b636aeb303
rm print_warning
2015-11-20 19:38:33 -06:00
99a74fd4d2
Merge branch 'master' into feature/interval-collect-geo
2015-11-20 14:06:22 -06:00
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
d405f31c35
Add a NotImplementedError if run is used to run a local exploit
...
Running a local exploit like a post is not currently supported,
we should at least raise a warning or something, and not just
let it backtrace and confuse the user.
2015-11-19 14:31:31 -06:00
d6921fa133
Add Atlassian HipChat for Jira Plugin Velocity Template Injection
...
CVE-2015-5603
Also fixes a bug in response.rb (Fix #6254 )
2015-11-18 11:34:25 -06:00
089a006408
Land #6248
2015-11-17 14:28:55 -08:00
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
ce62984e52
Fix #6079 , Check nil when using read_exactly_n_bytes
2015-11-16 18:06:49 -06:00
038d367d58
Fix #6247 , Update Meterpreter Usage on "Interact"
...
The "interact" command does not actually exist. Instead, users
should do "channel -i" to interact with a channel.
Fix #6247
2015-11-16 17:58:39 -06:00
a78fa7c3d9
Fix #4273 , print error in create_session
...
Fix #4273
2015-11-16 17:17:20 -06:00
24c41c9261
Land #6225 , wall(1)/write(1) post module
2015-11-16 12:47:35 -06:00
708cbe9479
change the default SMBDomain to .
...
Due to a recent change using WORKGROUP
as the SMBDomain causes Trust errors.
Using '.' instead works fine.
2015-11-16 12:20:27 -06:00
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
06a5b5b0bd
Land #6234 , Host header transport
2015-11-14 11:35:47 -06:00
4a707b33a2
Add rspec coverage for cowsay. Achievement unlocked
2015-11-13 10:26:47 -08:00
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
cd4aa28d11
Transport priority changes
...
Pass in the "lhost" and "lport" options to the default transport during the native payload. This takes the following LHOST priorities:
1. OverrideLHOST, only if OverrideRequestHost is TRUE
2. The request Host: header.
3. The LHOST datastore.
2015-11-13 13:21:46 +00:00
9d9865150b
Transport priority changes
...
Default transport request should set the priority to the Host: request header, and the subsequent OverrideRequestHost, OverrideLHOST, and OverrideLPORT options in the handler for reverse_http(s).
2015-11-13 13:19:01 +00:00
0e121df69d
Need a default template
...
The set_template_default actually needs the second argument,
otherwise we hit a RuntimeError.
2015-11-12 15:17:03 -06:00
aaea730508
Fix #6213 - Method to_linux_x86_elf fails to set set :template
...
:template by default is just the base name of the file, not the
fullname. Before we use it, we need to normalize it. Methods
in this class rely on set_template_default for normalization (
which can also handle a custom path), so we'll just use that too.
Fix #6213
2015-11-12 15:07:58 -06:00
8703987535
Add HTTPS and new transport support for hop
2015-11-11 21:25:23 -06:00
a2fe2fbd5e
Land #6214 , #6060 , simplify framework gem layout and version scheme
...
This merges things up and removes duplicate gemspecs so we can easily make
framework gem releases for embedding in 3rd-party projects.
2015-11-11 15:04:21 -06:00
0afc5be3bc
Finalise set up of stageless init
2015-11-10 20:01:23 +10:00
a28ab216d3
Adding stageless init script support
2015-11-10 19:18:47 +10:00
15eb135295
Resolve merge conflicts
2015-11-09 18:15:40 -08:00
f8a215e3cd
Adding changes to allow for easier version bumping
2015-11-09 15:56:03 -06:00
ceaf7440a7
Send full message
2015-11-06 12:15:17 -06:00
19652e79c3
Delete comments
2015-11-06 12:15:07 -06:00
ca1502c00a
Fix SMTP send_message to not block
2015-11-06 12:14:59 -06:00
a71d7ae2ae
Land #6089 , @jvazquez-r7 Fix HTTP mixins namespaces
2015-11-05 16:56:41 -06:00
596b2b025d
Land #6173 , improve advanced, info, and options
2015-11-04 13:40:49 -06:00
4d8ea7fb5c
Refactor more common stuff out of reverse handlers
2015-11-03 23:21:47 -06:00
1fbc4da36c
Fix tab completion for set StageEncoder
2015-11-03 17:32:41 -05:00
00d09744fb
Land #6118 , @wchen-r7's new methods for Rex HTTP response
2015-11-03 10:42:42 -06:00
7c2f9531d9
Don't stack trace if listener is on a dead session
2015-11-03 08:31:33 -06:00
07b34e8906
Missing types and parsing, more work left to go
2015-11-03 00:23:29 -06:00
9b5149fc64
Land #6147 , report_vuln for CheckCode::Vulnerable
2015-11-02 17:24:06 -06:00
2e837b26e8
Use a Queue instead of Array
2015-11-02 16:02:45 -06:00
ced20ba51c
Refactor NTP symmetric packet creation; add vuln detection to NAK to the future
2015-11-02 12:46:58 -08:00
a4c260f7be
Simplify docs
2015-11-02 09:51:40 -08:00
0dc6f6605b
Remove errant options print
2015-11-02 09:48:48 -08:00
f629f98fdc
Resolve 6174, require meterpreter_options
2015-10-31 18:47:22 +05:00
7f19d95ad8
Land #6146 , add show_mount command (initially for windows meterpreter sessions)
2015-10-30 17:37:30 -05:00
cb403b8a36
Land #6077 , initial python meterpreter module support
2015-10-30 17:29:05 -05:00
be23da1c1f
Merge branch 'upstream-master' into land-6120-python-stageless
2015-10-30 17:26:26 -05:00
cddbcc52ab
Land #6171 , update to metasploit 4.11.5
2015-10-30 17:09:57 -05:00
c54f034f62
Correct help feature
2015-10-30 12:34:34 -07:00
377017a2d5
Include module name in advanced options output
2015-10-30 11:54:44 -07:00
0091a05fa6
Add 'advanced' and 'options' commands to mirror 'info'
2015-10-30 11:54:40 -07:00
6bfa6095c6
Add 'show info'; just calls 'info'
2015-10-30 11:54:35 -07:00
f8a39ecc21
Land #6145 , better RPC exception handling
2015-10-30 13:25:52 -05:00
977b3449b7
Fix #6085 , NoMethodError in vim_soap.rb
...
Fix #6085
2015-10-30 11:02:02 -05:00
f064fec0f1
Bumped version to 4.11.5
...
MSP-13377
2015-10-30 09:37:00 -05:00
344e8a6f90
Refactor common reverse options
2015-10-29 15:15:20 -05:00
46159f5dbe
Back out the Comm stuff for HTTP
2015-10-29 14:22:34 -05:00
4e20b8f369
Fix #5875 , Add report_vuln for Msf::Exploit::CheckCode::Vulnerable
...
Msf::Exploit::CheckCode::Vulnerable requires the module to be
explicit, as in actually triggering the bug and get a vulnerable
response, therefore it should be appropriate to use report_vuln
to report it.
Other vuln check codes (such as Appears, or Detected, etc) will
not call report_vuln, because it's not explicit enough.
2015-10-29 13:22:59 -05:00
c5643e52ff
Add support for the show_mount command (windows)
2015-10-29 07:28:33 +10:00
657a5481dc
fix rpc session conditional to allow powershell read/write
2015-10-28 11:49:32 -05:00
1805774b16
Resolve #6020 , Better RPC exception handling
...
Resolve #6020 . Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
f2b6d37630
Add WIP module for Cisco Talos' NTP 'NAK to the future'
2015-10-27 18:10:07 -07:00
43dbdcea76
Removed process_autoruns from mainframe_shell
...
Removed process_autoruns until we can write a fully compatible one or
fully regression test the existing. Likely the former because of
encoding issues
2015-10-26 14:55:40 -05:00
bbc1e43149
Remove raise, since it broke things
...
Need to pass through silently.
2015-10-26 14:45:21 -05:00
43eae0b97f
Clean up Msf::Sessions::MainframeShell
2015-10-26 12:15:45 -05:00
d53be873dc
Updating master to metasploit/master
2015-10-26 09:24:24 -05:00
71b8c97f0e
Always print PAYLOAD and LPORT in 'jobs'
2015-10-24 14:48:03 -05:00
f6b9f38326
This method is not needed because Nokogiri does that already
2015-10-23 19:38:17 -05:00
f2b4737e4a
Land #6127 , Fix #3859 Add support for registry_key_exist?
2015-10-23 10:59:57 -05:00
b76192dbcb
Land #6099 , make_nops doesn't take into account all the compatible encoders
2015-10-22 21:26:25 -05:00
4bc2437e0b
Temporary hack to test
2015-10-22 20:00:47 -05:00
d5a010c230
Add support for registry_key_exist?
2015-10-22 16:07:38 -05:00
810665847b
Add stageless python meterpreter to the payloads spec
2015-10-22 08:40:50 -04:00
8bb694fa5c
Add stageless Python Meterpreter for reverse tcp
2015-10-21 18:23:04 -04:00
065d042ec4
Update doc a little bit
2015-10-21 16:29:27 -05:00
12cdd786a6
Add more Nokogiri and RKelly support for Rex::Proto::Http::Response
...
These new methods allow the module writer to being able to parse
HTML/XML/JSON responses properly without using regex first.
2015-10-21 16:26:31 -05:00
ba14d6e77f
Add support for the TBD interval geo collection on Android
2015-10-20 15:39:51 -05:00
4b271425c9
s/datstore/datastore/g
2015-10-20 13:05:49 -05:00
6748ccbb82
This method was moved to Rex::Ui::Text::Output
2015-10-19 10:43:38 -05:00
d7b8767afc
Fix #6105 by moving ``puts`` into the base class
2015-10-19 10:42:46 -05:00
28ca34c40a
Fix conflicts
2015-10-16 15:38:59 -05:00
d51f0ebd4c
Refactor "via" string into a method
2015-10-16 15:08:00 -05:00
d85412b0fb
Complete fix for generation of nop sleds
2015-10-16 14:01:00 -05:00
b788772215
break only if 'make_nops' is able generate the nop sled
2015-10-16 13:28:37 -05:00
28685f0e55
Land #6090 , improve display of framework version in msfconsole
2015-10-16 12:09:00 -05:00
bd96e0ded2
Improve get_hash for Framework version
2015-10-15 16:22:45 -05:00
7da3b4958e
Change mixins namespaces
2015-10-15 10:35:07 -05:00
6571a8f2c3
Move http apps mixins to the old convention folder
2015-10-15 10:22:54 -05:00
8057b3edae
Fix specs to pass again
2015-10-15 09:40:39 -05:00
db5d83a40a
Move namespaces
2015-10-15 09:17:06 -05:00
5e39814860
Move to the old convention folder
2015-10-15 09:03:03 -05:00
30d2a3f2a9
Land #5999 , teach PSH web delivery to use a proxy
2015-10-14 11:05:45 -05:00
1c880b933f
Land #6066 , remove empty, duplicate options for EXITFUNC
2015-10-14 10:34:36 -05:00
2a2d8d941d
Land #6054 , HTTP Host header injection module
2015-10-13 23:37:31 -05:00
c642057fa0
Clean up module
2015-10-13 12:03:41 -05:00
9adb2ee267
Fix silly typo
2015-10-12 14:58:30 +10:00
dbfee51ad3
Add support for folder importing
2015-10-12 11:52:55 +10:00
ed0b9b0721
Land #6072 , @hmoore-r7's lands Fix #6050 and moves RMI/JMX mixin namespace
2015-10-10 00:24:12 -05:00
a590b80211
Update autoregister_ports, try both addresses for the MBean
2015-10-09 20:20:35 -07:00
209fd781b6
Land #6065 , add SRVHOST tab completion
2015-10-09 17:52:18 -05:00
cd2e9d4232
Move Msf::Java to the normal Msf::Exploit::Remote namespace
2015-10-09 13:24:34 -07:00
5e9faad4dc
Revert "Merge branch using Rex sockets as IO"
...
This reverts commit c48246c91c3cd9dc4fde
2015-10-09 14:09:12 -05:00
3aa7b513d5
Delete safe_get_once
2015-10-09 13:34:38 -05:00
8670224ea0
Prefer do/end
2015-10-09 11:26:33 -05:00
eabe742b9d
Expose the timeout betweed reads as mixin option
2015-10-09 11:17:44 -05:00
5fab1cc71a
Add loop timeout
2015-10-09 11:05:05 -05:00
b16c284395
Determine comm from ReverseListenerComm in reverse_http
...
Also some copypasta from reverse_tcp to display where we started the
listener.
2015-10-09 08:54:01 -05:00
0132f9ce67
Extend accepted clients with Rex Socket stuff
2015-10-09 08:53:02 -05:00
bef7562823
Fixed Typo
2015-10-09 06:39:02 -05:00
6549f48d4e
Added new class MainframeShell for mainframe(z/os)
...
This class is built upon and overrides certain methods in the generic
CommandShell class. Primarily it is here to control when and if bytes
sent to/from mainframe (z/os) targets get encoded/decoded from cp1047
(ebcdic<->ascii). This would be the default shell for upcoming
mainframe based payloads.
2015-10-08 17:11:31 -05:00
8aed503ad2
Change EXITFUNC acceptable options
...
This gets rid of the nil option because this is the same as "".
And then we change the empty value to ''.
2015-10-08 16:52:17 -05:00
3dd7fdfd95
Land #6055 , @wvu-r7's -q option for msfd
...
* Fixes #5770
2015-10-08 14:10:27 -05:00
2f50374bf9
Add SRVHOST tab completion
...
A trivial update to @jlee-r7's code.
2015-10-08 14:01:21 -05:00
352535e15d
Land #6026 , Add support for NewClass elements on Rex::Java::Serialization
2015-10-08 12:33:12 -05:00
a2c9e2549d
Land #6014 , support TCP advanced options for loginscanner mods
2015-10-07 14:26:25 -05:00
946401ec99
Move SSL options out to a mixin
2015-10-07 09:59:12 -05:00
fdbbb5fbf4
Whitespace
2015-10-07 09:56:28 -05:00
6849adad58
Adjusted to include import
2015-10-07 23:36:24 +10:00
77fae28cd4
Add -q option to msfd to disable banner
2015-10-07 01:57:58 -05:00
711ce1e579
Move ReverseTcpComm to a new directory
...
Reverse::Comm
2015-10-06 14:48:49 -05:00
645a59349a
Select comm in ReverseTcpDoubleSsl as well
...
And don't extend the comm object, that gets handled by the Rex::Socket
system if it's necessary.
2015-10-06 14:33:22 -05:00
6b558010f0
Remove redundant methods included with ReverseTcp
2015-10-05 16:48:37 -05:00
32dbb8c3e0
Land #6051 : check include_send_uuid method support
2015-10-06 07:31:11 +10:00
2769d66bfc
Check if the payload has a include_send_uuid method before calling it
...
Otherwise we get an undefined method exception and the payload fails to stage.
Fixes #6040
2015-10-05 15:13:11 -05:00
32255a4621
Always show the URI and User-Agent for unknown requests
2015-10-05 11:05:05 -05:00
711f11abb8
Clean up some things
2015-10-02 18:35:46 -05:00
dea0142da1
catch network exceptions
2015-10-02 18:26:37 -05:00
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
953bfe1a81
Delete typo
2015-10-02 15:29:03 -05:00
2445c1fa32
Land #6012 , Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp
2015-10-02 15:27:47 -05:00
40cb13609a
update SSLVersion to support all options for rex TCP sockets, add 'TLS' alias
2015-10-02 15:26:49 -05:00
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
55f6fe7037
Land #5510 , update x86/alpha* encoders to be SaveRegister aware
2015-10-01 15:07:10 -05:00
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
7cd30ef0b8
Land #6031 , delete unused -a db_export option
2015-10-01 14:12:34 -05:00
144bf39038
Land #5998 , fixup PrependMigrate for stageless meterpreter
2015-10-01 11:48:33 -05:00
eb751822d8
Remove dead option in db_export
2015-10-01 10:58:15 -05:00
2ab779ad3d
Land #6010 , capture_sendto fixes
2015-10-01 10:54:24 -05:00
22c424a4c6
Fix CreatProcessA stack alignment in prependmigrate x64
2015-10-01 10:24:13 +10:00
b35a0166bf
Merge branch 'upstream/master' into fix-prepend-https
2015-10-01 09:07:28 +10:00
8861d61ad4
Add stderr/stdout capture and var extraction
2015-10-01 08:17:17 +10:00
bfbd6ad475
Add the NewClass code really
2015-09-30 12:31:18 -05:00
8590c79021
Add support for NewClass
2015-09-30 12:30:52 -05:00
393a71cf46
Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation
...
Conflicts:
Gemfile.lock
2015-09-29 15:00:22 -05:00
54f9a3b25a
Land #6013 , add mainframe as a platform and architecture
2015-09-29 13:28:23 -05:00
f3e8b34b4f
Land #6007 , restore original behavior when capture_sendto fails
...
we need this while fixing modules to handle exceptions
2015-09-29 09:55:47 -05:00
fb0d766958
First pass of the python extension for windows meterpreter
...
This includes the basic construct for the python extension, and allows
for single-shot commands to be run.
2015-09-29 20:48:29 +10:00
9444c8c410
Fix #5988 , windows x64 stagers
...
* Also, use mov esi, esi to save an extra byte
* Also, modify the block_recv.asm code, just to have it up to date
2015-09-28 15:52:50 -05:00
wchen-r7
HD Moore
BAZIN-HSC
Jon Hart
Dev Mohanty
William Vu
David Maloney
PsychoMario
scriptjunkie
sammbertram
Brent Cook
OJ
Chris Doughty
jvazquez-r7
James Lee
Spencer McIntyre
void-in
Samuel Huckins
Louis Sato
bigendian smalls
Fernando Arias