8cc48e05a8
Make Polyglot happy
2015-04-07 13:08:58 -05:00
9bce08b813
This change avoids namespace collisions around the Abbrev class
2015-04-07 13:06:26 -05:00
bac3c80d7e
Land 5093, workaround for when cache is being built
2015-04-07 12:02:30 -05:00
53d5b97634
Add support for UUID generation in transport switching
...
If the session doesn't have a payload UUID we now generate one as best
we can. This code will probably go away when TCP related transports have
had the UUID stuf baked in.
2015-04-07 17:25:55 +10:00
15313243cc
Use UUID instead of old skool URIs
...
This uses HD's UUID stuff to generate a new URI for the transport.
Currently we don't have UUID support for TCP connections, but that's
coming.
Still do to: generation of a valid UUID for payloads that don't already
have one.
2015-04-07 16:00:30 +10:00
2977cbd42a
Merge branch 'upstream/master' into dynamic-transport
2015-04-07 14:30:48 +10:00
84397f5db0
Remove unused commented-out code
2015-04-07 12:47:18 +10:00
8f58e08c13
Add support for stageless reverse_http payloads
...
This includes both x64 and x86.
2015-04-07 11:01:24 +10:00
38a77c930e
Land #5072 : Support and embed payload UUIDs
2015-04-07 10:10:36 +10:00
83cf1ad8ce
Instantiate to get name if we don't have cache yet
...
Fixes #5086
2015-04-06 18:59:38 -05:00
21d0d6ceb3
Remove dead code from Net::SSH
...
Triggers uninitialized constant COMPAT_OLD_DHGEX, which was removed in
1664a4b5e8
2015-04-06 15:59:09 -05:00
8cbc98fc47
fix #5074 - missing thread join
2015-04-06 16:21:07 -04:00
5f8d58f214
Use framework.db.active
2015-04-06 14:08:10 -05:00
6811aebb1c
Merge pull request #11 from OJ/hd-payload-uuids
...
Add trailing slash to stageless URI
2015-04-06 10:57:41 -05:00
98c95104da
Use ||= for consistency
2015-04-06 10:55:14 -05:00
566c330b83
Add workspace to prompt format options
2015-04-06 09:19:49 -05:00
9b502b904f
Add trailing slash to stageless URI
...
Without the trailing slash, stageless payloads take a nasty turn.
2015-04-06 19:53:02 +10:00
4635bb83c3
Implement ssl verification toggling
...
Add support to meterpreter that allows for the querying and toggling of
SSL certificate verification on the fly.
In order to verify that the socket was SSL-enabled, some rejigging had
to be done of the type? method in the ssl socket class.
2015-04-06 14:40:59 +10:00
3c59519811
Add PayloadUUIDRaw for manual PUID specification
2015-04-05 23:25:52 -05:00
96f8a45b0d
Additional yardoc comments for the UUID class
2015-04-05 23:16:24 -05:00
8bcdddfd04
Fix yardoc comment, thanks @void-in!
2015-04-05 22:09:35 -05:00
261ef51813
Add Rex::Java::Serialization exceptions
2015-04-05 18:43:03 -05:00
2e52817b24
Add DecodeError
2015-04-05 18:16:19 -05:00
85a70d401b
Introduce Rex::Proto::Rmi::DecodeError
2015-04-05 18:15:04 -05:00
3570fc586f
Use constants for JMX serial version uids
2015-04-05 16:23:39 -05:00
46a225cbec
Don't store Exception in a variable
2015-04-05 15:59:52 -05:00
72c36eb23e
Use concatenation
2015-04-05 15:57:50 -05:00
b1a7e77fa9
Correct domain controller server type constants
...
The should be specified in hex as BAKCTRL is 16, not 10. CTRL should
be 8. See documentation for NetServerEnum.
2015-04-05 11:12:18 +01:00
c9696d3f6c
Merge in stageless/transport work, deconflict
2015-04-04 11:52:26 -07:00
57395deb1d
Land #5056 , @wchen-r7 explicit recog require
2015-04-03 17:06:47 -05:00
5589717323
Land #5058 , @wvu-r7's default workspace saving
2015-04-03 16:53:21 -05:00
6c2585cd79
Don't recreate saved workspace
2015-04-03 16:44:36 -05:00
72b9647b31
Land #5057 , CVE fixups
2015-04-03 16:36:11 -05:00
e5443e74ed
Merge branch 'upstream-master' into land-3950-chain-encoders
2015-04-03 15:18:06 -05:00
e3bbb7c297
Solve conflicts
2015-04-03 14:57:49 -05:00
75c6341dd8
Fix raise
2015-04-03 14:18:15 -05:00
6c36a82f78
Land #5059 , @void-in's documentation clean up
2015-04-03 14:16:34 -05:00
fe5ddc01ad
Fix return documentation
2015-04-03 14:16:06 -05:00
b0042f1cf2
Undo java serialization and RMI fixes
2015-04-03 14:07:49 -05:00
11d372b015
Fix YARD documentation
...
* Thanks @void-in
* See #5059
2015-04-03 14:01:31 -05:00
3b3e969a1c
Land #5023 : support for IE11 in fingerprint_user_agent
2015-04-03 21:12:00 +10:00
0dd987d873
Updated as per jlee-r7 feedback
2015-04-03 10:17:54 +05:00
c4b7426ba8
Merge branch 'upstream/master' into dynamic-transport
2015-04-03 13:57:24 +10:00
fd043d4842
Fix up build and missing uri_checksum stuff
...
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
2015-04-03 13:42:25 +10:00
fc44f5b1f4
Merge branch 'upstrea/master' into dynamic-transport
...
Small merge required with the https payload proxy changes.
2015-04-03 10:14:48 +10:00
5b5dc3ef59
Merge branch 'upstream/master' into stageless-x64
...
Merge required adjustment of the proxy datastore names that were changed.
2015-04-03 08:53:09 +10:00
1684bfec9e
add missing data to loginscanner results
...
the chef web ui and symantec web gateway
loginscanners do not save the target(host/port/proto) info
in the Result object. This can cause modules to break as they
expected the Result to contain that information
MSP-12499
2015-04-02 13:53:45 -05:00
d2d68d76a2
Update transport switching to a full blown command
...
Transport switching should now support all of the bits and pieces
required to do full switching with all configurable transport options
2015-04-02 23:13:59 +10:00
27353d62ca
Discard local changes to non relevant files
2015-04-02 16:21:43 +05:00
4ba761986f
Correct YARD doc comments
2015-04-02 16:14:25 +05:00
47fa97816d
Code fixes as per suggestions, fix build
...
* Use of `ERROR_FAILURE_WINDOWS` in python meterpreter.
* Moving of constants/logic to client_core instead of
command_dispatcher.
* Fix spec include.
2015-04-02 09:05:38 +10:00
8140b0ee6c
Update Qualys importers for the new CVE format
2015-04-01 17:50:18 -05:00
c55e200416
Add workspace saving to msfconsole's save command
2015-04-01 17:31:43 -05:00
e972357aeb
Fix #4471 , uninitialized constant Msf::Exploit::Remote::SMB::Recog
...
Fix #4471
Seems to be specific to Kali
2015-04-01 16:35:23 -05:00
e1adcfee1e
No case sensitive
2015-04-01 16:14:54 -05:00
8c1a597a25
Make a Session record before using it
...
How about that.
2015-04-01 13:12:28 -05:00
f4977bf606
Land #5006 @jlee-r7 adds meterpreter specs
2015-04-01 11:05:47 -05:00
46dca23ffe
Land #5047 : Metasploit is magic (Banner Adjustments)
2015-04-01 21:51:10 +10:00
01bdf54487
Merge branch 'upstream/master' into dynamic-transport
2015-04-01 18:53:20 +10:00
79ec2e0586
Add machine ID support to the command list
2015-04-01 14:29:04 +10:00
24171a1a08
Land #5045 : Convert stageless proxy to new format
2015-04-01 12:06:57 +10:00
1a313ad943
Fix up the proxy patching
...
Patching of the proxy details was failing, so this commit fixes that.
Also, added code that makes the proxy type check case-insensitive.
2015-04-01 11:48:22 +10:00
d5030f7e53
Land 5036, vuln push to NX updates into master
2015-03-31 17:32:02 -05:00
2fc22132e0
Link the new constant as default in documentation
2015-03-31 16:48:02 -05:00
44dd45e48d
Use a const instead of hardcoding "tcp" everywhere
2015-03-31 16:15:04 -05:00
a39ba05383
Functional Payload UUID embedding via PayloadUUIDSeed
2015-03-31 15:44:18 -05:00
76bfaa6ce9
Fix dumb inverted logic. Thanks, rspec!
2015-03-31 14:28:07 -05:00
8b8ec5990a
Ask the database how long the column should be
...
Instead of hardcoding a number
2015-03-31 14:12:22 -05:00
34d637c7b8
Needs more ponies
2015-03-31 13:59:37 -05:00
a8ef465b46
Use the variables we worked so hard to create
2015-03-31 13:34:27 -05:00
3695d4b0c7
Don't modify argument in place
2015-03-31 13:32:28 -05:00
adcf88761d
Save ref names for easier debugging
2015-03-31 13:07:09 -05:00
a9cfd7efef
Merging master back into the UUID branch
2015-03-31 12:02:03 -05:00
176cdcb836
Use sym-to-proc instead of reimplementing it
2015-03-31 11:21:53 -05:00
a1a7faa77a
Don't modify argument in place
2015-03-31 10:41:24 -05:00
7e559f7b13
Don't modify argument in place
2015-03-31 10:16:14 -05:00
971120ce98
Use create! instead of new ... save!
2015-03-31 10:15:23 -05:00
633b46874d
Merge branch 'upstream/master'
2015-03-31 14:53:48 +10:00
86d8aab854
Land #5040 : Remove wininet hack for http/s meterp
2015-03-31 14:50:13 +10:00
d89cd118e0
remove wininet workaround in meterpreter http/s
...
We had a workaround to close connections on very old wininet implementations
that would not do it themselves. With the new WinHttp API-using meterpreters
and stagers, we no longer should use this workaround. It can actually be
actively bad and prematurely close the connection.
This needs testing around different payloads, and they should be on real
networks, ideally where TCP really has to work to get data transfered.
2015-03-30 23:38:32 -05:00
790a08a848
It's pronounced "exploit", not "assoc_exploit"
2015-03-30 16:21:17 -05:00
3f0f659eaf
Land #5019 , add rescues to some LoginScanners
2015-03-30 16:06:51 -05:00
2394d4bae8
Merge branch 'staging/single-vuln-push' into feature/MSP-11934/refactor-report-exploit-success
...
Conflicts:
Gemfile
Gemfile.lock
spec/support/shared/examples/msf/db_manager/exploit_attempt.rb
2015-03-30 14:08:54 -05:00
2ab4584079
Merge remote-tracking branch 'upstream/master' into staging/single-vuln-push
2015-03-30 13:50:52 -05:00
1b0e3f13c6
Remove unnecessary extra assignment
2015-03-30 13:14:36 -05:00
310779d7bf
Death to hashrockets
2015-03-30 13:13:58 -05:00
e65f4e92ea
Separate the two ways to make `Mdm::Session`s
...
Failing spec due to reuse of Mdm::Module::Detail instead of also
instantiating an Msf::Module
2015-03-30 13:05:20 -05:00
374db22d5b
Re-enable host lookup for _failure
...
Again needed when called from exploit_driver because nothing is reported
yet at that point.
Also adds some yardoc
2015-03-30 12:30:52 -05:00
103373a7eb
add back accidentally remvoed error
...
accidentally dropped Errno::ETIMEDOUT from the exception
handling
MSP-12389
2015-03-30 11:19:28 -05:00
f0eeef3cbb
Move copy-pasta into a new method
2015-03-30 01:43:56 -05:00
49902a6395
We actually do need the port/proto for failure
...
Because it is called from lib/msf/core/exploit.rb Exploit#report_failure
with datstore values
Partial revert of e3605aa252
2015-03-30 01:01:34 -05:00
415510ca6a
Fix stupid typo that made vuln_id an Array
2015-03-30 00:52:02 -05:00
13fc498523
Land #4948 , fixes several AppScan import issues
2015-03-29 23:33:01 -05:00
26792975eb
Refactor of code to reduce duplication
...
Add mixin for the stageless http preparation
2015-03-30 13:18:56 +10:00
fdcf1297a6
Tweaks to the stageless materpreter x64 payload
2015-03-30 11:09:49 +10:00
0fa812e5ba
Merge upstrea/master
2015-03-30 10:17:17 +10:00
e65ac57d1b
Fix a logic check in EncodedPayload, which unbreaks stageless testing
2015-03-29 19:08:35 -05:00
ce8f6d72e1
More work on x64 stageless
...
Testing with HD's new changes that allow for generation of larger x64
payloads
2015-03-30 09:51:04 +10:00
17dc2b184d
Merging upstream/master
2015-03-30 09:12:20 +10:00
c0f496197c
Rejig code to support http payloads
...
* Move the uri checksum code to a spot that can be shared with rex.
* Adjust modules to make use of this new location.
* Fix up the tranpsort switcher to add the URI for those payloads.
2015-03-30 07:11:25 +10:00
HD Moore
Samuel Huckins
OJ
James Lee
William Vu
rwhitcroft
jvazquez-r7
Jon Cave
Brent Cook
Tod Beardsley
root
David Maloney
sinn3r