Commit Graph

12914 Commits (cae564ea3badb38fde3c09a8fcf33285a37cf7d5)

Author SHA1 Message Date
wchen-r7 4b5bc84f5c
Land #7918, Fix report_vuln for aux/scanner checks 2017-02-09 12:18:33 -06:00
Christian Mehlmauer 8ade9b8aae
Land #7905, WordPress content injection module 2017-02-09 15:49:50 +01:00
Tim 095831e029
fix silly typo 2017-02-08 23:41:15 +08:00
William Vu b06895b604 Hide RPORT more intelligently 2017-02-08 09:40:42 -06:00
Tim 870621d169
Add OverrideScheme option, fixes #7841 2017-02-08 23:30:29 +08:00
Metasploit d81bdc1c02
Bump version of framework to 4.13.21 2017-02-07 17:27:47 -08:00
Brent Cook 74e029f3b1
Land #7932, Fix CVE-2017-5229 2017-02-07 19:22:36 -06:00
Brent Cook 522c6dce8e
Land #7931, Fix CVE-2017-5231 and respect user's dest 2017-02-07 19:22:17 -06:00
Brent Cook 68a5d300fe minor style issues 2017-02-07 18:35:35 -06:00
Brent Cook b370dd0654 Fix CVE-2017-5229 - extapi Clipboard.parse_dump() Directory Traversal 2017-02-07 18:24:06 -06:00
Justin Steven 56cf6b129d
Fix CVE-2017-5228 2017-02-07 23:44:23 +10:00
Justin Steven cb74d3b05b
Fix CVE-2017-5231 and respect user's dest 2017-02-07 23:41:59 +10:00
William Vu 31f93de150 Update HttpClient and WordPress mixins 2017-02-06 04:40:26 -06:00
William Vu ba80e1d9e5 Fix report_vuln for aux/scanner checks
Msf::Auxiliary::Scanner#setup sets it to nil in instance.check_simple.
2017-02-06 01:20:18 -06:00
Josh Hale 02afc3af96 Add lines for no IPv4/IPv6 routes 2017-02-05 17:38:30 -06:00
Pearce Barry cab19dc63c
Land #7904, Fix a bug where PHP tags were in the wrong place 2017-02-05 11:43:24 -06:00
Artem 9db2cdb33a Fix close session
Fix close session if remote file is permission deined
2017-02-05 02:00:05 +03:00
Josh Hale 79b92ccdc7 Fix for Route Print IPv6 Error 2017-02-04 16:21:55 -06:00
Metasploit 9a5d5eec2e
Bump version of framework to 4.13.20 2017-02-03 10:04:05 -08:00
Brent Cook 64e475a4ee
Land #7892, Enhance the creds command to allow creating logins 2017-02-03 11:53:46 -06:00
James Lee 3c7f78167a
Push up the preamble and modernize style 2017-02-02 17:57:03 -06:00
James Lee c9560b5aa8
Add error_reporting to preamble 2017-02-02 17:48:28 -06:00
Pearce Barry 23c2787d57
Land #7795, Hardware Bridge API.
Initial bridge API that supports the HW rest protocol.
2017-02-02 08:47:59 -06:00
Pearce Barry 16de745437
Minor code cleanups/corrections. 2017-02-01 16:12:45 -06:00
Jeffrey Martin 1bb8c9bd93
missed userpass_file on CredentialCollection.empty? 2017-02-01 15:42:21 -06:00
Metasploit 321fa91c75
Bump version of framework to 4.13.19 2017-02-01 11:28:53 -08:00
wchen-r7 f925793d70
Land #7894, refactor empty test on CredentialCollection 2017-02-01 11:57:31 -06:00
Metasploit be170ab8b2
Bump version of framework to 4.13.18 2017-01-31 14:20:40 -08:00
Jeffrey Martin 0dcf0002ae
refactor empty test on CredentialCollection 2017-01-31 15:16:26 -06:00
OJ 72c641fcab
Land #7889 - use a better check for whether rhosts exists 2017-01-31 07:49:14 +10:00
darkbushido e5d8a64770 adding the ability to create logins 2017-01-30 10:43:27 -06:00
Brent Cook 76529278b8 make sure we can actually invoke auto targeting before adding it 2017-01-30 05:24:57 -06:00
Brent Cook 7d32166c70 use a better check for whether rhosts exists 2017-01-29 19:18:23 -06:00
OJ d8511d1ad5
Add exception when SESSION doesn't exist 2017-01-30 10:26:23 +10:00
William Vu b44e7ff733 Fix argument passing for deprecated scripts
This allows the scripts to continue working while warning the user.

See also: c59b5eaa2f.
2017-01-29 14:14:55 -06:00
Brent Cook 4480ea7877
Land #7827, Cisco Firepower Management Console LoginScanner 2017-01-27 16:26:40 -06:00
Brent Cook 39761a9d23
Land #7882, allow Ruby 2.1 to continue working for now. 2017-01-27 12:19:14 -06:00
Metasploit 95449a846b
Bump version of framework to 4.13.17 2017-01-27 10:02:17 -08:00
darkbushido 39d702ebd9
changing the syntax to work with ruby 2.1
Fixes #7881
2017-01-27 11:20:26 -06:00
h00die 07694b98de
Land #7874: A login scanner for Advantech WebAccess 2017-01-26 18:17:01 -05:00
William Vu c59b5eaa2f
Fix #7823, legacy_script_to_post_module fixes 2017-01-26 16:26:00 -06:00
wchen-r7 781bc8420a Add Advantech WebAccess LoginScanner module 2017-01-26 13:54:50 -06:00
Craig Smith 87701ff758 Added more error handling to bail out more gracefully when things go wrong. Could
be more common with bluetooth connections.
2017-01-25 18:23:57 -08:00
Craig Smith 2ff4e6f57e Fixed defaults for elm327 realy.
Array2Hex in the automotive extension how supports passing an array or integers or string hexes
Added some extra error handling for UDS calls to non-supported pids
2017-01-25 11:30:29 -08:00
Jeffrey Martin eeba1e0bb2
first pass of upgrading nexpose gem to latest 2017-01-25 10:16:48 -06:00
OJ a3cf400566
Re-set the TLV names for migration stuff 2017-01-24 07:36:56 +10:00
bwatters 253e39e18c
Land #7680, Fix #7679, LoginScanner should abort if there is no creds to try 2017-01-23 14:08:32 -06:00
wchen-r7 5de09d3455 Check username & password options 2017-01-23 11:42:04 -06:00
Jeffrey Martin 2c8cd80a2b
revert change to TLV_TYPE_MIGRATE_LEN in #7856 2017-01-23 09:23:32 -06:00
Jeffrey Martin 677d070179 make tlv enum of migrate length consistent 2017-01-23 09:19:53 -06:00
Craig Smith 198d6e00ff Fixed bug in array2hex that did not convert hex values to integers before formatting 2017-01-22 17:50:33 -08:00
Pearce Barry 9b16cdf602
Land #7845, Fix Msf::Exploit::EXE shellcode/template mismatch 2017-01-22 16:09:41 -06:00
Brent Cook 414977125f Merge remote-tracking branch 'upstream/master' into land-7847- 2017-01-22 14:11:40 -06:00
Brent Cook f61314d2d6
Land #7856, Fix incorrect translations in TLV inspection code 2017-01-22 11:08:05 -06:00
Brent Cook ac2ceca5e3
Land #7804, Switch the creds command to use named options 2017-01-22 10:49:19 -06:00
Brent Cook 6a2d036ea8 depend on regular rb-readline, bugs fixed upstream 2017-01-22 10:20:05 -06:00
Brent Cook 99047fa8a1 be stricter in what we accept for payload uri
datastore needs to contain something to produce a valid URI
2017-01-22 10:20:04 -06:00
Brent Cook 9581f18392 handle nil pathname 2017-01-22 10:20:04 -06:00
Brent Cook dc506c1dd6 present? is not a method of Pathname 2017-01-22 10:20:04 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
Brent Cook 441222c2b5 Merge remote-tracking branch 'upstream/master' into land-7787- 2017-01-22 09:44:11 -06:00
William Webb 5d08e0b24e
Land #7858, Make shell_command_token time out again 2017-01-21 13:18:37 -06:00
Tim 67ec66cc83
Land #7846, add CSV and vCard support to dump_contacts 2017-01-21 16:46:14 +08:00
William Vu a7fac41172 Make shell_command_token time out again 2017-01-20 23:09:22 -06:00
William Vu 84513fd83c Add exception for HttpClient
Since it uses Rex::Proto::Http, which then uses Rex::Socket::Tcp.
2017-01-20 20:00:27 -06:00
William Vu 89b2f087fc Add TCP/UDP hint to RPORT
Caveat: works with mixins only (tenuously).
2017-01-20 19:50:40 -06:00
William Vu e0094897a1 Add CSV and vCard support to dump_contacts 2017-01-20 19:18:50 -06:00
OJ 7e50ce09c0
Fix TLV inspect issue 2017-01-21 09:17:20 +10:00
Metasploit c2e4a50924
Bump version of framework to 4.13.16 2017-01-20 10:02:29 -08:00
Tim 64e7f13067
improve error detection 2017-01-19 16:40:35 +07:00
Tim c1e30b632b
fix #7725, inject into the Activity constructor 2017-01-19 16:24:26 +07:00
Tim f8f764aefc
fix #7617, invalid register when hooking smali code 2017-01-19 14:52:30 +07:00
William Vu d8da7c6d43 Fix Msf::Exploit::EXE shellcode/template mismatch
Initialize EXE options unless code is supplied with platform/arch.
2017-01-19 00:07:35 -06:00
Brent Cook b94eefe724
Land #7771, Add history deduplication 2017-01-18 21:06:42 -06:00
William Vu ef487f6be5 Remove history clearing 2017-01-18 14:55:12 -06:00
David Maloney d564f5d60a
don't add auto targets to things without rhost
Things like browser exploits don't have remote host options
which is what auto targeting relies on, so it does not make sense
to include the auto-targeting in these exploits

7837
2017-01-17 11:40:07 -06:00
William Vu 77c78fa5f4 Move Rex::Text::Table workspace output to -v 2017-01-15 23:15:14 -06:00
William Vu 38382bb61a Convert workspace command to Rex::Text::Table
Still can't get over how it's called "loots." :D
2017-01-15 03:26:35 -06:00
William Vu b86c1f0465
Land #7823, legacy_script_to_post_module check 2017-01-13 17:37:41 -06:00
James Lee 3c0ce8eafb
Fix some rubocop complaints 2017-01-13 17:24:23 -06:00
wchen-r7 a687073416 Add Cisco Firepower Management Console LoginScanner 2017-01-13 16:59:20 -06:00
James Lee 7f839a04f3
Land #7825, don't double-load plugins 2017-01-13 14:07:32 -06:00
Metasploit 56ed8bc021
Bump version of framework to 4.13.15 2017-01-13 10:05:02 -08:00
William Vu 0800a4f816 Update RPC functionality 2017-01-12 19:35:42 -06:00
William Vu 601a88dad7 Update cmd_unload in CommandDispatcher 2017-01-12 19:29:28 -06:00
William Vu 2ad29a2351 Prefer find over each
Since we're modifying the load method directly, there should only ever
be one previously loaded instance. Suggestion by @egypt.
2017-01-12 19:28:06 -06:00
Brent Cook 8f6fe87400 fix assignment 2017-01-12 17:16:19 -06:00
William Vu d58db72cd0 Force unloading of already loaded plugins 2017-01-12 14:18:52 -06:00
Brent Cook c080d78922 intercept legacy meterpreter script runs and substitute post modules 2017-01-12 14:08:43 -06:00
Brent Cook b28f600aea
Land #7584, fix apk injection into proguarded apks 2017-01-11 12:45:23 -06:00
Brent Cook 5b2e76b981
Land #7794, Fix #7793, incorrect command name in android meterpreter extension 2017-01-11 12:38:36 -06:00
Metasploit f311511e6d
Bump version of framework to 4.13.14 2017-01-10 14:03:16 -08:00
David Maloney 38a4c2aa97 fix autotargeting failure
the fallback to the original default was failing because
it was assuming rhost was already set, so it would always
go back to the first default target. now the auto_target? method
only returns true if can pull an auto_target_host
2017-01-10 14:12:28 -06:00
wchen-r7 18347a8de7
Land #7774, Fix pivoting of UDP sockets in scanners 2017-01-10 13:57:28 -06:00
bwatters_r7 b3e8c3376d
Land #7788, Add ability to interact with a manually backgrouned session 2017-01-10 08:55:00 -06:00
wchen-r7 99f47158b3 Update base.rb for checking empty creds 2017-01-09 17:23:11 -06:00
wchen-r7 bdb99bbcf2 Check cred_details for empty creds 2017-01-09 17:16:09 -06:00
darkbushido 3e1cd0c789
adding a check to make sure you only give a signle private type 2017-01-09 15:13:36 -06:00
David Maloney 8c395338af
Land #7743, wchen's digest auth nonce fix
land sinn3r's pr for fixing the Digest Auth nonce
2017-01-09 14:16:09 -06:00
darkbushido 6bd2e03f37 dding realm tests showed a bug. its now squashed. 2017-01-09 13:04:34 -06:00
darkbushido 3674b25885 fixing the tests, more need to be added 2017-01-09 13:04:34 -06:00
darkbushido a3b1f7e360 the commands now work, onto tests 2017-01-09 13:04:34 -06:00
darkbushido 23cbc99341 changing the creds add command to use named params 2017-01-09 13:04:34 -06:00
darkbushido c179e0358f origin_type manual requires a user... 2017-01-09 13:04:34 -06:00
darkbushido ed3b34179b moving creds to its own dispatcher 2017-01-09 13:04:34 -06:00
William Vu 1a04691201
Fix #2504, edit command fixes I missed 3y ago
local_editor was never nil, so there was some dead code.
2017-01-08 03:02:19 -06:00
Craig Smith 5f07bca775 Hardware Bridge API. Initial bridge API that supports the HW rest protocol specified here:
http://opengarages.org/hwbridge  Supports an automotive extension with UDS calls for mdoule
development.
2017-01-06 19:51:41 -08:00
Adam Cammack dbdc558f0b
Land #7776, don't log on harmless DB errors 2017-01-06 18:25:13 -06:00
Ubuntu 6dee63d727 Incorrect command name 2017-01-06 23:58:18 +00:00
dmohanty-r7 5cba9b0034
Land #7747, Add LoginScanner module for BAVision IP cameras 2017-01-06 16:25:44 -06:00
Metasploit b074042b99
Bump version of framework to 4.13.13 2017-01-06 12:00:26 -08:00
dmohanty-r7 171f3b3e7d Land #7791, Fix target_host name collision 2017-01-06 13:50:52 -06:00
David Maloney 2108913e77
target_host method had a name collision
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
2017-01-06 12:44:37 -06:00
Metasploit 1ef2e54539
Bump version of framework to 4.13.12 2017-01-06 10:03:13 -08:00
William Vu 969df408c7
Land #7786, Microsoft Edge constant for HttpClient 2017-01-05 21:07:57 -06:00
David Maloney 10cfadaf98 add optional output to merterp run_cmd
the run_cmd method on meterpreter sessions can now
take an optiona output IO to redirect output. This allows
backgrounded sessions to also run commands and still output
to the console
2017-01-05 12:12:20 -06:00
dmohanty-r7 a5665d53f2
Land #7766, Add Automatic Targeting to all Exploits 2017-01-05 11:05:53 -06:00
Tim eec5e88e1c
android_wakelock 2017-01-05 19:17:28 +07:00
Carter e85721113a Add Edge to constants 2017-01-04 22:20:42 -05:00
Metasploit 7ef4db1465
Bump version of framework to 4.13.11 2017-01-04 14:53:33 -08:00
wchen-r7 180795f209 Fix #7743, nil @cnonce in rex/proto/http/client.rb
Fix #7743
2017-01-04 11:50:31 -06:00
David Maloney 31d36d9112 if autotargeting fails fall back
fallback to the original first target if auto-targeting fails
2017-01-03 14:38:52 -06:00
David Maloney 5fd531028c ome minor guards and spec fixes
some minor conditional guards and spec fixes
2017-01-03 14:38:51 -06:00
David Maloney 2d5158403b add YARD docs to auto target methods
added YARD docs

MS-2325
2017-01-03 14:38:51 -06:00
David Maloney a61b92aa3e tweak target selection
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index

MS-2325
2017-01-03 14:38:51 -06:00
David Maloney 3d2957dff1 tying it all together
insert our autotarget routine into
the main target selection process

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 44830dfc54 prefer authour's target over ours
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 1afc57da40 determine most precise filter
drop back to our most precise level of filtering

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 201b65e43d remaining os filtering
now can filter by os name and service pack
need to do final logic to turn that into an actual
target selection

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 05ac2ee6ed convert first stage to os_family
added the new os-family column to Host
so now we use that as our first stage filter
for targets

MS-2325
2017-01-03 14:38:49 -06:00
David Maloney 95d5c7a778 filtering by os_name
targets now filtered by OS name, but a little
more processing may be needed on this part because
it looks like what you'd expect in os_flavor gets jammed
into name instead

MS-2325
2017-01-03 14:38:49 -06:00
David Maloney 4060e63b89 add tests for auto target addition
tests to make sure we add auto targets only
in the appropriate conditions

MS-2325
2017-01-03 14:38:49 -06:00
David Maloney 84d5e42e4f start gearing up for testing
start getting auto-targeting test framework in place
so we can have unit tests for this behaviour

MS-2325
2017-01-03 14:38:45 -06:00
David Maloney 769d477e97 if no automatic target defined, add one
if an exploit does not have a defined automatic target
then we add one in for our fallback auto-targeting

MS-2325
2017-01-03 13:54:34 -06:00
Brent Cook 3808eebad8
Land #7704, Update jobs output to show TCP listener information 2017-01-02 15:44:49 -06:00
Brent Cook d9be9f3b2e
Land #7764, add to_handler command to launch a handler from the payload module 2017-01-02 15:40:38 -06:00
Brent Cook 35bb725f19 rubocop fixes for payload dispatcher 2017-01-02 15:39:48 -06:00
Brent Cook 5a4abeb110 make Rex UDPSocket.send work just like the real thing 2017-01-02 09:38:26 -06:00
Brent Cook 4f0569c6ce support pivoting with UDP port scanners
Use bound UDP sockets for each UDP service/ip that we wish to scan,
managing and closing them locally as they expire, rather than an unbound
socket.
2017-01-02 08:55:27 -06:00
Brent Cook d5bc6a089f recvfrom_nonblock need flag = 0, not nil 2017-01-02 08:55:12 -06:00
Brent Cook 225aaac8fd remove logging of expected exceptions in connection_established? method 2017-01-02 08:31:05 -06:00
William Vu 4264521354 Fix broken CVE reference and update links
Prefer HTTPS over HTTP, too.
2017-01-01 21:33:59 -06:00
Pedro Ribeiro 956602cbfe add final wnr2000 sploits 2016-12-31 16:49:05 +00:00
William Vu fdfa8b8fdb Remove erroneous newline 2016-12-30 19:09:37 -06:00
William Vu db90d541fb Add history deduplication and clearing 2016-12-30 19:02:47 -06:00
William Vu 73d454387c
Fix #7765, additional fixes for history command
1. Really fix crash by restoring default behavior
2. Add whitespace padding to command number
3. Refactor logic a bit for clarity
2016-12-30 18:21:24 -06:00
William Vu 3ff74f019d
Fix #7765, history command fixes and improvements
1. Fix crash when no arguments are specified
2. Print history index starting at 1 like every shell
3. Fixed wording/phrasing
4. Fixed formatting/whitespace
2016-12-30 17:35:18 -06:00
Brent Cook bb684bb3b1 tcp channel fixes 2016-12-30 14:59:10 -06:00
h00die 2856facdf0
Land #7765, adds the history command to msfconsole 2016-12-30 14:54:32 -05:00
Luis Fontes e729254b4f minor tweaks
added dots to the end of lines,
checked val for nil before runing match
2016-12-30 19:30:01 +00:00
Luis Fontes f073e78838 replaced hardcoded value variable 2016-12-30 08:49:13 +00:00
William Vu 0321000ea7 Update Http mixin for opts[:ssl]
1. Add opts[:ssl]
2. Remove opts[:busybox]
3. Refactor logic
4. Remove resource_uri
2016-12-30 00:56:02 -06:00
William Vu 34d358b8d7 Update CmdStager with new toys 2016-12-30 00:56:02 -06:00
William Vu 58dd59fad5 Add Http mixin for CmdStager 2016-12-30 00:56:02 -06:00
Brent Cook fae4751771
Land #7744, update kiwi extension to Mimikatz 2.1 2016-12-29 16:22:45 -06:00
Luis Fontes e7249742b3 Added the history command
Added the "history" command to see a list of commands used before.

```
msf exploit(handler) > history -n 4
2344  set PAYLOAD windows/meterpreter/reverse_tcp
2345  set LHOST 10.0.1.109
2346  exploit
2347  history -n 4
msf exploit(handler) > history -h
Usage: history [options]

Show the command history


OPTIONS:

    -a        Show length commands in history
    -h        Help banner.
    -n <opt>  Show the last n commands

msf exploit(handler) > 
```
2016-12-29 17:03:54 +00:00
Luis Fontes cb0a7986bf Added to_handler command
This commit adds a "to_handler" command to msfconsole when "using" a payload.

After generating a payload from msfconsole, we needed to set multi/handler and the payload with the same param as we used to generate it. That was really boring...
The to_handler command creates the handler and sets the payload and the options set for it.

### Example Output:





```
msf > use payload/windows/meterpreter_reverse_tcp 
msf payload(meterpreter_reverse_tcp) > set LHOST 10.0.1.109
LHOST => 10.0.1.109
msf payload(meterpreter_reverse_tcp) > set LPORT 3377
LPORT => 3377
msf payload(meterpreter_reverse_tcp) > show options

Module options (payload/windows/meterpreter_reverse_tcp):

   Name        Current Setting  Required  Description
   ----        ---------------  --------  -----------
   EXITFUNC    process          yes       Exit technique (Accepted: '', seh, thread, process, none)
   EXTENSIONS                   no        Comma-separate list of extensions to load
   EXTINIT                      no        Initialization strings for extensions
   LHOST       10.0.1.109       yes       The listen address
   LPORT       3377             yes       The listen port

msf payload(meterpreter_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0
[*] Started reverse TCP handler on 10.0.1.109:3377 
[*] Starting the payload handler...
msf payload(meterpreter_reverse_tcp) > 
```
2016-12-28 20:03:40 +00:00
bwatters_r7 4906b8a85a
LAND #7760, prevent duplicate UUIDs when generating Android HTTP/S payloads 2016-12-28 10:48:36 -06:00
Brent Cook a4950a1598 add auto-complete info for 'show info'
msf > use auxiliary/admin/http/nuuo_nvrmini_reset
msf auxiliary(nuuo_nvrmini_reset) > show
show actions    show all        show encoders   show exploits   show missing    show options    show plugins    show targets
show advanced   show auxiliary  show evasion    show info       show nops       show payloads   show post
2016-12-27 15:48:41 -06:00
Brent Cook e74239b30f allow reusing the already-generated payload uuid in generate_uri_uuid_mode 2016-12-27 15:37:39 -06:00
wchen-r7 81b310f928
Up to date 2016-12-23 17:24:01 -06:00
wchen-r7 5e5aa8cd03 Fix a typo 2016-12-23 16:23:24 -06:00
wchen-r7 144f886e8b Add LoginScanner module for BAVision IP cameras 2016-12-23 16:22:17 -06:00
Metasploit f50fa516f4
Bump version of framework to 4.13.10 2016-12-23 10:01:58 -08:00
OJ 99da91e278
Adjust golden ticket creation to force params when SYSTEM 2016-12-23 20:29:00 +10:00
OJ 894ed4957f
Add help where appropriate 2016-12-23 10:51:33 +10:00
OJ 93a280dfc1
Merge upstream/master ready for PR 2016-12-23 10:20:53 +10:00
OJ 34e3a17fda
Remove unused Kiwi TLVs 2016-12-23 09:57:57 +10:00
William Webb 5702bd6745
Land #7674, Move migration stub generation code into msf 2016-12-22 17:53:00 -06:00
OJ 4c150a10c2
Update to use new base64 flags for kiwi 2016-12-23 09:40:11 +10:00
OJ c97e6ae1e8
Handle stupid merge from OJ's upstream 2016-12-23 09:00:27 +10:00
OJ e6e2388256
SSP creds and golden tickets 2016-12-23 08:34:16 +10:00
wchen-r7 50db1e295f
Land #7718, Fix undef method read_timeout in smb object 2016-12-22 15:12:51 -06:00
Brent Cook eeb1bdcff5
Land #7731, fix risk score and risk factor imports via nexpose plugin
Merge remote-tracking branch 'upstream/pr/7731' into upstream-master
2016-12-22 01:15:01 -06:00
Brent Cook 9e75866188
Land #7738, Add sort by column to services and hosts commands 2016-12-22 01:10:45 -06:00
William Vu 445af29d07
Land #7739, async output revert until fixed 2016-12-21 00:40:54 -06:00
William Vu 4098c66efb Restore MinGW code and use =begin/=end for indent 2016-12-21 00:38:08 -06:00
William Vu 0221d2d904
Land #7735, make assigning payloads fast again! 2016-12-21 00:16:52 -06:00
William Vu f95136ce67 Prefer && over and 2016-12-21 00:16:33 -06:00
Brent Cook d0d84b418b disable async output until we have a better handle on new quirks 2016-12-20 23:50:43 -06:00
William Vu 574ebd07d7 Update cmd_hosts 2016-12-20 23:32:10 -06:00
h00die cc293f06fe
Adds some fail safes to cmd_use 2016-12-20 22:08:41 -05:00
William Vu 60d5cefd68
Land #7727, nuke sess from orbit
Replace with consolidated sessions command.
2016-12-20 20:35:20 -06:00
William Vu 6e830a886e
Land #7737, print_warning on session_compatible? 2016-12-20 20:11:11 -06:00
OJ 1098bc6d90
Warn user when session not compat instead of failing
This commit changes the post mixin so that the session compat check only
shows a warning rather than throwing an exception and stopping the
module from working completely.

This is off the back of the discussion involved with #7736
2016-12-21 11:14:52 +10:00
William Vu 11e3e1f3dd Handle a couple more edge cases
I don't want to go any further down the rabbit hole.
2016-12-20 18:36:22 -06:00
William Vu 41605c533c Add reference name enforcement to cmd_use 2016-12-20 18:21:24 -06:00
Brent Cook efb015facc make assigning payload fast again
This streamlines the check for whether the currently-selected payload is
compatible on assignment. Rather than building the entire list of
compatible payloads, and seeing if what the user typed is in it (and
making multiple giant lists on the way), we simply check the module the
user typed directly.
2016-12-20 17:39:09 -06:00
PartyImp 02cbbfd3f2 fixes #7707: risk_factor and risk_score in the nexpose plugin 2016-12-20 18:31:32 +00:00
OJ 0bca485858
Continue work on enabling kiwi functionality 2016-12-20 18:25:48 +10:00
OJ ee4caba646
Remove `terminal` and tweak `sessions`
Hopefully everyone is now happy!
2016-12-20 07:50:07 +10:00
OJ 74040c4ee6
Rename the `sess` command to `terminal`
Lots of people have been frustrated by the `sess` command as it mucks
with the autocomplete for `sessions`. This is a fair concern, especially
given that `sess` was intended to be a non-annoying shortcut.

This commit changes the `sess` command so that it is instead called
`terminal`. I couldn't think of a better option that didn't already
clash with another name or meaning. At least `terminal` is something
that doesn't clash, doesn't muck with any existin autocomplete rules,
and is in some way another name for the existing sessions.

Feedback appreciated!
2016-12-19 17:05:04 +10:00
Metasploit 3a998fada2
Bump version of framework to 4.13.9 2016-12-18 13:22:52 -08:00
Sonny Gonzalez 2e198ae2a8
Land #7721, better smtp connection error messages 2016-12-18 14:38:13 -06:00
Adam Cammack 62d8cc7b21
Handle some error conditions with SMTP delivery 2016-12-16 16:06:02 -06:00
dmohanty-r7 f74fd9e5dd
Land #7672, support LOCKED_OUT and DISABLED login status 2016-12-16 15:11:05 -06:00
Justin Angel 318c0eda81 Update to line 126
Line originally references the read_timeout instance variable associated with the smb variable (line 118 || 120), which is an object of the simpleclient class that doesn't have a read_timeout instance variable. Updated the line to reference the client instance variable of smb, which does have a read_timeout variable. Testing this change appears to result in expected behavior.
2016-12-16 14:24:02 -05:00
Metasploit c5c710f837
Bump version of framework to 4.13.8 2016-12-16 10:02:02 -08:00
jinq102030 f29c9a7c45 Merge pull request #7716 from acammack-r7/smtp-deliver-ssl
Make SMTP delivery work with a range of server SSL
2016-12-16 08:58:55 -06:00