infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,239 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

6995 Commits (adfb663343334f9cd51b9d780563cffb7cabf935)

Author SHA1 Message Date
HD Moore ab6f3a7373 Fix #5531, the ```stage_payload``` method does not take arguments. 2015-06-13 18:26:56 -05:00
g0tmi1k 6dcc9b7dab More inconsistencies 2015-06-12 21:59:15 +01:00
David Maloney 2a474c8375
Merge branch 'master' into feature/MSP-12358/ntds-dump-module 2015-06-08 11:42:03 -05:00
wchen-r7 5a6a16c4ec Resolve #4326, remove msfpayload & msfencode. Use msfvenom instead! 
msfpayload and msfencode are no longer in metasploit. Please use
msfvenom instead.

Resolves #4326
 2015-06-08 11:30:04 -05:00
HD Moore 1f11cd5470
Lands #5446, support for 64-bit native powershell payloads 2015-06-07 14:16:19 -05:00
benpturner 20b605e7cb Remove duplicate exec 2015-06-07 18:11:11 +01:00
RageLtMan a46510465d Fix older Windows payloads to not require UUID 
Default Windows payload to not include_send_uuid for compatibility.
 2015-06-07 02:58:31 -04:00
HD Moore bd36908383 Fix #5500 by checking for session.respond_to?(:response_timeout) 2015-06-06 17:07:03 -05:00
William Vu d4ddc53856
Fix #5499, small fix for line clearing 2015-06-06 15:58:45 -05:00
William Vu f761d411c4 Adjust line clearing to cover only the text 2015-06-06 15:58:23 -05:00
William Vu 89e7dc6cf2
Land #5499, polish dem spinners 2015-06-06 15:21:09 -05:00
HD Moore 2942cb165f
Land #5415, changes spaces in PSH shell output 2015-06-06 14:55:33 -05:00
HD Moore fe09d9888e Small rework of the spinners, clear the line when done 2015-06-06 14:30:42 -05:00
Brent Cook bb9439e463
land #5487, refactor and fix save function for db_nmap 2015-06-05 12:31:23 -05:00
wchen-r7 910ae8a480 Fix #5461, actually stop a job from the RPC service 
Fix #5461. The RPC service is incorrectly using the wrong method to
stop a job, this patch should fix that.
 2015-06-04 23:09:55 -05:00
William Vu a53a68cfc2 Refactor db_nmap and fix the save option 2015-06-04 18:40:19 -05:00
wchen-r7 7de78c1d69
Land #5447, more info about using the deprecated report_auth_info 2015-06-04 12:37:22 -05:00
jvazquez-r7 d22dda2bab
Provide more context and references 2015-06-01 10:33:40 -05:00
benpturner 9d1a7cead4 New modules to support 64bit process powershell. 2015-06-01 16:11:23 +01:00
Brent Cook 64e86165ef remove android meterpreter bins, update to payloads 1.0.2 
This switches us to using the Android payload files from the
metasploit-payloads gem
 2015-06-01 09:14:31 -05:00
Brent Cook 70ef1b83f9 Merge branch 'master' into land-5366-android 2015-06-01 09:07:55 -05:00
jvazquez-r7 af326a4f88
Use compatible_payloads instead of copy and paste 2015-05-29 16:55:19 -05:00
Brent Cook 6d488c63d4 php UUIDOptions->UUID::Options 2015-05-29 16:33:03 -05:00
Brent Cook b8a8e65c2c Merge branch 'master' into land-5394-uuid-tracker 2015-05-29 16:22:45 -05:00
Brent Cook 7b0006a1b2 Merge branch 'master' into land-5394-uuid-tracker 2015-05-29 15:41:31 -05:00
wchen-r7 defda01d87 Some doc 2015-05-29 15:09:29 -05:00
wchen-r7 b33ace2f44 Put is_payload_compatible? in exploit.rb 2015-05-29 15:07:59 -05:00
Brent Cook 340792aae4 don't jump past the uuid sender on win32/tcp connect 2015-05-29 14:34:27 -05:00
Brent Cook 7d5af66fa0 Merge branch 'master' into land-5367-uuid-stagers 2015-05-29 13:00:35 -05:00
Brent Cook 8f747d2541
Land #5382, add meterpreter session reconnect RPC call 2015-05-29 12:53:15 -05:00
wchen-r7 737559bcbb
Land #5180, VBA Powershell for Office Macro 2015-05-28 19:55:27 -05:00
Spencer McIntyre 24b4dacec5
Land #5408, @g0tmi1k fixes verbiage and whitespace 2015-05-27 21:02:02 -04:00
wchen-r7 583fccdbc8 Resolve #5404, Check payload compatibility when using set payload 
Resolve #5404. This patch will check payload compatibility when
you are using set payload in msfconsole.
 2015-05-27 18:28:08 -05:00
Brent Cook d76a9c6565
Land #5409, update cmd stager documentation. 
Merge remote-tracking branch 'upstream/pr/5409' into upstream-master
 2015-05-26 10:34:03 -05:00
benpturner abd4ab548d Edit spaces within the powershell session command 2015-05-25 20:10:29 +01:00
OJ 43f7054a5c Refactor base64 stub into base module 
As per @zeroSteiner's suggestion.
 2015-05-25 11:51:01 +10:00
OJ 9e50114082
Merge branch 'upstream/master' into uuid-stagers 2015-05-25 11:22:35 +10:00
OJ 9042f141ff Implement the IPv6 UUID bind stagers 2015-05-25 11:21:28 +10:00
Spencer McIntyre 6fb2da4f62 Fix #5391, cmd stager documentation fixes 2015-05-23 13:56:49 -04:00
jvazquez-r7 d10b20b7a3
Land #5251, @hmoore-r7's second opportunity to Oracle connect 
SYSTEM shouldn't have SYSDBA privileges by default anymore
 2015-05-22 17:47:41 -05:00
jvazquez-r7 41a86b2e9b
add vprint_status 2015-05-22 17:46:56 -05:00
jvazquez-r7 c201955fdf
Land #5387, @wchen-r7's user-configurable HTTP timeout 
Fixes #5219, Add connection timeout and response timeout for HttpClient
 2015-05-22 15:36:11 -05:00
jvazquez-r7 e0d9ee062f
Use HttpClientTimeout 2015-05-22 13:35:37 -05:00
HD Moore 078438f66e Update UUIDOptions -> UUID::Options 2015-05-22 00:30:05 -05:00
HD Moore c17ee64d81 Merge branch 'master' into feature/uuid-registration 2015-05-22 00:29:16 -05:00
OJ c07ff70f19 Add check for UUID payloads 
Thankfully those payloads already had a flag that could be reused.
 2015-05-22 15:11:12 +10:00
Brent Cook 9ce669f878
Land #5328: reworked x64 http/https stagers 2015-05-21 23:26:34 -05:00
OJ 10bd75348c
Merge branch 'upstream/master' into uuid-stagers 2015-05-22 13:07:25 +10:00
OJ a6a274d3a3
Merge recent stager changes 2015-05-22 13:01:45 +10:00
HD Moore 9b17b63259 Switch to append mode for x86 service templates, fixes #5403 2015-05-21 20:42:20 -05:00
HD Moore ea9059f930 Fix broken endian specification (<I vs I<) 2015-05-21 20:00:22 -05:00
wchen-r7 c29bb35e28 Change datastore name 2015-05-21 10:15:03 -05:00
David Maloney 356f361b40
add sid to the the yard docs 
you win this round OJ ;)

MSP-12722
 2015-05-21 09:30:09 -05:00
root ee1a366e2b Use select with ActiveRecord::Associations::CollectionProxy for subset selection 2015-05-21 11:04:03 +05:00
HD Moore 4622fa60eb Register the init_* URLs and whitelist these 2015-05-21 00:22:41 -05:00
HD Moore 27406204ed Disable payload UUID registration by default 2015-05-20 23:56:15 -05:00
HD Moore e07576ce20 Indicate whether a session has a registered UUID 2015-05-20 23:55:49 -05:00
wchen-r7 bdf30dd383
Land #5374, --smallest option in msfvenom 2015-05-20 21:06:10 -05:00
HD Moore a8d111ce89 Merge branch 'master' into feature/uuid-registration 2015-05-20 19:48:39 -05:00
HD Moore ac0004ea0a Implement IgnoreUnknownPayloads 2015-05-20 19:47:17 -05:00
wchen-r7 93900087c7 Resolve #5219, user-configurable HTTP timeout 
Resolve #5219
 2015-05-20 13:30:45 -05:00
OJ 44f8cf4124 Add more size to stagers, adjust psexec payloads 
This psexec payload size should be evaluated to make sure I'm not doing
anything stupid. i can't see a reason why increasing these sizes would
be bad. They seem to work fine.
 2015-05-20 17:07:56 +10:00
OJ 5963a5833a Fix up php stageless payload includes 2015-05-20 16:50:00 +10:00
OJ d0a5b803e8 Use generate_payload_uuid instead of manual obj creation 2015-05-20 16:25:52 +10:00
HD Moore 818d8b186c Implement tracking 2015-05-20 01:10:19 -05:00
OJ 289873c25f
Merge all the stager changes 2015-05-20 16:02:37 +10:00
OJ 6859b24c1c Fix missing label, update payload sizes 2015-05-20 15:42:31 +10:00
OJ d43e11f5af WinHTTP rework with proxy support, and SSL verification 
This commit fixes up the winhttps stuff properly too. PHEW!
 2015-05-20 15:32:34 +10:00
HD Moore 513a81e340 Add framework.uuid_db as a JSONHashFile 2015-05-20 00:28:32 -05:00
OJ fd2534914d Small tweaks to reverse_http 2015-05-20 12:15:38 +10:00
David Maloney 48c50a897c
add rpc call to change meterp transport 
this rpc method allows the user to change transport
on an existing meterp session. if it's successful
it will close the old 'session' tied to the rpevious transport

MSP-12722
 2015-05-19 14:43:25 -05:00
Christian Catalan 046003acb4
Increase REXML expansion text limit 
MSP-9532

* Increase to reasonable size to handle larger xml file expansion on import
* Prevents the 'RuntimeError entity expansion has grown too large' error that prevents import
 2015-05-19 12:47:19 -05:00
Tim 3b8effc589
fix ext_server_android.jar error 2015-05-19 17:26:50 +01:00
William Vu c1b8cee315
Land #5369, @dmaloney-r7's snmp_login fixes 2015-05-19 10:39:03 -05:00
Tim e7c8a3b56c add support for SessionRetryTotal and SessionRetryWait on Android 2015-05-19 16:16:04 +01:00
OJ 9fddc21cf3 Shaved another sneaky byte off the payload 2015-05-19 21:21:07 +10:00
OJ 6e96e6d118 Shellcode golf to make the payload smaller 
Tried to implement some more of the stuff that egypt suggested, managed
to get some in, but not others. Ultimately, its smaller than it was, and
I'm sure there are ways to make it better as well.
 2015-05-19 21:17:42 +10:00
OJ 62720ab357 Fix the wininet stager for http/s 
For some reason this was only working on Windows7/2008, yet when tired
on Windows 2012 it was resulting in crashes. It was also stopping
working in exploits such as psexec_psh.

Went back to the beginning and started again. With this in place, we can
now do a bit of shellcode golf to make it a bit smaller.

Adjusted payload sizes as well.
 2015-05-19 20:03:22 +10:00
HD Moore 9d7e54f360 Add the UUID subdirectory, including initial DB class 2015-05-18 23:41:22 -05:00
HD Moore c7932855f2 Move UUIDOptions to UUID::Options 2015-05-18 23:35:18 -05:00
HD Moore 9dd82d94ae Exclude Manual ranked encoders from automatic selection, these can still be specified with -e 2015-05-18 15:47:15 -05:00
HD Moore 71eab7a236 Implements msfvenom --smallest, still some blockers 2015-05-18 15:24:59 -05:00
HD Moore a82168d7bb Fixes #5361 by adding --encoder-space to msfvenom 2015-05-18 14:27:52 -05:00
jvazquez-r7 ea8e62f0fb
Add #file_dropper_file_exist? 2015-05-18 14:13:12 -05:00
David Maloney 7376d4d94e
account for public only credentials in #to_s 
SNMP in particular will only have a public, so we need
to account for this so we don't output poorly formed text
with a trailing ':' char

5266
 2015-05-18 13:42:15 -05:00
David Maloney c69b6b2b8b
only issue db warning once 
cache the fact that we have issued the db warning
so we do not issue it for every credential attempt
on the module run.

5266
 2015-05-18 13:41:18 -05:00
jvazquez-r7 129ed7fb7a
Add yard documentation 2015-05-18 10:27:04 -05:00
OJ e7f80042d4 Finalise work on the bind_ipv6_tcp stager for UUID support 2015-05-18 21:19:04 +10:00
OJ 593f6e5fc4 Fix issue with bind UUID 2015-05-18 20:25:15 +10:00
OJ 9296a024e2 PHP meterpreter refactoring in prep for uuid work 2015-05-18 17:40:48 +10:00
OJ 27cdc588c8
Merge module include fix from stager update 2015-05-18 15:00:05 +10:00
OJ 677acb22a4 Fix up module include in x64 winhttp 2015-05-18 14:59:49 +10:00
OJ 4488a5e634 Add uuid support to python, and rework stages/stagers 2015-05-18 14:33:35 +10:00
OJ 0d56b3ee66 Stage UUIDs, generation options, php and python meterp uuid 2015-05-18 13:29:46 +10:00
OJ bf2b113abb
Merge branch 'upstream/master' into update-x64-stagers 2015-05-18 13:28:36 +10:00
OJ 8bd41a3834
Land #5354 - transport config fallback in stager 2015-05-18 10:16:44 +10:00
OJ 8b2e5c88d9 Adjust transport config fallback to include https 2015-05-18 10:16:09 +10:00
OJ 178ba50b98
Merge branch 'upstream/master' into rage-stager-transport 2015-05-17 20:09:50 +10:00
OJ d725554a87 Fix UUID code so that it always deals with 16 bytes 
Also re-add the payload ID to session validation now that the UUID stuff
is reliable.
 2015-05-17 17:49:21 +10:00
OJ 37e4d71a6a Remove check for UUID in the valid session check 
This is causing sessions to fail because meterpreter isn't doing the
right thing. I have another fix in the works which will properly solve
this, but in the short term the best way of solving the problem is to
remove this line.
 2015-05-17 17:13:54 +10:00