32dbb8c3e0
Land #6051 : check include_send_uuid method support
2015-10-06 07:31:11 +10:00
2769d66bfc
Check if the payload has a include_send_uuid method before calling it
...
Otherwise we get an undefined method exception and the payload fails to stage.
Fixes #6040
2015-10-05 15:13:11 -05:00
32255a4621
Always show the URI and User-Agent for unknown requests
2015-10-05 11:05:05 -05:00
711f11abb8
Clean up some things
2015-10-02 18:35:46 -05:00
dea0142da1
catch network exceptions
2015-10-02 18:26:37 -05:00
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
953bfe1a81
Delete typo
2015-10-02 15:29:03 -05:00
2445c1fa32
Land #6012 , Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp
2015-10-02 15:27:47 -05:00
40cb13609a
update SSLVersion to support all options for rex TCP sockets, add 'TLS' alias
2015-10-02 15:26:49 -05:00
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
144bf39038
Land #5998 , fixup PrependMigrate for stageless meterpreter
2015-10-01 11:48:33 -05:00
2ab779ad3d
Land #6010 , capture_sendto fixes
2015-10-01 10:54:24 -05:00
22c424a4c6
Fix CreatProcessA stack alignment in prependmigrate x64
2015-10-01 10:24:13 +10:00
b35a0166bf
Merge branch 'upstream/master' into fix-prepend-https
2015-10-01 09:07:28 +10:00
393a71cf46
Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation
...
Conflicts:
Gemfile.lock
2015-09-29 15:00:22 -05:00
54f9a3b25a
Land #6013 , add mainframe as a platform and architecture
2015-09-29 13:28:23 -05:00
f3e8b34b4f
Land #6007 , restore original behavior when capture_sendto fails
...
we need this while fixing modules to handle exceptions
2015-09-29 09:55:47 -05:00
9444c8c410
Fix #5988 , windows x64 stagers
...
* Also, use mov esi, esi to save an extra byte
* Also, modify the block_recv.asm code, just to have it up to date
2015-09-28 15:52:50 -05:00
4a9ef30e9e
Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp mixin
2015-09-28 10:31:17 -05:00
ff87fbc976
Added a mainframe.rb in core/payload
...
Base module for payloads to be developed on the mainframe / SystemZ
(z/os mvs) architecture
2015-09-28 10:06:09 -05:00
ecf6867c35
Added mainframe as a payload constant
...
updated core/payload.rb to include 'mainframe' as a option
2015-09-28 10:04:50 -05:00
bc718da5d9
Added mainframe as a platform in core
...
To develop modules, mainframe and zArchitecture needs to be defined in
several places. This is the official platform.rb definition
2015-09-28 10:03:15 -05:00
7d9d3864c3
Add docs for capture_sendto
2015-09-27 15:40:32 -07:00
fc9a757194
Fix #6008 for the 6 modules that use scanner_spoof_send
2015-09-27 15:06:29 -07:00
b508625957
When unable to determine destination MAC, vprint and return false
...
Fixes #6006 .
~20 related modules are affected by this defect and by this "fix"
2015-09-26 15:13:26 -07:00
cb4e609dd5
Land #5997 , database cache update fix
2015-09-26 14:10:04 -05:00
52e3405192
Passing report_exploit_success specs
...
MSP-13119
2015-09-23 11:12:02 -05:00
dc84b3b1ba
Passing report_exploit_failure specs
...
MSP-13119
2015-09-23 10:54:13 -05:00
30102d4526
No longer needed.
2015-09-22 17:05:30 -05:00
d90f87449a
Fix merge
2015-09-22 16:55:01 -05:00
7d2a2a8b64
Fix issues with using hop for new core
2015-09-22 16:54:02 -05:00
6482083b6b
revert WfsDelay short-circuit on exploit failure
...
Some exploits currently succeed, but can fail during cleanup, leading to a
false-negative. Reverting this so that the affected exploits can be fixed
first.
This reverts commits b0858e9d46b3f754136e
2015-09-22 14:43:03 -05:00
66b453edd6
ensure the database cache is always updated, present accurate reporting on search
2015-09-22 12:56:26 -05:00
8b10cbe3fd
Query for vulns without specifying service when service is nil
...
MSP-13284
2015-09-22 10:50:23 -05:00
46e00389c4
Adjust payload size for stageless in prepend migrate
2015-09-22 18:07:53 +10:00
9230b04674
Update match result creation logic
...
MSP-13119
* Look up match on match set for the run
* If no match exists in the match set for the vuln, attempt to create a match for the vuln
2015-09-22 00:24:38 -05:00
d3a73149a2
Add specs around match result creation in exploit attempt
...
MSP-13119
2015-09-18 12:04:45 -05:00
6f19e30723
Merge branch 'staging/hd-wfs' into feature/hd-wfsdelay
2015-09-17 13:07:56 -05:00
c7afe4f663
Land #5930 , MS15-078 (atmfd.dll buffer overflow)
2015-09-16 15:33:38 -05:00
5cf3ac23e2
Fix no method defined error when run_id is not passed down
...
* run_id is an optional param so we handle when it isn't set on user data
MSP-13119
2015-09-16 15:32:48 -05:00
b0858e9d46
Style tweak re: TheLightCosine's feedback
2015-09-16 08:15:26 -07:00
b7572d5494
Handle both serialized & unserialized cases on import
2015-09-16 08:11:15 -07:00
ef043cebc3
Always use the stringified host->address during export
2015-09-16 02:59:11 -07:00
382e01d680
Add comments and use run scope on match
...
MSP-13119
2015-09-15 15:09:26 -05:00
621af7311c
Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation
2015-09-15 14:35:07 -05:00
eb479318b1
Use existing run for match result or create a new one if it doesnt exist
...
MSP-13119
2015-09-15 14:34:44 -05:00
b3f754136e
Skip WfsDelay when the exploit has clearly failed
2015-09-15 08:04:23 -07:00
c7f15ca940
Rework how match results get created
...
MSP-13119
* Create match result when we create vuln attempt
2015-09-14 12:18:47 -05:00
713ded7ca2
Ignore SMB exceptions during fingerprinting
...
This fixes smb_version in cases where the remote server throws a Login error
for the default creds (null session).
2015-09-14 09:35:44 -07:00
ad0140e0fc
Land #5864 , @jlee-r7's fixes x64 injection
2015-09-11 16:09:37 -05:00
OJ
Brent Cook
HD Moore
William Vu
jvazquez-r7
Fernando Arias
bigendian smalls
Jon Hart
scriptjunkie
dmohanty-r7
David Maloney
wchen-r7