adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,215 Commits 27 Branches 1,043 Tags
fc3b08fb8b97539d016878eb774df28362c444e3
Commit Graph

4998 Commits

Author SHA1 Message Date
Nuri Çilengir fc3b08fb8b Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:51:40 +00:00
Nuri Çilengir 420e67aca9 Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:24:43 +00:00
Nuri Çilengir 628f5970b1 Apply suggestions from code review 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-07-22 12:24:26 +00:00
Nuri Çilengir 135a25be4d Tested and fixed problems 2022-07-21 11:42:18 +00:00
Grant Willcox 336a1feaf7 Fix up naming of module and documentation and fix most of the RuboCop and formatting errors 2022-07-19 15:44:52 -05:00
Nuri Çilengir d2769ef82b Add Roxy-WI exec 2022-07-19 21:08:45 +03:00
Spencer McIntyre ebb15ee9e7 Land #16598, Add in LDAP Query Module 2022-07-19 09:51:00 -04:00
bwatters e3e6afbaa3 Land #16753, ms03_007_ntdll_webdav: Cleanup and add additional offsets 
Merge branch 'land-16753' into upstream-master
 2022-07-19 08:48:06 -05:00
Jack Heysel 2af8042bfa Land #16761, clean up ms01_023_printer 
Adds additional offsets for various Windows 2000 targets.
Replaces raw socket TCP with HttpClient. This works fine in testing.
Fixes default payload, adds docs and notes.
 2022-07-16 17:56:59 -04:00
Jack Heysel 77be219bc2 Land #16754, add offsets to ms02_065 
Adds additional offsets for various Windows 2000
Professional targets, adds  docs, fixes default
payload and resolves rubocop violations.
 2022-07-16 16:43:47 -04:00
Grant Willcox 2a8d95c121 Default to having a near empty custom file so that we can still update the default queries without issues vs preventing updates from occuring. If users want to override the defaults, then they accept the risk of not getting updates. Update documentation to also note this. 2022-07-15 16:29:12 -05:00
Grant Willcox 2d1acc0369 Refactor code and also add in proper fail_with error codes where needed. Also fix up module and documentation descriptions to be a bit clearer. 2022-07-15 16:29:01 -05:00
Grant Willcox 03ebbaf2d0 Add in RUN_SINGLE_QUERY and associated options, and then update the code and documentation accordingly. This will allow users to run single queries with associated attribute filters if they want to test out single queries at a time without changing YAML files 2022-07-15 16:29:00 -05:00
Grant Willcox 67cf39f4b9 Update documentation to include RUN_QUERY_FILE example. 2022-07-15 16:28:55 -05:00
Grant Willcox 8c236e789e Rename files to follow proper format. Add in documentation for examples. Then update code so we use Msf::Config.get_config_root to store the config file that we parse to get the actions outside of a Git tracked location. We will still use the default file to populate this non-git tracked location if its not already populated though. 2022-07-15 16:28:43 -05:00
Grant Willcox 65b9e1cb13 Push initial copy of work up 2022-07-15 16:27:56 -05:00
Jack Heysel 662c8bbd87 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 14:00:43 -04:00
Jack Heysel 8f3a0e3856 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 12:11:02 -04:00
Jack Heysel 819d1fa2dd Land #16762, Sourcegraph RCE module 
This module exploits a vuln in the gitserver
component of sourcegraph that results in OS
command execution in the context of gitserver.
 2022-07-13 10:09:06 -04:00
npm-cesium137-io 9a6013b153 citrix_netscaler_config_decrypt refinements 
Refactor error handling when composing KEK fragments to be more
streamlined.

Various tweaks and optimizations.

Updates to documentatation.
 2022-07-13 08:36:18 -04:00
npm-cesium137-io 3f52cc80a2 Update documentation/modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.md 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-07-13 07:57:06 -04:00
Jack Heysel 52fd45b7ab Land #16744 Jboss EAP/AS RCE module 
This module exploits a Java deserialization vulnerability
in JBOSS EAP/AS Remoting Unified Invoker interface for
versions 6.1.0 and prior.
 2022-07-12 10:49:22 -04:00
Spencer McIntyre 63734832b2 Add sourcegraph RCE module docs 2022-07-08 17:27:27 -04:00
Spencer McIntyre 27ad62c964 Add a decent check method 2022-07-08 16:40:42 -04:00
bcoles 83bc954e9d ms01_023_printer: cleanup; use HttpClient; add additional targets 2022-07-09 01:36:10 +10:00
Heyder Andrade d6b6f47b09 change doc file 2022-07-08 02:36:18 +02:00
space-r7 f958b0a053 Land #16738, correct CVE/lint for weblogic module 2022-07-07 18:08:13 -05:00
Jack Heysel 4da72a9b01 Land #16735, Fix defaults for aerohive module 
This change sets the MeterpreterTryToFork advanced
payload option to true by default for the Linux target
in the aerohive_netconfig_lfi_log_poison_rce module.
 2022-07-07 16:21:56 -04:00
Jack Heysel 6db340508f Land #16703, add Censys API v2 functionality 
This PR updates the censys_search.rb module to also
make use of the v2 API functionality
 2022-07-07 13:09:31 -04:00
Erik Wynter 3ad42dd153 change option names to H3 for weblogic_deserialize_asyncresponseservice docs 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-07-07 19:04:26 +03:00
bcoles 3f63f9fcd1 ms02_065_msadc: Cleanup and add additional offsets 2022-07-08 00:26:02 +10:00
bcoles 7d111938d5 ms03_007_ntdll_webdav: Cleanup and add additional offsets 2022-07-07 20:31:57 +10:00
space-r7 debf619968 Land #16733, add dfscoerce scanner module 2022-07-06 18:18:00 -05:00
Spencer McIntyre f7209bfc75 Land #16724, Modernize ms01_026_dbldecode 
Use HttpClient; remove meterpreter code; fix stager
 2022-07-05 09:36:58 -04:00
Heyder Andrade bbf56c7f4c Delete jboss_remoting_unified_invoker.md 2022-07-05 00:33:30 +02:00
Heyder Andrade 1ccc91d23c Rename doc file 2022-07-05 00:25:56 +02:00
Heyder Andrade b8834e1534 Added documentation 2022-07-05 00:19:17 +02:00
Christophe De La Fuente 066d01b7b2 Rework censys_search module to use Censys Search API v2 2022-07-04 17:19:16 +02:00
npm-cesium137-io 789397a445 citrix_netscaler_config_decrypt tweaks 
Minor code tweaks and updates to documentation
 2022-07-03 08:21:58 -04:00
bcoles 04aa05faa2 ms01_026_dbldecode: Use HttpClient; remove meterpreter code; fix stager 2022-07-03 18:22:55 +10:00
Christophe De La Fuente b40dd95d4f Land #16723, Add FreeSwitch Login auxiliary module 2022-07-01 16:57:34 +02:00
kalba-security 12522d1407 fix cve in weblogic_deserialize_asyncresponseservice docs and run msftidy_docs 2022-07-01 10:34:27 -04:00
kalba-security b56242c7a2 enable MeterpreterTryToFork by default for aerohive_netconfig_lfi_log_poison_rce 2022-07-01 06:15:13 -04:00
krastanoel e944196c5c Update documentation 2022-07-01 12:29:17 +07:00
Spencer McIntyre c67432b20d Add the documentation for dfscoerce 2022-06-30 17:25:32 -04:00
Christophe De La Fuente 0d19e47b8d Land #16677, Add module for adding/deleting computers via MS-SAMR 2022-06-30 12:12:26 +02:00
krastanoel a2949c7555 Fix documentation warning 2022-06-30 11:51:03 +07:00
Spencer McIntyre 1b7d8f1e74 Fix a whitespace issue, restore option naming 2022-06-29 12:24:29 -04:00
Spencer McIntyre 41ba2d263b Address PR feedback 
Simplify the application_key usage, update docs and catch another
exception.
 2022-06-28 11:53:05 -04:00
krastanoel da63fbbad4 Add FreeSwitch Login auxiliary module 2022-06-28 20:13:24 +07:00