Metasploit
83cd0bc977
Bump version of framework to 4.15.6
2017-08-04 10:07:09 -07:00
Brent Cook
ff189147e7
rb-readline made a release, use 0.5.5 instead of git HEAD
2017-08-02 06:09:27 -05:00
Brent Cook
bb2304a2d1
Land #8769 , improve style, compatibility, for ssh modules
2017-08-01 21:43:32 -05:00
Brent Cook
390f4d52db
add ed25519 support for net-ssh
2017-08-01 16:05:25 -05:00
Metasploit
70f659370f
Bump version of framework to 4.15.5
2017-07-28 10:21:44 -07:00
Brent Cook
ddc4fd95a5
Update payloads
...
This incorporates support for HiDPI displays with screen capture for Windows
meterpreter, and fixes a communications bug with Android meterpreter.
2017-07-28 09:56:03 -07:00
Brent Cook
a0511c79a4
pull in minor build fixes and filesystem stat implementation from python
...
This pulls in https://github.com/rapid7/metasploit-payloads/pull/219
and https://github.com/rapid7/metasploit-payloads/pull/195
2017-07-23 22:37:43 -07:00
Brent Cook
3bc0c18e6a
Properly handle threads and window destruction, add PID logging
...
This pulls in https://github.com/rapid7/metasploit-payloads/pull/213
which fixes https://github.com/rapid7/metasploit-framework/issues/8608
and adds PID logging to verbose keyboard capture.
2017-07-23 22:27:42 -07:00
Brent Cook
8444038c62
Add eval alternative to PHP Meterpreter to bypass suhosin
...
See https://suhosin.org/stories/index.html for more information on this system.
2017-07-23 22:04:09 -07:00
Brent Cook
b75530b978
Fix an issue where 'sleep' with Python Meterpreter appears to fail.
2017-07-23 05:38:06 -07:00
Brent Cook
302b66c2d8
add payloads support for OSX with python meterpreter
2017-07-23 05:26:59 -07:00
Brent Cook
072b0dc90b
Hide errors in Windows Meterpreter sessions
...
In Windows Meterpreter sessions, set newly created threads via
SetThreadErrorMode to not display error popups when there are failures.
2017-07-23 05:09:01 -07:00
Metasploit
50474a1ea7
Bump version of framework to 4.15.4
2017-07-21 10:03:44 -07:00
Brent Cook
c5101b71a0
bump rex-core, reverting threadsafe select changes
2017-07-20 23:21:19 -05:00
Brent Cook
510ff888fd
Land #8439 , native OSX meterpreter support
2017-07-20 22:01:49 -05:00
Brent Cook
1d0db02a64
bump payloads
2017-07-20 09:10:19 -05:00
Brent Cook
cc3168933f
update mettle payloads, template generator
2017-07-18 13:13:38 -05:00
Metasploit
39b2e824ec
Bump version of framework to 4.15.3
2017-07-17 15:43:31 -07:00
David Maloney
3ad4ff69b4
try and hard lock rex-powershell version
...
remove this later when the issues with this gem release are addressed
2017-07-17 15:25:26 -05:00
David Maloney
ecce28e8b9
revert rex-powershell back to previous version
...
some things need to be worked out in framework before
this gem version is ready for release
2017-07-17 15:04:43 -05:00
Metasploit
f80c053114
Bump version of framework to 4.15.2
2017-07-17 12:01:22 -07:00
Brent Cook
ea02558390
bump prerelease gems to fix specific issues with Framework
...
rb-readline has an issue with the latest curses release
dnsruby changes the global thread behavior to abort on exception
2017-07-17 09:26:14 -05:00
dmaloney-r7
d6ee0ca94d
Merge branch 'master' into kill-cucumber
2017-07-14 10:23:38 -05:00
Metasploit
03691cc35f
Bump version of framework to 4.15.1
2017-07-12 20:08:07 -07:00
Brent Cook
dbef4ee816
kill cucumber in framework
2017-07-12 08:00:29 -05:00
Brent Cook
8d23d1e05d
move the xpath pin to test group instead
2017-07-12 05:11:09 -05:00
dmohanty-r7
38d5258c12
Lock xpath version to 2.0
2017-07-11 16:19:25 -05:00
Brendan Coles
6a29b87a4c
Add pdf-reader dependency
2017-07-07 11:19:06 +00:00
Brent Cook
4393b6e563
Improve compatibility with Rubinius (alternate Ruby implementation)
2017-06-30 11:08:17 -04:00
Brent Cook
fa79f90e4e
bump rex-socket, add client cert, mac address matching support
2017-06-30 10:46:15 -04:00
William Webb
6349026134
Land #8442 , Exploit module for Backup Exec Windows Agent UaF
2017-06-28 10:39:28 -05:00
Brent Cook
eba8979914
bump payloads
2017-06-27 04:08:15 -05:00
Rob Fuller
2918b3af13
Land #8599 , Dynamic DNS updater module
2017-06-25 15:08:22 -05:00
Brent Cook
7a006e0f71
bump payloads
2017-06-23 18:13:52 -05:00
Rob Fuller
fdd62ab112
Land #8604 , Incorporate fix for workspace delete
2017-06-23 17:30:57 -05:00
Brent Cook
714b7d0a02
bump metasploit_data_models, speedup workspace deletion
2017-06-23 17:02:32 -05:00
OJ
87cee65a06
Bump payloads to 1.2.35 to include kiwi updates
2017-06-23 13:43:00 +10:00
Brent Cook
fda2e8c73d
Land #8523 , Add support for session GUIDs
2017-06-22 20:10:10 -05:00
Metasploit
fad696ed58
Bump version of framework to 4.15.0
2017-06-22 18:02:38 -07:00
KINGSABRI
5528084e27
add Dnsruby
2017-06-22 15:55:04 -05:00
William Vu
3293a8fe67
Land #8594 , rspec-retry Heisenspec fix
2017-06-21 19:57:57 -05:00
Brent Cook
22db17a87a
bind ruby-pg back to version 0.20
2017-06-21 03:11:11 -05:00
darkbushido
e873c87f0b
trying rspec-retry
2017-06-20 14:02:32 -05:00
Metasploit
9ce0bb9345
Bump version of framework to 4.14.28
2017-06-16 10:02:07 -07:00
Metasploit
0515980138
Bump version of framework to 4.14.27
2017-06-12 07:39:14 -07:00
Metasploit
77b1125e77
Bump version of framework to 4.14.26
2017-06-09 10:03:35 -07:00
OJ
a3f3dc0a70
Upload payloads/mettle gems, update cache sizes
...
Updated both the metasploit-payload and metasploit-payload-mettle gems
to the versions that match for the session GUID pull requests. Updated
the payload cached sizes to match the new payloads.
2017-06-09 17:15:52 +10:00
Brent Cook
153611e9fa
bump metasploit-credential to allow handling string addresses gracefully
2017-06-09 01:43:45 -05:00
Brent Cook
5f10e63923
bump payloads
2017-06-05 08:43:16 -05:00
Metasploit
92a65f5c63
Bump version of framework to 4.14.25
2017-06-02 10:03:44 -07:00
David Maloney
3ee77d1b50
update ruby_smb version
2017-05-30 14:17:51 -05:00
David Maloney
d5e74ffdf3
Merge branch 'master' into feature/eternal_blue/rubysmb_refactor
2017-05-30 13:59:31 -05:00
Metasploit
0c792798a7
Bump version of framework to 4.14.24
2017-05-30 07:26:35 -07:00
Brent Cook
a01a2ead1a
Land #8467 , Samba CVE-2017-7494 Improvements
2017-05-30 00:15:03 -05:00
Brent Cook
e31e3fc545
add additional architectures and targets
2017-05-30 00:07:37 -05:00
Brent Cook
63ae70f061
remove pry/method_source git binding, this is not a vital update
2017-05-26 23:03:44 -05:00
Brent Cook
ce9cfa5727
bit-struct updated, no need for my branch anymore
2017-05-26 23:00:21 -05:00
David Maloney
f0f99ad479
nttrans packet setup correctly,everything broken
...
got the nttrans packet setup correctly but somewhere
along the line i broke the whole exploit wtf?
2017-05-26 14:54:46 -05:00
David Maloney
b3e99ee9d2
point to local gem copy for testing and dev
...
remove this later, use a local copy of rubysmb
2017-05-26 12:30:19 -05:00
Metasploit
15b3b7de41
Bump version of framework to 4.14.23
2017-05-26 10:02:14 -07:00
David Maloney
dc67fcd5a8
use RubySMB for anonymous login
...
use the new anonymous login capabilities in
RubySMB
2017-05-24 15:40:05 -05:00
Matthew Daley
52363aec13
Add module for CVE-2017-8895, UAF in Backup Exec Windows agent
...
This module exploits a use-after-free vulnerability in the handling of
SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for
Windows. When SSL is re-established on a NDMP connection that previously
has had SSL established, the BIO struct for the connection's previous
SSL session is reused, even though it has previously been freed.
Successful exploitation will give remote code execution as the user of
the Backup Exec Remote Agent for Windows service, almost always
NT AUTHORITY\SYSTEM.
2017-05-24 00:18:20 +12:00
Metasploit
18f520382b
Bump version of framework to 4.14.22
2017-05-19 12:12:27 -07:00
Metasploit
c54c999efc
Bump version of framework to 4.14.21
2017-05-19 10:02:32 -07:00
Brent Cook
22828fcc0f
Land #8406 , add compatibility shims for older Ruby versions
2017-05-18 21:50:45 -05:00
Metasploit
126c078ced
Bump version of framework to 4.14.20
2017-05-18 11:53:33 -07:00
David Maloney
94e4dc2938
fix for smb_login errors
...
do not try the TreeConnect if the SESSION_SETUP
has already failed.
2017-05-18 11:26:03 -05:00
Brent Cook
c59371dd5e
add ruby backports compat library
2017-05-17 23:41:20 -05:00
Metasploit
729f2a9ab8
Bump version of framework to 4.14.19
2017-05-16 14:09:45 -07:00
Metasploit
405f2c6ca1
Bump version of framework to 4.14.18
2017-05-12 10:10:30 -07:00
Brent Cook
6485042162
update rubyntlm to use the released gem
2017-05-12 05:59:11 -05:00
Brent Cook
337db56d4f
bump payloads
2017-05-11 14:57:10 -05:00
William Vu
638320a848
Update rex-exploitation to 0.1.13
2017-05-10 15:07:21 -05:00
James Lee
fd05cea033
Update packetfu and remove version lock
2017-05-09 11:03:32 -05:00
Brent Cook
7f1e2e6c71
bump metasploit-payloads
2017-05-08 17:34:55 -05:00
Brent Cook
0bc9d9259d
meterpreter bugfixes
...
fixed stdapi_fs_mount_show to show full mapped drive path for Python
Meterpreter on Windows
Updated the Windows Meterpreter `getprivs` command to list all privileges
2017-05-08 16:26:32 -05:00
Metasploit
a0b50390c5
Bump version of framework to 4.14.17
2017-05-05 10:02:17 -07:00
Metasploit
2f1df4d4c2
Bump version of framework to 4.14.16
2017-05-02 11:11:20 -07:00
Brent Cook
7c11e0065d
update mettle
2017-04-26 18:00:50 -05:00
Metasploit
89e81253ed
Bump version of framework to 4.14.15
2017-04-21 10:02:32 -07:00
Metasploit
f90911e09e
Bump version of framework to 4.14.14
2017-04-19 09:35:29 -07:00
Metasploit
05e15cee18
Bump version of framework to 4.14.13
2017-04-18 08:17:22 -07:00
David Maloney
1d52e269a7
update ruby_smb
2017-04-17 22:20:02 -05:00
Brent Cook
7613bd8964
bump metasploit-payloads, fix 64-bit builds
2017-04-16 08:52:41 -05:00
Brent Cook
fe33fe5571
bump payloads with new keyscan code
2017-04-14 21:54:50 -05:00
Brent Cook
42122d2835
Land #8238 , move SMB2 support back into smb_login, add simpler permissions checks
2017-04-14 14:06:46 -05:00
Brent Cook
c16e2fa88e
bump to prerelease rubyntlm to get rid of Ruby 2.4 warning msgs.
2017-04-14 14:06:19 -05:00
Brent Cook
7eaba1fdee
bump payloads
2017-04-14 13:17:25 -05:00
Brent Cook
eedbf25f06
bump android meterpreter, adding in-app screenshot support
2017-04-14 12:38:53 -05:00
Brent Cook
f8a94de671
bump metasploit-payloads, enhance windows support in python meterpreter
2017-04-14 12:28:52 -05:00
Metasploit
036d579228
Bump version of framework to 4.14.12
2017-04-14 10:04:35 -07:00
David Maloney
adeb4d10d7
smb2 login scanner admin check now working
...
we can now check for admin privs in the smb2
login scanner
MS-2636
2017-04-13 14:40:32 -05:00
David Maloney
45d5701473
update ruby_smb to 0.0.9
...
update to newest version to get
TreeConnect capability
MS-2636
2017-04-13 12:01:51 -05:00
Brent Cook
cdccd1df19
add xmlrpc as an explicit dependency
2017-04-13 07:12:38 -05:00
Metasploit
ced1412ee0
Bump version of framework to 4.14.11
2017-04-12 14:39:40 -07:00
Jeffrey Martin
157d28ab3d
make metasploit-aggregator a framework package
2017-04-12 12:33:13 -05:00
Metasploit
7fc05bcb25
Bump version of framework to 4.14.10
2017-04-07 10:07:31 -07:00
Brent Cook
2276bd0c7d
switch back to released octokit gem
2017-04-06 15:36:02 -05:00
Jeffrey Martin
c845745f0b
remove platform restriction on metasploit-aggregator
2017-04-06 13:09:09 -05:00
Metasploit
4e79aaccb7
Bump version of framework to 4.14.9
2017-04-04 16:14:28 -07:00
Brent Cook
3237575024
add ruby 2.1-2.4, update gems with in-flight 2.4 fixes
2017-04-04 04:06:35 -05:00
Metasploit
9edc08cd36
Bump version of framework to 4.14.8
2017-03-31 14:38:29 -07:00
Metasploit
b6085e188d
Bump version of framework to 4.14.7
2017-03-31 10:02:19 -07:00
Brent Cook
9f75a1d392
Land #8174 , bump rex-text to fix problems running split-line VBA code
2017-03-31 11:40:21 -05:00
Brent Cook
ce87174373
bump rex-text to fix problems running split-line VBA code
2017-03-31 11:34:41 -05:00
Brent Cook
a937b00f85
bump rex-core, change 'sleep' to allow < 200ms durations
2017-03-31 11:33:21 -05:00
David Maloney
2d9c2321d1
add ruby_smb as a dep
...
added the ruby_smb library to the gemspec
MS-2557
2017-03-28 16:12:12 -05:00
Metasploit
51646e44a1
Bump version of framework to 4.14.6
2017-03-24 10:02:24 -07:00
Metasploit
8976faa3d1
Bump version of framework to 4.14.5
2017-03-23 08:41:49 -07:00
Metasploit
df181c1792
Bump version of framework to 4.14.4
2017-03-21 14:58:37 -07:00
Brent Cook
9542087642
bump mettle to 0.1.8
2017-03-21 16:45:25 -05:00
Brent Cook
2701fef34b
bump to metasploit-payloads 1.2.29
2017-03-17 17:34:16 -05:00
Metasploit
6200a3abb8
Bump version of framework to 4.14.3
2017-03-17 10:02:41 -07:00
Brent Cook
0631bc4c29
bump payloads and such
2017-03-16 23:51:51 -05:00
bwatters-r7
91a4657c36
Bumped the metasploit-payloads version and cache sizes with PR#8043
2017-03-15 19:02:21 -05:00
bwatters-r7
089940dd4f
Bump to metasploit-payloads v1.2.17 which has the needed code changes
2017-03-15 18:38:47 -05:00
Metasploit
db581a040a
Bump version of framework to 4.14.2
2017-03-07 07:01:57 -08:00
Brent Cook
78976091df
Land #7902 , add initial Metasploit Aggregator for https Meterpreter sessions.
2017-03-07 02:11:01 -05:00
Brent Cook
031285d49a
update payloads
2017-02-28 03:04:53 -06:00
Brent Cook
18445cf341
bump rex-text, get IPAddr sorting
2017-02-27 11:25:06 -06:00
bwatters-r7
1c71952529
Update Gemfile.lock because I forgot to in PR#8014
2017-02-27 11:09:14 -06:00
Jeffrey Martin
5383900a54
Merge branch 'master' into feature/aggregator
2017-02-24 23:59:02 -06:00
Metasploit
f9e4fd54fe
Bump version of framework to 4.14.1
2017-02-24 13:31:17 -08:00
James Barnett
2631259919
Land #7973 , Enable cert validation for Nexpose
...
This PR enables connection to a Nexpose console using the
nexpose client gem.
It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
2017-02-24 14:27:24 -06:00
Metasploit
0f4e03be7b
Bump version of framework to 4.13.27
2017-02-24 10:03:33 -08:00
wchen-r7
1ca0a24177
Up rex-exploitation
2017-02-23 15:58:19 -06:00
Jeffrey Martin
9186b3298a
Merge branch 'master' into feature/aggregator
2017-02-22 10:08:11 -06:00
Metasploit
01558d3d51
Bump version of framework to 4.13.26
2017-02-21 14:01:15 -08:00
Jeffrey Martin
b2ed082c75
Merge branch 'master' into feature/aggregator
2017-02-21 15:11:08 -06:00
Jeffrey Martin
8469323519
update metasploit-aggregator in Gemfile.lock
2017-02-21 15:04:29 -06:00
Metasploit
647020289f
Bump version of framework to 4.13.25
2017-02-17 17:03:42 -08:00
Brent Cook
86c04cd9f4
update metasploit payloads with Python fixes
2017-02-17 18:52:14 -06:00
Metasploit
6e62899e1c
Bump version of framework to 4.13.24
2017-02-17 10:02:51 -08:00
Jeffrey Martin
9f5582a4e4
update Gemfile.lock for master merge
2017-02-16 15:31:40 -06:00
Jeffrey Martin
cbfe18e4d7
use certificates in nexpose
2017-02-16 14:34:02 -06:00
Metasploit
184707c6fc
Bump version of framework to 4.13.23
2017-02-13 16:04:35 -08:00
Metasploit
44d229ad49
Bump version of framework to 4.13.22
2017-02-10 10:02:43 -08:00
Metasploit
d81bdc1c02
Bump version of framework to 4.13.21
2017-02-07 17:27:47 -08:00
Brent Cook
2d1989ef16
bump rex-core, fix path normalization
...
Brings in fixes from https://github.com/rapid7/rex-core/pull/4
2017-02-07 19:17:44 -06:00
Brent Cook
40c86567aa
import packetfu fix for https://github.com/packetfu/packetfu/pull/163
2017-02-06 15:51:01 -06:00
Metasploit
9a5d5eec2e
Bump version of framework to 4.13.20
2017-02-03 10:04:05 -08:00
Jeffrey Martin
f8c2bd4f52
expand remote sessions list detail retrieval
2017-02-02 15:21:09 -06:00
Metasploit
321fa91c75
Bump version of framework to 4.13.19
2017-02-01 11:28:53 -08:00
Metasploit
be170ab8b2
Bump version of framework to 4.13.18
2017-01-31 14:20:40 -08:00
Metasploit
95449a846b
Bump version of framework to 4.13.17
2017-01-27 10:02:17 -08:00
Brent Cook
9dbcaf7227
bump Gemfile.lock
2017-01-26 11:20:17 -06:00
Jeffrey Martin
4af1b595cd
update Gemfile.lock
2017-01-25 10:32:23 -06:00
Brent Cook
2e1d381e2e
bump gem
2017-01-24 09:48:40 -06:00
Brent Cook
d9602f49a2
bump payloads
2017-01-22 15:45:45 -06:00
Brent Cook
77e596263b
update lock
2017-01-22 10:43:06 -06:00