bcb7348648
Land #10645 , writable? method for Msf::Post::File
2018-09-15 17:27:42 -05:00
ea47b6de04
Add writable? method to Msf::Post::File - Fix #10644
2018-09-15 06:29:24 +00:00
d49d7a1214
Land #10638 , Warn when listing inactive sessions without DB connection
...
Replaces confusing message and stack trace with a warning message,
when the `sessions -d` command is used to list inactive sessions
when no database is connected.
2018-09-15 05:36:37 +00:00
6fae6065d6
Upcase all the things
2018-09-14 16:05:43 -05:00
e590b7c01f
Consolidate notes reference in erb templates
2018-09-14 12:08:22 -05:00
184d1d5954
Leave notes type as a plain hash
2018-09-14 11:17:37 -05:00
c71078a381
use max instead of sort_by { |p| p.size }.last
...
`sort_by { |p| p.size }.last` is less readable compared to just using the `max` method
I believe this does basicall the exact same thing, ontop of being much faster in my micro benchmark.
The old method was, something like, 8 times slower.
2018-09-14 11:19:16 -04:00
2dcfdcbdc4
remove redundant hash merge
...
https://github.com/JuanitoFatas/fast-ruby#hashmerge-vs-hash-code
2018-09-14 11:04:39 -04:00
ed338bbeec
use tr instead of gsub
...
https://github.com/rails/rails/pull/17257
https://github.com/JuanitoFatas/fast-ruby#stringgsub-vs-stringtr-code
2018-09-14 10:51:51 -04:00
4a759fd048
Refactor cmd_shell and add cmd_shell_{help,tabs}
2018-09-13 19:44:24 -05:00
cfbd259e80
Merge remote-tracking branch 'upstream/master' into pr/10389
2018-09-13 16:08:07 -05:00
7c6c621a8f
Remember to assign `self.prompt` in shell.rb
...
Not everything updates the prompt all the time, make them feel welcome.
2018-09-13 15:51:07 -05:00
c2230f98d5
Warn user about inactive sessions without DB
2018-09-13 15:13:41 -04:00
6a6d92abc1
Check DB is active before querying sessions
2018-09-13 15:06:53 -04:00
b3e9856851
Revert doc changes to exploit.rb autofilter
...
I think the changes might have been accidental.
3cf4329335
2018-09-13 13:27:52 -05:00
8025a49c44
Land #10633 fix for solaris pidof for more versions
2018-09-13 13:10:28 -04:00
175dec7ade
Print help when `repeat` is run with no commands
2018-09-13 11:27:05 -05:00
04cc7843a4
Typo fixes
2018-09-13 11:19:13 -05:00
53a326c743
Cleanup is_root? method for Linux::Priv / Solaris::Priv
2018-09-13 08:54:31 +00:00
bba818a323
Fix Msf::Post::Solaris::System pidof method
2018-09-13 08:29:56 +00:00
68a51da27b
Land #10477 , console prompt fixes and refactor
2018-09-12 18:00:48 -05:00
84e87b10af
Update warning message when loading mimikatz on new OSes
2018-09-13 08:31:08 +10:00
b70960bddb
Land #10619 , mimikatz/kiwi warning per OS version
2018-09-12 17:11:11 -05:00
5c65f23847
add chmod tab completion
2018-09-12 19:04:51 +08:00
d017f420bf
Fix missing exception capture
2018-09-11 17:58:41 -05:00
e2c6748759
Replace 'and' with '&&'
2018-09-12 08:27:27 +10:00
8fa71ade44
Add `repeat` command to loop msfconsole commands
2018-09-11 17:25:33 -05:00
de0f0a97fb
Add mode to Shell#run_single to re-raise errors
2018-09-11 17:23:56 -05:00
da25391426
Relocate option parsing error handling up a level
2018-09-11 17:22:05 -05:00
74ae89ac96
Minor fixups for `grep`
...
Use Shellwords to join words that have been shellsplit and will be
shellsplit again, and correctly reference a missing command name.
2018-09-11 17:20:34 -05:00
a7105b45a6
add gcc path for solaris
2018-09-11 05:18:26 -04:00
117121b058
Land #10617 , sessions -x fix for when LURI is used
2018-09-11 03:00:34 -05:00
7c1ae843b1
Fix Msf::Post::Solaris::Kernel class name
2018-09-11 07:15:19 +00:00
8d6fcefccc
Fix crash when using sessions -x
2018-09-11 13:28:33 +10:00
a3d74d926c
Land #9897 , Fix #8404 ListenerComm Support For Exploit::Remote::TcpServer
2018-09-10 16:25:55 -05:00
ea2fcb6fc4
Land #10593 , Refactor SSH mixins and update modules
2018-09-10 15:38:53 -05:00
55ae02ba4e
DRY up doc generator
2018-09-07 11:47:29 -05:00
1eb703b1b5
Refactor initialization of module's notes attribute
2018-09-06 16:15:52 -05:00
b7ee406203
Use a 'reduce' to transform notes
2018-09-06 15:50:23 -05:00
876240d18c
Condense note transformation inside mod_meta_common
2018-09-06 15:48:22 -05:00
dd476066cf
Land #10584 , fix session upgrade HANDLE_TIMEOUT and upgrading osx shells
2018-09-06 05:52:40 -05:00
35fb0d19ab
Refactor SSH mixins and update modules
2018-09-05 23:53:11 -05:00
e2428b5c20
Fix target DisableNops not being passed to payload
2018-09-05 18:07:54 -05:00
635d92901f
Add warning for mimikatz and kiwi if OS versions are wrong
2018-09-05 09:34:34 +10:00
c38a7e97fd
fix session.type for osx shells
2018-09-04 22:59:03 +08:00
0a2b0f8cec
Remove trailing comma
...
Fix issue causes target.ret to be an array
2018-09-04 07:43:43 -05:00
d5e78ab66f
Land #10437 , sync some linux local libraries to solaris
2018-09-03 22:46:50 +08:00
34f87efb2b
Land #10532 , enhance db_connect for data services
2018-09-03 09:43:34 -04:00
1c8a2f3ee1
Raise an error when http service fails to connect
...
Also fix a bug where failed Postgres connections werent being raised
2018-09-02 15:51:13 -05:00
c4ebf7b4f3
add meterpreter chmod command
2018-09-01 23:52:31 +08:00
b4c731d4ca
Check name validity at a higher level
2018-08-31 18:16:32 -05:00
5c7f59e2f9
Remove AKA formatters from references
2018-08-31 16:54:16 -05:00
420041f287
Don't refer to AKA as 'alias' in order to not overlap nomenclature with upcoming 'alias' feature
2018-08-31 16:54:07 -05:00
e5106b54db
Add AKA info to module info
2018-08-31 16:52:26 -05:00
e10d9c5d67
Update module search to search aka names
2018-08-31 16:52:17 -05:00
3f9e19c6af
Restructure Notes into NotesContainer object
2018-08-31 16:51:59 -05:00
f61ed95ebe
Add default value for notes
2018-08-31 16:50:23 -05:00
3c115f1bfc
Update json parsing rules for external modules
2018-08-31 16:48:56 -05:00
084607b955
Set current_data_service when disconnecting from http
2018-08-31 16:48:33 -05:00
659e4f2b34
Build json correctly for new notes field
2018-08-31 16:47:00 -05:00
185fe56e82
Add message when connecting via yaml
2018-08-31 16:13:17 -05:00
a413b27e57
Fix bug connecting to https servers
2018-08-31 15:49:29 -05:00
1e6f19e1de
Update db_save message when no valid service connected
...
Also add the current data service name to db_status
2018-08-31 12:54:08 -05:00
bc4a0345dc
Fix bug preventing yaml connections
2018-08-31 11:26:08 -05:00
41b0dc1dfe
Update label for the kiwi extention to match latest ver
...
I'll also update this PR with the udpated binaries when the paylaods
repo has landed https://github.com/rapid7/metasploit-payloads/pull/298
2018-08-31 09:31:57 +10:00
6ddf4f4c22
Refactor db_connect for updated usage
...
db_connect will now automatically save the data service it connects to
db_save will be used to set the current data service as default
add a db_remove command to delete a saved data service
2018-08-30 18:19:14 -05:00
71a7ca4d7d
Use env(1) instead of export
2018-08-29 14:51:20 -05:00
d6d9f9c675
Handle case for no connection for save and disconnect
2018-08-29 13:54:20 -05:00
133892629e
Dont allow invalid config file characters
...
Also only save cert when it is present
2018-08-29 12:49:03 -05:00
f7ecd4436d
Even more messaging changes
2018-08-29 11:32:01 -05:00
65f38d6051
More messaging changes
2018-08-29 11:19:37 -05:00
7414b18f20
Move prompt_char space to correct place
2018-08-29 10:38:28 -05:00
09926bd184
Better help description and comments
2018-08-28 22:11:32 -05:00
28954dbc1d
More messaging improvements
2018-08-28 17:14:59 -05:00
cc5d96a441
Update messaging
2018-08-28 17:00:58 -05:00
161fb52ae3
Dont build connect string manually during loadup
2018-08-28 16:37:14 -05:00
52cc140cd2
Handle case where no default db is set
2018-08-28 15:52:26 -05:00
1be7f55cae
Land #8983 , Add peinjector post module
...
Merge branch 'land-8983' into upstream-master
2018-08-28 15:25:56 -05:00
4803c889f9
Land #10507 , GPP creds for db_import
2018-08-28 11:45:51 -05:00
5e45e2f1e9
Add help text for -l and -n options
2018-08-28 11:42:10 -05:00
3c1086741b
Use correct variable name for api_token
2018-08-28 10:49:50 -05:00
562fc09d5d
add new line to the end of the file
2018-08-28 09:02:21 -05:00
3a6d72b8b6
some executable files need stack preserve and stack restore, functionality restored
2018-08-28 09:02:21 -05:00
ff7baaca13
remove stack preserve and stack restore in x86 shellcode and delete duplicated stack preserve variable in x64 shellcode
2018-08-28 09:02:21 -05:00
5a28863b12
Fix Whitespace for Rubocop
2018-08-28 09:02:21 -05:00
3ac24abfb2
Remove Extra stackpreserve variable
2018-08-28 09:02:21 -05:00
f9148f7864
Update/Add Human-Readable ASM
2018-08-28 09:02:21 -05:00
f1e4079641
move add_thread code to lib/rex/post/meterpreter/extensions/peinjector/peinjector.rb
2018-08-28 09:02:21 -05:00
55299561b1
Peinjector meterpreter extension interface added
2018-08-28 09:02:21 -05:00
ced4ae6f49
MSFTidy module
2018-08-28 09:02:21 -05:00
2251c4a712
Add peinjector post module
2018-08-28 09:02:21 -05:00
5b7127c826
Use Rex::Text::Table for outputting data services
2018-08-27 13:18:41 -05:00
24cf99f59c
Enable deletion of saved data services
2018-08-27 11:32:19 -05:00
419738a746
Add expect method, -s, and -l
2018-08-26 19:38:19 -05:00
cb07ba2b6c
Land #10516 , Add brace expansion encoder and update ${IFS} encoder
2018-08-25 22:23:07 -05:00
969170096a
Land #10520 , Only allow setting persistence on payload jobs
2018-08-25 22:21:46 -05:00
6df235062b
Land #10505 , post-auth and default creds info
2018-08-24 18:08:15 -05:00
cde82b18ab
Land #10379 , tab completion for multiple commands
2018-08-24 18:06:14 -05:00
e955e8dc15
Clean up code
...
And hope I didn't break anything.
2018-08-24 18:05:52 -05:00
bb0ec0472b
Enable saving local data services
2018-08-24 12:51:50 -05:00
1dd91434f4
Fix #10518 , bug fix when add persistent to non-payload job.
2018-08-24 03:39:18 -04:00
6d84d3bfec
Add tabs auto completion for irb.
2018-08-23 23:29:12 -04:00
418b574161
Merge branch 'master' and resolve conflict.
2018-08-23 23:24:23 -04:00
7c0dd2a0fe
Add CmdUnixBrace and update CmdUnixIfs
...
Acronyms can be capitalized as per the Ruby style guide.
2018-08-23 21:18:09 -05:00
df18e354e1
Add bind_busybox_telnetd payload, misc cleanup
2018-08-23 15:23:39 -04:00
c0c3e12c74
WIP - hp officejet pro exploit, enhance PJL lib
2018-08-23 14:53:54 -04:00
724e0dcaf3
Add ability to connect to saved data services
2018-08-22 17:16:27 -05:00
9b3e0d8306
Add additional root tags for GPP XML
...
Finally ran through all the samples and cross-referenced with MS14-025.
https://msdn.microsoft.com/en-us/library/cc232650.aspx
https://support.microsoft.com/en-us/help/2962486/ms14-025-vulnerability-in-group-policy-preferences-could-allow-elevati
2018-08-22 16:48:33 -05:00
2891255549
Clarify what is being imported currently
...
Since the parser is focused on creds.
2018-08-22 15:53:19 -05:00
1e4eb0eae0
Revert report_note, since it added nothing
...
A bit of misunderstanding. We're in agreement that loot was enough.
2018-08-22 14:34:09 -05:00
6fa04950ee
Store parsed GPP data as a note
...
And refactor slightly.
2018-08-22 14:19:50 -05:00
b1c633faf6
Add Group Policy Preferences support to db_import
...
And take the Jaden Smith approach, as @busterb quipped to me. :)
This one's a little weird, since you normally import scans into
Metasploit, but now that creds are first-class in the database, it makes
more sense to be able to import them.
Currently, your alternatives are post/windows/gather/credentials/gpp,
which requires a session, and auxiliary/scanner/smb/smb_enum_gpp, which
requires a network scan.
2018-08-21 23:44:39 -05:00
68aca395a4
Remove debug logging
2018-08-21 15:06:30 -05:00
57243106f7
Connect to the default database on startup
2018-08-21 14:29:20 -05:00
b6401dbe56
Add db_save command
2018-08-21 11:10:43 -05:00
080ba15179
Another boo-boo
2018-08-21 08:55:14 -05:00
321f2b8746
Improve file operations
...
Hmm, why did I not use File.write before? Oh well, fixed.
2018-08-20 22:25:19 -05:00
808e2f2e25
Fix issue #10499
2018-08-21 03:08:14 +00:00
edb85614ff
Make code cleaner
2018-08-21 03:05:44 +00:00
bc3b317963
Land #10449 , Implementation of download/upload file in reverse shell
2018-08-20 19:10:26 -05:00
4aee3a4ae2
Land #10448 , Implementation of CTRL+C to send SIGINT signal
2018-08-20 18:14:29 -05:00
11fee8fa2c
Land #10471 , Import target DefaultOptions into the datastore
2018-08-20 17:30:27 -05:00
fb2d3bfd4a
Land #10492 , show help when no argument is provided to `show`
2018-08-20 15:46:29 -05:00
3fadc64fb2
Don't set the workspace to default if it is already set
2018-08-20 14:35:06 -05:00
8869604143
update help for show and search
2018-08-21 00:17:57 +05:30
e8c0638092
Update modules.rb
2018-08-20 23:36:57 +05:30
0e594266e9
show help when no argument is provided to `show`
2018-08-20 23:32:34 +05:30
94dd67f3a5
Add public readers for prompt and prompt_char
...
This allows various things to inspect the state of the console before
calling `update_prompt`.
2018-08-17 14:41:48 -05:00
410eee8537
Remove 'append' mode from update_prompt
...
Nothing used it meaningfully. Also, due to the way `init_prompt` was set
prior to b1401e2e4e1df442e0cf
2018-08-17 14:32:48 -05:00
1df442e0cf
Centralize where msfconsole touches the prompt
2018-08-17 14:21:16 -05:00
b1401e2e4e
Update the prompt every shell tick
...
This was inadvertently done as part of the tab completion
initialization but is what we want. Also move the prompt formatting to
the prompt update and make the code more readable.
2018-08-17 14:10:28 -05:00
d6bce4410c
Land #10203 , Add command for persistent job handler when msf restart
2018-08-16 15:37:10 -05:00
7e496ae067
Import target DefaultOptions into the datastore
2018-08-16 12:18:02 -05:00
59f2bf9002
Land #10469 , bug fixes for shell's prompt_yesno
2018-08-16 10:51:54 -05:00
4375a3fbfb
Fix lurking bugs in the shell's prompt_yesno
2018-08-16 09:05:22 -05:00
7a20d05fa6
Land #10456 , known_hosts fix for SSH modules
2018-08-15 21:28:08 -05:00
1475f205d4
Update for style requirements.
2018-08-15 22:24:20 -04:00
028799299c
Update for style requirements.
2018-08-15 22:23:04 -04:00
101539a1bc
Land #10464 , prompt to use plain module name
2018-08-15 20:55:28 -05:00
c045f70e80
Emulate `prompt_yesno` semantics for UI drivers
2018-08-15 17:30:37 -05:00
becd42553a
Land #10462 , Add API documentation for users and auth endpoints
2018-08-15 17:10:26 -05:00
a4fb33d53a
Prompt to use module when given plain module name
2018-08-15 15:58:19 -05:00
fe75a87cd5
Land #10459 , Fix PMA scanner vs. non-PMA hosts
2018-08-15 14:44:40 -05:00
f05844d8f4
Refactor options handling and help printing
2018-08-15 11:48:03 -05:00
13326ea94b
Land #10451 , Add 'payload' to module search command help documentation
2018-08-15 11:20:13 -05:00
1a4c04cae6
Merge branch 'master' into consolidate_db_connect_data_services
2018-08-14 15:20:56 -05:00
cedcb04ce0
Land #10433 , pry and irb in developer dispatcher
2018-08-14 13:32:47 -05:00
66b761db15
Add doc for user operations
2018-08-14 13:19:56 -05:00
f7a0b201d7
Add authorization support for auth/bearer tokens
2018-08-14 11:51:15 -05:00
a956f675ff
PMA Scanner Check Error Condition
2018-08-14 06:16:55 -05:00
William Vu
Brendan Coles
Erin Bleiweiss
Kent 'picat' Gruber
Adam Cammack
Matthew Kienow
h00die
OJ
Tim W
Brent Cook
Jacob Robles
James Barnett
Josh Hale
bwatters-r7
alpiste
Green-m
Wei Chen
asoto-r7
Auxilus
Jeffrey Martin