adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,215 Commits 27 Branches 1,043 Tags
fc3b08fb8b97539d016878eb774df28362c444e3
Commit Graph

10581 Commits

Author SHA1 Message Date
Spencer McIntyre 2eaccd657f Use an OptPath for QUERY_FILE_PATH 
This adds tab completion and an extra check to make sure it exists.
 2022-07-19 09:48:03 -04:00
Grant Willcox dcd4caf977 Remove excess error handling that was causing issues 2022-07-19 08:10:53 -05:00
Spencer McIntyre 25f50e607c Reduce code, be more permissive 
This makes a few changes that should enable the module to function
better should it be dropped into a fresh MSF installation on its own.
 2022-07-15 16:29:17 -05:00
Grant Willcox 2a8d95c121 Default to having a near empty custom file so that we can still update the default queries without issues vs preventing updates from occuring. If users want to override the defaults, then they accept the risk of not getting updates. Update documentation to also note this. 2022-07-15 16:29:12 -05:00
Grant Willcox 1e05630d26 Make sure that we load ACTIONs from the user's custom file at startup if they have changed anything or added any new ACTIONs 2022-07-15 16:29:12 -05:00
Grant Willcox 2d1acc0369 Refactor code and also add in proper fail_with error codes where needed. Also fix up module and documentation descriptions to be a bit clearer. 2022-07-15 16:29:01 -05:00
Grant Willcox 03ebbaf2d0 Add in RUN_SINGLE_QUERY and associated options, and then update the code and documentation accordingly. This will allow users to run single queries with associated attribute filters if they want to test out single queries at a time without changing YAML files 2022-07-15 16:29:00 -05:00
Grant Willcox 32e5884589 Update error description to be more helpful when debugging. Also update DefaultAction to default to first entry in the list or RUN_QUERY_FILE if no other action is available 2022-07-15 16:28:50 -05:00
Grant Willcox c5f2507ee0 Fix up usage of the word columns where attributes was more appropriate. Also update the multi query logic to match new data format as it was broken before as a result of changes to file format. Finally remove extra parameters that are no longer needed. 2022-07-15 16:28:43 -05:00
Grant Willcox 8c236e789e Rename files to follow proper format. Add in documentation for examples. Then update code so we use Msf::Config.get_config_root to store the config file that we parse to get the actions outside of a Git tracked location. We will still use the default file to populate this non-git tracked location if its not already populated though. 2022-07-15 16:28:43 -05:00
Grant Willcox 3c56e272a1 Remove default actions and move them to default.yaml, then update code accordingly. Also update the initialization code so it will now load the possible actions dynamically from default.yaml. 2022-07-15 16:28:37 -05:00
Grant Willcox 438b4b1bf8 Rework the logic for output and make it a lot neater. Also redo the query logic thanks to help from Alan David Foster so the query itself will specify what fields we need vs us having to manually filter this out later on. Makes it a lot quicker and easier to work with 2022-07-15 16:28:31 -05:00
Grant Willcox 2a1a8aa632 Add in CSV reporting formatting thanks to some help from Alan David Foster 2022-07-15 16:28:30 -05:00
Grant Willcox d4809219b9 Add in JSON output option 2022-07-15 16:28:23 -05:00
Grant Willcox 515bfd296e Add in YAML query file implementation 2022-07-15 16:28:23 -05:00
Grant Willcox 65b9e1cb13 Push initial copy of work up 2022-07-15 16:27:56 -05:00
Jack Heysel 662c8bbd87 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 14:00:43 -04:00
Jack Heysel 8f3a0e3856 Land #16742, add NetScaler decrypt aux module 
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
 2022-07-13 12:11:02 -04:00
npm-cesium137-io 9a6013b153 citrix_netscaler_config_decrypt refinements 
Refactor error handling when composing KEK fragments to be more
streamlined.

Various tweaks and optimizations.

Updates to documentatation.
 2022-07-13 08:36:18 -04:00
npm-cesium137-io 443920850c Update modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-07-13 07:56:41 -04:00
npm-cesium137-io d227f0aaa2 Update modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-07-13 07:56:12 -04:00
Spencer McIntyre 781597bc0e Land #16617, fix race condition in short ranges 2022-07-08 09:56:51 -04:00
Jack Heysel 6db340508f Land #16703, add Censys API v2 functionality 
This PR updates the censys_search.rb module to also
make use of the v2 API functionality
 2022-07-07 13:09:31 -04:00
space-r7 debf619968 Land #16733, add dfscoerce scanner module 2022-07-06 18:18:00 -05:00
Christophe De La Fuente 066d01b7b2 Rework censys_search module to use Censys Search API v2 2022-07-04 17:19:16 +02:00
npm-cesium137-io 789397a445 citrix_netscaler_config_decrypt tweaks 
Minor code tweaks and updates to documentation
 2022-07-03 08:21:58 -04:00
yvain 8bd0be9837 msftidy pass. 2022-07-02 19:43:41 +02:00
yvain f2419785ba implemented certificates search as an option. 2022-07-02 19:02:25 +02:00
Christophe De La Fuente b40dd95d4f Land #16723, Add FreeSwitch Login auxiliary module 2022-07-01 16:57:34 +02:00
Christophe De La Fuente 9de7411723 Land #16704, Fix bad loop terminator checks and data checks in memcached_extractor.rb 2022-07-01 16:36:56 +02:00
krastanoel 2e63a5b48c setting stop_on_success attribute to true 
this attribute is needed by LoginScanner module but will have no effect
 2022-07-01 12:22:31 +07:00
krastanoel cdc6fe471f Use safe navigation operator instead of rescue 2022-07-01 12:06:38 +07:00
yvain 1856baf4b9 censys host search will output certificates to be used with certificates search. 2022-07-01 06:35:09 +02:00
Spencer McIntyre 60da336ad4 Fix a silly typo 2022-06-30 17:38:30 -04:00
Spencer McIntyre 7e35f42eeb Finish up error handling for dfscoerce 2022-06-30 17:15:21 -04:00
Spencer McIntyre 7a982a2c83 Report ACCESS_DENIED as success 
If the listener that handles the incoming connection request replies
with STATUS_ACCESS_DENIED, the API will return ERROR_ACCESS_DENIED to
the caller. This is the behavior of Metasploit's capture module as well
as Responder.
 2022-06-30 15:16:11 -04:00
Spencer McIntyre 81ab873d6c Add petitpotam error handling 2022-06-30 15:12:23 -04:00
Spencer McIntyre 43629a3960 Add the initial dfscoerce module 2022-06-30 15:00:52 -04:00
Christophe De La Fuente 0d19e47b8d Land #16677, Add module for adding/deleting computers via MS-SAMR 2022-06-30 12:12:26 +02:00
krastanoel 738aa7ac0a Deregister STOP_ON_SUCCESS 2022-06-30 11:42:50 +07:00
krastanoel f81e4d5dde use autocheck module and rescue in case the user use ForceExploit against unknown service 2022-06-30 11:38:20 +07:00
NikitaKovaljov 9b909131ff added datastore[TIMEOUT] options to line 77 2022-06-29 21:02:26 +03:00
yvain d14e610230 forgot to push this 2022-06-28 19:38:47 +02:00
Spencer McIntyre 41ba2d263b Address PR feedback 
Simplify the application_key usage, update docs and catch another
exception.
 2022-06-28 11:53:05 -04:00
krastanoel da63fbbad4 Add FreeSwitch Login auxiliary module 2022-06-28 20:13:24 +07:00
yvain fae64d5e9b passes bot tests for merge 2022-06-23 17:27:47 +02:00
yvain e5f0378146 Web request to cencys updated. 
a few modifications in how we handle the data.
 2022-06-23 17:20:09 +02:00
Grant Willcox 5b6d9538cd Move a send outside of the loop so we can keep reading data vs sending and recieving only the first 4096 bytes of data and then executing the query again 2022-06-22 19:44:53 -05:00
Grant Willcox 477db20c04 Fix bad loop terminator checks and data checks 2022-06-22 17:47:22 -05:00
yvain 938090dacb cencys 2022-06-22 23:01:11 +02:00