cf13dc8d53
Do build_ap_req
2014-12-20 01:25:20 -06:00
422d3ce9b5
Take more care of options on build_tgs_request
2014-12-20 01:13:56 -06:00
ad8bbf4477
Rescue rescue Rex::TimeoutError so the iteration can keep going
2014-12-20 01:12:30 -06:00
a8e3ee033c
Fix #4431 - Support arbitrary session response timeout
...
Fix #4431
2014-12-20 00:25:02 -06:00
cd16e11b22
Make checksum from a method
2014-12-19 20:08:15 -06:00
b0ac68fbc3
Create build_subkey method
2014-12-19 19:46:57 -06:00
4a106089b9
Move options to build_tgs_request_body
2014-12-19 19:12:17 -06:00
e6781fcbea
Build AuthorizationData from the module
2014-12-19 18:59:39 -06:00
9bd454d288
Build PAC extensions from the module
2014-12-19 18:47:41 -06:00
04ef087434
Delete Microsoft namespace from the mixin
2014-12-19 18:41:27 -06:00
b78765e584
Create PAC mixin component
2014-12-19 18:36:02 -06:00
f332860c19
Clean creation of client and server principal names
2014-12-19 18:16:22 -06:00
bd85723a9d
Build pre auth array out of the mixin
2014-12-19 18:10:14 -06:00
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
9cfc52b5af
Extract build_as_request_body
2014-12-19 17:00:39 -06:00
fcb801c729
Add Timeout datastore option
2014-12-19 16:53:12 -06:00
d058bd5259
Refact extraction of kerberos cache credentials
2014-12-19 15:53:24 -06:00
f4037b1003
Clean Kerberos Rex client code
2014-12-19 11:08:48 -06:00
f325d2f60e
Add support for cache credentials in the mixin
2014-12-18 16:31:46 -06:00
723998e1d4
Land #4425 , jobs tab completion NilClass fix
2014-12-18 15:25:57 -06:00
400bd9a094
Fix jobs NilClass tab complete bug
2014-12-18 15:43:04 -05:00
80cd04d76a
Land #4332 , test optimization for Cucumber
...
* Make Cuke run faster on TravisCI
2014-12-18 09:34:55 -06:00
f3f6a64f02
Add some AS response methods to a mixin
2014-12-17 19:50:42 -06:00
8e570cc19b
Initial support to send TGS-REQ
2014-12-17 18:55:30 -06:00
549f3c69ff
Dont crash when tab complete threads command with typos
2014-12-17 19:36:04 -05:00
698ca2639b
Do not delete files that do not exist in rm_f
2014-12-17 09:18:06 -05:00
662160ef61
Refactor mixin
2014-12-16 23:48:53 -06:00
594b9bcfc2
Add support for AuthorizationData
2014-12-16 23:21:13 -06:00
9de4137aa7
Patch UA/Proxy settings during migration, lands #3632
2014-12-16 22:21:48 -06:00
370f6003e3
Refactors metsrv patching in reverse_hop_htt.rb
2014-12-17 11:57:17 -05:00
1930eb1bf8
Refactors metsrv patching in reverse_http.rb
2014-12-17 10:04:43 -05:00
a93cbac7bf
Support ticket encoding
2014-12-16 16:04:13 -06:00
c2bc79c53c
Resolves #4275 - Configurable variable name as an option
...
Resolves #4275
2014-12-15 23:59:34 -06:00
c24fdb81b5
Land #4389 , Meatballs1's fix for enum_ad_* post module regressions
...
Fixes #4387 by adjusting for the new return type from ADSI queries.
2014-12-15 10:45:12 -06:00
0abf5d147e
Add some documentation
2014-12-14 00:51:44 -06:00
e2617c7095
Return the workspace id in responses, lands #4142
2014-12-13 18:04:58 -06:00
6ea5ed1a82
Shrinks windows payloads, lands #4391
2014-12-13 17:41:50 -06:00
f67a32ef9c
Add missing commits from #3770 , lands #4393
2014-12-13 17:36:26 -06:00
5d18de2ebf
Fix legacy railgun LDAP implementation
2014-12-13 18:26:26 +00:00
92490ab5e8
Singles updated from the source
2014-12-13 12:22:07 -06:00
4681416a0f
Update block_api with @schierlm's changes
2014-12-13 12:06:38 -06:00
bde8c380c2
Make mixin run
2014-12-13 02:46:00 -06:00
f676b72767
Add Kademlia scanner, lands #4210
2014-12-12 16:40:58 -06:00
9545b6e4d6
Land #4343 , os_flavor reduction
2014-12-12 14:49:15 -06:00
177cade6a5
Merge branch 'land-4274-ssl' into temp
2014-12-12 13:25:54 -06:00
985245e8a1
Document method
...
Fix #4366 (support dynamic_base templates)
2014-12-12 01:22:32 -06:00
78eb3325bc
Add initial Rex Client and mixin
2014-12-12 01:20:14 -06:00
b8e58d0f04
Support 32 and 64-bit for exe-only, and fix -k
2014-12-12 01:13:09 -06:00
d311059e75
Fix DYNAMIC_BASE templates
2014-12-11 20:44:03 -06:00
0c1d02c940
Fix event handlers on ruby 2
...
Fixes #4219
2014-12-11 20:08:45 -06:00
0eea9a02a1
Land #3144 , psexec refactoring
2014-12-10 17:30:39 -06:00
9202c4f2a1
No mercy for os_flavor
2014-12-10 11:46:21 -06:00
d74a8f6c41
Include the datastore options for the encoder too
2014-12-09 16:32:41 -05:00
a584a5982f
Clarify about how BES uses os_flavor
...
We don't. We don't use os_flavor anymore because it is no longer
implemented. We get the information from os_name instead.
2014-12-09 12:21:59 -06:00
42710cc32e
Error messages for the python meterpreter
2014-12-09 11:03:57 -06:00
8c0610cb7a
Merge branch 'master' into feature/MSP-11671/test-optimization
...
MSP-11671
Conflicts:
.travis.yml
2014-12-08 08:46:22 -06:00
19effa7eb9
Fix feedback's review
2014-12-06 21:47:55 -06:00
21742b6469
Test #3729
2014-12-06 21:20:52 -06:00
da92e4705c
Land #4319 , @wchen-r7's fix for #4307
2014-12-05 12:08:39 -08:00
0431720a07
Land #4294 , msfconsole speedups on module load
...
Related to #4257 and #4195 vaguely, and possibly even #4147 .
2014-12-05 13:45:11 -06:00
abf199f924
Remove junk code
2014-12-05 11:01:34 -06:00
cfc1acfcae
Fix #4307 - Check action for nil
...
Auxiiary modules already do this, but looks like we forgot to do the
same for post modules.
I also changed the error to allow "reason" in order to be more
informative about what the user should do.
Fix #4307
2014-12-04 17:07:59 -06:00
743e9fca9d
Correctly set default SECRET
2014-12-04 14:06:22 -08:00
1e423f415e
Add missing opt ,
2014-12-04 14:05:17 -08:00
7f425fc3ab
Configurable fix for #4305
...
Rename UDP_SECRET to just SECRET, as it is used for more than just UDP
Rename and properly document GATEWAY option
Introduce an option to configure what UDP port will be probed
2014-12-04 13:17:34 -08:00
f22d7191cd
Test fix for #4305
2014-12-04 10:59:57 -08:00
d8b1401545
Test fix for #4306
2014-12-03 19:54:31 -08:00
8f2e444aca
Land #4281 , ::Queue workarounds for 2.1.x
...
Conflicts:
lib/msf/core/handler/reverse_tcp.rb
2014-12-03 15:48:20 -06:00
f6f0050f56
Fix #3886 - Backtrace for #check when session is invalid
...
If the user supplies an invalid session (as in not on the session
list), it will cause a backtrace, because the setup method from
Msf::PostMixin isn't actually called.
We have thought about implementing this in a new OptSession instead.
But you can't use or even pass framework to option_container.rb, so
this is NOT possible.
The original PR was #3956 .
2014-12-02 17:22:46 -06:00
fb439258b9
Land #4298 , arbitrary Ruby extension for replicant
...
MSP-11673
* Adds Msf::Module#register_extensions
* Extensions are arbitrary Ruby modules
* Allows overriding of psuedo callbacks
2014-12-02 14:59:37 -06:00
f696a5ab0e
msfconsole --defer-module-loads
...
MSP-11671
Add command line option --defer-module-loads to msfconsole. It will
stop `Msf::Ui::Console::Driver` from calling
`framework.modules.init_module_paths` AND
`framework.modules.refresh_cache_from_database`. This flag is only
meant to speed up msfconsole boot when modules do not need to accessed,
such as during cucumber testing of command help or command line options.
2014-12-02 14:41:32 -06:00
2a033861dc
Just use constants directly
...
MSP-11673
2014-12-02 13:12:53 -06:00
784e138b14
Extend replicants via arbitrary Ruby code
...
MSP-11673
* Implements a #register_extensions method on Msf::Module
* Any registered Ruby modules will extend the cloned module returned by #replicant
2014-12-02 12:18:30 -06:00
35ff82c9d8
Merge branch 'bug/MSP-11672/double-init-module-paths' into feature/MSP-11671/msfconsole-defer-module-loads
...
MSP-11671
2014-12-02 11:57:47 -06:00
fc96d011ab
Python reverse_http stager, lands #4225
2014-12-02 11:47:31 -06:00
9272fe90ae
Merge branch 'master' into bug/MSP-11672/double-init-module-paths
...
MSP-11672
2014-12-02 11:23:51 -06:00
90c6764426
init_module_paths once in msfconsole
...
MSP-11672
Pass `'DeferModuleLoads' => false` to `Msf::Simple::Framework.create` so
that `framework.modules.init_module_paths` is only called once (directly
in `Msf::Ui::Console::Driver#initialize`) instead of twice (in
`Msf::Simple::Framework.create` and `Msf::Ui::Console::Driver#initialize).
2014-12-02 10:28:23 -06:00
653c71e029
Fail if init_module_paths called more than once
...
MSP-11672
Calling init_module_paths takes 6 seconds on my machine even when there are no
files to that are changed just because it takes that long to walk the
directories and gather the mtime for each file. Therefore, calling it
more than once should be avoided. Also, there is no reason to call it
twice as to add paths later, `modules.add_module_paths` should be used.
2014-12-02 10:17:09 -06:00
0249e0a800
Merge branch 'master' into staging/rails-4.0
...
Conflicts:
Gemfile.lock
db/schema.rb
metasploit-framework-db.gemspec
2014-12-02 09:47:47 -06:00
bd3d63a155
Land #4270 , Msf::Author cleanup and improvements
2014-12-02 01:26:42 -06:00
7e2b197f02
Document Msf::Simple::Framework.create
...
MSP-11671
2014-12-01 15:38:48 -06:00
57cabb4f10
Document Msf::Simple::Framework.simplify
...
MSP-11671
2014-12-01 15:36:38 -06:00
394d132d33
Land #2756 , tincd post-auth BOF exploit
2014-12-01 12:13:37 -06:00
c681654c10
Land #4252 - Rework meterpreter SSL & pass datastore to handle_connection()
2014-11-30 20:15:53 -06:00
f139795663
Rework queue handling and error reporting, close #4249
2014-11-28 14:56:02 -06:00
2bd7a67413
Restructure parts of Author, fix some doc bugs.
2014-11-26 13:54:23 -06:00
a34e721353
Check for load errors in reload_all
2014-11-25 13:13:40 -06:00
0ed356f71c
Move Kademlia stuff to a more OO model, etc, per reviews
...
All of the work is done in rex. The msf mixin just prevents the
desire to call rex directly from the module
2014-11-24 14:03:43 -08:00
4dc1183ff5
Protecting it once seems like enough (typo)
2014-11-22 17:42:07 -06:00
673e21cfaf
Rework meterpreter SSL & pass datastore to handle_connection()
...
This allows HandlerSSLCert to be used to pass a SSL certificate into the Meterpreter handler. The datastore has to be passed into handle_connection() for this to work, as SSL needs to be initialized on Session.new. This still doesn't pass the datastore into Meterpreter directly, but allows the Session::Meterpreter code to extract and pass down the :ssl_cert option if it was specified. This also fixes SSL certificate caching by expiring the cached cert from the class variables if the configuration has changed. A final change is to create a new SSL SessionID for each connection versus reusing the SSL context, which is incorrect and may lead to problems in the future (if not already).
2014-11-22 15:35:00 -06:00
823b4e259a
Make it clear SSLVersion is not advertised since it isn't used
2014-11-22 14:25:09 -06:00
842a7a38d8
Change SSLCert to HandlerSSLCert to avoid conflicts with modules
2014-11-22 14:23:56 -06:00
9ed8c59459
Bring options over from reverse_tcp (bind address, etc).
...
Also includes the SSLCert => HandlerSSLCert change
2014-11-22 14:22:54 -06:00
e255db9429
Partial commit
2014-11-20 13:49:36 -08:00
5d2c02f402
Initial commit of more OO version of Rex/Aux Kademlia support
2014-11-20 13:28:01 -08:00
2f92a83092
Change to example.com as the default domain
2014-11-20 14:53:36 -06:00
7004c501f8
Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2
...
Conflicts:
modules/exploits/windows/smb/psexec.rb
2014-11-19 14:40:50 +00:00
dff6af0747
Restore timeout
2014-11-18 12:17:10 -08:00
4844447d17
Use 20 seconds as default timeout
...
* Because it's the default timeout on Rex::Proto::SunRPC::Client
2014-11-18 12:17:10 -08:00
694561dd0f
Dont shadow methods with local variables, just in case...
2014-11-18 12:17:10 -08:00
jvazquez-r7
sinn3r
Tod Beardsley
William Vu
Spencer McIntyre
Trevor Rosen
HD Moore
Sean Verity
Brent Cook
Meatballs
James Lee
Luke Imhoff
Jon Hart
Fernando Arias
Matt Buck
Joe Vennix