adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,215 Commits 27 Branches 1,043 Tags
fc3b08fb8b97539d016878eb774df28362c444e3
Commit Graph

67215 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nuri Çilengir fc3b08fb8b Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:51:40 +00:00
Nuri Çilengir 420e67aca9 Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:24:43 +00:00
Nuri Çilengir 628f5970b1 Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:24:26 +00:00
Grant Willcox e91beedc4a Rubocop fixes 2022-07-21 17:01:56 -05:00
Nuri Çilengir ebe61b50a7 Fixed parameter quotes 2022-07-21 12:25:29 +00:00
Nuri Çilengir 135a25be4d Tested and fixed problems 2022-07-21 11:42:18 +00:00
Nuri Çilengir d23c175f28 Added AutoCheck and CmdStager 2022-07-21 11:39:58 +00:00
Grant Willcox a7b379f292 Fix up check code segment that would never be reached due to if/else statement above 2022-07-19 16:03:44 -05:00
Grant Willcox 59ea337c6b Fix up CVE format, add in Notes section 2022-07-19 15:58:11 -05:00
Grant Willcox 336a1feaf7 Fix up naming of module and documentation and fix most of the RuboCop and formatting errors 2022-07-19 15:44:52 -05:00
Nuri Çilengir d2769ef82b Add Roxy-WI exec 2022-07-19 21:08:45 +03:00
Metasploit e1bb088ddb automatic module_metadata_base.json update 2022-07-19 09:31:40 -05:00
Spencer McIntyre ebb15ee9e7 Land #16598, Add in LDAP Query Module 2022-07-19 09:51:00 -04:00
bwatters e3e6afbaa3 Land #16753, ms03_007_ntdll_webdav: Cleanup and add additional offsets 
Merge branch 'land-16753' into upstream-master
 2022-07-19 08:48:06 -05:00
Spencer McIntyre 2eaccd657f Use an OptPath for QUERY_FILE_PATH 
This adds tab completion and an extra check to make sure it exists.
 2022-07-19 09:48:03 -04:00
Grant Willcox dcd4caf977 Remove excess error handling that was causing issues 2022-07-19 08:10:53 -05:00
Metasploit f043b121b3 automatic module_metadata_base.json update 2022-07-16 17:26:03 -05:00
Jack Heysel 2af8042bfa Land #16761, clean up ms01_023_printer 
Adds additional offsets for various Windows 2000 targets.
Replaces raw socket TCP with HttpClient. This works fine in testing.
Fixes default payload, adds docs and notes.
 2022-07-16 17:56:59 -04:00
Jack Heysel 5fd4c6c306 Land #16754, fix merge conflicts 2022-07-16 17:43:27 -04:00
jheysel-r7 adecb0d94b Merge branch 'master' into ms02_065_msadc 2022-07-16 17:26:23 -04:00
Metasploit e7e3ea1a31 automatic module_metadata_base.json update 2022-07-16 16:06:17 -05:00
Jack Heysel 77be219bc2 Land #16754, add offsets to ms02_065 
Adds additional offsets for various Windows 2000
Professional targets, adds  docs, fixes default
payload and resolves rubocop violations.
 2022-07-16 16:43:47 -04:00
Spencer McIntyre 25f50e607c Reduce code, be more permissive 
This makes a few changes that should enable the module to function
better should it be dropped into a fresh MSF installation on its own.
 2022-07-15 16:29:17 -05:00
Grant Willcox 2a8d95c121 Default to having a near empty custom file so that we can still update the default queries without issues vs preventing updates from occuring. If users want to override the defaults, then they accept the risk of not getting updates. Update documentation to also note this. 2022-07-15 16:29:12 -05:00
Grant Willcox 1e05630d26 Make sure that we load ACTIONs from the user's custom file at startup if they have changed anything or added any new ACTIONs 2022-07-15 16:29:12 -05:00
Grant Willcox 2d1acc0369 Refactor code and also add in proper fail_with error codes where needed. Also fix up module and documentation descriptions to be a bit clearer. 2022-07-15 16:29:01 -05:00
Grant Willcox 03ebbaf2d0 Add in RUN_SINGLE_QUERY and associated options, and then update the code and documentation accordingly. This will allow users to run single queries with associated attribute filters if they want to test out single queries at a time without changing YAML files 2022-07-15 16:29:00 -05:00
Grant Willcox 67cf39f4b9 Update documentation to include RUN_QUERY_FILE example. 2022-07-15 16:28:55 -05:00
Grant Willcox 32e5884589 Update error description to be more helpful when debugging. Also update DefaultAction to default to first entry in the list or RUN_QUERY_FILE if no other action is available 2022-07-15 16:28:50 -05:00
Grant Willcox c5f2507ee0 Fix up usage of the word columns where attributes was more appropriate. Also update the multi query logic to match new data format as it was broken before as a result of changes to file format. Finally remove extra parameters that are no longer needed. 2022-07-15 16:28:43 -05:00
Grant Willcox 8c236e789e Rename files to follow proper format. Add in documentation for examples. Then update code so we use Msf::Config.get_config_root to store the config file that we parse to get the actions outside of a Git tracked location. We will still use the default file to populate this non-git tracked location if its not already populated though. 2022-07-15 16:28:43 -05:00
Grant Willcox 3c56e272a1 Remove default actions and move them to default.yaml, then update code accordingly. Also update the initialization code so it will now load the possible actions dynamically from default.yaml. 2022-07-15 16:28:37 -05:00
Grant Willcox 438b4b1bf8 Rework the logic for output and make it a lot neater. Also redo the query logic thanks to help from Alan David Foster so the query itself will specify what fields we need vs us having to manually filter this out later on. Makes it a lot quicker and easier to work with 2022-07-15 16:28:31 -05:00
Grant Willcox 2a1a8aa632 Add in CSV reporting formatting thanks to some help from Alan David Foster 2022-07-15 16:28:30 -05:00
Grant Willcox d4809219b9 Add in JSON output option 2022-07-15 16:28:23 -05:00
Grant Willcox 515bfd296e Add in YAML query file implementation 2022-07-15 16:28:23 -05:00
Grant Willcox 65b9e1cb13 Push initial copy of work up 2022-07-15 16:27:56 -05:00
adfoster-r7 1b5e172f29 Land #16772, Add FtpHttp command stager - bump rex-exploitation gem from 0.1.31 to 0.1.33 2022-07-15 09:55:21 +01:00
space-r7 f8101aa8e4 bump rex-exploitation gem from 0.1.31 to 0.1.33 2022-07-14 17:23:49 -05:00
Metasploit fde4d4ae22 Bump version of framework to 6.2.8 2022-07-14 12:09:54 -05:00
Jeffrey Martin c675c104d3 LAnd #16771, Fix msfconsole crashing with openssl3 6.2.7 2022-07-14 11:06:48 -05:00
bcoles 59685f82f8 ms02_065_msadc: Cleanup and add additional offsets 2022-07-15 00:15:56 +10:00
adfoster-r7 1103f525a6 Stop msfconsole crashing with openssl3 2022-07-14 12:05:01 +01:00
Metasploit 346cbc287f automatic module_metadata_base.json update 2022-07-13 13:23:11 -05:00
Jack Heysel 662c8bbd87 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 14:00:43 -04:00
Metasploit d8cc88a8cd automatic module_metadata_base.json update 2022-07-13 11:42:20 -05:00
Jack Heysel 8f3a0e3856 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 12:11:02 -04:00
Metasploit b596a2f59c automatic module_metadata_base.json update 2022-07-13 09:37:15 -05:00
Jack Heysel 819d1fa2dd Land #16762, Sourcegraph RCE module 
This module exploits a vuln in the gitserver
component of sourcegraph that results in OS
command execution in the context of gitserver.
 2022-07-13 10:09:06 -04:00
npm-cesium137-io 9a6013b153 citrix_netscaler_config_decrypt refinements 
Refactor error handling when composing KEK fragments to be more
streamlined.

Various tweaks and optimizations.

Updates to documentatation.
 2022-07-13 08:36:18 -04:00