infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
40,704 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

12643 Commits (98e191794a4ce937b4af4c4a50ca545bacd5aab0)

Author SHA1 Message Date
Brent Cook e74239b30f allow reusing the already-generated payload uuid in generate_uri_uuid_mode 2016-12-27 15:37:39 -06:00
wchen-r7 81b310f928
Up to date 2016-12-23 17:24:01 -06:00
wchen-r7 5e5aa8cd03 Fix a typo 2016-12-23 16:23:24 -06:00
wchen-r7 144f886e8b Add LoginScanner module for BAVision IP cameras 2016-12-23 16:22:17 -06:00
Metasploit f50fa516f4
Bump version of framework to 4.13.10 2016-12-23 10:01:58 -08:00
OJ 99da91e278
Adjust golden ticket creation to force params when SYSTEM 2016-12-23 20:29:00 +10:00
OJ 894ed4957f
Add help where appropriate 2016-12-23 10:51:33 +10:00
OJ 93a280dfc1
Merge upstream/master ready for PR 2016-12-23 10:20:53 +10:00
OJ 34e3a17fda
Remove unused Kiwi TLVs 2016-12-23 09:57:57 +10:00
William Webb 5702bd6745
Land #7674, Move migration stub generation code into msf 2016-12-22 17:53:00 -06:00
OJ 4c150a10c2
Update to use new base64 flags for kiwi 2016-12-23 09:40:11 +10:00
OJ c97e6ae1e8
Handle stupid merge from OJ's upstream 2016-12-23 09:00:27 +10:00
OJ e6e2388256
SSP creds and golden tickets 2016-12-23 08:34:16 +10:00
wchen-r7 50db1e295f
Land #7718, Fix undef method read_timeout in smb object 2016-12-22 15:12:51 -06:00
Brent Cook eeb1bdcff5
Land #7731, fix risk score and risk factor imports via nexpose plugin 
Merge remote-tracking branch 'upstream/pr/7731' into upstream-master
 2016-12-22 01:15:01 -06:00
Brent Cook 9e75866188
Land #7738, Add sort by column to services and hosts commands 2016-12-22 01:10:45 -06:00
William Vu 445af29d07
Land #7739, async output revert until fixed 2016-12-21 00:40:54 -06:00
William Vu 4098c66efb Restore MinGW code and use =begin/=end for indent 2016-12-21 00:38:08 -06:00
William Vu 0221d2d904
Land #7735, make assigning payloads fast again! 2016-12-21 00:16:52 -06:00
William Vu f95136ce67 Prefer && over and 2016-12-21 00:16:33 -06:00
Brent Cook d0d84b418b disable async output until we have a better handle on new quirks 2016-12-20 23:50:43 -06:00
William Vu 574ebd07d7 Update cmd_hosts 2016-12-20 23:32:10 -06:00
h00die cc293f06fe
Adds some fail safes to cmd_use 2016-12-20 22:08:41 -05:00
William Vu 60d5cefd68
Land #7727, nuke sess from orbit 
Replace with consolidated sessions command.
 2016-12-20 20:35:20 -06:00
William Vu 6e830a886e
Land #7737, print_warning on session_compatible? 2016-12-20 20:11:11 -06:00
OJ 1098bc6d90
Warn user when session not compat instead of failing 
This commit changes the post mixin so that the session compat check only
shows a warning rather than throwing an exception and stopping the
module from working completely.

This is off the back of the discussion involved with #7736
 2016-12-21 11:14:52 +10:00
William Vu 11e3e1f3dd Handle a couple more edge cases 
I don't want to go any further down the rabbit hole.
 2016-12-20 18:36:22 -06:00
William Vu 41605c533c Add reference name enforcement to cmd_use 2016-12-20 18:21:24 -06:00
Brent Cook efb015facc make assigning payload fast again 
This streamlines the check for whether the currently-selected payload is
compatible on assignment. Rather than building the entire list of
compatible payloads, and seeing if what the user typed is in it (and
making multiple giant lists on the way), we simply check the module the
user typed directly.
 2016-12-20 17:39:09 -06:00
PartyImp 02cbbfd3f2 fixes #7707: risk_factor and risk_score in the nexpose plugin 2016-12-20 18:31:32 +00:00
OJ 0bca485858
Continue work on enabling kiwi functionality 2016-12-20 18:25:48 +10:00
OJ ee4caba646
Remove `terminal` and tweak `sessions` 
Hopefully everyone is now happy!
 2016-12-20 07:50:07 +10:00
OJ 74040c4ee6
Rename the `sess` command to `terminal` 
Lots of people have been frustrated by the `sess` command as it mucks
with the autocomplete for `sessions`. This is a fair concern, especially
given that `sess` was intended to be a non-annoying shortcut.

This commit changes the `sess` command so that it is instead called
`terminal`. I couldn't think of a better option that didn't already
clash with another name or meaning. At least `terminal` is something
that doesn't clash, doesn't muck with any existin autocomplete rules,
and is in some way another name for the existing sessions.

Feedback appreciated!
 2016-12-19 17:05:04 +10:00
Metasploit 3a998fada2
Bump version of framework to 4.13.9 2016-12-18 13:22:52 -08:00
Sonny Gonzalez 2e198ae2a8
Land #7721, better smtp connection error messages 2016-12-18 14:38:13 -06:00
Adam Cammack 62d8cc7b21
Handle some error conditions with SMTP delivery 2016-12-16 16:06:02 -06:00
dmohanty-r7 f74fd9e5dd
Land #7672, support LOCKED_OUT and DISABLED login status 2016-12-16 15:11:05 -06:00
Justin Angel 318c0eda81 Update to line 126 
Line originally references the read_timeout instance variable associated with the smb variable (line 118 || 120), which is an object of the simpleclient class that doesn't have a read_timeout instance variable. Updated the line to reference the client instance variable of smb, which does have a read_timeout variable. Testing this change appears to result in expected behavior.
 2016-12-16 14:24:02 -05:00
Metasploit c5c710f837
Bump version of framework to 4.13.8 2016-12-16 10:02:02 -08:00
jinq102030 f29c9a7c45 Merge pull request #7716 from acammack-r7/smtp-deliver-ssl 
Make SMTP delivery work with a range of server SSL
 2016-12-16 08:58:55 -06:00
David Maloney 8b02f422f7 add meterpreter cmd interaction to console 
add the -C flag to the sessions command to trigger
meterpreter commands on sessions without going
full interactive
 2016-12-15 23:17:06 -06:00
Adam Cammack 47df88a5cc
Make SMTP delivery work with a range of server SSL 2016-12-15 16:57:08 -06:00
David Maloney ca1cc11d9f
Land #7713, scriptkittie fix for SessionLogging 
lands a fix for loggers not handling a nil message
Fix for #7687
 2016-12-15 14:42:40 -06:00
David Maloney e7eece60d8
add a nil catch to timestamp file sink 
an additional nil guard is needed here just to be sure
 2016-12-15 14:41:49 -06:00
cypher 27ba8f00df check for nil msg in print_error 2016-12-14 21:10:10 -08:00
Brent Cook fa016de78a
Land #7634, Implement universal HTTP/S handlers for Meterpreter payloads 2016-12-13 18:13:22 -06:00
William Vu ad7b3dac2d Account for negative indices 2016-12-12 14:24:24 -06:00
William Vu b9e9d97479 Add -O (order_by) to services (cmd_services) 2016-12-12 14:24:24 -06:00
Brent Cook 082a8949e4
Land #7694, Initial stageless mettle payloads 2016-12-12 13:01:31 -06:00
OJ 505cc19662
Update reverse_tcp to show TCP listener information 
Also update the readable text to only output the listener information if
it differs from the payload information.
 2016-12-12 15:56:26 +10:00
OJ 609c8da772
Re-add wifi support, start work on kerberos stuff 2016-12-10 11:20:16 +10:00
Adam Cammack ccba73b324
Add stageless mettle for Linux/zarch 2016-12-09 18:30:52 -06:00
Adam Cammack 7d36d41b20
Add stageless mettle for Linux/ppc64le 2016-12-09 18:27:22 -06:00
Adam Cammack ee7d5fc0c9
Add stageless mettle for Linux/ppc 2016-12-09 18:25:57 -06:00
Adam Cammack 7aec68c1fe
Add stageless mettle for Linux/mips64 2016-12-09 18:21:52 -06:00
Adam Cammack b74482aa6e
Add stageless mettle for Linux/armbe 2016-12-09 18:18:22 -06:00
Adam Cammack 12b296ab1a
Add stageless mettle for Linux/aarch64 2016-12-09 18:05:34 -06:00
Metasploit 12af07d8cb
Bump version of framework to 4.13.7 2016-12-09 10:03:22 -08:00
David Maloney a267101413
Land #7670, bwatter's fix for prompt newline 
land's brendan's fix for console output getting truncated
 2016-12-09 10:44:46 -06:00
Brent Cook 50f95f9940
Land #7681, Get ready for stageless mettle 2016-12-09 09:31:47 -06:00
James Lee b9a7ed915a
Land #7677, make sure the source file gets closed 
... when downloading a file.
 2016-12-08 16:50:23 -06:00
Adam Cammack eeef8fa6ad
Add new arches to UUIDs 2016-12-08 16:29:43 -06:00
Jon Hart 4614b7023d
Land #7604, @godinezj's post module for creating AWS IAM accounts 2016-12-08 14:26:22 -08:00
Jon Hart aaa49550a7
Move call_api printing to verbose 2016-12-08 11:20:53 -08:00
Artem 9a7c0eb7b6 Fix cloe file 2016-12-08 21:28:39 +03:00
OJ d0696a09ad
Move migration stub generation into MSF 
This code adds support for transport-specific migration stubs to be
generated in MSF rather than having them hard-coded in Meterpreter.
 2016-12-08 16:01:13 +10:00
wchen-r7 0110b97fa2 Fix #7671, support LOCKED_OUT and DISABLED login status 
This allows login scanner modules to skip a user if it is
locked out, or disabled.

Fix #7671
 2016-12-07 16:49:16 -06:00
wchen-r7 ba9ce3fcfb
Land #7665, Add ABORT_ON_LOCKOUT option for smb_login 2016-12-07 15:52:50 -06:00
Pearce Barry 657fadbe01
Land #7662, Payload Handler Console Command 2016-12-07 14:48:44 -06:00
Brendan 7dd2d3e226 Fix the prompt again 2016-12-07 14:32:54 -06:00
David Maloney 74b3a00035
fix payload datastore merge 
fix the way we merge the payload datastore in so
the options actually take
 2016-12-07 14:04:42 -06:00
Javier Godinez 99ba1e45ff Removed unused params 2016-12-07 10:10:09 -08:00
Metasploit a54c0c4e1f
Bump version of framework to 4.13.6 2016-12-07 09:00:16 -08:00
OJ 50b0c9ef5e
Add tspkg support and fix parsing a little 2016-12-07 15:06:08 +10:00
OJ 7d316cb3e6
Begin work on parsing mimikatz output and handling more cmds 2016-12-07 15:06:08 +10:00
OJ 8f4621f424
Initial work to support the new kiwi extension 2016-12-07 15:05:02 +10:00
Rich Whitcroft d3a8409a49 prevent further lockouts in smb_login 2016-12-06 21:53:08 -05:00
Jon Hart 0b46e90bbb
Only print out AWS API responses when in verbose mode 2016-12-06 17:32:48 -08:00
Jon Hart a13382c80b
Address most of rubocop's nits 2016-12-06 17:10:34 -08:00
Adam Cammack c5641c9681
Factor out mettle configuration 
Also cleans up some stuff: s/url/uri/ and base-64 encodes UUIDs
 2016-12-06 18:28:48 -06:00
David Maloney 606232828f
freeze punk, it's rubocop! 
rubocop autocrrecting a bunch of stuff *fingers crossed*
 2016-12-06 17:17:56 -06:00
David Maloney dc53057639
more bcook fixes 
the rebase lost some of these
 2016-12-06 17:14:22 -06:00
David Maloney c8f6ac99a1
reapply bcook's indentation fixes 2016-12-06 16:52:46 -06:00
David Maloney d3225ce2fb
Merge branch 'master' into feature/handler-command 2016-12-06 16:51:57 -06:00
Brent Cook f734031804
Land #7655, Refactor/cleanup core command dispatcher 2016-12-06 16:38:42 -06:00
Brent Cook d091a32be8 whitespace/indentation 2016-12-06 16:37:22 -06:00
Adam Cammack 1ec7474067
Don't embed ELFs in ELF templates 2016-12-06 14:14:40 -06:00
David Maloney 62f0e7b20a
add the handler console command 
sometimes, as a user, you need to start a handler
but don't want to exit your current console context.
The new handler command allows a user to spin up a handler
in background job without switching contexts
 2016-12-06 14:04:39 -06:00
Brent Cook b4a2a6ed60 Merge remote-tracking branch 'upstream/master' into land-7625- 2016-12-06 06:23:32 -06:00
OJ ffee0ff1b6
Fix payload cache size issue, fix shell/bind payloads 2016-12-06 11:12:02 +10:00
Metasploit 7edb5e19e2
Bump version of framework to 4.13.5 2016-12-05 15:09:06 -08:00
Jeffrey Martin 9ba6797d19
use arch for session_compatible? to support shell sessions 2016-12-05 15:56:28 -06:00
Jeffrey Martin 483228c4ea
use platform for session_compatible? to support shell sessions 2016-12-05 14:14:37 -06:00
David Maloney f56c7f9a8e
cosmetic touchups 2016-12-05 11:25:56 -06:00
David Maloney d85f9880ff
fix command dispatcher specs 2016-12-05 11:16:15 -06:00
David Maloney ab2e88a49e
created modules command dispatcher 
moved all commands related to navigating around
modules, editing them, and viewing their info into
a new command dispatcher
 2016-12-05 10:30:18 -06:00
David Maloney 6557a84784
add resource command dispatcher 
move resource script related commands into
their own command dispatcher
 2016-12-05 09:20:07 -06:00
David Maloney 2008dcb946
create jobs command dispatcher 
split the jobs related commands into their own
command dispatcher to start cleaning up the 'core'
dispatcher
 2016-12-05 09:12:52 -06:00
Brendan 86ec5861f9
Land #7649, update session_compatible? for changes from PR#7507 
Fixing the ability to find compatible post scripts for sessions
 2016-12-02 16:29:08 -06:00
Jeffrey Martin b218c7690a
cleanup stray comment 2016-12-02 15:25:58 -06:00