github
/
metasploit-framework
mirror of https://github.com/rapid7/metasploit-framework
1
Fork 0
Code Releases Activity
74,031 Commits 15 Branches 895 Tags 2.1 GiB
Commit Graph

1793 Commits

Author SHA1 Message Date
cgranleese-r7 d37a82500d
Land #19195, Update nokogiri version 2024-05-23 10:21:06 +01:00
Metasploit 7eefa4b1ee
Bump version of framework to 6.4.11 2024-05-23 03:34:03 -05:00
adfoster-r7 0b0c5d10a8 Update nokogiri version 2024-05-22 13:06:31 +01:00
adfoster-r7 25a1318052
Land #19170, Refactor smb lookupsid module 2024-05-17 13:43:52 +01:00
sjanusz-r7 b3799673ea Bump ruby_smb to 3.3.8 2024-05-17 10:59:37 +01:00
Metasploit e3fdfd6c71
Bump version of framework to 6.4.10 2024-05-16 03:39:08 -05:00
adfoster-r7 1fa8256a6d Fix windows platform detection bug 2024-05-15 19:17:40 +01:00
Metasploit 2a8b36d432
Bump version of framework to 6.4.9 2024-05-09 07:11:01 -05:00
Metasploit 4c7f1e6520
Bump version of framework to 6.4.8 2024-05-02 03:37:55 -05:00
Spencer McIntyre a98554a1f4
Land #19048, Enable inline credentials dump 
Windows Secrets Dump: Enable inline credentials dump
 2024-05-01 09:05:40 -04:00
adfoster-r7 27dd14bb64 Update pcaprub dependency 2024-04-30 20:48:24 +01:00
Christophe De La Fuente 52001bf7d4
Bump `ruby_smb` to version 3.3.7 
- This will bring in the GetKeySecurity and SetKeySecurity MS-RRP structures
 2024-04-30 20:54:15 +02:00
Simon Janusz 76d7fe8dbd
Land #19095, Refactor smb_enumusers 2024-04-25 15:45:23 +01:00
dwelch-r7 cd40f95f05
Land #19134, Downgrade unf ext 2024-04-25 15:25:05 +01:00
adfoster-r7 c1e5c7a8bf Downgrade unf_ext 2024-04-25 15:08:31 +01:00
Spencer McIntyre d6317923f6 Bump ruby_smb to 3.3.6 
This pulls in the changes from rapid7/ruby_smb#266 which adds
SamrQueryInformationDomain support.
 2024-04-25 09:41:48 -04:00
Metasploit b607c70611
Bump version of framework to 6.4.7 2024-04-25 03:35:58 -05:00
Spencer McIntyre eec72b8f54 Start refactoring smb_enumusers to use RubySMB 2024-04-22 13:45:15 -04:00
cgranleese-r7 a554e5251c
Land #19106, Routine Gem dependencies update 2024-04-22 11:38:57 +01:00
Metasploit 42a14ef6bf
Bump version of framework to 6.4.6 2024-04-19 11:34:11 -05:00
adfoster-r7 651f137e94 Routine Gem dependencies update 2024-04-18 15:28:57 +01:00
Metasploit 13a79ab536
Bump version of framework to 6.4.5 2024-04-18 03:37:54 -05:00
Jack Heysel 84ea514180
Land #19026, Add pgadmin exploit CVE-2024-2044 
This adds an exploit for pgAdmin <= 8.3 which is a path traversal
vulnerability in the session management that allows a Python pickle
object to be loaded and deserialized. This also adds a new Python
deserialization gadget chain to execute the code in a new thread so the
target application doesn't block the HTTP request.
 2024-04-16 14:12:41 -07:00
Spencer McIntyre 80a8ffd654 Bump ruby_smb to include changes from #264 2024-04-12 10:54:54 -04:00
Metasploit 2a176e5e15
Bump version of framework to 6.4.4 2024-04-11 03:39:05 -05:00
Metasploit a6ffb5fae8
Bump version of framework to 6.4.3 2024-04-04 03:35:15 -05:00
adfoster-r7 bd99cfd701
Land #19003, add Zig formatting support to msfvenom and payload generation 2024-04-02 23:17:45 +01:00
Spencer McIntyre fb073cf21a Bump ruby_smb to pull in submitted changes 2024-03-29 09:33:47 -04:00
ArchiMoebius 28ad74c663 chore(bump): rex-text 2024-03-28 23:53:59 +00:00
Metasploit 8d3bfc05ef
Bump version of framework to 6.4.2 2024-03-28 07:29:54 -05:00
Spencer McIntyre 6d1d20cdbe Bump rex-socket to include changes from #66 2024-03-25 14:46:14 -04:00
Metasploit 3af4358281
Bump version of framework to 6.4.1 2024-03-21 03:37:19 -05:00
Spencer McIntyre 321e0730e0
Land #18957, Bump Metasploit version to 6.4.0 2024-03-20 13:24:44 -04:00
cgranleese-r7 961a072de4 Improves handling of dying SMB and SQL sessions 2024-03-20 14:16:01 +00:00
adfoster-r7 c9fe98b522 Bump Metasploit version to 6.4.0 2024-03-20 13:46:08 +00:00
adfoster-r7 15c56a870e
Land #18895, Add upload/download/delete/mkdir/rmdir to smb session 2024-03-14 10:51:48 +00:00
Metasploit 7cabfd7855
Bump version of framework to 6.3.61 2024-03-14 03:35:21 -05:00
Dean Welch 689caf4bd1 Add upload/download/delete/mkdir/rmdir to smb session 2024-03-12 11:56:29 +00:00
Metasploit b91b718077
Bump version of framework to 6.3.60 2024-03-07 03:34:49 -06:00
adfoster-r7 c3eca46de4 Update yard dependencies 2024-03-06 14:56:11 +00:00
Metasploit 435759bb47
Bump version of framework to 6.3.59 2024-02-29 03:39:23 -06:00
adfoster-r7 8fca7d188f Update rspec libraries 2024-02-22 21:02:37 +00:00
adfoster-r7 d76dd4a7fb Improve visual indentation logic for tables 2024-02-22 14:43:29 +00:00
Metasploit c5eb4eb8a9
Bump version of framework to 6.3.58 2024-02-22 03:35:01 -06:00
Spencer McIntyre b79790cff6 Update metasploit-payloads gem to 2.0.166 
Includes changes from:
* rapid7/metasploit-payloads#698
 2024-02-20 13:35:42 -05:00
Metasploit 8e3daa5179
Bump version of framework to 6.3.57 2024-02-15 03:37:54 -06:00
adfoster-r7 1d406cfc2a
Land #18809, DNS command improvements 2024-02-14 22:12:30 +00:00
Spencer McIntyre df81cda304 Bump rex-socket to pull in validation changes 2024-02-14 09:39:51 -05:00
Christophe De La Fuente fc5a12431c
Land #18664, Add an SMB-based fetch payload for Windows 2024-02-14 14:57:32 +01:00
Spencer McIntyre 5036d28b44 Validate hostnames before storing them 
This proactively fixes a potential DoS condition where if a user were to
add a hostname containing a ; and followed by data that is not an IP
address that MSF may fail to start.

Example:
dns add-static 'foo;bar' 192.0.2.1
save
 2024-02-09 14:52:41 -05:00