Commit Graph

7520 Commits (537c7e790e030329c8052c188cc6450cd09001e3)

Author SHA1 Message Date
James Lee 537c7e790e
Use vprint_status instead of reimplementing it 2016-01-28 12:51:20 -06:00
James Lee 0f7e3e954e
HttpServer's print prefix with... wait for it...
print_prefix
2016-01-20 13:44:18 -06:00
James Lee a7869975d8
Remove useless variable 2016-01-14 10:04:23 -06:00
James Lee 1f61eb50be
Sort methods 2016-01-14 09:09:29 -06:00
Manuel Mancera 4ab58caa93 Fix the help option for vulns command 2016-01-11 22:19:44 +01:00
Brent Cook eb0b66a4cf
Land #6390, report exceptions on bind/listen failure 2016-01-06 21:44:06 -06:00
James Lee 2dd59a932b
Clean up some warnings 2016-01-04 16:02:43 -06:00
James Lee 05d8f9d186
Make sure addr is not nil
See http://ruby-doc.org/stdlib-2.2.2/libdoc/socket/rdoc/Socket/Ifaddr.html#method-i-addr
Which says:
    Returns the address of *ifaddr*. nil is returned if address is not
    available in *ifaddr*.

I ran into this with a teql interface, but who knows what else might
trigger it.
2016-01-04 15:58:03 -06:00
Brent Cook bcd1a6d45e make JSON key format a little more standard, emit options 2015-12-30 16:00:09 -06:00
Chris Doughty 2a0ae144df Fixup rubocop warnings for cleanup purposes 2015-12-30 14:33:02 -06:00
Chris Doughty bb857e7a33 Add new line after json output for cleaner usability 2015-12-30 14:32:31 -06:00
Chris Doughty 3f98511d7c Cleanup logic to force an output type 2015-12-29 15:11:16 -06:00
Chris Doughty 29ea553e03 Adding a json formatting option to the info command 2015-12-29 13:57:35 -06:00
Jon Hart beb2fa9f92
Use bind_addresses rather than bind_address; fixes #6394 2015-12-24 09:20:21 -08:00
Jon Hart efdb6a8885
Land #6392, @wchen-r7's 'def peer' cleanup, fixing #6362 2015-12-24 08:53:32 -08:00
Brent Cook 17ad41070b
Land #6380, allow linux x86 meterpreter in the pref list 2015-12-23 16:10:26 -06:00
Brent Cook e4f9594646
Land #6331, ensure generic payloads raise correct exceptions on failure 2015-12-23 15:43:12 -06:00
wchen-r7 cea3bc27b9 Fix #6362, avoid overriding def peer repeatedly
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7 a16a10aaf6 Fix #6371, being able to report an exception in #job_run_proc
Fix #6371

When a browser fails to bind (probably due to an invalid port or
server IP), the module actually fails to report this exception from
exception, the method calls exploit.handle_exception(e). But since
handle_exception is not a valid method for that object, it is unable
to do so, and as a result the module fails to properly terminate
the module, or show any error on the console. For the user, this will
make it look like the module has started, the payload listener is up,
but there is no exploit job.

Rex::BindFailed actually isn't the only error that could be raised
by #job_run_proc. As far as I can tell registering the same resource
again could, too. With this patch, the user should be able to see this
error too.

Since the exploit object does not have access to the methods in
Msf::Simple::Exploit, plus there is no other code using
handle_exception and setup_fail_detail_from_exception, I decided
to move these to lib/msf/core/exploit.rb so they are actually
callable.
2015-12-22 16:35:29 -06:00
Brent Cook 3f4c6eb370
Land #5383, allow tunneling reverse_tcp meterpreter sessions without 'route add' 2015-12-22 15:42:42 -06:00
wchen-r7 fa390358a2 Add linux/x86/meterpreter/reverse_tcp to the preference list
linux/x86/meterpreter/reverse_tcp was not added to the preference
list, because at the time it was reliable. For example: it would
crash while running a post module. This is not the case anymore,
so it looks like linux/x86/meterpreter/reverse_tcp is ready to
serve.
2015-12-21 23:09:54 -06:00
wchen-r7 2cc54a7a43 Make joomla.xml go first
Reason is here:
https://github.com/rapid7/metasploit-framework/pull/6373#issuecomment-166446092
2015-12-21 22:59:13 -06:00
wchen-r7 17b67b8f1b Add trailing / 2015-12-19 17:18:34 -06:00
wchen-r7 5ff02956c9 Lower joomla.xml 2015-12-19 13:46:13 -06:00
wchen-r7 0fda963601 Have multiple paths to find the generator tag 2015-12-19 13:45:41 -06:00
wchen-r7 6dada5f20f add another we can check
administrator/manifests/files/joomla.xml
2015-12-19 12:06:06 -06:00
wchen-r7 7d8ecf2341 Add Joomla mixin 2015-12-18 21:14:04 -06:00
Jon Hart b78f7b4d55
Land #6319, @all3g's module for abusing redis to achieve file uploads 2015-12-14 18:00:44 -08:00
Jon Hart 6611da9239
strip, not stripgit diff. strip! returns nil if the string was unmodified 2015-12-11 19:22:57 -08:00
Jon Hart dcdc21e2db
Correct unbalanced quotes
You down with OCD (Yeah you know me).
2015-12-11 18:44:14 -08:00
Jon Hart e23908d672
Improve verbose output related to authentication handling 2015-12-11 18:32:00 -08:00
Jon Hart 1a0f71b6fa
Try to catch case where post-auth commands are failing 2015-12-11 17:23:03 -08:00
Jon Hart 9cec3d9e6b
Move redis password option to non-advanced 2015-12-11 17:03:49 -08:00
Jon Hart 1fecd9846c
Bury some helper methods behind private 2015-12-11 10:13:13 -08:00
Jon Hart 9ef46140c0
Improve output when success 2015-12-11 10:10:44 -08:00
Jon Hart 32a64c3d8e
Make auth easier, work automatically and on older redis versions
Also, improve check
2015-12-11 10:04:47 -08:00
Jon Hart ac47c87af4
Move Password option to redis mixin 2015-12-11 08:53:11 -08:00
Jon Hart 38d0b0a0f2
Wire in @all3g's redis auth code 2015-12-11 08:42:59 -08:00
Jon Hart 555e52e416
Document the redis upload process more 2015-12-10 09:35:46 -08:00
Jon Hart 00f72b279b
Cleaner printing when in verbose 2015-12-10 09:12:54 -08:00
Jon Hart 21ab4e96e5
First pass at redis mixin 2015-12-10 08:29:59 -08:00
wchen-r7 07ef09e0b6 Avoid Msf::Module::Platform
We don't know how to generate an exe payload if the platform is
Msf::Module::Platform, so don't use it.
2015-12-08 21:40:30 -06:00
wchen-r7 9e52663705 Doc
Fix #6330
2015-12-08 21:24:39 -06:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
2015-12-08 21:13:23 -06:00
wchen-r7 5b27d3a99c This looks right 2015-12-08 20:42:35 -06:00
wchen-r7 cea8c40432 Fix generate_payload_exe for generic payload support
Platform can be seen from different sources:

1. From the opts argument. For example: When you are using
   generate_payload_exe, and you want to set a specific platform.
   This is the most explicit. So we check first.

2. From the metadata of a payload module. Normally, a payload module
   should include the platform information, with the exception of
   some generic payloads. For example: generic/shell_reverse_tcp.
   This is the most trusted source.

3. From the exploit module's target.

4. From the exploit module's metadata.

Architecture shares the same load order.
2015-12-08 20:26:07 -06:00
wchen-r7 080ec26afb
Land #4489, Update SMB admin modules to use Scanner & fixes 2015-12-08 14:49:26 -06:00
wchen-r7 14b1b3a1f0
Land #6299, Stageless HTTP(S) Python Meterpreter 2015-12-04 16:16:54 -06:00
Sonny Gonzalez d7aeabbb71
Land #6293, listener bind_port fix 2015-12-02 13:16:23 -06:00
jvazquez-r7 58cf9f4fcd
Land #6301 for sure, @busterb's REALLY wants to delete go_pro :) 2015-12-02 09:38:40 -06:00