infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
36,631 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

19212 Commits (460778738d73b33670adbdb25e59a73ab191fea4)

Author SHA1 Message Date
Stuart Morgan 460778738d Initial version works 2015-12-18 00:00:21 +00:00
Stuart Morgan 41c2d12e0c Tidy up initial print 2015-12-17 23:41:18 +00:00
Stuart Morgan 09fb37db6b Add status updates (useful if there are a large number of groups) 2015-12-17 23:07:02 +00:00
Stuart Morgan 2bcea91b15 Differentiate between user and group errors 2015-12-17 22:57:30 +00:00
Stuart Morgan 85c4e89526 Process user levels 2015-12-17 22:55:02 +00:00
Stuart Morgan 7c145c45e8 add LDAP_MATCHING_RULE_IN_CHAIN oid (from my adsi rework earlier) 2015-12-17 22:44:35 +00:00
Stuart Morgan f2b038f4b3 Begin loop to grab effective users of each group 2015-12-17 22:39:56 +00:00
Stuart Morgan c98519e0b9 Get groups using ADSI 2015-12-17 22:35:51 +00:00
Stuart Morgan 7b019bddf4 Initial version, just basing it on the ad_users module 2015-12-17 22:14:14 +00:00
Stuart Morgan e17a7a5d8c Fix attributes 2015-12-17 21:38:42 +00:00
Stuart Morgan 59d5626ef7 Bugfix 2015-12-17 21:36:19 +00:00
Stuart Morgan cba1ddbdc2 rubocop 2015-12-16 22:38:05 +00:00
Stuart Morgan 47e484408f rubocop 2015-12-16 22:31:54 +00:00
Stuart Morgan 9eef27e4c1 Removed snake case and added SID translation call 2015-12-16 22:31:22 +00:00
Stuart Morgan cc3ac3ad95 Removed trailing line spaces 2015-12-16 22:28:27 +00:00
Stuart Morgan 58635be237 Try to unpack the SID from hex to normal cut/paste format. Its a mess. 2015-12-16 22:27:52 +00:00
Stuart Morgan 421a29d998 Added the trust types from MSDN 2015-12-16 22:18:28 +00:00
Stuart Morgan fbe0cfde8f Fixed URL for trustDirection reference 2015-12-16 22:16:33 +00:00
Stuart Morgan fd8405f52d added trustDirection 2015-12-16 22:15:10 +00:00
Stuart Morgan 4da8859e57 added trustAttributes 2015-12-16 22:13:00 +00:00
Stuart Morgan 207a964117 Loop through results 2015-12-16 21:52:30 +00:00
Stuart Morgan 087a01f27f Templated table 2015-12-16 21:40:49 +00:00
Stuart Morgan fdf1a8c235 Updated with the LDAP fields to retrieve 2015-12-16 21:39:33 +00:00
Stuart Morgan ed4cf71ca8 Initial add (templated from Ben's bitlocker module) 2015-12-16 21:26:02 +00:00
Stuart Morgan c9c1dd22ee Added custom LDAP filter to ad_groups and ad_users to save having to use meterpreter's adsi interface 2015-12-16 10:38:38 +00:00
Jon Hart b78f7b4d55
Land #6319, @all3g's module for abusing redis to achieve file uploads 2015-12-14 18:00:44 -08:00
Jon Hart e448bc3e27
If saving fails, print_error and mention permissions 2015-12-14 10:47:05 -08:00
Jon Hart 19acd366d6 Rename redis file upload module; remove the 'auth' part 2015-12-14 10:40:28 -08:00
Tod Beardsley 30c805d9c7
Land #6344, R7-2015-22 / CVE-2015-8249 2015-12-14 12:30:51 -06:00
Tod Beardsley b25aae3602
Add refs to module 
See rapid7#6344.
 2015-12-14 12:05:46 -06:00
Brent Cook c00f05faba
Land #6346, jenkins_java_deserialize check reliability fixes 2015-12-14 11:44:33 -06:00
William Vu b085989923
Land #6266, rsync creds scraper 2015-12-14 11:37:30 -06:00
wchen-r7 bd8aea2618 Fix check for jenkins_java_deserialize.rb 
This fixes the following:

* nil return value checks
* handle missing X-Jenkins-CLI-Port scenario more properly
* proper HTTP path normalization
 2015-12-14 11:25:59 -06:00
wchen-r7 5ffc80dc20 Add ManageEngine ConnectionId Arbitrary File Upload Vulnerability 2015-12-14 10:51:59 -06:00
Spencer McIntyre 4e492a1b0c
Add an additional grammar change to the listener option 2015-12-13 12:04:20 -05:00
radekk 90a523fb0a Typos inside parameters description. 2015-12-12 22:48:20 +01:00
Vex Woo dee23e4bda Merge pull request #3 from jhart-r7/pr/fixup-6319 
Cleanup redis unauth_file_upload, move redis stuff to mixin
 2015-12-12 03:32:05 +00:00
dmohanty-r7 eb4611642d Add Jenkins CLI Java serialization exploit module 
CVE-2015-8103
 2015-12-11 14:57:10 -06:00
Jon Hart 9ef46140c0
Improve output when success 2015-12-11 10:10:44 -08:00
Jon Hart 32a64c3d8e
Make auth easier, work automatically and on older redis versions 
Also, improve check
 2015-12-11 10:04:47 -08:00
Jon Hart ac47c87af4
Move Password option to redis mixin 2015-12-11 08:53:11 -08:00
Jon Hart 38d0b0a0f2
Wire in @all3g's redis auth code 2015-12-11 08:42:59 -08:00
Jon Hart 555e52e416
Document the redis upload process more 2015-12-10 09:35:46 -08:00
Jon Hart 48a27170c2
Document process better, delete correct key 2015-12-10 09:13:13 -08:00
Jon Hart d2f54af23f
Reset the dir and dbfilename back to their original settings 2015-12-10 08:56:24 -08:00
Jon Hart 21ab4e96e5
First pass at redis mixin 2015-12-10 08:29:59 -08:00
karllll a5c6e260f2 Update hp_vsa_login_bof.rb 
Updated reference URL to latest location
 2015-12-10 10:56:39 -05:00
William Vu 563be5c207
Land #6322, another Perl IRC bot exploit 2015-12-10 09:43:07 -06:00
William Vu a945350821
Land #6307, Perl IRC bot exploit 2015-12-10 09:42:35 -06:00
nixawk 0d8fc78257 make code more clear 2015-12-10 15:13:50 +00:00