2fab8f5d2a
Fix Spaces at EOL
2017-08-07 16:39:16 -04:00
663824de85
Fix indentation, fix how locations adds values and remove unnecesary code
2017-08-07 13:16:27 -04:00
46ca543712
add docs for Android APK injection
2017-08-07 15:56:48 +08:00
f71ca924c4
Land #8801 , Support padding on the CAN bus.
2017-08-06 21:03:28 -05:00
ed2286c637
Fix references to multi_console_command
2017-08-06 18:58:38 -05:00
e1576154fb
Document the new padding option.
2017-08-06 18:34:56 -05:00
fe2962b2cb
Single char args winbf
2017-08-06 18:12:45 -05:00
204d28aed7
Single char args scheduleme
2017-08-06 18:10:31 -05:00
7cb79e8714
Single char args packetrecorder
2017-08-06 18:09:09 -05:00
6b46becf4e
Single char args netenum
2017-08-06 18:07:34 -05:00
cfd377fbd4
Support padding on the CAN bus.
...
Also use a hash for passing options around instead of individual params.
2017-08-06 18:05:59 -05:00
b2005e761d
Single char args multiscript
2017-08-06 17:58:13 -05:00
6067e9423e
Single char args multi_meter_inject.
2017-08-06 17:57:29 -05:00
d0419cdfb8
Single char args multicommand
2017-08-06 17:52:07 -05:00
40313bf623
Single char args multi_console_console_command
2017-08-06 17:46:05 -05:00
b8d794cc37
Identify systemd-nspawn containers in checkcontainer
...
Check the value of the "container" environment variable:
- "lxc" indicates a LXC container
- "systemd-nspawn" indicates a systemd nspawn container
2017-08-06 00:46:09 -05:00
9858147dae
Add module to detect Docker and LXC containers
...
Detect Docker by:
- Presence of .dockerenv file.
- Finding "docker" in /proc/1/cgroup
Detect LXC by:
- Finding "lxc" in /proc/1/cgroup
2017-08-05 18:59:36 -05:00
289f03241b
add module documentation
...
add module docs for the new smbloris DoS
2017-08-04 16:10:44 -05:00
15cc2a9dc0
removedthreading stuff, tried keepalives
...
still seem to be topping out at
about 1.3GB allocated
2017-08-04 15:28:01 -05:00
83cd0bc977
Bump version of framework to 4.15.6
2017-08-04 10:07:09 -07:00
7ce813ae6e
Land #8767 , Add exploit module for CVE-2017-8464
...
LNK Code Execution Vulnerability
2017-08-03 17:10:16 -05:00
da3ca9eb90
update some documentation
2017-08-03 17:09:44 -05:00
e73ffe648e
tried adding supervisor model to smbloris
...
tried to overcome issues with slowdown
around the 4500 connection mark by using the
supervisor pattern to terminate the threads on
the backend. this seems to get us further, but we still
hit a slowdown and the allocations die out before
we hit any serious usage
2017-08-03 14:19:35 -05:00
347b79e5f2
Land #8643 , pretty printing for aux/post fail_with
2017-08-03 12:07:55 -05:00
c9da2d56b9
first pass at SMBLoris DoS module
...
the first pass on the DoS module for SMBLoris
running into issues with it topping out around 600MB
2017-08-03 11:32:57 -05:00
81500f7336
Updated Mutex code, reduce the number of times the payload is executed
2017-08-03 10:26:55 -05:00
fcb939c717
Land #8792 , ruby 2.2 compatibility
2017-08-03 16:08:20 +02:00
ddd841c0a8
code style cleanup + add automatic targeting based on payload
2017-08-03 00:27:54 -05:00
b62429f6fa
handle drive letters specified like E: nicely
2017-08-03 00:27:22 -05:00
a12f3c4c23
remove if => unless suggestions from rubocop
2017-08-03 00:26:04 -05:00
c3bc27385e
Added source code for DLL template
2017-08-02 15:47:22 -05:00
46ec04dd15
Removed This PC ItemID & increased timeout in WaitForSingleObject
...
Remove the This PC ItemID to bypass (some) AV.
Timeout for WaitForSingleObject is set to 2,5s. After this timeout a
mutex is released allowed a new payload to be executed.
2017-08-02 15:47:22 -05:00
e6e94bad4b
Replace CreateEvent with CreateMutex/WaitForSingleObject
...
Time out is set to 1500 ms to prevent running the payload multiple times
2017-08-02 15:47:22 -05:00
e51e1d9638
Added new DLL templates to prevent crashing of Explorer
2017-08-02 15:47:21 -05:00
67dddd2402
Typo reported by @nixawk
2017-08-02 15:47:21 -05:00
3229320ba9
Code review feedback from @nixawk
2017-08-02 15:46:51 -05:00
565a3355be
CVE-2017-8464 LNK Remote Code Execution Vulnerability
...
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.
This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
2017-08-02 15:46:30 -05:00
24d323d4ed
remove more instances of positive?
2017-08-02 12:47:34 -05:00
6f97e45b35
enable Ruby 2.2 compat checks in Rubocop, correct multi/handler compat
2017-08-02 06:18:02 -05:00
ff189147e7
rb-readline made a release, use 0.5.5 instead of git HEAD
2017-08-02 06:09:27 -05:00
54ded4300e
Land #8791 - Update Accuvant refs to point to Optiv
2017-08-02 13:26:52 +10:00
8989d6dff2
Modified Accuvant bog posts to the new Optive urls
2017-08-02 13:25:17 +10:00
bb2304a2d1
Land #8769 , improve style, compatibility, for ssh modules
2017-08-01 21:43:32 -05:00
1d75a30936
update style for other ssh exploits
2017-08-01 16:05:25 -05:00
390f4d52db
add ed25519 support for net-ssh
2017-08-01 16:05:25 -05:00
e27b0c7589
remove conditional assignment warning
2017-08-01 15:19:13 -05:00
8c9fb1d529
remove unneeded netssh checks in modules
2017-08-01 14:46:10 -05:00
4395f194b1
fixup style warnings in f5 bigip privkey exploit
2017-08-01 14:45:05 -05:00
176c54fcae
disable a couple of unwise rubocop warnings
2017-08-01 14:44:22 -05:00
f1b07b5c6d
Add send_cmd_data function from /lib/metasploit/framework/ftp/client.rb to class
2017-08-02 01:14:08 +05:30
Agora Security
Tim
Pearce Barry
Josh Hale
james
David Maloney
Metasploit
Brent Cook
William Vu
Yorick Koster
Christian Mehlmauer
OJ
TC Johnson
Tabish Imran