Commit Graph

43943 Commits (402e926151367fbc71512c29f89d88aef5583812)

Author SHA1 Message Date
h00die 015e30c4f3
land #9048 docs for xmas portscan 2017-10-07 15:50:41 -04:00
Deepanshu Gajbhiye d28b023058 Update xmas.md
added requested changes.
2017-10-08 00:16:43 +05:30
h00die 7a87e11767
land #8781 Utilize Rancher Server to exploit hosts 2017-10-07 13:04:34 -04:00
Deepanshu Gajbhiye fa98fe4fe6 Update xmas.md
removed blank spaces.
2017-10-07 14:20:19 +05:30
Deepanshu Gajbhiye 0e6843eae1 Update xmas.md 2017-10-07 04:40:28 -04:00
Deepanshu Gajbhiye 3092ad9ea0 Documentation for auxiliary/scanner/portscan/xmas 2017-10-07 04:23:40 -04:00
Martin Pizala 34d119be04
Payload space, error handling and style" 2017-10-07 01:12:24 +02:00
James Barnett 56e95f15c9
Land #9024, fix bug when manually adding loot
cmd_loot was throwing a stack trace when the host was not properly defined.
This fixes it to give a useful error message.
2017-10-06 16:02:12 -05:00
RageLtMan 37e06839f8 Merge pull request #24 from bwatters-r7/update-cache-sizes
update cached payload sizes
2017-10-06 16:40:53 -04:00
Jeffrey Martin d0a1fb6019
tlv response to ID based request with original ID
When a tlv response is created the request ID being responded to
needs to be copied into response created.
2017-10-06 13:58:38 -05:00
William Webb d9e0d891a1
Land #9010, Remove checks for hardcoded SYSTEM account name 2017-10-06 13:42:18 -05:00
h00die 7535fe255f
land #8736 RCE for orientdb 2017-10-06 14:35:42 -04:00
h00die e7aa06c1c4 fix documentation 2017-10-06 14:29:39 -04:00
bwatters-r7 f996597bcf update cached payload sizes 2017-10-06 13:19:00 -05:00
RageLtMan 124a1531f4 Clean up powershell exec string
The scriptblock invocation is already coming from Rex, so there's
no need to re-wrap the executed code in more of the same.
2017-10-06 13:19:36 -04:00
Metasploit 4acef04e0d
Bump version of framework to 4.16.11 2017-10-06 10:01:51 -07:00
caleBot 752d21e11c forgot a comma 2017-10-06 10:47:42 -06:00
RageLtMan 9afdde2938 Address generation issues with pure PSH payloads
Powershell payloads were generating using the :generate method
mixed in from Payload::Windows::Exec which is a binary payload
mixin.

Address the breakage by implementing a generate method which simply
outputs the script code produced by the module with no additional
content prepended or appended.

While here, cleanup the commandline generation for the script being
produced by having Rex do it (this permits changes made in Rex to
benefit all consumers).

As a bonus, drop the IEX invocation since it'll trip up AMSI and
upgrade to the scripblock execution semantic.

Credit for finding this little gem goes to bperry - i dont usually
use the native powershell command shells, and managed to miss this
for a long time. Thanks boss.

Testing:
  Local in pry

@bperry: Could you test and ping me back if this is right?
2017-10-06 12:32:52 -04:00
caleBot 63e3892392 fixed issues identified by msftidy 2017-10-06 10:16:01 -06:00
caleBot 78e262eabd fixed issues identified by msftidy 2017-10-06 10:15:30 -06:00
caleBot 36610b185b initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478 2017-10-06 09:38:33 -06:00
Brent Cook c701a53def
Land #9018, Add Bind Shell JCL Payload for z/OS 2017-10-05 17:24:50 -05:00
Brent Cook 7292ee24a2
Land #9027, Cleanup revshell for zos 2017-10-05 17:20:01 -05:00
Brent Cook 4a745bd2cc
Land #8991, post/windows/manage/persistence_exe: fix service creation 2017-10-05 17:04:58 -05:00
Brent Cook 9d2e8b1e4d
Land #8003, Evasions for delivering nops/shellcode into memory 2017-10-05 16:44:36 -05:00
Brent Cook 809d0f79a1
Land #9026, Fix cache invalidation bug in tab completion 2017-10-05 16:41:00 -05:00
Brent Cook b7e209a5f3
Land #9033, Geolocate API update 2017-10-05 16:39:09 -05:00
Spencer McIntyre 482ce005fd Update the advanced option names and a typo 2017-10-05 10:11:00 -04:00
Pearce Barry 7400082fdb
Land #9040, Add CVE and Vendor article URL to the denyall_waf_exec module 2017-10-04 09:12:48 -05:00
Mehmet Ince 110f3c9b4a
Add cve and vendor article to the denyall_waf_exec module 2017-10-04 12:11:58 +03:00
OJ 89f508a500
Land #9039: add transport command to java on OSX 2017-10-04 12:56:02 +10:00
Tim e534d3cdc8 fix transport and sleep commands on java 2017-10-04 10:36:01 +08:00
William Vu 10dafdcb12
Fix #9036, broken refs in bypassuac_comhijack
Each ref needs to be an individual array.
2017-10-03 13:36:29 -05:00
William Vu 5b9a4d73ee Readd hostless loot display
In the chance event someone actually managed to store it.
2017-10-02 23:31:44 -05:00
William Vu 403b5e2fa8 Move TARGET check into option_values_payloads 2017-10-02 23:22:42 -05:00
Spencer McIntyre 949633e816 Cleanup cve-2017-8464 template and build script 2017-10-02 15:18:13 -04:00
William Webb ae785f9a08
Land #9036, Remove dead Youtube link 2017-10-02 11:18:20 -05:00
ashish gahlot 9ff6efd3a3 Remove broken link 2017-10-02 20:43:55 +05:30
h00die c5cc2f89a0 add docs for wlan_geolocate 2017-10-01 19:49:48 -04:00
h00die fc66683502 fixes #8928 2017-10-01 19:49:32 -04:00
Martin Pizala e3326e1649
Use send_request_cgi instead of raw 2017-10-01 02:15:43 +02:00
Martin Pizala 701d628a1b
Features for selecting the target 2017-10-01 02:04:10 +02:00
Spencer McIntyre f2f48cbc8f Update the CVE-2017-8464 module 2017-09-30 18:25:16 -04:00
h00die a676f600d6 fixes to more modules 2017-09-30 15:45:52 -04:00
h00die 8a49a639a0 check file exists before reading 2017-09-29 22:34:38 -04:00
h00die 7fc9be846a bcoles suggestions 2017-09-29 20:29:30 -04:00
William Vu b9bed5af95
Land #9028, vprint_* fix for AuthBrute 2017-09-29 19:04:07 -05:00
William Vu 9941097a5c Remove extraneous else 2017-09-29 19:01:04 -05:00
William Vu e8d0f2dde0 Fix missing message for vprint_* in AuthBrute 2017-09-29 18:51:35 -05:00
bigendiansmalls 8af2e5a7ee
Cleanup revshell for zos
remove unused code, extra comments
align code, etc. no functionality changes
2017-09-29 18:27:29 -05:00