Commit Graph

913 Commits (1c21ec588ac406ca307bad9fef1c9e2dd5ec3086)

Author SHA1 Message Date
Brent Cook df4f62cde9 bump to mettle 0.3.3 2017-12-20 15:58:17 -06:00
Jon Hart f15309bc48
Add basic framework for interacting with MQTT 2017-12-20 12:28:02 -08:00
Brent Cook 6b216f2a20
Land #9290, Fix OverrideLHOST/LPORT with http/s Meterpreter payloads 2017-12-20 00:26:06 -06:00
Jeffrey Martin fe4c701016 Merge released '4.x' 2017-12-19 14:14:22 -06:00
Brent Cook 9f144ce8d4
Land #9151, mettle extension support + sniffer module 2017-12-18 21:49:40 -06:00
Metasploit 66b1a555a1
Bump version of framework to 4.16.25 2017-12-18 16:33:25 -08:00
Jeffrey Martin 04f294bd53
Fix #8972, Remove libsodium until packaged better
Due to issues with packaging for multiple platforms libsodium as an optional dependency for 'rbnacl' is being removed.  Once packaging issue are resolved this will be restored.  This removes support for `ed25519` keys used with ssh for the time being however manual installation of this gem allows user to workaround this limitation.
2017-12-18 15:21:27 -06:00
Brent Cook 2a94a4417a bump payloads 2017-12-18 10:01:10 -06:00
Metasploit be4f9236f2
Bump version of framework to 4.16.24 2017-12-14 10:08:05 -08:00
Brent Cook 3f6846c332 update payloads with python retry fix 2017-12-12 03:13:38 -06:00
Brent Cook 602335abf1 bump payloads 2017-12-11 04:11:21 -06:00
Metasploit 348cbe54b6
Bump version of framework to 4.16.23 2017-12-08 10:01:55 -08:00
Metasploit fd1681edd9
Bump version of framework to 4.16.22 2017-12-01 10:04:07 -08:00
Brent Cook edb2d8b762
fix windows unicode usernames, add recursive directory delete 2017-11-29 17:01:01 -06:00
Metasploit 174d0d46de
Bump version of framework to 4.16.21 2017-11-29 10:45:55 -08:00
Jeffrey Martin e73ba0b3ca
Merge released '4.x' into master 2017-11-29 10:27:42 -06:00
Brent Cook 035d1ef2c6
bump payloads, pull in AES negotation & transport fixes 2017-11-25 18:21:57 -06:00
Brent Cook 8645a518b3 add mettle support for custom headers 2017-11-24 20:27:34 -06:00
Metasploit c9da8f7a18
Bump version of framework to 4.16.20 2017-11-24 10:01:50 -08:00
Brent Cook 4050985649
update payloads 2017-11-21 13:53:33 -06:00
Metasploit 602406a423
Bump version of framework to 4.16.19 2017-11-17 10:02:22 -08:00
Metasploit 5cdd364590
Bump version of framework to 4.16.18 2017-11-15 19:46:12 -08:00
Metasploit 4f660d7dd7
Bump version of framework to 4.16.17 2017-11-10 10:05:05 -08:00
OJ 6f9671ff11
Updated Payloads version to 1.3.14 2017-11-08 12:36:50 +10:00
Metasploit deb5a7b015
Bump version of framework to 4.16.16 2017-11-03 10:03:38 -07:00
Metasploit a14102083c
Bump version of framework to 4.16.15 2017-11-02 10:01:12 -07:00
Brent Cook 56eb828cc5 add e500v2 payloads 2017-10-30 14:04:10 -05:00
Brent Cook ebaf0c5484 bump mettle, update toolchain, add e500v2 and reduce size of x86_64 2017-10-30 05:09:31 -05:00
Metasploit 140955f220
Bump version of framework to 4.16.14 2017-10-27 10:03:00 -07:00
Brent Cook 254c2a33d3 bump metasploit payloads, windows meterpreter fixes 2017-10-27 11:44:23 -05:00
Jeffrey Martin 43b67fe80b
remove errant bracket, formatting update 2017-10-26 15:01:53 -05:00
Jeffrey Martin 87d34bef63
Revert "missing update to Gemfile.lock"
This reverts commit 9961c70cda.
2017-10-25 16:13:25 -05:00
Jeffrey Martin 9961c70cda
missing update to Gemfile.lock 2017-10-25 15:07:36 -05:00
Jeffrey Martin 270ec2e9e6
Bump rex-socket to pick up better certs 2017-10-24 16:39:01 -05:00
Tim 7e398e2ef5 Fix #9111, bump metasploit-payloads gem to include php 5.3.10 fix 2017-10-24 11:40:02 +08:00
Metasploit 884b68fa60
Bump version of framework to 4.16.13 2017-10-20 10:02:23 -07:00
Brent Cook 54d64cdcc5
Land #9064, add aggregator >= 1.0.0 with cryptTLV packet format 2017-10-19 14:51:50 -05:00
Jeffrey Martin 5458b58a74
restrict aggregator on arm for now 2017-10-18 13:21:02 -05:00
Metasploit 88585a5cfd
Bump version of framework to 4.16.12 2017-10-13 10:03:48 -07:00
William Vu 569b68bee2 Update rex-exploitation to 0.1.15 2017-10-11 14:09:35 -05:00
Jeffrey Martin c478133539
add aggregator >= 1.0.0 with cryptTLV support 2017-10-10 23:19:44 -05:00
Metasploit 4acef04e0d
Bump version of framework to 4.16.11 2017-10-06 10:01:51 -07:00
Metasploit 32104eb90e
Bump version of framework to 4.16.10 2017-09-29 10:04:04 -07:00
OJ 7ea14e8431
Update payloads for getsystem fixes 2017-09-28 09:43:02 +10:00
Metasploit 68fa3d45f3
Bump version of framework to 4.16.9 2017-09-22 10:05:19 -07:00
Brent Cook 29f65e3dce
finish bumping payloads 2017-09-20 07:25:30 -05:00
Metasploit b2f5bd16e6
Bump version of framework to 4.16.8 2017-09-15 10:02:38 -07:00
Metasploit faa84faf25
Bump version of framework to 4.16.7 2017-09-08 15:38:22 -07:00
Brent Cook 6b0b2550ec
bump payloads, add shell expansion for java/android payloads 2017-09-08 13:45:54 -05:00
Metasploit f5a73f3efe
Bump version of framework to 4.16.6 2017-09-08 10:03:41 -07:00
Brent Cook d38ee0f1ee bump payloads, grab java/android fixes for #8938
fixes #8938
2017-09-08 10:08:22 +02:00
Brent Cook 9877a61eff bump payloads 2017-09-07 01:36:25 -05:00
OJ 7acd772c10 Pivot session stability, display and handling 2017-09-07 01:36:21 -05:00
Metasploit 92f5290a50
Bump version of framework to 4.16.5 2017-09-01 10:08:40 -07:00
Brent Cook b0c1bfaeb7 bump network_interfaces, add Android support
see #8780
2017-08-28 20:08:06 -05:00
William Vu 0e1bafb2d1
Land #8902, vendored robots gem 2017-08-28 16:42:38 -05:00
Metasploit a0131f450e
Bump version of framework to 4.16.4 2017-08-28 14:34:39 -07:00
Brent Cook 928d632042 import https://github.com/fizx/robots.git 0.10.1 2017-08-28 15:47:46 -05:00
Brent Cook 582b2e238e update mettle payload to 0.2.2, add background and single-thread http comms 2017-08-28 05:31:44 -05:00
Metasploit 779b25bdf6
Bump version of framework to 4.16.3 2017-08-25 10:02:45 -07:00
Metasploit 2f72404b26
Bump version of framework to 4.16.2 2017-08-23 19:11:11 -07:00
Metasploit 7c2fa20191
Bump version of framework to 4.16.1 2017-08-23 10:36:19 -07:00
Brent Cook 430251b8f6
fix compatibility with php meterpreter 2017-08-21 15:37:31 -05:00
Brent Cook f961495860
Land #8625, Remove OpenSSL from Windows Meterp, packet header changes, and TLV packet encryption 2017-08-20 19:13:51 -05:00
Brent Cook 851c0f4373
disable metasploit-aggregator while we sort out crypttlv updates 2017-08-20 19:05:10 -05:00
Brent Cook b864083cbd
update payload sizes 2017-08-20 19:03:53 -05:00
Brent Cook 20b6f37fb8 bump payloads with crypttlv format awareness 2017-08-20 19:01:42 -05:00
Metasploit ca7d481658
Bump version of framework to 4.16.0 2017-08-20 16:57:48 -07:00
Metasploit 95824ce132
Bump version of framework to 4.15.8 2017-08-18 10:03:23 -07:00
Metasploit be926e1d75
Bump version of framework to 4.15.7 2017-08-11 10:12:37 -07:00
Brent Cook 59cccfffad unpin dnsruby, new release is out 2017-08-10 10:48:03 -05:00
Metasploit 83cd0bc977
Bump version of framework to 4.15.6 2017-08-04 10:07:09 -07:00
Brent Cook ff189147e7
rb-readline made a release, use 0.5.5 instead of git HEAD 2017-08-02 06:09:27 -05:00
Brent Cook bb2304a2d1
Land #8769, improve style, compatibility, for ssh modules 2017-08-01 21:43:32 -05:00
Brent Cook 390f4d52db add ed25519 support for net-ssh 2017-08-01 16:05:25 -05:00
Metasploit 70f659370f
Bump version of framework to 4.15.5 2017-07-28 10:21:44 -07:00
Brent Cook ddc4fd95a5 Update payloads
This incorporates support for HiDPI displays with screen capture for Windows
meterpreter, and fixes a communications bug with Android meterpreter.
2017-07-28 09:56:03 -07:00
Brent Cook a0511c79a4
pull in minor build fixes and filesystem stat implementation from python
This pulls in https://github.com/rapid7/metasploit-payloads/pull/219
and https://github.com/rapid7/metasploit-payloads/pull/195
2017-07-23 22:37:43 -07:00
Brent Cook 3bc0c18e6a Properly handle threads and window destruction, add PID logging
This pulls in https://github.com/rapid7/metasploit-payloads/pull/213
which fixes https://github.com/rapid7/metasploit-framework/issues/8608
and adds PID logging to verbose keyboard capture.
2017-07-23 22:27:42 -07:00
Brent Cook 8444038c62
Add eval alternative to PHP Meterpreter to bypass suhosin
See https://suhosin.org/stories/index.html for more information on this system.
2017-07-23 22:04:09 -07:00
Brent Cook b75530b978 Fix an issue where 'sleep' with Python Meterpreter appears to fail. 2017-07-23 05:38:06 -07:00
Brent Cook 302b66c2d8
add payloads support for OSX with python meterpreter 2017-07-23 05:26:59 -07:00
Brent Cook 072b0dc90b Hide errors in Windows Meterpreter sessions
In Windows Meterpreter sessions, set newly created threads via
SetThreadErrorMode to not display error popups when there are failures.
2017-07-23 05:09:01 -07:00
Metasploit 50474a1ea7
Bump version of framework to 4.15.4 2017-07-21 10:03:44 -07:00
Brent Cook c5101b71a0 bump rex-core, reverting threadsafe select changes 2017-07-20 23:21:19 -05:00
Brent Cook 510ff888fd
Land #8439, native OSX meterpreter support 2017-07-20 22:01:49 -05:00
Brent Cook 1d0db02a64 bump payloads 2017-07-20 09:10:19 -05:00
Brent Cook cc3168933f update mettle payloads, template generator 2017-07-18 13:13:38 -05:00
Metasploit 39b2e824ec
Bump version of framework to 4.15.3 2017-07-17 15:43:31 -07:00
David Maloney 3ad4ff69b4
try and hard lock rex-powershell version
remove this later when the issues with this gem release are addressed
2017-07-17 15:25:26 -05:00
David Maloney ecce28e8b9
revert rex-powershell back to previous version
some things need to be worked out in framework before
this gem version is ready for release
2017-07-17 15:04:43 -05:00
Metasploit f80c053114
Bump version of framework to 4.15.2 2017-07-17 12:01:22 -07:00
Brent Cook ea02558390 bump prerelease gems to fix specific issues with Framework
rb-readline has an issue with the latest curses release
  dnsruby changes the global thread behavior to abort on exception
2017-07-17 09:26:14 -05:00
dmaloney-r7 d6ee0ca94d Merge branch 'master' into kill-cucumber 2017-07-14 10:23:38 -05:00
Metasploit 03691cc35f
Bump version of framework to 4.15.1 2017-07-12 20:08:07 -07:00
Brent Cook dbef4ee816 kill cucumber in framework 2017-07-12 08:00:29 -05:00
Brent Cook 8d23d1e05d
move the xpath pin to test group instead 2017-07-12 05:11:09 -05:00
dmohanty-r7 38d5258c12
Lock xpath version to 2.0 2017-07-11 16:19:25 -05:00
Brendan Coles 6a29b87a4c Add pdf-reader dependency 2017-07-07 11:19:06 +00:00
Brent Cook 4393b6e563 Improve compatibility with Rubinius (alternate Ruby implementation) 2017-06-30 11:08:17 -04:00
Brent Cook fa79f90e4e bump rex-socket, add client cert, mac address matching support 2017-06-30 10:46:15 -04:00
William Webb 6349026134
Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Brent Cook eba8979914 bump payloads 2017-06-27 04:08:15 -05:00
Rob Fuller 2918b3af13
Land #8599, Dynamic DNS updater module 2017-06-25 15:08:22 -05:00
Brent Cook 7a006e0f71 bump payloads 2017-06-23 18:13:52 -05:00
Rob Fuller fdd62ab112
Land #8604, Incorporate fix for workspace delete 2017-06-23 17:30:57 -05:00
Brent Cook 714b7d0a02 bump metasploit_data_models, speedup workspace deletion 2017-06-23 17:02:32 -05:00
OJ 87cee65a06
Bump payloads to 1.2.35 to include kiwi updates 2017-06-23 13:43:00 +10:00
Brent Cook fda2e8c73d
Land #8523, Add support for session GUIDs 2017-06-22 20:10:10 -05:00
Metasploit fad696ed58
Bump version of framework to 4.15.0 2017-06-22 18:02:38 -07:00
KINGSABRI 5528084e27 add Dnsruby 2017-06-22 15:55:04 -05:00
William Vu 3293a8fe67
Land #8594, rspec-retry Heisenspec fix 2017-06-21 19:57:57 -05:00
Brent Cook 22db17a87a bind ruby-pg back to version 0.20 2017-06-21 03:11:11 -05:00
darkbushido e873c87f0b
trying rspec-retry 2017-06-20 14:02:32 -05:00
Metasploit 9ce0bb9345
Bump version of framework to 4.14.28 2017-06-16 10:02:07 -07:00
Metasploit 0515980138
Bump version of framework to 4.14.27 2017-06-12 07:39:14 -07:00
Metasploit 77b1125e77
Bump version of framework to 4.14.26 2017-06-09 10:03:35 -07:00
OJ a3f3dc0a70
Upload payloads/mettle gems, update cache sizes
Updated both the metasploit-payload and metasploit-payload-mettle gems
to the versions that match for the session GUID pull requests. Updated
the payload cached sizes to match the new payloads.
2017-06-09 17:15:52 +10:00
Brent Cook 153611e9fa bump metasploit-credential to allow handling string addresses gracefully 2017-06-09 01:43:45 -05:00
Brent Cook 5f10e63923 bump payloads 2017-06-05 08:43:16 -05:00
Metasploit 92a65f5c63
Bump version of framework to 4.14.25 2017-06-02 10:03:44 -07:00
David Maloney 3ee77d1b50
update ruby_smb version 2017-05-30 14:17:51 -05:00
David Maloney d5e74ffdf3
Merge branch 'master' into feature/eternal_blue/rubysmb_refactor 2017-05-30 13:59:31 -05:00
Metasploit 0c792798a7
Bump version of framework to 4.14.24 2017-05-30 07:26:35 -07:00
Brent Cook a01a2ead1a
Land #8467, Samba CVE-2017-7494 Improvements 2017-05-30 00:15:03 -05:00
Brent Cook e31e3fc545 add additional architectures and targets 2017-05-30 00:07:37 -05:00
Brent Cook 63ae70f061 remove pry/method_source git binding, this is not a vital update 2017-05-26 23:03:44 -05:00
Brent Cook ce9cfa5727 bit-struct updated, no need for my branch anymore 2017-05-26 23:00:21 -05:00
David Maloney f0f99ad479
nttrans packet setup correctly,everything broken
got the nttrans packet setup correctly but somewhere
along the line i broke the whole exploit wtf?
2017-05-26 14:54:46 -05:00
David Maloney b3e99ee9d2
point to local gem copy for testing and dev
remove this later, use a local copy of rubysmb
2017-05-26 12:30:19 -05:00
Metasploit 15b3b7de41
Bump version of framework to 4.14.23 2017-05-26 10:02:14 -07:00
David Maloney dc67fcd5a8
use RubySMB for anonymous login
use the new anonymous login capabilities in
RubySMB
2017-05-24 15:40:05 -05:00
Matthew Daley 52363aec13 Add module for CVE-2017-8895, UAF in Backup Exec Windows agent
This module exploits a use-after-free vulnerability in the handling of
SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for
Windows. When SSL is re-established on a NDMP connection that previously
has had SSL established, the BIO struct for the connection's previous
SSL session is reused, even though it has previously been freed.

Successful exploitation will give remote code execution as the user of
the Backup Exec Remote Agent for Windows service, almost always
NT AUTHORITY\SYSTEM.
2017-05-24 00:18:20 +12:00
Metasploit 18f520382b
Bump version of framework to 4.14.22 2017-05-19 12:12:27 -07:00
Metasploit c54c999efc
Bump version of framework to 4.14.21 2017-05-19 10:02:32 -07:00
Brent Cook 22828fcc0f
Land #8406, add compatibility shims for older Ruby versions 2017-05-18 21:50:45 -05:00
Metasploit 126c078ced
Bump version of framework to 4.14.20 2017-05-18 11:53:33 -07:00
David Maloney 94e4dc2938
fix for smb_login errors
do not try the TreeConnect if the SESSION_SETUP
has already failed.
2017-05-18 11:26:03 -05:00
Brent Cook c59371dd5e add ruby backports compat library 2017-05-17 23:41:20 -05:00
Metasploit 729f2a9ab8
Bump version of framework to 4.14.19 2017-05-16 14:09:45 -07:00
Metasploit 405f2c6ca1
Bump version of framework to 4.14.18 2017-05-12 10:10:30 -07:00
Brent Cook 6485042162
update rubyntlm to use the released gem 2017-05-12 05:59:11 -05:00
Brent Cook 337db56d4f bump payloads 2017-05-11 14:57:10 -05:00
William Vu 638320a848
Update rex-exploitation to 0.1.13 2017-05-10 15:07:21 -05:00
James Lee fd05cea033
Update packetfu and remove version lock 2017-05-09 11:03:32 -05:00
Brent Cook 7f1e2e6c71 bump metasploit-payloads 2017-05-08 17:34:55 -05:00
Brent Cook 0bc9d9259d meterpreter bugfixes
fixed stdapi_fs_mount_show to show full mapped drive path for Python
Meterpreter on Windows

Updated the Windows Meterpreter `getprivs` command to list all privileges
2017-05-08 16:26:32 -05:00
Metasploit a0b50390c5
Bump version of framework to 4.14.17 2017-05-05 10:02:17 -07:00
Metasploit 2f1df4d4c2
Bump version of framework to 4.14.16 2017-05-02 11:11:20 -07:00
Brent Cook 7c11e0065d update mettle 2017-04-26 18:00:50 -05:00