e9b3502f98
Fix Net::SSH::CommandStream session open failure
...
I suspected this might be a problem for libssh servers.
2018-11-02 01:08:05 -05:00
8372007576
Prefer method_defined? for the class
2018-11-02 00:34:17 -05:00
c3311da6e2
Be specific about report_on_exception
2018-11-02 00:24:16 -05:00
0592420ea4
Fix thread exception reporting for Ruby 2.3.8
...
Thread::report_on_exception doesn't exist.
2018-11-01 18:59:23 -05:00
7cf384405e
only change thread behavior if on Ruby 2.5 or above
2018-11-01 18:24:12 -05:00
4dcb31f26b
only turn off thread reporting if it is already on
2018-11-01 18:08:52 -05:00
0b682b6300
Preserve old thread exception reporting behavior
...
https://ruby-doc.org/core-2.5.0/Thread.html#method-c-report_on_exception
2018-11-01 17:30:49 -05:00
08ec8e1ef9
Land #10553 , add x86/xor_dynamic and x64/xor_dynamic encoders
...
Merge branch 'land-10553' into upstream-master
2018-10-30 09:56:15 -05:00
06966312c1
Remove unused code
2018-10-30 00:40:33 -04:00
04e4c2941c
Remove unnecessary require
2018-10-30 00:19:21 -04:00
3c3022902f
Add JSON-RPC Client
2018-10-30 00:15:58 -04:00
24b1898e21
Fix comment
2018-10-29 23:27:50 -04:00
ffc193f49b
Issue #6100 : Finalized changes to pass rake spec Msf::PayloadGenerator
2018-10-26 13:06:37 -05:00
bd7c867485
Land #10862 , fix issue with session reporting when DB is disabled
2018-10-26 10:58:06 -05:00
eb9dd311ce
Add check that data service is active
2018-10-25 23:07:31 -04:00
2f8aacbf8d
Remove debug output
2018-10-25 14:44:11 -04:00
64f8852797
Use data_service_operation block to perform work
...
This fixes the session report issue when the database is disabled,
because no exceptions are thrown from the DataProxy under these
conditions.
2018-10-25 14:38:13 -04:00
7f8aeeb498
Raise RuntimeError rather than Exception
2018-10-25 14:29:24 -04:00
8e2d6a62b1
Add block process data service operation method
2018-10-25 14:24:47 -04:00
6920470f99
Land #10821 , Enhance windows compiler w/ new functions
2018-10-24 20:28:36 -05:00
2ab9a003d4
Land #10864 , Add Cisco WebEx RCE Modules
2018-10-24 16:20:00 -05:00
b875a102fe
remove report_host data for another PR
2018-10-24 16:26:38 -04:00
4dd2147d60
Land #10857 , ensure os_flavor can be supplied for non Windows OS
2018-10-24 14:28:32 -05:00
3c5aa93a0d
Fix for style consistency.
2018-10-24 15:17:37 +08:00
129425ca94
Fix session report bug when database disabled.
2018-10-24 14:48:03 +08:00
34ae9c38f9
added WebEx modules, arch check
2018-10-23 15:51:23 -05:00
efeacf8666
ensure os_flavor can be supplied for no Windows OS
2018-10-23 12:22:57 -05:00
b65f467ada
Land #10851 , add ndkstager to data/exploits
2018-10-23 12:04:57 -05:00
4182777488
Support SSH shell/exec channel request output
...
Looks like channel[:data] was initialized but never used.
2018-10-23 09:34:12 -05:00
f742d3bd9a
Land #10450 , Implementation of CTRL+Z in reverse shell session
...
Additionally, a check was added to disable this new functionality on
Windows command shell payloads.
2018-10-22 15:50:41 -05:00
dd5ac16240
re-add report
2018-10-22 15:42:47 -04:00
4426e4131a
remove unecessary include
2018-10-20 15:01:40 -04:00
da38dfb29a
Clarify we never receive CHANNEL_OPEN_FAILURE
2018-10-19 13:25:19 -05:00
cc283d9def
Add testing note about session channel opens
2018-10-19 13:13:22 -05:00
21397330f8
Refactor fortinet_backdoor copypasta
2018-10-19 00:07:18 -05:00
d1354cc1f7
Add libssh auth bypass packet
2018-10-18 23:03:23 -05:00
cf00f20e11
Update Net::SSH::CommandStream exception handling
2018-10-18 22:45:16 -05:00
64e257649f
cleanup module
2018-10-18 11:45:59 +08:00
290d4428c1
create git mixin
2018-10-18 11:31:31 +08:00
6fd53fcb6a
Fix whitespace further
2018-10-17 15:45:02 -05:00
1e1950c83d
Prefer keyword args after all
...
SINCE we've been using only the first two params, we're fine!
2018-10-17 15:41:19 -05:00
a453760aa4
Add PTY option to Net::SSH::CommandStream
...
This allows us to spawn a PTY for our shell session. Note that this will
write us to {u,w}tmp and lastlog, so use this option with care.
And yes, I did change the API, but up until now, we've been using only
the first two parameters. We should be using keyword args. /shrug
2018-10-17 15:40:13 -05:00
e78b760678
database host info from post modules
2018-10-17 12:43:05 -04:00
ef3b1df647
Fix regular
2018-10-17 18:34:35 +08:00
7b1b2198cb
resolve confiict.
2018-10-17 17:33:01 +08:00
5df6f11cfc
Enhance regular to match blank before include.
2018-10-17 16:20:10 +08:00
e8a08c9eeb
review changes
2018-10-16 20:59:42 -04:00
786629afc9
Land #10818 , Disable ERB templating for Metasploit::Framework::Compiler::Utils
2018-10-16 14:18:50 -05:00
32f4e2c9a0
add version and hostname to cisco config parser
2018-10-16 15:02:42 -04:00
69cd0a5ddc
Disable ERB templating for Metasploit::Framework::Compiler::Utils
2018-10-16 14:02:13 -05:00
854485a016
add bg command to meterpreter
2018-10-16 14:01:50 +00:00
1241041739
[Issue 6100] Add --pad-size option to msfvenom to prepend nopsled given total payload size
2018-10-15 14:46:16 -05:00
f399b59ae4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into cisco_device_manager
2018-10-13 13:31:20 -04:00
46a3d065ce
fix indentation
2018-10-13 08:54:44 -04:00
aadefdbc82
Update msfvenom formatter to be case insensitive
2018-10-12 11:11:52 -04:00
4ae45cb20b
comment around why we do this, make check more explicit
2018-10-12 02:12:30 -05:00
e8097791fe
remove spaces at eol
2018-10-11 21:46:45 -04:00
d480a78b91
capture ephone creds
2018-10-11 21:21:53 -04:00
14e87bf06f
Baby come back
2018-10-11 11:10:36 -06:00
e207c225a2
Remove function entirely
2018-10-11 10:41:43 -06:00
5c061c02b9
Remove peer information from the prefix
2018-10-10 16:31:48 -06:00
3349ecf212
Land #10788 , Clarify "NameError: wrong constant name" message on invalid module name
2018-10-10 15:34:55 -05:00
0b8926715e
Reactively check for invalid module names
2018-10-10 14:33:59 -05:00
29f36a3921
Add Msf::ModuleLoadError exception
2018-10-10 14:22:40 -05:00
1737935dc0
Convert reverse_relative_name to a class method
...
It'll be easier to use this way if someone uses it externally.
2018-10-10 13:21:18 -05:00
12857a1d93
Land #10784 , Add 'evasion' to search help
2018-10-10 13:02:45 -05:00
e829c6a838
Land #10786 , Fix 'show evasion' command
2018-10-10 13:01:35 -05:00
1a0df7ce07
Land #10787 , Remove unused 'unknown' author mapping in author.rb
2018-10-10 13:01:05 -05:00
63bcbdc8db
Remove unknown author mapping in author.rb
...
No one was using it and instead writing "Unknown" directly. It was also
producing an invalid e-mail address.
2018-10-10 11:59:01 -05:00
b103ea256d
Fix #10785 , incorrect implementation of "show evasion" command
...
Fix #10785
2018-10-10 10:20:12 -05:00
a6797f101d
Add 'evasion' to search help
2018-10-10 20:15:47 +05:30
ba0bfb1114
Land #10781 , Fix error in rpc_shell_read RPC method.
2018-10-10 09:02:47 -05:00
50755b2e00
Fix function rpc_shell_read - return result as string
2018-10-10 11:36:17 +02:00
36b7fb3524
Fix function rpc_shell_read - remove wrong parameter data, return correct values
2018-10-10 11:31:03 +02:00
7f2aa8ca4e
Land #10770 , show full path for webcam_stream file
2018-10-09 05:32:32 -05:00
6c74820843
Land #10773 , session.platform TypeError fix
...
This also adds an "unknown" platform class.
2018-10-08 14:38:31 -05:00
ccfdfb6a5c
Clean up new "unknown" platform and current use
2018-10-08 14:31:31 -05:00
edea3c45cd
dont append nothing
2018-10-08 13:23:54 -04:00
023f7db9ba
explicitly declare rank 0
2018-10-08 13:16:14 -04:00
cd9ef01c9a
add default case unknown platform and new cisco ios proof
2018-10-08 13:07:45 -04:00
e937f5fee1
to_s platform
2018-10-08 11:39:31 -04:00
71a6d802e8
show full path
2018-10-08 10:27:56 -04:00
c6dddaa481
Support automatic payload choice
2018-10-06 20:28:41 -05:00
c7efd57144
Sync up with master
2018-10-06 08:27:01 -05:00
15d8cbbff6
Land #10744 , Add AUDIO_EFFECTS to distinguish from others
2018-10-05 16:51:36 -05:00
6efadb5f2d
Further clarify {AUDIO,PHYSICAL}_EFFECTS
2018-10-05 16:03:21 -05:00
4363bd830b
Land #10755 , 50, it's a magic number (sorry 2)
2018-10-05 15:04:20 -05:00
2e7ac9f449
Land #10751 , session interaction fix for RHOSTS
2018-10-05 14:37:10 -05:00
938139d23c
Add vi and more for hysterical raisins
2018-10-05 14:21:44 -05:00
25147c49e8
Bump fallback pager in log command to tail -n 50
...
24 is never enough. Unless you're Jack Bauer.
(The 24 comes from the VT100. :)
2018-10-05 14:05:54 -05:00
eb0febc86c
Land #10729 , Namespace modules using full name instead of hex
2018-10-05 11:40:50 -04:00
f6306254ce
Land #10746 , Fix RPC module.payloads method performance
2018-10-05 11:30:46 -04:00
3ec71ed549
Fix issue that not interact with session.
2018-10-05 17:30:38 +08:00
4a4c759a4b
add ndkstager to data/exploits
2018-10-05 15:10:21 +08:00
08c196c5d5
show the output of apktool if injection fails
2018-10-05 14:11:36 +08:00
06700efbc4
Skip payload generate to reduce processing time
2018-10-04 22:06:32 -04:00
9e512b0246
Clarify {SCREEN,AUDIO,PHYSICAL}_EFFECTS
2018-10-04 14:20:26 -05:00
566d540b87
Add AUDIO_EFFECTS to distinguish from others
2018-10-04 14:06:50 -05:00
9f30512532
Land #10707 , module traits to augment module rank
2018-10-04 13:26:14 -05:00
f5190525fc
support for multiple module types
2018-10-04 13:20:47 -05:00
a4509c1757
Land #10739 , Remove unneeded UserServlet from JSON-RPC App
2018-10-04 08:28:35 -05:00
e9ef18bff6
Land #10735 , Enhance RPC module information retrieval
2018-10-04 08:21:58 -05:00
ff0ee51da1
Land #10686 , ARGS, TIMEOUT, and output to upload_exec module
...
Merge remote-tracking branch 'upstream/pr/10686' into upstream-master
2018-10-04 04:28:02 -05:00
5e5e663812
Merge pull request #44 from wvu-r7/pr/10707
...
Add PHYSICAL_EFFECTS constant from Will.
2018-10-03 23:37:34 -05:00
92ac5635b1
Support module documentation
2018-10-03 23:35:30 -05:00
97ebc832f0
Clarify target of PHYSICAL_EFFECTS
2018-10-03 20:34:24 -05:00
fa92808cc6
Add PHYSICAL_EFFECTS constant
2018-10-03 20:32:00 -05:00
d69ae54835
Remove unneeded UserServlet
2018-10-03 16:40:37 -04:00
18d6cc0ee0
Add support for info command
2018-10-03 15:19:08 -05:00
ccad78d567
Fix spelling mistake
2018-10-02 14:11:02 -04:00
d807600ebe
Enhance RPC information retrieval
...
Add the ability to retrieve additional module information for payloads,
encoders and nops. Add ability to filter these modules by architectures.
2018-10-02 13:38:07 -04:00
9c120ef123
Land #10699 , Avoid double-closing meterpreter channels
2018-10-02 09:46:43 -05:00
b3dca6081d
Land #10720 , better handle errors with multi-host exploits
2018-10-02 05:28:57 -05:00
304acd42f0
minor comment tweaks
2018-10-02 05:23:13 -05:00
2c0d4de70b
Land #10732 , add api key for android wlan_geolocate
2018-10-02 05:09:10 -05:00
b993d74f6c
minor tweak
2018-10-02 11:41:58 +08:00
4d51bace42
fix android wlan_geolocate
2018-10-02 11:26:46 +08:00
46e7b8ac98
Namespace modules using full name instead of hex
2018-10-01 18:32:23 -05:00
7842174d8b
Fix loading external modules without notes
2018-10-01 12:41:39 -05:00
1b93363588
Change the error message when interrupt exploit.
2018-09-30 16:09:00 +08:00
90b98a193c
Refactor the rhosts for exploit modules.
2018-09-30 16:08:49 +08:00
5dcb6ab321
fix typo in route command examples
2018-09-28 16:53:12 -05:00
572d430429
Land #10682 , add JSON RPC framework and msfrpc v1.0 API endpoints
2018-09-28 15:21:02 -05:00
c22ec85d9c
Land #10703 , Update payloads to include the new Kiwi release
2018-09-28 14:43:51 -05:00
5f5b334493
Call keyword argument methods with params hash
2018-09-28 11:11:18 -04:00
60bd00ee5b
Move prepare_params method to v1.0 RpcCommand
...
The method was created to support RPC v1.0 (v10) processing and should
not be necessary for future RPC versions.
2018-09-28 10:51:10 -04:00
0686c76cd5
Restore help on empty args for reload_lib
2018-09-27 23:21:43 -05:00
11538bcd4f
Remove pathspec due to vague errors
...
"error: Could not access '*.rb'" is printed when not a repo. We fall
back on reload_file's checks, once again. :(
2018-09-27 22:12:56 -05:00
ab56ac6655
Refactor and clean up reload_lib -a and others
2018-09-27 22:11:22 -05:00
3ca95933a1
Update help text.
2018-09-27 13:13:25 -05:00
64c86ef4de
Add support for working outside install directory
2018-09-27 13:05:23 -05:00
a2694555d0
Change typo
2018-09-27 12:45:17 -05:00
974a727862
Update comment
2018-09-27 12:32:43 -05:00
086e2b311b
Update constants
2018-09-27 12:31:04 -05:00
7ba73ef658
Check for valid files in git command
2018-09-27 12:01:04 -05:00
c5c1706636
Acutally, get rid of git? check
2018-09-27 11:14:01 -05:00
7f9b9be78b
Allow git? to return true
2018-09-27 11:12:10 -05:00
31e9b831d8
Change constant name
2018-09-26 21:42:00 -05:00
e34371c7d3
Add a newline
2018-09-26 21:19:49 -05:00
c0ddbba049
rm junk code
2018-09-26 21:19:16 -05:00
9064fac1ff
Fix code based on Will's feedback
2018-09-26 21:13:37 -05:00
583874d370
Update use of reliability/side-effects/stability metadata
2018-09-26 18:54:08 -05:00
0e2361d675
Use friendly error messages and also Open3.capture2e
2018-09-26 18:49:07 -05:00
bbfac2af1c
Fix copypasta typo
2018-09-26 18:46:43 -05:00
5444d7a1a5
Update chmod_x_file to chmod
2018-09-26 18:46:42 -05:00
896dd13bbe
&& instead of and
2018-09-26 18:46:42 -05:00
4adca52103
create chmod helper function
2018-09-26 18:46:42 -05:00
79c26bce08
Add a more comprehensive git check
2018-09-26 18:32:52 -05:00
173f570812
Check for presence of git directory
2018-09-26 18:29:49 -05:00
71cb3e8e94
Use OptionParser
2018-09-26 18:08:46 -05:00
William Vu
Brent Cook
bwatters-r7
Matthew Kienow
Patrick
James Barnett
Wei Chen
h00die
Green-m
Shelby Pace
Jeffrey Martin
asoto-r7
Tim W
Jacob Robles
Rich Whitcroft
Kevin Kirsche
Nate Caroe
Nate Caroe
Auxilus
Ivo Nutár
jgor
Erin Bleiweiss