adfoster-r7
e49c6a792a
Land #18770 , Extract SMB, PostgreSQL, MySQL and MSSQL optional sessions into their own mixins
2024-02-15 13:19:37 +00:00
Christophe De La Fuente
747d328bcb
Land #18786 , Fix option collision in `service_persistence`
2024-02-14 17:25:15 +01:00
Dean Welch
fa5c4c0193
lowercase session types
2024-02-14 15:45:34 +00:00
Dean Welch
0d4e1ed755
Use mssql option session mixin with mssql modules
2024-02-14 15:37:11 +00:00
Dean Welch
587a8690a1
Use individual session mixins
2024-02-14 15:37:11 +00:00
Dean Welch
08872d0211
Add session type to info hash in the mixin
2024-02-14 15:37:11 +00:00
Dean Welch
0f319bdfb9
Extract SMB and PostgreSQL optional sessions into their own mixins
2024-02-14 15:37:11 +00:00
Christophe De La Fuente
fc5a12431c
Land #18664 , Add an SMB-based fetch payload for Windows
2024-02-14 14:57:32 +01:00
adfoster-r7
1794a5fbee
Land #18763 , Mssql session modules
2024-02-14 10:54:04 +00:00
Zach Goldman
d18520adc6
update rhost and rport calls
2024-02-13 13:00:38 -06:00
Zach Goldman
c05c6773df
adjust session logic in modules
2024-02-13 11:59:09 -06:00
Spencer McIntyre
1cd5b707bb
Add additional platforms and decoders
2024-02-13 18:34:40 +01:00
Spencer McIntyre
49e689d909
Some improvements to the encoder
...
* Skip encoding when it is not necessary
* Use command -v instead of which for portability
2024-02-13 18:34:40 +01:00
Spencer McIntyre
9c6e1a584a
Add a base64 ARCH_CMD encoder
2024-02-13 18:34:40 +01:00
adfoster-r7
b762d2ba65
Land #18795 , Move CreateSession from advanced into basic options
2024-02-13 10:00:35 +00:00
Spencer McIntyre
202db99004
Land #18801 , Fix revision number checks
...
Fix revision number checks in cve_2022_26904_superprofile.rb
2024-02-12 15:52:16 -05:00
Spencer McIntyre
45365c8666
Land #18800 , Fix revision number checks
...
Fix revision number checks for cve_2021_40449.rb
2024-02-12 15:19:56 -05:00
Spencer McIntyre
ce0498377d
Land #18798 , fix version checks
...
windows/local/cve_2020_0787_bits_arbitrary_file_move (and similar) fails due to incorrect revision_number checks
2024-02-12 15:11:07 -05:00
Spencer McIntyre
8eb5aa6aa6
Land #18799 , Fix revision number checks
...
Fix revision number checks for cve_2020_17136.rb
2024-02-12 15:01:45 -05:00
adfoster-r7
5fa1ce8ed2
Add support for newer sqlcmd versions
2024-02-12 11:51:02 +00:00
cgranleese-r7
699afaff45
Adds some notification message about 6.4 release features
2024-02-12 11:37:47 +00:00
cgranleese-r7
5d165466ff
Move CreateSession from advanced into basic options
2024-02-12 11:35:27 +00:00
Zach Goldman
94223f05fc
update relevant modules to work with sessions
...
separate out optional session logic
fixing session handling
2024-02-09 13:18:49 -06:00
cgranleese-r7
285fbe5ac5
Land #18812 , Revert mssql_login TDSENCRYPTION value to false
2024-02-09 17:03:10 +00:00
adfoster-r7
37ee910d2f
Revert mssql_login TDSENCRYPTION value to false
2024-02-09 16:07:45 +00:00
sjanusz-r7
30fc29e0f5
Use PostgreSQL session type for modules
2024-02-09 15:38:06 +00:00
adfoster-r7
9caa2fac17
Land #18747 , Add new mssql session type
2024-02-09 15:27:43 +00:00
Zach Goldman
2c60780dc0
Add MSSQL session Type
2024-02-09 07:27:01 -06:00
adfoster-r7
8b71afdd53
Land #18759 , Updates MySQL modules to now support the new MySQL session type
2024-02-08 12:39:51 +00:00
cgranleese-r7
b060809a8d
Addresses logoff PR feedback
2024-02-07 12:51:04 +00:00
upsidedwn
4b5d04e59e
Fix revision number checks in cve_2022_26904_superprofile.rb
2024-02-07 11:30:42 +08:00
upsidedwn
ccb446f2ae
Fix revision number checks for cve_2021_40449.rb
2024-02-07 11:28:00 +08:00
upsidedwn
436efad4ca
Fix revision number checks
2024-02-07 11:25:41 +08:00
upsidedwn
47d30696bc
Fix revision_number checks
2024-02-07 11:20:12 +08:00
cgranleese-r7
e80f0ef8cd
Removes session logic from mixins and uses client instead of datastore for rhost and rport
2024-02-06 14:11:16 +00:00
Christophe De La Fuente
d546db6055
Land #18780 , runc cwd priv esc (docker) (cve-2024-21626)
2024-02-05 13:12:02 +01:00
lihe07
29524fa7f8
Fix option collision in `service_persistence`
...
The option `SHELLPATH` collide with `cmd/unix/reverse_netcat`,
resulting in abnormal backdoors. This commit rename it to BACKDOOR_PATH
2024-02-03 23:18:45 +08:00
h00die
cf2f76e6a2
cve-2024-21626 review
2024-02-02 16:27:02 -05:00
Jack Heysel
85974d16c2
Land #18769 , Add Cacti RCE via SQLi Module
...
This exploit module leverages a SQLi (CVE-2023-49085) and
a LFI (CVE-2023-49084) vulnerability in Cacti versions prior
to 1.2.26 to achieve RCE
2024-02-02 11:46:10 -05:00
cgranleese-r7
577304cf7c
Updates more modules
2024-02-02 14:59:56 +00:00
cgranleese-r7
ae1cb57dc3
Updates MySQL modules to now support the new MySQL session type
2024-02-02 14:59:56 +00:00
cgranleese-r7
0e9cad6d45
Adds MySQL session type
2024-02-02 14:39:37 +00:00
adfoster-r7
48221e594d
Land #18704 , Leverage the module metadata cache in the module_sets
2024-02-02 14:16:46 +00:00
adfoster-r7
7ac4387d35
Land #18696 , Convert MSSQL mixin to class
2024-02-02 14:14:34 +00:00
Christophe De La Fuente
b91648f065
Fix typos
2024-02-02 11:45:51 +01:00
Christophe De La Fuente
1ff1302df7
Use exceptions instead of returning a boolean in `do_login`
2024-02-02 11:39:13 +01:00
adfoster-r7
372b792b8c
Land #18761 , Add alert to show user the new session options available in Metasploit 6.4
2024-02-02 10:25:32 +00:00
Jack Heysel
be2d2d61ca
Land #18762 , Add exploit module for CVE-2024-0204
...
This pull request adds an exploit module for CVE-2024-0204
in Fortra GoAnywhere MFT. GoAnywhere MFT versions 6.x from
6.0.1, and 7.x before 7.4.1 are vulnerable.
2024-02-01 22:36:32 -05:00
Zach Goldman
35778e92b2
client consolidation
...
convert first module from remote to client
move client to rex
remove metasploit mixin
2024-02-01 17:23:55 -06:00
h00die
1c73cf938f
cve-2024-21626
2024-02-01 15:28:04 -05:00