Merge pull request #20706 from h00die/windows_wmi_persistence
...
Update windows wmi to persistence mixin
2026-01-14 09:37:20 -05:00
6731992ddd
fix ci pipeline
2026-01-14 08:26:11 -05:00
6491f74d9d
wmi persistence improvements
2026-01-11 07:25:13 -05:00
aa5fd40a19
add arch to windows modules and triggered execution attck to most persistence
2026-01-09 16:21:08 -05:00
52ad17690f
add arch to windows modules and triggered execution attck to most persistence
2026-01-09 16:21:07 -05:00
ae4a5ac986
Merge pull request #20786 from zeroSteiner/feat/lib/mod-merge-target-info
...
Merge target info into the module info
2026-01-08 18:01:14 -08:00
bb98e855e1
Merge pull request #20751 from h00die/sticky_keys
...
update windows sticky keys to persistence mixin
2026-01-08 16:44:04 -08:00
428f31fdd3
review for wmi persistence
2026-01-06 16:36:05 -05:00
2f4db3bd5f
review for wmi persistence
2026-01-05 17:06:17 -05:00
2b85112a36
fix panda local privesc refs
2025-12-27 09:09:19 -05:00
5ac586a788
Update modules/exploits/windows/persistence/assistive_technology.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2025-12-19 14:52:34 -05:00
d15d4ca5dc
.exe guard clause for assistive_tech persistence
2025-12-18 16:17:50 -05:00
76b7c82092
Fix a CI failure
2025-12-18 10:33:35 -05:00
602adeb4c5
Mass rubocop changes
2025-12-18 10:08:31 -05:00
d4b196b309
Update exploits to note target authors
...
Target authors were selected based on comments that indicated that the
author was only responsible for a set of descrete targets. Authors that
were noted as assisting with target testing, check module development,
etc. were left at the module level.
2025-12-17 17:30:16 -05:00
8945267db6
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
f18bdb12b2
remove writabledir from wmi persistence
2025-12-08 15:41:16 -05:00
54d47e72ab
sticky keys description update
2025-12-07 07:40:54 -05:00
bd48eda8b2
rename sticky keys module
2025-12-07 07:38:41 -05:00
a2f266068b
assistive technology persistence
2025-12-06 13:05:32 -05:00
54718c7a12
sticky keys as persistence
2025-12-05 07:07:30 -05:00
98dd33a3cd
Remove CAIN
2025-12-03 15:42:57 -05:00
d3ae3e5556
wmi persistence docs
2025-11-30 10:51:45 -05:00
a392283b1e
Add techniques related to unconstrained delegation modules
2025-11-28 19:17:03 +01:00
45250497d5
wmi uptime persistence
2025-11-22 09:13:01 -05:00
21777b8969
Merge pull request #20685 from msutovsky-r7/persistence/windows/notepad++_persistence
...
Adds notepad++ persistence module for Windows
2025-11-21 14:28:28 -06:00
098af341f9
Fix payload name escaping
2025-11-21 13:04:52 +01:00
3251560ebc
wmi interval
2025-11-20 18:52:22 -05:00
bb728c44d7
Merge pull request #20560 from cdelafuente-r7/feat/mitre/T1021
...
Add T1021 "Remote Services" MITRE technique and sub-technique references
2025-11-20 11:19:31 -06:00
d904a526ee
Shamefully removes pry and pry-byebug
2025-11-20 17:08:28 +01:00
e2097ee1bc
Land #20701 , adds windows WSL registry persistence module
...
Windows WSL registry persistence
2025-11-20 15:15:22 +01:00
abaa4e6c7a
Fixes cmd_exec call
2025-11-20 11:27:34 +01:00
9ff3f94bc9
review comments for wsl persistence
2025-11-19 17:37:55 -05:00
179a545312
Remove false positive references
2025-11-19 17:34:15 +01:00
554c952d06
Adds payload name escaping
2025-11-19 15:58:30 +01:00
6957f73bf5
Adds architecture match check
2025-11-19 08:12:30 +01:00
2d41323e78
event_log working
2025-11-18 19:40:03 -05:00
58f29548b3
review for windows/persistence/wsl/registry
2025-11-18 18:50:07 -05:00
3209fdc937
remove old file
2025-11-17 19:03:55 -05:00
7c8fbd1672
rework windows service persistence
2025-11-17 19:02:54 -05:00
a0222d0783
rework windows service persistence
2025-11-17 19:02:53 -05:00
1ad89ef1ef
rewriting service
2025-11-17 19:02:53 -05:00
06f5c89bf4
throw this away
2025-11-17 19:02:53 -05:00
Valentin Lobstein