metasploit-framework
metasploit-framework copied to clipboard
rapid7
Metasploit Framework
This PR fixes `shell_to_meterpreter` behaviour under **Windows 10 environment**, when the OS language is set to some foreign language. ## Details Module `shell_to_meterpreter` uses `wmic` command to detect Windows architecture....
A vulnerability who may lead one to execute arbitrary code against modern Windows device with SMB 445 opened.
# Documentation Issue Finder Generated: 2022-10-09 13:40:24 ## Modules Without Documentation + [ ] [metasploit-framework/modules/auxiliary/scanner/dect/call_scanner](https://github.com/rapid7/metasploit-framework/blob/master/modules//auxiliary/scanner/dect/call_scanner.rb) + [ ] [metasploit-framework/modules/auxiliary/scanner/dect/station_scanner](https://github.com/rapid7/metasploit-framework/blob/master/modules//auxiliary/scanner/dect/station_scanner.rb) + [ ] [metasploit-framework/modules/auxiliary/scanner/discovery/ipv6_multicast_ping](https://github.com/rapid7/metasploit-framework/blob/master/modules//auxiliary/scanner/discovery/ipv6_multicast_ping.rb) + [ ] [metasploit-framework/modules/auxiliary/scanner/discovery/ipv6_neighbor_router_advertisement](https://github.com/rapid7/metasploit-framework/blob/master/modules//auxiliary/scanner/discovery/ipv6_neighbor_router_advertisement.rb) + [ ]...
Reverse port forward seems to work great on windows hosts with metasploit version 5+ but with metasploit version v6.2.22-dev- and v6.2.20+, I am not able to reverse port forward and...
I ran `local_exploit_suggester` on a linux box, and to my surprise many modules throw exceptions. Looks like the main reason was a `suid?` or `stat` call on a file before...
## Summary ### Improving invalid credential UX When the credentials are invalid, there's no indication to the user: ``` msf6 auxiliary(scanner/smb/impacket/wmiexec) > run smb://Administrator:[email protected] command=dir [*] Running for 192.168.123.25... [*]...
This adds in a bunch of new query types to help with discovering things like AS-REP roastable accounts, potential honeypot accounts via login counts + password set dates + last...
## Fully In Memory By replicating the functionality of APIs::dlopen_from, we can bypass the temporary file created when calling NSCreateObjectFileImageFromMemory on macOS 12 and above. Constructing a custom JustInTimeLoader and...
https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/289806/resolved-issues https://docs.fortinet.com/document/fortigate/7.0.7/fortios-release-notes/289806/resolved-issues ## Summary I have a vulnerable target but haven't been able to find any patch details yet. ### Motivation FortiGate instances are widely deployed. I think I module...
This adds an auxiliary module that exploits a privilege escalation vulnerability in Active Directory Certificate Services (ADCS) known as Certifried (CVE-2022-26923) to generate a valid certificate impersonating the Domain Controller...
