4e046db9b3
add retry to linux reverse tcp x86
2017-07-14 12:47:32 +09:00
5c17f363be
Default opts to an empty hash instead of nil
...
Fixes #8709
2017-07-13 15:40:08 -05:00
7e487ec745
fix request_ops per bcoles
2017-07-13 01:16:27 -04:00
03691cc35f
Bump version of framework to 4.15.1
2017-07-12 20:08:07 -07:00
6793dd27ab
Land #8711 , Update stdin processing in resource scripting
2017-07-12 17:05:27 -05:00
99bb091488
Land #8690 , Fix #8636 , [] for NilClass in session.fs.file.download_file
2017-07-12 13:43:12 -05:00
18c9ac7abb
Update stdin processing in resource scripting
...
Originally in #4674 , I wanted to add stdin to msfconsole -r, but I
purposefully left off support for stdin in the console. Now it works.
2017-07-12 13:40:44 -05:00
345407b0a4
Rex::Encoder::XDR conflicts with the XDR gem
2017-07-12 11:52:10 -05:00
dbef4ee816
kill cucumber in framework
2017-07-12 08:00:29 -05:00
aa0fca9dd1
Land #8631 , Add railgun support to Python Meterpreter for the OSX
...
platform
2017-07-11 16:05:16 -05:00
5473b2132d
Implement :request_url for Msf HttpClient mixin
...
To round out implementation of a simple path for users to access
HttpClient like Open or Net::HTTP, create :request_url method which
takes a single URL parameter, uses :request_opts_from_url to build
the request configuration for Rex::Proto::Http::Client, executes
a GET request with it, and disconnects the client unless keepalive
is specified as the second parameter to :request_url.
Example usage of functionality is implemented in http_pdf_authors.
2017-07-11 16:07:13 -04:00
50b1ec4044
Fix #8675 , Add Cache-Control header, also meta tag for BAP2
...
Hopefully that browsers will respect this.
Fix #8675
2017-07-10 16:05:09 -05:00
df697aa23c
Implement HttpClient options generation from URL
...
To address the complexity which comes with the flexibility offered
by Rex::Proto::Http::Client and its Msf mixin descendant, a simple
process needs to be implemented for issuing a request using only
the URL string in order to provide ease of access to users who may
not have the time to study how these clients work in detail.
Implement :request_opts_from_url in Msf's HttpClient mixin such as
to extract the options required for :send_request_* from a URL
string passed into the method. This approach reduces HTTP requests
in the mixin to `send_request_raw(request_opts_from_url(url))` when
`url` is just a string.
Implement this approach in the http_pdf_authors gather module to
further reduce infrastructure complexity around the simple need to
acquire PDF files via HTTP/S.
Testing:
Local to this module only, and in Pry of course. Seems to work...
2017-07-10 04:19:26 -04:00
e8d4ad8a89
Try all callable methods when creating socket
2017-07-09 11:26:57 -07:00
d5d9e88851
Fix #8636 , [] for NilClass in session.fs.file.download_file
...
This fixes a [] for NilClass bug in the download_file API.
The opts argument is not checked for nil before the code looks for
the block_size key.
Fix #8636
2017-07-07 19:00:33 -05:00
baead02efc
Addressing PR feedback.
...
Removing the audio_stream_pool.rb class file for now, we can recreate for MS-2749 if we really need one.
2017-07-04 09:28:38 -05:00
06aa239d47
pass loggger conditionally to common search function
2017-07-03 16:22:47 -05:00
ef1145c6b7
Use common code to delete non-applicable cmds.
2017-07-03 09:11:04 -05:00
4f054d25fc
Fix packet spec problems
2017-07-03 18:12:38 +10:00
228fb8c436
Fix small issue with encryptionf flag rendering
2017-07-03 17:31:09 +10:00
999d90687e
Make encryption flags 32 bit
...
This changes the encryption flags on the meterpreter session so that
it's 32 bits (and hence changes the packet header). This also supports
the idea that sessions may use encryption that isn't AES256, so the
flags field will ultimately indicate that. A type flag has been added so
that MSF knows the type that should be done on the wire.
At some point soon we'll add something that makes sure that the packet
encryption type always matches the encryption type expected in MSF, this
will hopefully avoid the risk of having packets injected into the stream
by external entities.
2017-07-03 16:52:58 +10:00
c1f2fc1838
Add Msf::{Auxiliary,Post}::Complete
...
Not sure yet why we're doubling up on cleanup.
2017-07-03 00:26:49 -05:00
48dddd1e46
Pretty-print fail_with for aux and post modules
2017-07-03 00:07:32 -05:00
e21ae88b55
Update wave file header with actual length.
...
Fixes MS-2759.
2017-06-30 22:48:42 -05:00
1cbc4af6b6
Land #8606
...
land's bcook's module search rpc work
2017-06-30 14:58:46 -05:00
ada954aab9
Land #8624 , fix mis-ordered kiwi output
2017-06-30 14:23:24 -05:00
d2098137a9
Grab last bit of audio from target when done.
...
Also remove module that needs work (we can create later).
2017-06-30 10:56:49 -05:00
48e7e8397e
Make listen focus on prerecorded items.
2017-06-29 16:52:17 -05:00
e8468a5c99
Cleanup.
2017-06-29 16:52:17 -05:00
5c5044a80f
Stream audio data via channel (MS-2725).
2017-06-29 16:52:16 -05:00
dd7726b894
Change to Audio Mic
2017-06-29 16:52:16 -05:00
1bfa9366e6
Bring back to working
2017-06-29 16:52:15 -05:00
bd9c15713d
Bring polling back in
2017-06-29 16:52:15 -05:00
3d51301b98
Seperation of concerns
2017-06-29 16:52:15 -05:00
c7b71a2b32
Seperate concerns of console/mic
2017-06-29 16:52:14 -05:00
9ca74d69f1
add sleep
2017-06-29 16:52:14 -05:00
d2cccae2a1
Use webrtc browser
2017-06-29 16:52:13 -05:00
56b3b0e00d
Add more parameterization
2017-06-29 16:52:13 -05:00
d9e1d21c56
Spacing
2017-06-29 16:52:13 -05:00
d62f0cfd98
Add the mic stop command
2017-06-29 16:52:12 -05:00
40ce03b85f
Parameterize playback configurations
2017-06-29 16:52:12 -05:00
6f8f85df61
Open player for listening to audio
2017-06-29 16:52:12 -05:00
60e009de8f
Use large datasize
2017-06-29 16:52:11 -05:00
16a13723d0
Remove debug
2017-06-29 16:52:11 -05:00
fa4ebadf0f
Make mic audio device stream work with mettle
2017-06-29 16:52:10 -05:00
0a0e6c8576
Use audio stream pool
2017-06-29 16:52:10 -05:00
197d377424
Fix commands to mic
2017-06-29 16:52:10 -05:00
ebf967db3e
Add audio-channel
2017-06-29 16:52:09 -05:00
959f9fe2d2
Updated lib/rex/proto/http/client_request.rb to ensure that the host header is formatted
2017-06-29 12:05:02 -07:00
7e1b50ab3b
Land #8629 , AKA (also known as) module reference
2017-06-28 19:15:45 -05:00
461ab4501d
add 'Also known as', AKA 'AKA', to module references
2017-06-28 15:53:00 -04:00
6349026134
Land #8442 , Exploit module for Backup Exec Windows Agent UaF
2017-06-28 10:39:28 -05:00
3f99306370
Fix issue with python3 meterp
...
Due to the way python3 does things differently, the escaped char string
for the session guid didn't work in the way it was expected. Instead,
we're going to do what we did with the payload UUID and hex encode, and
use binascii to handling the translation for us.
2017-06-28 17:55:27 +10:00
52211ab6ae
Continue refactoring removal of "DLL" references
2017-06-27 18:00:01 -04:00
0da9f4d64a
Refactor railgun "DLL" references to library
2017-06-27 17:34:06 -04:00
e08bd84038
Merge branch 'upstream-master' into land-8603-
2017-06-27 04:03:31 -05:00
0f48afa7ba
Land #8622 , normalize short meterpreter command flags
2017-06-27 02:09:12 -05:00
8e1e505730
Fix output of MSV creds dumping in Kiwi
...
The data being pulled out of the MSV credential dump was not being
rendered propertly because it was assumed that all accounts would
provide the same set of hashes/details for each entry found. However,
this was not the case. Some have NTLM & SHA1, others have LM & NTLM,
some have DPAPI when others don't.
This code generates tables based on the values found, and renders those
values in the appropriate columns, and if the values don't exist for
a given account, the column is left blank.
Fixes #8620
2017-06-27 15:43:40 +10:00
1637f55c65
Handle ArgumentError when previous gets args
...
Dumb patch.
2017-06-27 00:41:26 -05:00
49e34d70c3
Remove uses of multi-char args for meterpreter commands
2017-06-27 13:06:10 +10:00
ea83cb0bb6
Make the railgun def class names platform specific
2017-06-26 19:53:19 -04:00
25e323fc4b
Support AES renegotiation after session migration
2017-06-26 20:50:12 +10:00
3c767552e9
Make session list show the encryption status
...
Both extended and verbose session logging will show which of the
sessions has the encryption enabled as it's not yet supported on all
sessions.
2017-06-26 16:41:58 +10:00
9f2be21eb7
Ignore missing method error when doing aes negotiation
...
This means that meterpreter instances that don't support will continue
to work.
2017-06-26 15:22:56 +10:00
bdcea7bd22
Fix http AES packet dispatching
2017-06-25 19:51:25 +10:00
494d389aa2
Merge upstream/master into packet encryption
2017-06-25 19:06:31 +10:00
67b1a19aa1
Finalised MSF-side of AES key negotiation over RSA
2017-06-25 10:24:00 +10:00
bf85386acf
add help switch
2017-06-24 17:45:53 -05:00
5635e81a87
export module.search command
2017-06-24 15:50:37 -05:00
e0695cbf9b
add a framework-wide search method
2017-06-24 15:09:32 -05:00
8eceef18d9
refactor search, separate search bits from output
2017-06-24 14:51:14 -05:00
6a8d54a93c
Land #8545 , `ps` table output fixes
2017-06-24 14:43:51 -05:00
feb8d14fe6
Make the TryToFork option generic
2017-06-23 21:08:49 -05:00
1762fe56c9
Land #8589 , Fix 64-bit support for the winpmem extension
2017-06-23 19:27:31 -05:00
c3090a4f9c
Land #8601 , make session logging more useful, don't lose characters
2017-06-23 17:36:01 -05:00
9eeb3dc143
use typical command option and TLV scheme instead of dumb stuff for keyscan_start
2017-06-23 13:11:12 -05:00
03b36757e4
Added session name to logfile name
2017-06-23 13:26:36 +02:00
24379f907e
Fixed timestamped logger cutting off last character ( fixes #8597 )
2017-06-23 13:19:16 +02:00
a3607c6802
Update to Mimikatz 2.1.1 20170608 to include changntlm
2017-06-23 13:40:01 +10:00
283f36f79a
Compare headers w/process keys instead of themselves
...
Also clarifies a bunch of old bad variable names
2017-06-22 21:43:11 -05:00
2617ae7609
Land #8513 , check extapi commands for dependencies
2017-06-22 20:21:26 -05:00
fda2e8c73d
Land #8523 , Add support for session GUIDs
2017-06-22 20:10:10 -05:00
fad696ed58
Bump version of framework to 4.15.0
2017-06-22 18:02:38 -07:00
c307cfab50
Land #8592 , rpc module info
...
enhance module details returned by the RPC
2017-06-22 14:18:39 -05:00
3a445655ae
Land #8511 , console search options
...
lands sempervictus' console search command
enahncements and bug fixes
2017-06-22 12:07:10 -05:00
3b248c78f3
resurrect old example modules, integrate into module tree
2017-06-22 11:36:35 -05:00
549ebb4ff6
Patch in the new PythonMeterpreterTryToFork option
2017-06-22 10:55:08 -05:00
0eaffde4b3
fix rex arguments parser to handle adjacent flags, update accordingly
2017-06-22 09:54:03 -05:00
47a659f554
Land #8185 , Convert ntp modules to bindata
2017-06-22 09:37:58 -05:00
eb4c4c911b
Land #8587 , Add android wakelock command to turn the screen on
2017-06-21 14:48:20 -05:00
f96f61d29e
enhance module info to be on par with pro RPC interface
2017-06-21 08:36:49 -05:00
717f9aad12
Add more OSX Railgun defs and better CDECL support
2017-06-21 08:59:42 -04:00
a9e03c1efd
Initial working version of AES encryption of TLVs
2017-06-21 21:01:59 +10:00
d81d0ea4ba
print a friendlier status msg
2017-06-21 03:09:42 -05:00
b9904572f9
update winpmem dump handler for 64-bit support
2017-06-21 03:02:50 -05:00
2129959d2d
Begin rework of packet handling
...
This moves some of the packet-specific stuff to the packet class itself
2017-06-20 19:18:37 +10:00
700dfee963
Land #8584 , remove meterpreter TLVs for dead code
2017-06-19 15:56:15 -05:00
c0efb7bc76
Land #8573 , Adapted the authentitcity_token scheme
2017-06-19 15:45:20 -05:00
f7c133cdf7
Add OSX support to railgun
2017-06-19 11:11:55 -04:00
cec87a3e4f
Start of support for AES packet encryption
2017-06-19 22:27:51 +10:00
a48f0fcec6
Remove references to Meterpreter CRYPTO TLVs
...
This feature wasn't supported, and so the TLVs are no longer needed.
2017-06-19 16:53:33 +10:00
42d1fae2e6
Upstream console search additions and fixes
...
The -S flag for console commands, backed by search functionality
in Rex' tables, originally pushed upstream in #1604 (iirc), lacks
coverage for a number of commands which benefit a good deal from
inline filtering of the potentially large number of results.
Push more -S flags and surrounding table functionality upstream
to provide coverage for the console commands included in framework.
Include a fix for deleting hosts when DB references are a problem.
Include a fix for the upstream route command wherein scope must be
defined for the routing target by assuming a /32 without explicit
definition.
Note:
With this in place, console behavior when filtering results is
roughly analagous to the R7 filtering in web UI, which should help
those of us trying to use both maintain corresponding workflows.
Testing:
Used in-house for years, though changes to the diff from upstream
and our fork (expunging some internal code) are untested, so would
appreciate eyes and hands on.
2017-06-16 20:28:51 -04:00
9ce0bb9345
Bump version of framework to 4.14.28
2017-06-16 10:02:07 -07:00
ef7434b59b
added new authentitcity_token scheme
2017-06-16 16:54:38 +02:00
55b71e115f
Land #8535 , MSGRPC module minor fixes
2017-06-15 21:44:34 -05:00
2c0f41ee8f
Fix session guid handling in python 3
...
I made the mistake of using str.decode() which isn't a thing in python3
(works fine in 2). So this commit fixes it so that the GUID string
itself is generated directly as a byte string, so that the call to
decode() isn't needed at all.
2017-06-16 09:01:29 +10:00
64bf6910e2
Remove SSL support from windows reverse_tcp payloads
2017-06-14 22:04:25 +10:00
32fbad7fca
Style changes for cmd_ps cleanup
2017-06-14 01:28:21 -04:00
0515980138
Bump version of framework to 4.14.27
2017-06-12 07:39:14 -07:00
762427b447
Clean up cmd_ps table output for Mettle
...
Mettle can run in all sorts of environments where some colums of a
process table will be nil. The existing implementation compacts
rows going into the table while providing filtering for the colum
contents only by checking the output of the first row in the proc
table.
Check column filters against all rows to ensure proper table init.
Check columns going into table for match against header.
Do not compact nil values in the table rows - some things, like
kthreads/workers dont have a path while other PIDs will.
2017-06-12 01:20:59 -04:00
bf674263f3
Land #8533 , record vulnerability attempts
2017-06-09 17:52:49 -05:00
40fafaa270
dereference the service from the service manager
2017-06-09 16:24:01 -06:00
2b6f823a1b
store vuln attempt when reported
2017-06-09 12:46:39 -05:00
77b1125e77
Bump version of framework to 4.14.26
2017-06-09 10:03:35 -07:00
c89fee89db
Land #8529 , RPC Session Arch
...
Lands pr adding Session arch to info
returned by rpc
2017-06-09 11:58:19 -05:00
c4288fb35a
Update branch to include chances from upstream/master
2017-06-09 17:18:57 +10:00
c3b2476a51
add arch to rpc session details
2017-06-08 16:26:13 -06:00
4198efa41f
Remove pry from CommandDispatcher::Creds...
...
My bad. Should have been caught in #8517 .
2017-06-08 00:18:46 -05:00
eef82a501d
Add support for session GUIDs in mettle
2017-06-08 11:20:48 +10:00
3e27fd3db4
Land #8517 , CommandDispatcher::Common
...
Also fixes jobs -i.
2017-06-07 03:20:45 -05:00
596924552e
Fix literal \n in jobs -i
...
Regression from #4063 .
2017-06-07 03:19:30 -05:00
a052ee4064
Use the opts hash not the datastore
2017-06-06 20:02:06 -04:00
6131e4bd82
Fix download lambda function to take correct param count
...
This is an emergency fix as a result of something being broken in
master. This is also being pushed straight to master because github is
down and the PR process isn't possible. This commit was reviewed by
@wvu-r7 prior to being pushed.
2017-06-07 09:37:24 +10:00
834e0eba95
Land #8340 , add exception handling for rev_tcp_ssl
2017-06-06 19:09:15 -04:00
a953d94f61
Minor white space cleanups for PR #8340
2017-06-06 19:07:55 -04:00
3ded57e1cd
Land #8516 , add verbose debug to ntds dumper
2017-06-06 07:26:54 -05:00
0830e4aaa5
Land #8503 , Linux x86 reverse_tcp error handling
2017-06-06 06:36:55 -05:00
37b9cd07a2
Add support for the session GUID in the UI
...
The Session GUID will identify active sessions, and is the beginning of
work that will allow for tracking of sessions that have come back alive
after failing or switching transports.
2017-06-06 17:15:57 +10:00
871c30c0b3
refactor stdapi and lanattacks to use filter_commands
2017-06-06 14:05:07 +08:00
e9c9c852ab
check_commands -> filter_commands
2017-06-06 13:56:38 +08:00
f0f21891ad
Land #8512 , Enable adaptive download with variable block sizes
2017-06-05 18:46:24 -05:00
42aa2e5acf
add some attempts at debugging to ntds
...
add some logging and more status outputs to the
NTDS domain hasdump. Also force the encoding on
strings to UTF8
2017-06-05 15:21:50 -05:00
f4013b02e1
renaming db_common to common
...
this moves the following methods into common
arg_host_range ( used in creds and db )
arg_port_range ( used in creds and db )
set_rhosts_from_addrs ( used in creds and db )
show_options ( used in jobs and modules )
2017-06-05 14:19:18 -05:00
7625d36c1c
fix #8199 , check extapi for dependencies
2017-06-05 14:56:59 +08:00
8c35e54934
Land #8495 , Expand multi-handler for generic http(s) sessions
2017-06-04 20:21:32 -05:00
39cee481c1
Making changes similar to the reverse_tcp payload
2017-06-03 22:57:59 +05:30
82a83af6c2
add error handling to x86 linux reverse tcp
2017-06-03 04:04:55 +09:00
92a65f5c63
Bump version of framework to 4.14.25
2017-06-02 10:03:44 -07:00
cc0ff8f3db
Enable adaptive download with variable block sizes
...
The aim of this commit is to allow users of Meterpreter in high-latency
environments have better control over the behaviour of the download
function. This code contains two new options that manage the block size
of the downloads and the ability to set "adaptive" which means that the
block size will adjust on the fly of things continue to fail.
2017-06-02 17:16:58 +10:00
abeececb46
Land #8493 , creds -R fix with DbCommon
2017-06-01 14:19:16 -05:00
ccf54f464c
Expand multi-handler for generic http(s) sessions
2017-05-31 14:35:18 -05:00
2682874652
fixing a busted -R on creds search
...
I broke this when moving creds to its own file.
2017-05-30 15:56:51 -05:00
0c792798a7
Bump version of framework to 4.14.24
2017-05-30 07:26:35 -07:00
32a83e0d30
update macho check for 32bit + fat
2017-05-30 14:00:24 +08:00
ee57c7188e
Land #8470 , remove broken check for invalid options
2017-05-30 00:35:46 -05:00
a01a2ead1a
Land #8467 , Samba CVE-2017-7494 Improvements
2017-05-30 00:15:03 -05:00
66f06cd4e3
Fix small typos in comments
2017-05-28 14:40:33 -05:00
4e29b6e5fd
Land #8275 , add retry opts for py rev_tcp stager
2017-05-28 13:02:35 -04:00
2ca53eaebf
Minor white space cleanups for PR #8275
2017-05-28 12:59:06 -04:00
e02d726213
Setting default values to the added options
2017-05-28 14:30:30 +05:30
b7620e13a3
remove special case check for invalid options
2017-05-27 00:53:14 -05:00
11b3fd9067
Land #8468 , Update system info after running getsystem
2017-05-26 23:37:00 -05:00
53cbbbacd8
getsystem update session info
2017-05-26 17:28:11 -06:00
e8b5cc3397
Avoid a stacktrace by verifying that the share is known
2017-05-26 17:01:44 -05:00
8caaba01f1
Add share enumeration methods to the SMB mixin
2017-05-26 17:01:18 -05:00
15b3b7de41
Bump version of framework to 4.14.23
2017-05-26 10:02:14 -07:00
1582d3a902
support i386
2017-05-26 15:55:42 +08:00
a9e6df6f15
fix shell command on osx meterpreter
2017-05-26 15:55:14 +08:00
18a871d6a4
Delete the .so, add PID bruteforce option, cleanup
2017-05-25 16:03:14 -05:00
92a1a3ecf7
Adding for loop instead of while, removing 'counter'
2017-05-25 15:09:34 +05:30
0520d7cf76
First crack at Samba CVE-2017-7494
2017-05-24 19:42:04 -05:00
52363aec13
Add module for CVE-2017-8895, UAF in Backup Exec Windows agent
...
This module exploits a use-after-free vulnerability in the handling of
SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for
Windows. When SSL is re-established on a NDMP connection that previously
has had SSL established, the BIO struct for the connection's previous
SSL session is reused, even though it has previously been freed.
Successful exploitation will give remote code execution as the user of
the Backup Exec Remote Agent for Windows service, almost always
NT AUTHORITY\SYSTEM.
2017-05-24 00:18:20 +12:00
d333077308
osx meterpreter
2017-05-23 14:23:22 +08:00
3e4e5dc810
Land #8421 , fix rspec failures with newer OpenSSL
2017-05-22 21:49:52 -04:00
86aad6b7c3
Fix proxy_type references to handle nil case
2017-05-22 21:47:37 +10:00
29d1022ae2
Fix the rake spec failures under ruby 2.4.
...
Ths typo3_spec is giving some errors under ruby 2.4+
and OpenSSL 1.1+.
2017-05-21 21:56:04 +02:00
18f520382b
Bump version of framework to 4.14.22
2017-05-19 12:12:27 -07:00
a6f416e8df
Land #8290 , Hwbridge Automotive Fix and Extension Enhancements
2017-05-19 13:46:54 -05:00
c54c999efc
Bump version of framework to 4.14.21
2017-05-19 10:02:32 -07:00
22828fcc0f
Land #8406 , add compatibility shims for older Ruby versions
2017-05-18 21:50:45 -05:00
4def7ce6cc
Land #8327 , Simplify storing credentials
2017-05-18 16:49:01 -05:00
126c078ced
Bump version of framework to 4.14.20
2017-05-18 11:53:33 -07:00
02211db664
Land #8412 , fix for smb_login errors
...
Merge branch 'land-8412' into upstream-master
2017-05-18 13:43:10 -05:00
94e4dc2938
fix for smb_login errors
...
do not try the TreeConnect if the SESSION_SETUP
has already failed.
2017-05-18 11:26:03 -05:00
1af6c08356
Land #8409 , mark osx-app macho as executable
2017-05-18 09:28:01 -05:00
a68a1858a9
Fix #7703 , mark osx-app macho as executable
2017-05-18 18:24:35 +08:00
c59371dd5e
add ruby backports compat library
2017-05-17 23:41:20 -05:00
b78749bc1b
Land #8221 , move autoroute
2017-05-17 15:17:45 -05:00
d0b13544dd
Agreed-upon feedback updates.
2017-05-17 10:57:39 -05:00
729f2a9ab8
Bump version of framework to 4.14.19
2017-05-16 14:09:45 -07:00
58d65ce4b5
Land #8380 , check for command injection in smtp email addresses
...
aborts
2017-05-16 15:36:22 -05:00
e3f4cc0dfd
Land #8345 , WordPress PHPMailer Exim injection
...
CVE-2016-10033
2017-05-16 15:07:21 -05:00
416a5cdc3b
Land #8379 , payload opts check for RHOST warning
2017-05-14 22:21:58 -05:00
78148c7979
Prefer && instead of and
...
I think @zeroSteiner's been writing a lot of Python. :-)
2017-05-14 22:19:15 -05:00
e7be0af72e
update bad mail checks
2017-05-14 22:13:31 -05:00
cc72850847
Land #8369 , add PSH decompressor & decoder convenience methods
2017-05-14 21:28:02 -05:00
8ac5d2d377
tidy up a bit while we're in here
2017-05-14 21:27:38 -05:00
544ea6926c
trim leading and trailing whitespace in mail addresses
2017-05-14 11:22:46 -05:00
70bfdf17b2
Check payload options before showing RHOST warning
2017-05-13 14:46:07 -04:00
f39e378496
Land #8330 , fix ps_wmi_exec and psh staging
2017-05-13 14:26:47 -04:00
3cbeebe3af
Rename env_ variable to be more accurately named
2017-05-13 14:24:00 -04:00
3a1ed19a42
Making use of StagerRetryConnect
2017-05-13 17:49:53 +05:30
405f2c6ca1
Bump version of framework to 4.14.18
2017-05-12 10:10:30 -07:00
123462bdca
Land #8293 , add initial multi-platform railgun support
2017-05-11 22:32:23 -05:00
e414bdb876
don't try to guess intent for specified default targets, leave auto-auto targeting to unspecified modules
2017-05-11 15:19:11 -05:00
099fc0176a
move autoroute to a more sensible location
2017-05-10 23:01:02 -05:00
cf29a512d0
Upstream Msf namespace PSH decompressor & decoder
...
Present convenience interfaces in Msf::Exploit::Powershell ns for
decoding and decompressing PSH strings built with Rex::Powershell
or compatible implementations.
2017-05-10 22:44:56 -04:00
18d95b6625
Land #8346 , Templatize shims for external modules
2017-05-10 18:15:54 -05:00
ee55516e06
Allow lowercase HTTP in command strings
2017-05-10 15:17:20 -05:00
3a45c2f321
Allow complete override of Host header
2017-05-10 15:17:20 -05:00
tkmru
James Lee
RageLtMan
Metasploit
bwatters-r7
William Vu
Brent Cook
William Webb
wchen-r7
Dave Farrow
Pearce Barry
OJ
David Maloney
dmohanty-r7
Anderson
Spencer McIntyre
Dirkjan Mollema
SecureAB
TheNaterz
Jeffrey Martin
Tim
darkbushido
itsmeroy2012
HD Moore
Matthew Daley
Renato Piccoli
Adam Cammack