c621f689b2
more descriptive note per @sempervictus
2016-05-18 19:08:01 -04:00
815a2600a8
additional description
2016-05-17 22:07:33 -04:00
640e0b9ff7
working ready for pr
2016-05-17 21:58:32 -04:00
2e3e4f0069
Land #6296 , Added a multi-platform post module to generate TCP & UDP egress traffic
2016-05-14 00:03:00 -05:00
3542d907f7
simplify description, move the bulk of documentation to documentation/
2016-05-14 00:01:51 -05:00
314d73546c
additional details, not working on tablet via malicious apk meterpreter
2016-05-13 23:12:44 -04:00
5099124f3d
module compiles, fails correctly but cant yet verify it works
2016-05-12 22:18:43 -04:00
a69432abe5
update module class and move to recon from manage
2016-05-12 12:42:04 -05:00
9f923cdb00
Merge branch 'master' into land-6296-egress
2016-05-12 12:36:47 -05:00
57a3a2871b
remove various session manipulation hacks since session.platform should always contain an os identifier
2016-05-08 22:39:41 -05:00
2f66442f1d
Fix #5191 , bad LHOST format causes shell_to_meterpreter to backtrace
...
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.
Fix #5191
2016-04-28 23:03:54 -05:00
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
3da451795c
Fix potential case issue
...
Even though the options were getting put back in a datastore, the
original case could still be lost and that would be bad.
2016-04-18 17:52:27 -04:00
f83cb4ee32
fix set_wallpaper
2016-03-16 13:07:41 +00:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
a1190f4344
Land #6598 , add post module for setting wallpaper
2016-03-06 15:00:10 -06:00
86845222ef
add meterpreter platform workaround
2016-03-06 14:51:34 -06:00
d955c6a8f6
style fixes
2016-02-29 14:06:49 -06:00
f3cf5a8a41
Resolve merge conflict with upstream-master
...
Out of date author field
2016-02-25 14:49:53 -06:00
27af59ea7c
minor tweaks
2016-02-20 08:35:56 +00:00
b58166a9a8
add android platform to the hash
2016-02-18 20:13:39 -06:00
5c92076a1e
more cleanup
2016-02-14 09:15:25 +00:00
e738b5922d
fix play_youtube to work on Android
2016-02-11 07:16:40 +00:00
a93f200851
cosmetic fixes
2016-02-10 07:51:13 +00:00
d544bf9311
android set wallpaper
2016-02-01 01:16:17 +00:00
96ab598835
set wallpaper
2016-02-01 01:01:24 +00:00
6fb27a3da9
Undo path and move the out of bound check
2016-01-28 23:49:50 -06:00
d515e4db64
Unwanted comment
2016-01-21 00:55:08 -06:00
bda76c7340
Update lastpass_creds module
2016-01-21 00:53:16 -06:00
348ae586a7
Handle vault parsing exceptions
2016-01-15 14:54:59 -08:00
3bee2fff70
Use native method dir
2016-01-08 16:06:24 -08:00
8c6bdd532b
Use ? for SQL queries
2016-01-07 22:50:23 -08:00
b46095f3d6
Remove custom method checking file exists
2016-01-07 22:21:10 -08:00
e7701b6d5f
Fix incoherent method to always return a list
2016-01-07 22:17:04 -08:00
f8943f4821
Remove peer; defined in lib/msf/core/post/common.rb
2015-12-24 07:57:16 -08:00
d6dacd1580
Fixed bug when generating native traffic with one thread
2015-12-23 15:28:33 +00:00
45b9230efb
Redirect python stderr to stdout, darwin python platform
2015-12-22 11:32:31 +00:00
be9197fc97
quick fix for issues #6359
2015-12-22 03:26:31 +00:00
f9d74143c3
fix typo
2015-12-22 03:25:34 +00:00
2ddac42be7
Perform Rubocop cleanup
2015-12-19 23:33:32 -08:00
2fc940cc3e
Decrypt Chrome and Opera cookies and msdftify code
2015-12-19 22:19:20 -08:00
ab630166bb
Decrypt Chrome and Opera cookies and msdftify code
2015-12-19 21:40:30 -08:00
ccb13a2ca6
Add full IE support and bug fixes
2015-12-17 20:29:50 -08:00
b085989923
Land #6266 , rsync creds scraper
2015-12-14 11:37:30 -06:00
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
fc9d818837
change youtube url
2015-12-04 10:15:56 +01:00
b4ade1989a
Add IE support for stored passwords
2015-12-04 00:13:42 -08:00
78d391fa10
Rubocop
2015-12-02 14:54:30 +00:00
99dceb33ac
Added 'ALL' support (to do TCP and UDP in one go)
2015-12-02 14:50:16 +00:00
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
366b92a79e
Store rsync creds as creds, not loot
2015-12-01 15:30:39 -08:00
b66be85ccb
Rubocop
2015-12-01 22:32:04 +00:00
d5c0da5e19
Added 33434-33534 because this is the default udp range for traceroute (might be enabled by sysadmins to enbale traceroutes to work)
2015-12-01 22:31:12 +00:00
74a07709b8
Use the Comm param instead of adding a route as suggested by @jlee-r7 and hdm
2015-12-01 21:42:27 +00:00
c744b14a8a
Exclude python meterpreter, doesn't seem to work
2015-11-29 20:40:42 +00:00
6a3172268e
Fixed module metadata
2015-11-29 19:32:55 +00:00
2bc5b98d6e
Rubocop fixing alignment of ifs and ends
2015-11-29 19:17:49 +00:00
8b4649e75c
Working through rubocop issues
2015-11-29 19:11:10 +00:00
9267afc18b
Rubocop
2015-11-29 19:06:24 +00:00
9a6f0d6734
Reducing complexity (rubocop)
2015-11-29 19:06:07 +00:00
b5909852a9
Rubocop
2015-11-29 19:02:33 +00:00
d4bb5537b2
Fixed stupid paste error
2015-11-29 19:02:15 +00:00
fd7a6465c6
Attemping to simplify code
2015-11-29 19:01:34 +00:00
10f89239a5
rubocop
2015-11-29 18:59:40 +00:00
6a567845e0
Tidy up error messages
2015-11-29 18:54:46 +00:00
12dbe31bee
Apparently adding .close causes it to hang
2015-11-29 18:49:51 +00:00
41d963eeb1
Debugging
2015-11-29 18:34:26 +00:00
b6dfafaeb7
Stabilised code, still giving errors on threads>1 in native mode though
2015-11-29 18:14:19 +00:00
e18f8b5e21
Now works for both TCP and UDP
...
However, it gives 'interrupted by console user' as an error message for no reason (?timeouts?)
2015-11-29 17:53:04 +00:00
98e0050e8c
Fixed 'end' bugs (mismatched blocks)
2015-11-29 16:20:33 +00:00
af106737b9
Adding both native and winapi options, split out to functions & fix up
2015-11-29 16:17:07 +00:00
5ffeaddf1e
Added help
2015-11-26 14:01:40 +00:00
1ce0386d01
Reusing port array generation code
2015-11-26 13:59:15 +00:00
9d747e67a3
Fix bugs in new Firefox creds storage
2015-11-25 21:28:07 -08:00
a692a5d36c
Remove Platform, this should work everywhere; correct grammar
2015-11-25 11:23:18 -08:00
09d4bd8175
Added basic function definition for non-Win32API egress
2015-11-24 15:38:06 +00:00
4ea732716a
Added file
2015-11-24 15:37:44 +00:00
718e928fe3
Control per-user config file
2015-11-23 11:11:03 -08:00
93bb31dfa0
Make path to rsyncd configuration file configurable
2015-11-21 19:50:33 -08:00
f34c7a8594
Support for new Firefox method to store credentials
2015-11-20 23:42:59 -08:00
aa962f30a9
Minor style/usability cleanup
2015-11-20 13:51:31 -08:00
a96102c20a
Minor cleanup
2015-11-20 13:19:38 -08:00
c75e3c8e84
Initial commit of a post module for looting rsync credentials
2015-11-20 12:57:33 -08:00
811167442c
Re-disable debugging nodelete
2015-11-17 13:10:03 +00:00
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
38ca943219
Remove unneeded width arg
2015-11-13 11:49:50 -08:00
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
211da2746e
Support cookie auth key decryption
2015-11-11 16:26:07 -08:00
15cfa925c8
Document the cloud mess
2015-11-11 12:06:53 -08:00
a328675f77
Add simulated cowsay support to wall
2015-11-11 11:54:46 -08:00
8d21a91f3e
Add initial wall module
2015-11-11 09:15:32 -08:00
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
20679ea6c6
Land #5720 , @g0tmi1k's changes to firefox_creds post module
2015-11-05 15:36:08 -06:00
b0f92b49a2
Print vault passwords
2015-11-01 21:47:00 -08:00
e67065a7e9
Fix Firefox/Opera bugs
2015-10-26 22:40:47 -07:00
da9420a915
Retrieve randkey from LastPass
2015-10-26 19:17:09 -07:00
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
8bfa5bcd09
Do some more minor code cleaning
2015-09-04 13:08:27 -05:00
ac49c80367
Do minor code cleanup
2015-09-04 12:46:21 -05:00
60d2856444
Use id instead of whoami
2015-09-04 12:02:21 -05:00
4fa58efaa0
Allow to configure the DOWNLOAD_TIMEOUT
2015-09-04 11:54:22 -05:00
eb43241425
Firefox_creds more stable/bug fixs (Linux/OSX)
2015-08-27 11:43:53 +01:00
d264802ce0
Consistency and API conformance changes to LES
2015-08-21 12:38:58 -05:00
4a91dfdcf5
Land #5873 , report_note for local_exploit_suggester
2015-08-20 17:52:33 -05:00
b20a283617
Added report_note to suggester
2015-08-20 13:57:16 -05:00
5dd015150c
Land #5748 , refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter
2015-08-16 10:58:17 -05:00
9720e8e081
normalize osx to darwin so python meterp works
2015-08-15 19:49:55 -05:00
422bba87d3
style fixes, moved google_geolocate to google/geolocate
2015-08-15 19:49:32 -05:00
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
7f0d992914
Fixed name typo
2015-08-11 11:51:52 -05:00
34279776a6
Minor edit
2015-07-30 18:40:41 -05:00
fc4fdba482
Merge branch 'suggestor' of https://github.com/MSadek-r7/metasploit-framework into pr5788
2015-07-30 18:31:49 -05:00
08338b73b2
Add get_target_arch and get_target_os
...
We cannot use session.platform to fingerprint the target's platform
and arch, because it's not really meant to be used that way.
2015-07-30 18:26:41 -05:00
af55ef7352
Added session.present?
2015-07-30 10:10:42 -05:00
7aa78dfd4e
Revamped os, platform, arch detection. Added count for exploits being tried
2015-07-30 09:36:02 -05:00
1521c8f87e
Reworded to no suggestions available
2015-07-29 17:40:27 -05:00
66489202fc
Added error message if no exploits are found
2015-07-29 17:31:23 -05:00
b58c6248fe
Fixed ShowDescription bug
2015-07-29 16:52:06 -05:00
2cddfda0a0
wchen-r7's fixes, fixed indentation, removed newlines, added desc.
2015-07-29 16:13:50 -05:00
c725f74d46
Add Local Exploit Suggestor
...
Resolve #5647
2015-07-29 13:19:51 -05:00
a3365a9c7f
Add key, 2fa, iterations and otp support
2015-07-28 00:15:08 -07:00
7c3e79f72d
Smarter way to download via meterpreter
...
...less chance of data crupterion
2015-07-27 19:49:06 +01:00
52e4f45ecd
Use the new thing in wlan_geolocate
2015-07-20 20:24:07 -05:00
d6e12d431f
Style and whitespace
2015-07-20 19:40:25 -05:00
d5c57d9d6e
Use creds API
2015-07-16 16:05:59 +01:00
074ed20f1c
Fix Firefox_Creds
...
...isn't perfect.
2015-07-14 13:33:48 +01:00
d795b2f831
Module cleanup
2015-07-11 19:40:21 +01:00
0e5e8032ad
Add Firefox 2FA support
2015-06-30 21:02:10 -07:00
5b0647a1f2
Add support to steal 2FA token
2015-06-29 22:20:38 -07:00
834c0e594a
Update multi modules
2015-06-29 11:36:28 -05:00
f216841d01
Update enum_vbox
2015-06-22 17:54:17 -05:00
c20d2a1dd9
Update post/multi/gather/env
...
* Use cmd_exec
2015-06-22 16:20:46 -05:00
5a548c3792
Land #5453 , Update dbvis_enum to use the new cred API
2015-06-19 11:35:07 -05:00
ce9481d2b7
Inconstancy - If datastore['VERBOSE'] vs vprint
2015-06-18 09:27:01 +01:00
ef825fb4bf
Land #5530 , shell_to_meterpreter improvements
2015-06-16 14:29:15 -05:00
33139c4ecd
shell_to_meterpreter minor improvements
2015-06-16 20:42:47 +01:00
a53ca53a6a
Fix inconstancy - multi/handler
2015-06-12 21:23:51 +01:00
e43163135b
Add module_fullname: fullname,
2015-06-02 12:33:34 -05:00
7485cf776e
Remove unnecessary spaces
2015-06-02 14:18:36 +05:00
b4cfe93977
Add creds API
2015-06-02 14:16:16 +05:00
b98cc89f0c
Update filezilla_client_cred to use the new cred API
2015-06-02 00:22:17 -05:00
17c0af6380
Consistent column names
2015-05-29 11:08:24 +05:00
101f12b9d2
Remove base64 require
2015-05-29 10:38:06 +05:00
3ac5088a9a
Add decryption.final for proper padding
2015-05-29 10:33:55 +05:00
2756c7375e
Add datastore options
2015-05-28 10:58:36 +05:00
1ab49397a2
Decrypt encrypted passwords
2015-05-28 10:21:00 +05:00
43e9244b4c
Fix #5134 , Put store_loot back
...
Fix #5134
store_loot was used at one point, but we ended up removing it.
Turns out store_loot is handy in some cases so we're brining it back.
2015-04-17 16:33:51 -05:00
fc6860672b
Fix merge conflict due to #5527
...
...my mistake
2015-03-21 01:57:13 +00:00
faa7ed2b68
shell_to_meterpreter - more options, more verbose
...
...less bugs!
2015-06-13 17:37:41 +01:00
7d7139d769
Consistent-ize whitespace
2015-01-27 11:11:02 -06:00
d8200c65a8
Strip safely, avoid nil.strip errors
2015-01-27 11:06:55 -06:00
5b3d877b25
Land #4648 , for real
2015-01-27 11:00:22 -06:00
a88a631b66
Fix #strip
2015-01-27 10:58:24 -06:00
d2bf1a73ff
Don't need to require YAML anymore either
2015-01-27 10:40:57 -06:00
cafbd1af51
Prefer a regex over YAML parsing
...
Fixes a bug introduced in #4645
2015-01-27 10:34:56 -06:00
d53f4e1178
Fix bugs and make final changes
2015-01-26 23:29:10 -06:00
2bb9314b4b
Switch to unless conditional
2015-01-27 00:10:33 -05:00
1f9286da69
Undo logic reversage
2015-01-26 23:54:41 -05:00
a9e480e44a
Fixed tilde
2015-01-26 23:53:08 -05:00
eed9fbe024
Lose assignment in conditional
2015-01-26 23:48:08 -05:00
c496d2c987
Remove nil check
2015-01-26 23:43:31 -05:00
c29b7488b2
Fix double new line
2015-01-26 23:40:19 -05:00
d77f112e82
Minor Formatting
2015-01-26 23:31:36 -05:00
06485d8c89
Fix naming of things
2015-01-26 23:17:44 -05:00
685c4804e5
Add trailing return
2015-01-26 23:15:00 -05:00
6b6e47a237
Fix sessiontypes, again
2015-01-26 23:13:17 -05:00
747349a57a
Fix sessiontypes
2015-01-26 23:11:48 -05:00
ee7ecb349d
Fix description
2015-01-26 23:10:08 -05:00
106170eddc
Add multi to name
2015-01-26 23:08:43 -05:00
a3c7cf70f8
Make MSF Tidy more happy
2015-01-26 22:30:26 -05:00
d37b3cf0c3
Use next instead of return
2015-01-26 22:26:56 -05:00
f58dc2789f
Remove creds
2015-01-26 22:13:15 -05:00
a27c376ae7
Add service port and host
2015-01-26 22:06:07 -05:00
dd34b58e49
Add add loot
2015-01-26 22:01:38 -05:00
3889ed5784
Add cred login
2015-01-26 21:50:10 -05:00
eead063375
Add RubyGems API Post Gather Module
2015-01-26 20:53:39 -05:00
43e0afeaed
Delete 's' typo
2015-01-19 12:55:35 -06:00
79a24f80b8
Use constant for play options
2015-01-19 12:50:40 -06:00
652400451e
Delete extra k
2015-01-19 12:35:26 -06:00
50d43f118b
Make URLs better
...
Removes YouTube logo, loops, hides video controls at bottom, disables keyboard controls, doesn't show info about the video on the top, hides video annotations, and doesn't show related videos at the end.
2015-01-19 12:27:18 -05:00
0496bb16bc
Minor spelling fix
2015-01-07 23:43:59 -05:00
0f27c63720
fix msftidy warnings
2014-12-12 13:16:21 +01:00
65b316cd8c
Land #4372
2014-12-11 18:48:16 -08:00
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
de88908493
code style
2014-12-11 23:30:20 +01:00
54de805b7a
Report credentials
...
* Even when we are not associating them to hosts
* It's a post module so maybe we cannot solve some names
2014-11-17 12:49:18 -06:00
b3b37c7c9f
Use longer description lines
2014-11-17 12:23:22 -06:00
d5afb2b766
%q
2014-11-17 09:01:14 -08:00
ce73e32673
Doc and named captures
2014-11-17 09:01:14 -08:00
bf05fe1389
Refactoring, simplification, better print_*
2014-11-17 09:01:14 -08:00
6e1cdfde36
Rip out create_credential* stuff. Use what works
2014-11-17 09:01:14 -08:00
e5bb13a609
If remmina config files are missing data for creds, tell me what
2014-11-17 09:01:14 -08:00
875d1f9ea0
Convert Remmina credential gatherer to use new credentials model
2014-11-17 09:01:14 -08:00
h00die
Brent Cook
wchen-r7
Adam Cammack
Tim
Christian Mehlmauer
Martin Vigo
Jon Hart
Stuart Morgan
Rory McNamara
William Vu
PsychoMario
jvazquez-r7
g0tmi1k
HD Moore
Mo Sadek
Tod Beardsley
James Lee
root
Jonathan Claudius
IMcPwn
EricGershman