81d00fa5b7
Fix edge cases in workspace update
2018-04-18 12:56:38 -05:00
3611a1dfe4
Update rex-text version
2018-04-18 10:40:11 -05:00
d4a2703ff1
Dont stop host parsing if id tag found
...
Also make clarify 'bl' variable name.
2018-04-18 10:12:12 -05:00
00d0beb188
use deep copy
2018-04-18 02:34:48 -10:00
09e86bfbd0
define merge and merge! on datastore to also merge aliases
2018-04-18 02:27:57 -10:00
c9fd5a7d2d
Add yama_installed?, yama_enabled? and selinux_enforcing?
2018-04-18 07:22:20 +00:00
a5588ec174
use same datastore retry option for x86 and x64 linux stagers
2018-04-17 15:57:54 -10:00
ff9c55207e
Move crypto methods to Rex::Crypto namespace
2018-04-17 20:12:26 -05:00
77558cd2d7
Remove unused code
2018-04-17 14:28:28 -05:00
3da48dbb10
Fix bug caused by last commit
2018-04-17 13:38:38 -04:00
7bfaae0919
Update system.rb
...
Fix get_listening_ports bug
2018-04-17 13:35:25 -04:00
82798424b2
Support getting a workspace via id
...
Also implements a helper method to sanitize sinatra injected
params since it was causing issues downstream. Updated each
use of sinatra params to use this helper method.
2018-04-17 12:35:22 -05:00
85b09a162a
Add some efficiency improvements
2018-04-17 12:09:46 -04:00
b569498250
Address more code review comments
2018-04-17 10:52:56 -05:00
a8a95a03a3
Implement remote workspace delete
2018-04-17 10:19:40 -05:00
d91ef7c9dc
Add strip to protected_* methods
2018-04-17 11:04:08 -04:00
f27490dc61
Address PR suggestions and add comments
2018-04-16 16:45:23 -05:00
68ad91763a
Merge branch 'rapid7/master' into MS-3062_workspaces
2018-04-16 15:33:59 -05:00
2ef451c349
Land #9873 , add notes functionality to remote datastore
...
This PR enables create, update, and delete functionality for the notes
command and data model when using a remote data service.
2018-04-16 15:03:27 -05:00
e283f109a7
Remove commented out code
2018-04-16 14:14:46 -04:00
74cb9c38b2
Change source for host address value in output
2018-04-16 14:09:19 -04:00
f3ee870d72
Remove selinux_enforcing? method
2018-04-16 12:16:00 +00:00
5bc24d048c
Remove kaslr_enabled? method
2018-04-16 11:51:15 +00:00
a1a4c636fb
strip
2018-04-16 10:22:41 +00:00
4de9f84dd4
fix no method error for Failure::Unknown
2018-04-16 13:51:32 +05:30
f0b9ea635a
cleanup psexec code
2018-04-16 09:04:36 +05:30
b5c8b2ed19
Add kaiser_enabled? and kaslr_enabled? methods
2018-04-15 06:53:00 +00:00
78daa283c7
Add new methods to Msf::Post::Linux::Kernel lib
2018-04-14 07:33:29 +00:00
47a324815d
Land #9872 , Fix JSONRPC fields in external modules
2018-04-13 15:00:26 -05:00
daf67999d6
Raise NotImplementedError in NoteDataService stubs
2018-04-13 12:07:35 -04:00
e65de2b56f
Conform to JSONRPC 2.0 spec in external modules
...
Responses to queries had a `response` field instead of the required
`result` field.
2018-04-12 16:55:27 -05:00
37479d8fd4
Modify notes search to handle serialized data
...
Initial Goliath notes search implementation attempted to use Arel and
decode base64 serialized data column, however, this was not without
issue. Updated implementation retrieves all records that match
conditions, thus data has been deserialized and then filters using
specified search term.
2018-04-12 17:37:16 -04:00
d2a683d2df
Add whitespace and update help
2018-04-12 15:39:04 -05:00
0b3f50ea80
show help when no arguments provided to `search`
2018-04-13 01:27:22 +05:30
4e49b99783
Add cmd notes option to sort by column number
2018-04-12 15:56:42 -04:00
f60bbdd831
Remove cmd notes make_sortable helper method
2018-04-12 10:51:03 -04:00
bf8c62f27c
change `if !` to `unless`
2018-04-12 09:54:57 -04:00
5923845f68
Merge branch 'post_linux_system_dev' of https://github.com/cbrnrd/metasploit-framework into post_linux_system_dev
2018-04-12 09:16:31 -04:00
5f725e09db
Make nosuid? and noexec? take a filepath as param
2018-04-12 09:15:44 -04:00
0abeb4fee6
Add new functions and fix return bugs attempt 2
2018-04-11 21:52:53 -04:00
892fb70fc6
Revert "Add new functions and fix return bugs"
...
This reverts commit 1e34a6d3c6
2018-04-11 21:46:34 -04:00
8c7f929636
Land #9865 , Update Meterpreter `ls`/`dir` help
2018-04-11 17:05:18 -05:00
087ae447c5
Remove cmd notes sort operation
2018-04-11 17:46:13 -04:00
86b6009999
Land #9860 , Fix DB init when database.yml is missing
...
This PR fixes a bug introduced with goliath that caused incorrect error messages
and other error messages when no database.yml was present. It also improves the
messaging around that use case and loads CommandDispatcher::Db correctly.
2018-04-11 16:13:40 -05:00
f1d426d257
Land #9833 , Remove broken feature detection
2018-04-11 15:02:53 -05:00
b9d71b7147
Renamed 'mask' to 'glob'
2018-04-11 14:50:27 -05:00
21467d7938
Update stdapi/fs help output to match searching/masking parameters
2018-04-11 14:19:33 -05:00
4e5e0f2c40
Merge branch 'master' of github.com:rapid7/metasploit-framework
2018-04-11 13:59:43 -05:00
6c6aa8db82
Print generated CmdStager with inspect, not join
...
I dun goofed. I knew I should have just printed it verbatim.
tl;dr I thought I had accounted for command compression. I was wrong.
This should also give us more information about what exactly is being
run and how many times.
2018-04-11 13:49:00 -05:00
19e76329dc
Add some checks in buffer.rb and fix option in msfvenom
2018-04-11 13:02:35 -05:00
3db19fe4f2
Fix DBManager::Service use of services method
...
services method was previously modified to use a hash as the parameter,
but each_service was passing a workspace. Make each_service method
consistent with other DBManager modules.
2018-04-11 11:43:12 -04:00
1e34a6d3c6
Add new functions and fix return bugs
2018-04-11 10:47:21 -04:00
e639fda53c
Fix DB initialization with no database YAML
2018-04-11 09:15:38 -04:00
57e243ac49
Read from /proc/mounts instead of the mount command
2018-04-10 23:20:00 -04:00
bc07ba3769
load only at use to break require loop
2018-04-10 21:05:41 -05:00
13edf66fa3
Fix options
2018-04-10 18:57:02 -05:00
41a21def80
Land #9857 , Restore services search semantics
2018-04-10 17:25:48 -05:00
cd48b47760
Fix failing tests.
...
-Was accidentally deleting opts[:workspace] instead of processing
-Update notes help text expectations
2018-04-10 17:10:32 -05:00
e51f41fa34
Merge remote-tracking branch 'msf_jbarnett/fix_services_bugs' into MS-3062_workspaces
2018-04-10 13:35:33 -05:00
f1240b0454
resolves #9855
2018-04-10 22:20:27 +05:30
b630d5c327
Add encryption support for shellcode
2018-04-10 11:14:14 -05:00
462db05f4c
Re-enable port search functionality
2018-04-10 11:10:32 -05:00
4495eea1ca
Land #9836 , Force #! for external modules
2018-04-10 11:08:15 -05:00
81ec33b0e4
Refactor script path check into base module loader
2018-04-10 11:07:21 -05:00
48c0bbfa7a
Only display the services for a given workspace
2018-04-10 10:28:02 -05:00
07b3b576f5
Fix parsing in get_cpu_info
2018-04-10 06:03:16 -04:00
1276960d88
Fix typo in raise call
2018-04-10 05:54:35 -04:00
0a79c5a15b
Add docs to nosuid?
2018-04-10 05:53:19 -04:00
6e6bc9bc6b
Add noexec and nosuid
...
Also fix some regex bugs
2018-04-10 05:51:57 -04:00
c525bc3c0a
Land #9848 , handle 'check' command on modules that do not implement it
2018-04-09 22:27:21 -05:00
2ea875d304
Fix issue preventing psexec against non-powershell targets
2018-04-09 22:01:49 -05:00
90542779ff
Audit models to ensure :workspace is passed only when needed
2018-04-09 14:50:37 -05:00
e17a788ab5
Remove stray dlog filling framework.log
2018-04-09 13:58:10 -05:00
924a336287
Fix unsupported check_simple method for modules
2018-04-09 13:43:22 -05:00
7b85edfde5
Land #9822 , Fix backgrounded aggressive exploits
2018-04-09 09:36:12 -05:00
a473dd04a8
Land #9813 , Add etcd library and version scanner
2018-04-08 07:05:31 -04:00
07c9be5130
Land #9812 , Add Msf::Post::Linux::Kernel lib
2018-04-08 00:40:03 -05:00
6c8ea2d883
also be sure to load executable modules if they don't have #!
2018-04-07 21:15:51 -05:00
28ebe9d102
sanity check that external modules start with #! before executing
2018-04-07 16:31:34 -05:00
6fb6570f99
delete old feature detection code from exploit base
...
This deletes some old code that apparently has been broken and somewhat unused for many years.
The 'derived_implementor?' method for modules relies on the debug output from Ruby in order to tell of a class implements a method, but the regex it used didn't work properly with any modern Ruby version until 2.5.x. This caused a random sleep to get inserted into certain payload staging operations, which actively breaks staging in certain scenarios (I'm not trying to address that here).
This also removes some ancient module feature detection code, which also is entirely unused today.
2018-04-07 12:47:42 -05:00
04d5e8a765
Switch text processing to ruby
...
Also add pidof() and command_exists?()
2018-04-06 23:31:11 -04:00
c303859c11
Fix #9827
2018-04-06 11:06:52 -05:00
c97eb42eba
Finish up additions and add doc
2018-04-06 12:04:35 -04:00
1cc16a55a8
Add other linux kernel post helpers
2018-04-06 08:28:53 -07:00
ba88118d7a
Update kernel_modules method to return Array
2018-04-06 15:02:43 +00:00
a85f118bf2
Begin adding functions to Msf::Post::Linux::System
2018-04-05 21:32:58 -04:00
7cc82a14b6
Update exploit driver with correct method
2018-04-05 18:56:19 -05:00
17ed88b766
Fix backgrounded aggressive exploits
...
Any exploit that includes an aggressive stance is aggressive, regardless
of whether or not it has passive components.
This fix should prevent known-aggressive exploits from backgrounding.
2018-04-05 18:34:36 -05:00
fe224f628b
Remove update_host_via_sysinfo since it is unused
2018-04-05 14:20:25 -05:00
499b0a857f
Add kernel_modules method
2018-04-05 05:25:36 +00:00
852bc3d237
Dont inject :workspace into every HTTP request.
2018-04-04 16:30:25 -05:00
6a02712674
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces
2018-04-04 16:03:43 -05:00
bc81cfad1f
Fix error handling when trying to delete non-existent workspace
2018-04-04 11:40:21 -07:00
63aabc00f1
etcd rubocop style
2018-04-04 11:01:38 -07:00
a6c31aceb2
Refactor common etc capabilities; add separate version scanner
2018-04-04 10:48:27 -07:00
6d92c319f8
Add Msf::Post::Linux::Kernel lib
2018-04-04 17:13:49 +00:00
d9039d43ef
Land #9734 , Remove unwanted 'pop RAX' from windows/x64/reverse_(win)http
2018-04-03 14:23:41 -05:00
2ee7b1ec5c
Fix native 'readline' (msfconsole -L) support for Ruby 2.5 onward
2018-04-03 08:00:08 -05:00
bd3c00dfd0
Land #9726 , add simple Rex::Tar wrapper for consistency with other archive types
2018-04-02 23:35:22 -05:00
226ef160ff
Land #9748 , Convert the smbloris DoS into an external module
...
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-02 23:25:10 -05:00
428233b82d
Land #7949 , Format binary registry data nicely on display
2018-04-02 23:11:25 -05:00
b445583a14
Land #9774 , use correct whitespace when patching python meterpreter
2018-04-02 23:07:36 -05:00
b0123b2095
Land #9787 , Fix adding IPv6 routes with subnets or CIDR masks
2018-04-02 22:57:15 -05:00
e892911fbe
Use a constant for default workspace name
2018-04-02 17:02:14 -05:00
cac0587d42
Fix no-uac msi creation
2018-04-02 19:29:16 +01:00
fa34f3e0a4
Land #9718 , Add get_user_spns 'kerberoasting' module
2018-04-02 10:04:44 -05:00
3aed6d6666
Initial
2018-04-02 08:08:23 -05:00
f386ae0ba3
Land #9731 , tool updates
2018-04-01 23:26:42 -05:00
840923d591
Land #9738 , msfconsole user-friendliness changes
2018-04-01 02:12:53 -05:00
774ef22d08
Fix upts -> opts
2018-03-30 22:26:53 -05:00
cb2366d2eb
Fix regex search for serialized data column
2018-03-30 19:25:38 -04:00
4c536a1819
Add optional parameter to skip columns
2018-03-30 19:23:41 -04:00
7d58b0a5f4
Merge branch 'goliath' into MS-3062_workspaces
2018-03-30 16:35:26 -05:00
ecbbf1d940
Pass workspace when using db_nmap
2018-03-30 15:27:32 -05:00
c8033d69c5
Use the new keyword style for v6
2018-03-30 13:56:15 -04:00
bb17bdb6dd
Fix adding IPv6 routes with subnets or cidr masks
2018-03-30 13:18:03 -04:00
f10924a5c0
Update cmd note operations, validation and output
2018-03-29 23:15:10 -04:00
2b7c3872d4
Add proxy method for find_or_create_note
2018-03-29 18:43:34 -04:00
3a266d93b6
support for ARM
2018-03-29 15:11:27 -06:00
3b1e3a4256
Missed one more bug in append_workspace
2018-03-29 15:18:31 -05:00
19e01b4b66
Fix bug in append workspace when using :wspace
2018-03-29 15:04:00 -05:00
f41490728b
Process workspace when importing nmap data
2018-03-29 11:46:34 -05:00
7f42235ad7
Create default workspace if it doesnt exist
2018-03-28 15:39:24 -05:00
d23e33a7bc
Make workspace -v work with updates
2018-03-28 13:31:49 -05:00
1b6aa86d92
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces
2018-03-27 15:57:41 -05:00
0b5d3d31f9
WIP remote note read, update, delete
2018-03-27 16:36:56 -04:00
f5025cb84e
Add Rex::Tar
...
This just inherits from Gem::Package::Tar{Reader,Writer} at the moment.
We may want to build out higher-level methods than what the inherited
code already provides. Or don't inherit at all.
2018-03-27 14:57:57 -05:00
b509c14851
detect the whitespace needed when patching meterpreter
2018-03-27 13:24:44 -05:00
9559c06c10
Land #9762 , Fix OpenSSL deprecation in Ruby 2.5
...
This PR replaces a deprecated method in the Ruby 2.5
OpenSSL library. It also bumps the ruby-version to use 2.5.
Fixes #9576
2018-03-27 11:02:44 -05:00
abf16a4469
fix workspace tests
2018-03-27 10:41:08 -05:00
a4ad7de4e0
Use a better error in scriptable sessions
2018-03-26 17:56:44 -05:00
e761d211b9
Land #9708 , reload_lib command for msfconsole
2018-03-26 17:10:11 -05:00
862a3ff74d
Land #9618 , pipe auditing improvements
2018-03-26 17:01:48 -05:00
83f2052ee7
Accidentally q
2018-03-26 16:09:56 -05:00
cfa03a999c
Finish moving current_workspace tracking to client
2018-03-26 15:58:47 -05:00
991f4e35ea
Remove added regex options from search_term
2018-03-26 14:07:21 -04:00
3fb5137c2d
use Rex::Socket::SslTcp.supported_ssl_methods for SSLVersion option
2018-03-26 03:40:49 -05:00
38af667094
Support for Ruby 2.5.0 fixing OpenSSL warnings
2018-03-26 02:52:02 -05:00
4194b6d991
Land #9586 , fix #9112 , improve android screenshot error message on failure
2018-03-25 07:36:15 -05:00
1610db482a
minor style nits
2018-03-25 07:34:45 -05:00
7c5c5513eb
Merge remote-tracking branch 'upstream/master' into land-9586-
2018-03-25 07:29:55 -05:00
f662049b27
clarify screenshot on android scenario
2018-03-25 07:29:39 -05:00
d0ef5617fa
Merge master and resolve conflict
2018-03-23 14:25:21 -07:00
7e0c255591
Formatted reg binary type to hex when displaying query results.
2018-03-23 15:56:12 -04:00
71149e9c68
Remove executable Ruby files from classic loading
2018-03-23 14:49:06 -05:00
133f982f7c
Add external module bridge for Ruby
...
This runs Ruby external modules with the same Ruby that is running MSF,
so it might even work on Windows!
2018-03-23 14:46:40 -05:00
def0e4d93b
Merge branch 'goliath' into MS-3062_workspaces
2018-03-23 11:37:01 -05:00
6b3a4a56dc
Merge branch 'rapid7/master' into goliath
2018-03-23 11:26:31 -05:00
ed5b22a541
Address more code review comments
2018-03-22 21:47:59 -05:00
6c5a7a663a
Merge branch 'goliath' into MS-2879_db_export
2018-03-22 21:22:23 -05:00
James Barnett
Wei Chen
Brent Cook
Brendan Coles
Carter Brainerd
Matthew Kienow
Auxilus
Adam Cammack
William Vu
Aaron Soto
scriptjunkie
h00die
Jon Hart
bwatters-r7
Meatballs
christopher lee
Spencer McIntyre
zerosum0x0
Jeffrey Martin
andrea
b0yd