adfoster-r7
adfoster-r7
## Steps to reproduce Load a module, the default cmdstager is auto: ``` [*] Using exploit/linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec msf6 exploit(linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec) > get CMDSTAGER::FLAVOR CMDSTAGER::FLAVOR => auto ``` Setting target to 0, still...
## Summary Let's add pagination capabilities to the JSON RPC endpoints. Continuation of https://github.com/rapid7/metasploit-framework/pull/13439 This would be a breaking change to existing clients. ### Basic example See https://github.com/rapid7/metasploit-framework/pull/13439 ### Motivation...
Add initial kutil support for listing and adding entries to keytab file: ``` msf6 auxiliary(admin/kerberos/ktutil) > rerun keytab_file=/tmp/example.keytab [*] Reloading module... Keytab entries ============== vno type principal hash date ---...
## Summary ### Improving invalid credential UX When the credentials are invalid, there's no indication to the user: ``` msf6 auxiliary(scanner/smb/impacket/wmiexec) > run smb://Administrator:[email protected] command=dir [*] Running for 192.168.123.25... [*]...
## Summary An idea generated by https://github.com/rapid7/metasploit-framework/pull/16015 We should give affordance to the user when performing tab completion that `file:`, `http:` and friends can be used within msfconsole: https://github.com/rapid7/metasploit-framework/pull/16015#pullrequestreview-845503262
## Summary These modules are very similar in behavior, and could be consolidated into one for a nicer user experience. ### Motivation Original discussion: https://github.com/rapid7/metasploit-framework/issues/14403
Fix a bug spotted by https://github.com/rapid7/metasploit-framework/pull/17079 Existing issue for windows 2008 server that can be fixed unrelated to this PR: ``` msf6 exploit(windows/smb/psexec) > run rhosts=192.168.123.136 smbuser=Administrator smbpass=p4$$w0rd smbauth=kerberos smbrhostname=win-0p19ull2nb6.demo.local...
Document the Meterpreter reg command which can manipulate the Windows Registry on a target machine. Depends on https://github.com/rapid7/metasploit-framework/pull/16994
Fixes missing ssh_login peerinfo information which was introduced by https://github.com/rapid7/metasploit-framework/pull/15831 Before ``` $ rvm use; bundle; time bundle exec ruby ./msfconsole -qx "use scanner/ssh/ssh_login; set rhosts 192.168.123.128; set rport 2222;...
As noted by https://github.com/hirura/hrr_rb_ssh/issues/32 - it looks like OpenSSL 3.0 has backwards incompatible changes This is an initial test PR to document some of the changes that have been required...