Commit Graph

30255 Commits (97f5cbdf08ddee733107443cc2c8c11d273f58a2)

Author SHA1 Message Date
rastating 93dc90d9d3 Tidied up some code with existing mixins 2015-01-08 20:53:56 +00:00
Brent Cook 0f7f75b1c0
Land #4557, FireFart's fix for faulting folly 2015-01-08 14:29:27 -06:00
Christian Mehlmauer a5b56c7d09
fix error 2015-01-08 19:48:29 +01:00
David Maloney fd7e65d459
derp just check db active
the other way of doing this was stupid, jsut check if
the db is active
2015-01-08 11:58:56 -06:00
Trevor Rosen 2a52bfd26d
Land #4554, metasploit-credential bump to 0.13.11 2015-01-08 09:49:08 -06:00
Trevor Rosen 14a35eb28a
Bump metasploit-credential to 0.13.11 2015-01-08 09:35:07 -06:00
OJ 8be813e51d
Merge runas updates from Meatballs1/update_bypass_uac 2015-01-08 21:21:19 +10:00
Meatballs a9fee9c022
Fall back to runas if UAC disabled 2015-01-08 11:07:57 +00:00
Meatballs 8f720ef766
Use get_env in runas 2015-01-08 11:07:40 +00:00
William Vu 3c4ec1d958
Land #4547, rm data/meterpreter/common.lib 2015-01-08 04:52:29 -06:00
William Vu ea793802cc
Land #4528, mantisbt_php_exec improvements 2015-01-08 04:50:00 -06:00
Meatballs 3c3d28b475
Land #4551, correct spelling in dns_bruteforce 2015-01-08 10:03:28 +00:00
OJ 844460dd87
Update bypass UAC to work on 8.1 and 2012
This commit contains a bunch of work that comes from Meatballs1 and
Lesage, and updates the bypassuac_inject module so that it works on
Windows 8.x and Windows 2012. Almost zero of the code in this module
can be attributed to me. Most of it comes from Ben's work.

I did do some code tidying, adjustment of style, etc. but other than
that it's all down to other people.
2015-01-08 15:39:19 +10:00
William Vu 0604b2ecc7
Land #4542, invalid splat URL fix 2015-01-07 22:54:22 -06:00
EricGershman 0496bb16bc Minor spelling fix 2015-01-07 23:43:59 -05:00
Samuel Huckins f0261a418c
Lands #4535, report_auth_info shoring up 2015-01-07 16:32:14 -06:00
David Maloney 001b6d913e
allows loginscanners to work without db
created stub methods around the credential
creation methods modules would use from
Metasploit::Credential, they try to call the real ones
but rescue a NoMethodError that arises if framework is setup
without the db. it just prints a message to the console
telling the user the cred data will not be saved

MSP-10969
2015-01-07 16:09:04 -06:00
Meatballs e6f53ebcbc
Remove duplicate rhosts 2015-01-07 22:04:01 +00:00
rastating 7b92c6c2df Add WP Symposium Shell Upload module 2015-01-07 22:02:39 +00:00
Meatballs dccd21a559
Resolve #3870, reinstance creds -R 2015-01-07 22:01:45 +00:00
Brent Cook 32ddd5ccb4 delete unused library from meterpreter dir
common.lib is only used by the build process, not MSF
2015-01-07 16:00:37 -06:00
David Maloney f2c22b6dc7
corrected schema 2015-01-07 15:38:39 -06:00
James Lee da2e088118
Land #4536, Ruby 2.2 compat fixes
Note that ActiveRecord 3.2.21 still has a similar warning that will
probably cause bugs, preventing full support for 2.2 until that's fixed.
2015-01-07 15:33:23 -06:00
David Maloney a491f22a09
migration update 2015-01-07 15:32:31 -06:00
Meatballs e3e9a64064
Land #4543, Update john.conf with korelogic rules 2015-01-07 21:30:44 +00:00
Meatballs bdbb26ba31
Land #4540, resolves #4532, honour DB_ALL_* options 2015-01-07 21:12:23 +00:00
David Maloney fcf0a3f096
pull latest credential 2015-01-07 15:09:01 -06:00
Meatballs 361057ce6e
Land #4544, resolves #4511 - fix rails log location 2015-01-07 20:58:26 +00:00
Meatballs 0b0ac1455a
Merge remote-tracking branch 'upstream/master' into extapi_service_post
Conflicts:
	test/modules/post/test/services.rb
2015-01-07 20:53:34 +00:00
Meatballs db367895a8
Land #4491, Fix test modules 2015-01-07 20:48:49 +00:00
Brent Cook 0c94536b87 make post service manipulation tests work
Fix a funny default service name, adjust test to be case-agnostic.

winmgmt on Windows XP and Windows 8 have different capitalization for this
service. I'm not sure why it's a module parameter though - the test will still
fail if its anything other than winmgmt.

The following RC script has 7 successful outputs when run against a reverse_tcp shell.

Run a reverse_tcp stager and the following RC script to run the test

```
loadpath test/modules
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.43.1
run -j
sleep 5
use post/test/services
set SESSION 1
run
```

Note: this test still doesn't run very reliably on windows 8 unless you're
using the code from rapid7/meterpreter#107 and #4411, though it runs ok on
Windows XP.
2015-01-07 13:31:16 -06:00
Brent Cook c96c8a03cf CmdStagerVBS is now in Rex::Exploitation
```
 $ ./msfconsole -qx "loadpath test/modules/; exit"
 Loaded 32 modules:
     12 auxiliarys
	 12 exploits
	 8 posts
```
2015-01-07 13:31:15 -06:00
David Maloney 82d129bfc4
Merge branch 'master' into feature/jtr-korelogic-rules-update 2015-01-07 12:42:23 -06:00
David Maloney 9bcb3b95cd Merge branch 'master' of github.com:rapid7/metasploit-framework 2015-01-07 12:41:43 -06:00
David Maloney df70678762
tell suer KoreLogic rules have been applied
make sure to rpovide console feedback that we are
actually applying the KoreLogic rules to wordlist mode
2015-01-07 12:36:07 -06:00
David Maloney 4ad7021336
give user option to turn on KoreLogic rules
the cracker modules in framework now have a datastore option
to allow the user to select the KoreLogicRules
2015-01-07 12:32:26 -06:00
David Maloney 5480cb81f5
add updated KoreLogic rules to john.conf
updated our shipped john.conf to include a
more up to date version of the KoreLogic JtR rules.
They add overhead to the cracking time but are
probably some of the best/most effective JtR
rules out there.
2015-01-07 12:25:04 -06:00
sinn3r ef97d15158 Fix msftidy and make sure all print_*s in check() are vprint_*s 2015-01-07 12:12:25 -06:00
David Maloney 5d68d48ca5
Land #4385, fixes bruteforce_speed validator
bruteforce_speed validator now accepts nil
2015-01-07 12:09:25 -06:00
David Maloney 702511dbc5
respect DB_ALL_USERS & DB_ALL_PASS
fix last few things in authbrute
and make the CredentialCollections understand the
additional seperate components

MSP-11986
2015-01-07 11:41:41 -06:00
David Maloney 7ff2ba0725
first pass on fixing DB_ALL authbrute stuff
DB_ALL_CREDS worked but DB_ALL_USER and DB_ALL_PASS
did not. working on fixing that.
This commit also does some nice DRY work in the auth_brute mixin

MSP-11986
2015-01-07 11:30:39 -06:00
Meatballs aef8c702d7
Filter creds by type 2015-01-07 17:19:31 +00:00
James Lee 3e80efb5a8
Land #4521, Pandora FMS upload 2015-01-07 11:13:57 -06:00
James Lee 1ccef7dc3c
Shorter timeout so we get shell sooner
The request to execute our payload will never return, so waiting for the
default timeout (20 seconds) is pointless.
2015-01-07 11:11:33 -06:00
sinn3r 4c240e8959 Fix #4098 - False negative check for script_mvel_rce
Fix #4098, thanks @arnaudsoullie
2015-01-07 10:40:58 -06:00
James Lee efe83a4f31
Whitespace 2015-01-07 10:19:17 -06:00
Trevor Rosen 3ba3465afb
Ensure logging in ~/.msf4/log
Fix #4511
2015-01-07 09:37:07 -06:00
Christian Mehlmauer 09bd0465cf
fix regex 2015-01-07 11:54:55 +01:00
rcnunez b3def856fd Applied changes recommended by jlee-r7
used Rex::ConnectionError
refactor begin/rescue blocks
removed ::URI::InvalidURIError
changed @peer with peer
used Exploit::CheckCode:Appears instead of Exploit::CheckCode::Vulnerable
2015-01-07 18:38:19 +08:00
Christian Mehlmauer eaad4e0bea
fix check method 2015-01-07 11:01:08 +01:00