dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
62,546 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

62546 Commits

Author SHA1 Message Date
space-r7 b6dcb03b45
Land #15843, add Jetty WEB-INF file disclosure 2021-11-12 11:31:27 -06:00
space-r7 9ab969f8fe
set default port, change checkcodes 2021-11-12 11:30:42 -06:00
Metasploit 943de424bd
automatic module_metadata_base.json update 2021-11-11 17:23:32 -06:00
bwatters 4505d7e834
Land #15700, Add Aerohive NetConfig <= 10.0r8a RCE (CVE-2020-16152) module 
Merge branch 'land-15700' into upstream-master
 2021-11-11 17:03:54 -06:00
bwatters 5e670638f3
Add a line suggesting `TryToFork` on Meterpreter might prevent the hang after exploitation 2021-11-11 16:59:09 -06:00
Metasploit 77ab9be4a6
Bump version of framework to 6.1.15 2021-11-11 12:04:49 -06:00
space-r7 f055429189
Land #15806, add BillQuick SQLi module 2021-11-11 11:51:19 -06:00
space-r7 93038f43ce
replace fail_with() calls with CheckCode returns 2021-11-11 11:37:55 -06:00
Tim W 7bf0fa29fc
Land #15859, fix meterpreter case sensitive tab completion 2021-11-11 14:55:22 +00:00
Metasploit 7b4db682a0
automatic module_metadata_base.json update 2021-11-11 05:20:18 -06:00
adfoster-r7 51914ae858
Land #15861, Lint smb enumshares module 2021-11-11 11:01:55 +00:00
sjanusz fb8ea12de8
Lint SMB EnumShares module 2021-11-11 10:46:24 +00:00
Ashley Donaldson 935eff899a
Only perform deduplication if a value is actually returned 2021-11-11 13:17:35 +11:00
Ashley Donaldson 4986583f41
Fix bug in tab completion in case-sensitive situations 
Includes a fix for a crash caused when tab completing.
This crash is the result of a bug in rb-readline when the only remaining options
provided in the tab completion procedure are identical. The bug is only triggered
when going case-insensitive, but we can avoid it by de-duping the list sent back to
rb-readline.
 2021-11-11 12:09:59 +11:00
Tim W 3066c5b05e Revert "Fix bug in tab completion in case-sensitive situations" 
This reverts commit 22fb90b258.
 2021-11-10 16:44:29 +00:00
Tim W 3cce6dac07
Land #15847, fix meterpreter case sensitive tab completion 2021-11-10 16:20:12 +00:00
adfoster-r7 1bff0bebf4
Land #15820, Fix named pipe pivoting 2021-11-10 12:09:43 +00:00
h00die 28672f3ea5 review 2021-11-09 16:19:20 -05:00
Metasploit 8cb026d3d3
automatic module_metadata_base.json update 2021-11-09 12:01:52 -06:00
Tim W 0b50f58322
Land #15834, add CVE-2021-40449 CallbackHell Windows LPE 2021-11-09 17:41:07 +00:00
Tim W 1a2ff7ff3d
Land #15846, fix meterpreter > download tab completion 2021-11-09 16:54:44 +00:00
Grant Willcox 9f9942feb6
Make adjustments to dllmain.c from reviews and recompile the DLL again 2021-11-09 10:49:14 -06:00
Metasploit 0446820d33
automatic module_metadata_base.json update 2021-11-09 10:49:06 -06:00
Grant Willcox 3af93cbacc
Fix up changes from timwr's review so long 2021-11-09 10:36:50 -06:00
Grant Willcox 780a9370a2
First draft of code, documentation, and exploit DLL plus exploit code 2021-11-09 10:36:40 -06:00
space-r7 1dd26bca03
Land #15802, add OMIGOD LPE 2021-11-09 10:30:50 -06:00
Spencer McIntyre 4c937c9a6f
Land #15844, Add in new definitions to definitions 2021-11-09 10:50:00 -05:00
Spencer McIntyre 01f71e52df
Land #15845, Don't getsystem if already SYSTEM 2021-11-09 08:50:29 -05:00
h00die 8f713d00ae remove period 2021-11-09 04:11:23 -05:00
h00die 0fe49cce22 review comments 2021-11-09 04:04:16 -05:00
Ashley Donaldson d4b0b9c4ab
Don't getsystem if we are already SYSTEM 2021-11-09 16:03:55 +11:00
Ashley Donaldson 35a6622318
Tab-complete for file downloads 2021-11-09 10:42:11 +11:00
Ashley Donaldson 22fb90b258
Fix bug in tab completion in case-sensitive situations 2021-11-09 10:18:02 +11:00
Grant Willcox 517b586f8b
Add in new definitions to external/source/include/windows/definitions.h including a proper THREADINFOCLASS definition, additional SYSTEM_INFORMATION_CLASS definitions, and a BIG_POOL_INFO definition 2021-11-08 16:46:52 -06:00
h00die 23ba4a1f3a jetty updates 2021-11-08 14:09:43 -05:00
h00die ea59e89cba jetty web-inf file disclosure 2021-11-08 14:04:08 -05:00
Spencer McIntyre b660140210
Land #15840, Change a failure to a warning 
Warn instead of failing when running Kiwi's DCSync as SYSTEM since it
can work when the computer account has the necessary privileges.

Resolves #14390
 2021-11-08 13:41:27 -05:00
Metasploit 33d7a8ae33
automatic module_metadata_base.json update 2021-11-08 04:31:03 -06:00
adfoster-r7 fe9fca4152
Land #15838, sap_router_portscanner: rename validate function 2021-11-08 10:12:30 +00:00
Ashley Donaldson 937e208de8
Give warning rather than failure when running DCSync as SYSTEM 2021-11-08 15:56:29 +11:00
Uli Heilmeier c3c7279de0 sap_router_portscanner: rename validate function 
cmd_run of command_dispatcher/auxiliary.rb calls a validate function
without an argument. As the validate function requires a range argument
running the sap_router_portscanner module fails.

Fix this issue by renaming the function.
 2021-11-07 20:05:20 +01:00
h00die e067535b72 billquick review updates 2021-11-06 06:29:56 -04:00
h00die 258f38090d no more duplicate text 2021-11-05 15:04:33 -04:00
adfoster-r7 e8a37d88d3
Land#15748, offer Meterpreter helm chart for installation into Kubernetes 2021-11-05 18:33:24 +00:00
Gadi Naor 17df4685e0
Merge pull request #1 from adfoster-r7/meterpreter-helm-chart-tweaks 
Meterpreter Helm chart tweaks
 2021-11-05 18:32:20 +02:00
adfoster-r7 dc1b4f7d77
Land #15818, Fix Partial WebSocket Reads 2021-11-05 15:59:05 +00:00
adfoster-r7 ee093d0c21
Meterpreter Helm chart tweaks 2021-11-05 15:14:19 +00:00
Metasploit 9e057dce8f
automatic module_metadata_base.json update 2021-11-05 09:54:06 -05:00
Spencer McIntyre bdb497ddd4 Dedent the websocket module 2021-11-05 10:41:07 -04:00
Spencer McIntyre 69e9a53b14
Land #15829, Improve Kubernetes exec reliability 2021-11-05 10:35:40 -04:00