7e81e81965
call 'except' without duplicating variable
2018-07-26 17:22:15 -05:00
9f5f2ffeab
remove extraneous newlines
2018-07-26 17:19:18 -05:00
0a6a91a1c6
Initial add of pybash option
2018-07-26 14:44:34 -05:00
2572a297a2
clean up parameter delcarations in docs and rename doc files to module_search
2018-07-26 11:43:55 -05:00
5c9f002a72
Make hash definitions more consistent
2018-07-26 10:40:58 -05:00
3f8906596d
Fix issue 10372, match mutiple slashes better
2018-07-26 05:35:04 -04:00
63ed4b2173
Add uictl tabs
2018-07-26 05:33:40 -04:00
2dbbd0c649
Add multiple commands' tabs and help
2018-07-26 05:32:57 -04:00
4060492bfc
Add multiple commands' tabs and help
2018-07-26 05:27:47 -04:00
3852265d9f
Add multiple commands' tabs and help
2018-07-26 05:26:30 -04:00
6c1a28d2d6
Add multiple commands' tabs and help
2018-07-26 05:25:38 -04:00
6a0534de14
Update splitkey method to match better on windows
2018-07-26 05:23:27 -04:00
746b63f76a
Add method to glob the given filename.
2018-07-26 05:21:12 -04:00
8e6a1d203b
Futureproof FingerprintCheck until we delete it
2018-07-25 21:39:02 -05:00
4e46ebdb9c
Call check_simple when RHOSTS is a single host
2018-07-25 21:27:20 -05:00
25ef422168
Handle connection errors and fail_with in check
...
Also fix FingerprintCheck to tell us when it doesn't receive a response.
2018-07-25 21:11:40 -05:00
e78337d59a
Land #10374 , Net::SSH::CommandStream fixes
2018-07-25 18:21:39 -05:00
8753c5bf62
Land #10303 , HttpClient Rex::ConnectionError fix
2018-07-25 18:02:44 -05:00
f5ccdcfcd2
Net SSH CommandStream fixes implemented
...
* Net::SSH::CommandStream typos fixed
* Net::SSH::CommandStream cleanup made more robust and refactored
* require 'net/ssh/command_stream' added to various modules
2018-07-25 11:22:28 -05:00
625ea87ea9
Land #10368 , PhpMyAdmin Login Scanner Module
2018-07-24 23:25:27 -05:00
9205159e7d
update console help documentation
2018-07-24 16:43:30 -05:00
e6e06fea84
update rank param to accept descriptive names
2018-07-24 16:43:16 -05:00
87434ef22d
pull changes
2018-07-24 15:42:31 -05:00
503a2276f2
Convert creds to use new format
2018-07-24 15:25:48 -05:00
ffe4dbcc19
refactor out of db_manager and into web_services
2018-07-24 15:25:23 -05:00
6d878a9bb6
Land #10367 , Pass a framework instance to external module shims
2018-07-24 15:22:47 -05:00
de52e8c631
Update Rspec expected thread count
...
External modules start threads during the test run, so the thread
manager is always running by the end in addition to the main VM thread.
2018-07-24 15:14:47 -05:00
4f81fcdc87
retn versions in chk_setup, tests to reflect, doc
2018-07-24 14:51:00 -05:00
eccd223a3e
Merge branch 'master' into conform_to_api_standards
2018-07-24 12:11:14 -05:00
230e36f5f0
Pass the framework instance to exec module shims
2018-07-24 12:02:54 -05:00
976a3464e1
added phpmyadmin login scanner and aux module
2018-07-24 09:47:01 -05:00
2242cb590d
Fix name in credential_data_service
2018-07-23 17:26:12 -05:00
e3da0a6828
Merge branch 'master' into remote_creds_data
2018-07-23 16:39:13 -05:00
2215cab7df
refactor search to work with existing console search function, and expand console keyword options
2018-07-23 16:37:11 -05:00
862f918d49
Fix bug when updating Core subobjects
2018-07-23 16:21:30 -05:00
87f9d3bd23
Land #10345 , OptionParser for console grep
2018-07-23 16:00:18 -05:00
351c2319a8
Fix issues with creds filter by IP
2018-07-23 14:53:09 -05:00
dc43cc78b0
Land #10341 , Add check method Boolean to module cache and info and search commands
2018-07-23 14:45:28 -05:00
654cbd198a
Fix missing method when check is run
...
Oops, lost the "mod" when I refactored into ternary. Caught during
verification with @wchen-r7. :D
2018-07-23 14:19:48 -05:00
08c0463e41
Cleanup creds options
2018-07-20 16:35:55 -05:00
b250c4e3f4
Honor realm in creds -S
2018-07-20 16:30:17 -05:00
08e1941e9b
Remove unsupported syntax from creds help
2018-07-20 15:54:57 -05:00
58ad718a7d
Display check support in module search
2018-07-20 14:10:44 -05:00
c7ea24e856
Pass symbols for credential types
2018-07-20 13:17:57 -05:00
6c7650eec3
add call to warden.authenticate!
2018-07-20 10:34:07 -05:00
c11d404ae0
successfully works on v4.8.1
2018-07-20 09:13:51 -05:00
658267849b
deconflict the method names in mix-ins
2018-07-19 17:01:40 -05:00
65d42380d3
Merge branch 'master' into remote_creds_data
2018-07-19 16:25:06 -05:00
a8e5308fd3
WIP: Convert each endpoint to use the correct JSON format
2018-07-19 16:20:35 -05:00
2cd5c11342
remove unnecessary whitespace
2018-07-19 15:56:04 -05:00
9327d75ceb
Land #10343 , Add decryption and decoding support for Metasploit C compiler
2018-07-19 14:57:43 -05:00
ad2bd35858
add a requirement that there must be at least one search parameter
2018-07-19 14:56:51 -05:00
04a6cf8f0a
pull latest changes and re-register module servlet in new sinatra base
2018-07-19 14:42:39 -05:00
77fbd4b443
strip whitespace from field params
2018-07-19 14:34:47 -05:00
ce7eb9f3fe
add list of valid fields to documenation and update aliases
2018-07-19 14:31:46 -05:00
7dc37c8c79
add aliases to prevent ambiguity with plurals
2018-07-19 14:24:12 -05:00
3d58ec3a53
add aliases for field keywords
2018-07-19 14:23:47 -05:00
dd4279fc2a
add more robust searching to reflect all metadata values
2018-07-19 13:07:16 -05:00
ef264e78f0
Refactor grep command to use optparse
...
This is an experiment to see what it would take to convert *all* option
assignment, parsing, and validation to use Ruby's builtin optparse. Our
current situation in the command dispatchers is a mishmash of bespoke
and Rex code, both with odd behaviors. Modules use a more formalized
system, but it is also a bit janky and unlike most other tools a
pentester might use.
The first step is to refactor the console commands to use Ruby's builtin
option parsing to reduce code and increase homogeneity among the various
functions. Next we plan to explore what it would take to invoke modules
from within Metasploit this way (this would be Metasploit 5+ only).
Refactoring `grep` seems to have been a success. There is now less code;
the code that declares and handles the options are now in the same
place; long options are now supported; adjacent, argument-less short
opts now work as expected; patterns can now begin with a `-`; and option
arguments are now validated. Additionally, optparse's argument
coercion/validation code can be extended for custom types/validations to
support more specialized commands.
2018-07-19 12:11:09 -05:00
59962c5273
Merge branch 'master' into conform_to_api_standards
2018-07-19 09:26:17 -05:00
f2fd24780c
Add support for XOR
2018-07-18 23:13:45 -05:00
1534613cda
Add Base64 support
2018-07-18 20:07:27 -05:00
999d0e994f
Add RC4 decryption
2018-07-18 19:50:46 -05:00
08290b81c0
Land #10282 , Add support for running external modules outside of msfconsole
2018-07-18 17:38:40 -05:00
8010c58220
add module documentation to swagger (WIP)
2018-07-18 17:36:31 -05:00
612959d9ab
Land #10323 , add authentication to REST API
2018-07-18 17:29:22 -05:00
1371fc6daf
Fix regexed integer RPORT for module search
2018-07-18 17:24:05 -05:00
de23559491
Add check for check to module cache
2018-07-18 16:40:52 -05:00
ee6de3da39
Make endpoint plural and uniform with the others
2018-07-18 17:35:47 -04:00
98d6d4cbcd
Add check for check to info command
2018-07-18 16:33:30 -05:00
5fa1ddf4eb
Remove default check method
2018-07-18 16:25:46 -05:00
93ce09cbd2
indicate private methods
2018-07-18 15:55:25 -05:00
6955a9a58b
filter search result using comma delimited fields
2018-07-18 15:52:47 -05:00
4da27d2bff
Enable GET for /endpoint/ID for each model
2018-07-18 15:18:22 -05:00
389b015047
fix typo (reference -> references)
2018-07-18 15:10:11 -05:00
257a05d5d7
Add long port option for data_services cmd
2018-07-18 14:29:32 -04:00
3147b8307b
Fix issue when adding authenticated data service
...
Add authentication to MsfServlet as a simple workaround to an issue
that occurs when data_services cmd is used to add a remote service
that requires an API token and no token or an invalid token are
provided.
2018-07-18 14:08:30 -04:00
4ff39e3799
Fix error code returned by authentication failure
...
Previously an authentication failure message would indicate that the
error was permissions related yet the error code remained 401. The fix
allows the Authentication::Strategies classes to specify an error code
that is returned to the user.
2018-07-18 14:04:09 -04:00
026ddad9d8
Remove more unused code
2018-07-18 12:44:27 -05:00
08b53a1ef7
Homogenize GET requests
2018-07-18 12:43:48 -05:00
a2da40a104
refactor endpoint under /v1/modules/
2018-07-18 12:06:25 -05:00
846df018e0
Minor code cleanup. Remove unused methods
2018-07-18 11:51:43 -05:00
64fff449f8
refactor platform/target search
2018-07-18 10:59:46 -05:00
9d2bed2596
Fix grep's prompt rewriting
...
Missed in #9261 .
2018-07-17 21:08:21 -05:00
94297de256
Add grep -C to msfconsole
2018-07-17 20:52:46 -05:00
38daeb1b9f
Fix #10283 , SOUNDTRACK and LOGO refs
...
Some dupe code came in from master. Fixing and refactoring.
2018-07-17 19:36:35 -05:00
6a38b36a45
Land #10283 , SOUNDTRACK and LOGO refs
...
:'(
2018-07-17 19:11:52 -05:00
07203dccc6
Clean up some things
2018-07-17 19:11:26 -05:00
d5ed70417b
bind_named_pipe payload for ruby_smb
2018-07-17 17:46:10 -06:00
ad74ab7cf9
proof of concept searching with query params
2018-07-17 17:29:12 -05:00
39e381049a
Remove unnecessary include
2018-07-17 15:36:23 -05:00
59278aef99
Add command dispatcher for developer commands
2018-07-17 15:07:50 -05:00
7adc178345
Land #10309 , PID check for self-migrate
2018-07-17 14:33:32 -05:00
29f05339a9
Clean up code
2018-07-17 14:33:10 -05:00
00a748a92c
Add tab_complete_directory
2018-07-17 06:29:12 -04:00
dc4e438c04
Add multiple commands' tabs
2018-07-17 06:27:51 -04:00
5d048a6eb2
Use a class variable for auth initialized flag
2018-07-16 18:22:47 -04:00
65c290fa39
Make API token optional on data_services cmd
2018-07-16 16:44:44 -04:00
d5814ae9f6
Use the unpkg hosted versions of SwaggerUI
2018-07-16 15:16:27 -05:00
70104ab25e
Rename request env variables to conform with Rack
2018-07-16 15:04:05 -04:00
f7a4c577d6
Add UserServlet and admin_api scope
2018-07-16 12:56:43 -04:00
4680455041
Implement report_user and password hashing
2018-07-16 12:55:00 -04:00
67721bc616
Refactor strategies to support admin token role
2018-07-16 12:51:41 -04:00
71e25f1494
show error if server.pid == pid
...
This PR adds changes to catch error when `server.pid` and `pid` are the same
2018-07-14 16:32:38 +05:30
4e5ad576b2
Land #10267 , defer bind payload connections until exploit has run
2018-07-13 17:35:27 -05:00
c8891206af
Add vprint_status back to bind_named_pipe
...
I thought it was redundant with the improved handler start message, but
it broke consistency with the other print statements. Fixing.
2018-07-13 17:29:52 -05:00
2c9d85606c
Refactor and add error messages
2018-07-13 16:29:09 -05:00
bf53896aa7
Rex::Compat.getenv
2018-07-14 06:24:04 +10:00
3cec9026ae
Add janky console command to display framework.log
...
Works best with alternate screen enabled...
2018-07-13 06:11:32 -05:00
f5b8b4dd7c
Update send_request_cgi/raw
2018-07-12 23:51:41 -04:00
65627e06e2
Update send_request_cgi/raw
2018-07-12 23:51:18 -04:00
104e4cee2e
Merge branch 'master' into soundtrack_logo_module_refs
2018-07-13 03:01:33 +10:00
147f59836a
Fuel the hype machine
2018-07-12 11:34:09 -05:00
f30c4e0465
Land #10226 , Add code randomization capabilities to Metasploit::Framework::Compiler
2018-07-12 11:20:04 -05:00
e72b873f56
Fire off bind handlers when session_created? runs
...
Also refactor because bind handlers don't use setup_handler.
2018-07-12 10:45:59 -05:00
b8ae4f5d12
Update rspec tests for creds and add stubs
2018-07-11 17:42:55 -05:00
8c350cdcd7
Add protections for nil HTTP responses
2018-07-11 15:45:26 -05:00
adff986908
Land #10287 , Add advanced option to skip WP checks
2018-07-11 14:25:19 -05:00
df2f58fb08
Add WPCHECK (Bool) advanced option to Exploit::Remote::HTTP::Wordpress
2018-07-11 07:09:28 +00:00
ef55803936
[+] Update resource meta command help info
...
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-07-11 13:07:15 +08:00
26c505e336
[+] Update resource meta command help info
...
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-07-11 13:06:33 +08:00
e7ddb6fdf5
Add API docs for logins endpoints
2018-07-10 14:21:19 -05:00
6aa5349513
Add a link explaining the message
2018-07-10 13:25:09 -05:00
f9daabcee3
Add support for SOUNDTRACK and LOGO to module refs
2018-07-10 17:23:07 +00:00
8456c25fff
Add delete endpoint for logins
2018-07-10 11:00:08 -05:00
35f52a129c
Use create_credential when importing XML files
2018-07-10 10:37:46 -05:00
4f3cdd22f0
Allow Python modules to run independently
2018-07-10 10:24:07 -05:00
0dd89bf428
Add standalone runner for external modules
2018-07-10 10:24:07 -05:00
64c38ec6b8
Only `elog` when run inside of Framework
2018-07-10 10:24:07 -05:00
22167eba5c
Make the Python login scanner API more sane
2018-07-10 10:24:07 -05:00
1fddbdb8ef
Specify the `command` option external modules
2018-07-10 10:24:07 -05:00
95e54f497b
Be explicit when there is no CVE assigned to a vulnerability
2018-07-09 18:42:36 -05:00
d3eb71e8e5
Implement invalidate_login
2018-07-09 16:15:40 -05:00
bbc16e1873
Merge branch 'master' into remote_creds_data
2018-07-09 09:49:14 -05:00
85bfca95fd
[+] Fixed meterpreter resource bug
2018-07-09 11:27:30 +08:00
8d135aec39
Implement first pass at deferred payload handling
...
This is most useful for bind payloads, and I initially did just that,
but I've migrated the code to be more generic.
2018-07-06 14:26:31 -05:00
0e75317cfe
Change a typo
2018-07-06 13:30:07 -05:00
ef78d70a00
Land #9356 . Remove ring buffers from command dispatcher.
2018-07-06 13:12:13 -05:00
a60fc3dc00
Fix code based on feedback from Jacob
2018-07-06 00:00:28 -05:00
0b9bc8c24a
Land #10241 , don't call print_error from rex context, use elog instead
2018-07-05 17:28:10 -05:00
77a0b74f76
Add delete option to data_services cmd
2018-07-05 16:40:55 -04:00
8680379875
fix logic bug in handler thread for bind_named_pipe
2018-07-05 10:39:20 -05:00
f0b9b1c113
Add more verbose printing to bind handlers
2018-07-03 19:41:08 -05:00
8a3166e198
Set a default user-agent value
2018-07-03 18:28:35 -04:00
ed34cd8898
Simplify request headers assignment
2018-07-03 17:59:57 -04:00
7dc87e1a9e
Increase read depth for smb pipes
2018-07-03 16:06:42 -05:00
514c0c76d5
Add API token to RemoteHTTPDataService
2018-07-02 18:34:35 -04:00
af43b6ca17
don't call print_error from rex context, use elog instead
2018-07-02 15:19:19 -05:00
0543dfc95c
Land #10217 , keep bind_named_pipe with SMBv1
2018-07-02 14:54:00 -05:00
85dc81a58b
Land #10185 , add SMBv1/2 support in psexec
2018-06-29 17:49:27 -05:00
3b228b0abd
avoid stack overflow on too many empty pipe reads in a row
2018-06-29 17:48:39 -05:00
2beaabb11a
Add dep for GetTickCount
2018-06-29 10:22:07 -05:00
d9b664c86a
Change option name
2018-06-29 00:07:40 -05:00
025a531f6e
Update code style
...
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-06-29 11:15:52 +08:00
52047a6c59
Add switch_spec
2018-06-28 21:21:54 -05:00
5c86b836c4
Add rspec for outputdebugstring and correct a few things
2018-06-28 21:08:15 -05:00
5e02e7a2c8
smb_file_exist check for rubysmb
2018-06-28 18:10:39 -05:00
40ac79ced0
Land #10218 , MS17-010 Windows Embedded Standard 7
2018-06-28 16:11:56 -05:00
a8c6835c64
Handle STATUS_PIPE_EMPTY error
2018-06-28 12:15:43 -05:00
2792d5fb27
call delete implementation from ruby_smb
2018-06-28 12:15:43 -05:00
c06f13b33e
remove superfluous sleeps, simplify logic
2018-06-28 12:15:42 -05:00
4b767efd6c
remove evasion logic from dcerpc read path
2018-06-28 12:15:42 -05:00
b01bd060ee
remove unneeded slashes
2018-06-28 12:15:42 -05:00
055c90c076
fix filename randomization while debugging
2018-06-28 12:15:42 -05:00
b8094aca7a
Combine rescues
2018-06-28 07:59:40 -05:00
1699f352c1
Rescue RubySMB Error
...
Error occurs when scanning OSX SMB server.
2018-06-28 07:06:33 -05:00
9fc670f24f
Implementation of resource command
...
Signed-off-by: WangYihang <wangyihanger@gmail.com>
2018-06-28 18:11:06 +08:00
f742df028b
shitty typos
2018-06-27 20:34:01 -06:00
a5c0881c08
add Windows Embedded Standard 7 support
2018-06-27 19:17:18 -06:00
cec506421d
Add rspec fake_function_collection and update the lib
2018-06-27 18:18:05 -05:00
bbf26c66f6
bind_named_pipe fixed for simpleclient versions param
2018-06-27 16:14:53 -06:00
e17744df8d
Land #10215 , add support for payload estimation for IPv6-specific modules
2018-06-27 16:46:54 -05:00
25b9f97a32
Update cached payload size update to support IPv6
2018-06-27 16:26:41 -05:00
dbb0748c1c
Land #9998 , customizable golden ticket duration
2018-06-27 15:51:56 -05:00
bd7974df98
Land #8999 , make generate and msfvenom great again
2018-06-27 15:10:52 -05:00
dcaa623075
make random compiling work
2018-06-27 00:09:04 -05:00
823647fbe1
Add compile_random_c func && support optional func collection
2018-06-25 16:50:05 -05:00
2fd0d797ac
psexec smb2 support
2018-06-25 15:06:23 -05:00
9806ee327a
Fix error when load options from persist file.
2018-06-25 05:50:06 -04:00
0145744255
Process persistent job when msf start.
2018-06-25 05:32:17 -04:00
2802f17cd5
Add command persist to make job persistent after msf restart.
2018-06-25 05:30:49 -04:00
ead71df32b
Add config file for persistent job
2018-06-25 05:29:22 -04:00
90bc7d2294
Update randomizer for progress
2018-06-22 18:22:29 -05:00
f125fd62c8
Add authentication to protected endpoints
2018-06-22 17:14:45 -04:00
f38e5af0bf
Use external style sheet
2018-06-22 15:38:17 -04:00
c0717d9306
Add MSF REST web service authentication support
2018-06-22 15:09:36 -04:00
bd77273dc0
Land #10155 , Improve #sec_to_s in Rex::ExtTime
2018-06-21 16:45:22 -05:00
6dafb13f28
Module metadata cleanup
2018-06-21 15:10:47 -05:00
8f5ad7c1cb
Add CRandomizer
2018-06-21 14:33:04 -05:00
e42c695baf
Add CRandomizer (WIP)
2018-06-21 10:50:39 -05:00
e584732a11
Land #10151 , add robustness when stdapi is unavailable
2018-06-20 23:54:55 -05:00
0820268d8a
Improve rank handling with shim logic
2018-06-19 16:46:20 -05:00
9545bac809
Rename remote_exploit_generic template
...
Dropping "generic" from the name. I initially had some reservations
about leaving it in, and after discussion with @acammack-r7, we've
decided it adds nothing useful.
2018-06-19 11:43:56 -05:00
781478b283
Document some things
2018-06-19 11:20:15 -05:00
02384371c4
Add remote_exploit_generic template
2018-06-18 13:29:52 -05:00
f0caa1cef5
Land #10150 , Fix typos and spacing
2018-06-18 11:13:59 -05:00
2ded48a510
Merge branch 'master' into remote_creds_data
2018-06-15 10:26:10 -05:00
0ba319bf56
More handling of nil private, publics, and origins
2018-06-14 16:20:13 -05:00
df9ddebde6
Land #10124 , Add tab completion of values in `set` command
2018-06-14 16:16:24 -05:00
55c585aeb7
Support creds without public, private, or origin
2018-06-14 15:42:54 -05:00
c52b1f3a8d
Land #10141 , background meta command in cmd shells
2018-06-14 15:33:16 -05:00
9aa3d1ccdb
Dont use copy/pastad method in cisco and juniper libs
2018-06-14 14:44:56 -05:00
0d4b2afca7
Add create_credential_and_login in report.rb
2018-06-14 13:30:46 -05:00
9f2f61c481
Implement create_credential_and_login in the dataproxy
2018-06-14 13:28:03 -05:00
87b92316b5
Land #10162 , tab completion for audio output
2018-06-14 14:56:23 +08:00
398a490617
[+] Fix conflicts
2018-06-14 12:09:37 +08:00
85f02002c0
[+] Fix syntax problems
2018-06-14 12:06:59 +08:00
58785d69f8
Fix bug of CTRL+D, thanks timwr
2018-06-13 23:18:23 +08:00
750f4d020f
[+] Fix CTRL+D Bug
2018-06-13 23:15:08 +08:00
9dec955f1a
Correct space movement in lib/anemone/core.rb
2018-06-13 19:16:35 +09:00
9aaa7ce142
Enable cracked credential creation via data proxy
2018-06-12 16:00:02 -05:00
c3c6bc19da
Land #10059 , CVE-2018-1111 exploit
2018-06-12 15:02:06 -05:00
f26d3ffff5
Fix bugs with adding remote creds
2018-06-12 12:00:51 -05:00
fbf4b9fe87
Rework play command to support tab completion
2018-06-12 08:30:54 +00:00
0c891e972f
Land #10066 , implement AudioOutput api from channel
2018-06-11 16:20:11 +08:00
58cc2c1ff9
🐛 fix a grammatical error
2018-06-10 10:40:12 +08:00
e67931950e
Fix spacing of last method in lib/anemone/core.rb
2018-06-09 19:15:44 +09:00
2bdc8803cb
add zero seconds handling
2018-06-08 22:21:26 -04:00
679a225462
improve #sec_to_s method implementation
...
Using the following implementation yields roughly ~1.5x speedup in my tests.
2018-06-08 22:09:03 -04:00
1710957d6e
Only add ports when they were specified
2018-06-08 17:16:24 -05:00
514f991768
Fix bug when use command load and migrate
2018-06-08 04:06:38 -04:00
ac5be1fe1e
Fix typos in lib/rbmysql/charset.rb
2018-06-08 11:32:06 +09:00
beecafb14d
Update AuthBrute to use data proxy
2018-06-07 16:50:30 -05:00
83e9af5fb5
Dont skip origin filtering if there are no login entries
2018-06-07 11:41:40 -05:00
3f5373869d
Include ports in creds opts
2018-06-07 11:12:49 -05:00
e52ee80a58
🐛 Fix wrong order
2018-06-07 19:44:38 +08:00
b9def85d71
[+] Add help menu
2018-06-07 10:45:24 +08:00
87e2c6af7c
⭐ Add help menu of background and sessions meta command
2018-06-07 10:17:22 +08:00
939a2f4cff
[-] Remove useless commented lines
2018-06-06 13:17:56 +08:00
66c2c3a78b
[-] Remove useless commented lines
2018-06-06 13:14:38 +08:00
2114dfa4ff
Retrieve the service manually instead of using AR
2018-06-05 16:35:56 -05:00
64cb7dfb3c
Include origin in remote requests and display it
2018-06-05 14:59:11 -05:00
26e2ea072d
✨ Implementation of sessions meta command
2018-06-05 14:56:55 +08:00
28f5e8e5ad
Implementation of background meta command (Not prefect)
2018-06-05 11:46:31 +08:00
ea6540358c
Look up related service manually
2018-06-04 14:10:26 -05:00
2cc73abf4e
merge master
2018-06-04 08:13:07 -05:00
e9659adc6a
Fix audio_path display
2018-06-04 14:46:31 +08:00
4adea66318
Fix quote usage
2018-06-04 14:46:30 +08:00
4b2601bad3
Fix indentation and quote usage
2018-06-04 14:46:30 +08:00
f31676074a
Print usage if audio_path is nil
2018-06-04 14:46:30 +08:00
ff1d579c6a
Cleanup module
2018-06-04 14:46:30 +08:00
a5949f574e
Implement AudioOutput API
2018-06-04 14:46:30 +08:00
20c9190aca
Land #10093 , Add Winsock2 API for Metasploit::Framework::Compiler::Windows
2018-06-02 14:35:21 -05:00
b0392ae6ba
Land #10029 , msfvenom quality of life improvements
2018-06-01 18:35:11 -05:00
f28c4fc01e
Address final review comments
2018-06-01 18:33:07 -05:00
d6eaa4a7c7
Search for creds at the query level
2018-06-01 17:00:56 -05:00
c6a5a139ae
Look up the core object before creating a login
2018-06-01 12:54:48 -05:00
4c019062a5
Land #10095 , tilde expansion for resource command
2018-06-01 12:27:01 -05:00
5ba8467933
Updated code based on feedback...again
2018-06-01 12:55:37 +01:00
cfb3c4d3ad
Ignore case when use tab to complete
2018-06-01 07:37:23 -04:00
71a1e2ad9c
Fix bug in function tab_complete_option
2018-06-01 04:10:32 -04:00
41de44bfdc
Make resource file checks more robust
...
Correct code style
2018-05-31 21:26:24 -04:00
706d8e5472
Add tilde expansion to resource tab completion
2018-05-31 21:09:57 -04:00
8c1a4a8a20
Use the proxy for create_credential_login calls
2018-05-31 17:03:01 -05:00
62e56ce844
Change condition-less elsif to else
2018-05-31 17:42:50 -04:00
d1e0bcf946
WIP: add endpoint for Credential::Login
2018-05-31 15:33:11 -05:00
9449a9231a
Fixed bugs and addressed review comments
2018-05-31 15:06:17 -05:00
f11c0d061d
merges master
2018-05-31 09:13:09 -05:00
a8f19df4e6
Pass params through query string on creds GET
...
Also updated API docs to use correct params
2018-05-30 16:23:37 -05:00
829e1c306a
Land #10102 , SOCKS5 updates for BIND, parsing specs, refactoring
2018-05-30 16:15:53 -05:00
5e968529bf
Land #9976 , Store non-nil linux enum_network loot
2018-05-30 15:33:39 -05:00
5cafd8908e
Always return empty file on EOF meterpreter read
2018-05-30 15:26:34 -05:00
224122f805
Land #10094 , Improve network interface support for LHOST
2018-05-29 23:07:55 -05:00
e69c51132d
Land #10083 , Add Msf::Post::OSX::Priv mixin
2018-05-29 23:01:36 -05:00
1987dcea56
Land #10096 , Re-add RHOSTS option to scanner mixin
2018-05-29 23:00:38 -05:00
7bcf28440f
Merge branch 'local_api_docs' into remote_creds_data
2018-05-29 12:52:15 -05:00
f8317d3ae2
Address code review comments
...
- Don't document unsupported session POST
- Hide unimplemented loot/id and session/id GET methods
- Fix URL for msf doc
- Add missing workspace parament to vuln-attempts
- Remove unneccessary code for hosting the doc UI
2018-05-29 12:24:53 -05:00
3948a0a62e
Use JSON instead of PSTORE for module metadata
2018-05-29 10:50:33 -05:00
acf4c2bd08
Merge branch 'master' into local_api_docs
2018-05-29 10:37:27 -05:00
d24607e1ea
add port to keywords
2018-05-27 22:41:34 +05:30
da2666581b
Alter the socks5 bind request handling
2018-05-26 19:51:14 -04:00
c85cc9ad9e
Refactor SOCKS5 TcpRelay and add packet tests
2018-05-26 13:46:00 -04:00
f17140bdc3
fix nil error in HttpTrace
2018-05-26 10:04:26 +02:00
a21cc9c5bc
Refactor core dispatch methods and error handling
2018-05-25 20:14:03 -04:00
49341fc87d
Add credential authentication support to socks5
2018-05-25 20:14:03 -04:00
9b5ae34896
Drop udp associate support and cleanup logging
2018-05-25 20:14:03 -04:00
1de5a464e7
Fix reply status codes and domainname addresses
2018-05-25 20:14:03 -04:00
6859856101
Refactor the socks5 code into multiple files
2018-05-25 20:14:03 -04:00
7f9fe971cb
Add initial udp associate support
2018-05-25 20:14:03 -04:00
04bec0bdf0
Progress on the socks5 proxy module
2018-05-25 20:14:02 -04:00
6fa0831bcb
Start the socks5 backend
2018-05-25 20:14:02 -04:00
a595dff6a8
Add remote creds update
2018-05-25 16:02:25 -05:00
835281c7cc
Land #9979 , Add inactive list option to sessions command
2018-05-25 03:28:22 -05:00
81673c37da
Land #10088 , Fix session event when connected to remote data service
2018-05-25 03:00:51 -05:00
770b9fa209
add RHOSTS common option to nmap and scanner mixins
2018-05-24 21:31:36 -05:00
c18c91ebcd
Add RHOSTS general option to Opt module
2018-05-24 21:31:36 -05:00
3d6d55e087
Expand tilde in resource file pathname
2018-05-24 21:06:57 -04:00
ebf20204ca
Refactor return value for normalize
2018-05-24 18:49:36 -05:00
3343bc3aeb
Add note about interface to LHOST description
2018-05-24 18:39:02 -05:00
3865858114
Support IPv6 by interface
...
I do believe the list is already sorted IPv4 first.
2018-05-24 18:18:03 -05:00
51a84fbe66
Fix regression in option validation
...
Option validation relied on the value being false, not nil, even though
normalizing a string to a Boolean doesn't make sense. Normalizing to an
empty string seems to work fine.
2018-05-24 18:15:34 -05:00
74669eca80
Revert nil to false because of select
...
Oops.
2018-05-24 16:53:46 -05:00
9148ab4bb2
Refactor OptAddressLocal logic
...
@bcoles +1
2018-05-24 16:05:24 -05:00
6f1e75e097
Remove loopback restriction
...
It's occasionally useful, and we already warn when setting it.
2018-05-24 15:44:32 -05:00
a370270e19
Add tab completion for network interfaces
2018-05-24 15:30:16 -05:00
388d1b646b
Add OptAddressLocal#interfaces
2018-05-24 15:30:09 -05:00
da3df23f03
Fix Socket#getifaddrs with ::
...
Rex::Socket#getifaddrs doesn't exist.
2018-05-24 14:53:41 -05:00
3e1a5f7b1a
Merge branch 'local_api_docs' into remote_creds_data
2018-05-24 14:46:43 -05:00
cab2daf4ed
Add Winsock2 API for Metasploit::Framework::Compiler::Windows
2018-05-24 11:57:41 -05:00
86a5b951aa
Land #9990 , add SOCKS5 proxy support
2018-05-23 17:31:09 -05:00
add51a6741
Remove OpenStruct
2018-05-23 18:05:48 -04:00
a107336ad5
Move cred delete to DBManager
2018-05-23 16:47:56 -05:00
7ec5c06738
Change kind_of? to is_a?
2018-05-23 17:40:52 -04:00
2c92e85494
Fix report_session_event with remote data service
...
Modify DBManager method to allow session ID retrieval from a Hash
2018-05-23 15:05:22 -04:00
f32020f255
include some training wheels for users
2018-05-23 13:37:53 -05:00
4189819eaf
Removing "--"
2018-05-23 18:26:01 +01:00
c9dad7d7c4
unify api usage
2018-05-23 12:12:27 -05:00
c8b54cef22
add inline datastore parsing to aux/post modules
2018-05-23 12:12:27 -05:00
fbbfa0e0c3
teach exploit how to parse datastore options too
2018-05-23 12:12:27 -05:00
d8e5cc60bb
add inline datastore setting for msfvenom/generate commands
2018-05-23 11:48:11 -05:00
c52e96bfa7
swizzle parameters in generate to match msfvenom
2018-05-23 11:48:11 -05:00
b83ee106f7
Merge branch 'master' into local_api_docs
2018-05-23 10:06:12 -05:00
8a72e7181a
Added username/password-based authentication
2018-05-22 20:42:23 -05:00
72efe66403
Refactored for better logging, IPv6 support, and prep for auth
2018-05-22 18:57:00 -05:00
45481f26b6
Add Msf::Post::OSX::Priv mixin
2018-05-22 22:25:39 +00:00
70236c6424
Land #10081 , unnecessary class definition fix
2018-05-22 17:25:17 -05:00
0472b9df3f
Land #10024 , Fix find_or_create_* methods for remote data service
...
This PR updates the find_or_create_* methods associated with each model to
no longer just proxy to the report_* model. It now performs a lookup through
the DataProxy and returns the found object if it exists, or creates a new
record if needed.
2018-05-22 17:08:46 -05:00
b14e354b25
Land #10048 , Make shell and meterpreter sessions consistent with cmd_exec
2018-05-22 21:26:47 +00:00
cf8d0bd172
Remove unnecessary class declaration
2018-05-22 12:25:04 -04:00
07fbbca9f4
Land #10074 , Fixed bug in module cache
2018-05-21 18:01:46 -05:00
4ecc1ff551
Modify loots, notes and services search methods
...
Modify loots and services method signatures. Remove workspace as a
positional argument, move into opts hash argument and update callers.
Made host search for these models more uniform. Update find_or_create
methods to handle difference in opts between find and report
operations.
2018-05-21 17:37:51 -04:00
75562e2bbc
Land #10044 , Fix is_system? in Msf::Post::Windows::Priv for non-English
...
Merge branch 'land-10044' into upstream-master
2018-05-21 14:24:26 -05:00
1b7e613080
Fixed bug in module cache
2018-05-21 14:18:43 -05:00
e4038af79e
Merge branch 'master' into local_api_docs
2018-05-21 13:44:34 -05:00
f2549a1a83
Make domain name conditional
2018-05-19 09:53:06 -04:00
164f3ef48d
Add CVE-2018-1111 exploit
2018-05-18 12:47:08 -04:00
37f1e44a12
Land #10009 , Add initial check support to external modules
2018-05-18 09:31:31 -05:00
e5c763f6bf
Add support for stdio.h, stdlib.h, and String.h
2018-05-17 14:40:49 -05:00
6b1113d38d
Fix incorrect rescue argument
2018-05-17 12:46:41 -04:00
9ad31bf70f
Land #10037 , warning for Mettle stage encoding
2018-05-17 11:01:01 -05:00
1d6fae5db6
Drop "currently," since we're including stageless
2018-05-17 10:30:43 -05:00
0cd085fb8b
Try a better way with MettleConfig
...
This will obviously affect stageless payloads, but that's okay, since
there's no stage! Thanks to @mkienow-r7 for the nudge. <3
2018-05-17 10:14:52 -05:00
0b6c307c34
Land #10002 , Add password reporting API to external modules
2018-05-17 09:04:05 -05:00
9eb5700fcb
Make shell and meterpreter sessions consistent with cmd_exec
...
There's no need for different calls in modules, let's remove the need
for cargo culting (if there was one to begin with).
2018-05-17 08:02:34 -05:00
79527809e2
Fix is_system? in Msf::Post::Windows::Priv for non-English systems
...
Switch to comparing the SID string, instead of comparing the resolved user name
2018-05-17 10:08:56 +02:00
da07113194
Land #10007 , add C interface for building Windows shell code (metasm-backed)
2018-05-16 22:58:32 -05:00
7e34f27004
Land #9246 , Support RHOSTS for exploit modules
2018-05-16 14:40:25 -05:00
84a8f2100b
Merge branch 'master' into local_api_docs
2018-05-16 13:27:28 -05:00
30dcb78eb5
Land #10042 , reload_lib improvements
2018-05-16 12:53:39 -05:00
365289b19e
Add janky regex check if we're reloading a module
2018-05-16 12:03:54 -05:00
5addc54b4b
Refactor reload_lib and add multiple file support
2018-05-16 11:23:16 -05:00
54908021aa
Update CommandDispatcher for target names, too
2018-05-16 10:39:22 -05:00
2e002b24a0
Update Msf::Simple::Exploit for targeting by name
...
And accidentally add error checking.
2018-05-16 10:35:17 -05:00
b79b53c438
Land #9962 , tab-complete target options
2018-05-15 16:41:55 -05:00
fc079138fd
Service API doc second pass
2018-05-15 14:34:15 -05:00
ac2f7b96f5
Added IPv6 support
2018-05-15 12:07:54 -05:00
66c0610e2a
Add a check to make sure there is a valid encoder, else quit
2018-05-15 15:37:27 +01:00
73393b236c
Add missing data service stub methods
2018-05-14 17:42:52 -04:00
f482995f74
Minor changes to be similar to other servlets
2018-05-14 17:40:37 -04:00
b3a1f2531b
Update to use new hosts DataProxy method signature
2018-05-14 17:38:49 -04:00
4b13fbb5a3
Add workaround for race condition in report_host
...
Modify to use DBManager methods rather than DataProxy
2018-05-14 17:36:33 -04:00
262e791dcc
Make find_or_create_host opts more consistent
...
Modify to use DBManager methods rather than DataProxy
2018-05-14 17:35:18 -04:00
25fdc02902
Modify to use find_or_create_host
2018-05-14 17:29:57 -04:00
09a7396ad5
Remove remote data service find_or_create method
2018-05-14 17:20:58 -04:00
02566071be
Implement find_or_create DataProxy methods
2018-05-14 17:09:20 -04:00
ac03a0723a
Factor external check shim into common template
2018-05-14 11:32:22 -05:00
1d168a84e5
Add 'unknown' fallback check status
...
`check` is not a fan of `fail_with`, so fallback when the external
module exits unsuccessfully.
2018-05-14 11:00:40 -05:00
3ce05e54c6
Added DNS resolution support
2018-05-14 10:55:53 -05:00
e0fb1365e6
Add `soft_check` capability to external modules
...
A `soft_check` is something designed to evaluate the vulnerability of a
remote system without exploiting it (ex. banner checks, non-intrusive
fingerprinting).
2018-05-11 12:42:31 -05:00
b1e767298f
Update doc
2018-05-11 10:30:15 -05:00
ad0ba4f402
Update to update compile_c_to_file argument
2018-05-11 10:29:24 -05:00
6cd59faa69
Namespace update
2018-05-11 10:27:54 -05:00
76865732c8
Namespace update
2018-05-11 10:26:59 -05:00
82c8138de0
Update naming and license
2018-05-11 10:08:16 -05:00
d3f50f421d
Update regex
2018-05-10 22:39:49 -05:00
780b956dd1
Return results of external module runs
...
This will allow us to grab check results or more interesting things in
the future, if we decide that modules can have return values for more
types of things. Or this may go away and checks will use the reporting
interface like everything else.
2018-05-10 18:29:14 -05:00
147471fb79
Add constant for reverse check code lookup
2018-05-10 18:24:57 -05:00
caf07116db
Add compiler support capable of including headers.
...
This is basically a wrapper for metasm, but supports built-in
headers so that as an user, I don't have manually do this
every time I compile something with metasm.
2018-05-10 00:33:01 -05:00
271a2344db
Refactor external module API to be more reliable
...
Also:
Grabs exit status
Less boilerplate required for modules
2018-05-09 13:30:13 -05:00
08b81a418f
Customization of Golden Ticket Duration
...
- Post exploitation module updated
- Kiwi extention updated
Using mimikatz /startoffset and /endin params
Duration in hours, default already 10 years
2018-05-09 17:44:55 +02:00
4cf834d670
restore a few more mixin aliases for now
2018-05-08 17:10:01 -05:00
25177ef9dc
add local CONST definition
2018-05-08 17:08:05 -05:00
40f1bb223d
Revert deleted code from #9986 . See issue #9993
2018-05-08 16:40:49 -05:00
0f33bd08c7
Update swagger UI files
2018-05-08 12:26:46 -05:00
a72ab10777
Add initial Python library for login scanners
2018-05-07 17:42:41 -05:00
70be536b36
Land #9939 , add remote data service rspec support
2018-05-07 18:07:02 -04:00
ee9da87f1e
Add shim for external login scanner modules
2018-05-07 15:05:44 -05:00
ee1059312f
Allow access to userpass_interval in AuthBrute
2018-05-07 14:41:48 -05:00
02849bcfd0
Land #9986 , initial ruby_smb simple client integration
2018-05-07 14:02:22 -05:00
d3652c62d6
Land #9948 , optimize, then delete unused code (the ultimate optimization)
2018-05-07 10:19:15 -05:00
d3e6e93d6a
the fastest code is that which does not exist
2018-05-07 10:13:38 -05:00
524661617c
Allow DataStore to nest Arrays arbitrarily deep
2018-05-07 09:51:40 -05:00
3e7e1e59df
style updates, expand constants
2018-05-07 00:24:38 -05:00
8463d94891
remove mostly unused shortcuts
2018-05-07 00:24:38 -05:00
a9094d6b97
style updates
2018-05-07 00:24:38 -05:00
534d05ff44
simpleclient versions option
2018-05-07 00:24:38 -05:00
ff202a5f5b
Simpleclient/SMB2 support
2018-05-07 00:24:38 -05:00
d54992674f
Response code, Write fix
2018-05-07 00:24:38 -05:00
f2cf4fd1dc
remove case for open smb file packet field
2018-05-07 00:24:38 -05:00
960c733f16
Remove references to TreeId and FileID
2018-05-06 11:35:54 -05:00
5f7b050173
Get psexec and enumshares to stable state
2018-05-06 11:27:11 -05:00
e25a718861
Simplify
2018-05-06 11:27:11 -05:00
e9b78095be
Psexec works
2018-05-06 11:27:11 -05:00
a9019585fe
Replace simpleclient's client with ruby_smb client
2018-05-06 11:27:11 -05:00
5f01b6abc9
Land #9977 , fix crash during x64 linux reverse_tcp stager retry
2018-05-05 17:13:00 +08:00
4216d06ffb
fix #9963 , update x64 linux reverse_tcp stager cached size
2018-05-05 16:30:45 +08:00
5322a682f6
Fix exception in verbose mode sessions listing
2018-05-05 00:50:07 -04:00
cd38f56924
Add sessions cmd option to list inactive sessions
2018-05-05 00:42:22 -04:00
06e178cba2
Add functionality to retrieve sessions
2018-05-05 00:39:56 -04:00
7c67d2b0b4
Add external module API for reporting passwords
2018-05-04 16:24:57 -05:00
Erin Bleiweiss
Josh Hale
James Barnett
Green-m
William Vu
Brent Cook
Sonny Gonzalez
Wei Chen
Jeffrey Martin
Adam Cammack
Shelby Pace
bwatters-r7
Jacob Robles
Matthew Kienow
UserExistsError
Auxilus
Brendan Coles
WangYihang
asoto-r7
zerosum0x0
Tim W
gazayas
Eliott Teissonniere
Kent 'picat' Gruber
christopher lee
Eliott Teissonniere
g0tmi1k
Spencer McIntyre
Christian Mehlmauer
Brent Cook
Kevin Kirsche
Clément Notin
Hypnoze57
dmohanty-r7