infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
46,614 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

46614 Commits (9148ab4bb2a54c07cc7fbb136e2e8992bf6b9323)

Author SHA1 Message Date
William Vu 9148ab4bb2 Refactor OptAddressLocal logic 
@bcoles +1
 2018-05-24 16:05:24 -05:00
William Vu 6f1e75e097 Remove loopback restriction 
It's occasionally useful, and we already warn when setting it.
 2018-05-24 15:44:32 -05:00
William Vu a370270e19 Add tab completion for network interfaces 2018-05-24 15:30:16 -05:00
William Vu 388d1b646b Add OptAddressLocal#interfaces 2018-05-24 15:30:09 -05:00
William Vu da3df23f03 Fix Socket#getifaddrs with :: 
Rex::Socket#getifaddrs doesn't exist.
 2018-05-24 14:53:41 -05:00
Metasploit a08aa09b96
Weekly dependency update 2018-05-24 10:06:22 -07:00
Metasploit f5c796e4fc
automatic module_metadata_base.pstore update 2018-05-23 15:46:55 -07:00
Brent Cook 86a5b951aa
Land #9990, add SOCKS5 proxy support 2018-05-23 17:31:09 -05:00
Metasploit 9c8b619548
automatic module_metadata_base.pstore update 2018-05-23 12:21:34 -07:00
Brent Cook 0d55268b57
Land #10087, remove unused option from applocker bypass 2018-05-23 14:14:40 -05:00
Brent Cook bc5c7a15e5 remove single-entry OptEnum from module, since there is only one possible TECHNIQUE 2018-05-23 13:44:53 -05:00
Metasploit c962ede478
automatic module_metadata_base.pstore update 2018-05-23 09:47:40 -07:00
Brent Cook 5b3cca3082
Land #10084, Mark all versions of telpho10 as vulnerable 2018-05-23 11:41:26 -05:00
Jan Rude 567e2dbc7e
Update telpho10_credential_dump.rb 
Current version still vulnerable, developer ignores mails. It seems like this is going to be a 'won´t fix'
 2018-05-23 09:32:41 +02:00
Aaron Soto 8a72e7181a
Added username/password-based authentication 2018-05-22 20:42:23 -05:00
Aaron Soto 72efe66403
Refactored for better logging, IPv6 support, and prep for auth 2018-05-22 18:57:00 -05:00
William Vu 70236c6424
Land #10081, unnecessary class definition fix 2018-05-22 17:25:17 -05:00
Metasploit 111536bf49
automatic module_metadata_base.pstore update 2018-05-22 15:14:26 -07:00
James Barnett 0472b9df3f
Land #10024, Fix find_or_create_* methods for remote data service 
This PR updates the find_or_create_* methods associated with each model to
no longer just proxy to the report_* model. It now performs a lookup through
the DataProxy and returns the found object if it exists, or creates a new
record if needed.
 2018-05-22 17:08:46 -05:00
Metasploit f18df1ae32
automatic module_metadata_base.pstore update 2018-05-22 14:57:43 -07:00
Brendan Coles 15e472637a
Land #10070, Fix cleanup in exploits/osx/local/rootpipe_entitlements 2018-05-22 21:52:24 +00:00
Metasploit 791ad9feb4
automatic module_metadata_base.pstore update 2018-05-22 14:32:16 -07:00
Brendan Coles b14e354b25
Land #10048, Make shell and meterpreter sessions consistent with cmd_exec 2018-05-22 21:26:47 +00:00
Matthew Kienow cf8d0bd172
Remove unnecessary class declaration 2018-05-22 12:25:04 -04:00
bwatters-r7 0fd5a8afbd
Land #10071, return PLUGIN_DESCRIPTION instead of actual string 
Merge branch 'land-10071' into upstream-master
 2018-05-22 11:09:41 -05:00
Metasploit 8ba69f2d10
automatic module_metadata_base.pstore update 2018-05-22 09:00:23 -07:00
bwatters-r7 40d5f46277
Lad #10017, D-Link DSL-2750B Unauthenticated OS Command Injection 
Merge branch 'land-10017' into upstream-master
 2018-05-22 10:54:33 -05:00
lucyoa 6cc1a8dcbd
Rubocop fixes 2018-05-22 10:34:05 -04:00
Metasploit b73947c032
automatic module_metadata_base.pstore update 2018-05-21 16:08:05 -07:00
Jeffrey Martin 07fbbca9f4
Land #10074, Fixed bug in module cache 2018-05-21 18:01:46 -05:00
Brendan Coles 47caa7dddd
Land #10073, Add /etc/group to data/wordlists/sensitive_files.txt 2018-05-21 21:39:09 +00:00
Matthew Kienow 4ecc1ff551
Modify loots, notes and services search methods 
Modify loots and services method signatures. Remove workspace as a
positional argument, move into opts hash argument and update callers.
Made host search for these models more uniform. Update find_or_create
methods to handle difference in opts between find and report
operations.
 2018-05-21 17:37:51 -04:00
bwatters-r7 75562e2bbc
Land #10044, Fix is_system? in Msf::Post::Windows::Priv for non-English 
Merge branch 'land-10044' into upstream-master
 2018-05-21 14:24:26 -05:00
christopher lee 1b7e613080 Fixed bug in module cache 2018-05-21 14:18:43 -05:00
follower 57bb7fd819
Add correct filename for `/etc/group` 
AFAICT the correct filename is the singular form `group` not `groups` (e.g. [see](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Introduction_To_System_Administration/s3-acctspgrps-group.html) & [see](https://linux.die.net/man/5/group)).

Rather than just correcting the filename in place I'm adding the correct form because when even [official Red Hat documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.3_release_notes/bug_fixes_authentication_and_interoperability#idm140113937457168) sometimes gets it wrong, maybe one day someone will get lucky with the misspelling.
 2018-05-22 00:12:20 +12:00
Tim W 88ab836e15
Land #9987, AF_PACKET chocobo_root exploit 2018-05-21 17:05:53 +08:00
Brent Cook db0f30d375
Land #10072, update kiwi plugin, add dcsync, dcshadow, and powershell streaming support 2018-05-21 04:03:36 -05:00
Brendan Coles 12002a4a2a
Merge pull request #6 from timwr/pr-9987 
Fix gcc path and file cleanup
 2018-05-21 18:51:26 +10:00
Tim W 9e9dff8b6a fix file cleanup on failed exploitation 2018-05-21 16:47:09 +08:00
Tim W cd0161ada2 fix gcc for shell_reverse_tcp payloads on ubuntu 2018-05-21 16:46:42 +08:00
Brent Cook 134ed389a9 update kiwi plugin, add dcshadow and powershell streaming support 
This does a few things:

 1. Updates the kiwi plugin to mimikatz 2.1.1 20180502
 2. Adds ability to dcsync & hashdump via Powershell
 3. Adds streaming support to powershell commands (no more timeouts)

It also adds the following powershell functions to make things more
convenient:

 * Invoke-DcSync
 * Invoke-DcSyncAll
 * Invoke-DcSyncHashDump

See https://github.com/rapid7/metasploit-payloads/pull/284 for details
 2018-05-21 03:22:05 -05:00
Auxilus 95ad075d97
Update nessus.rb 2018-05-21 09:08:17 +05:30
Auxilus d0941e847b
return PLUGIN_DESCRIPTION instead of actual string 2018-05-21 09:06:00 +05:30
lucyoa 6ae55aadd4
Fixing documentation, improving exploits code 2018-05-20 12:55:46 -04:00
Brendan Coles aa033bf5c1 Fix cleanup 2018-05-20 16:19:25 +00:00
Clément Notin a8fcd9d275
Fix display of uid in post/windows/gather/win_privs 
`inspect` is not necessary and triggers display of Unicode characters as "\x.." instead of printing their value.
As discussed in PR #10044
 2018-05-19 01:35:19 +02:00
bwatters-r7 294b263159
Land #9966, Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit 
Merge branch 'land-9966' into upstream-master
 2018-05-18 17:06:04 -05:00
Brent Cook 7af7587519
Land #9999, Optionally test empty group in cisco_ssl_vpn 2018-05-18 10:57:15 -05:00
Brent Cook 37f1e44a12
Land #10009, Add initial check support to external modules 2018-05-18 09:31:31 -05:00
Brendan Coles 6858a1caf9
Add compilation instructions to documentation 2018-05-18 22:10:47 +10:00