William Webb
455ba42f5b
Land #7218 , Add new post-exploitation APIs for stealing access tokens
2016-08-22 10:55:42 -05:00
David Maloney
b6dff719f3
add a hard require to the ssh mixin
...
added hard require for SSHFactory into the ssh exploit mixin
this should prevent any laod-order bugs from cropping up again
2016-08-22 09:56:07 -05:00
Tim Wright
3955c4332d
fix android autoload commands and sysinfo
2016-08-22 14:53:58 +01:00
dmohanty-r7
4478136065
Unvendor openvas-omp gem
...
MS-1718
2016-08-19 15:14:32 -05:00
Metasploit
87d34cfbba
Bump version of framework to 4.12.22
2016-08-19 10:02:28 -07:00
wchen-r7
265adebd50
Fix typo
2016-08-19 10:44:24 -05:00
William Vu
3d4d7aae14
Add ps -c to show child processes of current shell
2016-08-18 19:23:21 -05:00
wchen-r7
0f4d26af19
Update yard doc
2016-08-18 17:18:16 -05:00
wchen-r7
2a61450511
Add new POST exploitation APIs for stealing a token
2016-08-18 17:08:21 -05:00
James Lee
91417e62a8
Cleanup docs
2016-08-18 10:40:32 -05:00
William Vu
bc9a402d9e
Land #7214 , print_brute ip:rport fix
2016-08-17 22:48:40 -05:00
William Webb
667c3566e5
Land #7209 , Add functionality to pull .NET versions on Windows hosts
2016-08-17 12:48:05 -05:00
Brent Cook
b37dc8ea27
Land #7210 , allow send_request_cgi to close a non-global socket
2016-08-16 22:54:23 -05:00
Brendan
b25b2a5188
Cleaned up code per suggestions in the PR
2016-08-16 16:16:25 -05:00
wchen-r7
5f8ef6682a
Fix #7202 , Make print_brute print ip:rport if available
...
Fix #7202
2016-08-16 15:34:30 -05:00
Brent Cook
e70402a130
use the platform string verbatim on windows meterpreter
2016-08-15 23:50:57 -05:00
wchen-r7
498657ab35
Fix #3860 , tearing down TCP connection for send_request_cgi
...
Fix #3860
2016-08-15 15:45:52 -05:00
Brendan
0778b77f7b
Cleaned up a little
2016-08-15 12:20:28 -07:00
David Maloney
d2a6c2e9ca
move rex bintools into new gem
...
move all the *scan *parsey code out into
the new rex-bin_tools gem
MS-1691
2016-08-15 14:01:43 -05:00
Brendan
7730e0eb27
Added ability to retrieve .NET versions
2016-08-15 11:29:00 -07:00
Brendan
906d480264
Added dotnet require
2016-08-15 11:06:29 -07:00
Vlatko Kosturjak
46e4ee4c5b
Start using gem instead of obsolete library/tool
...
Rationale is following:
nessus-cli is obsolete
nessus is using json rest api instead of xmlrpc
xmlrpc name is therefore obsolete
Solution: with minimal changes start using nessus_rest gem.
2016-08-14 17:57:33 +02:00
Pearce Barry
1e7663c704
Land #7200 , Rex::Ui::Text cleanup
2016-08-12 16:22:55 -05:00
David Maloney
0fd833676e
remove unnedded codepage.map
...
this file got mvoed to rex-text earlier
2016-08-12 13:41:31 -05:00
David Maloney
4e678e4ce6
fix help table
...
there was a bad class refernece here that
needed to be cleaned up
MS-1875
2016-08-12 13:33:41 -05:00
Metasploit
a6ba386728
Bump version of framework to 4.12.21
2016-08-12 10:02:36 -07:00
Brent Cook
6a035b7e48
Land #7161 , add specs for cisco mixin to use Metasploit Credentials
2016-08-12 10:07:17 -05:00
Pearce Barry
6386d9daca
Land #7178 , Add a method to check the Powershell version
2016-08-11 11:02:41 -05:00
wchen-r7
e08c4a8bef
Remove .Net check
...
cmd_exec doesn't seem to be the best way to go because there is
some issue grabbing the output sometimes.
2016-08-11 10:49:06 -05:00
David Maloney
42d6c9443d
remove unused ProgressTracker class
...
not sure if this was ever used, but it is certainly not being used
by anything now, so let's remove it
MS-1875
2016-08-11 10:35:10 -05:00
David Maloney
8489485cfd
move Rex::Ui::Text::Color out to rex::text gem
...
moved the text ansi color library out to the rex-text gem
MS-1875
2016-08-11 10:28:09 -05:00
Metasploit
d57e4d6349
Bump version of framework to 4.12.20
2016-08-10 15:30:37 -07:00
David Maloney
09ad342b67
Merge branch 'master' into feature/MS-1875/rex-table
2016-08-10 15:58:27 -05:00
wchen-r7
3851db7bcb
Use powershell when possible
2016-08-10 15:14:11 -05:00
Brent Cook
1cb01ee876
remove architecture fidling from platform string for now
2016-08-10 14:46:48 -05:00
David Maloney
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
David Maloney
3f530f1896
remove rex::ui::text:table
...
remove the class from msf, and update the rex-text
gem to pull the code in under the new version at Rex::Text::Table
modify all requires appropriately
MS-1875
2016-08-10 13:24:25 -05:00
dmohanty-r7
b027176799
Land #7156 , use windows_error gem for constants
2016-08-10 11:47:37 -05:00
Metasploit
280216d74d
Bump version of framework to 4.12.19
2016-08-09 14:49:58 -07:00
Pearce Barry
ae59c4ae74
Land #6687 , Fix meterpreter platform to include OS in the tuple for all meterpreters
2016-08-07 05:00:24 -05:00
Christian Mehlmauer
009089ead7
Land #7183 , Fix #7170 Add HttpTrace option for HttpClient
2016-08-05 22:36:28 +02:00
wchen-r7
4055fd1930
Do e.message instead of e.to_s
2016-08-05 14:12:50 -05:00
wchen-r7
d59b6d99ee
Make the debug output more readable
2016-08-05 13:20:53 -05:00
Metasploit
e7aa658893
Bump version of framework to 4.12.18
2016-08-05 10:05:03 -07:00
wchen-r7
766c0cc539
return nil if no .Net is installed
2016-08-05 11:36:32 -05:00
wchen-r7
a8d9a5c02c
Print exceptions if needed
2016-08-04 18:14:22 -05:00
wchen-r7
7538b3dcf8
Fix #7170 , Add HttpTrace option for HttpClient
...
Fix #7170
2016-08-04 16:09:17 -05:00
wchen-r7
11f94a6efc
Do a different wmic query for newer systems
2016-08-04 14:50:46 -05:00
wchen-r7
3ea3d95744
Add methods to check .Net and Powershell versions
2016-08-03 17:49:15 -05:00
William Vu
4c12c2f6c5
Improve Meterpreter ps -A experience
...
This allows us to use "x64" instead of "x86_64" in ps -A.
2016-07-31 17:19:57 -07:00
Brent Cook
8bda3c6382
Land #7121 , Don't clobber nil strings when there are empty strings in the config file
2016-07-29 15:49:11 -05:00
Metasploit
190bac6e0a
Bump version of framework to 4.12.17
2016-07-29 10:02:06 -07:00
darkbushido
5a1cd24350
finishing converting the last of this to credentials
2016-07-29 09:58:17 -05:00
darkbushido
0972005b24
updating 'ppp.*username secret'
2016-07-29 09:58:17 -05:00
darkbushido
1d33c9aa88
updating specs upto 'username secret'
2016-07-29 09:58:17 -05:00
darkbushido
73b362cade
updating more spec
2016-07-29 09:58:16 -05:00
darkbushido
b66621af0d
adding in a blank service_name
...
fixing myworkspace
2016-07-29 09:58:16 -05:00
darkbushido
219f9d5d57
updating parts of cisco to use creds
2016-07-29 09:58:15 -05:00
darkbushido
40240662db
converting enable password to create_credentials
2016-07-29 09:58:15 -05:00
Brent Cook
8ad38aec2f
Land #7109 , Add final filesize to msfvenom output
2016-07-29 09:24:10 -05:00
Brendan
ee40c9d809
Land #6625 , Send base64ed shellcode and decode with certutil (Actually MSXML)
2016-07-28 13:01:05 -07:00
Brendan
2525eab996
persistance -> persistence
2016-07-28 12:56:04 -07:00
Pearce Barry
1f5fbd4a67
Put remaining consts in exploit mixin...
2016-07-27 17:43:29 -05:00
Pearce Barry
05afaa1162
Pull in consts from rex-arch gem...
2016-07-27 17:43:17 -05:00
Pearce Barry
bdf073516b
Switch errors over to windows_error gem...
2016-07-27 17:43:00 -05:00
Pearce Barry
2a703d6cec
Move LOG_* and LEV_* defs out of constants.rb...
2016-07-27 17:42:42 -05:00
William Webb
5b8b15e578
update global constants to allow for windows 10
2016-07-27 12:45:05 -05:00
Brendan
af137f3ec3
Land #7127 , Fix #6989 , scanner modules printing RHOST in progress messages
2016-07-27 09:16:08 -07:00
Brent Cook
3987c2c0d8
cache sysinfo (we use it a lot, it will not change)
2016-07-27 08:49:19 -05:00
Brent Cook
9cb4880747
allow process architecture to be a string (allow more than x86)
2016-07-27 08:49:19 -05:00
William Vu
a0c42f5dd2
Add wordpress_url_uploads
2016-07-26 19:10:19 -05:00
wchen-r7
cce1ae6026
Fix #6989 , scanner modules printing RHOST in progress messages
...
Fix #6989
2016-07-25 23:15:59 -05:00
Pearce Barry
f7562c09b2
Land #7125 , Add timestamping to downloaded files
...
Fixes MS-1744.
2016-07-25 22:24:53 -05:00
Pearce Barry
c35e7fb63f
Land 7124, Remove unwanted <ruby> tag while generating module doc code
2016-07-25 21:11:21 -05:00
William Vu
bebff786b7
Add timestamping to downloaded files
2016-07-25 17:18:27 -05:00
wchen-r7
21f5da29d4
Remove unwanted <ruby> tag while generating module doc code
2016-07-25 15:38:59 -05:00
Pearce Barry
1b6bd927d0
Rex::OLE is now rex-ole gem, fixes MS-1712
2016-07-25 14:05:48 -05:00
Rich Whitcroft
b1efd4e749
fix VAR=VAL loading from config
2016-07-23 00:26:18 -04:00
James Lee
dbbe6a831a
Land #7111 , rex-arch gem
2016-07-22 14:55:51 -05:00
Metasploit
4cbb3bb9b6
Bump version of framework to 4.12.16
2016-07-22 10:02:00 -07:00
scriptjunkie
bc42ac5761
Fix #7117 by fixing stack offset
2016-07-21 20:48:08 -05:00
wchen-r7
390f69313a
Fix grammar in browser_exploit_server
2016-07-21 11:51:10 -05:00
dmohanty-r7
01f08da345
Use rex-arch gem
...
MS-1703
2016-07-20 16:42:41 -05:00
forzoni
b58931f803
Avoid error when generated payload is nil.
2016-07-19 23:43:38 -05:00
James Lee
a54945c82c
whitespace
2016-07-19 17:07:17 -05:00
James Lee
ff63e6e05a
Land #7018 , unvendor net-ssh
2016-07-19 17:06:35 -05:00
forzoni
e90e6c4885
Use format check instead of length.
2016-07-19 09:38:09 -05:00
forzoni
d6fd2a49d4
Add final filesize, useful when using different formats.
2016-07-19 02:41:37 -05:00
dmohanty-r7
8d8e1f80f5
Land #7102 , remove struct2 code in favor of rex-struct2
2016-07-18 11:44:17 -05:00
Metasploit
b954b6d5c1
Bump version of framework to 4.12.15
2016-07-18 08:42:20 -07:00
wchen-r7
6d8dd24e41
Land #7104 , Update ActiveRecord syntax for framework db cred iteration
2016-07-17 17:57:06 -05:00
wchen-r7
01c5662b61
Land #7100 , Change Burp import to allow blank references
2016-07-17 17:35:46 -05:00
Brent Cook
2041870e62
Update ActiveRecord syntax for framework db credential iteration
2016-07-15 22:01:54 -05:00
David Maloney
20d7e9a7a7
remove old struct2 code in favour of gem
...
use the new rex-struct2 gem and remove the code form it's old location
MS-1782
2016-07-15 16:01:21 -05:00
Metasploit
b13d0f879a
Bump version of framework to 4.12.14
2016-07-15 10:03:28 -07:00
Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
Brendan
3ed6632f88
Let's actually delete the line....
2016-07-15 08:47:29 -07:00
Brendan
db2850b51c
Changed the Burp import to import vulns with blank references
2016-07-14 13:03:24 -07:00
David Maloney
b6b52952f4
set ssh to non-interactive
...
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password
MS-1688
2016-07-14 11:12:03 -05:00
David Maloney
01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-14 09:48:28 -05:00
caye
ed8fec255e
Fixed dir download. Retry when no network even at the download start
2016-07-12 23:05:50 +00:00
William Vu
277950cc79
Land #6733 , psexec StackAdjustment fix
2016-07-12 11:14:16 -05:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
Pearce Barry
7b1d9596c7
Land #7068 , Introduce 'mettle' - new POSIX meterpreter
2016-07-11 22:38:40 -05:00
Brent Cook
79fd648bbe
don't double-encapsulate regexes on normalize
2016-07-11 22:05:00 -05:00
William Vu
108c3961e2
Make sure GATEWAY_PROBE_PORT is 0
...
This ensures that dst_port is set for UDPSocket#send.
2016-07-11 12:10:46 -05:00
caye
a6e92034bf
Added glob to dir_files.entries search - thanks @OJ
2016-07-11 06:22:28 +00:00
caye
3c2f0e814e
'Continue' and 'tries' wget-like options for meterpreter 'download'
2016-07-10 16:24:36 +00:00
Metasploit
48410f3ab2
Bump version of framework to 4.12.13
2016-07-08 10:01:58 -07:00
James Lee
11685b7c6b
Set the server challenge key
2016-07-07 15:00:42 -05:00
James Lee
cfb56211e7
Revert "Revert "Land #7009 , egypt's rubyntlm cleanup""
...
This reverts commit 1164c025a2
.
2016-07-07 15:00:41 -05:00
Metasploit
82e092c2df
Bump version of framework to 4.12.12
2016-07-05 14:57:43 -07:00
James Lee
1164c025a2
Revert "Land #7009 , egypt's rubyntlm cleanup"
...
This reverts commit d90f0779f8
, reversing
changes made to e3e360cc83
.
2016-07-05 15:22:44 -05:00
Brent Cook
049b322ae4
add x86 and x64 stagers for mettle
2016-07-05 11:24:54 -05:00
Adam Cammack
0390ed4d6e
Add MIPS O32 Linux support (big and little endian)
2016-07-05 11:24:54 -05:00
Adam Cammack
8de508c4e0
Add mettle module for ARM
2016-07-05 11:24:54 -05:00
Adam Cammack
2f3f655352
Add gem for mettle
...
This adds the gem for the mettle binaries, which contains reflective
payloads for a variety of Linux architectures (and more OSs in the
future)
2016-07-05 11:24:54 -05:00
William Vu
6e7f07f0f3
Fix off-by-one error in #6954
...
Props to @egypt for noticing. My bad. :-)
2016-07-05 11:12:12 -05:00
David Maloney
5f9f3259f8
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-05 10:48:38 -05:00
David Maloney
7f341336b2
Land #7067 , bcook's rex tools fix
...
this pr fixes rex requires in the various tools that were
disrupted by the new gemification of rex
2016-07-05 10:34:59 -05:00
David Maloney
85937ab839
require new gems inside rex.rb
...
have the root rex namespace require the new rex gems
to prevent broken requires when things greedily require all of rex
2016-07-05 10:33:45 -05:00
Metasploit
054ac5ac19
Bump version of framework to 4.12.11
2016-07-05 07:49:37 -07:00
Brendan
e29d5b9efe
Land #6954 , Fix the available size of payload for exploit/.../payload_inject
2016-07-05 07:38:27 -07:00
Brent Cook
5dc7d4b16e
Land #7043 , Fix-up double slash handling with the LURI parameter
2016-07-05 01:21:33 -05:00
Brent Cook
85dfec0cf5
minor whitespace
2016-07-05 01:20:54 -05:00
Brent Cook
58e37931c5
Land #7040 , Decrease chance of an error when exiting a interactive shell
2016-07-05 01:15:39 -05:00
OJ
ef322ab9aa
Land #7066 - revert #6581 as it causes a regression
2016-07-05 16:05:48 +10:00
Brent Cook
4b77de2174
Land #7030 , Ensure 'show options' reflects correct values
2016-07-05 00:48:46 -05:00
Brent Cook
b9891aab27
Land #7007 , Added JCL header data to mainframe payload module
2016-07-05 00:22:20 -05:00
Brent Cook
9b4028d2d7
Revert #6581 , it causes regressions
...
We need a more clever solution without breaking HttpUnknownRequestResponse.
2016-07-05 00:11:15 -05:00
William Webb
2e97a08954
Land #7046 , Pad host field in notes -d command
2016-07-01 10:14:45 -05:00
William Webb
02d40eb576
Land #7044 , Pass exploit SRVPORT in BrowserAutopwn2
2016-07-01 09:49:05 -05:00
William Vu
4b01213fb5
Rewrite the logic to be positive
...
unless is the devil. unless/else doubly so.
2016-07-01 09:15:42 -05:00
William Vu
6e1b6e96a9
Land #7032 , rm -rf lib/rex/encoders
...
Dead code!
2016-06-30 16:32:14 -05:00
William Vu
f0cd25dcee
Land #7035 , lib/sshkey* swap to gem
2016-06-30 16:25:27 -05:00
William Vu
343f4010bd
Prefer newer hash syntax
2016-06-30 15:43:06 -05:00
wchen-r7
dbcdc300e5
Fix #7019 , Pad host field in notes -d command
...
The notes -d command is always expecting a host address, but
fileformat exploits don't have this type of information when the
exploit file is generated, therefore there isn't enough fields
provided for Rex table.
Fix #7019
2016-06-30 15:38:58 -05:00
wchen-r7
118caa13bf
Fix #7021 , Pass exploit SRVPORT in BrowserAutopwn2
...
In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.
Fix #7021
2016-06-30 14:20:53 -05:00
HD Moore
23399326c2
Fix up double slashes, tweak syntax
2016-06-30 12:56:29 -05:00
ssyy201506
0a85f1d233
Fix an error when exiting a interactive shell
2016-06-30 16:19:10 +09:00
Pearce Barry
5e39f895cf
Fix exception on msf 'db_export' cmd (see #7008 )
...
Users reported (in GitHub issue #7008 ) hitting an exception when attempting to export the contents of the msf database (i.e. workspaces, hosts, events, etc.) via the 'db_export' command. After some digging, it appears there were a few ActiveRecord changes with the new Rails upgrade that require a couple mods to the way we are querying.
2016-06-29 16:02:31 -05:00
David Maloney
80563b2c0f
Merge branch 'master' into feature/MS-1700/sshkey-gem
2016-06-29 09:44:57 -05:00
David Maloney
a796a1bc63
wierd namespace issues?
2016-06-28 16:13:49 -05:00
David Maloney
2dba09a9ce
unvendor sshkey gem
...
use the actual maintained gem rather than our vendored
copy
MS-1700
2016-06-28 16:10:48 -05:00
David Maloney
dcddd2d671
use the bit-struct gem
...
removed vendored copy of bit-struct and use the gem
instead
MS-1699
2016-06-28 15:58:47 -05:00
David Maloney
39fa8bf2d4
missing require
2016-06-28 15:40:56 -05:00
David Maloney
3d93c55174
move sshfactory into a mixin method
...
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention
MS-1688
2016-06-28 15:23:12 -05:00
David Maloney
ee2d1d4fdc
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-06-28 15:00:35 -05:00
David Maloney
356f4fd54d
delete deprecated lib/rex/encoders
...
this directory is all dead code and has been replaced with
the lib/rex/encoder directory. these files should have been
purge a long time ago for cleanlieness
MS-1692
2016-06-28 14:43:39 -05:00
David Maloney
0a83b34a85
Land #7025 , dev's PR for rex-java
...
lands the pr for moving Rex::Java into it's own gem
2016-06-28 14:40:02 -05:00
David Maloney
d90f0779f8
Land #7009 , egypt's rubyntlm cleanup
...
Land egypt's PR to replace all of our NTLM code with
the rubyntlm gem
2016-06-28 14:15:34 -05:00
David Maloney
97f9ca4028
Merge branch 'master' into egypt/ruby-ntlm
2016-06-28 14:14:56 -05:00
Metasploit
e3e360cc83
Bump version of framework to 4.12.10
2016-06-28 12:13:26 -07:00
Louis Sato
d5d0b9e9b8
Revert "Land #6729 , Speed up the datastore"
...
This reverts commit c6b1955a5a
, reversing
changes made to 4fb7472391
.
2016-06-28 13:39:52 -05:00
Pearce Barry
0660880332
Ensure 'show options' reflects correct values.
...
Small fix here to ensure that, even when boolean 'option' variables have a default value of 'true', that their current value is correctly reflected via the 'show options' command. This change should play fine with all other option variable types, I believe.
Current behavior:
```
msf > use auxiliary/gather/darkcomet_filedownloader
msf auxiliary(darkcomet_filedownloader) > show options
Module options (auxiliary/gather/darkcomet_filedownloader):
Name Current Setting Required Description
---- --------------- -------- -----------
BRUTETIMEOUT 1 no Timeout (in seconds) for bruteforce attempts
KEY no DarkComet RC4 key (include DC prefix with key eg. #KCMDDC51#-890password)
LHOST 0.0.0.0 yes This is our IP (as it appears to the DarkComet C2 server)
NEWVERSION true no Set to true if DarkComet version >= 5.1, set to false if version < 5.1
RHOST 0.0.0.0 yes The target address
RPORT 1604 yes The target port
STORE_LOOT true no Store file in loot (will simply output file to console if set to false).
TARGETFILE no Target file to download (assumes password is set)
msf auxiliary(darkcomet_filedownloader) > set STORE_LOOT false
STORE_LOOT => false
msf auxiliary(darkcomet_filedownloader) > get STORE_LOOT
STORE_LOOT => false
msf auxiliary(darkcomet_filedownloader) > set NEW_VERSION false
NEW_VERSION => false
msf auxiliary(darkcomet_filedownloader) > get NEW_VERSION
NEW_VERSION => false
msf auxiliary(darkcomet_filedownloader) > show options
Module options (auxiliary/gather/darkcomet_filedownloader):
Name Current Setting Required Description
---- --------------- -------- -----------
BRUTETIMEOUT 1 no Timeout (in seconds) for bruteforce attempts
KEY no DarkComet RC4 key (include DC prefix with key eg. #KCMDDC51#-890password)
LHOST 0.0.0.0 yes This is our IP (as it appears to the DarkComet C2 server)
NEWVERSION true no Set to true if DarkComet version >= 5.1, set to false if version < 5.1
RHOST 0.0.0.0 yes The target address
RPORT 1604 yes The target port
STORE_LOOT true no Store file in loot (will simply output file to console if set to false).
TARGETFILE no Target file to download (assumes password is set)
```
New behavior with this change:
```
msf > use auxiliary/gather/darkcomet_filedownloader
msf auxiliary(darkcomet_filedownloader) > show options
Module options (auxiliary/gather/darkcomet_filedownloader):
Name Current Setting Required Description
---- --------------- -------- -----------
BRUTETIMEOUT 1 no Timeout (in seconds) for bruteforce attempts
KEY no DarkComet RC4 key (include DC prefix with key eg. #KCMDDC51#-890password)
LHOST 0.0.0.0 yes This is our IP (as it appears to the DarkComet C2 server)
NEWVERSION true no Set to true if DarkComet version >= 5.1, set to false if version < 5.1
RHOST 0.0.0.0 yes The target address
RPORT 1604 yes The target port
STORE_LOOT true no Store file in loot (will simply output file to console if set to false).
TARGETFILE no Target file to download (assumes password is set)
msf auxiliary(darkcomet_filedownloader) > set STORE_LOOT false
STORE_LOOT => false
msf auxiliary(darkcomet_filedownloader) > get STORE_LOOT
STORE_LOOT => false
msf auxiliary(darkcomet_filedownloader) > set NEWVERSION false
NEWVERSION => false
msf auxiliary(darkcomet_filedownloader) > get NEWVERSION
NEWVERSION => false
msf auxiliary(darkcomet_filedownloader) > show options
Module options (auxiliary/gather/darkcomet_filedownloader):
Name Current Setting Required Description
---- --------------- -------- -----------
BRUTETIMEOUT 1 no Timeout (in seconds) for bruteforce attempts
KEY no DarkComet RC4 key (include DC prefix with key eg. #KCMDDC51#-890password)
LHOST 0.0.0.0 yes This is our IP (as it appears to the DarkComet C2 server)
NEWVERSION false no Set to true if DarkComet version >= 5.1, set to false if version < 5.1
RHOST 0.0.0.0 yes The target address
RPORT 1604 yes The target port
STORE_LOOT false no Store file in loot (will simply output file to console if set to false).
TARGETFILE no Target file to download (assumes password is set)
```
2016-06-28 13:12:34 -05:00
dmohanty-r7
c2f3d411c3
Replace rex/java with rex-java gem
2016-06-27 14:52:49 -05:00
Metasploit
fd07da3519
Bump version of framework to 4.12.9
2016-06-27 11:54:04 -07:00
James Lee
058115c21f
Land #7015 , sdavis' swagger exploit
2016-06-24 16:13:51 -05:00
James Lee
5d4cc7ab40
Add nodejs to list of defaults
2016-06-24 16:06:50 -05:00
David Maloney
5bc513d6cd
get ssh sessions working properly
...
ssh sessions now working correctly
MD-1688
2016-06-24 12:14:48 -05:00
David Maloney
3e94abe555
put net:ssh::commandstream back
...
this was apparently our own creation for doing
ssh sessions
MD-1688
2016-06-22 15:02:36 -05:00
David Maloney
6072697126
continued
2016-06-22 14:54:00 -05:00
David Maloney
140621ad9b
start to move to canonical net-ssh
...
removed vendored net::ssh
pulled in net:ssh gem
made Rex::Socket::SSHFactory clas to bridge rex sockets in
Renamed getpeername to getpeername-as_array to not override
core socket behaviour
MS-1688
2016-06-22 14:52:33 -05:00
James Lee
0126ec61d8
Style
2016-06-22 10:15:23 -05:00
James Lee
b3f59ebd19
Whitespace
2016-06-22 10:15:23 -05:00
James Lee
07f7e5e148
Convert non-loginscanner MSSQL to rubyntlm
2016-06-22 10:15:22 -05:00
James Lee
4b3f6c5d29
Use rubyntlm for mssql login scanner
2016-06-22 10:15:22 -05:00
James Lee
039e8f5899
Use rubyntlm for HTTP Negotiate auth
2016-06-22 10:15:22 -05:00
James Lee
c2a063c8ae
Start using rubyntlm for ssp auth
2016-06-22 10:15:16 -05:00
David Maloney
1e053c110a
Merge branch 'master' into feature/rex-cleanup/first-gems
2016-06-22 09:20:44 -05:00
Bigendian Smalls
3842753ce4
Added JCL header data to mainframe payload module
...
Currently any existing and future JCL payload has to have a 'job card'
basically data that defines the job to z/OS. It has information about
the job's owner, place it will run, output creation, etc. All JCL
shares the same job card format. As such, creating a shared payload
method that allows this text to be imported into any JCL payload.
Additionally, that job card is now parameterized, allowing the
exploit/payload user to edit these job card values-as this may be needed
in order to run the job sucessfully on any given system.
This PR sets up the mf module - next PRs will update the existing
payloads to use this module.
2016-06-21 22:06:44 -05:00
David Maloney
69e2d05a5d
rip out old rex code and replace with gems
...
rex-text, rex-random_identifier, rex-powershell, rex-zip, and rex-registry
are now being pulled in as gems instead of part of the spgehtti code that is lib/rex
2016-06-21 13:56:36 -05:00
OJ
bf36b2c58e
Fix preamble in bind_php to include php tag+escape
2016-06-21 10:07:42 +10:00
wchen-r7
129b449355
Add Msf::Util::EXE.to_zip
...
This adds a new method in Msf::Util::EXE to be able to create a
zip file with an array of binary data.
2016-06-20 13:36:59 -05:00
William Webb
98ad2489db
Land #6970 , #make_fast_nops for HUGE nop chunks
2016-06-17 12:56:26 -05:00
wchen-r7
c6b1955a5a
Land #6729 , Speed up the datastore
2016-06-15 17:55:42 -05:00
thao doan
f5bfc84453
Land #6977 , Add a more verbose message when generating module documentation
2016-06-15 14:55:55 -07:00
h00die
78775f7833
first attempt at 6964
2016-06-15 07:44:32 -04:00
William Webb
563b8206c5
Land #6962 , Apache Continuum Exploit
2016-06-13 16:41:53 -05:00
wchen-r7
337e48dc07
Create #make_fast_nops for huge NOP chunks
...
This creates a new method called #make_fast_nops for exploits that
actually need large chunks of NOPs.
2016-06-13 15:25:46 -05:00
William Vu
f7d261516d
Land #6968 , get_uri URIPORT fix (again)
2016-06-13 10:52:29 -05:00
William Vu
b7139da624
Clean up whitespace
2016-06-13 10:51:38 -05:00
Trenton Ivey
776dd57803
get_uri missing port fix
2016-06-12 19:27:34 -05:00
h00die
7831cb53c5
print status of opening browser at file
2016-06-11 21:13:31 -04:00
William Vu
5adc360b2a
Make opts truly optional
2016-06-10 20:35:40 -05:00
Metasploit
fd4a51cadb
Bump version of framework to 4.12.8
2016-06-10 10:01:27 -07:00
wchen-r7
0d7b587b5d
Avoid printing rhost:rport from AuthBrute
...
When AuthBurte is mixed with other modules using the TCP mixin,
rhost:rport is printed twice. This info should come from the
protocol level mixin.
2016-06-08 14:32:58 -05:00
Metasploit
815685992a
Bump version of framework to 4.12.7
2016-06-07 13:14:34 -07:00
Brian Patterson
6d72b5b19f
Land #6946 Fix a bug with OptPort validation when not req
2016-06-07 14:43:10 -05:00
David Maloney
53b989f283
fix normalisation so we don't coerce to 0
...
don't coerce nil to 0
2016-06-07 14:29:13 -05:00
David Maloney
16030cda30
simpler fix
...
talking with adam shows that there is a simpler solution
to this problem
2016-06-07 14:13:10 -05:00
David Maloney
9de27e0b9c
add more specific normalise method to otpport
...
add a normalise method that prevents emtpy string
from being converted to 0 for OptPort avoiding
a bad behaviour
2016-06-07 14:03:34 -05:00
David Maloney
27b5d961fd
fixes a bug with OptPort validation when not req
...
OptPort lost the check for whether the option was required causing it
to incorrectly return false in certain cases
MS-1633
2016-06-07 13:48:57 -05:00
Louis Sato
d3a13f4b0c
Merge pull request #6942 from acammack-r7/bug/MS-1517/fix-acunetix-again
...
Fix Acunetix import with a blacklist
2016-06-05 23:00:48 -05:00
Adam Cammack
08f1e68487
Fix Acunetix import with a blacklist
...
If a host is blacklisted, we won't create the service for it. If we
don't create the service, we don't want to create entries for the web
pages.
MS-1517
2016-06-03 19:40:29 -05:00
Brent Cook
da532ecc5e
Land #6919 , Move LURI into a full URI for a new 'Payload opts" column in jobs output
2016-06-03 13:57:47 -05:00
James Barnett
e0cf4721c5
Land #6927 , Fix exception handling in #exploit_simple
2016-06-02 11:15:25 -05:00
David Maloney
ffa4177575
missed a few joins
...
missed a few joins statements before
MS-1593
2016-06-01 15:32:51 -05:00
David Maloney
2047475901
host tags commands eagerloaded instead of joining
...
someone tried to fix a rails deprecation warning by doing an
eager load, but caused an actual exception instead. switching to
propper joins makes everything work properly
MS-1593
2016-06-01 13:50:38 -05:00
David Maloney
a27d10c200
fixes the exception handling in #exploit_simple
...
The exception handling in the #exploit_simple method tries to set
error on exploit but exploit is defined within the begin block
causing a noMethodError on nilClass
MS-1608
2016-05-31 11:46:05 -05:00
Metasploit
c35322ec3f
Bump version of framework to 4.12.6
2016-05-30 22:34:13 -07:00
wchen-r7
61f9cc360b
Correct casing - should be HttpUsername and HttpPassword
2016-05-27 18:31:54 -05:00
wchen-r7
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
James Lee
f7382f5b3b
Make `jobs` display a full uri
...
Addresses the problem of LURI taking the place of URIPATH, which has
different semantics.
See #4623
2016-05-27 11:15:12 -05:00
Brendan Watters
00b18c8ac5
Land #6917 , Fix minor issues with the RC4 stager
2016-05-26 10:12:54 -05:00
Brent Cook
a3d2cba698
Land #6906 , Improve msfvenom error handling and spec coverage
2016-05-26 07:58:37 -05:00
Brent Cook
96c459c71d
fix #6915 , handle nil payloads and alert to the user
2016-05-26 07:22:09 -05:00
Brent Cook
8612eaa553
remove senduuid for now, give RC4PASSWORD a default
2016-05-26 06:34:51 -05:00
Brent Cook
c65401026a
wip fixup rc4
2016-05-25 06:17:02 -05:00
wchen-r7
05680ab6f3
Land #6887 , add a missing postgresql 9.4.1-5 matching case
2016-05-24 22:19:03 -05:00
James Lee
5921ac7b47
Add a spec and fix ReverseHttp#luri
2016-05-24 17:22:14 -05:00
William Vu
3dfdf1d936
Land #6528 , tilde expansion and more for OptPath
2016-05-24 16:01:59 -05:00
Jon Hart
a23ce05752
File.exists? must cease to exist
2016-05-24 13:53:26 -07:00
wchen-r7
14cb85250e
Land #6912 , use the correct variable for cookie expiration in BAP2
2016-05-24 14:19:03 -05:00
wchen-r7
ff4d150449
Show IP for print_*
2016-05-24 14:12:54 -05:00
wchen-r7
b5987e1d51
Land #6907 , Fix check command with an IP or IP range
2016-05-24 11:37:56 -05:00
James Lee
9807f9b796
Move Rex::Job into its own file
2016-05-24 11:24:47 -05:00
Metasploit
54f4389d31
Bump version of framework to 4.12.5
2016-05-24 08:54:14 -07:00
Brendan Watters
77a62ff7c0
Land #6905 RC4 Stagers
2016-05-24 09:34:32 -05:00
Brendan Watters
43f79f34a9
Removed superfluous instruction
2016-05-24 09:03:14 -05:00
Brent Cook
3bc020178f
use the correct variable for cookie expiration
2016-05-24 07:16:55 -05:00
Brent Cook
76e8e8f6c7
really fix regex
2016-05-23 20:08:38 -05:00
Brent Cook
eb26202961
fix regex
2016-05-23 17:33:06 -05:00
Louis Sato
d0b87131a9
fixing import of zip workspace
...
MS-1528
2016-05-23 16:09:22 -05:00
Brent Cook
6af9a093d2
update bool
2016-05-23 15:48:03 -05:00
darkbushido
5e059e0c5b
updating the error message
...
changing the exception to be a little more specific.
2016-05-23 15:40:32 -05:00
darkbushido
d3cdcd5f99
Having the payload generator check the payload size
...
Payload generator will raise an error if the payload is larger then the size option
2016-05-23 15:17:41 -05:00
Brent Cook
fe1b24e666
allow nil assignment to the datastore
2016-05-23 14:56:19 -05:00
Brent Cook
f29463f119
include {peer} in the context of the command dispatcher
2016-05-23 14:55:58 -05:00
RageLtMan
efc64eaa5f
Implement reverse_tcp_rc4_dns payload in metasm
...
Using the ruby methods for generating assembly blocks defined or
separated in prior commits, create a new payload from the existing
assembly blocks which performs a DNS lookup of the LHOST prior to
establishing a corresponding socket and downloading, and
decrypting the RC4 encrypted payload.
For anyone looking to learn how to build these payloads, these
three commits should provide a healthy primer. Small changes to
the payload structure can yield entropy enough to avoid signature
based detection by in-line or out-of-band static defenses. This
payload was completed in the time between this commit and the last.
Testing:
Win2k8r2
ToDo:
Update payload sizes when this branch is "complete"
Ensure UUIDs and adjacent black magic all work properly
2016-05-23 14:27:11 -05:00
RageLtMan
0e69040a6a
Implement reverse_tcp_dns as metasm payload
...
Using the separation of block_recv and reverse_tcp, implement
reverse_tcp_dns using original shellcode as template with dynamic
injection of parameters. Concatenate the whole thing in the
generation call chain, and compile the resulting shellcode for
delivery.
Metasploit module pruned to bare minimum, with the LHOST OptString
moved into the library component.
Testing:
Win2k8r2
ToDo:
Update payload sizes when this branch is "complete"
Ensure UUIDs and adjacent black magic all work properly
Misc:
Clean up rc4.rb to use the rc4_keys method when generating a
stage. Makes the implementation far more readable and reduces
redundant code.
2016-05-23 14:27:11 -05:00
RageLtMan
df2346d9e0
Implement RC4 metasm payloads for tcp bind and rev
...
Convert reverse_tcp_rc4 and bind_tcp_rc4 from static shellcode
substitution payloads to metasm compiled assembly approach.
Splits up metasm methods for bind_tcp and reverse_tcp into socket
creation and block_recv to allow for reuse of the socket methods
with the RC4 payloads, while substituting the block_recv methods
for those carrying the appropriate decryptor stubs.
Creates a new rc4 module carrying the bulk of the decryptor and
adjacent convenince methods for standard payload generation.
Testing:
Tested against Win2k8r2, Win7x64, and WinXPx86
ToDo:
Ensure all the methods around payload sizing, UUIDs, and other
new functionality, the semantics of which i do not yet fully
understand, are appropriate and do not introduce breakage.
2016-05-23 14:27:11 -05:00
Brent Cook
9fc07eeb99
Land #6902 , Respect SSLCipher in server mixins
2016-05-20 17:34:38 -05:00
Adam Cammack
fda4c62c1f
Respect SSLCipher in server mixins
...
This allows us to set a sane cipher spec for SSL-enabled server modules.
2016-05-20 16:59:36 -05:00
Metasploit
100300c819
Bump version of framework to 4.12.4
2016-05-18 07:04:09 -07:00
Brent Cook
6a4a9742e8
handle bad user
2016-05-17 17:24:46 -05:00
Brent Cook
c6db5bf34a
add a missing postgresql 9.4.1-5 matching case
2016-05-17 17:12:47 -05:00
Jenkins
c9dd863085
Bump version of framework to 4.12.3
2016-05-17 10:18:08 -07:00
Jon Hart
8bccfef571
Fix merge conflict
2016-05-16 17:29:45 -07:00
wchen-r7
04d70640b1
Land #6868 , Add axis2 payload generator for msfvenom
2016-05-16 17:48:50 -05:00
David Maloney
c40b8ea3fb
Land #6864 , Meterp Suspend
2016-05-16 11:13:43 -05:00
Jenkins
621a908b2d
Bump version of framework to 4.12.2
2016-05-13 12:51:58 -07:00
David Maloney
ba4bfca806
Revert "arg bad build, resetting version back one"
...
This reverts commit d86392e96b
.
2016-05-13 14:48:35 -05:00
David Maloney
d86392e96b
arg bad build, resetting version back one
2016-05-13 14:44:02 -05:00
Jenkins
b6a83f734d
Bump version of framework to 4.12.1
2016-05-13 12:39:43 -07:00
David Maloney
31050a8da7
Rails upgrade to 4.2.6
...
lands all of the rails 4.2 upgrade work
Merge branch 'staging/rails-upgrade'
2016-05-13 14:34:50 -05:00
Jenkins
6c11054d5a
Bump version of framework to 4.12.0
2016-05-13 11:46:03 -07:00
Christian Mehlmauer
7fcddd5a05
Add axis2 payload generator
2016-05-12 22:48:07 +02:00
David Maloney
d9abb06a5a
Merge branch 'master' into staging/rails-upgrade
2016-05-12 11:18:51 -05:00
David Maloney
7edaa2abcc
still trying to fix these migrations
...
seeing odd behaviour with mgirations in
rspec
2016-05-11 14:54:40 -05:00
David Maloney
2fb3123ef2
fix migration crazieness
...
MS-1486
2016-05-11 14:05:34 -05:00
David Maloney
993709e076
Land #6862 , jar payloads
...
lands FireFarts jar payload pr
2016-05-11 09:56:41 -05:00
Brent Cook
af84e85174
fix exception suspending channels from meterpreter
2016-05-10 04:21:31 -05:00
Christian Mehlmauer
e2dd844e34
reenable jar format
2016-05-09 21:25:23 +02:00
David Maloney
6142d2cef1
Merge branch 'master' into staging/rails-upgrade
2016-05-09 09:27:17 -05:00
Brent Cook
7b1148c438
disambiguate NetBSD/OpenBSD
2016-05-09 05:11:47 -05:00
Brent Cook
71a674434a
Solaris 11
2016-05-09 05:11:09 -05:00
Brent Cook
bbe35ac21a
match solaris uname
2016-05-09 05:06:59 -05:00
Brent Cook
1a97042a0d
include running CPU architecture in platform string
2016-05-09 05:06:37 -05:00
Brent Cook
f466464e80
set a recommended number of threads per session type
2016-05-08 22:39:41 -05:00
Brent Cook
9268f66540
auto-set the meterpreter platform based on the sysinfo os
2016-05-08 22:39:41 -05:00
Jenkins
805f98f599
Bump version of framework to 4.11.27
2016-05-06 11:32:46 -07:00
David Maloney
1ffab935cc
pull dep mgirations from credential
...
credential pulls mdm, so we don't combine these
2016-05-06 11:57:40 -05:00
David Maloney
a763863ff3
remove #truncate_session_desc
...
this method was absed around a char limit
for the desc column which no longer exists
trying to perform this operation generates an error
removing the method since it is not needed
2016-05-06 09:36:12 -05:00
Adam Cammack
f75009a9c6
Don't duplicate headers when sending emails
...
If Date: and Subject: are present, we should not try to add them again.
This made Amazon SES puke, and that made us sad :(.
MS-1476
2016-05-05 10:47:21 -05:00
David Maloney
19af279ce9
Merge branch 'master' into staging/rails-upgrade
2016-05-05 10:46:12 -05:00
dmohanty-r7
f096c3bb99
Land #6821 Fix send_request_cgi! redirection
2016-05-05 09:09:30 -05:00
David Maloney
55b38ad089
Land #6398 , content length header
...
lands wei's content length header pr
2016-05-04 11:53:46 -05:00
Jenkins
e7ff4665e1
Bump version of framework to 4.11.26
2016-05-04 09:44:18 -07:00
Rob Fuller
4c9eba333e
Land #6753 , MSF-side support for reverse port forwards
...
Huge thanks to @OJ for making this happen.
Tested targets Win7,10,2008,2012
Tested payloads Win32 native, Win64 native, python
2016-05-04 07:39:05 -04:00
Jenkins
7490ab1c78
Bump version of framework to 4.11.25
2016-05-03 17:09:07 -07:00
OJ
60f81a69ea
Remove the pfservice close call on shutdown
2016-05-03 12:03:37 +10:00
OJ
d136844d3b
Add error handling around double-bind of ports
2016-05-03 10:42:41 +10:00
wchen-r7
ffc91a193c
Fix #6841 , info -d [module path] not spawning module documentation
...
Fix #6841
2016-05-02 14:23:29 -05:00
Brian Patterson
be363411de
Land #6317 , Add delay(with jitter) option to auxiliary scanner and portscan modules
2016-05-02 13:09:40 -05:00
David Maloney
fb5b228984
Merge branch 'master' into staging/rails-upgrade
2016-05-02 11:33:35 -05:00
dmaloney-r7
3b893cf740
Merge pull request #6581 from bcook-r7/uuidretry
...
don't send a response on invalid UUID, allow stagers to survive another day
2016-05-02 11:23:02 -05:00
Jenkins
d4f1c78c5c
Bump version of framework to 4.11.24
2016-04-29 13:38:06 -07:00
dmohanty-r7
20ec56d06a
Do not parse empty web_sites
...
MS-255
2016-04-28 13:17:03 -05:00
dmohanty-r7
5a4e70fdf0
Fixes indentation in check_msf_xml_version!
...
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7
f4f607d815
Correct comments to use Nokogiri::XML::Element
...
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7
56fd5a745e
Do not parse element if empty
...
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7
050061762b
Fix db_manager rspec tests
...
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7
0e568674d7
Add comments on parse functions
...
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7
0759848ad5
Use Nokogiri Reader in zip import
...
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7
83ff60c111
Force encoding on import xml
...
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7
e4fcaefc8c
Unpack and pack an unsigned integer per 8 bytes
...
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7
e6a8d69b0b
Force encoding of XML import
...
MS-255
2016-04-28 13:17:00 -05:00
dmohanty-r7
f1d8e1d693
Parse web_data in xml import
...
MS-255
2016-04-28 13:17:00 -05:00
dmohanty-r7
802dfabbe3
Converts XML importer to use Nokogiri Reader
...
MS-255
2016-04-28 13:17:00 -05:00
wchen-r7
d4b89edf9c
Fix #6398 , Missing Content-Length header in HTTP POST
...
RFC-7230 states that a Content-Length header is normally sent in
a POST request even when the value (length) is 0, indicating an
empty payload body. Rex HTTP client failed to follow this spec,
and caused some modules to fail (such as winrm_login).
Fix #6398
2016-04-28 11:44:10 -05:00
OJ
c15a2e8787
Merge branch 'upstream/master' into reverse-port-forward
...
Signed-off-by: OJ <oj@buffered.io>
2016-04-26 09:48:40 +10:00
wchen-r7
47d52a250e
Fix #6806 and #6820 - Fix send_request_cgi! redirection
...
This patch fixes two problems:
1. 6820 - If the HTTP server returns a relative path
(example: /test), there is no host to extract, therefore the HOST
header in the HTTP request ends up being empty. When the web
server sees this, it might return an HTTP 400 Bad Request, and
the redirection fails.
2. 6806 - If the HTTP server returns a relative path that begins
with a dot, send_request_cgi! will literally send that in the
GET request. Since that isn't a valid GET request path format,
the redirection fails.
Fix #6806
Fix #6820
2016-04-25 14:30:46 -05:00
wchen-r7
4676d70918
rm osvdb condition
2016-04-24 18:36:33 -05:00
Adam Cammack
f28d280199
Land #6814 , move stdapi to exist?
2016-04-24 13:41:11 -04:00
Brent Cook
12a47b7fab
prefer &&
2016-04-24 11:56:32 -04:00
Brent Cook
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
Brent Cook
45961f75d4
Fix the payload size updater for MetasploitModule
2016-04-23 11:38:42 -04:00
William Vu
9713124e54
Land #6802 , resolve command for Meterpreter
2016-04-22 17:18:31 -05:00