infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,864 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

13721 Commits (17040e9894e5a5cd49946718599896115cec909d)

Author SHA1 Message Date
Adam Cammack b0da7fcd26 Add Enum-type options for external modules 2018-02-09 11:14:21 -06:00
Adam Cammack 0fe2fb9186 Add support for single-IP external scanners 2018-02-09 11:14:14 -06:00
Metasploit a7e779d987
Bump version of framework to 4.16.38 2018-02-08 10:04:59 -08:00
scriptjunkie 64c0d60fbf
Land #9492, fix for reverse port forwards 2018-02-06 23:33:52 -06:00
Adam Cammack e82ff28374
Land #9490, Fix HTML escaping of Unicode in docs 2018-02-06 23:33:34 -06:00
Metasploit 1fdc4bdabb
Bump version of framework to 4.16.37 2018-02-02 09:51:35 -08:00
William Vu 6c350be24e
Land #9473, new MS17-010 aux and exploit modules 2018-02-02 11:32:40 -06:00
Metasploit 445b72fdcd
Bump version of framework to 4.16.36 2018-02-01 10:03:16 -08:00
Brent Cook 48c3c7cd62
Land #9475, Fix import for Fix proxy authentication in reverse_http 2018-02-01 11:24:10 -06:00
Metasploit cca76d2217
Bump version of framework to 4.16.35 2018-01-26 16:18:28 -08:00
William Vu a87ae41d81 Land #9446, Post API fix for setuid_nmap 2018-01-26 18:08:47 -06:00
Metasploit c2379308cf
Bump version of framework to 4.16.34 2018-01-25 10:04:45 -08:00
bwatters-r7 af0c58c2ae
Land #9335, Added socket bind port option for reverse tcp payload. 
Merge branch 'land-9335' into upstream-master
 2018-01-24 17:20:14 -06:00
Matthew Kienow b515a582f0
Land #9424, Add SharknAT&To external scanner 2018-01-24 17:20:03 -06:00
Brent Cook 15f631dcb5
Land #9452, expose linux/osx meterpreter process hiding 2018-01-24 17:12:56 -06:00
Brent Cook d6beb94c59
Land #6611, add native DNS to Rex, MSF mixin, sample modules 2018-01-24 17:12:52 -06:00
Brent Cook 5ec3da843e
Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-24 17:12:47 -06:00
Brent Cook bb73d2c07e
Land #9431, Fix owa_login to handle inserting credentials for a hostname 2018-01-24 17:12:39 -06:00
William Vu 7da3bdd081
Land #9432, cmd_edit improvements (again!) 
We seem to enjoy refactoring this method.
 2018-01-24 17:12:20 -06:00
Brent Cook 55c345418d
Land #9438, address cmd_exec inconsistencies 2018-01-24 17:11:40 -06:00
Brent Cook 0916d8402e
fix whitespace patchups for current python meterpreter 2018-01-24 17:08:33 -06:00
Metasploit 898aa82933
Bump version of framework to 4.16.33 2018-01-18 10:05:22 -08:00
William Vu 2916c5ae45 Rescue Rex::Proto::SunRPC::RPCTimeout 
Coincidentally, this also fixes the rescue in the library, since
rescuing Timeout instead of Timeout::Error does nothing.
 2018-01-12 19:34:59 -06:00
Metasploit 18f16e7c66
Bump version of framework to 4.16.32 2018-01-11 10:03:16 -08:00
William Vu 4b225c30fd
Land #9368, ye olde NIS ypserv map dumper 2018-01-10 22:02:36 -06:00
William Vu 1a8ffed5e3
Land #9369, register_dir{,s}_for_cleanup 2018-01-10 22:02:15 -06:00
William Vu b1cecd4193 Bump TIMEOUT in Msf::Exploit::Remote::SunRPC 2018-01-10 20:36:35 -06:00
William Vu 1c1f3b161e Rescue XDR errors in Msf::Exploit::Remote::SunRPC 2018-01-10 20:11:30 -06:00
Brent Cook cb82015c87
Land #9387, Check exploit stance for array as well as string 2018-01-09 03:52:59 -05:00
William Vu 333d57461a Check exploit stance for array as well as string 
An exploit can be both aggressive and passive.
 2018-01-08 13:52:04 -06:00
William Vu 461f1c12e6 Fix nil bug(s) by moving arrays to initialize 2018-01-06 02:31:16 -06:00
William Vu 14143c2b90 Fix missed file_dropper_win_path 2018-01-06 01:44:25 -06:00
jgor 51e5fb450f Detect and return on bad VNC negotiations 2018-01-05 10:12:13 -06:00
Wei Chen 9fbddd6474
Land #9374, fix HTML parsing problems for info -d 
Land #9374
 2018-01-04 16:08:56 -06:00
Matthew Kienow 67e7ea4df9
Fix markdown premature less-than sign escape 2018-01-04 15:51:05 -05:00
Metasploit 3a7a539c84
Bump version of framework to 4.16.31 2018-01-04 12:17:08 -08:00
Jeffrey Martin 78872be2ad
Merge released '4.x' 2018-01-04 14:13:18 -06:00
Metasploit d4de9eef9b
Bump version of framework to 4.16.30 2018-01-04 10:03:21 -08:00
William Vu 50f4ebb3b2 Add register_dirs_for_cleanup to FileDropper 2018-01-04 11:06:32 -06:00
William Vu d7c826b5e8 Add rm_rf to Post::File 2018-01-03 23:14:21 -06:00
Adam Cammack 16fa3b99ef
Land #9350, Improve fake SSL cert details 2018-01-03 15:32:27 -06:00
Brent Cook a444bdb329 handle no datastore 2017-12-29 15:26:28 -06:00
Brent Cook 198aeda2c8 rename option 2017-12-29 12:31:56 -06:00
Brent Cook e546598cf1 Implement a method for command shells to register a post-session cleanup command 2017-12-29 12:14:34 -06:00
RageLtMan c32ef4a3be Require msf/core/cert_provider in framework.rb 
Add an explicit require for the new cert_provider in framework.rb
in case it has not yet been loaded.

This should address the Travis failure on initial PR, although the
gem version in socket has not been updated, so this might take a
bit to propagate. In the end, if the dependency already gives us
this functionality by the time we call Rex::Socket::Ssl then this
commit can safely be dropped
 2017-12-29 02:14:48 -05:00
RageLtMan 18f3815147 Update TLS certificate generation routines 
Msf relies on Rex::Socket to create TLS certificates for services
hosted in the framework and used by some payloads. These certs are
flagged by NIDS - snort sid 1-34864 and such.

Now that Rex::Socket can accept a @@cert_provider from the Msf
namespace, a more robust generation routine can be used by all TLS
socket services, provided down from Msf to Rex, using dependencies
which Rex does not include.

This work adds the faker gem into runtime dependencies, creates an
Msf::Exploit::Remote::Ssl::CertProvider namespace, and provides
API compatible method invocations with the Rex version, but able
to generate higher entropy certs with more variables, options, etc.

This should reduce the hit rate against NIDS on the wire, reducing
pesky blue team interference until we slip up some other way. Also,
with the ability to generate different cert types, we may want to
look at extending this effort to probide a more comprehensive key
oracle to Framework and consumers.

Testing:
  None yet, internal tests pending.
  Travis should fail as this requires rex-socket #8.
 2017-12-28 21:00:03 -05:00
Metasploit 7254130b77
Bump version of framework to 4.16.29 2017-12-28 15:19:22 -08:00
Jeffrey Martin 66ca61f636
Merge released '4.x' 2017-12-28 17:15:29 -06:00
Brent Cook c2bb144d0f
Land #9302, Implement ARD auth and add remote CVE-2017-13872 (iamroot) module 2017-12-28 14:11:26 -06:00
Metasploit c681c7881d
Bump version of framework to 4.16.28 2017-12-28 10:03:39 -08:00
Brent Cook 6f1196d30c clarify what's happening when there is a connection failure 2017-12-27 22:32:08 -06:00
Jon Hart bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login 2017-12-27 13:08:44 -08:00
Jeffrey Martin 8ea50572df
Land #9329, Add basic framework for interacting with MQTT 2017-12-27 14:59:34 -06:00
Tod Beardsley e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya 
These cover several of the CVEs mentioned in

https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
 2017-12-26 12:39:51 -06:00
juushya 8b0f2214b1 few more updates 2017-12-23 03:04:11 +05:30
juushya 038119d9df Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more 2017-12-23 00:14:27 +05:30
Jon Hart d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login 2017-12-22 08:07:40 -08:00
William Vu caae33b417
Land #9170, Linux UDF for mysql_udf_payload 2017-12-21 20:48:24 -06:00
Metasploit 909caa0425
Bump version of framework to 4.16.27 2017-12-21 13:27:52 -08:00
Brent Cook 9d8cb8a8d0 Merge branch '4.x' into upstream-master 2017-12-21 15:17:38 -06:00
Metasploit ee2f10efc5
Bump version of framework to 4.16.26 2017-12-21 10:04:38 -08:00
Jon Hart becc05b4f1
Cleaner client_id handling 2017-12-21 06:57:33 -08:00
Jon Hart 157d973194
Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 19:13:34 -08:00
Jon Hart 82bdce683b
Remove to_s 2017-12-20 19:13:12 -08:00
Jon Hart adca42f311
Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 19:11:52 -08:00
Jon Hart b78f1105f7
Add missing port 2017-12-20 19:11:33 -08:00
Jon Hart bedc276225
Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 19:09:51 -08:00
Jon Hart ddb2566f3b
Remove duplicate options, set less suspicious client_id 2017-12-20 19:09:35 -08:00
Jon Hart 962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 18:58:36 -08:00
Jon Hart cf21d13b2e
Resolve conflict 2017-12-20 18:58:16 -08:00
William Vu 1975713a92
Land #9333, get_cookies_parsed using CGI::Cookie 2017-12-20 20:08:33 -06:00
Jon Hart d0b3abc14b
Better handling of MQTT endpoints which don't require authentication 
Arguably this is working around LoginScanner's inability to provide
blank usernames AND passwords
 2017-12-20 18:02:52 -08:00
Jon Hart 2e62d77e36
Add new method for fetching parsed cookies from an HTTP response 
This fixed #9332.
 2017-12-20 16:19:44 -08:00
Brent Cook 3b78302868
Land #9327, restore transport enum used in TLVs 2017-12-20 16:11:04 -06:00
Brent Cook 5fe9dba4dd
Land #9296, add iOS meterpreter support 2017-12-20 16:09:41 -06:00
Jon Hart 7723933fa9
Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 13:42:16 -08:00
Jon Hart 741d08f604
Style cleanup 2017-12-20 13:33:47 -08:00
Jeffrey Martin 8cd7185a7f
Land #9313, Add DirectAdmin login_scanner module 2017-12-20 15:23:24 -06:00
Jeffrey Martin 7f8a5d3834
improved credential reporting 2017-12-20 15:09:11 -06:00
Jon Hart ac1daaf10e
Fix rubocop warning 2017-12-20 12:41:44 -08:00
Jon Hart b4262662dc
Add missing mqtt login helper 2017-12-20 12:33:49 -08:00
Jon Hart f15309bc48
Add basic framework for interacting with MQTT 2017-12-20 12:28:02 -08:00
Jeffrey Martin 9719ede3f0
restore transport enum used in TLVs 2017-12-20 13:12:24 -06:00
Matthew Kienow 31042d4171
Land #9324, AutoRunScript with resource scripts 2017-12-20 13:52:53 -05:00
Brent Cook 210f137b7b Merge branch 'upstream-master' into land-9296- 2017-12-20 12:07:53 -06:00
Brent Cook 3339c3b74d remove magic, because it causes complications with complex RC scripts 2017-12-20 11:49:42 -06:00
Brent Cook 0c867d92fd fix incorrect regex 2017-12-20 11:46:14 -06:00
Brent Cook 32c486023c
Land #9308, Ensure tab completion in HWBridge sessions works 2017-12-20 11:29:11 -06:00
Brent Cook 64d346f2e8
Land #9326, fix clipboard typo 2017-12-20 11:17:32 -06:00
Puru bfa0cad8a5
Fix clipboard typo 2017-12-20 20:49:36 +05:45
Brent Cook 2629ec6bdb infer whether the user supplied a Meterpreter or resource script 2017-12-20 06:43:20 -06:00
Brent Cook 5ecc45a0d1 nicely handle exceptions when processing scripts, tell the user about them 
Let's help the user by saying what's going on.
 2017-12-20 06:42:50 -06:00
Brent Cook 05c6079e0d remove unused 'active_resource' accessor 2017-12-20 06:15:09 -06:00
Tim 15da7c699d Fix #7779, fix multi/meterpreter/reverse_http with web_delivery 2017-12-20 16:32:07 +08:00
Brent Cook 6b216f2a20
Land #9290, Fix OverrideLHOST/LPORT with http/s Meterpreter payloads 2017-12-20 00:26:06 -06:00
Jeffrey Martin fe4c701016 Merge released '4.x' 2017-12-19 14:14:22 -06:00
Metasploit 66b1a555a1
Bump version of framework to 4.16.25 2017-12-18 16:33:25 -08:00
Tod Beardsley 72d3592b9c
New requires for Cambium mixins 2017-12-18 16:38:18 -06:00
Tod Beardsley 27a324237b
Initial commit for Cambium issues from @juushya 
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
 2017-12-18 16:32:55 -06:00
Nick Marcoccio be2a3ca270 edited sid comment 2017-12-18 08:18:02 -05:00