James Lee
05d8f9d186
Make sure addr is not nil
...
See http://ruby-doc.org/stdlib-2.2.2/libdoc/socket/rdoc/Socket/Ifaddr.html#method-i-addr
Which says:
Returns the address of *ifaddr*. nil is returned if address is not
available in *ifaddr*.
I ran into this with a teql interface, but who knows what else might
trigger it.
2016-01-04 15:58:03 -06:00
Chris Doughty
44ece87480
Merge branch 'master' into framework-as-a-gem
2016-01-04 09:04:32 -06:00
joev
00f1511b46
Use the right op for the data checksum.
2016-01-03 01:48:25 -06:00
joev
00dc6364b5
Add support for native target in addjsif exploit.
2016-01-03 01:07:36 -06:00
joev
849857a418
Fix spacing issues in message.rb.
2016-01-02 22:57:26 -06:00
joev
6668dbec41
Remove stray binding.pry.
2016-01-02 22:50:06 -06:00
joev
dcd36b74db
Last mile polish and tweaks.
2016-01-02 22:41:38 -06:00
joev
6575f4fe4a
Use the cmdstager mixin.
2016-01-02 14:09:56 -06:00
joev
9c85c5d4fe
Add newline.
2016-01-02 01:17:28 -06:00
joev
a88471dc8d
Add ADB client and module for obtaining shell.
2016-01-02 01:13:53 -06:00
nixawk
370351ca88
chinese caidao asp/aspx/php backdoor bruteforce
2015-12-31 15:17:01 +08:00
Brent Cook
bcd1a6d45e
make JSON key format a little more standard, emit options
2015-12-30 16:00:09 -06:00
Chris Doughty
2a0ae144df
Fixup rubocop warnings for cleanup purposes
2015-12-30 14:33:02 -06:00
Chris Doughty
bb857e7a33
Add new line after json output for cleaner usability
2015-12-30 14:32:31 -06:00
Chris Doughty
8090bbc750
Changes to support framework as a gem
2015-12-30 11:00:45 -06:00
Chris Doughty
3f98511d7c
Cleanup logic to force an output type
2015-12-29 15:11:16 -06:00
Chris Doughty
29ea553e03
Adding a json formatting option to the info command
2015-12-29 13:57:35 -06:00
Brent Cook
e23b5c5435
Land #6179 , add NTP initial crypto nak spoofing module
2015-12-24 15:46:18 -06:00
Brent Cook
eec6a6f905
Land #6304 , simplify Meterpreter livelness checks
2015-12-24 15:42:17 -06:00
Jon Hart
beb2fa9f92
Use bind_addresses rather than bind_address; fixes #6394
2015-12-24 09:20:21 -08:00
Jon Hart
efdb6a8885
Land #6392 , @wchen-r7's 'def peer' cleanup, fixing #6362
2015-12-24 08:53:32 -08:00
Brent Cook
9c410e02e3
Merge branch 'master' into land-6111-android
2015-12-24 10:13:25 -06:00
Tim
5d0e868fd6
facebook.orca fixes
2015-12-24 12:21:08 +00:00
Tim
69b65e7d39
fix error handling
2015-12-24 09:13:56 +00:00
Brent Cook
17ad41070b
Land #6380 , allow linux x86 meterpreter in the pref list
2015-12-23 16:10:26 -06:00
Brent Cook
e4f9594646
Land #6331 , ensure generic payloads raise correct exceptions on failure
2015-12-23 15:43:12 -06:00
wchen-r7
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7
a16a10aaf6
Fix #6371 , being able to report an exception in #job_run_proc
...
Fix #6371
When a browser fails to bind (probably due to an invalid port or
server IP), the module actually fails to report this exception from
exception, the method calls exploit.handle_exception(e). But since
handle_exception is not a valid method for that object, it is unable
to do so, and as a result the module fails to properly terminate
the module, or show any error on the console. For the user, this will
make it look like the module has started, the payload listener is up,
but there is no exploit job.
Rex::BindFailed actually isn't the only error that could be raised
by #job_run_proc. As far as I can tell registering the same resource
again could, too. With this patch, the user should be able to see this
error too.
Since the exploit object does not have access to the methods in
Msf::Simple::Exploit, plus there is no other code using
handle_exception and setup_fail_detail_from_exception, I decided
to move these to lib/msf/core/exploit.rb so they are actually
callable.
2015-12-22 16:35:29 -06:00
Brent Cook
84675e352b
Land #6249 , check for nil when using read_exactly_n_bytes
2015-12-22 15:48:39 -06:00
Brent Cook
3f4c6eb370
Land #5383 , allow tunneling reverse_tcp meterpreter sessions without 'route add'
2015-12-22 15:42:42 -06:00
Christian Mehlmauer
f6eaff5d96
use the new and shiny joomla mixin
2015-12-22 21:36:42 +01:00
Tim
d2a9aa18d8
fix sillyness
2015-12-22 16:06:01 +00:00
Tim
eeea4bde9d
integrate ./msfvenom -x for android payloads
2015-12-22 15:58:27 +00:00
Tim
662a6dfd53
¯\_(ツ)_/¯
2015-12-22 14:49:00 +00:00
Tim
d2cc32a389
integrate apk_backdoor with msfvenom
2015-12-22 14:49:00 +00:00
wchen-r7
fa390358a2
Add linux/x86/meterpreter/reverse_tcp to the preference list
...
linux/x86/meterpreter/reverse_tcp was not added to the preference
list, because at the time it was reliable. For example: it would
crash while running a post module. This is not the case anymore,
so it looks like linux/x86/meterpreter/reverse_tcp is ready to
serve.
2015-12-21 23:09:54 -06:00
wchen-r7
2cc54a7a43
Make joomla.xml go first
...
Reason is here:
https://github.com/rapid7/metasploit-framework/pull/6373#issuecomment-166446092
2015-12-21 22:59:13 -06:00
wchen-r7
17b67b8f1b
Add trailing /
2015-12-19 17:18:34 -06:00
wchen-r7
5ff02956c9
Lower joomla.xml
2015-12-19 13:46:13 -06:00
wchen-r7
0fda963601
Have multiple paths to find the generator tag
2015-12-19 13:45:41 -06:00
wchen-r7
6dada5f20f
add another we can check
...
administrator/manifests/files/joomla.xml
2015-12-19 12:06:06 -06:00
wchen-r7
7d8ecf2341
Add Joomla mixin
2015-12-18 21:14:04 -06:00
Jon Hart
b78f7b4d55
Land #6319 , @all3g's module for abusing redis to achieve file uploads
2015-12-14 18:00:44 -08:00
Jon Hart
6611da9239
strip, not stripgit diff. strip! returns nil if the string was unmodified
2015-12-11 19:22:57 -08:00
Jon Hart
dcdc21e2db
Correct unbalanced quotes
...
You down with OCD (Yeah you know me).
2015-12-11 18:44:14 -08:00
Jon Hart
e23908d672
Improve verbose output related to authentication handling
2015-12-11 18:32:00 -08:00
Jon Hart
1a0f71b6fa
Try to catch case where post-auth commands are failing
2015-12-11 17:23:03 -08:00
Jon Hart
9cec3d9e6b
Move redis password option to non-advanced
2015-12-11 17:03:49 -08:00
Jon Hart
1fecd9846c
Bury some helper methods behind private
2015-12-11 10:13:13 -08:00
Jon Hart
9ef46140c0
Improve output when success
2015-12-11 10:10:44 -08:00
Jon Hart
32a64c3d8e
Make auth easier, work automatically and on older redis versions
...
Also, improve check
2015-12-11 10:04:47 -08:00
Jon Hart
ac47c87af4
Move Password option to redis mixin
2015-12-11 08:53:11 -08:00
Jon Hart
38d0b0a0f2
Wire in @all3g's redis auth code
2015-12-11 08:42:59 -08:00
Luke Imhoff
4858ae63bd
Thread class name for debugger has changed, so add new name
...
MSP-13484
2015-12-10 21:47:22 -06:00
Jon Hart
555e52e416
Document the redis upload process more
2015-12-10 09:35:46 -08:00
Jon Hart
00f72b279b
Cleaner printing when in verbose
2015-12-10 09:12:54 -08:00
Jon Hart
21ab4e96e5
First pass at redis mixin
2015-12-10 08:29:59 -08:00
wchen-r7
07ef09e0b6
Avoid Msf::Module::Platform
...
We don't know how to generate an exe payload if the platform is
Msf::Module::Platform, so don't use it.
2015-12-08 21:40:30 -06:00
wchen-r7
9e52663705
Doc
...
Fix #6330
2015-12-08 21:24:39 -06:00
wchen-r7
11c1eb6c78
Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails
...
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
2015-12-08 21:13:23 -06:00
wchen-r7
5b27d3a99c
This looks right
2015-12-08 20:42:35 -06:00
wchen-r7
cea8c40432
Fix generate_payload_exe for generic payload support
...
Platform can be seen from different sources:
1. From the opts argument. For example: When you are using
generate_payload_exe, and you want to set a specific platform.
This is the most explicit. So we check first.
2. From the metadata of a payload module. Normally, a payload module
should include the platform information, with the exception of
some generic payloads. For example: generic/shell_reverse_tcp.
This is the most trusted source.
3. From the exploit module's target.
4. From the exploit module's metadata.
Architecture shares the same load order.
2015-12-08 20:26:07 -06:00
Jon Hart
39da306b1d
Land #6057 , @danilbaz's module for dumping Bitlocker master key (FVEK)
2015-12-08 18:16:39 -08:00
wchen-r7
080ec26afb
Land #4489 , Update SMB admin modules to use Scanner & fixes
2015-12-08 14:49:26 -06:00
OJ
c747ffc05a
Implement support for TLV packet XORing, and RECV removal
2015-12-08 16:37:10 +10:00
wchen-r7
ef217c4b6d
Land #6315 , Support migrating to processes by process name
2015-12-07 23:53:06 -06:00
William Vu
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
Jon Hart
06836d9b8a
Better handling of invalid process name/IDs
2015-12-04 14:25:57 -08:00
wchen-r7
14b1b3a1f0
Land #6299 , Stageless HTTP(S) Python Meterpreter
2015-12-04 16:16:54 -06:00
Jon Hart
3ecac615a2
Support migrating to processes by process name
...
Fixes #6313
2015-12-04 13:33:01 -08:00
jvazquez-r7
340fe5640f
Land #6255 , @wchen-r7's module for Atlassian HipChat JIRA plugin
2015-12-03 20:01:06 -06:00
Louis Sato
0bcac5e73b
Use concat instead of assignment on java proxy classes encoding
...
* fixes bug in java serialization encoding proxy class
2015-12-03 17:31:13 -06:00
William Vu
aa9969c81a
Add more normalization to temporary directory
2015-12-03 11:37:02 -06:00
James Lee
762fdbed40
Simplify meterpreter liveness check
2015-12-03 09:16:18 -06:00
James Lee
6fa2269764
PacketResponseWaiter - improve yardoc coverage
2015-12-03 09:16:17 -06:00
Sonny Gonzalez
d7aeabbb71
Land #6293 , listener bind_port fix
2015-12-02 13:16:23 -06:00
jvazquez-r7
58cf9f4fcd
Land #6301 for sure, @busterb's REALLY wants to delete go_pro :)
2015-12-02 09:38:40 -06:00
jvazquez-r7
545e8a2ea0
Land #6301 , @busterb removes the go_pro command
2015-12-02 09:28:08 -06:00
Rory McNamara
98b3919e94
Remove .bin from default behaviour
2015-12-02 09:58:11 +00:00
Rory McNamara
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
William Vu
6d3c4868a3
Land #6286 , bind port display in jobs
2015-12-02 02:21:14 -06:00
William Vu
098c573f82
Land #6291 , DisablePayloadHandler Boolean fix
...
Nice call with Regexp#===, @wchen-r7. :)
2015-12-02 02:17:59 -06:00
Brent Cook
fbeaeb2877
remove more unneeded machinery for go_pro
2015-12-01 22:32:50 -06:00
Brent Cook
6ab2919c40
remove go_pro command
2015-12-01 15:29:21 -06:00
Spencer McIntyre
388edd3207
Fix the scheme for the pymet ProxyHandler
2015-11-30 13:45:24 -05:00
Spencer McIntyre
fba9715a56
Add stageless python meterpreter http & https payloads
2015-11-28 17:41:55 -05:00
BAZIN-HSC
070a156925
-Recovrey +Recovery
2015-11-27 13:58:19 +01:00
Jon Cave
0c8eb6fb37
Display ReverseListenerBindPort if it is set
...
ReverseListenerBindPort overrides LPORT if it is used. The `listener_uri`
method should use the output `bind_port` to account for this.
2015-11-27 09:16:20 +00:00
wchen-r7
c888726a1a
Fix #6287 , check DisablePayloadHandler value in exploit.rb
...
It looks active_module datastore options are always strings. They
are actually different than what the module uses (normalized), so
we have to always have to check it.
2015-11-26 18:30:31 -06:00
Brent Cook
e5119e6446
use payload_uri's result to derive lhost / lport
2015-11-26 15:21:51 -06:00
Brent Cook
216119c05c
unfold override lhost/lport logic
2015-11-26 15:15:21 -06:00
Spencer McIntyre
1b495e73ac
Further reduce python reverse_http duplicate code
2015-11-26 14:31:00 -05:00
Spencer McIntyre
bd25ffa48c
Consolidate py reverse http uri code into a mixin
2015-11-26 13:32:50 -05:00
Brent Cook
f4d35116bd
land #6288 , fix regression using non-default port with reverse_http
2015-11-26 11:04:24 -06:00
Brent Cook
eb57163db6
Land #6285 , excellent new sound plugin scheme
2015-11-26 10:41:02 -06:00
Jon Cave
d9655fc882
Use LPORT if opts[:lport] is undefined
...
`nil.to_i` returns 0 which will short circuit the || resulting in port 0
being used. nil should be checked for prior to casting to int.
2015-11-26 16:08:22 +00:00
OJ
87507e19a9
Change job view to show bind port if applicable
2015-11-26 16:18:00 +10:00
wchen-r7
776455d10a
Add another sound and event
...
Add sound: "We've got a shell"
Add event on_session_fail
2015-11-25 22:46:51 -06:00
Brent Cook
a7a89adfac
Land #6264 , meterpreter per-extension init string support, update payloads to 1.0.17
...
This brings in the following changes:
Changes to support maven 3.3+
Don't fall back to 0.0.0.0
Remove all debug builds from the Windows projects
Add show_mount, ps_list, and some core tweaks
Refactor TLV layout, add more debug output, token stealing
Add incognito binding, code tidies
Update packaged libs
Add transport list binding
Add transport add command to python binding
Update python core lib archive
change source perms back to non-executable
First pass of stageless initialisation script
Finalise stageless initialisation scripts
add BOOT_COMPLETED receiver that starts the Payload
Improve the implementation of the getuid command
Switch to Utils.runCommand per timwr's suggestion
Updated init script method
also bumps msgpack 0.7.1, which fixes a failure packing messages > 256k
2015-11-25 22:27:27 -06:00
Kyle Gray
8923252de7
Land #6259 , NoMethodError in vim_soap.rb fix
...
We haven't been able to get the XML data that would cause the error, all we have is a backtrace. So "verification" is purely code reading. Thanks @wchen-r7
Fixes #6085
Merge remote-tracking branch 'origin/pr/6259'
2015-11-24 17:33:35 -06:00
wchen-r7
b1abfe898d
Update wordpress_xmlrpc_login
...
Replace the wordpress_xmlrpc_login code with
wordpress_xmlrpc_massive_bruteforce.rb, which should run a lot
faster.
2015-11-24 16:30:34 -06:00
James Lee
bd9ebeea53
Land #5851 , meterpreter dispatcher queue
2015-11-24 15:32:15 -06:00
Brent Cook
7ad8adf67f
Land #6240 , change default SMBDomain to '.'
2015-11-24 12:58:46 -06:00
Louis Sato
5303079ba4
Land #6262 , local exploit add not implemented error
2015-11-23 14:23:13 -06:00
Brent Cook
5654b6b2e2
Land #6227 , reverse_hop_http updates and HTTPS unification
2015-11-23 06:29:15 -06:00
Brent Cook
25f2241aa3
Land #6246 , show the user errors from create_session
2015-11-23 06:01:08 -06:00
HD Moore
353cad2cc6
Update to match active & github account merge
2015-11-22 13:38:26 -06:00
HD Moore
b9e176cd77
Fix up cell result parsing
2015-11-21 11:15:00 -06:00
Jon Cave
c03ff13377
Don't wait if the response has already been set
...
Fixes a race condition which could leave the waiter sitting indefinitely
if notify() is called before wait().
2015-11-21 14:21:42 +00:00
Jon Cave
12b24fecee
Return true/false if a waiter was/wasn't notified
...
The method is used as follows:
if notify_response_waiter(response)
# Proceed as if a waiter was notified
end
Previously the return value would be `nil` whenever the loop broke early
due to a waiter being found. This meant that the dispatcher thread often
believed that a packet was not being handled. As a result the
backlog == incomplete sleep kicked in unnecessarily.
2015-11-21 14:20:51 +00:00
Jon Cave
6509696eb1
Switch back to Mutex/CV for response waiters
...
Makes use of the wait() method's timeout parameter instead of using the
Timeout class.
2015-11-21 14:20:51 +00:00
Jon Cave
640a302b78
Switch to a Queue for the dispatcher's packet queue
...
The select() based sleep can be replaced by a blocking pop(). The thread
will be suspended until data is pushed onto the queue.
2015-11-21 14:20:51 +00:00
wchen-r7
b636aeb303
rm print_warning
2015-11-20 19:38:33 -06:00
Jon Hart
07767cd803
Fix #6265
2015-11-20 15:17:15 -08:00
HD Moore
99a74fd4d2
Merge branch 'master' into feature/interval-collect-geo
2015-11-20 14:06:22 -06:00
BAZIN-HSC
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
BAZIN-HSC
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
BAZIN-HSC
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
wchen-r7
d405f31c35
Add a NotImplementedError if run is used to run a local exploit
...
Running a local exploit like a post is not currently supported,
we should at least raise a warning or something, and not just
let it backtrace and confuse the user.
2015-11-19 14:31:31 -06:00
wchen-r7
d6921fa133
Add Atlassian HipChat for Jira Plugin Velocity Template Injection
...
CVE-2015-5603
Also fixes a bug in response.rb (Fix #6254 )
2015-11-18 11:34:25 -06:00
Jon Hart
089a006408
Land #6248
2015-11-17 14:28:55 -08:00
wchen-r7
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
Dev Mohanty
ce62984e52
Fix #6079 , Check nil when using read_exactly_n_bytes
2015-11-16 18:06:49 -06:00
wchen-r7
038d367d58
Fix #6247 , Update Meterpreter Usage on "Interact"
...
The "interact" command does not actually exist. Instead, users
should do "channel -i" to interact with a channel.
Fix #6247
2015-11-16 17:58:39 -06:00
wchen-r7
a78fa7c3d9
Fix #4273 , print error in create_session
...
Fix #4273
2015-11-16 17:17:20 -06:00
William Vu
24c41c9261
Land #6225 , wall(1)/write(1) post module
2015-11-16 12:47:35 -06:00
David Maloney
708cbe9479
change the default SMBDomain to .
...
Due to a recent change using WORKGROUP
as the SMBDomain causes Trust errors.
Using '.' instead works fine.
2015-11-16 12:20:27 -06:00
David Maloney
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
PsychoMario
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
PsychoMario
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
scriptjunkie
06a5b5b0bd
Land #6234 , Host header transport
2015-11-14 11:35:47 -06:00
Jon Hart
4a707b33a2
Add rspec coverage for cowsay. Achievement unlocked
2015-11-13 10:26:47 -08:00
Jon Hart
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
sammbertram
cd4aa28d11
Transport priority changes
...
Pass in the "lhost" and "lport" options to the default transport during the native payload. This takes the following LHOST priorities:
1. OverrideLHOST, only if OverrideRequestHost is TRUE
2. The request Host: header.
3. The LHOST datastore.
2015-11-13 13:21:46 +00:00
sammbertram
9d9865150b
Transport priority changes
...
Default transport request should set the priority to the Host: request header, and the subsequent OverrideRequestHost, OverrideLHOST, and OverrideLPORT options in the handler for reverse_http(s).
2015-11-13 13:19:01 +00:00
wchen-r7
0e121df69d
Need a default template
...
The set_template_default actually needs the second argument,
otherwise we hit a RuntimeError.
2015-11-12 15:17:03 -06:00
wchen-r7
aaea730508
Fix #6213 - Method to_linux_x86_elf fails to set set :template
...
:template by default is just the base name of the file, not the
fullname. Before we use it, we need to normalize it. Methods
in this class rely on set_template_default for normalization (
which can also handle a custom path), so we'll just use that too.
Fix #6213
2015-11-12 15:07:58 -06:00
scriptjunkie
8703987535
Add HTTPS and new transport support for hop
2015-11-11 21:25:23 -06:00
Brent Cook
a2fe2fbd5e
Land #6214 , #6060 , simplify framework gem layout and version scheme
...
This merges things up and removes duplicate gemspecs so we can easily make
framework gem releases for embedding in 3rd-party projects.
2015-11-11 15:04:21 -06:00
OJ
0afc5be3bc
Finalise set up of stageless init
2015-11-10 20:01:23 +10:00
OJ
a28ab216d3
Adding stageless init script support
2015-11-10 19:18:47 +10:00
Jon Hart
15eb135295
Resolve merge conflicts
2015-11-09 18:15:40 -08:00
Chris Doughty
f8a215e3cd
Adding changes to allow for easier version bumping
2015-11-09 15:56:03 -06:00
jvazquez-r7
ceaf7440a7
Send full message
2015-11-06 12:15:17 -06:00
jvazquez-r7
19652e79c3
Delete comments
2015-11-06 12:15:07 -06:00
jvazquez-r7
ca1502c00a
Fix SMTP send_message to not block
2015-11-06 12:14:59 -06:00
dmohanty-r7
a71d7ae2ae
Land #6089 , @jvazquez-r7 Fix HTTP mixins namespaces
2015-11-05 16:56:41 -06:00
James Lee
596b2b025d
Land #6173 , improve advanced, info, and options
2015-11-04 13:40:49 -06:00
James Lee
4d8ea7fb5c
Refactor more common stuff out of reverse handlers
2015-11-03 23:21:47 -06:00
Spencer McIntyre
1fbc4da36c
Fix tab completion for set StageEncoder
2015-11-03 17:32:41 -05:00
jvazquez-r7
00d09744fb
Land #6118 , @wchen-r7's new methods for Rex HTTP response
2015-11-03 10:42:42 -06:00
James Lee
7c2f9531d9
Don't stack trace if listener is on a dead session
2015-11-03 08:31:33 -06:00
HD Moore
07b34e8906
Missing types and parsing, more work left to go
2015-11-03 00:23:29 -06:00
William Vu
9b5149fc64
Land #6147 , report_vuln for CheckCode::Vulnerable
2015-11-02 17:24:06 -06:00
James Lee
2e837b26e8
Use a Queue instead of Array
2015-11-02 16:02:45 -06:00
Jon Hart
ced20ba51c
Refactor NTP symmetric packet creation; add vuln detection to NAK to the future
2015-11-02 12:46:58 -08:00
Jon Hart
a4c260f7be
Simplify docs
2015-11-02 09:51:40 -08:00
Jon Hart
0dc6f6605b
Remove errant options print
2015-11-02 09:48:48 -08:00
void-in
f629f98fdc
Resolve 6174, require meterpreter_options
2015-10-31 18:47:22 +05:00
Brent Cook
7f19d95ad8
Land #6146 , add show_mount command (initially for windows meterpreter sessions)
2015-10-30 17:37:30 -05:00
Brent Cook
cb403b8a36
Land #6077 , initial python meterpreter module support
2015-10-30 17:29:05 -05:00
Brent Cook
be23da1c1f
Merge branch 'upstream-master' into land-6120-python-stageless
2015-10-30 17:26:26 -05:00
Brent Cook
cddbcc52ab
Land #6171 , update to metasploit 4.11.5
2015-10-30 17:09:57 -05:00
Jon Hart
c54f034f62
Correct help feature
2015-10-30 12:34:34 -07:00
Jon Hart
377017a2d5
Include module name in advanced options output
2015-10-30 11:54:44 -07:00
Jon Hart
0091a05fa6
Add 'advanced' and 'options' commands to mirror 'info'
2015-10-30 11:54:40 -07:00
Jon Hart
6bfa6095c6
Add 'show info'; just calls 'info'
2015-10-30 11:54:35 -07:00
William Vu
f8a39ecc21
Land #6145 , better RPC exception handling
2015-10-30 13:25:52 -05:00
wchen-r7
977b3449b7
Fix #6085 , NoMethodError in vim_soap.rb
...
Fix #6085
2015-10-30 11:02:02 -05:00
Samuel Huckins
f064fec0f1
Bumped version to 4.11.5
...
MSP-13377
2015-10-30 09:37:00 -05:00
James Lee
344e8a6f90
Refactor common reverse options
2015-10-29 15:15:20 -05:00
James Lee
46159f5dbe
Back out the Comm stuff for HTTP
2015-10-29 14:22:34 -05:00
wchen-r7
4e20b8f369
Fix #5875 , Add report_vuln for Msf::Exploit::CheckCode::Vulnerable
...
Msf::Exploit::CheckCode::Vulnerable requires the module to be
explicit, as in actually triggering the bug and get a vulnerable
response, therefore it should be appropriate to use report_vuln
to report it.
Other vuln check codes (such as Appears, or Detected, etc) will
not call report_vuln, because it's not explicit enough.
2015-10-29 13:22:59 -05:00
OJ
c5643e52ff
Add support for the show_mount command (windows)
2015-10-29 07:28:33 +10:00
Louis Sato
657a5481dc
fix rpc session conditional to allow powershell read/write
2015-10-28 11:49:32 -05:00
wchen-r7
1805774b16
Resolve #6020 , Better RPC exception handling
...
Resolve #6020 . Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
Jon Hart
f2b6d37630
Add WIP module for Cisco Talos' NTP 'NAK to the future'
2015-10-27 18:10:07 -07:00
bigendian smalls
43dbdcea76
Removed process_autoruns from mainframe_shell
...
Removed process_autoruns until we can write a fully compatible one or
fully regression test the existing. Likely the former because of
encoding issues
2015-10-26 14:55:40 -05:00
William Vu
bbc1e43149
Remove raise, since it broke things
...
Need to pass through silently.
2015-10-26 14:45:21 -05:00
William Vu
43eae0b97f
Clean up Msf::Sessions::MainframeShell
2015-10-26 12:15:45 -05:00
bigendian smalls
d53be873dc
Updating master to metasploit/master
2015-10-26 09:24:24 -05:00
James Lee
71b8c97f0e
Always print PAYLOAD and LPORT in 'jobs'
2015-10-24 14:48:03 -05:00
wchen-r7
f6b9f38326
This method is not needed because Nokogiri does that already
2015-10-23 19:38:17 -05:00
wchen-r7
f2b4737e4a
Land #6127 , Fix #3859 Add support for registry_key_exist?
2015-10-23 10:59:57 -05:00
wchen-r7
b76192dbcb
Land #6099 , make_nops doesn't take into account all the compatible encoders
2015-10-22 21:26:25 -05:00
HD Moore
4bc2437e0b
Temporary hack to test
2015-10-22 20:00:47 -05:00
jvazquez-r7
d5a010c230
Add support for registry_key_exist?
2015-10-22 16:07:38 -05:00
Spencer McIntyre
810665847b
Add stageless python meterpreter to the payloads spec
2015-10-22 08:40:50 -04:00
Spencer McIntyre
8bb694fa5c
Add stageless Python Meterpreter for reverse tcp
2015-10-21 18:23:04 -04:00
wchen-r7
065d042ec4
Update doc a little bit
2015-10-21 16:29:27 -05:00
wchen-r7
12cdd786a6
Add more Nokogiri and RKelly support for Rex::Proto::Http::Response
...
These new methods allow the module writer to being able to parse
HTML/XML/JSON responses properly without using regex first.
2015-10-21 16:26:31 -05:00
HD Moore
ba14d6e77f
Add support for the TBD interval geo collection on Android
2015-10-20 15:39:51 -05:00
Brent Cook
4b271425c9
s/datstore/datastore/g
2015-10-20 13:05:49 -05:00
HD Moore
6748ccbb82
This method was moved to Rex::Ui::Text::Output
2015-10-19 10:43:38 -05:00
HD Moore
d7b8767afc
Fix #6105 by moving ``puts`` into the base class
2015-10-19 10:42:46 -05:00
jvazquez-r7
28ca34c40a
Fix conflicts
2015-10-16 15:38:59 -05:00
James Lee
d51f0ebd4c
Refactor "via" string into a method
2015-10-16 15:08:00 -05:00
jvazquez-r7
d85412b0fb
Complete fix for generation of nop sleds
2015-10-16 14:01:00 -05:00
jvazquez-r7
b788772215
break only if 'make_nops' is able generate the nop sled
2015-10-16 13:28:37 -05:00
Brent Cook
28685f0e55
Land #6090 , improve display of framework version in msfconsole
2015-10-16 12:09:00 -05:00