f8f61e8d83
Basic shell of the MSF Powershell extension functionality
2016-03-14 12:55:58 +10:00
6f85c82dc0
Fix Nexpose import to truncate long vuln names
...
A warning is emitted since there is a potential for data loss, but since
we reference vulns by their ID, the data-integrity risk is small.
Initially triggered by some Nexpose data, this should probably be
properly fixed by removing the length bound on the field.
MS-1184
2016-03-11 11:02:55 -06:00
5554138fac
Change the firing order
...
Ubuntu has this glib bug (g_slice_set_config) that results us
seeing a bunch of warnings when we call system("firefox") in
Ruby. It doesn't look like our fault, but since this generates
a lot of text on msfconsole, we try to avoid that.
2016-03-09 23:08:19 -06:00
dfd51a7032
Merge branch 'master' into android_sqlite_read
2016-03-10 01:46:30 +00:00
38bc8c88ae
Fix open_webrtc_browser
...
Fix a bug where the code might spawn multiple browsers.
2016-03-09 17:10:22 -06:00
5e83b2de51
remove extra new line
2016-03-07 23:17:45 +00:00
f6c06bedfe
fix e.g output
2016-03-07 23:15:05 +00:00
3e0f8d67c9
Use #strip to more correctly simulate #blank?
...
See f900d9cf26
2016-03-07 13:14:37 -06:00
289f43bb80
Land #4848 , remove some reliance on rails libraries from rex
2016-03-07 07:38:30 -06:00
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
05a91f1d82
set SNI if the SSL peer is specified as a hostname
2016-03-06 21:12:15 -06:00
0fc4ebf4ab
Land #6618 , Improve Content-Length behavior in Rex HTTP
2016-03-06 16:38:44 -06:00
a1190f4344
Land #6598 , add post module for setting wallpaper
2016-03-06 15:00:10 -06:00
dcba20ff60
only cleanup processes once too
2016-03-04 12:08:19 -06:00
2cfc9073a0
fixup sqlite_query
2016-03-04 11:56:37 +00:00
b7fe500788
sqlite_read -> sqlite_query
2016-03-04 11:56:23 +00:00
c250740a81
Fixup finalizers to not double-close Meterpreter objects
...
We add finalizers to an assortment of Meterpreter-managed objects in order to
clean things up in the event that a post module crashes and does not clean
things up. However, this also means that even a properly-written post module
can lead to an object getting double-closed on the Meterpreter session when the
garbage collector kicks in. This can lead to quite non-deterministic behavior
and crashes.
This change modifies the instance close methods to unregister the finalizer on
close, ensuring we cannot do a double-close automatically if one is requested
explicitly first. As an additional measure, we check an instance variable to
see if we called close directly twice as well. This is not sufficient in
itself, since we do not have a reference to 'self' in the finalizer proc to
check the close state.
This also removes a couple of references to 'self' in the finalizer proc
itself, which may cure some memory leaks as well due to circular references.
2016-03-02 21:43:51 -06:00
4b10331cf0
style fixups
2016-03-01 10:18:25 -05:00
bff4b4d5fc
Fix #6609 and #6587 - Change Content-Length behavior in Rex HTTP
...
This patches changes two things:
1. If a module has a custom Content-Length, it will respect that
instead of forcing its own.
2. If a request does not have anything in the body, the
Content-Length header will not be set.
Fix #6609
Fix #6587
2016-02-29 10:50:21 -06:00
afc6f6ff74
fix options
2016-02-29 15:21:33 +00:00
bd6fdbb545
android sqlite_read command
2016-02-29 15:05:57 +00:00
f735a904ff
create owa_ews_login module, modify HttpClient to accept preferred_auth option
2016-02-28 22:01:05 -05:00
7acba69e37
Land #6577 , add controls for Android ringer
2016-02-26 07:02:49 -06:00
5899b8afc8
make help show up when things are not specified correctly
2016-02-26 06:09:05 -06:00
9010dac7bc
Wrap up the current WIP, still not functional
2016-02-26 05:36:40 +00:00
5bf308e720
WIP checkin
2016-02-26 05:36:40 +00:00
cef1b77e26
fixes for android set_audio_mode
2016-02-20 12:01:10 +00:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
c5469be59e
Add Android ringer change mode command
2016-02-15 15:07:48 -06:00
2fddf333ed
add TLV entry
2016-02-15 15:04:15 -06:00
59bf850bb0
Update android.rb
...
Add request for Ringer Mode Changer
2016-02-15 14:59:15 -06:00
db19a7d9b3
Merge branch 'upstream-master'
2016-02-10 23:15:21 -06:00
44eb2d6a80
Merge branch 'upstream/master' into default-xor
2016-02-11 14:30:18 +10:00
4dcbd7c1ae
Add a nokogiri xml stream parser for Burp issue xml and rename original burp parser to burp session parser so both are supported.
2016-02-04 10:30:56 -06:00
d544bf9311
android set wallpaper
2016-02-01 01:16:17 +00:00
4d6791d432
fix returning of error
2016-01-31 15:13:21 +00:00
1828b7fda6
Land #6512 , Acunetix importer missing scheme fix
2016-01-29 13:17:44 -06:00
b6bc862c1b
Land #6267 , fix Rex::Parser::Ini#each_group
2016-01-29 11:19:40 -06:00
e542a6c8cf
Fix importing with Acunetix
...
Add a default scheme of `http://` to URIs without a scheme. Also update
some documentation.
2016-01-28 16:37:14 -06:00
ad026b3a7a
Add #peer to Tcp
2016-01-28 13:58:24 -06:00
3acb5d270b
Add `dir` as an alias for `ls`
2016-01-27 12:21:15 +10:00
0134161c1b
Fix another typo
2016-01-25 22:15:13 +10:00
d6facbe339
Land #6421 , ADB protocol and exploit
2016-01-22 20:45:44 -06:00
6c2391ed0d
Fix typo in random xor key generator
2016-01-19 15:37:10 +10:00
18fe9bd96f
Merge branch 'upstream/master' into default-xor
2016-01-13 10:05:59 +10:00
c76389629a
receive startActivity result
2016-01-12 07:49:37 +00:00
f48e4363f5
activity_start
2016-01-12 07:22:55 +00:00
210f065427
Add a background option for the echo cmdstager.
2016-01-07 01:16:08 -06:00
00f1511b46
Use the right op for the data checksum.
2016-01-03 01:48:25 -06:00
849857a418
Fix spacing issues in message.rb.
2016-01-02 22:57:26 -06:00
6668dbec41
Remove stray binding.pry.
2016-01-02 22:50:06 -06:00
dcd36b74db
Last mile polish and tweaks.
2016-01-02 22:41:38 -06:00
6575f4fe4a
Use the cmdstager mixin.
2016-01-02 14:09:56 -06:00
9c85c5d4fe
Add newline.
2016-01-02 01:17:28 -06:00
a88471dc8d
Add ADB client and module for obtaining shell.
2016-01-02 01:13:53 -06:00
e23b5c5435
Land #6179 , add NTP initial crypto nak spoofing module
2015-12-24 15:46:18 -06:00
eec6a6f905
Land #6304 , simplify Meterpreter livelness checks
2015-12-24 15:42:17 -06:00
9c410e02e3
Merge branch 'master' into land-6111-android
2015-12-24 10:13:25 -06:00
3f4c6eb370
Land #5383 , allow tunneling reverse_tcp meterpreter sessions without 'route add'
2015-12-22 15:42:42 -06:00
f6eaff5d96
use the new and shiny joomla mixin
2015-12-22 21:36:42 +01:00
39da306b1d
Land #6057 , @danilbaz's module for dumping Bitlocker master key (FVEK)
2015-12-08 18:16:39 -08:00
c747ffc05a
Implement support for TLV packet XORing, and RECV removal
2015-12-08 16:37:10 +10:00
ef217c4b6d
Land #6315 , Support migrating to processes by process name
2015-12-07 23:53:06 -06:00
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
06836d9b8a
Better handling of invalid process name/IDs
2015-12-04 14:25:57 -08:00
3ecac615a2
Support migrating to processes by process name
...
Fixes #6313
2015-12-04 13:33:01 -08:00
340fe5640f
Land #6255 , @wchen-r7's module for Atlassian HipChat JIRA plugin
2015-12-03 20:01:06 -06:00
0bcac5e73b
Use concat instead of assignment on java proxy classes encoding
...
* fixes bug in java serialization encoding proxy class
2015-12-03 17:31:13 -06:00
aa9969c81a
Add more normalization to temporary directory
2015-12-03 11:37:02 -06:00
762fdbed40
Simplify meterpreter liveness check
2015-12-03 09:16:18 -06:00
6fa2269764
PacketResponseWaiter - improve yardoc coverage
2015-12-03 09:16:17 -06:00
98b3919e94
Remove .bin from default behaviour
2015-12-02 09:58:11 +00:00
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
070a156925
-Recovrey +Recovery
2015-11-27 13:58:19 +01:00
a7a89adfac
Land #6264 , meterpreter per-extension init string support, update payloads to 1.0.17
...
This brings in the following changes:
Changes to support maven 3.3+
Don't fall back to 0.0.0.0
Remove all debug builds from the Windows projects
Add show_mount, ps_list, and some core tweaks
Refactor TLV layout, add more debug output, token stealing
Add incognito binding, code tidies
Update packaged libs
Add transport list binding
Add transport add command to python binding
Update python core lib archive
change source perms back to non-executable
First pass of stageless initialisation script
Finalise stageless initialisation scripts
add BOOT_COMPLETED receiver that starts the Payload
Improve the implementation of the getuid command
Switch to Utils.runCommand per timwr's suggestion
Updated init script method
also bumps msgpack 0.7.1, which fixes a failure packing messages > 256k
2015-11-25 22:27:27 -06:00
b9e176cd77
Fix up cell result parsing
2015-11-21 11:15:00 -06:00
c03ff13377
Don't wait if the response has already been set
...
Fixes a race condition which could leave the waiter sitting indefinitely
if notify() is called before wait().
2015-11-21 14:21:42 +00:00
12b24fecee
Return true/false if a waiter was/wasn't notified
...
The method is used as follows:
if notify_response_waiter(response)
# Proceed as if a waiter was notified
end
Previously the return value would be `nil` whenever the loop broke early
due to a waiter being found. This meant that the dispatcher thread often
believed that a packet was not being handled. As a result the
backlog == incomplete sleep kicked in unnecessarily.
2015-11-21 14:20:51 +00:00
6509696eb1
Switch back to Mutex/CV for response waiters
...
Makes use of the wait() method's timeout parameter instead of using the
Timeout class.
2015-11-21 14:20:51 +00:00
640a302b78
Switch to a Queue for the dispatcher's packet queue
...
The select() based sleep can be replaced by a blocking pop(). The thread
will be suspended until data is pushed onto the queue.
2015-11-21 14:20:51 +00:00
07767cd803
Fix #6265
2015-11-20 15:17:15 -08:00
99a74fd4d2
Merge branch 'master' into feature/interval-collect-geo
2015-11-20 14:06:22 -06:00
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
d6921fa133
Add Atlassian HipChat for Jira Plugin Velocity Template Injection
...
CVE-2015-5603
Also fixes a bug in response.rb (Fix #6254 )
2015-11-18 11:34:25 -06:00
038d367d58
Fix #6247 , Update Meterpreter Usage on "Interact"
...
The "interact" command does not actually exist. Instead, users
should do "channel -i" to interact with a channel.
Fix #6247
2015-11-16 17:58:39 -06:00
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
4a707b33a2
Add rspec coverage for cowsay. Achievement unlocked
2015-11-13 10:26:47 -08:00
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
0afc5be3bc
Finalise set up of stageless init
2015-11-10 20:01:23 +10:00
a28ab216d3
Adding stageless init script support
2015-11-10 19:18:47 +10:00
00d09744fb
Land #6118 , @wchen-r7's new methods for Rex HTTP response
2015-11-03 10:42:42 -06:00
07b34e8906
Missing types and parsing, more work left to go
2015-11-03 00:23:29 -06:00
2e837b26e8
Use a Queue instead of Array
2015-11-02 16:02:45 -06:00
ced20ba51c
Refactor NTP symmetric packet creation; add vuln detection to NAK to the future
2015-11-02 12:46:58 -08:00
7f19d95ad8
Land #6146 , add show_mount command (initially for windows meterpreter sessions)
2015-10-30 17:37:30 -05:00
cb403b8a36
Land #6077 , initial python meterpreter module support
2015-10-30 17:29:05 -05:00
c5643e52ff
Add support for the show_mount command (windows)
2015-10-29 07:28:33 +10:00
1805774b16
Resolve #6020 , Better RPC exception handling
...
Resolve #6020 . Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
f2b6d37630
Add WIP module for Cisco Talos' NTP 'NAK to the future'
2015-10-27 18:10:07 -07:00
f6b9f38326
This method is not needed because Nokogiri does that already
2015-10-23 19:38:17 -05:00
4bc2437e0b
Temporary hack to test
2015-10-22 20:00:47 -05:00
d5a010c230
Add support for registry_key_exist?
2015-10-22 16:07:38 -05:00
065d042ec4
Update doc a little bit
2015-10-21 16:29:27 -05:00
12cdd786a6
Add more Nokogiri and RKelly support for Rex::Proto::Http::Response
...
These new methods allow the module writer to being able to parse
HTML/XML/JSON responses properly without using regex first.
2015-10-21 16:26:31 -05:00
ba14d6e77f
Add support for the TBD interval geo collection on Android
2015-10-20 15:39:51 -05:00
4b271425c9
s/datstore/datastore/g
2015-10-20 13:05:49 -05:00
6748ccbb82
This method was moved to Rex::Ui::Text::Output
2015-10-19 10:43:38 -05:00
d7b8767afc
Fix #6105 by moving ``puts`` into the base class
2015-10-19 10:42:46 -05:00
30d2a3f2a9
Land #5999 , teach PSH web delivery to use a proxy
2015-10-14 11:05:45 -05:00
9adb2ee267
Fix silly typo
2015-10-12 14:58:30 +10:00
dbfee51ad3
Add support for folder importing
2015-10-12 11:52:55 +10:00
0132f9ce67
Extend accepted clients with Rex Socket stuff
2015-10-09 08:53:02 -05:00
352535e15d
Land #6026 , Add support for NewClass elements on Rex::Java::Serialization
2015-10-08 12:33:12 -05:00
6849adad58
Adjusted to include import
2015-10-07 23:36:24 +10:00
2445c1fa32
Land #6012 , Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp
2015-10-02 15:27:47 -05:00
40cb13609a
update SSLVersion to support all options for rex TCP sockets, add 'TLS' alias
2015-10-02 15:26:49 -05:00
55f6fe7037
Land #5510 , update x86/alpha* encoders to be SaveRegister aware
2015-10-01 15:07:10 -05:00
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
8861d61ad4
Add stderr/stdout capture and var extraction
2015-10-01 08:17:17 +10:00
bfbd6ad475
Add the NewClass code really
2015-09-30 12:31:18 -05:00
8590c79021
Add support for NewClass
2015-09-30 12:30:52 -05:00
fb0d766958
First pass of the python extension for windows meterpreter
...
This includes the basic construct for the python extension, and allows
for single-shot commands to be run.
2015-09-29 20:48:29 +10:00
31552a71cf
Added FIREFOX back as arch - inadvertantly removed
2015-09-28 14:50:46 -05:00
bb769f0dca
Added mainframe ebcdic<->ascii conv ability
...
Within text.rb added 2 tables and 2 methods that allow for the
tranlsation of EBCDIC<->ASCII for mainframe modules and functionality
(SystemZ Zarchitecturer mainframe)
2015-09-28 09:55:30 -05:00
33807abeda
Updated contstants.rb with ARCH_ZARCH / mainframe
2015-09-28 09:47:24 -05:00
94e0a78050
Added zarch.rb architecture file
2015-09-28 09:41:22 -05:00
258e743f82
Added ARCH_ZARCH as architecture option
...
SystemZ (z/os, mainframe) added as a constant to the arch.rb file. This
along with other commits in this package will allow for development of
SystemZ (mainframe) based modules.
2015-09-28 09:36:31 -05:00
f3451eef75
Land #5380 , pageantjacker, an SSH agent proxy
2015-09-26 10:52:44 -04:00
157bab4f0d
Land #5518 , TFTP::Client retransmit lost data blocks on upload
2015-09-23 21:58:42 -05:00
d9a76bbe0a
Land #5911 , add adsi enumerate to a file via -o
2015-09-23 21:40:01 -05:00
66c9222968
Make web_delivery proxy aware
2015-09-23 20:45:51 +01:00
853d822992
Merge pull request #1 from bcook-r7/land-5380-pageantjacker
...
update pageantjacker to run as part of extapi
2015-09-23 09:45:53 +01:00
62ff291713
Fix msfrop metasm require
2015-09-21 13:19:23 -05:00
0cc6b53d59
Land #5905 , support newer OpenVAS formats.
2015-09-21 10:30:25 -05:00
cdd39f52b1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into pageant_extension
2015-09-21 14:34:56 +02:00
e8e4f66aaa
Merge branch 'master' of ssh://github.com/stufus/metasploit-framework into pageant_extension
2015-09-21 14:34:38 +02:00
61e7e1d094
update pageantjacker to run as part of extapi
2015-09-20 20:25:00 -05:00
e97056a367
When the port state is open|filtered should be unknown, no open
2015-09-07 22:52:03 +02:00
7665747d1c
Land #5736 , certutil cmdstager
...
Ferreal this time.
2015-09-03 14:21:21 -05:00
82b27c9038
Revert "Land #5736 , certutil cmdstager"
...
This reverts commit 93eb42dfa3
2015-09-03 14:18:28 -05:00
9ccd95af26
Land #5916 , fix encoding when badchars contains -
2015-09-03 13:42:45 -05:00
93eb42dfa3
Land #5736 , certutil cmdstager
2015-09-03 13:13:24 -05:00
9f1f797031
Skip substitution if badchars is empty
2015-09-02 18:52:53 -05:00
01cbd842ad
Updates based on @jlee-r7's feedback
2015-09-02 18:42:34 -05:00
9e98385417
Fix #5716 by correctly setting the data length
2015-09-02 15:16:25 -05:00
24dd454127
Land #5912 , adds timeout option to migrate
2015-09-02 13:08:22 -05:00
54f79e72bb
Initialize writable_dir in the main block
2015-09-02 13:08:07 -05:00
cefb7c83f3
Fix call to migrate
2015-09-02 15:37:34 +10:00
8191fac90f
Fix #5907 by replacing String#delete with String#gsub
...
The String#delete method treats the argument as a transliteration. This means that hyphens (-) either
turn into a character range or they throw an error if the range is invalid. This ended up breaking
one encoder and may be the root cause of other hard-to-reproduce bugs.
2015-09-01 18:37:28 -05:00
0d2df33900
Fix two typos, add help detail
2015-09-02 09:35:51 +10:00
27cd0597d7
Land #5908 , default to SSL autoneg, add explicit TLS 1.1/1.2 support
2015-09-01 18:21:51 -05:00
2cd6b1c2df
Update parser, fix UseMasterPassword bug
2015-09-01 22:05:47 +01:00
21ab4531d2
Land #5910 , move help fxn for ps
2015-09-01 14:23:25 -05:00
b8458d6ec7
Land #5705 , allow removing transports by index
2015-09-01 14:08:48 -05:00
b273893947
use URI.parse over a custom regex
2015-09-01 14:07:05 -05:00
299ceb7087
Add timeout option for migration
...
This commit changes the migrate function so that an optional timeout parameter can be given. This means that people in high-latency scenarios can extend the timeout when migration in order to increase the chances that things will work.
2015-09-01 22:53:30 +10:00
696bc95838
Merge branch 'upstream/master' into adsi-file-output
2015-09-01 17:25:13 +10:00
ef73f56201
Add -o parameter to adsi query functions
...
This allows for the output of the query to be written to a file.
2015-09-01 17:03:41 +10:00
abfeb204b3
Move help functionality for ps command
2015-09-01 16:45:35 +10:00
ff6fbfa738
Land #5895 , rework of ADSI modules
2015-08-31 14:10:41 -07:00
92d74ffb3b
Default to SSLv23 (autonegotiate), fixes #5870
2015-08-31 13:30:05 -07:00
30830ad9e5
Land #5262 , fix webcam_chat and tidy adjacent code
2015-08-31 14:21:24 -05:00
fe69fc84de
expand the path environment variables before executing
2015-08-31 13:38:08 -05:00
fba751a986
Disable early returns
2015-08-31 12:13:42 -05:00
80f21b50c9
Fix #4227 by improving parsing of nested elements
2015-08-31 11:47:43 -05:00
b8b68983b0
Merge remote-tracking branch 'upstream/master' into adsi_group_enum_improvements
2015-08-28 15:11:27 +01:00
3a5ce02e8e
Changed the other print\n lines to print_line() for consistency
2015-08-28 14:05:44 +01:00
266a6e7dc4
Changed to print_line() at the request of hdm
2015-08-28 11:35:51 +01:00
a2d5511e39
Land #5379 , new post modules to load into powershell sessions
2015-08-26 17:11:40 -05:00
5cdf1aeef4
Added examples to the usage-help and run through msftidy
2015-08-26 19:33:09 +01:00
4bac21b7b9
Added command to list the domain controllers
...
Also added more information relating to the computers from LDAP
2015-08-26 15:33:54 +01:00
59cf75c5a8
Updated description to make it more obvious & added specific DC enumeration
2015-08-26 15:03:28 +01:00
7cee4d0ad1
Added the following commands:
...
adsi_group_enum - Lists all groups on the specified domain
adsi_nested_group_user_enum - Lists all users on the specified domain who are members of a given group DN (taking into account recursive/nested groups)
2015-08-26 14:14:15 +01:00
6c89d0997c
Land #5855 , android offline collection support
2015-08-25 17:44:51 -05:00
1181600a69
Land #5575 , interactive channel logging
2015-08-25 16:23:51 -05:00
7ff828d000
Land #5573 , console and session log timestamps
2015-08-25 15:35:25 -05:00
026e6626f2
Added regular expression filtering for excess characters
2015-08-25 14:59:20 -05:00
54dcd312f6
more style issues resolved
2015-08-24 18:07:31 -05:00
90a46fbcd0
update style issues
2015-08-24 17:58:24 -05:00
573f2b51a5
fix some crashes running webcam commands on webcamless machines
2015-08-24 16:51:43 -05:00
dfd00ad50b
prefer catching RuntimeError
2015-08-24 16:42:33 -05:00
6977a12dd8
whitespace fixups
2015-08-24 16:39:17 -05:00
f96236d61f
remove redundant to_s and RuntimeError
2015-08-24 16:21:34 -05:00
4e8cc47299
remove superfluous SYSTEMDRIVE path
2015-08-24 16:19:16 -05:00
407d701fd9
Remove unnecessary version_random_case option
2015-08-20 10:05:16 -07:00
2e4944b8ec
Remove unnecessary version_random_case option
2015-08-20 10:05:04 -07:00
99ab64727d
Land #5859 , add comparison cases for IP/IPv6 addresses in rex tables
2015-08-19 11:52:33 -05:00
f1ec92aba0
Land #5749 , http large file download fixes
2015-08-18 15:57:31 -05:00
015d045730
read max_size bytes at a time
2015-08-18 15:56:57 -05:00
5b173319f2
Fix up level rendering
2015-08-19 00:22:26 +10:00
884760f11d
Update the output format for the Wifi collection
2015-08-18 17:27:48 +10:00
5b35134f98
Land #5820 , DispatcherShell: Ensure exceptions don't interfere with busy state
2015-08-17 17:53:55 -05:00
02e3e9af16
Allow to compare ipv4 vs ipv6 hosts
2015-08-17 14:52:26 -05:00
241593117b
First pass of the android interval collection
2015-08-18 00:53:25 +10:00
5dd015150c
Land #5748 , refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter
2015-08-16 10:58:17 -05:00
422bba87d3
style fixes, moved google_geolocate to google/geolocate
2015-08-15 19:49:32 -05:00
3615bd094d
limit the # of bssids sent to google, log more error details
2015-08-14 17:58:33 -05:00
f4031d87fc
light ruby style cleanups
2015-08-14 17:26:05 -05:00
3aab9aa74c
move BSSID checker to tools, fixup rubocop warnings, add OS X example
2015-08-14 17:13:11 -05:00
3aa1f93196
Fixed string->uint
2015-08-14 17:45:47 +01:00
02a58d459b
Merge remote-tracking branch 'upstream/master' into pageant_extension
2015-08-14 17:05:38 +01:00
6e684d46f2
Ensure exceptions don't interfere with `busy`
2015-08-10 12:11:37 -04:00
de47f4752b
Added feature to add color background (Prompt)
2015-08-01 18:54:01 -03:00
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
b40c36688c
check send retry count and abort in excess
2015-07-31 16:17:34 -05:00
6e146794a2
fix indents and style
2015-07-31 14:48:02 -05:00
226516ef20
restore PPID to the meterpreter process list table
...
This restores pre-66bd881ac5a6de636c2eea7528946bc2d3abd52c behavior, but merges
the current search and output fixups currently in the tree.
2015-07-25 18:10:10 -05:00
c30127cfe8
Land #5729 , add user-agent list, MeterpreterUserAgent derives from this
...
Later PRs will convert modules to use this. A random user agent might be nice
for meterpreter actually.
2015-07-24 17:39:30 -05:00
ec7bf606c6
Land #5735 , @rcvalle's for CVE-2015-1793 OpenSSL mitm
2015-07-24 14:38:27 -05:00
45b4334006
Use Rex::Socket::SslTcpServer
...
* Also add rex sockets managing
2015-07-24 11:16:09 -05:00
981d98443f
fix local mods
...
Fixed some local modifications that were unintentionally pushed.
2015-07-23 17:04:12 +01:00
31dcae6828
bug fixes
2015-07-23 16:58:55 +01:00
264bc0f921
Land #5726 , support multiple glob patterns with search
2015-07-22 17:58:33 -05:00
a52bf4526d
Use uniq on the globs array
...
This avoids search repetition.
2015-07-22 14:25:49 -05:00
121fe1adda
Land #5654 : Python Meterpreter Transport
2015-07-22 10:39:06 +10:00
85e806dc99
Add simple class for getting geo data from Google
2015-07-20 19:28:19 -05:00
0771d5ec39
minor fixes
2015-07-20 01:22:45 +01:00
97f4ec72f9
minor fixes
2015-07-20 01:20:36 +01:00
ad86a72918
send_sms + wlan_geolocate
2015-07-20 01:16:58 +01:00
844b47e8ce
Additional changes
2015-07-18 14:10:46 +07:00
7f05403ae0
Added certutil cmdstager
2015-07-16 13:20:05 +07:00
f6cdbb65dd
Land #5706 , Kiwi creds_* -o write to file
2015-07-15 15:43:29 +00:00
b6e25506d0
Add a common user agent list, use the shortest for Meterpreter
2015-07-15 13:03:47 +10:00
6685fc479b
Add multi-glob filesystem search to Meterpreter
2015-07-14 20:23:23 +00:00
53bcee011b
Land #5709 , s/Filed/Failed/ typo fixes
2015-07-13 18:37:46 +00:00
4cd6e0c72b
Added "Failed" to line 121 of kdc_request.rb
2015-07-13 11:27:32 -05:00
6a5645d747
Changed "Filed" to "Failed" in multiple files
2015-07-13 11:21:20 -05:00
0a581be9f9
put -u back for removing transports
2015-07-13 12:10:32 -04:00
4fc258ec0c
Remove duplicate entries, allow for output to file
...
This commit does a few tidies of code, as well as adds the ability to
write all the kiwi output to disk as well as to the console. We can't
yet add this stuff to the credential DB because it's tied to machine,
where the creds that come out of kiwi are often tied to domains.
This also removes duplicate creds from the output list, and gets rid of
the auth id stuff from the output too (not sure why it was useful
before).
2015-07-13 14:17:31 +10:00
eaa0d0a44e
first msg was better
2015-07-11 22:50:38 -04:00
508c9f55df
specify transports by index
2015-07-11 22:22:50 -04:00
5be94c12b6
Land #5602 , adds irb -e to core
2015-07-02 16:21:20 -05:00
434cffa258
clean up so idiomatic ruby details
2015-07-02 16:16:57 -05:00
0af397217c
Merge pymet transport feature into fresh branch
2015-07-02 08:43:13 -04:00
a17b27efce
Update descriptions
2015-07-01 21:47:51 -05:00
caddf545c4
Make getsystem more verbose
...
Resolves #4401
2015-07-01 20:49:14 -05:00
37ac5f0ee3
Use environment variables for Program Files
...
Done, thanks @Meatballs1 !
2015-06-30 17:28:21 -05:00
7aae9b210e
Add pymet support for core_enumextcmd
2015-06-26 11:32:51 -04:00
f6ae1f4223
Merge branch 'upstream/master' into android-java-transport-refactor
2015-06-26 14:12:56 +10:00
5a24dc8e64
Enable the transport command for java
2015-06-25 14:08:41 +10:00
f9642da387
Support expressions for meterpreter's irb too
2015-06-24 21:02:18 -04:00
5c65c58fdf
Land #5598:handle nil or short machine_ids gracefully
2015-06-24 19:11:08 -05:00
24a6e4c110
Comment update
2015-06-24 16:33:07 -05:00
4d58e49cdc
Land #5600 , update session info after migrate
2015-06-24 15:16:58 -05:00
151fa2f676
Update user info on migrate
2015-06-24 20:50:29 +01:00
aa9ea13934
Fix up the core_machine_id call to handle weirdness better
2015-06-24 11:44:54 -07:00
3141d4e465
Relocate the mkdir to synced_update
2015-06-23 10:44:15 -07:00
OJ
Adam Cammack
wchen-r7
Tim
William Vu
Brent Cook
rwhitcroft
HD Moore
HD Moore
Artem
Brian Patterson
James Lee
joev
Christian Mehlmauer
Jon Hart
jvazquez-r7
Louis Sato
Rory McNamara
BAZIN-HSC
Jon Cave
PsychoMario
bigendian smalls
Meatballs
Stuart
Stuart Morgan
Manuel Mancera
Joshua Smith
Mo Sadek
Alex Watt
Roberto Soares
Jack64
Jack64
xistence
Spencer McIntyre
Tod Beardsley