Commit Graph

15094 Commits (3340cf529c7816ff7e70f049b2381afcc24dcfa7)

Author SHA1 Message Date
Matthew Kienow f7a4c577d6
Add UserServlet and admin_api scope 2018-07-16 12:56:43 -04:00
Matthew Kienow 4680455041
Implement report_user and password hashing 2018-07-16 12:55:00 -04:00
Matthew Kienow 67721bc616
Refactor strategies to support admin token role 2018-07-16 12:51:41 -04:00
Auxilus 71e25f1494
show error if server.pid == pid
This PR adds changes to catch error when `server.pid` and `pid` are the same
2018-07-14 16:32:38 +05:30
Brent Cook 4e5ad576b2
Land #10267, defer bind payload connections until exploit has run 2018-07-13 17:35:27 -05:00
William Vu c8891206af Add vprint_status back to bind_named_pipe
I thought it was redundant with the improved handler start message, but
it broke consistency with the other print statements. Fixing.
2018-07-13 17:29:52 -05:00
William Vu 2c9d85606c Refactor and add error messages 2018-07-13 16:29:09 -05:00
Brendan Coles bf53896aa7
Rex::Compat.getenv 2018-07-14 06:24:04 +10:00
William Vu 3cec9026ae Add janky console command to display framework.log
Works best with alternate screen enabled...
2018-07-13 06:11:32 -05:00
Green-m f5b8b4dd7c Update send_request_cgi/raw 2018-07-12 23:51:41 -04:00
Green-m 65627e06e2 Update send_request_cgi/raw 2018-07-12 23:51:18 -04:00
Brendan Coles 104e4cee2e
Merge branch 'master' into soundtrack_logo_module_refs 2018-07-13 03:01:33 +10:00
William Vu 147f59836a Fuel the hype machine 2018-07-12 11:34:09 -05:00
Jacob Robles f30c4e0465
Land #10226, Add code randomization capabilities to Metasploit::Framework::Compiler 2018-07-12 11:20:04 -05:00
William Vu e72b873f56 Fire off bind handlers when session_created? runs
Also refactor because bind handlers don't use setup_handler.
2018-07-12 10:45:59 -05:00
James Barnett b8ae4f5d12
Update rspec tests for creds and add stubs 2018-07-11 17:42:55 -05:00
James Barnett 8c350cdcd7
Add protections for nil HTTP responses 2018-07-11 15:45:26 -05:00
Adam Cammack adff986908
Land #10287, Add advanced option to skip WP checks 2018-07-11 14:25:19 -05:00
Brendan Coles df2f58fb08 Add WPCHECK (Bool) advanced option to Exploit::Remote::HTTP::Wordpress 2018-07-11 07:09:28 +00:00
WangYihang ef55803936
[+] Update resource meta command help info
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-07-11 13:07:15 +08:00
WangYihang 26c505e336
[+] Update resource meta command help info
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-07-11 13:06:33 +08:00
James Barnett e7ddb6fdf5
Add API docs for logins endpoints 2018-07-10 14:21:19 -05:00
Wei Chen 6aa5349513 Add a link explaining the message 2018-07-10 13:25:09 -05:00
Brendan Coles f9daabcee3 Add support for SOUNDTRACK and LOGO to module refs 2018-07-10 17:23:07 +00:00
James Barnett 8456c25fff
Add delete endpoint for logins 2018-07-10 11:00:08 -05:00
James Barnett 35f52a129c
Use create_credential when importing XML files 2018-07-10 10:37:46 -05:00
Adam Cammack 4f3cdd22f0
Allow Python modules to run independently 2018-07-10 10:24:07 -05:00
Adam Cammack 0dd89bf428
Add standalone runner for external modules 2018-07-10 10:24:07 -05:00
Adam Cammack 64c38ec6b8
Only `elog` when run inside of Framework 2018-07-10 10:24:07 -05:00
Adam Cammack 22167eba5c
Make the Python login scanner API more sane 2018-07-10 10:24:07 -05:00
Adam Cammack 1fddbdb8ef
Specify the `command` option external modules 2018-07-10 10:24:07 -05:00
Wei Chen 95e54f497b Be explicit when there is no CVE assigned to a vulnerability 2018-07-09 18:42:36 -05:00
James Barnett d3eb71e8e5
Implement invalidate_login 2018-07-09 16:15:40 -05:00
James Barnett bbc16e1873 Merge branch 'master' into remote_creds_data 2018-07-09 09:49:14 -05:00
WangYihang 85bfca95fd [+] Fixed meterpreter resource bug 2018-07-09 11:27:30 +08:00
William Vu 8d135aec39 Implement first pass at deferred payload handling
This is most useful for bind payloads, and I initially did just that,
but I've migrated the code to be more generic.
2018-07-06 14:26:31 -05:00
Wei Chen 0e75317cfe Change a typo 2018-07-06 13:30:07 -05:00
asoto-r7 ef78d70a00
Land #9356. Remove ring buffers from command dispatcher. 2018-07-06 13:12:13 -05:00
Wei Chen a60fc3dc00 Fix code based on feedback from Jacob 2018-07-06 00:00:28 -05:00
Brent Cook 0b9bc8c24a
Land #10241, don't call print_error from rex context, use elog instead 2018-07-05 17:28:10 -05:00
Matthew Kienow 77a0b74f76
Add delete option to data_services cmd 2018-07-05 16:40:55 -04:00
Brent Cook 8680379875 fix logic bug in handler thread for bind_named_pipe 2018-07-05 10:39:20 -05:00
William Vu f0b9b1c113 Add more verbose printing to bind handlers 2018-07-03 19:41:08 -05:00
Matthew Kienow 8a3166e198
Set a default user-agent value 2018-07-03 18:28:35 -04:00
Matthew Kienow ed34cd8898
Simplify request headers assignment 2018-07-03 17:59:57 -04:00
Jacob Robles 7dc87e1a9e
Increase read depth for smb pipes 2018-07-03 16:06:42 -05:00
Matthew Kienow 514c0c76d5
Add API token to RemoteHTTPDataService 2018-07-02 18:34:35 -04:00
Brent Cook af43b6ca17 don't call print_error from rex context, use elog instead 2018-07-02 15:19:19 -05:00
Brent Cook 0543dfc95c
Land #10217, keep bind_named_pipe with SMBv1 2018-07-02 14:54:00 -05:00
Brent Cook 85dc81a58b
Land #10185, add SMBv1/2 support in psexec 2018-06-29 17:49:27 -05:00
Brent Cook 3b228b0abd avoid stack overflow on too many empty pipe reads in a row 2018-06-29 17:48:39 -05:00
Wei Chen 2beaabb11a Add dep for GetTickCount 2018-06-29 10:22:07 -05:00
Wei Chen d9b664c86a Change option name 2018-06-29 00:07:40 -05:00
WangYihang 025a531f6e Update code style
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-06-29 11:15:52 +08:00
Wei Chen 52047a6c59 Add switch_spec 2018-06-28 21:21:54 -05:00
Wei Chen 5c86b836c4 Add rspec for outputdebugstring and correct a few things 2018-06-28 21:08:15 -05:00
Jacob Robles 5e02e7a2c8
smb_file_exist check for rubysmb 2018-06-28 18:10:39 -05:00
William Vu 40ac79ced0
Land #10218, MS17-010 Windows Embedded Standard 7 2018-06-28 16:11:56 -05:00
Jacob Robles a8c6835c64
Handle STATUS_PIPE_EMPTY error 2018-06-28 12:15:43 -05:00
Brent Cook 2792d5fb27
call delete implementation from ruby_smb 2018-06-28 12:15:43 -05:00
Brent Cook c06f13b33e
remove superfluous sleeps, simplify logic 2018-06-28 12:15:42 -05:00
Brent Cook 4b767efd6c
remove evasion logic from dcerpc read path 2018-06-28 12:15:42 -05:00
Brent Cook b01bd060ee
remove unneeded slashes 2018-06-28 12:15:42 -05:00
Brent Cook 055c90c076
fix filename randomization while debugging 2018-06-28 12:15:42 -05:00
Jacob Robles b8094aca7a
Combine rescues 2018-06-28 07:59:40 -05:00
Jacob Robles 1699f352c1
Rescue RubySMB Error
Error occurs when scanning OSX SMB server.
2018-06-28 07:06:33 -05:00
WangYihang 9fc670f24f Implementation of resource command
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-06-28 18:11:06 +08:00
zerosum0x0 f742df028b shitty typos 2018-06-27 20:34:01 -06:00
zerosum0x0 a5c0881c08 add Windows Embedded Standard 7 support 2018-06-27 19:17:18 -06:00
Wei Chen cec506421d Add rspec fake_function_collection and update the lib 2018-06-27 18:18:05 -05:00
UserExistsError bbf26c66f6 bind_named_pipe fixed for simpleclient versions param 2018-06-27 16:14:53 -06:00
Brent Cook e17744df8d
Land #10215, add support for payload estimation for IPv6-specific modules 2018-06-27 16:46:54 -05:00
Adam Cammack 25b9f97a32
Update cached payload size update to support IPv6 2018-06-27 16:26:41 -05:00
William Vu dbb0748c1c
Land #9998, customizable golden ticket duration 2018-06-27 15:51:56 -05:00
William Vu bd7974df98
Land #8999, make generate and msfvenom great again 2018-06-27 15:10:52 -05:00
Wei Chen dcaa623075 make random compiling work 2018-06-27 00:09:04 -05:00
Wei Chen 823647fbe1 Add compile_random_c func && support optional func collection 2018-06-25 16:50:05 -05:00
Jacob Robles 2fd0d797ac
psexec smb2 support 2018-06-25 15:06:23 -05:00
Green-m 9806ee327a Fix error when load options from persist file. 2018-06-25 05:50:06 -04:00
Green-m 0145744255 Process persistent job when msf start. 2018-06-25 05:32:17 -04:00
Green-m 2802f17cd5 Add command persist to make job persistent after msf restart. 2018-06-25 05:30:49 -04:00
Green-m ead71df32b Add config file for persistent job 2018-06-25 05:29:22 -04:00
Wei Chen 90bc7d2294 Update randomizer for progress 2018-06-22 18:22:29 -05:00
Matthew Kienow f125fd62c8
Add authentication to protected endpoints 2018-06-22 17:14:45 -04:00
Matthew Kienow f38e5af0bf
Use external style sheet 2018-06-22 15:38:17 -04:00
Matthew Kienow c0717d9306
Add MSF REST web service authentication support 2018-06-22 15:09:36 -04:00
Brent Cook bd77273dc0
Land #10155, Improve #sec_to_s in Rex::ExtTime 2018-06-21 16:45:22 -05:00
Adam Cammack 6dafb13f28
Module metadata cleanup 2018-06-21 15:10:47 -05:00
Wei Chen 8f5ad7c1cb Add CRandomizer 2018-06-21 14:33:04 -05:00
Wei Chen e42c695baf Add CRandomizer (WIP) 2018-06-21 10:50:39 -05:00
Brent Cook e584732a11
Land #10151, add robustness when stdapi is unavailable 2018-06-20 23:54:55 -05:00
William Vu 0820268d8a Improve rank handling with shim logic 2018-06-19 16:46:20 -05:00
William Vu 9545bac809 Rename remote_exploit_generic template
Dropping "generic" from the name. I initially had some reservations
about leaving it in, and after discussion with @acammack-r7, we've
decided it adds nothing useful.
2018-06-19 11:43:56 -05:00
William Vu 781478b283 Document some things 2018-06-19 11:20:15 -05:00
William Vu 02384371c4 Add remote_exploit_generic template 2018-06-18 13:29:52 -05:00
Shelby Pace f0caa1cef5
Land #10150, Fix typos and spacing 2018-06-18 11:13:59 -05:00
James Barnett 2ded48a510 Merge branch 'master' into remote_creds_data 2018-06-15 10:26:10 -05:00
James Barnett 0ba319bf56
More handling of nil private, publics, and origins 2018-06-14 16:20:13 -05:00
Aaron Soto df9ddebde6
Land #10124, Add tab completion of values in `set` command 2018-06-14 16:16:24 -05:00
James Barnett 55c585aeb7
Support creds without public, private, or origin 2018-06-14 15:42:54 -05:00
Aaron Soto c52b1f3a8d
Land #10141, background meta command in cmd shells 2018-06-14 15:33:16 -05:00
James Barnett 9aa3d1ccdb
Dont use copy/pastad method in cisco and juniper libs 2018-06-14 14:44:56 -05:00
James Barnett 0d4b2afca7
Add create_credential_and_login in report.rb 2018-06-14 13:30:46 -05:00
James Barnett 9f2f61c481
Implement create_credential_and_login in the dataproxy 2018-06-14 13:28:03 -05:00
Tim W 87b92316b5
Land #10162, tab completion for audio output 2018-06-14 14:56:23 +08:00
WangYihang 398a490617 [+] Fix conflicts 2018-06-14 12:09:37 +08:00
WangYihang 85f02002c0 [+] Fix syntax problems 2018-06-14 12:06:59 +08:00
王一航 58785d69f8
Fix bug of CTRL+D, thanks timwr 2018-06-13 23:18:23 +08:00
WangYihang 750f4d020f [+] Fix CTRL+D Bug 2018-06-13 23:15:08 +08:00
gazayas 9dec955f1a Correct space movement in lib/anemone/core.rb 2018-06-13 19:16:35 +09:00
James Barnett 9aaa7ce142
Enable cracked credential creation via data proxy 2018-06-12 16:00:02 -05:00
William Vu c3c6bc19da
Land #10059, CVE-2018-1111 exploit 2018-06-12 15:02:06 -05:00
James Barnett f26d3ffff5
Fix bugs with adding remote creds 2018-06-12 12:00:51 -05:00
Eliott Teissonniere fbf4b9fe87 Rework play command to support tab completion 2018-06-12 08:30:54 +00:00
Tim W 0c891e972f
Land #10066, implement AudioOutput api from channel 2018-06-11 16:20:11 +08:00
王一航 58cc2c1ff9
🐛 fix a grammatical error 2018-06-10 10:40:12 +08:00
gazayas e67931950e Fix spacing of last method in lib/anemone/core.rb 2018-06-09 19:15:44 +09:00
Kent 'picat' Gruber 2bdc8803cb add zero seconds handling 2018-06-08 22:21:26 -04:00
Kent 'picat' Gruber 679a225462 improve #sec_to_s method implementation
Using the following implementation yields roughly ~1.5x speedup in my tests.
2018-06-08 22:09:03 -04:00
James Barnett 1710957d6e
Only add ports when they were specified 2018-06-08 17:16:24 -05:00
Green-m 514f991768 Fix bug when use command load and migrate 2018-06-08 04:06:38 -04:00
gazayas ac5be1fe1e Fix typos in lib/rbmysql/charset.rb 2018-06-08 11:32:06 +09:00
James Barnett beecafb14d
Update AuthBrute to use data proxy 2018-06-07 16:50:30 -05:00
James Barnett 83e9af5fb5
Dont skip origin filtering if there are no login entries 2018-06-07 11:41:40 -05:00
James Barnett 3f5373869d
Include ports in creds opts 2018-06-07 11:12:49 -05:00
WangYihang e52ee80a58 🐛 Fix wrong order 2018-06-07 19:44:38 +08:00
WangYihang b9def85d71 [+] Add help menu 2018-06-07 10:45:24 +08:00
WangYihang 87e2c6af7c Add help menu of background and sessions meta command 2018-06-07 10:17:22 +08:00
WangYihang 939a2f4cff [-] Remove useless commented lines 2018-06-06 13:17:56 +08:00
WangYihang 66c2c3a78b [-] Remove useless commented lines 2018-06-06 13:14:38 +08:00
James Barnett 2114dfa4ff
Retrieve the service manually instead of using AR 2018-06-05 16:35:56 -05:00
James Barnett 64cb7dfb3c
Include origin in remote requests and display it 2018-06-05 14:59:11 -05:00
WangYihang 26e2ea072d Implementation of sessions meta command 2018-06-05 14:56:55 +08:00
WangYihang 28f5e8e5ad Implementation of background meta command (Not prefect) 2018-06-05 11:46:31 +08:00
James Barnett ea6540358c
Look up related service manually 2018-06-04 14:10:26 -05:00
christopher lee 2cc73abf4e merge master 2018-06-04 08:13:07 -05:00
Eliott Teissonniere e9659adc6a Fix audio_path display 2018-06-04 14:46:31 +08:00
Eliott Teissonniere 4adea66318 Fix quote usage 2018-06-04 14:46:30 +08:00
Eliott Teissonniere 4b2601bad3 Fix indentation and quote usage 2018-06-04 14:46:30 +08:00
Eliott Teissonniere f31676074a Print usage if audio_path is nil 2018-06-04 14:46:30 +08:00
Eliott T ff1d579c6a Cleanup module 2018-06-04 14:46:30 +08:00
Eliott Teissonniere a5949f574e Implement AudioOutput API 2018-06-04 14:46:30 +08:00
Brent Cook 20c9190aca
Land #10093, Add Winsock2 API for Metasploit::Framework::Compiler::Windows 2018-06-02 14:35:21 -05:00
William Vu b0392ae6ba
Land #10029, msfvenom quality of life improvements 2018-06-01 18:35:11 -05:00
William Vu f28c4fc01e Address final review comments 2018-06-01 18:33:07 -05:00
James Barnett d6eaa4a7c7
Search for creds at the query level 2018-06-01 17:00:56 -05:00
James Barnett c6a5a139ae
Look up the core object before creating a login 2018-06-01 12:54:48 -05:00
William Vu 4c019062a5
Land #10095, tilde expansion for resource command 2018-06-01 12:27:01 -05:00
g0tmi1k 5ba8467933 Updated code based on feedback...again 2018-06-01 12:55:37 +01:00
Green-m cfb3c4d3ad Ignore case when use tab to complete 2018-06-01 07:37:23 -04:00
Green-m 71a1e2ad9c Fix bug in function tab_complete_option 2018-06-01 04:10:32 -04:00
Matthew Kienow 41de44bfdc
Make resource file checks more robust
Correct code style
2018-05-31 21:26:24 -04:00
Matthew Kienow 706d8e5472
Add tilde expansion to resource tab completion 2018-05-31 21:09:57 -04:00
James Barnett 8c1a4a8a20
Use the proxy for create_credential_login calls 2018-05-31 17:03:01 -05:00
Matthew Kienow 62e56ce844
Change condition-less elsif to else 2018-05-31 17:42:50 -04:00
James Barnett d1e0bcf946
WIP: add endpoint for Credential::Login 2018-05-31 15:33:11 -05:00
christopher lee 9449a9231a Fixed bugs and addressed review comments 2018-05-31 15:06:17 -05:00
christopher lee f11c0d061d merges master 2018-05-31 09:13:09 -05:00
James Barnett a8f19df4e6
Pass params through query string on creds GET
Also updated API docs to use correct params
2018-05-30 16:23:37 -05:00
Aaron Soto 829e1c306a
Land #10102, SOCKS5 updates for BIND, parsing specs, refactoring 2018-05-30 16:15:53 -05:00
Adam Cammack 5e968529bf
Land #9976, Store non-nil linux enum_network loot 2018-05-30 15:33:39 -05:00
Adam Cammack 5cafd8908e
Always return empty file on EOF meterpreter read 2018-05-30 15:26:34 -05:00
Brent Cook 224122f805
Land #10094, Improve network interface support for LHOST 2018-05-29 23:07:55 -05:00
Brent Cook e69c51132d
Land #10083, Add Msf::Post::OSX::Priv mixin 2018-05-29 23:01:36 -05:00
Brent Cook 1987dcea56
Land #10096, Re-add RHOSTS option to scanner mixin 2018-05-29 23:00:38 -05:00
James Barnett 7bcf28440f Merge branch 'local_api_docs' into remote_creds_data 2018-05-29 12:52:15 -05:00
James Barnett f8317d3ae2
Address code review comments
- Don't document unsupported session POST
- Hide unimplemented loot/id and session/id GET methods
- Fix URL for msf doc
- Add missing workspace parament to vuln-attempts
- Remove unneccessary code for hosting the doc UI
2018-05-29 12:24:53 -05:00
christopher lee 3948a0a62e Use JSON instead of PSTORE for module metadata 2018-05-29 10:50:33 -05:00
James Barnett acf4c2bd08 Merge branch 'master' into local_api_docs 2018-05-29 10:37:27 -05:00
Auxilus d24607e1ea
add port to keywords 2018-05-27 22:41:34 +05:30
Spencer McIntyre da2666581b Alter the socks5 bind request handling 2018-05-26 19:51:14 -04:00
Spencer McIntyre c85cc9ad9e Refactor SOCKS5 TcpRelay and add packet tests 2018-05-26 13:46:00 -04:00
Christian Mehlmauer f17140bdc3
fix nil error in HttpTrace 2018-05-26 10:04:26 +02:00
Spencer McIntyre a21cc9c5bc Refactor core dispatch methods and error handling 2018-05-25 20:14:03 -04:00
Spencer McIntyre 49341fc87d Add credential authentication support to socks5 2018-05-25 20:14:03 -04:00
Spencer McIntyre 9b5ae34896 Drop udp associate support and cleanup logging 2018-05-25 20:14:03 -04:00
Spencer McIntyre 1de5a464e7 Fix reply status codes and domainname addresses 2018-05-25 20:14:03 -04:00
Spencer McIntyre 6859856101 Refactor the socks5 code into multiple files 2018-05-25 20:14:03 -04:00
Spencer McIntyre 7f9fe971cb Add initial udp associate support 2018-05-25 20:14:03 -04:00
Spencer McIntyre 04bec0bdf0 Progress on the socks5 proxy module 2018-05-25 20:14:02 -04:00
Spencer McIntyre 6fa0831bcb Start the socks5 backend 2018-05-25 20:14:02 -04:00
James Barnett a595dff6a8
Add remote creds update 2018-05-25 16:02:25 -05:00
Brent Cook 835281c7cc Land #9979, Add inactive list option to sessions command 2018-05-25 03:28:22 -05:00
Brent Cook 81673c37da
Land #10088, Fix session event when connected to remote data service 2018-05-25 03:00:51 -05:00
Brent Cook 770b9fa209 add RHOSTS common option to nmap and scanner mixins 2018-05-24 21:31:36 -05:00
Brent Cook c18c91ebcd Add RHOSTS general option to Opt module 2018-05-24 21:31:36 -05:00
Matthew Kienow 3d6d55e087
Expand tilde in resource file pathname 2018-05-24 21:06:57 -04:00
William Vu ebf20204ca Refactor return value for normalize 2018-05-24 18:49:36 -05:00
William Vu 3343bc3aeb Add note about interface to LHOST description 2018-05-24 18:39:02 -05:00
William Vu 3865858114 Support IPv6 by interface
I do believe the list is already sorted IPv4 first.
2018-05-24 18:18:03 -05:00
William Vu 51a84fbe66 Fix regression in option validation
Option validation relied on the value being false, not nil, even though
normalizing a string to a Boolean doesn't make sense. Normalizing to an
empty string seems to work fine.
2018-05-24 18:15:34 -05:00
William Vu 74669eca80 Revert nil to false because of select
Oops.
2018-05-24 16:53:46 -05:00
William Vu 9148ab4bb2 Refactor OptAddressLocal logic
@bcoles +1
2018-05-24 16:05:24 -05:00
William Vu 6f1e75e097 Remove loopback restriction
It's occasionally useful, and we already warn when setting it.
2018-05-24 15:44:32 -05:00
William Vu a370270e19 Add tab completion for network interfaces 2018-05-24 15:30:16 -05:00
William Vu 388d1b646b Add OptAddressLocal#interfaces 2018-05-24 15:30:09 -05:00
William Vu da3df23f03 Fix Socket#getifaddrs with ::
Rex::Socket#getifaddrs doesn't exist.
2018-05-24 14:53:41 -05:00
James Barnett 3e1a5f7b1a
Merge branch 'local_api_docs' into remote_creds_data 2018-05-24 14:46:43 -05:00
Wei Chen cab2daf4ed Add Winsock2 API for Metasploit::Framework::Compiler::Windows 2018-05-24 11:57:41 -05:00
Brent Cook 86a5b951aa
Land #9990, add SOCKS5 proxy support 2018-05-23 17:31:09 -05:00
Matthew Kienow add51a6741
Remove OpenStruct 2018-05-23 18:05:48 -04:00
James Barnett a107336ad5
Move cred delete to DBManager 2018-05-23 16:47:56 -05:00
Matthew Kienow 7ec5c06738
Change kind_of? to is_a? 2018-05-23 17:40:52 -04:00
Matthew Kienow 2c92e85494
Fix report_session_event with remote data service
Modify DBManager method to allow session ID retrieval from a Hash
2018-05-23 15:05:22 -04:00
Brent Cook f32020f255 include some training wheels for users 2018-05-23 13:37:53 -05:00
g0tmi1k 4189819eaf Removing "--" 2018-05-23 18:26:01 +01:00
Brent Cook c9dad7d7c4 unify api usage 2018-05-23 12:12:27 -05:00
Brent Cook c8b54cef22 add inline datastore parsing to aux/post modules 2018-05-23 12:12:27 -05:00
Brent Cook fbbfa0e0c3 teach exploit how to parse datastore options too 2018-05-23 12:12:27 -05:00
Brent Cook d8e5cc60bb add inline datastore setting for msfvenom/generate commands 2018-05-23 11:48:11 -05:00
Brent Cook c52e96bfa7 swizzle parameters in generate to match msfvenom 2018-05-23 11:48:11 -05:00
James Barnett b83ee106f7 Merge branch 'master' into local_api_docs 2018-05-23 10:06:12 -05:00
Aaron Soto 8a72e7181a
Added username/password-based authentication 2018-05-22 20:42:23 -05:00
Aaron Soto 72efe66403
Refactored for better logging, IPv6 support, and prep for auth 2018-05-22 18:57:00 -05:00
Brendan Coles 45481f26b6 Add Msf::Post::OSX::Priv mixin 2018-05-22 22:25:39 +00:00
William Vu 70236c6424
Land #10081, unnecessary class definition fix 2018-05-22 17:25:17 -05:00
James Barnett 0472b9df3f
Land #10024, Fix find_or_create_* methods for remote data service
This PR updates the find_or_create_* methods associated with each model to
no longer just proxy to the report_* model. It now performs a lookup through
the DataProxy and returns the found object if it exists, or creates a new
record if needed.
2018-05-22 17:08:46 -05:00
Brendan Coles b14e354b25
Land #10048, Make shell and meterpreter sessions consistent with cmd_exec 2018-05-22 21:26:47 +00:00
Matthew Kienow cf8d0bd172
Remove unnecessary class declaration 2018-05-22 12:25:04 -04:00
Jeffrey Martin 07fbbca9f4
Land #10074, Fixed bug in module cache 2018-05-21 18:01:46 -05:00
Matthew Kienow 4ecc1ff551
Modify loots, notes and services search methods
Modify loots and services method signatures. Remove workspace as a
positional argument, move into opts hash argument and update callers.
Made host search for these models more uniform. Update find_or_create
methods to handle difference in opts between find and report
operations.
2018-05-21 17:37:51 -04:00
bwatters-r7 75562e2bbc
Land #10044, Fix is_system? in Msf::Post::Windows::Priv for non-English
Merge branch 'land-10044' into upstream-master
2018-05-21 14:24:26 -05:00
christopher lee 1b7e613080 Fixed bug in module cache 2018-05-21 14:18:43 -05:00
James Barnett e4038af79e Merge branch 'master' into local_api_docs 2018-05-21 13:44:34 -05:00
Kevin Kirsche f2549a1a83 Make domain name conditional 2018-05-19 09:53:06 -04:00
Kevin Kirsche 164f3ef48d Add CVE-2018-1111 exploit 2018-05-18 12:47:08 -04:00
Brent Cook 37f1e44a12
Land #10009, Add initial check support to external modules 2018-05-18 09:31:31 -05:00
Wei Chen e5c763f6bf Add support for stdio.h, stdlib.h, and String.h 2018-05-17 14:40:49 -05:00
Matthew Kienow 6b1113d38d
Fix incorrect rescue argument 2018-05-17 12:46:41 -04:00
William Vu 9ad31bf70f
Land #10037, warning for Mettle stage encoding 2018-05-17 11:01:01 -05:00
William Vu 1d6fae5db6 Drop "currently," since we're including stageless 2018-05-17 10:30:43 -05:00
William Vu 0cd085fb8b Try a better way with MettleConfig
This will obviously affect stageless payloads, but that's okay, since
there's no stage! Thanks to @mkienow-r7 for the nudge. <3
2018-05-17 10:14:52 -05:00
Aaron Soto 0b6c307c34
Land #10002, Add password reporting API to external modules 2018-05-17 09:04:05 -05:00
Brent Cook 9eb5700fcb Make shell and meterpreter sessions consistent with cmd_exec
There's no need for different calls in modules, let's remove the need
for cargo culting (if there was one to begin with).
2018-05-17 08:02:34 -05:00
Clément Notin 79527809e2
Fix is_system? in Msf::Post::Windows::Priv for non-English systems
Switch to comparing the SID string, instead of comparing the resolved user name
2018-05-17 10:08:56 +02:00
Brent Cook da07113194
Land #10007, add C interface for building Windows shell code (metasm-backed) 2018-05-16 22:58:32 -05:00
bwatters-r7 7e34f27004
Land #9246, Support RHOSTS for exploit modules 2018-05-16 14:40:25 -05:00
James Barnett 84a8f2100b Merge branch 'master' into local_api_docs 2018-05-16 13:27:28 -05:00
William Vu 30dcb78eb5
Land #10042, reload_lib improvements 2018-05-16 12:53:39 -05:00
William Vu 365289b19e Add janky regex check if we're reloading a module 2018-05-16 12:03:54 -05:00
William Vu 5addc54b4b Refactor reload_lib and add multiple file support 2018-05-16 11:23:16 -05:00
William Vu 54908021aa Update CommandDispatcher for target names, too 2018-05-16 10:39:22 -05:00
William Vu 2e002b24a0 Update Msf::Simple::Exploit for targeting by name
And accidentally add error checking.
2018-05-16 10:35:17 -05:00
Brent Cook b79b53c438
Land #9962, tab-complete target options 2018-05-15 16:41:55 -05:00
James Barnett fc079138fd
Service API doc second pass 2018-05-15 14:34:15 -05:00
Aaron Soto ac2f7b96f5
Added IPv6 support 2018-05-15 12:07:54 -05:00
g0tmi1k 66c0610e2a Add a check to make sure there is a valid encoder, else quit 2018-05-15 15:37:27 +01:00
Matthew Kienow 73393b236c
Add missing data service stub methods 2018-05-14 17:42:52 -04:00
Matthew Kienow f482995f74
Minor changes to be similar to other servlets 2018-05-14 17:40:37 -04:00
Matthew Kienow b3a1f2531b
Update to use new hosts DataProxy method signature 2018-05-14 17:38:49 -04:00
Matthew Kienow 4b13fbb5a3
Add workaround for race condition in report_host
Modify to use DBManager methods rather than DataProxy
2018-05-14 17:36:33 -04:00
Matthew Kienow 262e791dcc
Make find_or_create_host opts more consistent
Modify to use DBManager methods rather than DataProxy
2018-05-14 17:35:18 -04:00
Matthew Kienow 25fdc02902
Modify to use find_or_create_host 2018-05-14 17:29:57 -04:00
Matthew Kienow 09a7396ad5
Remove remote data service find_or_create method 2018-05-14 17:20:58 -04:00
Matthew Kienow 02566071be
Implement find_or_create DataProxy methods 2018-05-14 17:09:20 -04:00
Adam Cammack ac03a0723a
Factor external check shim into common template 2018-05-14 11:32:22 -05:00
Adam Cammack 1d168a84e5
Add 'unknown' fallback check status
`check` is not a fan of `fail_with`, so fallback when the external
module exits unsuccessfully.
2018-05-14 11:00:40 -05:00
Aaron Soto 3ce05e54c6
Added DNS resolution support 2018-05-14 10:55:53 -05:00
Adam Cammack e0fb1365e6
Add `soft_check` capability to external modules
A `soft_check` is something designed to evaluate the vulnerability of a
remote system without exploiting it (ex. banner checks, non-intrusive
fingerprinting).
2018-05-11 12:42:31 -05:00
Wei Chen b1e767298f Update doc 2018-05-11 10:30:15 -05:00
Wei Chen ad0ba4f402 Update to update compile_c_to_file argument 2018-05-11 10:29:24 -05:00
Wei Chen 6cd59faa69 Namespace update 2018-05-11 10:27:54 -05:00
Wei Chen 76865732c8 Namespace update 2018-05-11 10:26:59 -05:00
Wei Chen 82c8138de0 Update naming and license 2018-05-11 10:08:16 -05:00
Wei Chen d3f50f421d Update regex 2018-05-10 22:39:49 -05:00
Adam Cammack 780b956dd1
Return results of external module runs
This will allow us to grab check results or more interesting things in
the future, if we decide that modules can have return values for more
types of things. Or this may go away and checks will use the reporting
interface like everything else.
2018-05-10 18:29:14 -05:00
Adam Cammack 147471fb79
Add constant for reverse check code lookup 2018-05-10 18:24:57 -05:00
Wei Chen caf07116db Add compiler support capable of including headers.
This is basically a wrapper for metasm, but supports built-in
headers so that as an user, I don't have manually do this
every time I compile something with metasm.
2018-05-10 00:33:01 -05:00
Adam Cammack 271a2344db
Refactor external module API to be more reliable
Also:
  Grabs exit status
  Less boilerplate required for modules
2018-05-09 13:30:13 -05:00
Hypnoze57 08b81a418f Customization of Golden Ticket Duration
- Post exploitation module updated
- Kiwi extention updated

Using mimikatz /startoffset and /endin params
Duration in hours, default already 10 years
2018-05-09 17:44:55 +02:00
Brent Cook 4cf834d670 restore a few more mixin aliases for now 2018-05-08 17:10:01 -05:00
Brent Cook 25177ef9dc add local CONST definition 2018-05-08 17:08:05 -05:00
Aaron Soto 40f1bb223d
Revert deleted code from #9986. See issue #9993 2018-05-08 16:40:49 -05:00
James Barnett 0f33bd08c7
Update swagger UI files 2018-05-08 12:26:46 -05:00
Adam Cammack a72ab10777
Add initial Python library for login scanners 2018-05-07 17:42:41 -05:00
Matthew Kienow 70be536b36
Land #9939, add remote data service rspec support 2018-05-07 18:07:02 -04:00
Adam Cammack ee9da87f1e
Add shim for external login scanner modules 2018-05-07 15:05:44 -05:00
Adam Cammack ee1059312f
Allow access to userpass_interval in AuthBrute 2018-05-07 14:41:48 -05:00
Brent Cook 02849bcfd0
Land #9986, initial ruby_smb simple client integration 2018-05-07 14:02:22 -05:00
Brent Cook d3652c62d6
Land #9948, optimize, then delete unused code (the ultimate optimization) 2018-05-07 10:19:15 -05:00
Brent Cook d3e6e93d6a the fastest code is that which does not exist 2018-05-07 10:13:38 -05:00
Adam Cammack 524661617c
Allow DataStore to nest Arrays arbitrarily deep 2018-05-07 09:51:40 -05:00
Brent Cook 3e7e1e59df style updates, expand constants 2018-05-07 00:24:38 -05:00
Brent Cook 8463d94891 remove mostly unused shortcuts 2018-05-07 00:24:38 -05:00
Brent Cook a9094d6b97 style updates 2018-05-07 00:24:38 -05:00
Jacob Robles 534d05ff44 simpleclient versions option 2018-05-07 00:24:38 -05:00
Jacob Robles ff202a5f5b Simpleclient/SMB2 support 2018-05-07 00:24:38 -05:00
Jacob Robles d54992674f Response code, Write fix 2018-05-07 00:24:38 -05:00
dmohanty-r7 f2cf4fd1dc remove case for open smb file packet field 2018-05-07 00:24:38 -05:00
dmohanty-r7 960c733f16 Remove references to TreeId and FileID 2018-05-06 11:35:54 -05:00
dmohanty-r7 5f7b050173 Get psexec and enumshares to stable state 2018-05-06 11:27:11 -05:00
dmohanty-r7 e25a718861 Simplify 2018-05-06 11:27:11 -05:00
dmohanty-r7 e9b78095be Psexec works 2018-05-06 11:27:11 -05:00
dmohanty-r7 a9019585fe Replace simpleclient's client with ruby_smb client 2018-05-06 11:27:11 -05:00
Tim W 5f01b6abc9
Land #9977, fix crash during x64 linux reverse_tcp stager retry 2018-05-05 17:13:00 +08:00
Tim W 4216d06ffb fix #9963, update x64 linux reverse_tcp stager cached size 2018-05-05 16:30:45 +08:00
Matthew Kienow 5322a682f6
Fix exception in verbose mode sessions listing 2018-05-05 00:50:07 -04:00
Matthew Kienow cd38f56924
Add sessions cmd option to list inactive sessions 2018-05-05 00:42:22 -04:00
Matthew Kienow 06e178cba2
Add functionality to retrieve sessions 2018-05-05 00:39:56 -04:00
Adam Cammack 7c67d2b0b4
Add external module API for reporting passwords 2018-05-04 16:24:57 -05:00
Adam Cammack 0834c1aabd
Log when loading an invalid external module type 2018-05-04 15:55:21 -05:00
Aaron Soto 2cd0d3d90a
Rudamentary SOCKS5 functionality, CONNECT, IPv4, non-DNS only 2018-05-04 14:44:03 -05:00
William Vu aed4f067ba Fix nil target_index in auto targeting
This exists on master when DefaultTarget < 0.
2018-05-03 21:59:24 -05:00
William Vu 8881d32a45 Add target selection and tab completion by name 2018-05-03 21:03:05 -05:00
William Vu 88f09dc302 Update a few stragglers in Drupalgeddon 2
1. I added a missed header and YARD to the Drupal mixin.
2. I decided to match discovered versions more liberally.
2018-05-03 18:35:25 -05:00
William Vu 728d7bc065 Fix #9876, second round of Drupalgeddon 2 updates
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
2018-05-03 17:38:32 -05:00
James Barnett a5b9cc8cb8
Add Msf endpoint API doc 2018-05-03 17:16:04 -05:00
James Barnett 40c978e040
First pass at Vuln Attempt API doc 2018-05-03 16:59:30 -05:00
James Barnett 728850c61a
First pass at Session Event API doc 2018-05-03 16:00:56 -05:00
James Barnett a11c7220b6
First pass at Event API doc 2018-05-03 14:20:23 -05:00
Pierre Lestringant 9338de15d3 Fix stack in payload/linux/x64/reverse_tcp 2018-05-03 15:34:00 +02:00
James Barnett 249db505c8
First pass at Credential API doc
Also get the workspace from the query string for credentials
2018-05-02 16:47:39 -05:00
James Barnett 6bc4e2d622
First pass for Nmap api doc 2018-05-02 15:44:07 -05:00
christopher lee 038fe03777 Merge branch 'master' into ms-2962 2018-05-02 15:31:57 -05:00
christopher lee a7ec7b52b7 Fix error on data server due to unexpected report_exploit call 2018-05-02 14:59:02 -05:00
James Barnett e3c913e104
First pass for Exploit API doc
Also fixed a few formatting issues in other docs
2018-05-02 14:47:17 -05:00
James Barnett 5e9bbb4bef Merge branch 'master' into local_api_docs 2018-05-02 11:48:13 -05:00
James Barnett e1827bb2c3
DbExport API doc first pass 2018-05-02 11:40:56 -05:00
James Barnett fd8d30812e
Add swagger-ui to view formatted API docs 2018-05-02 10:27:56 -05:00
Brent Cook 1456bbdaec fix more whitespace issues 2018-05-01 05:23:26 -05:00
Brent Cook fcc38b75bf style updates 2018-04-30 18:40:07 -05:00
Jeffrey Martin 28173222a8
Land #9881, cleanup psexec code 2018-04-30 18:39:36 -05:00
Brent Cook 1214f4d6c9 more optimizations 2018-04-30 18:25:25 -05:00
James Barnett d5838e6411
First pass at sessions api doc 2018-04-30 16:17:27 -05:00
James Barnett d89f403368
First pass for vuln api doc 2018-04-30 13:41:31 -05:00
Matthew Kienow cb8131ab22
Validate search cmd arguments 2018-04-30 00:02:03 -04:00
Matthew Kienow 89d86b1f48
Remove code related to unused search cmd options 2018-04-29 23:16:30 -04:00
Matthew Kienow ca7b10af39
Add search cmd option to write CSV output file 2018-04-29 23:08:24 -04:00
Kent Gruber 89ab409a1a remove unnecessary object allocation and regex
The regex can be removed with the default split method. The val object
can be removed by adding to the secs object directly on the result of
the case statement.
2018-04-27 23:10:28 -04:00
christopher lee 08d3074c79 Add blurb about potential windows issue 2018-04-27 16:38:10 -05:00
christopher lee 41307e62f8 remove puts 2018-04-27 15:50:21 -05:00
Brent Cook ee2ad8affe move super call in merge! so that it returns the proper value 2018-04-27 14:21:57 -05:00
christopher lee 0a73a5007c Removed duplicated online test 2018-04-27 09:37:17 -05:00
Auxilus 771e0df417 fix in method calls 2018-04-27 10:35:58 +05:30
Auxilus 25cf8d175a report command execution o/p 2018-04-27 08:43:30 +05:30
James Barnett 5d32a3264d
Workspace API Doc first pass. 2018-04-26 17:55:39 -05:00
Brent Cook 916b4b2261
Land #9936, Narrow rescue scope to StandardError with database 2018-04-26 17:45:15 -05:00
James Barnett 5d43e0527f
Notes API doc first pass 2018-04-26 17:42:03 -05:00
christopher lee 0fd7ab6dd9 test 2018-04-26 16:52:48 -05:00
christopher lee 9c7db375bf Fix broken tests after latest merge with master 2018-04-26 16:39:56 -05:00
christopher lee 516b61ebaa Merged master 2018-04-26 16:02:56 -05:00
christopher lee e97693d056 Cleanup 2018-04-26 16:01:15 -05:00
James Barnett 49baa2ce41
Initial pass for Services api doc 2018-04-26 14:38:16 -05:00
Matthew Kienow c79e39377e
Narrow rescue scope to StandardError 2018-04-26 14:55:41 -04:00
James Barnett f46a3325fc
Add loot api docs 2018-04-26 11:24:05 -05:00
James Barnett f5c35843a8
Move swagger docs to separate files 2018-04-26 11:08:11 -05:00
James Barnett cc460e5b95
Finish documenting host endpoints 2018-04-26 10:39:27 -05:00
Matthew Kienow 1aad9f0879
Revert NoteDataService to raise RuntimeError 2018-04-26 10:43:03 -04:00
Brent Cook dbdb35cf08
Land #9877, Add kernel feature post API methods 2018-04-25 22:18:28 -05:00
William Vu fc83a130f8
Land #9885, datastore fixes for stager retry code 2018-04-25 18:53:00 -05:00
Brent Cook 31563a977c use OO rather than duck typing for parameter copying 2018-04-25 18:41:14 -05:00
Brent Cook 9bdba7e234 s/clone/ds/g 2018-04-25 18:35:45 -05:00
Auxilus 1ecd9b822e fix whitespaces.. 2018-04-26 03:05:53 +05:30
Auxilus fa11657b8f fix whitespaces 2018-04-26 02:58:27 +05:30
Auxilus d59e997628 make some methods private 2018-04-26 02:55:21 +05:30
Jeffrey Martin 2487314821
Land #9869, Add support for shellcode encryption for msfvenom 2018-04-25 15:51:05 -05:00
James Barnett a5172e066d
Land #9926, check remote data service before connecting
This PR adds a check prior to connecting to a remote data service
to verify it is online and returning expected data. This prevents
crashes that were occurring when unexpected responses were returned
2018-04-25 14:07:33 -05:00
christopher lee 071a191055 Merge master + workspace removal from http remote data service 2018-04-25 13:39:46 -05:00
James Barnett df9df01f19
First pass on swagger/blocks documentation 2018-04-25 12:58:29 -05:00
Auxilus 73494593bf updated 2018-04-25 20:19:53 +05:30
Brent Cook 3eac989fb0
Land #9886, ignore unused tags on host import 2018-04-25 03:41:55 -05:00
Auxilus 382a7f8aa3 Merge https://github.com/rapid7/metasploit-framework into psexec_cleanup 2018-04-25 09:09:48 +05:30
Auxilus cbfdaf23a0 updated for requested changes 2018-04-25 08:56:54 +05:30
Matthew Kienow 43edf46c43
Fix set data service for no database YAML case 2018-04-24 18:34:16 -04:00
Matthew Kienow 359ef27834
Narrow rescue scope to StandardError 2018-04-24 17:19:54 -04:00
Matthew Kienow f66029d129
Validate remote data service instance
Adds simple data service instance validation when registering and
setting a data service.
2018-04-24 16:54:10 -04:00
Matthew Kienow 01dd79173b
Add data proxy and service for online check 2018-04-24 15:11:16 -04:00
Matthew Kienow 0d284197cb
Add MsfServlet to host endpoint for online check 2018-04-24 15:01:17 -04:00
James Barnett e5513409db
Include :workspace in db_import opts 2018-04-24 13:53:55 -05:00
Auxilus e7ac2cd155 move report_auth to psexec module 2018-04-24 23:00:55 +05:30
Auxilus f43baa3ca9 fix exe and wbemexec dep 2018-04-24 22:07:34 +05:30
Auxilus 3353102dc1 fix opt dependencies 2018-04-24 21:55:09 +05:30
Brent Cook 08c1cd5909
Land #9851, add workaround require for non-powershell psexec 2018-04-24 08:22:58 -05:00
Brent Cook b3118193e8 add todo comment on require 2018-04-24 08:22:31 -05:00
Brent Cook 30abdfe2fd move copy up so it's clear what we call by default 2018-04-24 06:40:15 -05:00
Brent Cook 7afefe07a6 aliases was not being copied, dup it 2018-04-24 06:32:54 -05:00
Brent Cook 1d376c78e2 ensure copy exists on DataStore too 2018-04-24 06:32:38 -05:00
Brent Cook 505810ffd6 introspect the RHS since it it is not guaranteed to be a Datastore 2018-04-24 06:15:05 -05:00
Brent Cook d34119548d replace some @ with self. 2018-04-24 06:03:02 -05:00
Aaron Soto a1027d56c9
Land #9912, Fix type validation in the notes add operation 2018-04-23 16:58:13 -05:00
Brendan Coles e7b8427b53
Land #9829, add utility functions to Msf::Post::Linux::System
Merge branch 'landing-9829' into upstream-master
2018-04-23 16:46:13 +00:00
Wei Chen ec1294d3f6
Land #9858, fix error handling in cmd_route
Land #9858
2018-04-23 08:46:38 -05:00
Wei Chen b20042abbd Fix indent and add elog 2018-04-23 08:45:34 -05:00
Matthew Kienow d2831536ca
Fix type validation in the notes add operation
Make variable nil checks explicit for better style.
2018-04-23 01:46:46 -04:00
Carter Brainerd 055f9ee88b
Remove get_listening_ports() 2018-04-22 16:15:33 -04:00
James Barnett 988063d377
Dont set default workspace if theres no DB 2018-04-21 10:26:17 -05:00
Carter Brainerd 035a6a72f1
Fix undefined method error in get_listening_services 2018-04-21 11:10:01 -04:00
Carter Brainerd 4c6ae0f644
Delete gcc version method
Also rename get_mount_path_of to get_mount_path
2018-04-21 10:24:27 -04:00
William Vu 06de967b02 Pass NOP generator to exploit_simple
This also makes exploit_simple consistent with its documentation.
2018-04-20 18:27:53 -05:00
Brent Cook 4aafa7b321
Land #9898, Fix target NOP generator not passed to payload 2018-04-20 18:11:49 -05:00
William Vu d17cc757e7 Fix typo 2018-04-20 18:03:39 -05:00
Matthew Kienow fcf42c7626
Landing #9859, add workspace remote datastore
Adds support for create, read, update and delete operations for the
workspace command and data model when using a remote data service.
2018-04-20 18:14:55 -04:00
William Vu 1f5ece9c46 Fix target NOP generator not passed to payload 2018-04-20 17:12:55 -05:00
Spencer McIntyre 1f3cfc9498 Print the listening host information 2018-04-20 16:02:33 -04:00
Spencer McIntyre 2610757f27 Include the StreamServer interface for pivoting 2018-04-20 15:10:53 -04:00
James Barnett ea79c65b8e
Handle workspace delete if target does not exist 2018-04-20 11:33:35 -05:00
James Barnett 8d09f23b91
Fixes around workspace messaging 2018-04-20 11:25:24 -05:00
James Barnett f4a949e649
Fix bug creating sessions when connected to remote data service 2018-04-19 16:19:39 -05:00
James Barnett 7e971721f0
Adjust messaging when renaming workspaces 2018-04-19 11:52:30 -05:00
James Barnett 31be847213
Add workspace when reporting vuln_attempt 2018-04-19 11:09:13 -05:00
William Vu 33bde31eec Fix target encoder not being passed to payload
Datastore functionality has been preserved as an override.
2018-04-19 02:25:18 -05:00
James Barnett aa40ef1789
Grab session_dto workspace from host 2018-04-18 17:38:42 -05:00
James Barnett 348eb293d0
Handle case when renaming nonexistant workspace 2018-04-18 13:02:31 -05:00
James Barnett 81d00fa5b7
Fix edge cases in workspace update 2018-04-18 12:56:38 -05:00
Wei Chen 3611a1dfe4 Update rex-text version 2018-04-18 10:40:11 -05:00
James Barnett d4a2703ff1
Dont stop host parsing if id tag found
Also make clarify 'bl' variable name.
2018-04-18 10:12:12 -05:00
Brent Cook 00d0beb188 use deep copy 2018-04-18 02:34:48 -10:00
Brent Cook 09e86bfbd0 define merge and merge! on datastore to also merge aliases 2018-04-18 02:27:57 -10:00
Brendan Coles c9fd5a7d2d Add yama_installed?, yama_enabled? and selinux_enforcing? 2018-04-18 07:22:20 +00:00
Brent Cook a5588ec174 use same datastore retry option for x86 and x64 linux stagers 2018-04-17 15:57:54 -10:00
Wei Chen ff9c55207e Move crypto methods to Rex::Crypto namespace 2018-04-17 20:12:26 -05:00
James Barnett 77558cd2d7
Remove unused code 2018-04-17 14:28:28 -05:00
Carter Brainerd 3da48dbb10
Fix bug caused by last commit 2018-04-17 13:38:38 -04:00
Carter Brainerd 7bfaae0919
Update system.rb
Fix get_listening_ports bug
2018-04-17 13:35:25 -04:00
James Barnett 82798424b2
Support getting a workspace via id
Also implements a helper method to sanitize sinatra injected
params since it was causing issues downstream. Updated each
use of sinatra params to use this helper method.
2018-04-17 12:35:22 -05:00
Carter Brainerd 85b09a162a
Add some efficiency improvements 2018-04-17 12:09:46 -04:00
James Barnett b569498250
Address more code review comments 2018-04-17 10:52:56 -05:00
James Barnett a8a95a03a3
Implement remote workspace delete 2018-04-17 10:19:40 -05:00
Carter Brainerd d91ef7c9dc
Add strip to protected_* methods 2018-04-17 11:04:08 -04:00
James Barnett f27490dc61
Address PR suggestions and add comments 2018-04-16 16:45:23 -05:00
James Barnett 68ad91763a Merge branch 'rapid7/master' into MS-3062_workspaces 2018-04-16 15:33:59 -05:00
James Barnett 2ef451c349
Land #9873, add notes functionality to remote datastore
This PR enables create, update, and delete functionality for the notes
command and data model when using a remote data service.
2018-04-16 15:03:27 -05:00
Matthew Kienow e283f109a7
Remove commented out code 2018-04-16 14:14:46 -04:00
Matthew Kienow 74cb9c38b2
Change source for host address value in output 2018-04-16 14:09:19 -04:00
Brendan Coles f3ee870d72 Remove selinux_enforcing? method 2018-04-16 12:16:00 +00:00
Brendan Coles 5bc24d048c Remove kaslr_enabled? method 2018-04-16 11:51:15 +00:00
Brendan Coles a1a4c636fb strip 2018-04-16 10:22:41 +00:00
Auxilus 4de9f84dd4
fix no method error for Failure::Unknown 2018-04-16 13:51:32 +05:30
Auxilus f0b9ea635a cleanup psexec code 2018-04-16 09:04:36 +05:30
Brendan Coles b5c8b2ed19 Add kaiser_enabled? and kaslr_enabled? methods 2018-04-15 06:53:00 +00:00
Brendan Coles 78daa283c7 Add new methods to Msf::Post::Linux::Kernel lib 2018-04-14 07:33:29 +00:00
Adam Cammack 47a324815d
Land #9872, Fix JSONRPC fields in external modules 2018-04-13 15:00:26 -05:00
Matthew Kienow daf67999d6
Raise NotImplementedError in NoteDataService stubs 2018-04-13 12:07:35 -04:00
Adam Cammack e65de2b56f
Conform to JSONRPC 2.0 spec in external modules
Responses to queries had a `response` field instead of the required
`result` field.
2018-04-12 16:55:27 -05:00
Matthew Kienow 37479d8fd4
Modify notes search to handle serialized data
Initial Goliath notes search implementation attempted to use Arel and
decode base64 serialized data column, however, this was not without
issue. Updated implementation retrieves all records that match
conditions, thus data has been deserialized and then filters using
specified search term.
2018-04-12 17:37:16 -04:00
William Vu d2a683d2df Add whitespace and update help 2018-04-12 15:39:04 -05:00
Auxilus 0b3f50ea80
show help when no arguments provided to `search` 2018-04-13 01:27:22 +05:30
Matthew Kienow 4e49b99783
Add cmd notes option to sort by column number 2018-04-12 15:56:42 -04:00
Matthew Kienow f60bbdd831
Remove cmd notes make_sortable helper method 2018-04-12 10:51:03 -04:00
cbrnrd bf8c62f27c change `if !` to `unless` 2018-04-12 09:54:57 -04:00
cbrnrd 5923845f68 Merge branch 'post_linux_system_dev' of https://github.com/cbrnrd/metasploit-framework into post_linux_system_dev 2018-04-12 09:16:31 -04:00
cbrnrd 5f725e09db Make nosuid? and noexec? take a filepath as param 2018-04-12 09:15:44 -04:00
thecarterb 0abeb4fee6 Add new functions and fix return bugs attempt 2 2018-04-11 21:52:53 -04:00
thecarterb 892fb70fc6 Revert "Add new functions and fix return bugs"
This reverts commit 1e34a6d3c6.
2018-04-11 21:46:34 -04:00
Adam Cammack 8c7f929636
Land #9865, Update Meterpreter `ls`/`dir` help 2018-04-11 17:05:18 -05:00
Matthew Kienow 087ae447c5
Remove cmd notes sort operation 2018-04-11 17:46:13 -04:00
James Barnett 86b6009999
Land #9860, Fix DB init when database.yml is missing
This PR fixes a bug introduced with goliath that caused incorrect error messages
and other error messages when no database.yml was present. It also improves the
messaging around that use case and loads CommandDispatcher::Db correctly.
2018-04-11 16:13:40 -05:00
Adam Cammack f1d426d257
Land #9833, Remove broken feature detection 2018-04-11 15:02:53 -05:00
Aaron Soto b9d71b7147
Renamed 'mask' to 'glob' 2018-04-11 14:50:27 -05:00
Aaron Soto 21467d7938
Update stdapi/fs help output to match searching/masking parameters 2018-04-11 14:19:33 -05:00
James Barnett 4e5e0f2c40 Merge branch 'master' of github.com:rapid7/metasploit-framework 2018-04-11 13:59:43 -05:00
William Vu 6c6aa8db82 Print generated CmdStager with inspect, not join
I dun goofed. I knew I should have just printed it verbatim.

tl;dr I thought I had accounted for command compression. I was wrong.
This should also give us more information about what exactly is being
run and how many times.
2018-04-11 13:49:00 -05:00
Wei Chen 19e76329dc Add some checks in buffer.rb and fix option in msfvenom 2018-04-11 13:02:35 -05:00
Matthew Kienow 3db19fe4f2
Fix DBManager::Service use of services method
services method was previously modified to use a hash as the parameter,
but each_service was passing a workspace. Make each_service method
consistent with other DBManager modules.
2018-04-11 11:43:12 -04:00
cbrnrd 1e34a6d3c6 Add new functions and fix return bugs 2018-04-11 10:47:21 -04:00
Matthew Kienow e639fda53c
Fix DB initialization with no database YAML 2018-04-11 09:15:38 -04:00
thecarterb 57e243ac49 Read from /proc/mounts instead of the mount command 2018-04-10 23:20:00 -04:00
scriptjunkie bc07ba3769 load only at use to break require loop 2018-04-10 21:05:41 -05:00
Wei Chen 13edf66fa3 Fix options 2018-04-10 18:57:02 -05:00
Brent Cook 41a21def80
Land #9857, Restore services search semantics 2018-04-10 17:25:48 -05:00
James Barnett cd48b47760 Fix failing tests.
-Was accidentally deleting opts[:workspace] instead of processing
-Update notes help text expectations
2018-04-10 17:10:32 -05:00
James Barnett e51f41fa34
Merge remote-tracking branch 'msf_jbarnett/fix_services_bugs' into MS-3062_workspaces 2018-04-10 13:35:33 -05:00
Auxilus f1240b0454
resolves #9855 2018-04-10 22:20:27 +05:30
Wei Chen b630d5c327 Add encryption support for shellcode 2018-04-10 11:14:14 -05:00
James Barnett 462db05f4c
Re-enable port search functionality 2018-04-10 11:10:32 -05:00
Adam Cammack 4495eea1ca
Land #9836, Force #! for external modules 2018-04-10 11:08:15 -05:00
Adam Cammack 81ec33b0e4
Refactor script path check into base module loader 2018-04-10 11:07:21 -05:00
James Barnett 48c0bbfa7a
Only display the services for a given workspace 2018-04-10 10:28:02 -05:00
cbrnrd 07b3b576f5 Fix parsing in get_cpu_info 2018-04-10 06:03:16 -04:00
cbrnrd 1276960d88 Fix typo in raise call 2018-04-10 05:54:35 -04:00
cbrnrd 0a79c5a15b Add docs to nosuid? 2018-04-10 05:53:19 -04:00
cbrnrd 6e6bc9bc6b Add noexec and nosuid
Also fix some regex bugs
2018-04-10 05:51:57 -04:00
Brent Cook c525bc3c0a
Land #9848, handle 'check' command on modules that do not implement it 2018-04-09 22:27:21 -05:00
scriptjunkie 2ea875d304 Fix issue preventing psexec against non-powershell targets 2018-04-09 22:01:49 -05:00
James Barnett 90542779ff
Audit models to ensure :workspace is passed only when needed 2018-04-09 14:50:37 -05:00
William Vu e17a788ab5 Remove stray dlog filling framework.log 2018-04-09 13:58:10 -05:00
William Vu 924a336287 Fix unsupported check_simple method for modules 2018-04-09 13:43:22 -05:00
Brent Cook 7b85edfde5
Land #9822, Fix backgrounded aggressive exploits 2018-04-09 09:36:12 -05:00
h00die a473dd04a8
Land #9813, Add etcd library and version scanner 2018-04-08 07:05:31 -04:00
Brent Cook 07c9be5130
Land #9812, Add Msf::Post::Linux::Kernel lib 2018-04-08 00:40:03 -05:00
Brent Cook 6c8ea2d883 also be sure to load executable modules if they don't have #! 2018-04-07 21:15:51 -05:00
Brent Cook 28ebe9d102 sanity check that external modules start with #! before executing 2018-04-07 16:31:34 -05:00
Brent Cook 6fb6570f99 delete old feature detection code from exploit base
This deletes some old code that apparently has been broken and somewhat unused for many years.

The 'derived_implementor?' method for modules relies on the debug output from Ruby in order to tell of a class implements a method, but the regex it used didn't work properly with any modern Ruby version until 2.5.x. This caused a random sleep to get inserted into certain payload staging operations, which actively breaks staging in certain scenarios (I'm not trying to address that here).

This also removes some ancient module feature detection code, which also is entirely unused today.
2018-04-07 12:47:42 -05:00
cbrnrd 04d5e8a765 Switch text processing to ruby
Also add pidof() and command_exists?()
2018-04-06 23:31:11 -04:00
Matthew Kienow 5a693aa89c Fix recursive cleanup issue 2018-04-06 13:49:16 -05:00
Brent Cook b20666656f ensure cleanup commands only get invoked once 2018-04-06 13:49:16 -05:00
Brent Cook 7a95024062 remove more ring operations 2018-04-06 13:49:16 -05:00
Brent Cook 730010aa06 remove RingBuffer from interactive command shells, fix token handling 2018-04-06 13:49:13 -05:00
scriptjunkie c303859c11 Fix #9827 2018-04-06 11:06:52 -05:00
cbrnrd c97eb42eba Finish up additions and add doc 2018-04-06 12:04:35 -04:00
Jon Hart 1cc16a55a8
Add other linux kernel post helpers 2018-04-06 08:28:53 -07:00
Brendan Coles ba88118d7a Update kernel_modules method to return Array 2018-04-06 15:02:43 +00:00
thecarterb a85f118bf2 Begin adding functions to Msf::Post::Linux::System 2018-04-05 21:32:58 -04:00
William Vu 7cc82a14b6 Update exploit driver with correct method 2018-04-05 18:56:19 -05:00
William Vu 17ed88b766 Fix backgrounded aggressive exploits
Any exploit that includes an aggressive stance is aggressive, regardless
of whether or not it has passive components.

This fix should prevent known-aggressive exploits from backgrounding.
2018-04-05 18:34:36 -05:00
James Barnett fe224f628b
Remove update_host_via_sysinfo since it is unused 2018-04-05 14:20:25 -05:00
Brendan Coles 499b0a857f Add kernel_modules method 2018-04-05 05:25:36 +00:00
James Barnett 852bc3d237
Dont inject :workspace into every HTTP request. 2018-04-04 16:30:25 -05:00
James Barnett 6a02712674
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces 2018-04-04 16:03:43 -05:00
Jon Hart bc81cfad1f
Fix error handling when trying to delete non-existent workspace 2018-04-04 11:40:21 -07:00