Ashley Donaldson
2eec5e0914
Remove spurious print; resolves #18562
2023-11-27 07:37:02 +11:00
Ashley Donaldson
ff70cc7e42
Clearer RHOST error message
2023-11-24 11:34:18 +11:00
Christophe De La Fuente
0d591a3136
Land #18526 , Add a command to customise DNS resolution
2023-11-23 17:46:16 +01:00
Spencer McIntyre
4321aafe77
Land #18547 , Update ssh login pubkey module
...
Update ssh login pubkey module to correctly identify windows ssh platform
2023-11-22 17:09:06 -05:00
Ashley Donaldson
ef9a165d22
Changes from code review
2023-11-22 16:43:02 +11:00
adfoster-r7
1b12dc3940
Update ssh login pubkey module to correctly identify windows ssh platform
2023-11-17 12:51:01 +00:00
Ashley Donaldson
fb9bd2cae1
Use empty string for missing values rather than nil
2023-11-17 15:09:30 +11:00
Ashley Donaldson
9d873cb7ac
Fix bug in writing UpnDnsInfo structure, and include in sapphire PAC
2023-11-17 13:49:55 +11:00
adfoster-r7
e011fbeb32
Land #18516 , extract common dispatcher commands into a single resuable mixin
...
Extract reusable core session commands
2023-11-15 11:25:52 +00:00
Ashley Donaldson
f351d7b5e1
Don't create DNS cached resolver on every test, because it'll exhaust the OS's resources
2023-11-10 12:07:37 +11:00
Ashley Donaldson
d0585e0df5
Added unit tests
2023-11-09 14:45:06 +11:00
Dean Welch
ea41ec7a5d
Fix tests leaving behind threads
2023-11-07 17:43:43 +00:00
Dean Welch
82057178ca
log threads with no uuid
2023-11-07 15:31:46 +00:00
Dean Welch
67a343230d
Fix thread count
2023-11-07 14:10:47 +00:00
Dean Welch
c7e0e094fa
Add core session commands and test suite
2023-11-06 16:34:37 +00:00
Dean Welch
3f3531d119
Add test for command shell sessions
2023-10-31 16:35:58 +00:00
Spencer McIntyre
6e9facbefb
Merge pull request #18419 from smashery/dcsync_kerberos
...
DCSync using Kerberos Pass-the-Ticket
2023-10-30 09:41:22 -04:00
Ashley Donaldson
2a699b89fa
Changes from code review
2023-10-30 12:51:55 +11:00
adfoster-r7
a97cc128f7
Fix flakey test failure
2023-10-25 14:09:34 +01:00
Zach Goldman
8331f4d2ad
Adds wiki guide for session searching
...
Also tweaks an error message
add readme to directory
2023-10-23 15:33:53 -05:00
dwelch-r7
7baabd08db
Land #18364 , Add support for filtering sessions
2023-10-19 16:40:42 +01:00
Zach Goldman
b4b73529d3
add -e flag for stale sessions
...
remove single flag
pivot to search flag
added support for search session type
adds search session id support
remove stale references
reshuffle code
fix time parsing, add command support
fix search list, reduce duplicated code
testing added
killall with search lists table of killed sessions
sessions are no longer represented by ids
addresses feedback on code structure and search behavior
some test reshuffling, switch raised errors to printed ones
add checkin validation, rest of cmd_sessions tests
add time parsing test
refactoring
test reformatting and adjusted error validation
make error handling more explicit, add test context
fixes
sub quotes, make constant
rubocopping
switch before and after to greater than and less than
mbetter incorporate constants
update example
2023-10-19 09:41:18 -05:00
adfoster-r7
bb19151891
Land #17689 , adding a new column cracked password in creds command to show cracked passwords
2023-10-13 12:25:51 +01:00
Spencer McIntyre
05dd2e1473
Land #18351 , Apache Superset RCE (CVE-2023-37941)
2023-10-12 17:10:10 -04:00
bwatters
6aeffa5a17
Land #18363 , Add support to msfvenom for "-f octal
...
Merge branch 'land-18363' into upstream-master
2023-10-03 16:21:57 -05:00
Jack Heysel
50e4269c05
Land #18338 , Get crackable ASREP hashes
...
This PR fixes the ASREP roasting workflow and resolves
issue #17988 .
2023-10-02 13:26:43 -04:00
Jack Heysel
5087e0ffe3
Land #18197 , Ldap login scanner module
...
Adds a new login scanner module for LDAP
2023-10-02 10:56:56 -04:00
Dean Welch
76a25c6937
Don't store creds for successful schannel ldap auth
2023-10-02 13:42:25 +01:00
errorxyz
35609d07e9
Fix lotus_domino_hashes_spec to comply with report_cred method
2023-09-25 01:19:43 +05:30
errorxyz
b4dee448bc
Update deprecated report_auth_info method call in lotus_domino_hashes
2023-09-24 22:32:52 +05:30
cgranleese-r7
9c02331184
Land #18392 , Remove raised exception in acceptance tests
2023-09-22 10:41:57 +01:00
joev
1b25ae5e14
Add comment explaining UNSUPPORTED_LANGS in spec.
2023-09-21 08:53:26 -06:00
joev
75e9a0a834
Add support for base32/64 comments.
...
* Explicitly documents lack of support for VB style comments.
2023-09-21 08:50:58 -06:00
adfoster-r7
14ded7aa67
Remove raised exception in acceptance tests
2023-09-21 14:47:06 +01:00
Ashley Donaldson
a7f2165029
Send default etypes first, and fall back to RC4 if it doesn't require pre-auth
2023-09-21 21:22:25 +10:00
joev
1d2dde9f81
Add comment support for "octal" format.
...
* Adds failing test that discovers several additional violations.
2023-09-20 17:24:00 -06:00
joev
91ce4c3d9d
Add new spec for Msf::Simple::Payload.
2023-09-20 14:29:47 -06:00
Dean Welch
1609836ea2
Don't store passwords to creds if the password wasn't needed for the auth type
2023-09-20 14:30:06 +01:00
Simon Janusz
1ef030df76
Land #18380 , Fix broken test suite when running in small console window
2023-09-20 11:03:57 +01:00
Christophe De La Fuente
525c957af2
Land #18333 , Lexmark Device Embedded Web Server RCE (CVE-2023-26068)
2023-09-19 10:32:59 +02:00
adfoster-r7
d71883f55a
Fix broken test suite when running in small console window
2023-09-18 16:40:47 +01:00
dwelch-r7
c1a44c8b7f
Land #18359 , Forge ticket fix
2023-09-18 13:05:25 +01:00
joev
1d51514730
Add spec for format without comment support.
2023-09-15 12:35:45 -06:00
Simon Janusz
1378bfbfc7
Land #18294 , pick up netifaces updates, improve error catching
2023-09-15 13:04:26 +01:00
cgranleese-r7
ba9f879f64
Land #18369 , Fix opt address local crash when ipaddr is nil
2023-09-15 11:09:43 +01:00
Jack Heysel
46832abd49
Land #18358 , Add a Thrift RPC client
...
This PR adds a Thrift RPC client and updates
two modules to make use of the new addition.
2023-09-14 19:01:13 -04:00
adfoster-r7
871e1f401b
Fix OptAddressLocal crash when IPAddr is nil
2023-09-14 23:10:20 +01:00
Spencer McIntyre
0368b23af9
Add some basic specs for the client too
2023-09-14 17:45:09 -04:00
Spencer McIntyre
bf9ef45c45
Add some specs for thrift data types
2023-09-14 17:16:32 -04:00
adfoster-r7
c558dae400
Land #18361 , Adds new search keywords to msfconsole
2023-09-14 19:48:41 +01:00
h00die
619a46d450
working hashes for apache superset rce
2023-09-14 13:21:01 -04:00
cgranleese-r7
4bff7ddea1
Adds new search keywords to msfconsole
2023-09-13 16:41:05 +01:00
cgranleese-r7
814484cd29
Land #18357 , Add additional error reporting to integration tests
2023-09-13 15:02:57 +01:00
Ashley Donaldson
483e8175ca
Update unit tests
2023-09-13 14:11:18 +10:00
Spencer McIntyre
28c4902f4a
Land #18180 , Flask unsign library, related modules
...
Apache Supserset Priv Esc (CVE-2023-27524) and Flask unsign Library
2023-09-12 19:02:30 -04:00
adfoster-r7
e070ba28da
Add additional error reporting to integration tests
2023-09-12 17:32:18 +01:00
Zach Goldman
a13d45ec2d
add unit test
2023-09-11 12:14:26 -05:00
Dean Welch
586f27f44a
Fix issue with username generation always adding domain
2023-09-11 16:35:31 +01:00
Dean Welch
1af852b240
Add remote ldap specs
2023-09-11 16:33:01 +01:00
Dean Welch
7a06ad8d5d
Add ldap login scanner specs
2023-09-11 16:33:01 +01:00
h00die
235c142274
Merge remote-tracking branch 'origin/flask_unsign' into flask_unsign
2023-09-11 10:27:00 -04:00
cgranleese-r7
041bd3edc3
Land #18349 , Add Meterpreter compatibility matrix generation
2023-09-11 12:24:58 +01:00
adfoster-r7
901938c0f1
Add Meterpreter compatibility matrix generation
2023-09-11 12:04:18 +01:00
bwatters
fdae4953eb
Land #18290 , Prometheus API & Prometheus Node Exporter Interrogator
...
Merge branch 'land-18290' into upstream-master
2023-09-08 12:55:30 -05:00
Spencer McIntyre
143e1c82b5
Add validation functionality to FlaskUnsign
2023-09-07 16:19:58 -04:00
h00die
213b9f9589
Merge remote-tracking branch 'upstream/master' into flask_unsign
2023-09-06 15:39:37 -04:00
Ashley Donaldson
f27439760d
Update mock for unit tests
2023-09-04 10:47:06 +10:00
Jack Heysel
e5f2ebff19
Fix copy pasta error
2023-08-31 12:14:24 -04:00
Jack Heysel
3e58183291
updated payloads_spec
2023-08-31 02:43:12 -04:00
Christophe De La Fuente
8217745a85
Land #18257 , Apache nifi h2 rce (CVE-2023-34468)
2023-08-30 13:37:37 +02:00
Spencer McIntyre
091c07258b
Land #18298 , Sort addresses
...
Ensure datastore network adapter names are consistently resolved
2023-08-23 09:08:03 -04:00
adfoster-r7
da3ef0a6f9
Ensure datastore network adapter names are consistently resolved
2023-08-21 00:21:37 +01:00
dwelch-r7
1878c08293
Land #18276 , Add sasl scram 256 auth support to postgres modules
2023-08-18 14:34:51 +01:00
h00die
d84c15cf21
lib and spec updates
2023-08-17 15:29:20 -04:00
cgranleese-r7
703f535850
Land #18275 , Update java reverse http and https to be dynamic
2023-08-17 16:15:16 +01:00
h00die
97a6fc9549
tables and screen width, ugh
2023-08-16 17:23:31 -04:00
h00die
d75c53fffe
prometheus api gather
2023-08-15 20:30:54 -04:00
h00die
7629c7d0f4
prometheus node exporter library
2023-08-15 20:30:54 -04:00
adfoster-r7
33193bdd41
Update java reverse http and https to be dynamic
2023-08-16 00:50:41 +01:00
adfoster-r7
9a50e66c50
Land #18278 , Use latest version of ruby-mysql from upstream
2023-08-15 14:29:36 +01:00
adfoster-r7
68ce65c6c9
Revert "Revert "Add Meterpreter sanity tests to CI""
2023-08-15 13:24:59 +01:00
Rory McKinley
e6d1a20a05
Use `ruby-mysql` for MySQL login scanner
2023-08-14 21:34:41 +02:00
adfoster-r7
cdbd591f07
Revert "Add Meterpreter sanity tests to CI"
2023-08-10 19:08:09 +01:00
adfoster-r7
98ac76d54f
Add sasl scram 256 auth support to postgres modules
2023-08-09 16:41:01 +01:00
dwelch-r7
9e7960fd9f
Land #18224 , First iteration of specs for SSH Login scanner
2023-08-04 16:22:37 +01:00
adfoster-r7
a3d129fe9f
Land #18244 , Update payload size warnings to errors on CI
2023-08-04 14:10:14 +01:00
cgranleese-r7
dfe030cc99
Update payload size warnings to errors on CI
2023-08-04 13:56:31 +01:00
dwelch-r7
6f7ebb3824
Land #18210 , Add Meterpreter sanity tests to CI
2023-08-04 13:24:39 +01:00
adfoster-r7
b1d6983fad
Land #18228 , Adds Rubocop rule to detect invalid pack/unpack directives
2023-08-04 11:20:18 +01:00
cgranleese-r7
61f70e09f6
detect invalid Pack/Unpack directives
2023-08-03 17:39:21 +01:00
adfoster-r7
d8dc189168
Add Meterpreter sanity tests to CI
2023-08-03 17:11:44 +01:00
cgranleese-r7
5756241fb3
Land #18223 , Fix broken msfconsole histories when switching between shell sessions
2023-08-03 16:40:01 +01:00
Dean Welch
9932aaaaaa
Add specs for resetting password list when username is specified
2023-07-31 16:22:08 +01:00
adfoster-r7
449af8daa7
Fix broken msfconsole histories when switching between shell sessions
2023-07-27 16:12:57 +01:00
Rory McKinley
0453877fee
First iteration of specs for SSH Login scanner
2023-07-27 15:29:02 +02:00
h00die
3d3e2a9e2d
apache supserset exploit
2023-07-11 15:19:33 -04:00
Rory McKinley
5974801e14
Tidy up plugin specs
2023-07-07 17:14:29 +02:00
h00die
2c2f855e20
working cookies for superset
2023-07-06 07:12:39 -04:00
adfoster-r7
88a539a82c
Land #18144 , update capture plugin to be more helpful, and add documentation
2023-07-06 11:17:14 +01:00
Christophe De La Fuente
ae48236d07
Land #18122 , rocketmq version lib
2023-07-05 18:11:25 +02:00