a448b26f73
Remove unnecessary argument default value
2018-12-21 22:13:52 -05:00
5e971132f3
Enhance events method to fully query events
2018-12-21 22:07:43 -05:00
7e10b38421
Add events method
2018-12-21 21:37:42 -05:00
9736e8252c
Merge branch 'master' into land-11038-
2018-12-21 16:31:53 -06:00
b4ff3b544f
Add CMDSTAGER::SSL datastore option
...
It has come to my attention that since I added the HTTP(S) command
stagers, no one has used HTTPS. This is probably why.
The CmdStager options hash takes precedence over any datastore options.
2018-12-21 14:51:49 -06:00
5cff330a38
Land #11128 , Rex::Exploitation::CmdStagerFetch
2018-12-21 14:16:57 -06:00
3021a05553
Fix typo in report.rb
2018-12-21 17:51:46 +05:30
06de47ce68
Enhance the command auto-complete in aux.
2018-12-21 18:03:57 +08:00
f7eb3452be
Land #11083 , set user agent in Windows reverse_http(s) stagers
2018-12-19 11:38:12 -06:00
09f9b887b9
don't bother handholding the empty string
2018-12-19 10:52:51 -06:00
847e3232ab
Land #11102 , remove old metasm remnants
2018-12-18 08:53:53 -06:00
8d93812c0a
Add Rex::Exploitation::CmdStagerFetch
2018-12-15 03:30:00 +00:00
a2a38bb72f
ysoserial: Distracted halfway through a comment 🙃
2018-12-14 15:07:13 -06:00
74b4ba1c50
ysoserial: Change class name to camelcase to align with Ruby style guide
2018-12-14 14:44:58 -06:00
212454b1fb
ysoserial: Support larger payloads, Randomize fingerprintable string
2018-12-14 14:43:30 -06:00
fa74a1839a
Initial support for dynamic ysoserial Java serialization payloads
2018-12-14 12:51:08 -06:00
eec7a3dafc
Remove debug code
2018-12-14 13:33:16 -05:00
ad6b80bd08
Remove unused session_dto flag
2018-12-14 13:01:20 -05:00
a683cedcce
Enhance race condition workaround in report_host
2018-12-14 12:28:16 -05:00
c2af36f405
Use update_session rather than Mdm save method
...
The changes ensure that updates to an Mdm::Session are reflected on a
remote data service.
2018-12-14 12:22:49 -05:00
b6cdf7aa9d
Add update_session method
2018-12-14 12:04:55 -05:00
a8ed971f12
Move convert_msf_session_to_hash to data proxy
2018-12-14 11:46:12 -05:00
3f9b2dadc8
Remove unnecessary single object selection
2018-12-14 11:20:19 -05:00
4cefb8d06e
Fix typo
2018-12-14 11:19:40 -05:00
4963647bf6
remove call to method not defined
2018-12-13 17:00:41 -06:00
564814c4db
Land #10676 , Add support for ext_server_unhook
...
Merge branch 'land-10676' into upstream-master
2018-12-13 09:46:37 -06:00
a415063acd
Reword CreateSession option description
2018-12-12 15:32:31 -06:00
eceb47a9da
Move CREATE_SESSION option to advanced option CreateSession
2018-12-12 15:32:31 -06:00
8a7187ad79
Add CREATE_SESSION option to CommanShell
...
Register the CREATE_SESSION option in command_shell_options so it
can be used with all modules that use start_session.
Modify ssh_login.rb, ssh_login_pubkey.rb, and telnet_login.rb to
use the new CREATE_SESSION option.
When CREATE_SESSION is set to true (default) a new session is
created with each successful login. When set to false a new session
is not created but the successful login is still registered in the
credentials database.
2018-12-12 15:32:31 -06:00
0c9d5b7d51
refactor `unless !` to `if`
2018-12-11 10:04:55 -06:00
4ff6f0171d
remove old metasm remnants
...
Noticed while @asoto-r7 was reviewing Code Climate results, and it
highlighted some metasm code as having unusual code structure. Rather
than fixing it, we can delete it, since this is from upstream metasm
presumably, which we've used as a Gem for some time (thanks @egypt).
All payloads should still be regenerable, and evasion modules as well.
2018-12-10 18:58:53 -06:00
43842ad41d
Land #11082 , Update show plugins to show all available plugins as well
2018-12-10 10:20:51 -06:00
733c2f637d
Land #11081 , Add Msf::Post::Linux::Kernel.lkrg_installed? method
2018-12-08 09:14:57 -06:00
3dca52510d
pass NULL if the UA field is empty
2018-12-08 06:23:35 -06:00
6f8fc55b86
set user agent in Windows reverse_http(s) stagers
2018-12-07 14:03:03 -06:00
42c5a7d245
Update show plugins to show all available plugins as well as the loaded ones.
...
Fixes #11051
2018-12-08 01:19:44 +05:30
df76521100
Land #11066 , add rpc output locking, fix logging
2018-12-07 13:49:10 -06:00
09ffce4ec5
fix mutex locking, push to rpcSend
2018-12-07 13:28:34 -06:00
80d83720df
Add Msf::Post::Linux::Kernel.lkrg_installed? method
2018-12-07 14:42:16 +00:00
9e110eb9fc
Land #10940 , add default service mapping to imports
2018-12-06 21:04:05 -06:00
f4282bfb56
Land #11064 , Add Msf::Post::Linux::Kernel.kernel_config method
2018-12-06 20:52:12 -06:00
310d6f0170
Land #11068 , Update db_connect help text
2018-12-06 20:32:13 -06:00
e36e27d91a
Port is optional for HTTP data services
2018-12-05 16:05:09 -06:00
1e57f025d9
Update db_connect help
2018-12-05 14:52:26 -06:00
b0560c1ec8
Centralize logging sync, fix minor logging issues
2018-12-05 12:42:44 -06:00
25e4c4734f
return nil rather than empty array
2018-12-05 23:44:13 +11:00
9d690f4f8c
Add Msf::Post::Linux::Kernel.kernel_config method
2018-12-05 11:19:36 +00:00
6040f779c5
Supress 'Permission denied' error in get_suid_files
2018-12-05 00:35:32 +00:00
c7acbc08ab
Land #11058 , fix SSH key displayed by creds cmd
2018-12-04 15:25:51 -06:00
5e29d1206d
Land #11059 , provide meaningful error when workspace doesnt exist
2018-12-04 14:53:43 -06:00
8799c550e1
Parse public and private as correct sub-type
2018-12-04 10:57:54 -06:00
55a9a12670
Land #10964 , add initial golang modules for enumerating owa/o365
2018-12-04 10:33:37 -06:00
4f08243af9
Raise exception if workspace not found
2018-12-03 17:24:36 -06:00
74a5d816be
Fix parentheses around args of method invocations
2018-12-03 17:19:59 -06:00
d41f48853a
Use to_s when printing credential private
2018-12-03 16:46:30 -06:00
042a793648
Land #11050 , Add protection checks to Msf::Post::Linux::Kernel lib
2018-12-03 13:16:46 -06:00
6574ceaab8
Land #11053 , Add Openwall detection to Linux system lib
2018-12-03 12:46:36 -06:00
b11bcd92a4
Broken into 3 modules, addressed review comments
2018-12-03 10:25:21 -06:00
ab1bea1b22
Land #10798 , Cisco device manager update
2018-12-03 01:39:19 -06:00
f2b7036e37
Add Openwall detection to Linux system lib
2018-12-03 06:58:19 +00:00
0481cbffe6
Add check for Exec-Shield
2018-12-03 03:51:14 +00:00
d87fef5ee3
Add grsec/PaX checks to Msf::Post::Linux::Kernel lib
2018-12-02 08:11:17 +00:00
dc125d1dc5
return hostname
2018-12-01 05:20:47 +00:00
5b926bcbcf
Addressed feedback
2018-11-30 13:18:02 -06:00
6225c04b99
Address review feedback, fix bugs
2018-11-30 11:36:39 -06:00
88ca775fd3
Land #10952 , WP GDPR Compliance plugin exploit
2018-11-29 13:31:31 -06:00
3e571ff71a
Compatible with REG_MULTI_SZ when set value.
2018-11-29 15:47:09 +08:00
9d33891652
Update register descriptions
2018-11-28 19:37:35 -06:00
c4959da77f
Email validation and user registration
2018-11-28 17:56:55 -06:00
d523124faf
Land #10965 , Add the macOS LPE from pwn2own2018 (CVE-2018-4237)
2018-11-27 14:00:35 -06:00
d7c1dd91c0
Land #10509 , Add source meta command for shell sessions
2018-11-26 14:27:08 -06:00
181fc292c2
Land #10861 , Add framework for JSON-RPC and future Sinatra apps
2018-11-26 14:12:08 -06:00
2cde2e4e21
Land #11017 , Fix userns_enabled? check for unprivileged_userns_clone
2018-11-26 14:07:14 -06:00
fd75b75c61
Add FrameworkExtension
2018-11-26 13:08:42 -05:00
e144cc6738
Move under Msf::WebServices namespace
2018-11-26 12:58:10 -05:00
0678d33760
Revert "ensure a value exists before returning the normalized key"
...
This reverts commit 063838fb17
2018-11-26 10:10:07 -06:00
a98dbd1d61
Revert "Return the original key if it does not exist in the datastore"
...
This reverts commit 7312fa774f
2018-11-26 10:10:07 -06:00
8f07f299b4
Fix userns_enabled? check for unprivileged_userns_clone
2018-11-25 01:26:49 +00:00
847e630630
ensure incoming creds are all UTF-8
2018-11-22 09:20:12 -06:00
e07e5caebd
don't do a binary regex against a regular string
2018-11-22 09:19:38 -06:00
cdc9c24f6d
don't try to close a nil connection in smb login scanner mixin
2018-11-22 05:02:17 -06:00
8694d6dd19
Land #10990 , move metasploit web service code
2018-11-21 16:49:56 -06:00
77723ba2f8
Land #11002 , Support Python 3.7 in external probe scanner code
2018-11-21 16:23:34 -06:00
682ebdc234
Land #11001 , Properly error out when attempting to format ELFs
2018-11-21 16:13:40 -06:00
317f71f7f4
Land #10802 , Make `msfvenom -f` case-insensitive
2018-11-21 16:04:30 -06:00
c9f8a591e5
Land #10872 , Add --pad-nops option for msfvenom
2018-11-21 16:02:02 -06:00
44da31edb8
Support Python 3.7 in external probe scanner code
2018-11-21 15:06:54 -06:00
818c3c9f57
Properly error out when attempting to format ELFs
2018-11-21 14:57:37 -06:00
230ae70028
Land #11000 , fix DB import error messages
2018-11-21 14:52:17 -06:00
1eb4a79410
adjust error message on impart
2018-11-21 14:42:48 -06:00
7312fa774f
Return the original key if it does not exist in the datastore
2018-11-21 06:03:50 -06:00
063838fb17
ensure a value exists before returning the normalized key
2018-11-21 04:43:06 -06:00
da9e6edbf1
delete option aliases when an option is deleted
...
Otherwise the aliases will remain active and if the aliased value is redefined
2018-11-21 04:09:33 -06:00
30bf716827
Use --pad-nops as a boolean to make -n <size> the total payload size.
2018-11-20 23:26:03 -06:00
4cc9959e3f
Move MSF API App and associated servlets
...
The modules interact with the DbManager, however, are not a part of it
and belong in a more meaningful location for web services.
2018-11-19 18:46:15 -05:00
630de06f9e
Land #10972 , Rework session_compatible? check in post mixin, excluding ARCH_CMD modules
2018-11-19 16:08:15 -06:00
6d317baada
Coerce DisablePayloadHandler into a Boolean string
...
Due to discrepancies in how command dispatchers receive datastore
options, especially after a "save" of the console, Boolean values are
stored as strings.
This is a quick fix for DisablePayloadHandler specifically, since it was
driving me insane.
2018-11-19 13:18:15 -06:00
fd3ece3f9b
Land #10956 , Use new 'data_service_operation' block in 'DataProxy' modules
2018-11-16 17:24:00 -06:00
4726c58516
Update documentation
2018-11-16 12:40:42 -06:00
1e3515bddc
Clean up code
2018-11-16 05:04:54 -06:00
a58a91613a
Exclude ARCH_CMD modules, not local exploits
...
We don't want to lose SessionTypes. Brain fart.
2018-11-16 05:00:17 -06:00
8be53f8730
Land #10971 , Fix extraneous whitespace in check output
2018-11-16 03:38:32 -06:00
277ed375d6
Ensure peer_msg falls back on an empty string
...
Co-Authored-By: wvu-r7 <wvu-r7@users.noreply.github.com>
2018-11-16 03:30:52 -06:00
b60ae0ff1a
Limit session_compatible? check to post modules
...
Local exploits may define a different payload platform or arch.
2018-11-16 02:59:59 -06:00
eb90fc74a1
Fix extraneous whitespace in check output
...
Death to the peer gods.
2018-11-16 02:59:36 -06:00
691b9276a6
Fix issue when re-establishing DB connection
2018-11-15 21:00:19 -05:00
420be60900
add CVE-2018-4237
2018-11-15 08:48:10 +08:00
38bea6c29c
Added msmailprobe to msf
2018-11-14 16:15:11 -06:00
795aa3c99c
Land #10828 , git submodule url exec CVE-2018-17456
2018-11-14 12:39:13 -06:00
97ee965c6e
Landing #10884 - Add JSON-RPC Client
2018-11-13 08:31:55 -06:00
2571c8cd86
Use data_service_operation block to perform work
2018-11-12 23:45:29 -05:00
d2a78cecd0
improvements to code commente and floe
2018-11-12 17:31:43 -06:00
1b44fd0ade
Remove conditional for path
2018-11-12 11:05:40 -06:00
a80ac67373
Prepend GO path
2018-11-12 11:03:19 -06:00
8dc974b51e
Prepend python path
2018-11-12 07:58:43 -06:00
e231fd0623
next if onlyup
2018-11-10 16:21:06 +00:00
8ea4ed6314
land #10927 proper identification of centos/alpine linux in post libs
2018-11-10 08:33:35 -05:00
5ba44ff12d
add default service mapping to imports
2018-11-08 18:14:22 -06:00
7127792fcf
tidy up external go modules
2018-11-06 20:23:10 +01:00
407a9f3de1
remove debug
2018-11-06 11:12:02 -06:00
76531cb818
gofmt all the things
2018-11-06 11:12:02 -06:00
97bee891ce
remove some ruby vestiges
2018-11-06 11:12:02 -06:00
df43b372fa
initial golang module support
2018-11-06 11:12:02 -06:00
cfbc0a9a0c
properly bubble up errors on external module load
2018-11-06 11:12:02 -06:00
dea460c813
golang module loader support
2018-11-06 11:12:02 -06:00
08d4e2265d
Add CentOS and Alpine Linux detection to Linux system lib
2018-11-06 03:16:07 +00:00
a8ff9b27f7
Land #10823 , store host system data from post/system libs in database
2018-11-06 02:54:02 +00:00
e7f5c0cfbf
additional solaris-ish regexes
2018-11-05 19:25:08 -05:00
cb229411bc
Land #10888 , Fix Net::SSH::CommandStream session open failure
2018-11-05 11:15:09 -06:00
ad58930e9b
Dump formats when invalid format is selected
2018-11-04 09:25:37 -05:00
9f77966ec9
Revert downcase throughout, instead use single downcase within option parsing
2018-11-04 08:57:45 -05:00
7326453024
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into hosts_data
2018-11-03 17:06:00 -04:00
ca0249c539
enhancements to solaris host info db regex
2018-11-03 17:05:47 -04:00
e9b3502f98
Fix Net::SSH::CommandStream session open failure
...
I suspected this might be a problem for libssh servers.
2018-11-02 01:08:05 -05:00
8372007576
Prefer method_defined? for the class
2018-11-02 00:34:17 -05:00
c3311da6e2
Be specific about report_on_exception
2018-11-02 00:24:16 -05:00
0592420ea4
Fix thread exception reporting for Ruby 2.3.8
...
Thread::report_on_exception doesn't exist.
2018-11-01 18:59:23 -05:00
7cf384405e
only change thread behavior if on Ruby 2.5 or above
2018-11-01 18:24:12 -05:00
4dcb31f26b
only turn off thread reporting if it is already on
2018-11-01 18:08:52 -05:00
0b682b6300
Preserve old thread exception reporting behavior
...
https://ruby-doc.org/core-2.5.0/Thread.html#method-c-report_on_exception
2018-11-01 17:30:49 -05:00
08ec8e1ef9
Land #10553 , add x86/xor_dynamic and x64/xor_dynamic encoders
...
Merge branch 'land-10553' into upstream-master
2018-10-30 09:56:15 -05:00
06966312c1
Remove unused code
2018-10-30 00:40:33 -04:00
04e4c2941c
Remove unnecessary require
2018-10-30 00:19:21 -04:00
3c3022902f
Add JSON-RPC Client
2018-10-30 00:15:58 -04:00
24b1898e21
Fix comment
2018-10-29 23:27:50 -04:00
ffc193f49b
Issue #6100 : Finalized changes to pass rake spec Msf::PayloadGenerator
2018-10-26 13:06:37 -05:00
bd7c867485
Land #10862 , fix issue with session reporting when DB is disabled
2018-10-26 10:58:06 -05:00
eb9dd311ce
Add check that data service is active
2018-10-25 23:07:31 -04:00
2f8aacbf8d
Remove debug output
2018-10-25 14:44:11 -04:00
64f8852797
Use data_service_operation block to perform work
...
This fixes the session report issue when the database is disabled,
because no exceptions are thrown from the DataProxy under these
conditions.
2018-10-25 14:38:13 -04:00
7f8aeeb498
Raise RuntimeError rather than Exception
2018-10-25 14:29:24 -04:00
8e2d6a62b1
Add block process data service operation method
2018-10-25 14:24:47 -04:00
6920470f99
Land #10821 , Enhance windows compiler w/ new functions
2018-10-24 20:28:36 -05:00
2ab9a003d4
Land #10864 , Add Cisco WebEx RCE Modules
2018-10-24 16:20:00 -05:00
b875a102fe
remove report_host data for another PR
2018-10-24 16:26:38 -04:00
4dd2147d60
Land #10857 , ensure os_flavor can be supplied for non Windows OS
2018-10-24 14:28:32 -05:00
3c5aa93a0d
Fix for style consistency.
2018-10-24 15:17:37 +08:00
129425ca94
Fix session report bug when database disabled.
2018-10-24 14:48:03 +08:00
34ae9c38f9
added WebEx modules, arch check
2018-10-23 15:51:23 -05:00
efeacf8666
ensure os_flavor can be supplied for no Windows OS
2018-10-23 12:22:57 -05:00
b65f467ada
Land #10851 , add ndkstager to data/exploits
2018-10-23 12:04:57 -05:00
4182777488
Support SSH shell/exec channel request output
...
Looks like channel[:data] was initialized but never used.
2018-10-23 09:34:12 -05:00
f742d3bd9a
Land #10450 , Implementation of CTRL+Z in reverse shell session
...
Additionally, a check was added to disable this new functionality on
Windows command shell payloads.
2018-10-22 15:50:41 -05:00
dd5ac16240
re-add report
2018-10-22 15:42:47 -04:00
4426e4131a
remove unecessary include
2018-10-20 15:01:40 -04:00
da38dfb29a
Clarify we never receive CHANNEL_OPEN_FAILURE
2018-10-19 13:25:19 -05:00
cc283d9def
Add testing note about session channel opens
2018-10-19 13:13:22 -05:00
21397330f8
Refactor fortinet_backdoor copypasta
2018-10-19 00:07:18 -05:00
d1354cc1f7
Add libssh auth bypass packet
2018-10-18 23:03:23 -05:00
cf00f20e11
Update Net::SSH::CommandStream exception handling
2018-10-18 22:45:16 -05:00
64e257649f
cleanup module
2018-10-18 11:45:59 +08:00
290d4428c1
create git mixin
2018-10-18 11:31:31 +08:00
6fd53fcb6a
Fix whitespace further
2018-10-17 15:45:02 -05:00
1e1950c83d
Prefer keyword args after all
...
SINCE we've been using only the first two params, we're fine!
2018-10-17 15:41:19 -05:00
a453760aa4
Add PTY option to Net::SSH::CommandStream
...
This allows us to spawn a PTY for our shell session. Note that this will
write us to {u,w}tmp and lastlog, so use this option with care.
And yes, I did change the API, but up until now, we've been using only
the first two parameters. We should be using keyword args. /shrug
2018-10-17 15:40:13 -05:00
e78b760678
database host info from post modules
2018-10-17 12:43:05 -04:00
ef3b1df647
Fix regular
2018-10-17 18:34:35 +08:00
7b1b2198cb
resolve confiict.
2018-10-17 17:33:01 +08:00
5df6f11cfc
Enhance regular to match blank before include.
2018-10-17 16:20:10 +08:00
e8a08c9eeb
review changes
2018-10-16 20:59:42 -04:00
786629afc9
Land #10818 , Disable ERB templating for Metasploit::Framework::Compiler::Utils
2018-10-16 14:18:50 -05:00
32f4e2c9a0
add version and hostname to cisco config parser
2018-10-16 15:02:42 -04:00
69cd0a5ddc
Disable ERB templating for Metasploit::Framework::Compiler::Utils
2018-10-16 14:02:13 -05:00
854485a016
add bg command to meterpreter
2018-10-16 14:01:50 +00:00
1241041739
[Issue 6100] Add --pad-size option to msfvenom to prepend nopsled given total payload size
2018-10-15 14:46:16 -05:00
1e066df7fd
fix debug printing
2018-10-15 17:04:31 +08:00
f399b59ae4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into cisco_device_manager
2018-10-13 13:31:20 -04:00
46a3d065ce
fix indentation
2018-10-13 08:54:44 -04:00
aadefdbc82
Update msfvenom formatter to be case insensitive
2018-10-12 11:11:52 -04:00
4ae45cb20b
comment around why we do this, make check more explicit
2018-10-12 02:12:30 -05:00
e8097791fe
remove spaces at eol
2018-10-11 21:46:45 -04:00
d480a78b91
capture ephone creds
2018-10-11 21:21:53 -04:00
14e87bf06f
Baby come back
2018-10-11 11:10:36 -06:00
e207c225a2
Remove function entirely
2018-10-11 10:41:43 -06:00
5c061c02b9
Remove peer information from the prefix
2018-10-10 16:31:48 -06:00
3349ecf212
Land #10788 , Clarify "NameError: wrong constant name" message on invalid module name
2018-10-10 15:34:55 -05:00
0b8926715e
Reactively check for invalid module names
2018-10-10 14:33:59 -05:00
29f36a3921
Add Msf::ModuleLoadError exception
2018-10-10 14:22:40 -05:00
1737935dc0
Convert reverse_relative_name to a class method
...
It'll be easier to use this way if someone uses it externally.
2018-10-10 13:21:18 -05:00
12857a1d93
Land #10784 , Add 'evasion' to search help
2018-10-10 13:02:45 -05:00
Matthew Kienow
Brent Cook
William Vu
Garvit Dewan
Green-m
Wei Chen
Brendan Coles
asoto-r7
Jeffrey Martin
bwatters-r7
Stephen Haywood
James Barnett
Christopher Lee
Jacob Robles
Adam Cammack
Patrick
Erin Bleiweiss
Tim W
h00die
Christian Mehlmauer
Kevin Kirsche
Shelby Pace
Rich Whitcroft
Nate Caroe
Nate Caroe