infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
49,796 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

361 Commits (c63c225c9c2e6857db5908231e5a000d9619d5cf)

Author SHA1 Message Date
Brent Cook 0345c8f66c update mettle payloads 
This is a large update to mettle payloads including:

 * Adds globbing support to the `ls` command (https://github.com/rapid7/mettle/pull/139)
 * Fixes crashes on iOS platforms when cryptTLV is enabled (https://github.com/rapid7/mettle/pull/142)
 * Fixes display of the OS version on macOS and iOS (https://github.com/rapid7/mettle/pull/143)
 * Fixes the local port handling for pivoted client network connections (https://github.com/rapid7/mettle/pull/144)
 * Fixes an unaligned memory access in TLV packet handling, needed for some CPUs (https://github.com/rapid7/mettle/pull/145)
 * Fixes some compatibility issues building on Solaris (https://github.com/rapid7/mettle/pull/147)
 * Updated libpcap, mbedtls, and libcurl to the latest versions (https://github.com/rapid7/mettle/pull/146)
 2018-12-06 21:16:41 -06:00
bwatters-r7 a149137332
Bump payloads to 1.3.54 2018-12-03 12:06:20 -06:00
christopher lee 97ee965c6e
Landing #10884 - Add JSON-RPC Client 2018-11-13 08:31:55 -06:00
Brent Cook 7baa35375a pin concurrent-ruby to 1.0.5 
1.1.0 is not available yet
 2018-11-01 14:14:00 -05:00
Matthew Kienow b2559ae4c9
Add runtime dependency for JSON-RPC client 2018-10-29 23:27:38 -04:00
Jeffrey Martin 380aaf7889
bump payloads gem 2018-10-22 18:20:45 -05:00
Brent Cook 2c2d0cd154
Land #10713, add initial ed25519 SSH key support 2018-09-28 16:20:58 -05:00
Brent Cook a98af45c13 note why this is there 2018-09-28 16:20:11 -05:00
William Vu 252d594186 Add ed25519 gem to bundle for ssh_login_pubkey 
Needed for that key type.
 2018-09-28 01:24:13 -05:00
bwatters-r7 de47c354a5
Bumped payload gem version 2018-09-27 20:27:21 -05:00
William Vu 540955f488 Update metasploit-payloads to 1.3.51 2018-09-26 17:29:48 -05:00
bwatters-r7 87b79ec12a
update mettle version 2018-09-20 16:00:31 -05:00
bwatters-r7 4d04161556
Bump metasploit payloads to 1.3.47 2018-08-31 17:47:02 -05:00
bwatters-r7 cc5f1df9ce
Update payloads 2018-08-28 15:31:35 -05:00
Matthew Kienow b80ca9a315
Bump metasploit-payloads to version 1.3.44 2018-08-27 15:49:51 -04:00
bwatters-r7 27e035acf4
Bump payloads to 1.3.43 2018-08-17 13:59:57 -05:00
bwatters-r7 605d223ac8
Bump payloads to 1.3.42 2018-08-10 13:41:45 -05:00
James Barnett 612959d9ab
Land #10323, add authentication to REST API 2018-07-18 17:29:22 -05:00
Matthew Kienow 2a31958f6a
Bump metasploit_payloads-mettle to version 0.4.1 2018-06-27 17:55:08 -04:00
bwatters-r7 7aeb881a60 Bump metasploit-payloads to bring in PR #287 2018-06-25 17:48:10 -05:00
Matthew Kienow c0717d9306
Add MSF REST web service authentication support 2018-06-22 15:09:36 -04:00
Brent Cook 9eb866b359 bump and unlock rex-powershell 2018-06-21 11:41:16 -05:00
Tim W 78ba9cb487 use mettle 0.4.0 2018-06-09 11:12:38 +08:00
Brent Cook 134ed389a9 update kiwi plugin, add dcshadow and powershell streaming support 
This does a few things:

 1. Updates the kiwi plugin to mimikatz 2.1.1 20180502
 2. Adds ability to dcsync & hashdump via Powershell
 3. Adds streaming support to powershell commands (no more timeouts)

It also adds the following powershell functions to make things more
convenient:

 * Invoke-DcSync
 * Invoke-DcSyncAll
 * Invoke-DcSyncHashDump

See https://github.com/rapid7/metasploit-payloads/pull/284 for details
 2018-05-21 03:22:05 -05:00
Brent Cook 8fd7448e48
bump payloads, ipv6 channel fixes 2018-04-27 14:18:54 -05:00
Jeffrey Martin 2a922f7186
remove rex-text version lock 2018-04-18 10:38:01 -05:00
Jeffrey Martin e7a7bcfd7d
Lock rex-text due to compatibility issues 
The new depndency on the openssl gem creates compatibility issues
in some of the currently supported enviornments.  Lock version until
this is sorted out.
 2018-04-13 11:15:55 -05:00
Brent Cook b55eb9b8f2 bump payloads, add Python UDP channel support 
This pulls in Python UDP channel support from
https://github.com/rapid7/metasploit-payloads/pull/276
 2018-04-07 14:21:30 -05:00
William Vu 7433069239 Bump RubySMB to latest for MSF5 2018-04-03 13:18:42 -05:00
Brent Cook 4194b6d991
Land #9586, fix #9112, improve android screenshot error message on failure 2018-03-25 07:36:15 -05:00
Brent Cook 95424b781b update android payloads 2018-03-25 07:32:04 -05:00
christopher lee 4d04319d2a Merged master 2018-03-15 11:31:44 -05:00
Tim W a978a5edba fix #9497, bump metasploit payloads 2018-03-13 15:12:53 +08:00
Brent Cook e8e6d01581 bump payloads, fix PHP meterpreter message parsing 2018-03-07 17:28:49 -06:00
christopher lee 68d72cbfa7 Goliath Cleanup in preparation for merge to master 2018-03-06 10:21:22 -06:00
Brent Cook d737f77b84 bump gems, lock ruby_smb for now 2018-02-22 10:45:49 -06:00
Brent Cook 05e002e3c5
Land #9366, Add x64 staged Meterpreter for macOS 2018-02-19 23:15:03 -06:00
Brent Cook d28f6888b2 bump payloads, include bind_named_pipe support 2018-02-15 17:37:33 -06:00
Brent Cook 316e657d10
bump gems, remove rbnacl/ffi since unneeded 2018-02-12 11:21:04 -06:00
Brent Cook c7ccfb7952 update payload to flush process channel buffers on exit 2018-02-07 08:04:34 -06:00
Brent Cook d82b8cbf63 bump payloads, fix php meterpreter 
a syntax error slipped in, let's fix it
 2018-01-26 17:48:11 -06:00
bwatters-r7 d62d61667d
bump metasploit-payloads 2018-01-23 07:26:08 -06:00
Brent Cook 7ad296d511 bump payloads, fix cmd_exec meterpreter logic 2018-01-21 07:56:24 -06:00
Brent Cook f125e13278
python meterpreter whitespace normalization 2018-01-09 16:08:52 -05:00
Tim W 44fbb171a6 osx stager 2017-12-29 11:13:25 +08:00
RageLtMan 18f3815147 Update TLS certificate generation routines 
Msf relies on Rex::Socket to create TLS certificates for services
hosted in the framework and used by some payloads. These certs are
flagged by NIDS - snort sid 1-34864 and such.

Now that Rex::Socket can accept a @@cert_provider from the Msf
namespace, a more robust generation routine can be used by all TLS
socket services, provided down from Msf to Rex, using dependencies
which Rex does not include.

This work adds the faker gem into runtime dependencies, creates an
Msf::Exploit::Remote::Ssl::CertProvider namespace, and provides
API compatible method invocations with the Rex version, but able
to generate higher entropy certs with more variables, options, etc.

This should reduce the hit rate against NIDS on the wire, reducing
pesky blue team interference until we slip up some other way. Also,
with the ability to generate different cert types, we may want to
look at extending this effort to probide a more comprehensive key
oracle to Framework and consumers.

Testing:
  None yet, internal tests pending.
  Travis should fail as this requires rex-socket #8.
 2017-12-28 21:00:03 -05:00
Jon Hart cf21d13b2e
Resolve conflict 2017-12-20 18:58:16 -08:00
Brent Cook 24907938bb
bump payloads, various fixes 2017-12-20 16:47:37 -06:00
Brent Cook df4f62cde9 bump to mettle 0.3.3 2017-12-20 15:58:17 -06:00
Jon Hart f15309bc48
Add basic framework for interacting with MQTT 2017-12-20 12:28:02 -08:00