Commit Graph

39287 Commits (5c447a6b13de331c8d1066d21f506fbbfbcc179c)

Author SHA1 Message Date
James Lee c3e8f81982
Land #7038, zutto_deriku, an x64 encoder 2016-07-12 13:46:55 -05:00
wchen-r7 af3ac60e28
Land #7087, Fix Beholder migration with multiple users 2016-07-12 11:48:33 -05:00
William Vu 310332b521 Clean up module 2016-07-12 11:17:10 -05:00
wchen-r7 b869b890c7
Land #7090, Add module for Tikiwiki Upload Exec 2016-07-12 11:16:50 -05:00
wchen-r7 2471e8bc8c Add FileDropper to cleanup properly 2016-07-12 11:16:18 -05:00
William Vu 277950cc79
Land #6733, psexec StackAdjustment fix 2016-07-12 11:14:16 -05:00
wchen-r7 f6751f3c90 Fix typos 2016-07-12 10:56:41 -05:00
thao doan a79f6fccad Land #7092, Added minor changes to the Windows Meterpreter docs 2016-07-12 08:15:28 -07:00
Mehmet Ince 43833c8756
Fixing double normalize function call 2016-07-12 07:30:18 +03:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Pearce Barry 7b1d9596c7
Land #7068, Introduce 'mettle' - new POSIX meterpreter 2016-07-11 22:38:40 -05:00
Brent Cook 117a0945b1
Land #7079, Import, sign, and publish signed dev keys 2016-07-11 22:19:45 -05:00
Brent Cook 627fffdb08
Land #7089, correct usage of OptPort and OptRegex 2016-07-11 22:13:27 -05:00
Brent Cook 128f802928 use the regex source when generating or displaying a regex 2016-07-11 22:05:50 -05:00
Brent Cook 79fd648bbe don't double-encapsulate regexes on normalize 2016-07-11 22:05:00 -05:00
wchen-r7 6ab0dbc321 fix header 2016-07-11 15:34:14 -05:00
wchen-r7 2c7ffcc3a8 Update windows/meterpreter/reverse_tcp doc about sleep control 2016-07-11 15:32:49 -05:00
khr0x40sh 7211936f96 Fix Payload exit issue
Fixed payload exiting issue by adding while ($true){Start-Sleep 1000};
statement.
2016-07-11 16:21:08 -04:00
wchen-r7 8817de793a Add module documentation for windows/meterpreter/reverse_https 2016-07-11 15:18:18 -05:00
Mehmet Ince fc56ab6722
Fixing some coding style because of rubocop 2016-07-11 23:10:18 +03:00
Brendan 47f2cef22e Syntax changes to humor rubocop and ruby style 2016-07-11 12:50:58 -07:00
Mehmet Ince e79c3ba7c0
Tiki Wiki unauth rce 2016-07-11 22:44:07 +03:00
William Vu 108c3961e2 Make sure GATEWAY_PROBE_PORT is 0
This ensures that dst_port is set for UDPSocket#send.
2016-07-11 12:10:46 -05:00
Brendan 963437d5e7
Land #7063, Add module for WebNMS 5.2 Arbitrary File Download 2016-07-11 10:05:21 -07:00
Brendan c2a5da08af
Land #7064, Add moule to steal creds from WebNMS 5.2 2016-07-11 06:38:50 -07:00
Josh Hale ffa340500f Tweek migration - Check rights to process before migrate 2016-07-10 19:05:59 -05:00
William Webb 52c6daa0f2
Land #7048, Riverbed SteelCentral NetProfiler and NetExpress Remote
Command Injection
2016-07-10 18:54:12 -05:00
Francesco b75084249a Removed duplicate 'Privileged' key 2016-07-10 01:37:03 -04:00
William Webb 92a592d303
Land #7083, Fix description for linux/misc/mongod_native_helper.rb 2016-07-09 14:25:47 -05:00
h00die fdce5bc30c add disclosure date 2016-07-09 09:30:00 -04:00
Pedro Ribeiro 0a40e7d8f5 Merge pull request #28 from bwatters-r7/updates-7063
Added error checking and some suggested style changes
2016-07-09 12:49:56 +01:00
Pedro Ribeiro 55f27fb6fe Merge pull request #27 from bwatters-r7/changes-7064
Added version check and error handling, changed regex to ruby syntax.
2016-07-09 12:47:46 +01:00
sho-luv 25f49c0091 Fixed Description
Just cleaned up Description.
2016-07-08 16:17:39 -07:00
William Webb 202969fae9
Land #7081, Add module documentation for linux/x86/meterpreter/reverse_tcp 2016-07-08 15:51:27 -05:00
Metasploit 48410f3ab2
Bump version of framework to 4.12.13 2016-07-08 10:01:58 -07:00
Brendan bbe4162320 Added error checking and some suggested style changes 2016-07-08 08:27:56 -07:00
wchen-r7 d0e1c67c18
Land #7026, Add Action Pack render exploit CVE-2016-2098 2016-07-07 16:16:37 -05:00
wchen-r7 201750a31b Add documentation for rails_actionpack_inline_exec 2016-07-07 16:15:51 -05:00
wchen-r7 2cc6565cc9 Update rails_actionpack_inline_exec 2016-07-07 15:56:50 -05:00
Brendan 09dcd1dade Added version check and error handling, changed regex to ruby syntax.
Also made a few syntax changes to placate rubocop.
2016-07-07 10:35:18 -07:00
wchen-r7 deecb24967 Update doc 2016-07-07 11:43:03 -05:00
wchen-r7 54fa43030d Add module documentation for linux/x86/meterpreter/reverse_tcp 2016-07-07 11:39:28 -05:00
h00die 892f354ece give me some credit 2016-07-06 21:39:45 -04:00
h00die 47cf6d5edf better docs, extract more data 2016-07-06 21:28:57 -04:00
Brent Cook 1c8556d8e0 add mettle payload tests 2016-07-06 15:53:20 -05:00
Brent Cook a362d8b9c8 update payload test generator to work with MetasploitModules 2016-07-06 15:53:06 -05:00
wchen-r7 fee361dae0
Land #7075, Add ms16-016 local privilege escalation 2016-07-06 12:01:01 -05:00
wchen-r7 532ea5d4c4 Make sure there's a ref and checkcode 2016-07-06 12:00:20 -05:00
Tod Beardsley 7a321c7350
Import, sign, and publish signed dev keys
This largely automates the process of importing developer keys,
much like `import-dev-keys.sh`, but also takes the additional, sadly
manual step of signing the key with your default key, and uploading
those keys to https://sks-keyservers.net.

In effect, you are stating that you trust keys published on keybase.io
and are listed as such on the official Metasploit-Framework development
wiki.

If your own default key either has no passphrase, or has a passphrase
cached in a keymanager, the process merely requires you hit `y` for
every key, and `y` again for keys with multiple IDs. Otherwise, you
will need to provide your passphrase for each signing. Temporarily
removing the passphrase alleviates this pain.

Of course, this assumes you actually trust the development wiki
and keybase to do the right thing. The tradition is to individually
verify each key through some personally invented means, such as in
person with a government ID check.

Note that `import-dev-keys.sh` currently lists a number of keys
not on Keybase, and that functionality has not been carried over
to this script.
2016-07-06 10:33:02 -05:00
Spencer McIntyre c23be2bb79
Land #7077, add module doc for py/met/rev_tcp 2016-07-06 11:22:43 -04:00