infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,134 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

10439 Commits (99fdfe31f16f91c68edd53a7b2b80a82651323ac)

Author SHA1 Message Date
Brent Cook 29b97f4695 remove superfluous parens on ifs 2015-05-01 15:40:45 -05:00
jvazquez-r7 c6806b4e5f
Land #5102, @wchen-r7's ManageEngine Desktop Central Login Utility 2015-05-01 15:20:21 -05:00
jvazquez-r7 3e7c790db8
Use constants 2015-05-01 15:15:18 -05:00
Brent Cook c3438955d4
Land #5169, stop reading when the HTTP socket is closed 2015-05-01 11:40:49 -05:00
wchen-r7 81744384c2 Actually fix del_note 2015-04-30 17:02:06 -05:00
wchen-r7 11f9c010ce Change documentation 2015-04-30 16:46:01 -05:00
David Maloney 18874fe384
fixes Issue #5272 on report_vuln 
use includes instead of joins so that refs on
the vuln are not marked as readonly
 2015-04-30 15:21:56 -05:00
wchen-r7 e79780d885 Fix #5240 2015-04-30 15:20:29 -05:00
wchen-r7 3b42265c98 Fix #5239 2015-04-30 15:20:04 -05:00
wchen-r7 440005d302 Fix #5237 2015-04-30 15:10:13 -05:00
wchen-r7 f315eb4afd Fix #5236 2015-04-30 15:07:11 -05:00
wchen-r7 70ab938951 Fix #5229 2015-04-30 14:56:30 -05:00
wchen-r7 f43e4f9447 Fix #5238 2015-04-30 13:49:13 -05:00
wchen-r7 89d026c900 Fix merge conflict 2015-04-30 12:33:45 -05:00
William Vu 2d2c946044
Land #5279, fix for msfconsole -o 2015-04-30 11:23:44 -05:00
James Lee 3e40433f00
Add an alias for write 
Fixes #4971
 2015-04-30 08:56:16 -05:00
OJ 8ddd7a4891 Fix session removal code, prevent missing transport param fail 2015-04-30 22:39:48 +10:00
Brent Cook 4c9f44b00c
Revert "Land #4888, @h00die's brocade credential bruteforcer" 
There were some issues with this module that caused backtraces when run outside
of msfconsole. Reverting it for now so we can add some specs and ensure that it
works like the other login scanners.
 2015-04-29 15:36:03 -05:00
William Vu b41aa0e617 Fix NoMethodError for rhost 
Can't rely on it to be defined (kinda like peer).
 2015-04-29 15:14:41 -05:00
OJ 919b96e4cf Fix up UUID handling 2015-04-28 21:59:19 +10:00
OJ 4f9c8d04a2 Add support for moving transports and uuid fetching 
The 'next' and 'prev' commands were added so that the session can jump
transports without having to add new ones at the same time.

There's also a command which gives the UUID now so that this can be
reused across sessions.
 2015-04-28 20:24:44 +10:00
OJ f711e5dee7 Update migration support 
Migration now uses the new meterpreter loader. Migration configuration
is loaded and created by meterpreter on the fly, and supports the
multiple transport stuff that's just been wired in.
 2015-04-28 17:41:43 +10:00
OJ fca4d852a1 Remove the passing on off listen socket values 2015-04-28 13:51:48 +10:00
OJ d82bfb0692 Reorder params, fix up the transport termination 2015-04-28 13:03:40 +10:00
OJ c41f4bd59f Fix up http/s a little 
Correctly check the URL against the non-widechar version. Get the SSL
verification stuff working again.
 2015-04-28 09:44:48 +10:00
OJ 1ca5188c5e Change the payload to use IPv6 formats if required 2015-04-28 07:44:21 +10:00
OJ f3e547ca92 Remvoe the exitfunk from the loader 
Meterpreter handles the exitfunk internally as part of the config now
 2015-04-28 07:43:26 +10:00
HD Moore c3f18aa899 Complete the #4989 revert 2015-04-27 16:26:34 -05:00
HD Moore 36daee08c9 Reverts #4989, support for file: is handled in the options again 2015-04-27 16:07:43 -05:00
Brent Cook 7443af64a6
Land #5247, add RPC API call documentation 2015-04-27 11:13:02 -05:00
Brent Cook a0eb7d0ad3 minor RPC documentation tweaks 2015-04-27 11:11:08 -05:00
HD Moore 1fd601510c
Lands #5194, merges in PowerShell session support & initial payloads 2015-04-26 16:01:51 -05:00
HD Moore 1cebc9f3cb Fallback if the regex fails for some reason 2015-04-26 15:59:36 -05:00
Ben Turner 82fe480c2e Update session to display username and hostname 2015-04-26 21:47:49 +01:00
Ben Turner ea0204b7e5 updates to remove powershell from core 2015-04-26 21:25:30 +01:00
benpturner 76e68fcf4c session info 2015-04-26 20:13:18 +01:00
benpturner 1cc167a7fb Inserted ARCH_X86 payloads, removed interactive_powershell and updated base powershell session 2015-04-26 18:50:42 +01:00
OJ 0d2f97ed2d Add support for config in the x64 bind stager 2015-04-26 14:19:36 +10:00
OJ 6da8a14f62 Initial work on x64 payloads for new config 2015-04-26 13:41:31 +10:00
OJ 6ac3ecfa7c Refactor, add reverse_winhttps support 
Getting closer to a normalised view of what this stuff will look like.
There URL patching is slowly being removed. Reverse HTTPS works fine,
and by default HTTP should too.

Next up, x64 for the same main ones.
 2015-04-26 12:11:14 +10:00
OJ 2455163d24 Refactor configuration for meterpreter payloads (x86) 
RDI is now back to what it was before, as this leaves all the other RDI
style payloads alone. Instead we have a new Meterpreter loader which
does the stuff that is required to make meterpreter work well with the
new configuration options.

This is just the case for reverse_tcp and bind_tcp so far, need to do
the other payloads too, along with all the x64 versions.
 2015-04-26 09:57:30 +10:00
OJ 3a24923361 Force bind to hand over the listen socket 2015-04-25 22:04:58 +10:00
OJ 4ec4868bcf Make bind hand over the listen socket as well 2015-04-25 21:37:32 +10:00
OJ bb77a3a0e6 First pass of refactoring to support new config block 
This is pretty basic stuff, but at least it's reusable.
 2015-04-25 21:36:28 +10:00
OJ 9f1e035c53 Changed required_space check in bind payloads 2015-04-25 21:30:54 +10:00
Brent Cook ff96101dba
Land #5218, fix #3816, remove print_debug / DEBUG 2015-04-24 13:41:07 -05:00
Brent Cook 27f6adcd81
Land #5110, teach Http::Response to extract hidden form inputs 2015-04-24 13:30:57 -05:00
wchen-r7 46361c1a19 Final round of documentation 2015-04-24 11:58:12 -05:00
wchen-r7 6ccc4af4d8 Round 9 of documentation 2015-04-24 01:08:33 -05:00
benpturner 3665c84cab accomodate session type 2015-04-23 23:12:19 +01:00
benpturner 57914b6924 new session type 2015-04-23 23:12:02 +01:00
wchen-r7 d292cc999a Round 8 of documentation 2015-04-23 16:15:11 -05:00
wchen-r7 86a7e36a06 Round 7 of documentation 2015-04-23 15:37:56 -05:00
wchen-r7 3c50feb3d6 Round 6 of documentation 2015-04-23 12:34:39 -05:00
wchen-r7 cbac6d1a0b Round 5 of documentation 2015-04-23 11:54:58 -05:00
OJ 1b11322618 Remove STDERR debug statement 2015-04-23 19:36:17 +10:00
root 19beafe009 scan_export_status patch for issue 5217 2015-04-23 12:04:02 +05:00
wchen-r7 f6bd747f57 Round 4 of documentation 2015-04-22 22:15:30 -05:00
wchen-r7 6bac759a18 Round 3 of documentation 2015-04-22 17:01:31 -05:00
wchen-r7 39f206b31a Round 2 of documentation 2015-04-22 12:10:28 -05:00
root 40107577a0 Case insensitive plugin unload 2015-04-22 11:04:46 +05:00
wchen-r7 4add4074e1 First round of RPC API documentation 
Resolve #5209
 2015-04-22 01:02:05 -05:00
jvazquez-r7 b6df023c99
Land #4989, @hmoore-r7's change to file: handling 
Datastore options with file: are handled at set time
 2015-04-21 23:21:22 -05:00
Brent Cook 3963289519
Land #4888, @h00die's brocade credential bruteforcer 2015-04-21 18:27:03 -05:00
Trevor Rosen 8f5d222e53
Land #5156 - module ranking properly handles nil 2015-04-21 14:40:01 -05:00
Spencer McIntyre edbf9b766f
Land #5100, @bcook-r7's deletekey API usage fix 
Fixes #5099
 2015-04-21 12:58:02 -04:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
rwhitcroft 70f94bbd96 break loop if socket is closed 2015-04-21 11:09:17 -04:00
OJ c8bab6ace1 Fix help for timeouts 2015-04-21 20:35:46 +10:00
OJ f654fea9b3 Adjust transport command to work with posix 2015-04-21 20:16:57 +10:00
OJ 86957d9b07
Merge branch 'upstream/master' into connection-recovery 2015-04-21 20:01:59 +10:00
jvazquez-r7 66d23e3b5e
Delete file: validation on normalization again 2015-04-20 23:52:17 -05:00
jvazquez-r7 57df5c4f4f
Solve conflics 2015-04-20 23:38:34 -05:00
Brent Cook 8aca4539c9
Land #5152, undefined var in WinRM_Login 2015-04-20 23:01:11 -05:00
Brent Cook ab33fc8eba
Land #5211, parse nmap's tunnel attribute 2015-04-20 22:53:34 -05:00
Brent Cook ee07809fd8
Land #5190, 64-bit meterpreter persistence script 2015-04-20 22:32:57 -05:00
William Vu 74ad81c90c Consolidate tunnel check into name check 2015-04-20 21:18:12 -05:00
jvazquez-r7 831e65261d
Add lengths specs 2015-04-20 17:37:41 -05:00
William Vu 741149058c Report unknown service names for consistency 2015-04-20 17:22:19 -05:00
William Vu d894502148 Update legacy Nmap XML parser 2015-04-20 17:15:35 -05:00
William Vu 1a66786d1b Fix Nmap XML parser for tunnel attribute 2015-04-20 17:04:19 -05:00
jvazquez-r7 329e28c47c
Keep the old value if value can't be loaded from file 2015-04-20 16:29:11 -05:00
William Vu c7129e063c
Land #5069, breaking up with old options 2015-04-20 16:23:44 -05:00
jvazquez-r7 c629d8593a
Solve my own concerning about race conditions, just in case... 2015-04-20 16:19:29 -05:00
James Lee d67f7a21d9
Move autoloads into OptionContainer 
This seems like a better place for them to live
 2015-04-20 15:54:42 -05:00
James Lee da0e7282d5
Replace some unnecessary eval action. 
Metaprogramming should be reserved for when you don't know things. Here
we're making methods from literal strings, so replace the
metaprogramming with much easier to understand regular programming. Also
has the benefit that yard can parse it.
 2015-04-20 15:54:41 -05:00
James Lee b64d881914
Make OptionContainer docs a little more useful 2015-04-20 15:54:40 -05:00
James Lee 3a5af3939d
Split all the option classes into their own files 2015-04-20 15:54:40 -05:00
jvazquez-r7 1b85cd2853
Use single quotes 2015-04-20 15:53:58 -05:00
jvazquez-r7 a56dd5d1ff
Do minor style cleanup 2015-04-20 15:44:45 -05:00
William Vu 79ca0a56f9
Land #4171, Steam protocol support 2015-04-20 15:35:06 -05:00
Christian Mehlmauer 668961b69d
fix some yarddoc issues 2015-04-20 00:06:59 +02:00
OJ e7babc4acb Fix persistence script to support x64 payloads 2015-04-19 12:41:51 +10:00
OJ 19f8a76475 Porting bind_tcp for posix to metasm 
And supporting SO_REUSEADDR and stageless meterp
 2015-04-18 19:19:40 +10:00
wchen-r7 37613adebb Improve developer experience for fail_with 
The fail_with for an exploit is used differently than a non-exploit,
so it would be nice to document about this. Also, be strict about
the reason for the exploit one, because this can affect other
components of Metasploit.
 2015-04-17 15:55:22 -05:00
Brent Cook 2a327b7c91
Land #5116, better handle platform and arch in msfvenom 2015-04-17 10:55:41 -05:00
OJ 97912882ca Adjustments for POSIX meterpreter patching 2015-04-17 19:53:05 +10:00
Brent Cook 3107d99b9a Use the same URI that was registered when we deregister 
The original URI is registered as '/foobar/' but is deregistered as
'//foobar/', causing it to never get deregistered. Changing this fixes
unregistration of the service handler for staged payloads, but stageless
doesn't work properly if the URI actually gets deregistered.
 2015-04-17 03:20:24 -05:00
Brent Cook 18225780da cleanup HTTP and HTTPS listeners when sessions are closed 
Rather than listening forever after a session shuts down, close the session if
there are no other URI's registered on the listener. This allows reconfiguring
the listener without restarting framework, but should be safe for situations
where multiple modules share the same listener.
 2015-04-17 02:41:24 -05:00
OJ eb7155d533 Remove debug print 2015-04-17 16:25:42 +10:00