space-r7
b6dcb03b45
Land #15843 , add Jetty WEB-INF file disclosure
2021-11-12 11:31:27 -06:00
space-r7
9ab969f8fe
set default port, change checkcodes
2021-11-12 11:30:42 -06:00
Metasploit
943de424bd
automatic module_metadata_base.json update
2021-11-11 17:23:32 -06:00
bwatters
4505d7e834
Land #15700 , Add Aerohive NetConfig <= 10.0r8a RCE (CVE-2020-16152) module
...
Merge branch 'land-15700' into upstream-master
2021-11-11 17:03:54 -06:00
bwatters
5e670638f3
Add a line suggesting `TryToFork` on Meterpreter might prevent the hang after exploitation
2021-11-11 16:59:09 -06:00
Metasploit
77ab9be4a6
Bump version of framework to 6.1.15
2021-11-11 12:04:49 -06:00
space-r7
f055429189
Land #15806 , add BillQuick SQLi module
2021-11-11 11:51:19 -06:00
space-r7
93038f43ce
replace fail_with() calls with CheckCode returns
2021-11-11 11:37:55 -06:00
Tim W
7bf0fa29fc
Land #15859 , fix meterpreter case sensitive tab completion
2021-11-11 14:55:22 +00:00
Metasploit
7b4db682a0
automatic module_metadata_base.json update
2021-11-11 05:20:18 -06:00
adfoster-r7
51914ae858
Land #15861 , Lint smb enumshares module
2021-11-11 11:01:55 +00:00
sjanusz
fb8ea12de8
Lint SMB EnumShares module
2021-11-11 10:46:24 +00:00
Ashley Donaldson
935eff899a
Only perform deduplication if a value is actually returned
2021-11-11 13:17:35 +11:00
Ashley Donaldson
4986583f41
Fix bug in tab completion in case-sensitive situations
...
Includes a fix for a crash caused when tab completing.
This crash is the result of a bug in rb-readline when the only remaining options
provided in the tab completion procedure are identical. The bug is only triggered
when going case-insensitive, but we can avoid it by de-duping the list sent back to
rb-readline.
2021-11-11 12:09:59 +11:00
Tim W
3066c5b05e
Revert "Fix bug in tab completion in case-sensitive situations"
...
This reverts commit 22fb90b258
.
2021-11-10 16:44:29 +00:00
Tim W
3cce6dac07
Land #15847 , fix meterpreter case sensitive tab completion
2021-11-10 16:20:12 +00:00
adfoster-r7
1bff0bebf4
Land #15820 , Fix named pipe pivoting
2021-11-10 12:09:43 +00:00
h00die
28672f3ea5
review
2021-11-09 16:19:20 -05:00
Metasploit
8cb026d3d3
automatic module_metadata_base.json update
2021-11-09 12:01:52 -06:00
Tim W
0b50f58322
Land #15834 , add CVE-2021-40449 CallbackHell Windows LPE
2021-11-09 17:41:07 +00:00
Tim W
1a2ff7ff3d
Land #15846 , fix meterpreter > download tab completion
2021-11-09 16:54:44 +00:00
Grant Willcox
9f9942feb6
Make adjustments to dllmain.c from reviews and recompile the DLL again
2021-11-09 10:49:14 -06:00
Metasploit
0446820d33
automatic module_metadata_base.json update
2021-11-09 10:49:06 -06:00
Grant Willcox
3af93cbacc
Fix up changes from timwr's review so long
2021-11-09 10:36:50 -06:00
Grant Willcox
780a9370a2
First draft of code, documentation, and exploit DLL plus exploit code
2021-11-09 10:36:40 -06:00
space-r7
1dd26bca03
Land #15802 , add OMIGOD LPE
2021-11-09 10:30:50 -06:00
Spencer McIntyre
4c937c9a6f
Land #15844 , Add in new definitions to definitions
2021-11-09 10:50:00 -05:00
Spencer McIntyre
01f71e52df
Land #15845 , Don't getsystem if already SYSTEM
2021-11-09 08:50:29 -05:00
h00die
8f713d00ae
remove period
2021-11-09 04:11:23 -05:00
h00die
0fe49cce22
review comments
2021-11-09 04:04:16 -05:00
Ashley Donaldson
d4b0b9c4ab
Don't getsystem if we are already SYSTEM
2021-11-09 16:03:55 +11:00
Ashley Donaldson
35a6622318
Tab-complete for file downloads
2021-11-09 10:42:11 +11:00
Ashley Donaldson
22fb90b258
Fix bug in tab completion in case-sensitive situations
2021-11-09 10:18:02 +11:00
Grant Willcox
517b586f8b
Add in new definitions to external/source/include/windows/definitions.h including a proper THREADINFOCLASS definition, additional SYSTEM_INFORMATION_CLASS definitions, and a BIG_POOL_INFO definition
2021-11-08 16:46:52 -06:00
h00die
23ba4a1f3a
jetty updates
2021-11-08 14:09:43 -05:00
h00die
ea59e89cba
jetty web-inf file disclosure
2021-11-08 14:04:08 -05:00
Spencer McIntyre
b660140210
Land #15840 , Change a failure to a warning
...
Warn instead of failing when running Kiwi's DCSync as SYSTEM since it
can work when the computer account has the necessary privileges.
Resolves #14390
2021-11-08 13:41:27 -05:00
Metasploit
33d7a8ae33
automatic module_metadata_base.json update
2021-11-08 04:31:03 -06:00
adfoster-r7
fe9fca4152
Land #15838 , sap_router_portscanner: rename validate function
2021-11-08 10:12:30 +00:00
Ashley Donaldson
937e208de8
Give warning rather than failure when running DCSync as SYSTEM
2021-11-08 15:56:29 +11:00
Uli Heilmeier
c3c7279de0
sap_router_portscanner: rename validate function
...
cmd_run of command_dispatcher/auxiliary.rb calls a validate function
without an argument. As the validate function requires a range argument
running the sap_router_portscanner module fails.
Fix this issue by renaming the function.
2021-11-07 20:05:20 +01:00
h00die
e067535b72
billquick review updates
2021-11-06 06:29:56 -04:00
h00die
258f38090d
no more duplicate text
2021-11-05 15:04:33 -04:00
adfoster-r7
e8a37d88d3
Land#15748, offer Meterpreter helm chart for installation into Kubernetes
2021-11-05 18:33:24 +00:00
Gadi Naor
17df4685e0
Merge pull request #1 from adfoster-r7/meterpreter-helm-chart-tweaks
...
Meterpreter Helm chart tweaks
2021-11-05 18:32:20 +02:00
adfoster-r7
dc1b4f7d77
Land #15818 , Fix Partial WebSocket Reads
2021-11-05 15:59:05 +00:00
adfoster-r7
ee093d0c21
Meterpreter Helm chart tweaks
2021-11-05 15:14:19 +00:00
Metasploit
9e057dce8f
automatic module_metadata_base.json update
2021-11-05 09:54:06 -05:00
Spencer McIntyre
bdb497ddd4
Dedent the websocket module
2021-11-05 10:41:07 -04:00
Spencer McIntyre
69e9a53b14
Land #15829 , Improve Kubernetes exec reliability
2021-11-05 10:35:40 -04:00