adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,215 Commits 27 Branches 1,043 Tags
fc3b08fb8b97539d016878eb774df28362c444e3
Commit Graph

2701 Commits

Author SHA1 Message Date
bcoles 39f288bfe3 Rex::Proto::Http: Add evasion options to shuffle GET / POST parameters 2022-07-11 01:37:41 +10:00
bcoles 66009ca5e5 Exploit::CmdStager: Expose CMDSTAGER::URIPATH option for HTTP stagers 2022-06-25 23:49:47 +10:00
Grant Willcox b10386ba08 Land #16650, Add #read_from_file for MSSQL and PostgreSQL, fix the MySQL implementation 2022-06-17 14:58:22 -05:00
Redouane NIBOUCHA d47d1bc259 Remove newlines from base64 output on MySQL also 2022-06-17 00:51:52 +02:00
Grant Willcox 63822f6e37 Land #16651, [SQLi library] Ensure the encoder is always used in the #test_vulnerable methods 2022-06-08 17:15:22 -05:00
Redouane NIBOUCHA 88036a7f1f Check for nil before using the decoder in test_vulnerable 2022-06-08 22:00:03 +02:00
Jack Heysel 67ea2bc23c Land #16630 Fix duplicate ntlm hash storage 
Net-NTLM (v1 and v2) hashes were being duplicated when
stored in the database due to the unique data in the challenge
dispite being the same. This fixes that issue
 2022-06-08 14:07:34 -04:00
jheysel-r7 1a7cbe5b4f Update lib/msf/core/exploit/remote/smb/server/hash_capture.rb 2022-06-08 13:45:57 -04:00
Grant Willcox a983bbd8ba Land #16615, Solicited multicast-address creation bugfix 2022-06-07 14:41:52 -05:00
jheysel-r7 2b99967d0c Merge branch 'master' into fix/duplicate-netntlm 2022-06-07 11:42:51 -04:00
Redouane NIBOUCHA 5331c343a0 Use the encoder in all the #test_vulnerable methods from the common class 2022-06-06 23:13:26 +02:00
Redouane NIBOUCHA 6d9c789f4d Add method #read_from_file for MSSQL and PostgreSQL, and update the MySQL #read_from_file method 2022-06-06 23:07:25 +02:00
Jack Heysel 8ccc1ebf91 Land PR #16628, Log ntlm_session hashes 
This PR fixes the logging and storing of
NTLM session hashes
 2022-06-02 11:20:37 -04:00
space-r7 6d3ccab1be Land #16435, add Microsoft SQL Server sqli support 2022-06-01 10:27:48 -05:00
Spencer McIntyre a47b3fe694 Don't report duplicate Net-NTLM hashes 2022-05-27 14:13:06 -04:00
Spencer McIntyre 1e5f86703f Report the correct JtR type 2022-05-27 10:16:02 -04:00
Spencer McIntyre 862c6a94a2 Log ntlm_session hashes too 
Despite being called ntlm_session, these hashes are capable of being
cracked as the John 'netntlm' format. Additionally the format is
reported as NTLMv1-SSP in similar tools.
 2022-05-27 10:07:39 -04:00
NikitaKovaljov c33f284786 change from lambda to line by line logic 2022-05-24 16:24:15 +03:00
NikitaKovaljov 7f9ead454e bugfix of improper solicited address creation 2022-05-23 15:25:53 +03:00
Spencer McIntyre 19a9ff1198 Update a couple of modules for the new SMB server 2022-05-16 14:39:45 -04:00
Spencer McIntyre e0b9002238 Fix an SMB relay bug 2022-05-16 14:39:45 -04:00
Spencer McIntyre f14f8da1df Use the new thread_factory 2022-05-16 14:39:45 -04:00
Spencer McIntyre b79b550d6c Centralize the log adapter 
This should eventually be updated to map the levels to the framework
logger and appropriate module-print_* function.
 2022-05-16 14:39:45 -04:00
Spencer McIntyre 7c15b144c4 Update the SMB capture server 2022-05-16 14:39:44 -04:00
Spencer McIntyre 22993e910e Move server code into the server mixin 2022-05-16 14:39:44 -04:00
Spencer McIntyre c39fd87073 Finish removing unneeded server code 2022-05-16 14:39:44 -04:00
Spencer McIntyre 475f6eee8c Capture hash when serving files over SMB 2022-05-16 14:39:44 -04:00
Spencer McIntyre d740786211 Add the on_client_connect callback 
Also update the group_policy_startup module.
 2022-05-16 14:39:44 -04:00
Spencer McIntyre 317516d90f Enable guest access 2022-05-16 14:39:44 -04:00
Spencer McIntyre 882bcf08f7 Fix bugs when stopping the service 2022-05-16 14:39:44 -04:00
Spencer McIntyre 09dc65eb6a Remove the FILE_CONTENTS datastore option 
None of the 14 modules use this option, they all deregister it.
 2022-05-16 14:39:44 -04:00
Spencer McIntyre 63af7cdef7 Initial update to the RubySMB share server 2022-05-16 14:39:44 -04:00
Spencer McIntyre 013a819cff Out with the old 2022-05-16 14:39:44 -04:00
Spencer McIntyre 879591f686 Land #16499, Specify peer hostname for SNI 2022-05-16 14:21:57 -04:00
adfoster-r7 0196b6fa75 Land #16555, move duplicated retry_until_truthy code into centralized location 2022-05-16 18:31:57 +01:00
adfoster-r7 db694efd36 Improve relative redirect handling 2022-05-16 12:03:24 +01:00
Spencer McIntyre 1aceb71971 Rename the function to emphasize truthy 2022-05-13 09:16:01 -04:00
Spencer McIntyre 3d37f2f811 Change the timeout value to be nil 2022-05-13 09:14:23 -04:00
adfoster-r7 739c0fcad1 Specify peer hostname for ssl connections 2022-05-13 13:55:43 +01:00
dwelch-r7 c0c02e56ba Land #16430, Improve kerberos user enum module 2022-05-13 12:17:26 +01:00
Spencer McIntyre 05fcbd803e Add a new Retry mixin 2022-05-11 15:41:37 -04:00
Redouane NIBOUCHA 90937e6daa Address feedback from space-r7 2022-05-06 00:31:20 +02:00
dwelch-r7 a76600f4a9 Land #16462, add support for armle/aarch64 architectures 2022-05-03 15:48:50 +01:00
Brendan Coles 02d911e655 gdb_server_exec: Cleanup and add support for armle/aarch64 architectures 2022-04-25 19:25:06 +00:00
Redouane NIBOUCHA 87a21bd117 Add the MSSQL injection library 2022-04-22 06:19:36 +02:00
Jack Heysel 4417a335ff Land #16379, Make SSH defaults widely used 
Refactored a number of modules to use ssh_client_defaults
 2022-04-19 22:08:45 -07:00
Jack Heysel 0d3f50522d Land #16318 Add support to old KEX algorithms 
This commit fix the issue #16138 by adding
support to old key exchange algorithms in
the net/ssh lib by defining the
append_all_supported_algorithms to true.
 2022-04-14 11:29:39 -07:00
Jack Heysel 04f042ae47 Land #16221, a wordpress_scanner bug fix 
Adjust wordpress_url_rest_api definition to support
sites that don't place REST API under /index.php/
 2022-04-13 14:22:17 -07:00
Heyder Andrade 0eb9d68319 Added support to depecreted key exchange algorithms 2022-04-13 18:53:50 +02:00
adfoster-r7 a53be3184a Improving error handling of Kerberos 2022-04-08 20:48:10 +01:00