cgranleese-r7
d37a82500d
Land #19195 , Update nokogiri version
2024-05-23 10:21:06 +01:00
Metasploit
7eefa4b1ee
Bump version of framework to 6.4.11
2024-05-23 03:34:03 -05:00
adfoster-r7
0b0c5d10a8
Update nokogiri version
2024-05-22 13:06:31 +01:00
adfoster-r7
25a1318052
Land #19170 , Refactor smb lookupsid module
2024-05-17 13:43:52 +01:00
sjanusz-r7
b3799673ea
Bump ruby_smb to 3.3.8
2024-05-17 10:59:37 +01:00
Metasploit
e3fdfd6c71
Bump version of framework to 6.4.10
2024-05-16 03:39:08 -05:00
adfoster-r7
1fa8256a6d
Fix windows platform detection bug
2024-05-15 19:17:40 +01:00
Metasploit
2a8b36d432
Bump version of framework to 6.4.9
2024-05-09 07:11:01 -05:00
Metasploit
4c7f1e6520
Bump version of framework to 6.4.8
2024-05-02 03:37:55 -05:00
Spencer McIntyre
a98554a1f4
Land #19048 , Enable inline credentials dump
...
Windows Secrets Dump: Enable inline credentials dump
2024-05-01 09:05:40 -04:00
adfoster-r7
27dd14bb64
Update pcaprub dependency
2024-04-30 20:48:24 +01:00
Christophe De La Fuente
52001bf7d4
Bump `ruby_smb` to version 3.3.7
...
- This will bring in the GetKeySecurity and SetKeySecurity MS-RRP structures
2024-04-30 20:54:15 +02:00
Simon Janusz
76d7fe8dbd
Land #19095 , Refactor smb_enumusers
2024-04-25 15:45:23 +01:00
dwelch-r7
cd40f95f05
Land #19134 , Downgrade unf ext
2024-04-25 15:25:05 +01:00
adfoster-r7
c1e5c7a8bf
Downgrade unf_ext
2024-04-25 15:08:31 +01:00
Spencer McIntyre
d6317923f6
Bump ruby_smb to 3.3.6
...
This pulls in the changes from rapid7/ruby_smb#266 which adds
SamrQueryInformationDomain support.
2024-04-25 09:41:48 -04:00
Metasploit
b607c70611
Bump version of framework to 6.4.7
2024-04-25 03:35:58 -05:00
Spencer McIntyre
eec72b8f54
Start refactoring smb_enumusers to use RubySMB
2024-04-22 13:45:15 -04:00
cgranleese-r7
a554e5251c
Land #19106 , Routine Gem dependencies update
2024-04-22 11:38:57 +01:00
Metasploit
42a14ef6bf
Bump version of framework to 6.4.6
2024-04-19 11:34:11 -05:00
adfoster-r7
651f137e94
Routine Gem dependencies update
2024-04-18 15:28:57 +01:00
Metasploit
13a79ab536
Bump version of framework to 6.4.5
2024-04-18 03:37:54 -05:00
Jack Heysel
84ea514180
Land #19026 , Add pgadmin exploit CVE-2024-2044
...
This adds an exploit for pgAdmin <= 8.3 which is a path traversal
vulnerability in the session management that allows a Python pickle
object to be loaded and deserialized. This also adds a new Python
deserialization gadget chain to execute the code in a new thread so the
target application doesn't block the HTTP request.
2024-04-16 14:12:41 -07:00
Spencer McIntyre
80a8ffd654
Bump ruby_smb to include changes from #264
2024-04-12 10:54:54 -04:00
Metasploit
2a176e5e15
Bump version of framework to 6.4.4
2024-04-11 03:39:05 -05:00
Metasploit
a6ffb5fae8
Bump version of framework to 6.4.3
2024-04-04 03:35:15 -05:00
adfoster-r7
bd99cfd701
Land #19003 , add Zig formatting support to msfvenom and payload generation
2024-04-02 23:17:45 +01:00
Spencer McIntyre
fb073cf21a
Bump ruby_smb to pull in submitted changes
2024-03-29 09:33:47 -04:00
ArchiMoebius
28ad74c663
chore(bump): rex-text
2024-03-28 23:53:59 +00:00
Metasploit
8d3bfc05ef
Bump version of framework to 6.4.2
2024-03-28 07:29:54 -05:00
Spencer McIntyre
6d1d20cdbe
Bump rex-socket to include changes from #66
2024-03-25 14:46:14 -04:00
Metasploit
3af4358281
Bump version of framework to 6.4.1
2024-03-21 03:37:19 -05:00
Spencer McIntyre
321e0730e0
Land #18957 , Bump Metasploit version to 6.4.0
2024-03-20 13:24:44 -04:00
cgranleese-r7
961a072de4
Improves handling of dying SMB and SQL sessions
2024-03-20 14:16:01 +00:00
adfoster-r7
c9fe98b522
Bump Metasploit version to 6.4.0
2024-03-20 13:46:08 +00:00
adfoster-r7
15c56a870e
Land #18895 , Add upload/download/delete/mkdir/rmdir to smb session
2024-03-14 10:51:48 +00:00
Metasploit
7cabfd7855
Bump version of framework to 6.3.61
2024-03-14 03:35:21 -05:00
Dean Welch
689caf4bd1
Add upload/download/delete/mkdir/rmdir to smb session
2024-03-12 11:56:29 +00:00
Metasploit
b91b718077
Bump version of framework to 6.3.60
2024-03-07 03:34:49 -06:00
adfoster-r7
c3eca46de4
Update yard dependencies
2024-03-06 14:56:11 +00:00
Metasploit
435759bb47
Bump version of framework to 6.3.59
2024-02-29 03:39:23 -06:00
adfoster-r7
8fca7d188f
Update rspec libraries
2024-02-22 21:02:37 +00:00
adfoster-r7
d76dd4a7fb
Improve visual indentation logic for tables
2024-02-22 14:43:29 +00:00
Metasploit
c5eb4eb8a9
Bump version of framework to 6.3.58
2024-02-22 03:35:01 -06:00
Spencer McIntyre
b79790cff6
Update metasploit-payloads gem to 2.0.166
...
Includes changes from:
* rapid7/metasploit-payloads#698
2024-02-20 13:35:42 -05:00
Metasploit
8e3daa5179
Bump version of framework to 6.3.57
2024-02-15 03:37:54 -06:00
adfoster-r7
1d406cfc2a
Land #18809 , DNS command improvements
2024-02-14 22:12:30 +00:00
Spencer McIntyre
df81cda304
Bump rex-socket to pull in validation changes
2024-02-14 09:39:51 -05:00
Christophe De La Fuente
fc5a12431c
Land #18664 , Add an SMB-based fetch payload for Windows
2024-02-14 14:57:32 +01:00
Spencer McIntyre
5036d28b44
Validate hostnames before storing them
...
This proactively fixes a potential DoS condition where if a user were to
add a hostname containing a ; and followed by data that is not an IP
address that MSF may fail to start.
Example:
dns add-static 'foo;bar' 192.0.2.1
save
2024-02-09 14:52:41 -05:00