Commit Graph

346 Commits (b8b48fd37a145975a0b433e3ead56d077db0f52a)

Author SHA1 Message Date
James Lee c2a063c8ae
Start using rubyntlm for ssp auth 2016-06-22 10:15:16 -05:00
David Maloney 69e2d05a5d
rip out old rex code and replace with gems
rex-text, rex-random_identifier, rex-powershell, rex-zip, and rex-registry
are now being pulled in as gems instead of part of the spgehtti code that is lib/rex
2016-06-21 13:56:36 -05:00
darkbushido 771171cbe1
adding tzinfo-data to the gemspec
this should fix windows.
2016-05-17 11:40:25 -05:00
Brent Cook 307e565859
Land rapid7/metasploit-payloads#98, Fix python meterpreter reverse_tcp reconnect. 2016-05-13 22:59:52 -05:00
David Maloney fd543f13af
fix deps 2016-05-13 13:34:18 -05:00
David Maloney 19af279ce9
Merge branch 'master' into staging/rails-upgrade 2016-05-05 10:46:12 -05:00
Brent Cook 94c8b51a54 bump payloads gem 2016-05-04 10:56:41 -05:00
David Maloney fb5b228984
Merge branch 'master' into staging/rails-upgrade 2016-05-02 11:33:35 -05:00
wchen-r7 aa707fd63b Update gem metasploit-payloads to 1.1.8 2016-04-27 15:25:01 -05:00
David Maloney c52f3dcb0e
update to rails 4.2.6
fix lost dep unlocks and upgrade rails to 4.2.6

MS-1400
2016-04-15 11:45:43 -05:00
William Vu 22d08fdf39 Revert #6748, premature Gemfile* changes 2016-04-06 14:52:22 -05:00
David Maloney c3452ab982
unlock gemspec deps
unlock version constraints on deps
defined inside the gemspec

MS-1330
2016-04-04 15:31:09 -05:00
David Maloney 8de58e4b80
Merge branch 'master' into staging/rails-upgrade 2016-04-04 09:30:01 -05:00
Brent Cook 627615d47b update to payloads 1.1.6 2016-04-01 21:30:34 -05:00
OJ 6c602dae90 Bump payloads to 1.1.5 2016-03-31 14:03:59 +10:00
wchen-r7 bc48ebd43b Use patch_finder for msu_finder 2016-03-29 23:21:01 -05:00
Brent Cook b8d53dde4a Merge branch 'upstream-master' into staging/rails-upgrade 2016-03-29 15:56:50 -05:00
thao doan 587f1ee7b3 Land #6708, module documentation for msfconsole 2016-03-29 11:30:55 -07:00
Brent Cook 1fe40d9f2d update to metasploit-payloads 1.1.4 2016-03-24 22:32:55 -05:00
wchen-r7 c3ce621d04 Fix gemfile 2016-03-24 20:43:51 -05:00
Gregory Mikeska 7bd6d0c696
Merge branch 'master' into staging/rails-upgrade 2016-03-24 12:55:05 -05:00
Brent Cook a06236baa6 update to metasploit-payloads 1.1.3 2016-03-14 10:43:41 -05:00
David Maloney ca18996272
setup rails staging branch
rails 4.1 baby!
2016-03-09 15:35:00 -06:00
David Maloney 88697a5d3f
Merge branch 'master' into staging/rails-upgrade 2016-03-08 15:22:04 -06:00
Brent Cook 851e8b610e
Land metasploit-payloads#80, update to fix #6593 2016-03-02 13:44:02 -06:00
David Maloney 368af93cfe
Merge branch 'master' of github.com:rapid7/metasploit-framework 2016-03-01 10:52:00 -06:00
Fernando Arias c4c5944b25
Merge branch 'staging/rails-upgrade' into staging/MS-888/engines-is-deprecated
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
2016-02-26 15:35:34 -06:00
David Maloney b7ba38a4c6
update mdm version 2016-02-26 14:32:03 -06:00
Brent Cook 1427887efe update payloads 2016-02-26 06:10:02 -06:00
Gregory Mikeska cbc5b296e4
implement engines method locally instead of adding refinement 2016-02-25 11:05:17 -06:00
David Maloney c0c6dc7a18
point to other staging brnaches for gems
the gem dependencies that have been modified
so far are being pulled in from their staging branches
on github instead of rubygems for this branch
2016-02-22 11:31:58 -06:00
Brent Cook ed5cf821b2 bump payloads to 1.1.0 2016-02-10 23:21:20 -06:00
OJ 4ac7c5e298 Updaed the gemspec to point to the new payloads gem 2016-02-11 14:36:17 +10:00
wchen-r7 d5c3fcae04
Land #6511, Bump Jsobfu version to support preserved_identifiers 2016-02-05 15:57:53 -06:00
Adam Cammack 37490a7b6b
Bump metasploit-payloads version
Fix how Android meterpreter handles the timeout config generated by
android/shell/reverse_tcp.

Change Java meterpreters to return MAC address in `ifconfig` if the
platform supports it.
2016-02-03 18:16:20 -06:00
wchen-r7 2fe40a0e04 Bump jsobfu version to 0.4.1 2016-01-28 11:27:56 -06:00
wchen-r7 67c35d5177 Bump metasploit-payloads to 1.0.22 2016-01-22 14:07:40 -06:00
Chris Doughty 8090bbc750 Changes to support framework as a gem 2015-12-30 11:00:45 -06:00
Brent Cook 5bd1c11d74 update to metasploit-payloads 1.0.21 2015-12-24 10:14:46 -06:00
Brent Cook 9bbf2af86c update to metasploit_data_models 1.2.10 (remove 127.0.0.1 filter) 2015-12-22 14:53:21 -06:00
Jon Hart 39da306b1d
Land #6057, @danilbaz's module for dumping Bitlocker master key (FVEK) 2015-12-08 18:16:39 -08:00
Brent Cook da58dd2c71 update to metasploit-payloads 1.0.19 2015-12-07 15:37:58 -06:00
wchen-r7 f141cf0e56 Bump metsploit-payloads to 1.0.18 2015-12-04 16:12:23 -06:00
Brent Cook a7a89adfac
Land #6264, meterpreter per-extension init string support, update payloads to 1.0.17
This brings in the following changes:
	Changes to support maven 3.3+
	Don't fall back to 0.0.0.0
	Remove all debug builds from the Windows projects
	Add show_mount, ps_list, and some core tweaks
	Refactor TLV layout, add more debug output, token stealing
	Add incognito binding, code tidies
	Update packaged libs
	Add transport list binding
	Add transport add command to python binding
	Update python core lib archive
	change source perms back to non-executable
	First pass of stageless initialisation script
	Finalise stageless initialisation scripts
	add BOOT_COMPLETED receiver that starts the Payload
	Improve the implementation of the getuid command
	Switch to Utils.runCommand per timwr's suggestion
	Updated init script method

also bumps msgpack 0.7.1, which fixes a failure packing messages > 256k
2015-11-25 22:27:27 -06:00
Brent Cook c8461bfb24 update to metasploit-payloads 1.0.17 2015-11-25 22:03:28 -06:00
BAZIN-HSC c8847182d7 Add module to dump Bitlocker master key (FVEK) 2015-11-20 18:30:48 +01:00
Brent Cook 1b951b36fe remove -db / -pcap / -all gemspecs, merge into one 2015-11-11 15:01:50 -06:00
William Vu e6202e3eda Revert "Land #6060, Gemfile/gemspec updates"
This reverts commit 8f4046da40, reversing
changes made to 2df149b0a5.
2015-11-08 19:32:15 -06:00
Brent Cook 725d61d6e4 remove -db / -pcap / -all gemspecs, merge into one 2015-11-04 08:34:56 -06:00
Brent Cook 4320097025
Land #6172, fix problem encoding unicode strings with jsobfu 2015-11-02 17:30:06 -06:00
Brent Cook 7f19d95ad8
Land #6146, add show_mount command (initially for windows meterpreter sessions) 2015-10-30 17:37:30 -05:00
Brent Cook fb7d5e569a update to metasploit-payloads 1.0.16 2015-10-30 17:27:09 -05:00
wchen-r7 db0518dd3c Bump jsobfu to 0.3.0 2015-10-30 13:06:53 -05:00
OJ c5643e52ff Add support for the show_mount command (windows) 2015-10-29 07:28:33 +10:00
Brent Cook cbe02f042a
Land #6005, update recog to 2.0.14 2015-10-01 16:37:09 -05:00
Brent Cook 866636b59c
Land rapid7/metasploit-payloads#33, fix running android meterpreter without a context 2015-09-26 11:31:27 -04:00
Brent Cook 46ed129966 update to metasploit-payloads 1.0.14 2015-09-26 10:50:20 -04:00
Jon Hart 49bd43701f
Update to recog 2.0.14 2015-09-25 08:21:02 -07:00
Brent Cook 36c1339ad3
update payloads to 1.0.13, fixes older php meterpreters 2015-09-16 17:04:39 -05:00
jvazquez-r7 c8b27e0563
Land #5889, @jlee-r7's favors metasm as a gem 2015-09-16 17:01:01 -05:00
Brent Cook d7887b59aa
Land #5892, update pcaprub to the latest version 2015-09-04 17:26:29 -05:00
Brent Cook 3334e94f80 update to metasploit-payloads 1.0.12 2015-09-03 09:59:56 -05:00
Brent Cook 6ea25a465b update to metasploit-payloads 1.0.11 2015-09-01 17:35:23 -05:00
Brent Cook 593f501571 finish move of php / python meterpreters to metasploit-payloads 2015-08-27 11:34:22 -05:00
Brent Cook ca8353e1aa update to metasploit-payloads 1.0.9 2015-08-25 17:44:01 -05:00
Tod Beardsley 45eb55f975
Bump PacketFu to latest 2015-08-25 11:45:30 -05:00
James Lee d372a6a16d
Gemify metasm 2015-08-24 15:53:24 -05:00
Brent Cook 82e1181ccb update to metasploit-payloads 1.0.8 2015-08-14 17:38:54 -05:00
Brent Cook 07d05828d0
Land #5688, remove msfcli 2015-07-13 15:27:38 -05:00
Brent Cook b782e3fc0f update to metasploit-payloads 1.0.7
This includes a couple of transport fixes for posix meterpreter and some
robustness fixes when flushing reverse_tcp sockets.
2015-07-13 00:13:02 -05:00
OJ 85769808cc Update metasploit payloads to 1.0.6 2015-07-10 16:28:20 +10:00
wchen-r7 f59c99e2ff Remove msfcli, please use msfconsole -x instead
msfcli is no longer supported, please use msfconsole.

Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
darkbushido 7bdfcf2bce locking the r7 managed gems to specific versions
this will force pro to use the same version of the gems
2015-07-02 14:16:02 -05:00
Brent Cook 52086308b3 bump to metasploit-payloads 1.0.4 2015-07-01 00:22:54 -05:00
Brent Cook ba340ecec1
Land #5543, add transport delete command 2015-06-22 16:58:47 -05:00
Brent Cook 9fea3d7a9c update to metasploit-payloads 1.0.3 2015-06-22 16:56:54 -05:00
William Vu f2e2af1c42 Remove msfencode from the gemspec 2015-06-16 18:37:32 -05:00
wchen-r7 5a6a16c4ec Resolve #4326, remove msfpayload & msfencode. Use msfvenom instead!
msfpayload and msfencode are no longer in metasploit. Please use
msfvenom instead.

Resolves #4326
2015-06-08 11:30:04 -05:00
Samuel Huckins 22a1b0ab44
Land #5399, latest recog and MDM 2015-06-02 13:23:25 -05:00
Brent Cook 64e86165ef remove android meterpreter bins, update to payloads 1.0.2
This switches us to using the Android payload files from the
metasploit-payloads gem
2015-06-01 09:14:31 -05:00
Brent Cook d39d4ff6de bump to metasploit-payloads 1.0.1 2015-05-29 15:15:49 -05:00
Brent Cook 16bc08861a update to metasploit-payloads 1.0.0 2015-05-29 13:01:26 -05:00
HD Moore c7df2c7cf1 Update the gemspecs for recog 2.0 / mdm 1.2.0 2015-05-21 12:55:24 -05:00
Brent Cook d804f5fe49 update to metasploit-payloads 0.0.7 2015-05-17 10:06:38 -05:00
Brent Cook f3c22e4168 update metasploit-payloads to 0.0.6
This includes:
  - support for the 'sleep' command (metasploit-framework #5339)
  - support for Unicode file names with Java (metasploit-javapayloads #29)
  - proxy support with winhttp (meterpreter #159)
  - support for showing domain and logged in users (meterpreter #161)
2015-05-15 18:04:04 -05:00
OJ 83fbd41970 Merge branch 'upstream/master' into multi-transport-support
Conflicts:
	Gemfile.lock
	modules/payloads/singles/cmd/windows/powershell_bind_tcp.rb
2015-05-14 14:50:25 +10:00
OJ e9e3d9c1e4 Update payloads gem, and updated payload sizes 2015-05-13 15:37:09 +10:00
darkbushido d5cfeb7711
updating the metasploit gems to ~> 1.0 2015-05-12 14:49:33 -05:00
darkbushido 26e7fe15f9
Merge branch 'upstream' into staging/rails-4.0
Conflicts:
	Gemfile.lock
2015-05-05 11:00:38 -05:00
Brent Cook 3771a78564 update to metasploit-payloads 0.0.3 2015-05-04 16:17:57 -05:00
Brent Cook e6ea5511ca update linux and windows meterpreters to use metasploit-payloads 2015-05-04 09:44:36 -05:00
darkbushido 542937415b updating the gemspecs to use the pre-release versions of the other metasploit gems 2015-04-29 14:07:50 -05:00
Matt Buck 8163c3cdda Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	plugins/nessus.rb
2015-04-28 15:33:46 -05:00
Brent Cook 2ee28916f7 bump meterpreter_bins to 0.0.22 2015-04-16 22:21:12 -05:00
Matt Buck e82fb5f836
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	lib/msf/ui/console/command_dispatcher/db.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-04-15 14:04:35 -05:00
Matt Buck 1e7a6bf3e9
Update metasploit gem dependencies to released versions 2015-04-15 13:06:33 -05:00
Luke Imhoff b9bce90759
Update to metasploit-concern 0.4.0 prerelease
MSP-12550

Properly shows Metasploit::Credential::Core::ToCredential is not loaded.
2015-04-14 15:03:20 -05:00
Brent Cook 0e864e1631 update bins to 0.0.21 2015-04-14 10:45:49 -05:00
Matt Buck 9f15824e2a
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
2015-04-10 15:35:27 -05:00
Matt Buck 5e2d6c27c3
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	db/schema.rb
	lib/msf/core/db_manager/session.rb
	metasploit-framework-db.gemspec
2015-04-06 11:27:00 -05:00
Fernando Arias 6455862484 Merge branch 'staging/rails-4.0' of github.com:rapid7/metasploit-framework into staging/rails-4.0
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
2015-04-03 13:56:38 -05:00
Brent Cook 0d78834083 update meterpreter binaries 2015-04-03 05:47:18 -05:00
Brent Cook afe17e1f33 bump meterpreter bins to 0.0.17 2015-03-23 17:15:49 -05:00
OJ 830f328aba Bump meterpreter_bins version 2015-03-20 06:23:10 +10:00
Matt Buck f29a3f69e9 Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	metasploit-framework-db.gemspec
2015-03-17 15:47:48 -05:00
HD Moore 4fd2f6867f Switch to rb-readline-r7 for now 2015-02-21 11:30:40 -06:00
OJ 73435c6d1c
Land #4743 - Bump met bins, update Linux bins.
Includes a merge of Gemfile.lock
2015-02-11 08:21:23 +10:00
Luke Imhoff 184b4e8a13
Merge branch 'master' into feature/MSP-11141/extract-cache-from-metasploit-model
MSP-11141

Conflicts:
	Gemfile.lock
	metasploit-framework-db.gemspec
2015-02-10 14:09:18 -06:00
Luke Imhoff 5df13364b2
Update to latest metasploit dependencies
MSP-11141
2015-02-10 14:01:49 -06:00
Brent Cook 7ab7add721 bump meterpreter_bins to 0.0.14, update Linux binaries.
Hopefully the last manual build before packaging the Linux bins into
meterpreter_bins as well.

This includes all of the fixes and improvements over the past month.

 rapid7/meterpreter#116
 rapid7/meterpreter#117
 rapid7/meterpreter#121
 rapid7/meterpreter#124
2015-02-10 12:43:47 -06:00
Brent Cook ce87b126c1 Update to the latest meterpreter_bins
This removes checked-in sniffer extension in favor of the gem-packaged version.
It also pulls in the changes for verifying #4411
2015-01-09 16:57:10 -06:00
Matt Buck 2cd5be021b
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile
	Gemfile.lock
	db/schema.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-01-08 13:12:27 -06:00
Luke Imhoff 95a9d5010c
Use metasploit-model with metasploit-cache extracted
MSP-11141

Test that metasploit-model with metasploit-cache extracted and the
compatible metasploit_data_models and metasploit-credential are
compatible with metasploit-framework without changes.
2014-12-31 15:20:58 -06:00
Matt Buck db0aeb2a05
Make the version constraint a range 2014-12-19 13:54:13 -06:00
Matt Buck c493ccfc06
Define the Rails version constraint in a library constant 2014-12-19 11:46:39 -06:00
Brent Cook ecd73e5901 Update meterpreter_bins to 0.0.12
This adjusts to the new grouped TLV format for the extapi adsi and
window list commands.
2014-12-11 22:03:23 -06:00
Matt Buck 0249e0a800
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	db/schema.rb
	metasploit-framework-db.gemspec
2014-12-02 09:47:47 -06:00
Matt Buck 66fde33a0c
Get framework working on rails 4 branch with new gemspecs 2014-11-12 14:06:51 -06:00
Matt Buck 02ec1fb234
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile
	Gemfile.lock
2014-11-12 10:13:34 -06:00
OJ fb751e3b9f Update meterpreter_bins to 0.0.11
This adds support for the getsid command in the binaries.
2014-11-12 07:21:00 +10:00
Luke Imhoff f494a9f3da
Don't depend on 'rb-readline' on Windows
MSP-11585

`rb-readline` gem doesn't work with Ruby Installer for 1.9.3 because of
`NoMethodError undefined method 'dlopen' for Fiddle:Module`.  Removing
`rb-readline` may be a temporary fix it if turns out that this is a bug
with rb-readline or some other upstream bug.
2014-11-06 14:52:49 -06:00
darkbushido 2d7c517e2f
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
2014-11-04 15:34:25 -06:00
James Lee 867329d4b3 Fix readline by mucking with load path 2014-10-29 22:14:49 -05:00
darkbushido 979394946a
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	lib/msf/core/db.rb
2014-10-28 15:34:37 -05:00
Tod Beardsley 4f32cc8c01
Bump to meterpreter_bins 0.0.10 2014-10-15 19:36:48 -05:00
Tod Beardsley 8afe4ab5e0
Update Gemspec for meterpreter 0.0.8 2014-10-15 19:00:19 -05:00
Matt Buck 25d1caabb5
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile
	Gemfile.lock
	metasploit-framework.gemspec
2014-10-14 15:20:15 -05:00
James Lee a65ee6cf30
Land #3373, recog
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
Matt Buck 478dbd32f2
Bump to newly-released versions of gems
MSP-11412
2014-10-03 12:07:23 -05:00
Matt Buck f748256e47
Use the prerelease versions of the gems
MSP-11412
2014-10-03 10:29:10 -05:00
Matt Buck 04dbfb9ad6
Bump metasploit gem dependencies
MSP-11412
2014-10-02 18:11:13 -05:00
HD Moore 24eec0e2a6 Swap to recog ~> 1.0 pre Luke's comment 2014-10-02 09:51:41 -05:00
HD Moore 5f4098f650 Bump recog to ~> 1.0.0 2014-10-02 00:51:37 -05:00
darkbushido 701291e029
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
2014-09-29 15:48:12 -05:00
Joe Vennix b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu. 2014-09-24 16:05:00 -05:00
darkbushido d6dcd887d7
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile
	Gemfile.lock
	db/schema.rb
	metasploit-framework.gemspec
2014-09-23 13:40:34 -05:00
sinn3r d52236fe05
Land #3835 - JSObfu to a gem 2014-09-20 01:38:45 -05:00
Joe Vennix 8e1b00ce95
Adds JSObfu.disabled for spec stubbing, fixes BES specs. 2014-09-19 20:42:05 -05:00
Joe Vennix 0f4be63903
Move JSObfu a gem then pull it into the Rex namespace. 2014-09-19 19:10:39 -05:00
Luke Imhoff 0f854ce5ed
Update to released metasploit-model
MSP-11359
2014-09-18 11:33:41 -05:00
Luke Imhoff 03cc69d902
Update gems
MSP-11359
2014-09-18 11:33:22 -05:00
Luke Imhoff 21d6e4afb3
Move metasploit-concern to gemspec
MSP-11359

The dependency on `metasploit-concern` should not have been in the db
group as `Metasploit::Concern.run` is called for
`Msf::Exploit:Remote::HttpServer`, which works without the db group
installed.  This is a fix for a bug from #3781.
2014-09-18 09:33:57 -05:00
darkbushido 3b75b98148
updating to rails 4 2014-09-03 12:20:51 -05:00
HD Moore 73e4ec709f Fix smb_port and require 'recog' when no DB/MDM 2014-08-25 15:42:18 -05:00
OJ a6b7262611 Updated to meterpreter_bins version 0.0.7
This has been a long time coming! Kiwi has been broken for a while and
this updated fixes that problem.

Details of the binaries build date/commits are in the gemspec in the
main meterpreter_bins repo.
2014-08-20 12:30:34 +10:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00