da49709845
Add yarddoc
2015-03-28 20:31:36 +00:00
8e22255a40
Small tidyup/rubocop
...
Signed-off-by: Meatballs <eat_meatballs@hotmail.co.uk>
2015-03-28 20:31:36 +00:00
9529eed41d
More specific matching
2015-03-28 20:31:35 +00:00
a30d8f7040
Add requires
2015-03-28 20:31:35 +00:00
a1d74c27c6
Check for only running services
2015-03-28 20:31:35 +00:00
99f79e8533
Use incognito token stealing rather than process migration if we have
...
the privileges required for successful impersonation.
2015-03-28 20:31:35 +00:00
9c2219124c
Remove some comments
2015-03-28 20:31:35 +00:00
e2af15a0df
Refactor MSSQL Post
2015-03-28 20:31:35 +00:00
c4def25e82
Resolve #4986 , add support for IE11 for fingerprint_user_agent
...
Resolve #4986
2015-03-27 17:51:14 -05:00
9cfafdd8b8
Land #4649 , improve post/windows/manage/run_as and as an exploit
2015-03-27 17:31:30 -05:00
2815462375
Update Mdm to staging hash
2015-03-27 15:16:33 -05:00
e3605aa252
We always pass a Service, get rid of port/proto
2015-03-27 11:54:03 -05:00
25d0b8baff
Redundant check
2015-03-27 11:35:35 -05:00
3b8d70b567
host is always an Mdm::Host, don't look it up again
2015-03-27 11:34:32 -05:00
466ef4349e
Second verse, same as the first
2015-03-27 09:59:10 -05:00
bf8146c8b5
Axe redundant check
2015-03-26 21:19:19 -05:00
88a8186a11
Pull up redundant hash literal
2015-03-26 19:33:53 -05:00
e0568e95c2
Land #4978 @zerosteiner adds reverse https for python meterpreter
2015-03-26 19:16:46 -05:00
5ac1ee1d73
fix http/s handler reference counting for pymet
...
add a persistent session counter to avoid stopping listening when pymet stages over http/s
2015-03-26 18:26:56 -05:00
a9e4961563
New hash syntax
2015-03-26 10:05:08 -05:00
a3ae0daf5a
Whitespace
2015-03-26 10:02:08 -05:00
8f03cadb92
Forgot to remove print_debug
2015-03-25 16:08:47 -05:00
72a0909e9b
Land #4992 , @wchen-r7's support for multiple ActiveX controls on BrowserExploitServerMerge
2015-03-25 13:30:36 -05:00
8f0c434faa
Add specs for the new method
2015-03-25 12:34:10 -05:00
f80978d9e9
Calculate interface and method hashes dinamically
2015-03-25 11:46:54 -05:00
0540e25db2
Calculate the java/rmi/registry/RegistryImpl_Stub hash dinamically
2015-03-25 11:29:07 -05:00
f43eab29ed
Delete debug puts
2015-03-24 19:14:30 -05:00
464a6df5e0
Add specs for Msf::Java::Rmi::Client::Registry
2015-03-24 18:42:35 -05:00
7bf00f8f47
Land #4789 , @rastating WPLMS wordpress module
2015-03-24 20:46:38 +01:00
b0fac4824c
Stop caring about order of keys in user_data
2015-03-24 14:21:52 -05:00
6d85b5fd1e
Land #4998 , non-loopback LHOST tab completion
2015-03-24 14:00:01 -05:00
660f3dac2b
Land #4997 , smb_version SMBDirect option fix
2015-03-24 13:46:09 -05:00
414983ac8c
Merge branch 'feature/MSP-11925/create-user-data' into staging/single-vuln-push
...
Conflicts:
Gemfile.lock
2015-03-24 12:42:08 -05:00
7c0e17d1f7
Update RMI/JMX mixin documentation
2015-03-24 12:29:40 -05:00
65c00dffac
Tab complete non-loopback interfaces' addresses
2015-03-24 12:10:58 -05:00
58c5be0d72
Allow SMBDirect to be optional
...
The smb_version module needs to deregister the SMBDirect option,
but cannot do this because SMBDirect is a required option. By
having it as optional, the user no longer needs to set it. Also,
since SMBDirect already has a default value, having it as optional
should not change the mixin's default behavior.
2015-03-24 12:04:44 -05:00
39e87f927a
Make code consistent
2015-03-24 11:44:26 -05:00
548a710745
Replace db_nmap string concat with an Array
...
16eab48012
2015-03-24 04:36:58 -04:00
3c4da5c3ff
Update BES rspec
2015-03-24 00:10:18 -05:00
25dcfc796a
Better support old binaries in rev http(s)
...
* Patch 256char URL if the 512char one doesn't work.
* Return an empty list in the case where the ext enum fails.
2015-03-24 10:14:44 +10:00
04341bfc78
Support JMX_ROLE again
2015-03-23 17:32:26 -05:00
1869977921
Land #4962 : OJ adjusts MSF to new metsrv needs
...
bump meterpreter bins to 0.0.17
2015-03-23 17:18:06 -05:00
d8d4c23d60
JMX code refactoring
2015-03-23 17:06:51 -05:00
2900f57afd
It looks like this works
2015-03-23 16:46:53 -05:00
24d74b26e3
Beginning work for stageless x64 meterpreter
2015-03-24 06:50:06 +10:00
6934fde5a1
Finish first draft of new jmx mixin
2015-03-23 15:49:18 -05:00
962bb670de
Remove old JMX mixin
2015-03-23 15:48:10 -05:00
809bc52dfc
Land #4982 , tagging for msfconsole
2015-03-23 15:28:50 -05:00
0e1b9f90b4
Small details
2015-03-23 14:40:20 -05:00
6852475be0
Placeholder for UUID options
2015-03-23 14:35:33 -05:00
dfbaa6b42e
Typo
2015-03-23 14:35:08 -05:00
e520ace1f1
Stash
2015-03-23 14:21:46 -05:00
156520338d
Making some changes to how BES handles ActiveX
2015-03-23 12:21:27 -05:00
79068c8ec2
Delete JMX discovery stream
2015-03-23 10:21:37 -05:00
2f83a53884
Add missing fix for #4921
2015-03-23 00:26:18 -05:00
8165ae35d0
Remove extraneous semicolon
2015-03-23 00:26:03 -05:00
e176b21bcd
Land #4921 , db_nmap help and tab completion
2015-03-23 00:22:46 -05:00
20131110cd
Add verify_ssl file (missed in prev commit)
2015-03-23 13:22:10 +10:00
9c9d333a1b
Create verify ssl mixin, adjust some formatting
2015-03-23 13:21:08 +10:00
23685694ad
The tags column should be a virtual column
2015-03-22 21:04:37 -05:00
182018786b
This is probably the proper way to delete tags
2015-03-22 20:55:20 -05:00
ffe48e1ec8
Don't need order to delete
2015-03-22 20:43:11 -05:00
ef62fc3df7
Allow the delete mode for tags
2015-03-22 20:08:23 -05:00
bc3c73e408
Merge branch 'master' into feature/registered-payload-uuids
2015-03-22 18:51:13 -05:00
b2cc3c4954
I found more bugs and fixed them
2015-03-22 18:21:57 -05:00
708eb42984
I fix bugs for tagging
2015-03-22 18:13:40 -05:00
dac5b078f0
Minor fixes for format and style
...
This commit contains a few minor tweaks
for style and format. Some whitespace removed,
an erroneous 'return' removed, and using single
quotes for consistency. Updated as per request.
2015-03-22 22:51:21 +00:00
16eab48012
Adding help and tab functions for db_nmap
...
These functions address certain problems
listed in GitHub issue #4353 , but do not
address all issues in that ticket. Most
notably, this commit adds basic tab
completion for db_nmap.
2015-03-22 22:45:56 +00:00
378e867486
Refactor Msf::Payload::UUID, use this in reverse_http
2015-03-22 16:17:12 -05:00
863cbcbddb
Add real tagging for the hosts command
2015-03-22 15:34:37 -05:00
94241b2998
First attempt at rewiring HTTP handlers to use UUIDs
2015-03-21 03:15:08 -05:00
858d9b1e7a
Introduce Rex::Text.(en|de)code_base64url and use it for uri_checksum
2015-03-20 21:32:08 -05:00
1eafb21741
Lands #4970 , fixes exception about msfconsole.rc
2015-03-20 16:49:04 -05:00
259e95ed21
Add load_resource exception for msfconsole.rc
...
This prevents msfconsole from erroring on a nonexistent msfconsole.rc.
2015-03-20 16:50:27 -05:00
1226b3656f
Land #4945 , @wchen-r7's login scanner for Symantec web gateway
2015-03-20 14:44:05 -05:00
4d00114428
Add parens around print_error
2015-03-20 13:53:14 -05:00
2c5c94288d
Fix #4966 , tell the user the resource script path is invalid
...
Fix #4966
2015-03-20 13:38:12 -05:00
9d20d057dd
Update Meterpreter URL length to 512
2015-03-20 13:16:43 +10:00
fd4ad9bd2e
Rework changes on top of HD's PR
...
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
2015-03-20 13:06:57 +10:00
7b4161bdb4
Update code to handle cert validation properly
...
This code contains duplication from HD's PR. Once his has been landed
this code can be fixed up a bit so that duplication is removed.
2015-03-20 12:52:47 +10:00
d38e2c968e
Add required include for stageless meterpreter
2015-03-20 12:52:28 +10:00
a9f74383d0
Update patch to support both ascii and wchar
2015-03-20 12:52:18 +10:00
cf645772b6
Land #4960 , hosts -i, -n, and -m support
2015-03-19 21:34:14 -05:00
38dbd1889e
Fix report_note to use :data
...
:note doesn't do what we want.
2015-03-19 21:33:17 -05:00
83ce967d75
Clean up hash syntax as per style guide
2015-03-19 21:23:28 -05:00
564962042e
Land #4925 , OJ adds self-contained windows meterpreter options
2015-03-19 21:07:32 -05:00
c0bf51e0f5
Add a timestamp to the UUID structure
2015-03-19 19:11:58 -05:00
6094d1bfb1
Add specs for Msf::Java::Rmi::Client::Registry::Parser
2015-03-19 19:07:03 -05:00
b839547dc3
Add documentation for Registry modules and methods
2015-03-19 17:57:21 -05:00
a7f1244251
Finish the java_rmi_registry gather module
2015-03-19 17:33:45 -05:00
f38ad13094
Resolve #4891 , new arguments for the hosts command
...
Resolve #4891
2015-03-19 17:00:41 -05:00
1d69e15d1a
Fix registry lookup parser
2015-03-19 16:19:55 -05:00
d53ccb32a0
Turn off unicode filtering by default for non-Windows platforms (UTF-8 consoles)
...
This is a followup to support for unicode added in #4950
2015-03-19 15:45:45 -05:00
5c3134a616
Add first support to gather information from RMI registries
2015-03-19 11:16:04 -05:00
7899881416
Update POSIX bins from master
2015-03-19 14:50:14 +10:00
2dd9dcb26c
Dont use native unpack operators!
2015-03-18 23:48:39 +00:00
975ddc9092
Add some spec mockery
2015-03-18 23:43:46 +00:00
ce0796a427
Base module for Payload UUID support
2015-03-18 17:03:47 -05:00
9628415ca2
Delete more comments
2015-03-18 15:53:50 -05:00
c3dd4035ef
Make jmx module work again
2015-03-18 15:48:07 -05:00
f956ba1a46
Do first JMX cleaning try
2015-03-18 15:37:07 -05:00
17e1f7d34f
Move Streams code
2015-03-18 09:25:53 -05:00
b62da42927
Merge branch 'master' into feature/add-proxies-to-wininet
2015-03-18 01:51:15 -05:00
c607cf7b11
Merging master
2015-03-18 01:45:44 -05:00
97def50cc2
Whitespace cleanup
2015-03-18 01:26:59 -05:00
8d3cb8bde5
Fix up meterpreter patching arguments and names
2015-03-18 01:25:42 -05:00
390a704cc7
Cleanup proxyhost/proxyport arguments to match new names
2015-03-18 01:19:05 -05:00
f7a06d8e44
Rework PROXY_{HOST|PORT|TYPE|USERNAME|PASSWORD) to the new syntax
2015-03-18 01:15:32 -05:00
3aa8cb69a4
Fix two use cases of PROXYHOST/PROXYPORT
2015-03-18 01:08:09 -05:00
2ab14e7e79
Adds IPv6 and option-related issues with the previous patch
2015-03-18 01:01:10 -05:00
a4df6d539f
Cleanup proxy handling code (consistency & bugs)
...
One subtle bug was that each time a request was received, a null byte was being appended to the datastore options for PROXY_USERNAME and PROXY_PASSWORD. Eventually this would break new sessions. This change centralizes the proxy configuration and cleans up the logic.
2015-03-18 00:59:59 -05:00
2f13988d7b
Use OptPort vs OptInt and cleanup the description
2015-03-18 00:59:25 -05:00
a01be365b0
Rework PROXYHOST/PROXYPORT to PROXY_HOST/PROXY_PORT
...
This also cleans up the windows reverse_https_proxy stager.
2015-03-18 00:59:13 -05:00
14be07a2c4
Update java_rmi_server modules
2015-03-17 21:29:52 -05:00
d6048d0978
Use rex support for build_call
2015-03-17 21:05:45 -05:00
bd4738b93e
Land #4827 , capture and nbns fixups
2015-03-17 17:37:55 -05:00
d7fa0ec669
Let IPAddr#hton do the calculating
2015-03-17 17:36:45 -05:00
87b777e923
Refactor moving code to rex
2015-03-17 17:15:32 -05:00
dd6ecefe39
Fix endianess
2015-03-17 11:40:50 -05:00
ebe7ad07b0
Add specs, plus modify java_rmi_server modules
2015-03-17 11:26:27 -05:00
ff58f7d270
Add Symantec Web Gateway Login Module
2015-03-17 02:51:57 -05:00
0a37df67a0
Add initial support for better RMI calls
2015-03-16 23:44:16 -05:00
2ea984423b
while(true)->loop, use thread.join
2015-03-16 14:08:01 -05:00
5fd3637d34
Remove the i32 size specifier (not needed)
2015-03-16 14:00:51 -05:00
69d9280748
Fix yard docs, retries, push.i8 instructions. See commit 05138524e3
...
Note that StagerRetryCount is not defined here, but will be in the parent class once #4934 lands
2015-03-16 13:52:13 -05:00
05138524e3
Fix yard docs, fix retries, trim bytes, retested and working
2015-03-16 13:35:36 -05:00
69a808b744
StagerProxy -> PayloadProxy
2015-03-16 12:14:42 -05:00
03232befc7
Add extra check to avoid crashing on startup
2015-03-16 17:14:36 +10:00
f361e4ee52
Prefer the new-style proxy datastore options when available
2015-03-16 00:22:10 -05:00
7e89281485
Adds proxy (with authentication) support to reverse_http(s)
2015-03-16 00:03:31 -05:00
8e37342c50
Comment typo
2015-03-14 16:52:04 -05:00
0d12ca49a7
Work around lack of option normalization during size calculation
2015-03-14 16:19:13 -05:00
03019cf451
Adds StagerVerifySSLCert support (SHA1 of HandlerSSLCert)
2015-03-14 15:53:21 -05:00
7a212a01eb
Land #4917 , @hmoore-r7 avoid another payload size recalc
2015-03-13 08:43:33 -05:00
b68e05e536
Land #4914 , @hmoore-r7 and @BorjaMerino winhttp stagers
2015-03-13 08:24:11 -05:00
a57f02b863
Remove invalid SECURITY_FLAG_IGNORE_REVOCATION flag
2015-03-12 23:01:04 -05:00
744b1a680e
Reworks how payload prepends work internally, see #1674
2015-03-12 02:30:06 -05:00
376d05f797
Avoid instantiating the module during recalculate
2015-03-12 01:02:37 -05:00
dfbc50ff47
Make Host header override optional
2015-03-11 23:15:45 -05:00
345b5cc8e1
Add stageless meterpreter support
...
This commit adds plumbing which allows for the creation of stageless
meterpreter payloads that include extensions. The included transprots at
this point are bind_tcp, reverse_tcp and reverse_https, all x86.
More coming for x64. Will also validate http soon.
2015-03-12 13:22:04 +10:00
8bae58d631
Updated cache sizes
2015-03-11 21:25:12 -05:00
631e1606bf
Fix WinHttpSetOption & stack parameters
2015-03-11 21:05:18 -05:00
401d553f84
Use host header in reverse_http(s)
2015-03-11 19:40:52 -05:00
1135e5e073
First take on WinHTTP stagers, untested
2015-03-11 16:27:14 -05:00
ceeee4446f
Land #4904 , @hmoore-r7 reworks reverse_http/s stagers
...
They are now assembled dynamically and support more flexible options,
such as long URLs.
2015-03-11 10:41:59 -05:00
1d17e9ab5b
Remove the 256 byte limit for URLs
2015-03-10 15:27:04 -05:00
cb41154712
Make a MatchResult when sessions are reported
2015-03-10 15:17:57 -05:00
5f382e539a
Updated required_space to count all 256 bytes of the URL
2015-03-10 15:17:09 -05:00
dedf3726ea
Simplify the uri_req_len logic, thanks @bcook-r7
2015-03-10 15:12:02 -05:00
736f0b34be
Land #4902 , @nstarke's db_connect warning message
2015-03-10 14:12:47 -05:00
Meatballs
sinn3r
Trevor Rosen
James Lee
Brent Cook
jvazquez-r7
Christian Mehlmauer
William Vu
RageLtMan
OJ
HD Moore
nstarke
scriptjunkie