infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
46,251 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2082 Commits (5e9bbb4bef9463c3072196550f55f3614ab77b66)

Author SHA1 Message Date
jgor 09772cb08a Add negotiate_auth step to login_scanner test 2017-12-18 12:27:11 -06:00
Brent Cook 90b97d6581 Merge branch 'upstream-master' into land-9151- 2017-12-15 14:15:14 -06:00
jgor 563cb6f18f Update method name in test 2017-12-14 17:17:41 -06:00
Brent Cook 55f56a5350
Land #9110, added -C option to change default hosts columns 2017-11-29 17:48:44 -06:00
christopher lee e0d8f8e8e9 Force cache load before test run 2017-11-21 14:43:44 -06:00
christopher lee a16cd5aade Clean up metadata store logic 2017-11-17 12:42:19 -06:00
christopher lee fe1af35107 First pass at changes needed for module metadata caching 2017-11-15 16:38:01 -06:00
Brent Cook 7895cbc413
Land #9157, Add missing ppce500v2 tests 2017-11-01 12:33:02 -05:00
Jeffrey Martin 553452c19d
add missing ppc500v2 payload specs 2017-11-01 12:00:03 -05:00
Jeffrey Martin cd114c90e0
remove no longer available bundler hack 
This address issue #9155 for bundler failures in TravisCI
 2017-11-01 11:52:41 -05:00
Pearce Barry 48975a4327
Support multiple suffixes on meterpreter extensions. 2017-10-31 10:04:34 -05:00
Jeffrey Martin cd755b05d5
update powershell specs for rex-powershell 0.1.77 2017-10-26 15:03:10 -05:00
Jeffrey Martin a402686d7a
add missing spec for singles/python/shell_bind_tcp 2017-10-25 14:58:49 -05:00
Jeffrey Martin 386e14828a
Land #8728, Psexec via PSH related fixes 2017-10-24 15:55:18 -05:00
Dave Farrow ecada96585 #9108: fixed unit test 2017-10-20 21:20:36 -07:00
Jeffrey Martin b83787c24c
make powershell spec more specific in expectations 2017-10-09 20:02:32 -05:00
James Barnett 56e95f15c9
Land #9024, fix bug when manually adding loot 
cmd_loot was throwing a stack trace when the host was not properly defined.
This fixes it to give a useful error message.
 2017-10-06 16:02:12 -05:00
bigendiansmalls 9ae8bdda1c
Added Bind Shell JCL Payload for mainframe 
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
 2017-09-29 16:52:36 -05:00
William Vu 0723477b49 Fix nil bug in loot -a and nix hostless loot 
Apparently you can't actually store hostless loot.
 2017-09-29 16:16:16 -05:00
James Barnett f88840e5b7
Move normaliize_host to a library method 
This method was in Msf::DbManager class but doesn't actually use the DB.
This required you to have a DB connection just to do the check.
Moved it out to a helper library so we have access to it without forcing
a DB connection.
 2017-09-28 16:59:44 -05:00
Jeffrey Martin 2c040d932c
add some missing payload specs 2017-09-18 15:45:00 -05:00
Adam Cammack 195c1e041f Update payload specs and sizes 
Adds the new Aarch64 and R payloads

fix merge
 2017-08-31 18:48:56 +08:00
Brent Cook b42a0759ce add missing specs 2017-08-28 05:30:07 -05:00
Brent Cook 22e245ac99 call from_r before checking packet output 2017-08-21 03:44:13 -05:00
Brent Cook 2a1daa6ffc prefer create_request, use StringIO over custom slice operators 2017-08-21 03:23:06 -05:00
Brent Cook 2660a5b558 add missing osx specs 2017-08-20 19:25:22 -05:00
Brent Cook 5e8c2200ac Merge branch 'master' into land-8625-crypttlv2 2017-08-20 18:54:51 -05:00
Brent Cook 47dc3772a7 add OptFloat datastore option 2017-08-08 19:06:51 -05:00
OJ d7e8b32312
Merge branch 'upstream/master' into transport-agnostic-packet-encryption 2017-08-08 17:30:51 +10:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
OJ 4f054d25fc
Fix packet spec problems 2017-07-03 18:12:38 +10:00
Brent Cook 79657f5b5b remove silly spec 2017-06-24 16:00:46 -05:00
David Maloney 3a445655ae
Land #8511, console search options 
lands sempervictus' console search command
enahncements and bug fixes
 2017-06-22 12:07:10 -05:00
William Webb 47a659f554
Land #8185, Convert ntp modules to bindata 2017-06-22 09:37:58 -05:00
OJ a48f0fcec6
Remove references to Meterpreter CRYPTO TLVs 
This feature wasn't supported, and so the TLVs are no longer needed.
 2017-06-19 16:53:33 +10:00
RageLtMan 42d1fae2e6 Upstream console search additions and fixes 
The -S flag for console commands, backed by search functionality
in Rex' tables, originally pushed upstream in #1604 (iirc), lacks
coverage for a number of commands which benefit a good deal from
inline filtering of the potentially large number of results.

Push more -S flags and surrounding table functionality upstream
to provide coverage for the console commands included in framework.

Include a fix for deleting hosts when DB references are a problem.

Include a fix for the upstream route command wherein scope must be
defined for the routing target by assuming a /32 without explicit
definition.

Note:
  With this in place, console behavior when filtering results is
roughly analagous to the R7 filtering in web UI, which should help
those of us trying to use both maintain corresponding workflows.

Testing:
  Used in-house for years, though changes to the diff from upstream
and our fork (expunging some internal code) are untested, so would
appreciate eyes and hands on.
 2017-06-16 20:28:51 -04:00
Brent Cook 11b99d954d update specs 2017-05-27 00:34:12 -05:00
Jeffrey Martin 4a43e9bcb2
add spec for reverse_ncat_ssl 2017-05-22 18:34:18 -05:00
darkbushido 2f507cf52b removing some test code 2017-05-04 12:57:50 -05:00
darkbushido fbf1db590e Adding a tests 
trying to find the first interface with a non local v4 ip address.
 2017-05-04 12:57:50 -05:00
darkbushido a6afd0b9bf adding in a new option type 
this will grab the first ipv4 address on a given iface
 2017-05-04 12:55:46 -05:00
Brent Cook a191e12241 update specs 2017-04-26 17:06:35 -05:00
William Vu df306c1543 Fix spec (the irony!) 2017-04-26 03:56:10 -05:00
David Maloney aa9c037307
fix spec for reals this time 2017-04-18 14:30:29 -05:00
David Maloney db246e6076
update spec 2017-04-18 14:19:29 -05:00
Brent Cook 67047cf770 Revert "Fixes MS-1716, keep sessions in progress alive." 
This reverts commit e5d0370a94.
 2017-04-16 15:52:22 -05:00
Brent Cook 42122d2835
Land #8238, move SMB2 support back into smb_login, add simpler permissions checks 2017-04-14 14:06:46 -05:00
David Maloney 91fb3ce6b8
collapse SMB2 support into smb_login 
converge the SMB and SMB loginscanners so that
there is only one SMB loginscanner that supports both

MS-2636
 2017-04-13 15:22:03 -05:00
bigendiansmalls fa8011fd07 New mainframe privesc payload for z/OS 
This module performs a privilege escaltion on mainframe systems
runing z/OS and using RACF for their security manager.  A user
with any non-privileged credentials and the ability to write to
an apf authorized library can use this payload to add "root level"
privileges (e.g. SPECIAL / BPX.SUPERUSER) to their profile.
 2017-04-11 15:04:44 -05:00
Brent Cook 5f88971ca9 convert NTP modules to bindata 2017-04-04 02:57:38 -05:00
William Vu 7de2aa1a63 Update Nmap parser to handle masscan 
masscan is missing <status>, meaning hosts aren't treated as alive.

Thanks to @jhart-r7 and @jlmurray for working on this previously.
 2017-04-03 02:26:14 -05:00
Brent Cook 4c0539d129
Land #8178, Add support for non-Ruby modules 2017-04-02 21:02:37 -05:00
David Maloney 40ab82eea2
add specs for the smb2 login scanner 
added some basic specs for the new smb loginscanner
class

MS-2557
 2017-03-29 13:46:20 -05:00
Adam Cammack 71df231918
Add new loader for arbitrary executables 
Still some kluges left in the shim and we have to hit the disk when
constructing the module path
 2017-03-28 10:27:12 -05:00
dmohanty-r7 92c0748447
Land #8102, Add a plugin to notify new sessions via SMS 2017-03-24 11:17:59 -05:00
wchen-r7 bb4d6e17c8 Resolve #8026, Add a plugin to notify new sessions via SMS 
This plugin will notify you of a new session via SMS.

It also changes the SMS text format to MIME.

Resolve #8026
 2017-03-13 16:13:59 -05:00
wchen-r7 2a5815749c Update rspec 2017-03-08 13:39:24 -06:00
wchen-r7 702d1c2b7e Fix bug for subject 2017-03-08 11:43:36 -06:00
wchen-r7 ed22902fd4 Support the subject field 2017-03-08 11:40:08 -06:00
wchen-r7 a634fec8b3 Fix typo 2017-03-07 16:51:17 -06:00
wchen-r7 dc36bc4a0d Add rspec 2017-03-07 16:49:42 -06:00
wchen-r7 6ad8afb8b3 Add API to send a text message (SMS) to mobile devices 2017-03-02 16:47:55 -06:00
Pearce Barry e5d0370a94
Fixes MS-1716, keep sessions in progress alive. 2017-02-24 12:56:05 -06:00
Tim 7f759384ab fix missing payloads_spec 2017-02-07 15:02:29 +08:00
Brent Cook 64e475a4ee
Land #7892, Enhance the creds command to allow creating logins 2017-02-03 11:53:46 -06:00
Jeffrey Martin 1bb8c9bd93
missed userpass_file on CredentialCollection.empty? 2017-02-01 15:42:21 -06:00
Jeffrey Martin 0dcf0002ae
refactor empty test on CredentialCollection 2017-01-31 15:16:26 -06:00
darkbushido 1fcd20b7ef
adding a spec to show creating a core and login 2017-01-30 12:11:31 -06:00
darkbushido c20cdc2943 cleaning up some of the specs 2017-01-30 10:43:28 -06:00
Brent Cook 4480ea7877
Land #7827, Cisco Firepower Management Console LoginScanner 2017-01-27 16:26:40 -06:00
wchen-r7 781bc8420a Add Advantech WebAccess LoginScanner module 2017-01-26 13:54:50 -06:00
bwatters 253e39e18c
Land #7680, Fix #7679, LoginScanner should abort if there is no creds to try 2017-01-23 14:08:32 -06:00
wchen-r7 d9ead4484e Mock :password 2017-01-23 13:42:30 -06:00
Jeffrey Martin 7cf812ed99 add rspec test for inspect on all TLV_TYPE objects 2017-01-23 09:19:53 -06:00
Brent Cook ac2ceca5e3
Land #7804, Switch the creds command to use named options 2017-01-22 10:49:19 -06:00
Brent Cook 99047fa8a1 be stricter in what we accept for payload uri 
datastore needs to contain something to produce a valid URI
 2017-01-22 10:20:04 -06:00
Brent Cook 66e9f1d334 fix doc normalizer spec 2017-01-22 10:20:04 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
wchen-r7 d7f43a2c66 Fix base_spec 2017-01-17 15:58:30 -06:00
wchen-r7 ecf246b380 Fix more prepended_creds issues 2017-01-17 15:41:24 -06:00
wchen-r7 9efa84298c Mock more methods for base_spec 2017-01-17 15:17:15 -06:00
wchen-r7 d79f4fbda2 Update cisco_firepower_spec 2017-01-17 13:33:56 -06:00
William Vu 77c78fa5f4 Move Rex::Text::Table workspace output to -v 2017-01-15 23:15:14 -06:00
William Vu 360ad26d9c Fix spec because I suck 2017-01-15 04:00:33 -06:00
wchen-r7 a687073416 Add Cisco Firepower Management Console LoginScanner 2017-01-13 16:59:20 -06:00
David Maloney 9b9d3127a8
cleanup leaked constants 
use constant cleaner
7824
 2017-01-12 15:49:24 -06:00
wchen-r7 08d529b818 Fix login_scanner_base rspec 2017-01-11 14:53:04 -06:00
wchen-r7 90c42b4740 Update rspec 2017-01-11 14:23:28 -06:00
wchen-r7 2377f17663 Fix typos 2017-01-11 14:05:22 -06:00
wchen-r7 9136e008bb Update rspec 2017-01-11 12:00:43 -06:00
wchen-r7 c97dba39f2 creds should mock these methods too 2017-01-11 11:48:52 -06:00
David Maloney 4029dbd5ca
try not to forget fixing the spec... 2017-01-10 14:33:18 -06:00
darkbushido 6bd2e03f37 dding realm tests showed a bug. its now squashed. 2017-01-09 13:04:34 -06:00
darkbushido fe3885f88a changing expect do end back to expect {} 2017-01-09 13:04:34 -06:00
darkbushido 30fe429ada fixing more whitespace issues 
converting double quotes to single
 2017-01-09 13:04:34 -06:00
darkbushido 0c3760a843 adding more tests 
rubocoping the file
 2017-01-09 13:04:34 -06:00
darkbushido 3674b25885 fixing the tests, more need to be added 2017-01-09 13:04:34 -06:00
darkbushido 18c7fc5a85 moving the cred tests out of the db tests 2017-01-09 13:04:34 -06:00
dmohanty-r7 5cba9b0034
Land #7747, Add LoginScanner module for BAVision IP cameras 2017-01-06 16:25:44 -06:00
David Maloney 2108913e77
target_host method had a name collision 
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
 2017-01-06 12:44:37 -06:00