infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
26,826 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

2853 Commits (97754afe4f2e2ee6056d753e76ac06430ea9390f)

Author SHA1 Message Date
Jeff Jarmoc 5f523e8a04 Rex::Text::uri_encode - make 'hex-all' really mean all. 
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes'  It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
 2014-05-12 11:26:27 -05:00
Lutz Wolf 66252ba9e5 support negation in portspec 2014-05-08 21:35:35 +02:00
Meatballs 3542f851bf Fix some yarddoc issues 2014-05-05 22:45:41 +02:00
Meatballs dc38212741
Fix function parsing 2014-05-05 20:53:36 +01:00
Meatballs 0b886db406
Script specs and remove unknown method 2014-05-05 19:01:36 +01:00
Meatballs 0177e51148
Finish obfu specs and use rig 2014-05-05 18:47:25 +01:00
Meatballs 6ab85027a4
More spec 2014-05-05 17:47:30 +01:00
Meatballs 162b6a8ab9
Add output spec 2014-05-05 14:48:18 +01:00
Meatballs 399928cf69
Remove unnecessary requires 2014-05-05 13:37:17 +01:00
Rob Fuller c3fb5bf614 fix a few clarical errors and typos 2014-04-29 22:42:26 -04:00
James Lee 4bd2dabfcd
Land #3121, new kiwi extension, with compiled bins 
See also rapid7/meterpreter#79
 2014-04-29 17:53:37 -05:00
Meatballs b860cecad6
Function spec (doesnt pass) 2014-04-28 14:09:39 +01:00
Meatballs 8031e50d35
Make Exploitation::Powershell testable 
Example test
 2014-04-26 13:27:25 +01:00
Meatballs 98d2b2293b
Unnecessary return 2014-04-26 13:05:47 +01:00
Meatballs be10c8e4ac
Split Rex::Exploitation::Powershell::* into individual files 2014-04-26 12:59:43 +01:00
Meatballs 206184007f
Move methods and rename file so it is run by rspec 2014-04-25 15:16:15 +01:00
Meatballs 32fa8748a8
Fix up decompress 2014-04-23 05:20:54 +01:00
Meatballs e774411b63
Revert Enum removal 
.NET 4.5 has two constructors with 2 args so this becomes ambiguous
 2014-04-23 02:06:14 +01:00
Meatballs d2e8e07cfe
Fix old powershell generation 2014-04-23 01:58:02 +01:00
Meatballs dd38a81dfc
Fix a @parma 2014-04-23 01:10:13 +01:00
Meatballs 647936e291
Add more yarddoc to Rex::Exploitation::Powershell 
encode_code doesn't use eof
no need to unicode encode in gzip as this is handled by encode_code
 2014-04-23 01:07:54 +01:00
Meatballs 86cfecdd95
Shave some chars off compression code 2014-04-22 14:52:30 +01:00
Meatballs 354311d191
No need to out-null if no windows is shown 2014-04-22 14:42:03 +01:00
Meatballs cec12edd99
Use enum integer values 2014-04-22 14:40:32 +01:00
Meatballs 71b43d392b
Dont need to specify ASCII mode 2014-04-22 14:36:02 +01:00
James Lee 49bd86f077
Clean up yardocs and a few style issues 2014-04-21 03:12:23 -05:00
Meatballs c936dc963c
Shorten compression 2014-04-19 18:55:45 +01:00
Meatballs 67f44072ca
Merge remote-tracking branch 'upstream/master' into pr2075 2014-04-19 18:45:55 +01:00
RageLtMan 9f05760c50 Merge with Meatballs' initial changes 
Clean up arch detection code and dedup Msf/Rex
Reduce generated payload size
 2014-04-18 00:28:48 -04:00
RageLtMan 5c3289bbc6 merge fix 2014-04-17 21:26:04 -04:00
Meatballs 38d8df4040
Merge remote-tracking branch 'upstream/master' into pr2075 
Conflicts:
	modules/exploits/windows/local/wmi.rb
 2014-04-15 22:06:45 +01:00
Meatballs 02b11afddc
Merge remote-tracking branch 'upstream/master' into netapi_change_passwd 
Conflicts:
	lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
 2014-04-15 21:23:45 +01:00
Meatballs fc018eb32e
Initial commit 2014-04-15 21:05:06 +01:00
joev e09f887c4c Revert "Fixes large-string expansion in JSObfu." 
This reverts commit 14fed8c610.
 2014-04-11 16:51:47 -05:00
joev 4cb04b6b9a Revert "Use implicit return for assignment." 
This reverts commit 49139cc07f.
 2014-04-11 16:51:40 -05:00
joev 21b2697b95 Revert "Use tiny var names by default." 
This reverts commit 52432ef482.
 2014-04-11 16:51:34 -05:00
joev d41b3467f8 Revert "Re-add the #random_string(len) method to pass specs." 
This reverts commit bd8918e4e1.
 2014-04-11 16:51:21 -05:00
sinn3r a6a6ad2217
Land #3227 - Remove bundled rkelly, to Gemfile 2014-04-10 12:31:59 -05:00
sinn3r 68a50e3663
Land #3224 - Fixes large-string expansion in JSObfu 2014-04-10 12:09:22 -05:00
Joe Vennix bd8918e4e1
Re-add the #random_string(len) method to pass specs. 2014-04-09 17:44:48 -05:00
Joe Vennix 57aa1eec11
Kick rkelly out to a gem, add rkelly-remixed. 
rkelly-remixed is a faster fork of rkelly that is more frequently updated
nowadays. With the new gem, jsobfu obfuscates os.js about twice as fast on
my dev environment.
 2014-04-09 17:21:22 -05:00
Joe Vennix 52432ef482 Use tiny var names by default. 2014-04-09 16:54:02 -05:00
Joe Vennix 49139cc07f Use implicit return for assignment. 2014-04-09 15:48:07 -05:00
Joe Vennix 14fed8c610 Fixes large-string expansion in JSObfu. 2014-04-09 15:45:48 -05:00
Meatballs ae3ead6ef9
Land #2107 Post Enum Domain Users 2014-04-09 11:32:12 +01:00
jvazquez-r7 80b069f161 Add support for spoofed zip Central Dir names at Entry level 2014-04-07 09:21:26 -05:00
jvazquez-r7 46e6f937f1 Revert "Add central directory zip spoofing" 
This reverts commit d0700e8ac4.
 2014-04-07 08:50:33 -05:00
jvazquez-r7 d0700e8ac4 Add central directory zip spoofing 2014-04-07 08:49:49 -05:00
jvazquez-r7 6d72860d58
Land #3004, @m-1-k-3's linksys moon exploit 2014-04-04 14:04:48 -05:00
William Vu 9779913060
Land #3184, Rex::Proto::Http::Client IOError fix 2014-04-03 15:58:50 -05:00
joev 42d59d269e Check #closed? instead of rescuing. 2014-04-03 14:20:48 -05:00
joev 98628b814e Prevent Rex::Proto::Http::Client from raising on close. 2014-04-03 11:36:18 -05:00
OJ 670a0c8e0f
Merge branch 'upstream/master' into ext_server_kiwi 2014-04-02 19:36:42 +10:00
OJ e61e532223 Add support for extraction of wifi profile creds 2014-04-02 17:16:40 +10:00
OJ 1d46e65897 Update to match meterpreter changes 
This also includes the ability to specify id and groups for the
golden ticket feature.
 2014-04-02 12:29:35 +10:00
Tod Beardsley 1b0fe74da5
Use Array#sample in email generators. 2014-04-01 14:11:23 -05:00
Tod Beardsley 8ab03f3aeb
Use Array#sample in randomize_space 2014-04-01 14:09:07 -05:00
Tod Beardsley ec7bb6de54
Land #2969, random name generator for phishing 2014-04-01 13:00:55 -05:00
William Vu 8bd5d10052
Use rand_hostname in rand_mail_address 2014-03-28 16:44:49 -05:00
jvazquez-r7 8f1e55de5a Use ObfuscateJS 2014-03-28 11:08:38 -05:00
jvazquez-r7 da6a428bbf Modify libs to support explib2 2014-03-28 10:44:52 -05:00
OJ 86ddd24d26 Update to use Rex::Text and change handling a bit 
This change also outputs blank creds so that users know which
accounts have blank passwords
 2014-03-28 16:12:51 +10:00
OJ 65e204e834 Modify the menu item descriptions 2014-03-28 11:03:38 +10:00
OJ 3a42cb8a46 Fix typo in kiwi help 2014-03-28 11:03:03 +10:00
Tod Beardsley 8e7f12e30e
Land #3085, service_control support 
This depends on rapid7/meterpreter#77 to function
 2014-03-19 08:43:17 -05:00
Tod Beardsley 04b5d71fa5
Land #3061, enhance clipboard dump 
This depends on rapid7/meterpreter#75 to function
 2014-03-19 08:42:36 -05:00
Tod Beardsley 35b94b04bf
Land #2889, WMI support 
This depends on rapid7/meterpreter#69 to actually be useful.
 2014-03-19 08:42:03 -05:00
OJ 11f9bfadb1 Final bits of documentation and code tweaking 2014-03-19 18:40:53 +10:00
OJ 84728c9fc9 Code tidying and defaulting to empty strings for table format 2014-03-19 16:19:23 +10:00
OJ 959cedb9b1 Bit more code tidying 2014-03-19 16:19:05 +10:00
OJ f80c7b7b51 Fix silly typo 2014-03-19 15:55:12 +10:00
OJ 0dcf992781 Add comments to the kiwi source 2014-03-19 15:45:53 +10:00
OJ 3635fff98e Add support for kerberos ticket enumeration 
Fix up a bunch of other issues and do some code tidies too.
 2014-03-19 14:25:11 +10:00
OJ 91e198fd63 Add SAM key dump in LSA dumping output 2014-03-18 09:45:31 +10:00
OJ dfb4b22015
Merge branch 'upstream/master' into ext_server_kiwi 2014-03-18 08:08:45 +10:00
William Vu 9eada528d7
Land #3097, Rex::Text.uri_encode RFC 3986 fix 2014-03-14 15:38:24 -05:00
OJ a9758413c0 Add lsa secret dumps plus other tweaks 2014-03-14 19:50:01 +10:00
Tod Beardsley 520d1e69c4
Rapid7 Comma Inc 
After some more discussion with Rapid7's legal fellow.
 2014-03-13 09:46:20 -05:00
Tod Beardsley 9d4ceaa3a0
Let's try to be consistent about Rapid7 Inc. 
According to

http://www.sec.gov/Archives/edgar/data/1560327/000156032712000001/0001560327-12-000001.txt

Rapid7 is actually "Rapid7 Inc" not "Rapid7, LLC" any more.

This does not address the few copyright/license statements around
"Metasploit LLC," whatever that is.
 2014-03-12 11:20:17 -05:00
sinn3r b431bf3da9
Land #3052 - Fix nil error in BES 2014-03-11 12:51:03 -05:00
OJ 1d70411ea7 Support service_control and new status field in query 
This code adds support for the new service_control feature in meterpreter
and also supports the status field that comes from the service_query function.
 2014-03-11 14:50:19 +10:00
sinn3r c76a1ab9f4
Land #3065 - Safari User-Assisted Download & Run Attack 2014-03-07 10:29:56 -06:00
Joe Vennix 9638bc7061 Allow a custom .app bundle. 
* adds a method to Rex::Zip::Archive to allow recursive packing
 2014-03-06 16:11:30 -06:00
William Vu 096d6ad951
Land #3055, heapLib2 integration 2014-03-05 15:48:13 -06:00
Joe Vennix 5790547d34 Start undoing some work. 2014-03-04 17:01:53 -06:00
Tod Beardsley 6e88bbd827
No need for that kind of language 2014-03-04 14:34:50 -06:00
OJ 0bdce4836f Modify clipboard dump to support new format from Meterpreter 2014-03-04 19:37:57 +10:00
Joe Vennix 3360f7004d Update form_post vars, add Expires to cookie. 2014-03-03 23:29:02 -06:00
Joe Vennix 6c3b667152 Kill extra comma. 2014-03-03 16:48:02 -06:00
Joe Vennix bfecf9525d Add Rex::RandomIdentifierGenerator. 2014-03-03 16:43:49 -06:00
Joe Vennix 517a85d141 Remove unneeded quotes. 2014-03-03 15:42:46 -06:00
Joe Vennix b3ab8f7ce1 Make random_var_name public, add specs for it. 2014-03-03 15:39:56 -06:00
Joe Vennix ae9ce962c0 Add future reserved words. 
Gotta stay ahead of the game.
 2014-03-03 14:59:46 -06:00
Joe Vennix dd86a9188c Prevent jsobfu from generating duplicate/reserved tokens. 
I got an error from a script that tried to 'set void = 1'.
 2014-03-03 14:56:50 -06:00
sinn3r ee1209b7fb This should work 2014-03-03 11:53:51 -06:00
OJ e0438f570b
Merge branch 'upstream/master' into ext_server_kiwi 2014-03-03 17:28:44 +10:00
Joe Vennix b458b8ad63 Add specs for new methods. 2014-03-02 20:23:20 -06:00
Joe Vennix 46f27289ed Reorganizes form_post into separate file. 2014-03-02 19:55:21 -06:00
Meatballs 8dee9b22c3
Reinstate to_byte_array 2014-03-02 22:07:47 +00:00
Meatballs 2acd0a1b1e
Reinstance encode_code 2014-03-02 21:03:31 +00:00
Meatballs 2885ebcb40
Merge remote-tracking branch 'upstream/master' into pr2075 2014-03-02 20:57:02 +00:00
Meatballs c9a2135959
Merge in semperv 2014-03-02 19:07:13 +00:00
sinn3r 8cf5c3b97e Add heaplib2 
[SeeRM #8769] Add heapLib2 for browser exploitation
 2014-03-02 11:47:18 -06:00
FireFart 8543da0fbd Corrected uri_encode 2014-03-01 11:30:50 +01:00
jvazquez-r7 6c490af75e Add randomization to Rex::Zip::Jar and java_signed_applet 2014-02-27 12:38:52 -06:00
Michael Messner dbbd080fc1 a first try of the cmd stager, wget in a seperated module included 2014-02-23 20:59:17 +01:00
jvazquez-r7 4ca4d82d89
Land #2939, @Meatballs1 exploit for Wikimedia RCE and a lot more... 2014-02-18 17:48:02 -06:00
Meatballs 6f988209ab
Merge remote-tracking branch 'upstream/master' into enum_domain_users_update 2014-02-18 20:02:39 +00:00
Tod Beardsley 8e0a4aaa58
Land #2983, webcam_chat for Meterpreter 2014-02-18 13:43:42 -06:00
sinn3r 0519abb558 Fix the wrong conversion 2014-02-17 23:17:19 -06:00
jvazquez-r7 f07efc91a8 Land #2915, @Meatballs1 improvements for LDAP post mixin 2014-02-17 19:14:59 -06:00
Meatballs f5c401bee7
Yarddocs 2014-02-14 22:59:36 +00:00
Meatballs b8b36ef528
Merge remote-tracking branch 'upstream/master' into pr2075 2014-02-14 22:52:55 +00:00
sinn3r d606be5efb That's funny I changed the wrong method 2014-02-13 16:41:18 -06:00
sinn3r 5d3eed8600 Add info about browser requirements in help 2014-02-13 16:37:05 -06:00
sinn3r 9c48335764 Change to google.com 2014-02-13 16:30:44 -06:00
sinn3r a44f235a8d Fix things based on Tod's feedback 2014-02-13 16:13:42 -06:00
RageLtMan 29bf296b61 import rex powershell 2014-02-12 16:45:57 -05:00
RageLtMan b453362a52 Merge remote-tracking branch 'upstream/pr/2966' into integrate_with_meatballs 2014-02-12 16:43:30 -05:00
jvazquez-r7 ff267a64b1 Have into account the Content-Transfer-Encoding header 2014-02-12 12:40:11 -06:00
sinn3r 45d4b1e1fd
Land #2958 - Add options: Applicaiton-Name, Permissions for jar.rb 2014-02-12 11:14:25 -06:00
sinn3r 750ce3c4db Make server configurable 2014-02-11 23:07:43 -06:00
OJ beca4b8bc3 Fix issue with getenv failing 
The call to `getenv` failed when `%` or `$` were used because of the
differences between Meterpreter handling and MSF handling.

Meterpreter effectively ignores (ie. strips out) the platform-specific
characters which are used for environment variables. In the `getenv`
call, MSF was invoking `getenvs` and getting a full hash of values, then
attempting to index into the hash using a string which may be "polluted"
with those platform-specific characters. This meant that there was a
discrepency between what was returned and what was used to index and
as a result, the value would come out as `nil`.

For example, calling `getenv('%FOO%')` would result in a hash with
`{'FOO'=>'bar'}`, so looking for '%FOO%' in this result would yield
nothing.

This commit changes this so that the name is ignored and the first
value is returned.
 2014-02-12 13:51:30 +10:00
jvazquez-r7 51df2d8b51 Use the fixed API on the mediawiki exploit 2014-02-11 08:28:58 -06:00
sinn3r 2bb15d3a87 answerer's interface gets a makeover 2014-02-11 02:15:22 -06:00
jvazquez-r7 79d559a0c9 Fix MIME message to_s 2014-02-10 22:23:23 -06:00
sinn3r fdd696fc31 Drop Opera support 
It's sad nobody is actually using it. See article: "Across desktop and
mobile, Chrome is used more than Firefox, IE, and Opera combined" -
thenextweb.com
 2014-02-10 18:03:42 -06:00
sinn3r 1414f6794c Change the name of the video chat command 2014-02-10 17:44:47 -06:00
sinn3r 44282d8a83 Add an exception handling 2014-02-10 17:06:56 -06:00
sinn3r 1114913298 Automatically turn on webcam in Firefox 2014-02-10 17:05:08 -06:00
sinn3r 48fdb08164 Add flag --use-fake-ui-for-media-stream 
Thanks Joev!!
 2014-02-10 14:47:25 -06:00
Matteo Cantoni 427fece52c Add random mail address function 2014-02-10 21:04:44 +01:00
jvazquez-r7 57320a59f1 Do small clean up for mediawiki_thumb pr 2014-02-10 08:57:09 -06:00
sinn3r 93ef3c784d Update some JavaScript and other things 2014-02-08 22:23:19 -06:00
sinn3r b279c45db5 Update open_webrtc_browser method 2014-02-08 20:47:02 -06:00
sinn3r 0d24f06109 Not adding remote support for Linux meterpreter, here's why 2014-02-08 20:30:53 -06:00
sinn3r be8538f3bd Tweak video attributes 2014-02-08 19:56:43 -06:00
sinn3r 8d55104712 Random channel 2014-02-08 19:36:33 -06:00
sinn3r e25767ceab More progress 2014-02-08 17:28:15 -06:00
sinn3r 3f9ad8a6d5 Fix bugs and stuff 2014-02-08 16:11:39 -06:00
Meatballs c37cb5075c
Merge remote-tracking branch 'upstream/master' into pr2075 2014-02-08 22:11:31 +00:00
Meatballs c76862b391
Reduce payload size 2014-02-08 22:11:17 +00:00
sinn3r 22cc665115 More error handling 2014-02-08 16:06:51 -06:00
sinn3r 07ad99ba3a Remove unnecessary methods 2014-02-08 15:51:33 -06:00
sinn3r a70c77c9eb Handle some more exceptions 2014-02-08 15:51:11 -06:00
sinn3r 325214e37f Fix bugs and stuff 2014-02-08 15:41:44 -06:00
Meatballs b10df54dbb
Dont need to encode the compress payload 2014-02-08 21:34:51 +00:00
Meatballs 09c48358f4
Retab rex powershell 2014-02-08 20:43:04 +00:00
sinn3r e8ec6d1062 Rename command name 2014-02-08 03:53:49 -06:00
sinn3r ee1900c273 progress 2014-02-08 03:29:15 -06:00