dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
73,454 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

73454 Commits

Author SHA1 Message Date
sfewer-r7 a5fb83d0e1
add in 2023.11.2 as tested on 2024-03-01 17:03:38 +00:00
sfewer-r7 9988117cca
rename with cve number 2024-03-01 16:42:59 +00:00
sfewer-r7 fa4a16df5e
add in cve number 2024-03-01 16:39:38 +00:00
sjanusz-r7 8184035d57 Show query help on empty query call 2024-03-01 11:33:13 +00:00
sjanusz-r7 82486e712c Early return on nil query result 2024-03-01 11:28:28 +00:00
sjanusz-r7 6b11cd4332 Fix tests broken by updating SQL prompt on DB change 2024-03-01 11:27:52 +00:00
sjanusz-r7 1b73044203 Correctly handle changing of databases and the query return values for SQL sessions 2024-03-01 11:27:52 +00:00
Metasploit 401cdca09b
automatic module_metadata_base.json update 2024-02-29 23:48:56 -06:00
Jack Heysel a73a7531a9
Land #18827, Add module for BoidCMS CVE-2023-38836 
This is an authenticated RCE against BoidCMS versions 2.0.0 and earlier.
The underlying issue is that the file upload check allows a php file to
be uploaded and executes as a media file if the GIF header is present in
the PHP file.
 2024-02-29 21:31:44 -08:00
Metasploit ee681cdb79
automatic module_metadata_base.json update 2024-02-29 17:20:20 -06:00
adfoster-r7 d4791f966b
Land #18904, change bloodhound OutputDirectory to OptString 2024-02-29 23:03:13 +00:00
adfoster-r7 d10909c961
Land #18887, Adds support for searching by session types 2024-02-29 22:38:20 +00:00
adfoster-r7 4d85a8dff9
Land #18902, Update github action libraries 2024-02-29 22:29:16 +00:00
adfoster-r7 703e9ba68d
Land #18896, Resolve deprecation warnings from setup-python in Github actions 2024-02-29 22:28:53 +00:00
Spencer McIntyre bcb4e3aa9d Update the help output in the docs page too 2024-02-29 16:56:06 -05:00
Spencer McIntyre d09053cde5 Add the viewstate generator as an option 2024-02-29 16:56:06 -05:00
Spencer McIntyre 3e80e04b34 Adjust option validation 2024-02-29 16:56:06 -05:00
Spencer McIntyre f1a9d9988a Update the dot_net.rb tool help output 2024-02-29 16:56:06 -05:00
Spencer McIntyre 0975f99305 Add viewstate options 2024-02-29 16:55:59 -05:00
Spencer McIntyre 87f91f284a Add unit tests for the new rex viewstate library 2024-02-29 16:55:54 -05:00
bwatters 550c6f030a
Updates based on jheysel-r7's suggestions 2024-02-29 12:42:22 -06:00
adfoster-r7 fcbb3bddfa Update github action libraries 2024-02-29 15:51:23 +00:00
cgranleese-r7 0c1bcbf275 Adds support for searching by session types 2024-02-29 15:15:40 +00:00
cgranleese-r7 fcba49d23a Update pwd output to be inline with smb client output 2024-02-29 15:11:40 +00:00
Patrick Double 8b1ff6d44e
change bloodhound OutputDirectory to OptString 
OptPath is intended for a local path and performs validation. Attempting to set it to a target path that doesn't exist on the local fails.
 2024-02-29 07:12:37 -06:00
sjanusz-r7 6fe9ef5f8c Align SQL clients to use current_database 2024-02-29 12:34:54 +00:00
cgranleese-r7 17315653a5
Land #18901, Fix Rex MySQL wrapper test to have correct method symbol 2024-02-29 11:48:16 +00:00
sjanusz-r7 bc4362d07d Fix Rex MySQL wrapper test to have correct method symbol 2024-02-29 11:16:18 +00:00
Metasploit a0dc757cb8
automatic module_metadata_base.json update 2024-02-29 05:06:39 -06:00
adfoster-r7 b0123eab2e
Land #18890, rename shell to query_interactive for sql session types, add -i flag 2024-02-29 10:41:06 +00:00
adfoster-r7 d8abd2bcc2
Land #18898, Add rex proto mysql client wrapper 2024-02-29 10:13:47 +00:00
dwelch-r7 a4543b0f41
Land #18897, Update smb login to support additional configuration 2024-02-29 10:07:02 +00:00
Metasploit 435759bb47
Bump version of framework to 6.3.59 2024-02-29 03:39:23 -06:00
sfewer-r7 f0ca5c10dc
we can shuffle thequery params so teh jsp param is not first. we can optionally add soem charachters before the trailing .jsp 2024-02-29 09:13:44 +00:00
Jack Heysel 4fe861c653
Land #18878, Update rspec gems 
This PR updates a number of rspec gems which help improve test suite
error messages when string encodings are different.
 2024-02-28 20:37:11 -08:00
adfoster-r7 131585235b Update SMB Login to support additional configuration 2024-02-28 20:24:06 +00:00
Jack Heysel 8ce95003fe Rubocop 2024-02-28 11:09:34 -08:00
Jack Heysel 6589b86a4c Updated check method to account for backports 2024-02-28 11:04:38 -08:00
sjanusz-r7 b423241e6b Use Rex Post MySQL Client for lib, specs & modules 2024-02-28 18:19:50 +00:00
sjanusz-r7 55a8d6732f Add Rex Proto MySQL Client 2024-02-28 18:19:46 +00:00
Metasploit 42255a27a6
automatic module_metadata_base.json update 2024-02-28 10:13:56 -06:00
adfoster-r7 26214cbfd2
Land #18889, Fresh SQL prompt when pressing enter if no input was provided 2024-02-28 15:40:43 +00:00
Jack Heysel 4b54d43db5
Land #18892, Add AD CS Updates for ESC13 
This PR adds functionality to enable Metasploit users
to be able to exploit the latest ESC technique, ESC13.
 2024-02-28 07:28:16 -08:00
Spencer McIntyre 1726767fdf Update the workflow docs for ESC13 2024-02-28 08:48:30 -05:00
Spencer McIntyre 8bc6705557 Move viewstate signing logic into Rex 2024-02-27 14:37:55 -05:00
KanchiMoe a887682e0f Upversion setup-python to v5 2024-02-27 19:20:22 +00:00
Zach Goldman 17d8fa2335 rename shell to query_interactive for sql session types, add -i flag 2024-02-27 11:38:04 -06:00
adfoster-r7 334f9e5ff9
Land #18893, updates the help command to consistently format columns 2024-02-27 17:04:00 +00:00
sjanusz-r7 efba30031d Fix early returns in Reline prompt 2024-02-27 16:59:38 +00:00
sfewer-r7 b7200b52e1
typo 2024-02-27 14:58:56 +00:00