6f1196d30c
clarify what's happening when there is a connection failure
2017-12-27 22:32:08 -06:00
bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-27 13:08:44 -08:00
8ea50572df
Land #9329 , Add basic framework for interacting with MQTT
2017-12-27 14:59:34 -06:00
e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
...
These cover several of the CVEs mentioned in
https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
8b0f2214b1
few more updates
2017-12-23 03:04:11 +05:30
038119d9df
Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more
2017-12-23 00:14:27 +05:30
d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-22 08:07:40 -08:00
caae33b417
Land #9170 , Linux UDF for mysql_udf_payload
2017-12-21 20:48:24 -06:00
909caa0425
Bump version of framework to 4.16.27
2017-12-21 13:27:52 -08:00
9d8cb8a8d0
Merge branch '4.x' into upstream-master
2017-12-21 15:17:38 -06:00
ee2f10efc5
Bump version of framework to 4.16.26
2017-12-21 10:04:38 -08:00
becc05b4f1
Cleaner client_id handling
2017-12-21 06:57:33 -08:00
157d973194
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 19:13:34 -08:00
82bdce683b
Remove to_s
2017-12-20 19:13:12 -08:00
adca42f311
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 19:11:52 -08:00
b78f1105f7
Add missing port
2017-12-20 19:11:33 -08:00
bedc276225
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 19:09:51 -08:00
ddb2566f3b
Remove duplicate options, set less suspicious client_id
2017-12-20 19:09:35 -08:00
962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 18:58:36 -08:00
cf21d13b2e
Resolve conflict
2017-12-20 18:58:16 -08:00
1975713a92
Land #9333 , get_cookies_parsed using CGI::Cookie
2017-12-20 20:08:33 -06:00
d0b3abc14b
Better handling of MQTT endpoints which don't require authentication
...
Arguably this is working around LoginScanner's inability to provide
blank usernames AND passwords
2017-12-20 18:02:52 -08:00
2e62d77e36
Add new method for fetching parsed cookies from an HTTP response
...
This fixed #9332 .
2017-12-20 16:19:44 -08:00
3b78302868
Land #9327 , restore transport enum used in TLVs
2017-12-20 16:11:04 -06:00
5fe9dba4dd
Land #9296 , add iOS meterpreter support
2017-12-20 16:09:41 -06:00
7723933fa9
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 13:42:16 -08:00
741d08f604
Style cleanup
2017-12-20 13:33:47 -08:00
8cd7185a7f
Land #9313 , Add DirectAdmin login_scanner module
2017-12-20 15:23:24 -06:00
7f8a5d3834
improved credential reporting
2017-12-20 15:09:11 -06:00
ac1daaf10e
Fix rubocop warning
2017-12-20 12:41:44 -08:00
b4262662dc
Add missing mqtt login helper
2017-12-20 12:33:49 -08:00
f15309bc48
Add basic framework for interacting with MQTT
2017-12-20 12:28:02 -08:00
9719ede3f0
restore transport enum used in TLVs
2017-12-20 13:12:24 -06:00
31042d4171
Land #9324 , AutoRunScript with resource scripts
2017-12-20 13:52:53 -05:00
210f137b7b
Merge branch 'upstream-master' into land-9296-
2017-12-20 12:07:53 -06:00
3339c3b74d
remove magic, because it causes complications with complex RC scripts
2017-12-20 11:49:42 -06:00
0c867d92fd
fix incorrect regex
2017-12-20 11:46:14 -06:00
32c486023c
Land #9308 , Ensure tab completion in HWBridge sessions works
2017-12-20 11:29:11 -06:00
64d346f2e8
Land #9326 , fix clipboard typo
2017-12-20 11:17:32 -06:00
bfa0cad8a5
Fix clipboard typo
2017-12-20 20:49:36 +05:45
2629ec6bdb
infer whether the user supplied a Meterpreter or resource script
2017-12-20 06:43:20 -06:00
5ecc45a0d1
nicely handle exceptions when processing scripts, tell the user about them
...
Let's help the user by saying what's going on.
2017-12-20 06:42:50 -06:00
05c6079e0d
remove unused 'active_resource' accessor
2017-12-20 06:15:09 -06:00
15da7c699d
Fix #7779 , fix multi/meterpreter/reverse_http with web_delivery
2017-12-20 16:32:07 +08:00
6b216f2a20
Land #9290 , Fix OverrideLHOST/LPORT with http/s Meterpreter payloads
2017-12-20 00:26:06 -06:00
fe4c701016
Merge released '4.x'
2017-12-19 14:14:22 -06:00
66b1a555a1
Bump version of framework to 4.16.25
2017-12-18 16:33:25 -08:00
72d3592b9c
New requires for Cambium mixins
2017-12-18 16:38:18 -06:00
27a324237b
Initial commit for Cambium issues from @juushya
...
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
2017-12-18 16:32:55 -06:00
be2a3ca270
edited sid comment
2017-12-18 08:18:02 -05:00
f447fa1a12
Added DirectAdmin Login Utillity
2017-12-17 22:43:37 -05:00
90b97d6581
Merge branch 'upstream-master' into land-9151-
2017-12-15 14:15:14 -06:00
084dc4470d
Ensure tab completion in HWBridge sessions works as expected.
2017-12-15 12:19:26 -06:00
0a1eea9860
Allow local_editor in cmd_edit to take arguments
...
Such as vim -i NONE. This may allow command injection via arguments.
However, you can already start an arbitrary program by setting
LocalEditor or escaping the editor.
msf > setg LocalEditor /bin/sh
LocalEditor => /bin/sh
msf > edit -i
[*] Launching /bin/sh -i
$
2017-12-14 19:51:57 -06:00
234ef5627e
Land #9299 , Add arch to MS17-010 detection
2017-12-14 12:20:56 -08:00
b99f044de5
Implement VNC security type 30 (Apple Remote Desktop) authentication
2017-12-14 13:57:38 -06:00
be4f9236f2
Bump version of framework to 4.16.24
2017-12-14 10:08:05 -08:00
9ea7747a5c
Land #9233 , Fix #9232 corruption of non-latin characters in W methods
...
Merge branch 'land-9233' into upstream-master
2017-12-14 11:54:36 -06:00
8e4b007edc
Move verify_arch to dcerpc_getarch
...
We can use this code elsewhere, such as the MS17-010 scanner.
2017-12-14 02:08:25 -06:00
c4e20e01e3
iOS meterpreter
2017-12-12 23:23:21 +08:00
f7dfba6bae
deduplicate code from python meterpreter
2017-12-12 03:12:36 -06:00
b7c231bb93
further normalize transport config
2017-12-12 03:12:36 -06:00
bb5ea540ab
fix a number of TODO's in the HTTP handler, remove duplication in handlers
2017-12-12 03:12:36 -06:00
528a423fc0
fix python override scheme
2017-12-12 03:12:36 -06:00
f49006222c
remove unneeded uri
2017-12-12 03:12:36 -06:00
8e76c4cb4f
handle override at the meterpreter config layer
2017-12-12 03:12:36 -06:00
636b93b026
minor simplification
2017-12-12 03:12:36 -06:00
017374be71
pass lhost/lport back into generate_stage with reverse_http/s
2017-12-12 03:12:36 -06:00
1653e31f71
Merge branch 'upstream-master' into land-9126-
2017-12-11 03:57:00 -06:00
348cbe54b6
Bump version of framework to 4.16.23
2017-12-08 10:01:55 -08:00
7aef0f249e
Per MS-2916, load Mettle extensions via new API.
2017-12-07 20:40:22 -06:00
2565ad6a27
Handle IPv6 addresses in full_uri (add brackets)
2017-12-07 12:56:55 -06:00
c15f379343
remove some unneeded backward-compat code
2017-12-04 22:27:21 -06:00
19b37c7070
Land #9263 , drb_remote_codeexec fixes
...
See pull requests #7531 and #7749 for hysterical raisins.
2017-12-04 18:45:03 -06:00
fd1681edd9
Bump version of framework to 4.16.22
2017-12-01 10:04:07 -08:00
09dd5b8489
fix check command to not require an rport _method_
2017-11-30 10:51:21 -06:00
c848379ecb
simply use refname in the prompt?
2017-11-29 20:52:14 -06:00
e5a5d35ad8
add 'promptname' that expands the module path a bit more
...
This allows the user to actually see the module context.
2017-11-29 19:49:43 -06:00
55f56a5350
Land #9110 , added -C option to change default hosts columns
2017-11-29 17:48:44 -06:00
0aeb245c9c
Land #9252 , docker improvements
2017-11-29 17:15:47 -06:00
e8965767a0
Land 9207, Expose more uuid attributes
2017-11-29 16:25:05 -06:00
174d0d46de
Bump version of framework to 4.16.21
2017-11-29 10:45:55 -08:00
70ec576d52
use correct session variable
2017-11-29 11:53:56 -06:00
ec2b5d48a6
add missing payload uuid accessors
2017-11-29 11:49:41 -06:00
446f3fa675
more conversions
2017-11-29 11:49:41 -06:00
59446f3d96
change ui to use new settings
2017-11-29 11:49:41 -06:00
8051f790d0
if there is info in the uuid_db, put it in payload_uuid automatically
2017-11-29 11:49:41 -06:00
e73ba0b3ca
Merge released '4.x' into master
2017-11-29 10:27:42 -06:00
3fff092042
Fix include scope in external module mixin
...
The auxiliary report mixin overrides some of the methods in
Metasploit::Credential, which is fine in framework, but causes issues in
projects relying on the base behavior of Metasploit::Credential. This
changes the include scope from global to just whatever includes the
external module mixin.
2017-11-28 21:41:52 -06:00
f132c1572f
Fix #9194 , clarified error for reloading modules
2017-11-28 17:15:56 -06:00
7b3bf85d03
Print the generated command stager for debugging
2017-11-28 16:00:28 -06:00
50351320d7
more docker work
2017-11-28 21:35:20 +01:00
65412cd2f1
Land #9201 , enhanced tab completion
2017-11-27 11:37:04 -06:00
2c6cfabbc3
Land #8948 , allow configuring payload HTTP headers for domain fronting
2017-11-25 10:08:22 -06:00
8645a518b3
add mettle support for custom headers
2017-11-24 20:27:34 -06:00
c9da8f7a18
Bump version of framework to 4.16.20
2017-11-24 10:01:50 -08:00
ce9d2aff2b
more osx hacks
2017-11-22 17:25:49 +08:00
0f2bfb70c0
hacky fix for osx
2017-11-22 13:07:42 +08:00
9a81cc70dd
Fix corruption of non-latin characters in W methods
2017-11-21 20:58:38 -06:00
81c6823b72
handle interrupt and unknown exceptions properly with external modules
2017-11-21 17:50:53 -06:00
19844fb6ed
Land #9227 , Add slowloris denial of service
2017-11-21 15:42:39 -06:00
92190403cc
use full target_path
2017-11-22 05:42:01 +08:00
b6c81e6da0
Reimplement slowloris as external module
2017-11-21 16:21:01 -05:00
fea28a89a5
Fix TLV defs for http headers
2017-11-21 13:47:19 -06:00
ea37196614
use cooler names c/o @timwr, make options easier to grep
2017-11-21 13:47:19 -06:00
85acbadf01
more DRYing
2017-11-21 13:47:19 -06:00
37ab771ca9
uri is not always defined, fix python stager generation
2017-11-21 13:47:19 -06:00
2076db2d61
DRY up common stager and payload http and retry options
2017-11-21 13:47:19 -06:00
1fd7f7c8bc
prefix MeterpreterUserAgent and PayloadProxy* with Http for consistency,
...
this also adds aliases where needed
2017-11-21 13:47:19 -06:00
a5af21fa1a
add http headers to Android/Java
2017-11-21 13:47:19 -06:00
ac79cc9f78
Fix up header string generation in transports
2017-11-21 13:47:18 -06:00
f6e9b12b43
Make sure stageless is supported
2017-11-21 13:47:18 -06:00
656babe9f4
Custom host header support in python meterp
2017-11-21 13:47:18 -06:00
a78d8f83fc
Add HTTP header support for Host/Cookie/Referer
...
This is to start the support for things like domain fronting.
2017-11-21 13:47:18 -06:00
a4e199a6dd
Land #9000 , enhance module option registration
2017-11-21 12:09:21 -06:00
c5cc013819
auto-detect SSL supported options
2017-11-21 08:30:42 -06:00
967b459ff1
restore default enum is first value behavior
2017-11-21 08:30:42 -06:00
6615c6efc7
tighten up corner cases with option validation
2017-11-21 08:30:42 -06:00
6da66e885a
fix enum default logic for bools that default to false
2017-11-21 08:30:42 -06:00
d811a2a8c1
set good defaults
2017-11-21 02:52:05 -06:00
65c58c3d55
set a good default, remove unused methods, speed up checks
2017-11-21 02:52:05 -06:00
ffa6d74a23
remove historical cruft
2017-11-21 02:52:05 -06:00
d3ee86dc5c
update to new format
2017-11-21 02:52:05 -06:00
249c08f597
usability improvements ith how base options are registered
...
This adds named parameters for all of the current array-index based
options. It also allows specifying the description as the 2nd parameter,
allowing the 'required' parameter to be implicitly false (the most
common value).
A simple parameter like:
OptAddress.new('ReverseListenerBindAddress',
[false, 'The specific IP address to bind to on the local system']),
Can now be rewritten as:
OptAddress.new('ReverseListenerBindAddress',
'The specific IP address to bind to on the local system'),
More complex options are also now easier to read:
OptString.new(
'HttpUserAgent',
'The user-agent that the payload should use',
default: Rex::UserAgent.shortest,
aliases: ['MeterpreterUserAgent']
),
This also makes dealing with enums easier because default is implicit
unless specified. This:
OptEnum.new('PayloadProxyType',
[true, 'The proxy type, HTTP or SOCKS', 'HTTP', ['HTTP', 'SOCKS']]),
Becomes:
OptEnum.new('HttpProxyType',
'The proxy type, HTTP or SOCKS', required: true, enums: ['HTTP', 'SOCKS'])
This maintains full backward compatibility with existing code as well.
2017-11-21 02:52:05 -06:00
40a71af7ed
Add missing `end`
2017-11-20 17:50:59 -06:00
2fdc34c8fd
Add new template for DoS modules
2017-11-20 17:19:14 -06:00
dd57138423
Make external module read loop more robust
...
Changes from a "hope we get at most one message at a time" model to
something beginning to resemble a state machine. Also logs error output
and fails the MSF module when the external module fails.
2017-11-20 16:52:05 -06:00
39f06a3995
Land #8807 , template for external module servers
2017-11-20 17:34:37 -05:00
602406a423
Bump version of framework to 4.16.19
2017-11-17 10:02:22 -08:00
5cdd364590
Bump version of framework to 4.16.18
2017-11-15 19:46:12 -08:00
f357efd97c
Land #9208 , add AArch64 ELF to Msf::Util::Exe
2017-11-15 14:22:27 -06:00
4ec0faf35d
fix aarch64 cmdstager
2017-11-15 16:47:17 +08:00
80b381cde9
Merge released '4.x' into master
2017-11-13 14:11:23 -06:00
bc691cbd00
Document the new tab completion functions
2017-11-11 17:17:48 -05:00
fb7635502d
Tab completion for exploit and handler commands
2017-11-11 17:11:54 -05:00
68a43fef36
Add the new generic tab completion functoin
2017-11-11 16:47:11 -05:00
4f660d7dd7
Bump version of framework to 4.16.17
2017-11-10 10:05:05 -08:00
97859ebf8c
Clarify XXX comment no user will ever see anyway
2017-11-09 15:23:37 -06:00
577baf6070
Add a check for .rb in cmd_edit
2017-11-09 15:17:53 -06:00
2f6da89674
Change author name to nick.
2017-11-09 03:00:24 +11:00
fbbc8da8fb
Fix raise(s) in MSSQL client aborting mssql_login
2017-11-07 14:30:47 -06:00
deb5a7b015
Bump version of framework to 4.16.16
2017-11-03 10:03:38 -07:00
697031eb36
mysql UDF now multi
2017-11-03 05:26:05 -04:00
a14102083c
Bump version of framework to 4.16.15
2017-11-02 10:01:12 -07:00
c2a979dd3c
Land #9134 , fix buggy handling of partial ingress packet data
2017-11-01 20:06:23 -05:00
d815e42ccf
Add a generic tab completion function
2017-11-01 20:38:45 -04:00
5de190f092
Land #9145 , ERB/<ruby> for Meterpreter resource
2017-11-01 13:48:51 -05:00
a347dee372
Land #9150 , fix broken and simplify unusual RuntimeError exceptions
2017-11-01 06:03:36 -05:00
90766ceceb
remove more unusual raise RuntimeError patterns
2017-11-01 05:59:12 -05:00
1462330f34
Add tab completion to the payload generate command
2017-10-31 20:33:31 -04:00
Brent Cook
Jon Hart
Jeffrey Martin
Tod Beardsley
juushya
William Vu
Metasploit
Matthew Kienow
Puru
Tim
Nick Marcoccio
Pearce Barry
William Webb
jgor
bwatters-r7
Adam Cammack
Christian Mehlmauer
scriptjunkie
OJ
Spencer McIntyre
Patrick Webster
h00die