099fc0176a
move autoroute to a more sensible location
2017-05-10 23:01:02 -05:00
81bcf2ca70
updating all LHOST to use the new opt type
2017-05-04 12:57:50 -05:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
c573628e10
Fix header
2017-04-24 17:01:35 -05:00
55ab800f13
Minor code fixes.
2017-04-19 14:41:11 +02:00
84dd5cd01a
Add a simple upload exec module
2017-04-17 19:34:21 -05:00
9f289bdf52
Fixed error messages and some syntax.
2017-04-12 13:48:11 +02:00
96927b449c
Rework module to grab entire irssi configs
2017-04-11 00:02:40 -04:00
6a1531da34
Fix loot name attributes
2017-04-10 23:52:31 -04:00
d92f94e077
Fix grammar issue
2017-04-10 23:44:18 -04:00
d9e96a8b4f
Consolidate loot into single file
2017-04-10 23:42:50 -04:00
7f6bbb6ff2
Fix trailing space issue
2017-04-10 21:38:30 -04:00
9432a3543f
Extend irssi post mod to grab network passwords
2017-04-10 15:35:26 -04:00
47d74819a5
Update regex per reviewer request
2017-04-10 14:45:10 -04:00
d816092c56
Fix missing new line
2017-04-10 14:41:25 -04:00
b8af7c1db0
Add irssi password post gather module
2017-04-05 00:56:24 -04:00
823c1a6286
added more verifieds
2017-03-31 16:52:20 -04:00
23ac9214ea
land #8010 post gather module for tomcat creds
2017-03-31 16:15:55 -04:00
34a152dc76
handle no sysinfo from ssh_login
2017-03-31 16:15:16 -04:00
22b2215d2e
Fixed a typo causing bot to fail.
2017-03-31 16:40:21 +02:00
3a674b731c
Added error handling, added documentation and fixed some style issues.
2017-03-31 16:35:25 +02:00
df2a9a4af3
Added documentation file and implemented fixes for output and linux parsing.
2017-03-31 11:19:12 +02:00
c8215e609a
pushing fixes again, something failed.
2017-03-08 10:16:06 +01:00
2546263d50
Improved error handling and general fixes
2017-03-08 10:11:05 +01:00
df7932bb1b
Added more error handling
2017-02-27 13:30:42 +01:00
37066acc03
Try harder to get user id, correctly handle dirs with spaces.
...
Fixes #7817 .
2017-02-25 20:32:53 -06:00
b2ad8938ff
Added tomcat_gather modules to Metasploit.
2017-02-24 15:15:55 +01:00
4be426df4d
Added jboss_gather module.
2017-02-24 11:18:01 +01:00
9e0cb9797b
python -c payload -> echo payload | python
2017-02-04 17:57:17 +08:00
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
bcbb7b86d6
Changed encoding on jscript contents before uploading it
2017-01-13 16:19:58 -06:00
cdcf4cce7d
improve zip module windows script fallback
...
- handle non-English locales
- wait more reliably, handle network paths where FS info gets stale
- use absolute paths correctly
2017-01-07 12:27:03 -06:00
0d41160b03
Sanity checks, errors out with nil ptr if API call fails
2016-12-08 16:14:10 -08:00
a17d1a7e19
Added options for setting the PASSWORD and GROUPNAME
2016-12-08 16:13:31 -08:00
aa29fcad80
Update docs and pretty print the loot
2016-12-08 14:25:07 -08:00
70668c289f
Use better loot args
2016-12-08 13:14:36 -08:00
162204b338
Support creating a password for the user, etc
2016-12-08 12:56:00 -08:00
a9cb08a352
Token should be passed as nil if not set
2016-12-07 10:16:41 -08:00
1c3f0437ed
Move some options back to non-advanced
2016-12-06 17:39:37 -08:00
a13382c80b
Address most of rubocop's nits
2016-12-06 17:10:34 -08:00
8f21a1f68c
move most options to advance, since they never change
...
Also, doc empty username
2016-12-06 16:29:00 -08:00
497e02955b
Fixed checking for access keys being retrieved
2016-11-29 11:08:55 -08:00
cb0313642b
Fixed setting IAM_USERNAME
2016-11-29 00:54:49 +00:00
46ce1dfaab
Now using random string as IAM_USERNAME unless specified
2016-11-28 16:32:53 -08:00
f8789fef38
Moved METADATA_IP to advanced options
2016-11-28 16:32:26 -08:00
b4add59a3d
Moved metadata_creds() so Client can be included in Aux/Post modules
2016-11-24 21:03:38 -08:00
c48587066d
Added reference and minor fixes
2016-11-23 10:58:37 -08:00
43e1b5bdd1
Adds module to create an AWS IAM user from a pwned AWS host
2016-11-22 14:55:03 -08:00
f313389be4
Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch
2016-11-20 19:08:56 -06:00
8e3888f20c
the template ref in this module was missed
...
when we cleaned up all the other powershell template refs
we missed the one in this module which seems to e replicating
large ammounts of library code
7533
2016-11-11 14:24:33 -06:00
2b5517f597
Land #7506 , Add gather AWS keys post module
2016-11-11 13:56:12 -06:00
47ec362148
Small fixes for dbvis enum
2016-11-01 07:35:36 +10:00
557424d2ec
Small tidy of the multiport_egress_traffic module
2016-11-01 01:46:58 +10:00
ec8536f7e9
Fix firefox module to use symbols where appopriate
2016-11-01 01:43:25 +10:00
b9bbb5e857
Replace regex use with direct string checks in dbvis module
2016-11-01 01:35:01 +10:00
f754adad0c
Fix typo PAYLOAD_OVERWRITE vs PAYLOAD_OVERRIDE
2016-10-29 11:20:32 +01:00
640827c24b
Final pass of regex -> string checks
2016-10-29 14:59:05 +10:00
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
0737d7ca12
Tidy code, remove regex and use comparison for platform checks
2016-10-29 13:41:20 +10:00
8173e87756
Add references
2016-10-28 16:12:46 -07:00
96c204d1ea
Add aws_keys docs; correct description
2016-10-28 15:27:47 -07:00
1ca2fe1398
More platform/arch/session fixes
2016-10-29 08:11:20 +10:00
7dea613507
Initial commit of module for snagging AWS key material from shell/meterpreter sessions
2016-10-28 14:48:55 -07:00
6b77f509ba
fixes bad file refs for cmdstagers
...
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced
Fixes #7466
2016-10-21 12:31:18 -05:00
022830634b
Rejig platform to use windows instead of win32/win64
2016-10-14 10:10:04 +10:00
b77a910205
Land #7355 , allwinner post to local exploit conversion
2016-10-08 21:38:54 -05:00
b3c6ec09a0
Show status when gathering, which can take a bit
2016-09-30 06:42:22 -07:00
abed3bf6c2
Rename
2016-09-30 06:35:26 -07:00
2272e15ca2
Remove some anti-patterns, in the same spirit than #7372
2016-09-29 00:15:01 +02:00
cba297644e
post to local conversion
2016-09-22 22:08:24 -04:00
83160b7e49
Land #7173 , Add post module to compress (zip) a file or directory
2016-08-24 09:38:04 -05:00
89c3b6f399
Remove the -d flag for Linux machines
2016-08-23 18:43:50 -05:00
b081dbf703
Make destination required
2016-08-18 15:56:16 -05:00
60937ec5e9
If user is SYSTEM, then steal a token before decompression
2016-08-17 16:56:09 -05:00
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
ae59c4ae74
Land #6687 , Fix meterpreter platform to include OS in the tuple for all meterpreters
2016-08-07 05:00:24 -05:00
45801bc44e
get_env
2016-08-03 11:11:34 -05:00
bddf5edcf1
Fix typo
2016-08-03 11:04:53 -05:00
8f7d0eae0c
Fix #7155 - Add post module to compress (zip) a file or directory
...
Fix #7155
2016-08-02 14:44:58 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
d5d0b9e9b8
Revert "Land #6729 , Speed up the datastore"
...
This reverts commit c6b1955a5a4fb7472391
2016-06-28 13:39:52 -05:00
c6b1955a5a
Land #6729 , Speed up the datastore
2016-06-15 17:55:42 -05:00
eaaa9177d5
Fix "username" key to add login in creds database
2016-06-08 10:38:38 +02:00
ca76e8f290
Update allwinner_backdoor report_vuln hash
2016-05-24 00:57:37 -05:00
928a706135
Land #6890 , Allwinner CPU kernel module local privilege escalation
2016-05-23 22:00:52 -05:00
2f8562fba4
added documentation and minor style tweaks
2016-05-23 21:59:44 -05:00
4242bbdf55
change report_note to report_vuln per note
2016-05-23 17:36:50 -04:00
c621f689b2
more descriptive note per @sempervictus
2016-05-18 19:08:01 -04:00
815a2600a8
additional description
2016-05-17 22:07:33 -04:00
640e0b9ff7
working ready for pr
2016-05-17 21:58:32 -04:00
2e3e4f0069
Land #6296 , Added a multi-platform post module to generate TCP & UDP egress traffic
2016-05-14 00:03:00 -05:00
3542d907f7
simplify description, move the bulk of documentation to documentation/
2016-05-14 00:01:51 -05:00
314d73546c
additional details, not working on tablet via malicious apk meterpreter
2016-05-13 23:12:44 -04:00
5099124f3d
module compiles, fails correctly but cant yet verify it works
2016-05-12 22:18:43 -04:00
a69432abe5
update module class and move to recon from manage
2016-05-12 12:42:04 -05:00
9f923cdb00
Merge branch 'master' into land-6296-egress
2016-05-12 12:36:47 -05:00
57a3a2871b
remove various session manipulation hacks since session.platform should always contain an os identifier
2016-05-08 22:39:41 -05:00
2f66442f1d
Fix #5191 , bad LHOST format causes shell_to_meterpreter to backtrace
...
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.
Fix #5191
2016-04-28 23:03:54 -05:00
Brent Cook
darkbushido
William Vu
wchen-r7
Koen Riepe
James Lee
Jonathan Claudius
h00die
Pearce Barry
Tim
bwatters_r7
Javier Godinez
Jon Hart
David Maloney
dmohanty-r7
OJ
Konrads Smelkovs
jvoisin
Louis Sato
Crypt0-M3lon
h00die