Commit Graph

44301 Commits (7b386ea2c8a4e2de94f5aa99f996800bdb925fe6)

Author SHA1 Message Date
Brent Cook d811a2a8c1 set good defaults 2017-11-21 02:52:05 -06:00
Brent Cook 65c58c3d55 set a good default, remove unused methods, speed up checks 2017-11-21 02:52:05 -06:00
Brent Cook ffa6d74a23 remove historical cruft 2017-11-21 02:52:05 -06:00
Brent Cook d3ee86dc5c update to new format 2017-11-21 02:52:05 -06:00
Brent Cook 249c08f597 usability improvements ith how base options are registered
This adds named parameters for all of the current array-index based
options. It also allows specifying the description as the 2nd parameter,
allowing the 'required' parameter to be implicitly false (the most
common value).

A simple parameter like:

 OptAddress.new('ReverseListenerBindAddress',
   [false, 'The specific IP address to bind to on the local system']),

Can now be rewritten as:

 OptAddress.new('ReverseListenerBindAddress',
   'The specific IP address to bind to on the local system'),

More complex options are also now easier to read:

 OptString.new(
   'HttpUserAgent',
   'The user-agent that the payload should use',
   default: Rex::UserAgent.shortest,
   aliases: ['MeterpreterUserAgent']
 ),

This also makes dealing with enums easier because default is implicit
unless specified. This:

  OptEnum.new('PayloadProxyType',
    [true, 'The proxy type, HTTP or SOCKS', 'HTTP', ['HTTP', 'SOCKS']]),

Becomes:

  OptEnum.new('HttpProxyType',
    'The proxy type, HTTP or SOCKS', required: true, enums: ['HTTP', 'SOCKS'])

This maintains full backward compatibility with existing code as well.
2017-11-21 02:52:05 -06:00
h00die dd8238d146 rubocop got a donut 2017-11-20 20:08:28 -05:00
Adam Cammack 40a71af7ed
Add missing `end` 2017-11-20 17:50:59 -06:00
Matthew Kienow 21707cb7aa
Land #9225, add external module template for DoS 2017-11-20 18:39:13 -05:00
Matthew Kienow 0fb0fab805
Landing #9224, robust external module read loop 2017-11-20 18:25:09 -05:00
Adam Cammack 2fdc34c8fd
Add new template for DoS modules 2017-11-20 17:19:14 -06:00
Adam Cammack dd57138423
Make external module read loop more robust
Changes from a "hope we get at most one message at a time" model to
something beginning to resemble a state machine. Also logs error output
and fails the MSF module when the external module fails.
2017-11-20 16:52:05 -06:00
Matthew Kienow 39f06a3995
Land #8807, template for external module servers 2017-11-20 17:34:37 -05:00
Martin Pizala 90d6165e68
bypass user namespaces docs 2017-11-19 22:10:39 +01:00
h00die 579d012fa2 spelling 2017-11-19 08:36:27 -05:00
h00die b7f7afb3be version detect, 2.2.6 handling 2017-11-19 08:28:07 -05:00
Metasploit 602406a423
Bump version of framework to 4.16.19 2017-11-17 10:02:22 -08:00
Metasploit 5cdd364590
Bump version of framework to 4.16.18 2017-11-15 19:46:12 -08:00
h00die f8891952c6 pfsense group member exec module 2017-11-15 21:00:58 -05:00
Adam Cammack c740f4369c
Land #9197, Cleanup Mako Server exploit 2017-11-15 15:01:31 -06:00
Adam Cammack 4219959c6d
Bump ranking to Excellent 2017-11-15 15:00:47 -06:00
Adam Cammack f357efd97c
Land #9208, add AArch64 ELF to Msf::Util::Exe 2017-11-15 14:22:27 -06:00
bwatters-r7 83c228f3b8
Make rubocop less mad 2017-11-15 14:06:36 -06:00
bwatters-r7 33a07beb30
Fix whitespace issues 2017-11-15 12:26:49 -06:00
Austin 829a7a53db
verbose response. 2017-11-15 12:27:40 -05:00
bwatters-r7 53a068d13f Add error handling for failed hashdumps 2017-11-15 11:08:35 -06:00
David Maloney 8b9e091e70 remove humorous typo 2017-11-15 11:08:25 -06:00
David Maloney 7162765b57 load extapi in domain_hashdump
domain hashdump always needs to load extapi to work
2017-11-15 11:08:17 -06:00
David Maloney ad98c9c156 fix Windows server 2016 support for domain_hashdump
The domain hashdump psot module should now work
against Server 2016 DCs.
2017-11-15 11:08:06 -06:00
Austin 4918e5856d
Update polycom_hdx_traceroute_exec.rb 2017-11-15 10:41:51 -05:00
Austin d93120e2ac
Create polycom_hdx_traceroute_exec.rb 2017-11-15 10:40:57 -05:00
Austin 256bf5a5ca
Create polycom_hdx_traceroute_exec.md 2017-11-15 10:38:53 -05:00
Martin Pizala 33e5508bcb
bypass user namespaces 2017-11-15 15:14:58 +01:00
Tim 4ec0faf35d fix aarch64 cmdstager 2017-11-15 16:47:17 +08:00
Jeffrey Martin 80b381cde9
Merge released '4.x' into master 2017-11-13 14:11:23 -06:00
Spencer McIntyre bc691cbd00 Document the new tab completion functions 2017-11-11 17:17:48 -05:00
Spencer McIntyre fb7635502d Tab completion for exploit and handler commands 2017-11-11 17:11:54 -05:00
Spencer McIntyre 68a43fef36 Add the new generic tab completion functoin 2017-11-11 16:47:11 -05:00
William Vu f3e2f4d500
Land #9167, D-Link DIR-850L exploit 2017-11-10 18:15:39 -06:00
William Vu 3936d3baa1 Clean up module 2017-11-10 18:15:22 -06:00
Martin Pizala 971ec80fc1
Keep the python target 2017-11-10 23:11:27 +01:00
Steven Patterson df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
Metasploit 4f660d7dd7
Bump version of framework to 4.16.17 2017-11-10 10:05:05 -08:00
William Vu 7b5ec9d0ec
Land #9193, makoserver_cmd_exec cleanup 2017-11-10 10:36:16 -06:00
Jeffrey Martin 7595c7c627
Land #9194, Add a check for .rb in cmd_edit 2017-11-09 21:56:50 -06:00
William Vu 97859ebf8c Clarify XXX comment no user will ever see anyway 2017-11-09 15:23:37 -06:00
William Vu 577baf6070 Add a check for .rb in cmd_edit 2017-11-09 15:17:53 -06:00
William Vu ea260e87b7 Remove headers, since we didn't send them before
http was an invalid key for setting headers, and we still got a shell.
These headers also don't seem relevant to the PUT request.
2017-11-09 11:06:50 -06:00
William Vu 7213e6cc49 Fix #9133, makoserver_cmd_exec cleanup 2017-11-09 10:52:03 -06:00
h00die 52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00