infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
43,455 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

43455 Commits (3c1abe6437228c6116f56da3d94b489ecca16749)

Author SHA1 Message Date
Tim ac6495a7eb formatting 2017-08-21 12:35:13 +08:00
Tim e1a7494724 linux payloads should default to /bin/sh 2017-08-21 12:25:27 +08:00
Tim 9768a89bcd aarch64 staged shell 2017-08-21 11:14:42 +08:00
RageLtMan 7ab097a784 Unix cmd versions of R payloads 
Use R to connect back from a unix shell.

Notes:
  We need to DRY this up - tons of copy pasta here, when we should
  really be instantiating the language specific payloads and just
  wrapping them with CLI execution strings.

Testing:
  None, yet, just did the quick port to wrap this and push to CI
  now that rex-arch #4 is in.
 2017-08-20 21:25:57 -04:00
Brent Cook 2660a5b558 add missing osx specs 2017-08-20 19:25:22 -05:00
Brent Cook f961495860
Land #8625, Remove OpenSSL from Windows Meterp, packet header changes, and TLV packet encryption 2017-08-20 19:13:51 -05:00
Brent Cook 851c0f4373
disable metasploit-aggregator while we sort out crypttlv updates 2017-08-20 19:05:10 -05:00
Brent Cook b864083cbd
update payload sizes 2017-08-20 19:03:53 -05:00
Brent Cook 20b6f37fb8 bump payloads with crypttlv format awareness 2017-08-20 19:01:42 -05:00
Metasploit ca7d481658
Bump version of framework to 4.16.0 2017-08-20 16:57:48 -07:00
Brent Cook 5e8c2200ac Merge branch 'master' into land-8625-crypttlv2 2017-08-20 18:54:51 -05:00
Brent Cook eabe4001c2
Land #8492, Add IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution module 2017-08-20 18:48:22 -05:00
Brent Cook cbd7790e95
Land #8751, Add Asterisk Gather Credentials auxiliary module 2017-08-20 18:34:27 -05:00
Brent Cook 07ee33578d
Land 8804, tidy up mdaemon credential extraction module 2017-08-20 18:26:56 -05:00
Brent Cook 85df247c84 DRY up module, fix remaining style violations 2017-08-20 18:24:41 -05:00
Brent Cook 367c760927
window move is now directly in the template 2017-08-20 17:48:59 -05:00
Brent Cook e734a7923a
Land #8267, Handle multiple entries in PSModulePath 2017-08-20 17:44:30 -05:00
Brent Cook d5a5321a8c Merge remote-tracking branch 'upstream/pr/8299' into land-8267- 2017-08-20 17:43:56 -05:00
Brent Cook 1225555125
remove unnecessary require 2017-08-20 17:37:42 -05:00
Brent Cook 840c0d5f56
Land #7808, add exploit for VMware VDP with known ssh private key (CVE-2016-7456) 2017-08-20 17:36:45 -05:00
Brent Cook 88f39d924b
Land #8816, added Jenkins v2 cookie support 2017-08-20 14:58:38 -05:00
Brent Cook f7dc831e9a
Land #8799, Add module to detect Docker, LXC, and systemd-nspawn containers 2017-08-20 14:45:57 -05:00
Brent Cook aa797588e8
Land #8847, Look for sp_execute_external_script in mssql_enum 2017-08-20 14:32:35 -05:00
Brent Cook 2eba188166
Land #8789, Add COM class ID hijack method for bypassing UAC 2017-08-20 13:57:17 -05:00
Brent Cook 9f3dbba17a
Land #8854, fix scheduleme meterpreter script 2017-08-20 13:54:41 -05:00
Brent Cook 05011930b1
Land #8861, link updates 2017-08-20 13:34:41 -05:00
Brent Cook b9b779da9e update references to sourceforge ML 2017-08-20 13:23:54 -05:00
Brent Cook 6afd90b7f0
Land #8848, fix extra sleep on linux x86 stager 2017-08-19 22:12:19 -05:00
Brent Cook e8ab518d76
Land #8853, Revert passive stance for multi/handler 2017-08-19 22:04:26 -05:00
RageLtMan 0145fc3972 payload/r.rb and UUID update 2017-08-19 06:43:28 -04:00
RageLtMan d76616e8e8 Reverse and bind shells in R 
Initial implementation of bind and reverse TCP shells in R.
Supports IPv4 and 6, provides stateless sessions which wont change
the cwd when cd is invoked since each command invocation actually
spawns a pipe to execute that specific line's invocation.

R injections are common in academic software written in a hurry by
students or lab administrators. The language runtimes are also
commonly found adjacent to valuable data, and often used by teams
which are not directly responsible for information security.

Testing:
  Local testing with netcat bind and rev handlers.

TODO:
  Add the appropriate platform/language library definitions
 2017-08-19 06:12:05 -04:00
Franci Šacer 46852e8ab0 Update scheduleme.rb 
Fixed a bug introduced in commit #aa03db1f5c4a694d258879ccdf0dcaaf7f576355
 2017-08-18 22:27:26 +02:00
William Webb 6ecdb8f2cc
Land #8852, convert quest_pmmasterd_bof to cmd_interact/find 2017-08-18 13:20:17 -05:00
William Vu 66a4ea4f0b Revert passive stance for multi/handler 
It's gotten to be a bit annoying. ExitOnSession=false was good, but this
was too much. Typing run -j isn't difficult.
 2017-08-18 13:16:12 -05:00
Metasploit 95824ce132
Bump version of framework to 4.15.8 2017-08-18 10:03:23 -07:00
William Vu 98ba6719e9
Land #8851 s/unknow/unknown/ig 2017-08-18 10:38:50 -05:00
William Webb a40c7457f9
Land #8843, Update documentation in connect.md 2017-08-18 10:35:37 -05:00
h00die dc358dd087 unknow to unknown 2017-08-18 11:33:48 -04:00
tkmru 74f89857d8 fix extra sleep on linux x86 stager 2017-08-18 15:20:35 +09:00
William Vu d659cdc8f6 Convert quest_pmmasterd_bof to cmd_interact/find 2017-08-18 00:19:09 -05:00
OJ 9aba360f2b
Land #8846 - Fix Youtube URLs 2017-08-18 10:47:42 +10:00
Brent Cook ea5370486f minor unused variable fixes 2017-08-17 16:46:51 -04:00
Brent Cook 9c196041ce update youtube urls in post exploit module 2017-08-17 16:44:35 -04:00
Jay Turla b0a4634b24 Update connect.md 
Adding the command in installing gem "serialport".
 2017-08-17 18:55:44 +08:00
Tim 8b4ccc66c7 add linux/aarch64/shell_reverse_tcp 2017-08-17 18:55:37 +08:00
Brendan Coles 3fcd248d3a Add documentation 2017-08-17 09:51:09 +00:00
William Vu 5e0223fce0
Land #8841, tools/exploit/metasm_shell.rb fix 2017-08-17 02:48:52 -05:00
Brent Cook 33e134418a rename decode methods as well, keep this working for ruby X.X 2017-08-17 03:27:12 -04:00
Brent Cook 7a1a5d2658 don't override standard string 'encode' methods 2017-08-17 03:20:45 -04:00
Tim f6caa23e31 Land #8840, fix silly docs error 2017-08-17 15:16:24 +08:00