d5a010c230
Add support for registry_key_exist?
2015-10-22 16:07:38 -05:00
8bb694fa5c
Add stageless Python Meterpreter for reverse tcp
2015-10-21 18:23:04 -04:00
4b271425c9
s/datstore/datastore/g
2015-10-20 13:05:49 -05:00
28ca34c40a
Fix conflicts
2015-10-16 15:38:59 -05:00
d85412b0fb
Complete fix for generation of nop sleds
2015-10-16 14:01:00 -05:00
b788772215
break only if 'make_nops' is able generate the nop sled
2015-10-16 13:28:37 -05:00
7da3b4958e
Change mixins namespaces
2015-10-15 10:35:07 -05:00
6571a8f2c3
Move http apps mixins to the old convention folder
2015-10-15 10:22:54 -05:00
8057b3edae
Fix specs to pass again
2015-10-15 09:40:39 -05:00
db5d83a40a
Move namespaces
2015-10-15 09:17:06 -05:00
5e39814860
Move to the old convention folder
2015-10-15 09:03:03 -05:00
1c880b933f
Land #6066 , remove empty, duplicate options for EXITFUNC
2015-10-14 10:34:36 -05:00
2a2d8d941d
Land #6054 , HTTP Host header injection module
2015-10-13 23:37:31 -05:00
c642057fa0
Clean up module
2015-10-13 12:03:41 -05:00
a590b80211
Update autoregister_ports, try both addresses for the MBean
2015-10-09 20:20:35 -07:00
cd2e9d4232
Move Msf::Java to the normal Msf::Exploit::Remote namespace
2015-10-09 13:24:34 -07:00
8aed503ad2
Change EXITFUNC acceptable options
...
This gets rid of the nil option because this is the same as "".
And then we change the empty value to ''.
2015-10-08 16:52:17 -05:00
32dbb8c3e0
Land #6051 : check include_send_uuid method support
2015-10-06 07:31:11 +10:00
2769d66bfc
Check if the payload has a include_send_uuid method before calling it
...
Otherwise we get an undefined method exception and the payload fails to stage.
Fixes #6040
2015-10-05 15:13:11 -05:00
32255a4621
Always show the URI and User-Agent for unknown requests
2015-10-05 11:05:05 -05:00
711f11abb8
Clean up some things
2015-10-02 18:35:46 -05:00
dea0142da1
catch network exceptions
2015-10-02 18:26:37 -05:00
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
953bfe1a81
Delete typo
2015-10-02 15:29:03 -05:00
2445c1fa32
Land #6012 , Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp
2015-10-02 15:27:47 -05:00
40cb13609a
update SSLVersion to support all options for rex TCP sockets, add 'TLS' alias
2015-10-02 15:26:49 -05:00
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
144bf39038
Land #5998 , fixup PrependMigrate for stageless meterpreter
2015-10-01 11:48:33 -05:00
2ab779ad3d
Land #6010 , capture_sendto fixes
2015-10-01 10:54:24 -05:00
22c424a4c6
Fix CreatProcessA stack alignment in prependmigrate x64
2015-10-01 10:24:13 +10:00
b35a0166bf
Merge branch 'upstream/master' into fix-prepend-https
2015-10-01 09:07:28 +10:00
393a71cf46
Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation
...
Conflicts:
Gemfile.lock
2015-09-29 15:00:22 -05:00
54f9a3b25a
Land #6013 , add mainframe as a platform and architecture
2015-09-29 13:28:23 -05:00
f3e8b34b4f
Land #6007 , restore original behavior when capture_sendto fails
...
we need this while fixing modules to handle exceptions
2015-09-29 09:55:47 -05:00
9444c8c410
Fix #5988 , windows x64 stagers
...
* Also, use mov esi, esi to save an extra byte
* Also, modify the block_recv.asm code, just to have it up to date
2015-09-28 15:52:50 -05:00
4a9ef30e9e
Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp mixin
2015-09-28 10:31:17 -05:00
ff87fbc976
Added a mainframe.rb in core/payload
...
Base module for payloads to be developed on the mainframe / SystemZ
(z/os mvs) architecture
2015-09-28 10:06:09 -05:00
ecf6867c35
Added mainframe as a payload constant
...
updated core/payload.rb to include 'mainframe' as a option
2015-09-28 10:04:50 -05:00
bc718da5d9
Added mainframe as a platform in core
...
To develop modules, mainframe and zArchitecture needs to be defined in
several places. This is the official platform.rb definition
2015-09-28 10:03:15 -05:00
7d9d3864c3
Add docs for capture_sendto
2015-09-27 15:40:32 -07:00
fc9a757194
Fix #6008 for the 6 modules that use scanner_spoof_send
2015-09-27 15:06:29 -07:00
b508625957
When unable to determine destination MAC, vprint and return false
...
Fixes #6006 .
~20 related modules are affected by this defect and by this "fix"
2015-09-26 15:13:26 -07:00
cb4e609dd5
Land #5997 , database cache update fix
2015-09-26 14:10:04 -05:00
52e3405192
Passing report_exploit_success specs
...
MSP-13119
2015-09-23 11:12:02 -05:00
dc84b3b1ba
Passing report_exploit_failure specs
...
MSP-13119
2015-09-23 10:54:13 -05:00
30102d4526
No longer needed.
2015-09-22 17:05:30 -05:00
d90f87449a
Fix merge
2015-09-22 16:55:01 -05:00
7d2a2a8b64
Fix issues with using hop for new core
2015-09-22 16:54:02 -05:00
6482083b6b
revert WfsDelay short-circuit on exploit failure
...
Some exploits currently succeed, but can fail during cleanup, leading to a
false-negative. Reverting this so that the affected exploits can be fixed
first.
This reverts commits b0858e9d46b3f754136e
2015-09-22 14:43:03 -05:00
66b453edd6
ensure the database cache is always updated, present accurate reporting on search
2015-09-22 12:56:26 -05:00
8b10cbe3fd
Query for vulns without specifying service when service is nil
...
MSP-13284
2015-09-22 10:50:23 -05:00
46e00389c4
Adjust payload size for stageless in prepend migrate
2015-09-22 18:07:53 +10:00
9230b04674
Update match result creation logic
...
MSP-13119
* Look up match on match set for the run
* If no match exists in the match set for the vuln, attempt to create a match for the vuln
2015-09-22 00:24:38 -05:00
d3a73149a2
Add specs around match result creation in exploit attempt
...
MSP-13119
2015-09-18 12:04:45 -05:00
6f19e30723
Merge branch 'staging/hd-wfs' into feature/hd-wfsdelay
2015-09-17 13:07:56 -05:00
c7afe4f663
Land #5930 , MS15-078 (atmfd.dll buffer overflow)
2015-09-16 15:33:38 -05:00
5cf3ac23e2
Fix no method defined error when run_id is not passed down
...
* run_id is an optional param so we handle when it isn't set on user data
MSP-13119
2015-09-16 15:32:48 -05:00
b0858e9d46
Style tweak re: TheLightCosine's feedback
2015-09-16 08:15:26 -07:00
b7572d5494
Handle both serialized & unserialized cases on import
2015-09-16 08:11:15 -07:00
ef043cebc3
Always use the stringified host->address during export
2015-09-16 02:59:11 -07:00
382e01d680
Add comments and use run scope on match
...
MSP-13119
2015-09-15 15:09:26 -05:00
621af7311c
Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation
2015-09-15 14:35:07 -05:00
eb479318b1
Use existing run for match result or create a new one if it doesnt exist
...
MSP-13119
2015-09-15 14:34:44 -05:00
b3f754136e
Skip WfsDelay when the exploit has clearly failed
2015-09-15 08:04:23 -07:00
c7f15ca940
Rework how match results get created
...
MSP-13119
* Create match result when we create vuln attempt
2015-09-14 12:18:47 -05:00
713ded7ca2
Ignore SMB exceptions during fingerprinting
...
This fixes smb_version in cases where the remote server throws a Login error
for the default creds (null session).
2015-09-14 09:35:44 -07:00
ad0140e0fc
Land #5864 , @jlee-r7's fixes x64 injection
2015-09-11 16:09:37 -05:00
a1a7471154
Land #5949 , is_root? for remove_lock_root
2015-09-11 02:09:14 -05:00
f2ccca97e0
Move require 'msf/core/post/android' to post.rb
2015-09-11 01:56:21 -05:00
53f995b9c3
Do first prototype
2015-09-10 19:35:26 -05:00
0bb03db786
Rework vuln lookup logic to account for vuln with no service (nexpose import vuln with -1 port)
...
MSP-13234
2015-09-09 13:21:05 -05:00
e88a14aee6
Rework exception handler for exploit simple
...
MSP-13233
2015-09-09 11:51:18 -05:00
eaf51a2113
Land #5722 , @vallejocc's busybox work
2015-09-04 13:36:44 -05:00
da221b82a8
Initialize dir
2015-09-04 11:07:49 -05:00
7665747d1c
Land #5736 , certutil cmdstager
...
Ferreal this time.
2015-09-03 14:21:21 -05:00
82b27c9038
Revert "Land #5736 , certutil cmdstager"
...
This reverts commit 93eb42dfa3
2015-09-03 14:18:28 -05:00
93eb42dfa3
Land #5736 , certutil cmdstager
2015-09-03 13:13:24 -05:00
70b5336356
Merge branch 'upstream-master' into land-5890-android-post-api
2015-09-03 09:51:35 -05:00
895b692b0d
Land #5914 , prevent loading cached modules outside of the load path
2015-09-03 09:29:13 -05:00
ccd0a06353
Use ===
2015-09-03 01:10:13 -05:00
1440f31756
Land #5637 , resiliency improvements to TCP stagers
2015-09-02 22:50:12 -05:00
9767de9bd0
Truncate payload size to 32 bits
2015-09-03 11:56:59 +10:00
9f9bbce034
Land #5840 , add LLMNR & mDNS modules
2015-09-02 18:30:29 -05:00
0120e5c443
Cosmetic tweaks, don't report duplicate responses
2015-09-02 18:30:03 -05:00
ab91d1cc92
More style cleanup
2015-09-02 14:01:12 -07:00
4d77e777fa
Remove explicit CLASS options from llmnr mixin
...
use parent's instead
2015-09-02 13:58:48 -07:00
27174e2bfd
Revert "Bump scanner THREADS to 10 by default"
...
This reverts commit f537f91943
2015-09-02 13:55:48 -07:00
5699908240
Style cleanup
2015-09-02 13:48:01 -07:00
25a22860b7
Summarize MDNS/LLMNR responses
2015-09-02 13:43:26 -07:00
55251ffe17
Slightly better output. Unsure if this will work with all response types
2015-09-02 11:21:54 -07:00
3d04d53e3a
first pass at better output and report_service
2015-09-02 10:31:46 -07:00
1aa7c596ce
Land #5967 , add PACKETSTORM reference types.
2015-09-01 23:25:26 -05:00
77f56c563b
Land #5867 , add PACKETSTORM reference types
2015-09-01 23:25:01 -05:00
de8205a42e
Fix the defaults for module_info_by_path_from_database!
2015-09-01 17:48:56 -05:00
148a5ba78e
A better solution for the spec coverage
2015-09-01 13:45:46 -05:00
31087ff33e
Refresh after cache rebuild should use the active module paths
2015-09-01 13:39:15 -05:00
5addf899b2
Refactor, same intent as before, just faster and correct.
2015-09-01 13:15:44 -05:00
d84caeca72
Ignore cached modules outside of load path, only load cache once on startup
2015-09-01 12:31:05 -05:00
8d0e0b973e
Fix array syntax
2015-08-28 14:12:23 -05:00
06712817cf
Fix specs
2015-08-28 14:06:04 -05:00
jvazquez-r7
Spencer McIntyre
Brent Cook
William Vu
HD Moore
wchen-r7
OJ
Fernando Arias
bigendian smalls
Jon Hart
scriptjunkie
dmohanty-r7
David Maloney
James Lee