Metasploit
c681c7881d
Bump version of framework to 4.16.28
2017-12-28 10:03:39 -08:00
Jeffrey Martin
8ea50572df
Land #9329 , Add basic framework for interacting with MQTT
2017-12-27 14:59:34 -06:00
Metasploit
909caa0425
Bump version of framework to 4.16.27
2017-12-21 13:27:52 -08:00
Brent Cook
9d8cb8a8d0
Merge branch '4.x' into upstream-master
2017-12-21 15:17:38 -06:00
Metasploit
ee2f10efc5
Bump version of framework to 4.16.26
2017-12-21 10:04:38 -08:00
Jon Hart
cf21d13b2e
Resolve conflict
2017-12-20 18:58:16 -08:00
Brent Cook
24907938bb
bump payloads, various fixes
2017-12-20 16:47:37 -06:00
Brent Cook
df4f62cde9
bump to mettle 0.3.3
2017-12-20 15:58:17 -06:00
Jon Hart
f15309bc48
Add basic framework for interacting with MQTT
2017-12-20 12:28:02 -08:00
Brent Cook
6b216f2a20
Land #9290 , Fix OverrideLHOST/LPORT with http/s Meterpreter payloads
2017-12-20 00:26:06 -06:00
Jeffrey Martin
fe4c701016
Merge released '4.x'
2017-12-19 14:14:22 -06:00
Brent Cook
9f144ce8d4
Land #9151 , mettle extension support + sniffer module
2017-12-18 21:49:40 -06:00
Metasploit
66b1a555a1
Bump version of framework to 4.16.25
2017-12-18 16:33:25 -08:00
Jeffrey Martin
04f294bd53
Fix #8972 , Remove libsodium until packaged better
...
Due to issues with packaging for multiple platforms libsodium as an optional dependency for 'rbnacl' is being removed. Once packaging issue are resolved this will be restored. This removes support for `ed25519` keys used with ssh for the time being however manual installation of this gem allows user to workaround this limitation.
2017-12-18 15:21:27 -06:00
Brent Cook
2a94a4417a
bump payloads
2017-12-18 10:01:10 -06:00
Metasploit
be4f9236f2
Bump version of framework to 4.16.24
2017-12-14 10:08:05 -08:00
Brent Cook
3f6846c332
update payloads with python retry fix
2017-12-12 03:13:38 -06:00
Brent Cook
602335abf1
bump payloads
2017-12-11 04:11:21 -06:00
Metasploit
348cbe54b6
Bump version of framework to 4.16.23
2017-12-08 10:01:55 -08:00
Metasploit
fd1681edd9
Bump version of framework to 4.16.22
2017-12-01 10:04:07 -08:00
Brent Cook
edb2d8b762
fix windows unicode usernames, add recursive directory delete
2017-11-29 17:01:01 -06:00
Metasploit
174d0d46de
Bump version of framework to 4.16.21
2017-11-29 10:45:55 -08:00
Jeffrey Martin
e73ba0b3ca
Merge released '4.x' into master
2017-11-29 10:27:42 -06:00
Brent Cook
035d1ef2c6
bump payloads, pull in AES negotation & transport fixes
2017-11-25 18:21:57 -06:00
Brent Cook
8645a518b3
add mettle support for custom headers
2017-11-24 20:27:34 -06:00
Metasploit
c9da8f7a18
Bump version of framework to 4.16.20
2017-11-24 10:01:50 -08:00
Brent Cook
4050985649
update payloads
2017-11-21 13:53:33 -06:00
Metasploit
602406a423
Bump version of framework to 4.16.19
2017-11-17 10:02:22 -08:00
Metasploit
5cdd364590
Bump version of framework to 4.16.18
2017-11-15 19:46:12 -08:00
Metasploit
4f660d7dd7
Bump version of framework to 4.16.17
2017-11-10 10:05:05 -08:00
OJ
6f9671ff11
Updated Payloads version to 1.3.14
2017-11-08 12:36:50 +10:00
Metasploit
deb5a7b015
Bump version of framework to 4.16.16
2017-11-03 10:03:38 -07:00
Metasploit
a14102083c
Bump version of framework to 4.16.15
2017-11-02 10:01:12 -07:00
Brent Cook
56eb828cc5
add e500v2 payloads
2017-10-30 14:04:10 -05:00
Brent Cook
ebaf0c5484
bump mettle, update toolchain, add e500v2 and reduce size of x86_64
2017-10-30 05:09:31 -05:00
Metasploit
140955f220
Bump version of framework to 4.16.14
2017-10-27 10:03:00 -07:00
Brent Cook
254c2a33d3
bump metasploit payloads, windows meterpreter fixes
2017-10-27 11:44:23 -05:00
Jeffrey Martin
43b67fe80b
remove errant bracket, formatting update
2017-10-26 15:01:53 -05:00
Jeffrey Martin
87d34bef63
Revert "missing update to Gemfile.lock"
...
This reverts commit 9961c70cda
.
2017-10-25 16:13:25 -05:00
Jeffrey Martin
9961c70cda
missing update to Gemfile.lock
2017-10-25 15:07:36 -05:00
Jeffrey Martin
270ec2e9e6
Bump rex-socket to pick up better certs
2017-10-24 16:39:01 -05:00
Tim
7e398e2ef5
Fix #9111 , bump metasploit-payloads gem to include php 5.3.10 fix
2017-10-24 11:40:02 +08:00
Metasploit
884b68fa60
Bump version of framework to 4.16.13
2017-10-20 10:02:23 -07:00
Brent Cook
54d64cdcc5
Land #9064 , add aggregator >= 1.0.0 with cryptTLV packet format
2017-10-19 14:51:50 -05:00
Jeffrey Martin
5458b58a74
restrict aggregator on arm for now
2017-10-18 13:21:02 -05:00
christopher lee
2c8f27cd98
More general cleanup including is_local db check
2017-10-16 17:07:26 -05:00
Metasploit
88585a5cfd
Bump version of framework to 4.16.12
2017-10-13 10:03:48 -07:00
William Vu
569b68bee2
Update rex-exploitation to 0.1.15
2017-10-11 14:09:35 -05:00
Jeffrey Martin
c478133539
add aggregator >= 1.0.0 with cryptTLV support
2017-10-10 23:19:44 -05:00
Metasploit
4acef04e0d
Bump version of framework to 4.16.11
2017-10-06 10:01:51 -07:00
Metasploit
32104eb90e
Bump version of framework to 4.16.10
2017-09-29 10:04:04 -07:00
christopher lee
293d1edeb1
Merge master: 8853193542
2017-09-29 11:06:16 -05:00
OJ
7ea14e8431
Update payloads for getsystem fixes
2017-09-28 09:43:02 +10:00
Metasploit
68fa3d45f3
Bump version of framework to 4.16.9
2017-09-22 10:05:19 -07:00
Brent Cook
29f65e3dce
finish bumping payloads
2017-09-20 07:25:30 -05:00
Metasploit
b2f5bd16e6
Bump version of framework to 4.16.8
2017-09-15 10:02:38 -07:00
Metasploit
faa84faf25
Bump version of framework to 4.16.7
2017-09-08 15:38:22 -07:00
Brent Cook
6b0b2550ec
bump payloads, add shell expansion for java/android payloads
2017-09-08 13:45:54 -05:00
Metasploit
f5a73f3efe
Bump version of framework to 4.16.6
2017-09-08 10:03:41 -07:00
Brent Cook
d38ee0f1ee
bump payloads, grab java/android fixes for #8938
...
fixes #8938
2017-09-08 10:08:22 +02:00
Brent Cook
9877a61eff
bump payloads
2017-09-07 01:36:25 -05:00
OJ
7acd772c10
Pivot session stability, display and handling
2017-09-07 01:36:21 -05:00
Metasploit
92f5290a50
Bump version of framework to 4.16.5
2017-09-01 10:08:40 -07:00
Brent Cook
b0c1bfaeb7
bump network_interfaces, add Android support
...
see #8780
2017-08-28 20:08:06 -05:00
William Vu
0e1bafb2d1
Land #8902 , vendored robots gem
2017-08-28 16:42:38 -05:00
Metasploit
a0131f450e
Bump version of framework to 4.16.4
2017-08-28 14:34:39 -07:00
Brent Cook
928d632042
import https://github.com/fizx/robots.git 0.10.1
2017-08-28 15:47:46 -05:00
Brent Cook
582b2e238e
update mettle payload to 0.2.2, add background and single-thread http comms
2017-08-28 05:31:44 -05:00
Metasploit
779b25bdf6
Bump version of framework to 4.16.3
2017-08-25 10:02:45 -07:00
Metasploit
2f72404b26
Bump version of framework to 4.16.2
2017-08-23 19:11:11 -07:00
Metasploit
7c2fa20191
Bump version of framework to 4.16.1
2017-08-23 10:36:19 -07:00
christopher lee
c09796ea7e
Merge master
2017-08-23 11:37:04 -05:00
Brent Cook
430251b8f6
fix compatibility with php meterpreter
2017-08-21 15:37:31 -05:00
Brent Cook
f961495860
Land #8625 , Remove OpenSSL from Windows Meterp, packet header changes, and TLV packet encryption
2017-08-20 19:13:51 -05:00
Brent Cook
851c0f4373
disable metasploit-aggregator while we sort out crypttlv updates
2017-08-20 19:05:10 -05:00
Brent Cook
b864083cbd
update payload sizes
2017-08-20 19:03:53 -05:00
Brent Cook
20b6f37fb8
bump payloads with crypttlv format awareness
2017-08-20 19:01:42 -05:00
Metasploit
ca7d481658
Bump version of framework to 4.16.0
2017-08-20 16:57:48 -07:00
Metasploit
95824ce132
Bump version of framework to 4.15.8
2017-08-18 10:03:23 -07:00
Metasploit
be926e1d75
Bump version of framework to 4.15.7
2017-08-11 10:12:37 -07:00
Brent Cook
59cccfffad
unpin dnsruby, new release is out
2017-08-10 10:48:03 -05:00
Metasploit
83cd0bc977
Bump version of framework to 4.15.6
2017-08-04 10:07:09 -07:00
Brent Cook
ff189147e7
rb-readline made a release, use 0.5.5 instead of git HEAD
2017-08-02 06:09:27 -05:00
Brent Cook
bb2304a2d1
Land #8769 , improve style, compatibility, for ssh modules
2017-08-01 21:43:32 -05:00
Brent Cook
390f4d52db
add ed25519 support for net-ssh
2017-08-01 16:05:25 -05:00
Metasploit
70f659370f
Bump version of framework to 4.15.5
2017-07-28 10:21:44 -07:00
Brent Cook
ddc4fd95a5
Update payloads
...
This incorporates support for HiDPI displays with screen capture for Windows
meterpreter, and fixes a communications bug with Android meterpreter.
2017-07-28 09:56:03 -07:00
Brent Cook
a0511c79a4
pull in minor build fixes and filesystem stat implementation from python
...
This pulls in https://github.com/rapid7/metasploit-payloads/pull/219
and https://github.com/rapid7/metasploit-payloads/pull/195
2017-07-23 22:37:43 -07:00
Brent Cook
3bc0c18e6a
Properly handle threads and window destruction, add PID logging
...
This pulls in https://github.com/rapid7/metasploit-payloads/pull/213
which fixes https://github.com/rapid7/metasploit-framework/issues/8608
and adds PID logging to verbose keyboard capture.
2017-07-23 22:27:42 -07:00
Brent Cook
8444038c62
Add eval alternative to PHP Meterpreter to bypass suhosin
...
See https://suhosin.org/stories/index.html for more information on this system.
2017-07-23 22:04:09 -07:00
Brent Cook
b75530b978
Fix an issue where 'sleep' with Python Meterpreter appears to fail.
2017-07-23 05:38:06 -07:00
Brent Cook
302b66c2d8
add payloads support for OSX with python meterpreter
2017-07-23 05:26:59 -07:00
Brent Cook
072b0dc90b
Hide errors in Windows Meterpreter sessions
...
In Windows Meterpreter sessions, set newly created threads via
SetThreadErrorMode to not display error popups when there are failures.
2017-07-23 05:09:01 -07:00
Metasploit
50474a1ea7
Bump version of framework to 4.15.4
2017-07-21 10:03:44 -07:00
Brent Cook
c5101b71a0
bump rex-core, reverting threadsafe select changes
2017-07-20 23:21:19 -05:00
Brent Cook
510ff888fd
Land #8439 , native OSX meterpreter support
2017-07-20 22:01:49 -05:00
Brent Cook
1d0db02a64
bump payloads
2017-07-20 09:10:19 -05:00
Brent Cook
cc3168933f
update mettle payloads, template generator
2017-07-18 13:13:38 -05:00
Metasploit
39b2e824ec
Bump version of framework to 4.15.3
2017-07-17 15:43:31 -07:00
David Maloney
3ad4ff69b4
try and hard lock rex-powershell version
...
remove this later when the issues with this gem release are addressed
2017-07-17 15:25:26 -05:00
David Maloney
ecce28e8b9
revert rex-powershell back to previous version
...
some things need to be worked out in framework before
this gem version is ready for release
2017-07-17 15:04:43 -05:00
Metasploit
f80c053114
Bump version of framework to 4.15.2
2017-07-17 12:01:22 -07:00
Brent Cook
ea02558390
bump prerelease gems to fix specific issues with Framework
...
rb-readline has an issue with the latest curses release
dnsruby changes the global thread behavior to abort on exception
2017-07-17 09:26:14 -05:00
dmaloney-r7
d6ee0ca94d
Merge branch 'master' into kill-cucumber
2017-07-14 10:23:38 -05:00
Metasploit
03691cc35f
Bump version of framework to 4.15.1
2017-07-12 20:08:07 -07:00
Brent Cook
dbef4ee816
kill cucumber in framework
2017-07-12 08:00:29 -05:00
Brent Cook
8d23d1e05d
move the xpath pin to test group instead
2017-07-12 05:11:09 -05:00
dmohanty-r7
38d5258c12
Lock xpath version to 2.0
2017-07-11 16:19:25 -05:00
Brendan Coles
6a29b87a4c
Add pdf-reader dependency
2017-07-07 11:19:06 +00:00
Brent Cook
4393b6e563
Improve compatibility with Rubinius (alternate Ruby implementation)
2017-06-30 11:08:17 -04:00
Brent Cook
fa79f90e4e
bump rex-socket, add client cert, mac address matching support
2017-06-30 10:46:15 -04:00
William Webb
6349026134
Land #8442 , Exploit module for Backup Exec Windows Agent UaF
2017-06-28 10:39:28 -05:00
Brent Cook
eba8979914
bump payloads
2017-06-27 04:08:15 -05:00
Rob Fuller
2918b3af13
Land #8599 , Dynamic DNS updater module
2017-06-25 15:08:22 -05:00
Brent Cook
7a006e0f71
bump payloads
2017-06-23 18:13:52 -05:00
Rob Fuller
fdd62ab112
Land #8604 , Incorporate fix for workspace delete
2017-06-23 17:30:57 -05:00
Brent Cook
714b7d0a02
bump metasploit_data_models, speedup workspace deletion
2017-06-23 17:02:32 -05:00
OJ
87cee65a06
Bump payloads to 1.2.35 to include kiwi updates
2017-06-23 13:43:00 +10:00
Brent Cook
fda2e8c73d
Land #8523 , Add support for session GUIDs
2017-06-22 20:10:10 -05:00
Metasploit
fad696ed58
Bump version of framework to 4.15.0
2017-06-22 18:02:38 -07:00
KINGSABRI
5528084e27
add Dnsruby
2017-06-22 15:55:04 -05:00
William Vu
3293a8fe67
Land #8594 , rspec-retry Heisenspec fix
2017-06-21 19:57:57 -05:00
Brent Cook
22db17a87a
bind ruby-pg back to version 0.20
2017-06-21 03:11:11 -05:00
darkbushido
e873c87f0b
trying rspec-retry
2017-06-20 14:02:32 -05:00
Metasploit
9ce0bb9345
Bump version of framework to 4.14.28
2017-06-16 10:02:07 -07:00
Metasploit
0515980138
Bump version of framework to 4.14.27
2017-06-12 07:39:14 -07:00
Metasploit
77b1125e77
Bump version of framework to 4.14.26
2017-06-09 10:03:35 -07:00
OJ
a3f3dc0a70
Upload payloads/mettle gems, update cache sizes
...
Updated both the metasploit-payload and metasploit-payload-mettle gems
to the versions that match for the session GUID pull requests. Updated
the payload cached sizes to match the new payloads.
2017-06-09 17:15:52 +10:00
Brent Cook
153611e9fa
bump metasploit-credential to allow handling string addresses gracefully
2017-06-09 01:43:45 -05:00
Brent Cook
5f10e63923
bump payloads
2017-06-05 08:43:16 -05:00
Metasploit
92a65f5c63
Bump version of framework to 4.14.25
2017-06-02 10:03:44 -07:00
David Maloney
3ee77d1b50
update ruby_smb version
2017-05-30 14:17:51 -05:00
David Maloney
d5e74ffdf3
Merge branch 'master' into feature/eternal_blue/rubysmb_refactor
2017-05-30 13:59:31 -05:00
Metasploit
0c792798a7
Bump version of framework to 4.14.24
2017-05-30 07:26:35 -07:00
Brent Cook
a01a2ead1a
Land #8467 , Samba CVE-2017-7494 Improvements
2017-05-30 00:15:03 -05:00
Brent Cook
e31e3fc545
add additional architectures and targets
2017-05-30 00:07:37 -05:00
Brent Cook
63ae70f061
remove pry/method_source git binding, this is not a vital update
2017-05-26 23:03:44 -05:00
Brent Cook
ce9cfa5727
bit-struct updated, no need for my branch anymore
2017-05-26 23:00:21 -05:00
David Maloney
f0f99ad479
nttrans packet setup correctly,everything broken
...
got the nttrans packet setup correctly but somewhere
along the line i broke the whole exploit wtf?
2017-05-26 14:54:46 -05:00
David Maloney
b3e99ee9d2
point to local gem copy for testing and dev
...
remove this later, use a local copy of rubysmb
2017-05-26 12:30:19 -05:00
Metasploit
15b3b7de41
Bump version of framework to 4.14.23
2017-05-26 10:02:14 -07:00
David Maloney
dc67fcd5a8
use RubySMB for anonymous login
...
use the new anonymous login capabilities in
RubySMB
2017-05-24 15:40:05 -05:00
Matthew Daley
52363aec13
Add module for CVE-2017-8895, UAF in Backup Exec Windows agent
...
This module exploits a use-after-free vulnerability in the handling of
SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for
Windows. When SSL is re-established on a NDMP connection that previously
has had SSL established, the BIO struct for the connection's previous
SSL session is reused, even though it has previously been freed.
Successful exploitation will give remote code execution as the user of
the Backup Exec Remote Agent for Windows service, almost always
NT AUTHORITY\SYSTEM.
2017-05-24 00:18:20 +12:00
Metasploit
18f520382b
Bump version of framework to 4.14.22
2017-05-19 12:12:27 -07:00
Metasploit
c54c999efc
Bump version of framework to 4.14.21
2017-05-19 10:02:32 -07:00
Brent Cook
22828fcc0f
Land #8406 , add compatibility shims for older Ruby versions
2017-05-18 21:50:45 -05:00
Metasploit
126c078ced
Bump version of framework to 4.14.20
2017-05-18 11:53:33 -07:00
David Maloney
94e4dc2938
fix for smb_login errors
...
do not try the TreeConnect if the SESSION_SETUP
has already failed.
2017-05-18 11:26:03 -05:00
Brent Cook
c59371dd5e
add ruby backports compat library
2017-05-17 23:41:20 -05:00
Metasploit
729f2a9ab8
Bump version of framework to 4.14.19
2017-05-16 14:09:45 -07:00