Commit Graph

11496 Commits (cf8f0e2483f7070b24df3fa254254482fb2a5649)

Author SHA1 Message Date
bigendian smalls bb769f0dca
Added mainframe ebcdic<->ascii conv ability
Within text.rb added 2 tables and 2 methods that allow for the
tranlsation of EBCDIC<->ASCII for mainframe modules and functionality
(SystemZ Zarchitecturer mainframe)
2015-09-28 09:55:30 -05:00
bigendian smalls 33807abeda
Updated contstants.rb with ARCH_ZARCH / mainframe 2015-09-28 09:47:24 -05:00
bigendian smalls 94e0a78050
Added zarch.rb architecture file 2015-09-28 09:41:22 -05:00
bigendian smalls 258e743f82
Added ARCH_ZARCH as architecture option
SystemZ (z/os, mainframe) added as a constant to the arch.rb file.  This
along with other commits in this package will allow for development of
SystemZ (mainframe) based modules.
2015-09-28 09:36:31 -05:00
Jon Hart 7d9d3864c3
Add docs for capture_sendto 2015-09-27 15:40:32 -07:00
Jon Hart fc9a757194
Fix #6008 for the 6 modules that use scanner_spoof_send 2015-09-27 15:06:29 -07:00
Jon Hart b508625957
When unable to determine destination MAC, vprint and return false
Fixes #6006.

~20 related modules are affected by this defect and by this "fix"
2015-09-26 15:13:26 -07:00
William Vu cb4e609dd5
Land #5997, database cache update fix 2015-09-26 14:10:04 -05:00
William Vu f4b4b21bfc
Land #5990, reverse_hop_http fix 2015-09-26 13:42:46 -05:00
Brent Cook f3451eef75
Land #5380, pageantjacker, an SSH agent proxy 2015-09-26 10:52:44 -04:00
Brent Cook 4cbe35e1b2 specifically use shell or powershell 2015-09-23 22:08:32 -05:00
Brent Cook 157bab4f0d
Land #5518, TFTP::Client retransmit lost data blocks on upload 2015-09-23 21:58:42 -05:00
Brent Cook d9a76bbe0a
Land #5911, add adsi enumerate to a file via -o 2015-09-23 21:40:01 -05:00
Meatballs 66c9222968
Make web_delivery proxy aware 2015-09-23 20:45:51 +01:00
Fernando Arias 52e3405192
Passing report_exploit_success specs
MSP-13119
2015-09-23 11:12:02 -05:00
Fernando Arias dc84b3b1ba
Passing report_exploit_failure specs
MSP-13119
2015-09-23 10:54:13 -05:00
Stuart 853d822992 Merge pull request #1 from bcook-r7/land-5380-pageantjacker
update pageantjacker to run as part of extapi
2015-09-23 09:45:53 +01:00
scriptjunkie 30102d4526 No longer needed. 2015-09-22 17:05:30 -05:00
scriptjunkie d90f87449a Fix merge 2015-09-22 16:55:01 -05:00
scriptjunkie 7d2a2a8b64 Fix issues with using hop for new core 2015-09-22 16:54:02 -05:00
Brent Cook 6482083b6b revert WfsDelay short-circuit on exploit failure
Some exploits currently succeed, but can fail during cleanup, leading to a
false-negative. Reverting this so that the affected exploits can be fixed
first.

This reverts commits b0858e9d46 and
b3f754136e.
2015-09-22 14:43:03 -05:00
Brent Cook 66b453edd6 ensure the database cache is always updated, present accurate reporting on search 2015-09-22 12:56:26 -05:00
Samuel Huckins 1bd472107b
Land #5996
Missing service in looking up vulns by refs now handled.
2015-09-22 12:16:42 -05:00
dmohanty-r7 8b10cbe3fd
Query for vulns without specifying service when service is nil
MSP-13284
2015-09-22 10:50:23 -05:00
OJ 46e00389c4 Adjust payload size for stageless in prepend migrate 2015-09-22 18:07:53 +10:00
Fernando Arias 9230b04674
Update match result creation logic
MSP-13119

* Look up match on match set for the run
* If no match exists in the match set for the vuln, attempt to create a match for the vuln
2015-09-22 00:24:38 -05:00
jvazquez-r7 62ff291713
Fix msfrop metasm require 2015-09-21 13:19:23 -05:00
HD Moore 0cc6b53d59
Land #5905, support newer OpenVAS formats. 2015-09-21 10:30:25 -05:00
Stuart Morgan cdd39f52b1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into pageant_extension 2015-09-21 14:34:56 +02:00
Stuart Morgan e8e4f66aaa Merge branch 'master' of ssh://github.com/stufus/metasploit-framework into pageant_extension 2015-09-21 14:34:38 +02:00
Brent Cook 61e7e1d094 update pageantjacker to run as part of extapi 2015-09-20 20:25:00 -05:00
wchen-r7 98da192c70
Land #5615, Updated YARD Documentation for EXE.rb 2015-09-18 13:36:11 -05:00
wchen-r7 0bf20993ec Fix more doc 2015-09-18 13:35:31 -05:00
Fernando Arias d3a73149a2
Add specs around match result creation in exploit attempt
MSP-13119
2015-09-18 12:04:45 -05:00
David Maloney 6f19e30723 Merge branch 'staging/hd-wfs' into feature/hd-wfsdelay 2015-09-17 13:07:56 -05:00
jvazquez-r7 c8b27e0563
Land #5889, @jlee-r7's favors metasm as a gem 2015-09-16 17:01:01 -05:00
wchen-r7 c7afe4f663
Land #5930, MS15-078 (atmfd.dll buffer overflow) 2015-09-16 15:33:38 -05:00
Fernando Arias 5cf3ac23e2
Fix no method defined error when run_id is not passed down
* run_id is an optional param so we handle when it isn't set on user data

MSP-13119
2015-09-16 15:32:48 -05:00
HD Moore b0858e9d46 Style tweak re: TheLightCosine's feedback 2015-09-16 08:15:26 -07:00
HD Moore b7572d5494 Handle both serialized & unserialized cases on import 2015-09-16 08:11:15 -07:00
HD Moore ef043cebc3 Always use the stringified host->address during export 2015-09-16 02:59:11 -07:00
Fernando Arias 382e01d680
Add comments and use run scope on match
MSP-13119
2015-09-15 15:09:26 -05:00
Fernando Arias 621af7311c Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation 2015-09-15 14:35:07 -05:00
Fernando Arias eb479318b1
Use existing run for match result or create a new one if it doesnt exist
MSP-13119
2015-09-15 14:34:44 -05:00
HD Moore b3f754136e Skip WfsDelay when the exploit has clearly failed 2015-09-15 08:04:23 -07:00
Fernando Arias c7f15ca940
Rework how match results get created
MSP-13119

* Create match result when we create vuln attempt
2015-09-14 12:18:47 -05:00
HD Moore 713ded7ca2 Ignore SMB exceptions during fingerprinting
This fixes smb_version in cases where the remote server throws a Login error
for the default creds (null session).
2015-09-14 09:35:44 -07:00
jvazquez-r7 ad0140e0fc
Land #5864, @jlee-r7's fixes x64 injection 2015-09-11 16:09:37 -05:00
William Vu a1a7471154
Land #5949, is_root? for remove_lock_root 2015-09-11 02:09:14 -05:00
wchen-r7 f2ccca97e0 Move require 'msf/core/post/android' to post.rb 2015-09-11 01:56:21 -05:00
jvazquez-r7 53f995b9c3
Do first prototype 2015-09-10 19:35:26 -05:00
William Vu 86b9535a50
Land #5944, Nmap parser open|filtered -> unknown 2015-09-10 16:37:42 -05:00
Fernando Arias 0bb03db786
Rework vuln lookup logic to account for vuln with no service (nexpose import vuln with -1 port)
MSP-13234
2015-09-09 13:21:05 -05:00
Fernando Arias e88a14aee6
Rework exception handler for exploit simple
MSP-13233
2015-09-09 11:51:18 -05:00
Brent Cook 4aae9b8272 support upgrading a powershell session to meterpreter 2015-09-08 15:37:42 +02:00
Manuel Mancera e97056a367 When the port state is open|filtered should be unknown, no open 2015-09-07 22:52:03 +02:00
jvazquez-r7 eaf51a2113
Land #5722, @vallejocc's busybox work 2015-09-04 13:36:44 -05:00
jvazquez-r7 da221b82a8
Initialize dir 2015-09-04 11:07:49 -05:00
James Lee 7665747d1c
Land #5736, certutil cmdstager
Ferreal this time.
2015-09-03 14:21:21 -05:00
James Lee 82b27c9038 Revert "Land #5736, certutil cmdstager"
This reverts commit 93eb42dfa3.

Conflicts:
	spec/lib/rex/exploitation/cmdstager/certutil_spec.rb
2015-09-03 14:18:28 -05:00
James Lee 9ccd95af26
Land #5916, fix encoding when badchars contains - 2015-09-03 13:42:45 -05:00
James Lee 93eb42dfa3
Land #5736, certutil cmdstager 2015-09-03 13:13:24 -05:00
Brent Cook 70b5336356 Merge branch 'upstream-master' into land-5890-android-post-api 2015-09-03 09:51:35 -05:00
Brent Cook 895b692b0d
Land #5914, prevent loading cached modules outside of the load path 2015-09-03 09:29:13 -05:00
wchen-r7 ccd0a06353 Use === 2015-09-03 01:10:13 -05:00
Brent Cook 1440f31756
Land #5637, resiliency improvements to TCP stagers 2015-09-02 22:50:12 -05:00
OJ 9767de9bd0 Truncate payload size to 32 bits 2015-09-03 11:56:59 +10:00
Jon Hart 6820e8dc03
Land #5926, @hmoore-r7's fix for #5716
Addresses a bug with IPMI RAKP messages having a malformed length field
2015-09-02 17:50:07 -07:00
HD Moore 9f1f797031 Skip substitution if badchars is empty 2015-09-02 18:52:53 -05:00
HD Moore 01cbd842ad Updates based on @jlee-r7's feedback 2015-09-02 18:42:34 -05:00
HD Moore 9f9bbce034
Land #5840, add LLMNR & mDNS modules 2015-09-02 18:30:29 -05:00
HD Moore 0120e5c443 Cosmetic tweaks, don't report duplicate responses 2015-09-02 18:30:03 -05:00
Jon Hart ab91d1cc92
More style cleanup 2015-09-02 14:01:12 -07:00
Jon Hart 4d77e777fa
Remove explicit CLASS options from llmnr mixin
use parent's instead
2015-09-02 13:58:48 -07:00
Jon Hart 27174e2bfd Revert "Bump scanner THREADS to 10 by default"
This reverts commit f537f91943.
2015-09-02 13:55:48 -07:00
Jon Hart 5699908240
Style cleanup 2015-09-02 13:48:01 -07:00
Jon Hart 25a22860b7
Summarize MDNS/LLMNR responses 2015-09-02 13:43:26 -07:00
HD Moore 9e98385417 Fix #5716 by correctly setting the data length 2015-09-02 15:16:25 -05:00
Jon Hart 55251ffe17
Slightly better output. Unsure if this will work with all response types 2015-09-02 11:21:54 -07:00
HD Moore 24dd454127
Land #5912, adds timeout option to migrate 2015-09-02 13:08:22 -05:00
HD Moore 54f79e72bb Initialize writable_dir in the main block 2015-09-02 13:08:07 -05:00
Jon Hart 3d04d53e3a
first pass at better output and report_service 2015-09-02 10:31:46 -07:00
OJ cefb7c83f3 Fix call to migrate 2015-09-02 15:37:34 +10:00
HD Moore 1aa7c596ce
Land #5967, add PACKETSTORM reference types. 2015-09-01 23:25:26 -05:00
HD Moore 77f56c563b Land #5867, add PACKETSTORM reference types 2015-09-01 23:25:01 -05:00
HD Moore 8191fac90f Fix #5907 by replacing String#delete with String#gsub
The String#delete method treats the argument as a transliteration. This means that hyphens (-) either
turn into a character range or they throw an error if the range is invalid. This ended up breaking
one encoder and may be the root cause of other hard-to-reproduce bugs.
2015-09-01 18:37:28 -05:00
OJ 0d2df33900 Fix two typos, add help detail 2015-09-02 09:35:51 +10:00
Brent Cook 27cd0597d7
Land #5908, default to SSL autoneg, add explicit TLS 1.1/1.2 support 2015-09-01 18:21:51 -05:00
HD Moore de8205a42e Fix the defaults for module_info_by_path_from_database! 2015-09-01 17:48:56 -05:00
James Lee 409f2bd016
Agh, didn't mean to enable that
It's never worked
2015-09-01 16:34:28 -05:00
Meatballs 2cd6b1c2df
Update parser, fix UseMasterPassword bug 2015-09-01 22:05:47 +01:00
Joshua Smith 21ab4531d2
Land #5910, move help fxn for ps 2015-09-01 14:23:25 -05:00
Brent Cook b8458d6ec7
Land #5705, allow removing transports by index 2015-09-01 14:08:48 -05:00
Brent Cook b273893947 use URI.parse over a custom regex 2015-09-01 14:07:05 -05:00
HD Moore 148a5ba78e A better solution for the spec coverage 2015-09-01 13:45:46 -05:00
HD Moore 31087ff33e Refresh after cache rebuild should use the active module paths 2015-09-01 13:39:15 -05:00
HD Moore 5addf899b2 Refactor, same intent as before, just faster and correct. 2015-09-01 13:15:44 -05:00
HD Moore 2b03487e1f Fix the module cache rebuild logic 2015-09-01 12:38:20 -05:00
HD Moore d84caeca72 Ignore cached modules outside of load path, only load cache once on startup 2015-09-01 12:31:05 -05:00
OJ 299ceb7087 Add timeout option for migration
This commit changes the migrate function so that an optional timeout parameter can be given. This means that people in high-latency scenarios can extend the timeout when migration in order to increase the chances that things will work.
2015-09-01 22:53:30 +10:00
OJ 696bc95838 Merge branch 'upstream/master' into adsi-file-output 2015-09-01 17:25:13 +10:00
OJ ef73f56201 Add -o parameter to adsi query functions
This allows for the output of the query to be written to a file.
2015-09-01 17:03:41 +10:00
OJ abfeb204b3 Move help functionality for ps command 2015-09-01 16:45:35 +10:00
HD Moore ff6fbfa738
Land #5895, rework of ADSI modules 2015-08-31 14:10:41 -07:00
HD Moore 92d74ffb3b Default to SSLv23 (autonegotiate), fixes #5870 2015-08-31 13:30:05 -07:00
Brent Cook 30830ad9e5
Land #5262, fix webcam_chat and tidy adjacent code 2015-08-31 14:21:24 -05:00
Brent Cook fe69fc84de expand the path environment variables before executing 2015-08-31 13:38:08 -05:00
jvazquez-r7 fba751a986
Disable early returns 2015-08-31 12:13:42 -05:00
jvazquez-r7 80f21b50c9
Fix #4227 by improving parsing of nested elements 2015-08-31 11:47:43 -05:00
jvazquez-r7 8d0e0b973e
Fix array syntax 2015-08-28 14:12:23 -05:00
jvazquez-r7 06712817cf
Fix specs 2015-08-28 14:06:04 -05:00
jvazquez-r7 9c7f97d124
Fix methods name schema 2015-08-28 13:26:52 -05:00
jvazquez-r7 6a75ad0162
Fix yard documentation 2015-08-28 13:23:30 -05:00
jvazquez-r7 be7db10e7d
Fix busybox_write_file 2015-08-28 13:15:07 -05:00
jvazquez-r7 50f7d99674
Clean get_writable_directory 2015-08-28 13:02:10 -05:00
Jon Hart 3f7c8e03e2
Update workspace command to support deleting all workspaces 2015-08-28 10:23:41 -07:00
jvazquez-r7 c4a3b4f18e
Add busy_box_file_exist? 2015-08-28 11:56:12 -05:00
jvazquez-r7 8faf6f9cd0
Fix require 2015-08-28 11:51:26 -05:00
jvazquez-r7 9db65ea8e5
Change module filename 2015-08-28 11:48:55 -05:00
jvazquez-r7 0a95a1543f
Add spaces 2015-08-28 11:47:50 -05:00
Stuart Morgan b8b68983b0 Merge remote-tracking branch 'upstream/master' into adsi_group_enum_improvements 2015-08-28 15:11:27 +01:00
Stuart Morgan 3a5ce02e8e Changed the other print\n lines to print_line() for consistency 2015-08-28 14:05:44 +01:00
Stuart Morgan 266a6e7dc4 Changed to print_line() at the request of hdm 2015-08-28 11:35:51 +01:00
HD Moore a2d5511e39
Land #5379, new post modules to load into powershell sessions 2015-08-26 17:11:40 -05:00
HD Moore b14889ad5c Small typo fix 2015-08-26 17:09:33 -05:00
HD Moore c1ba0aae7a
Land #5884, fixes #5816, nil exception in DNS resolver. 2015-08-26 14:55:58 -07:00
Stuart Morgan 5cdf1aeef4 Added examples to the usage-help and run through msftidy 2015-08-26 19:33:09 +01:00
Stuart Morgan 4bac21b7b9 Added command to list the domain controllers
Also added more information relating to the computers from LDAP
2015-08-26 15:33:54 +01:00
Stuart Morgan 59cf75c5a8 Updated description to make it more obvious & added specific DC enumeration 2015-08-26 15:03:28 +01:00
Stuart Morgan 7cee4d0ad1 Added the following commands:
adsi_group_enum - Lists all groups on the specified domain
 adsi_nested_group_user_enum - Lists all users on the specified domain who are members of a given group DN (taking into account recursive/nested groups)
2015-08-26 14:14:15 +01:00
wchen-r7 3f994e964d Change method name and update rspec 2015-08-25 23:23:26 -05:00
Brent Cook 6c89d0997c
Land #5855, android offline collection support 2015-08-25 17:44:51 -05:00
Mo Sadek 1181600a69
Land #5575, interactive channel logging 2015-08-25 16:23:51 -05:00
Mo Sadek 7ff828d000
Land #5573, console and session log timestamps 2015-08-25 15:35:25 -05:00
Mo Sadek 026e6626f2 Added regular expression filtering for excess characters 2015-08-25 14:59:20 -05:00
wchen-r7 3412f31f85 Add Android POST API 2015-08-24 18:37:25 -05:00
Brent Cook 54dcd312f6 more style issues resolved 2015-08-24 18:07:31 -05:00
Brent Cook 90a46fbcd0 update style issues 2015-08-24 17:58:24 -05:00
Brent Cook 573f2b51a5 fix some crashes running webcam commands on webcamless machines 2015-08-24 16:51:43 -05:00
Brent Cook dfd00ad50b prefer catching RuntimeError 2015-08-24 16:42:33 -05:00
Brent Cook 6977a12dd8 whitespace fixups 2015-08-24 16:39:17 -05:00
Brent Cook f96236d61f remove redundant to_s and RuntimeError 2015-08-24 16:21:34 -05:00
Brent Cook 4e8cc47299 remove superfluous SYSTEMDRIVE path 2015-08-24 16:19:16 -05:00
James Lee d372a6a16d
Gemify metasm 2015-08-24 15:53:24 -05:00
James Lee ec7a07e0bb
Move DLL prefix calculation to its own method 2015-08-24 14:05:24 -05:00
James Lee 3c90ae1ebd
Use mov instead of lea for 64-bit absolute addrs 2015-08-24 13:51:54 -05:00
Fernando Arias ed1065b297
Create MatchResult with status Failure on session failure
MSP-13104
2015-08-24 12:56:32 -05:00
jvazquez-r7 6962fcf2fd
Check the query result before accessing the header 2015-08-24 09:22:42 -05:00
jvicente b37efd29b0 Modified module busybox_pingnet.rb to avoid sending an ash script but executing each ping command separately. Added some fixes. Modified spec file for busybox.rb. 2015-08-23 12:17:17 +02:00
wchen-r7 b99f5bc672
Land #5874, Consistency and API conformance changes to LES 2015-08-22 21:57:24 -05:00
jvazquez-r7 83ca4e984f
Land #5772, @wchen-r7's fixes #5753, support Origin for the creds command 2015-08-21 16:07:45 -05:00
wchen-r7 717b1bdd6a Fix bugs: Empty -O, empty origins 2015-08-21 15:46:18 -05:00
HD Moore d264802ce0 Consistency and API conformance changes to LES 2015-08-21 12:38:58 -05:00
Jon Hart 0bb9324c8d
Pass HTTP::version_random_valid and HTTP::version_random_invalid
Fixes #5871
2015-08-20 10:05:42 -07:00
Jon Hart 407d701fd9
Remove unnecessary version_random_case option 2015-08-20 10:05:16 -07:00
Jon Hart 2e4944b8ec
Remove unnecessary version_random_case option 2015-08-20 10:05:04 -07:00
Roberto Soares 870e9f448e Added PacketStorm (PKT) in References Display 2015-08-20 00:36:27 -03:00
James Lee 21c349494f
Fix default buffer_register for x64 2015-08-19 19:01:35 -05:00
James Lee d71467f9e7
Allow x64 registers for buffer_register 2015-08-19 17:06:29 -05:00
James Lee bf39f53066
Add proper CreateThread stub for x64 2015-08-19 16:16:58 -05:00
Dev Mohanty 68a802b980 Merge pull request #5834 from gmikeska-r7/bug/MSP-13064/SVV-validations-not-created
Bug/msp 13064/svv validations not created
2015-08-19 12:47:59 -05:00
Brent Cook 99ab64727d
Land #5859, add comparison cases for IP/IPv6 addresses in rex tables 2015-08-19 11:52:33 -05:00
Brent Cook f1ec92aba0
Land #5749, http large file download fixes 2015-08-18 15:57:31 -05:00
Brent Cook 015d045730 read max_size bytes at a time 2015-08-18 15:56:57 -05:00
jvicente 56db3f2f87 Added YARD comments for busybox mixin. 2015-08-18 21:15:02 +02:00
OJ 5b173319f2 Fix up level rendering 2015-08-19 00:22:26 +10:00
OJ 884760f11d Update the output format for the Wifi collection 2015-08-18 17:27:48 +10:00
Brent Cook 5b35134f98
Land #5820, DispatcherShell: Ensure exceptions don't interfere with busy state 2015-08-17 17:53:55 -05:00
Brent Cook 98f6c7f01f
Land #5857, use correct deserialization for hosts data 2015-08-17 17:33:07 -05:00
jvazquez-r7 02e3e9af16
Allow to compare ipv4 vs ipv6 hosts 2015-08-17 14:52:26 -05:00
William Vu 0bb01c8b6b Fix nil bug with an empty database.yml
Use an empty hash instead of false.
2015-08-17 14:45:11 -05:00
jvazquez-r7 0aa958dac0
Allow unserialization on hosts v5 2015-08-17 13:47:52 -05:00
jvicente a9ad7b7c6f Modifications to use cmd_exec instead of session.shell_write.
Refactoring of common functions to a new Post mixin /lib/msf/core/post/linux/busybox.rb.
2015-08-17 18:24:22 +02:00
OJ 241593117b First pass of the android interval collection 2015-08-18 00:53:25 +10:00
Brent Cook bf631869a7
Land #5835, allow overriding stage2 lhost and lport values 2015-08-16 11:22:13 -05:00
Brent Cook 92958bdf8b prefer && to 'and' for consistent order-of-operations 2015-08-16 11:21:22 -05:00
Brent Cook ad149a1aec
Land #5819, update stage_payload call arguments 2015-08-16 11:17:28 -05:00
Brent Cook 5dd015150c
Land #5748, refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter 2015-08-16 10:58:17 -05:00
Brent Cook 422bba87d3 style fixes, moved google_geolocate to google/geolocate 2015-08-15 19:49:32 -05:00
Brent Cook 875ac289e0 wait up to time_out seconds for output from the command 2015-08-15 19:44:48 -05:00
Brent Cook 3615bd094d limit the # of bssids sent to google, log more error details 2015-08-14 17:58:33 -05:00
Brent Cook f4031d87fc light ruby style cleanups 2015-08-14 17:26:05 -05:00
Brent Cook 3aab9aa74c move BSSID checker to tools, fixup rubocop warnings, add OS X example 2015-08-14 17:13:11 -05:00
Brent Cook 470779aae7 some doc fixes 2015-08-14 16:36:41 -05:00
Brent Cook 3d92e9d71c
Land #5802, add support for background colors in prompts 2015-08-14 15:02:51 -05:00
jvazquez-r7 f25a5da46f
Do Minor fixes 2015-08-14 12:37:49 -05:00
Stuart Morgan 3aa1f93196 Fixed string->uint 2015-08-14 17:45:47 +01:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
2015-08-14 11:35:39 -05:00
Stuart Morgan 02a58d459b Merge remote-tracking branch 'upstream/master' into pageant_extension 2015-08-14 17:05:38 +01:00
Jon Hart c257f8945b
Don't use now-removed files 2015-08-13 11:51:39 -07:00
Jon Hart 9c77669ebf
Remove unnecessary files 2015-08-13 11:41:05 -07:00
Jon Hart 92d0e212d9
Update Auxiliary::UDPScanner to collect all responses by default 2015-08-13 11:30:20 -07:00
Jon Hart 61e23ad23e
Switch back to ::Net::DNS::Packet.new 2015-08-13 11:29:56 -07:00
Jon Hart 4b41e8e42c
Fix Net::DNS::RR merge conflicts. really 2015-08-13 08:55:09 -07:00
Jon Hart 3a7cea51b4
Merge master and fix Net::DNS::RR merge conflicts 2015-08-13 08:53:25 -07:00
HD Moore 6e75db090f Fix comment 2015-08-12 21:11:48 -05:00
HD Moore e9203060b0 Allow the hostname and port to be overridden, necessary for complex NAT setups 2015-08-12 16:20:14 -05:00
Greg Mikeska 790356bac8
add infer_vuln_from_session to other valid case
MSP-13065
2015-08-12 15:45:37 -05:00
Greg Mikeska 01b3ae2dd8 Revert "added infer_vuln_from_session to other valid case"
This reverts commit 53e747ce2e.
2015-08-12 15:43:16 -05:00
Greg Mikeska 53e747ce2e
added infer_vuln_from_session to other valid case
MSP-13064
2015-08-12 15:35:03 -05:00
Mo Sadek 802e35ff67 YARD Documentation for EXE.rb 2015-08-11 11:48:35 -05:00
Alex Watt 6e684d46f2 Ensure exceptions don't interfere with `busy` 2015-08-10 12:11:37 -04:00
OJ e141d1451c Fix calls to stage_payload 2015-08-10 09:33:38 +10:00
Brent Cook 0b6a52e162
bump metasploit-framework gemspec version to match pro 2015-08-04 14:25:44 -05:00
Meatballs ef33f36bda
Remove untrusted il 2015-08-01 23:20:00 +01:00
Meatballs 2d9bc64457
Fix WMIC Post Library for SYSTEM
SYSTEM doesn't have a proper clipboard?
2015-08-01 23:11:09 +01:00
Meatballs 5bcb63476d
Add high integrity level check 2015-08-01 23:10:51 +01:00
Roberto Soares de47f4752b Added feature to add color background (Prompt) 2015-08-01 18:54:01 -03:00
Meatballs deb6f5638e
Update WinSCP Gather
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
William Vu fcb7981199 Add BIND TKEY DoS 2015-08-01 06:01:35 -05:00
Brent Cook b40c36688c check send retry count and abort in excess 2015-07-31 16:17:34 -05:00
Brent Cook 6e146794a2 fix indents and style 2015-07-31 14:48:02 -05:00
wchen-r7 629afd86fc
Land #5788, local exploit suggestor
Good luck getting Mr. Robot, Elliot.
2015-07-31 11:43:53 -05:00
jvazquez-r7 a112ccd023
Lnad #5660, @wchen-r7's warbird check
* Fixes #4380
2015-07-31 10:25:43 -05:00
wchen-r7 08338b73b2 Add get_target_arch and get_target_os
We cannot use session.platform to fingerprint the target's platform
and arch, because it's not really meant to be used that way.
2015-07-30 18:26:41 -05:00
William Vu 61b2ca6675
Land #5781, Msf::Format::Webarchive rename 2015-07-29 13:38:42 -05:00
William Vu e6a932eadb
Land #5778, final cmdstager generic payload fix 2015-07-29 11:48:01 -05:00
William Vu 5ff46a5dbd Fix indentation 2015-07-29 11:45:49 -05:00
HD Moore bf96b34108 Tweak module->class 2015-07-28 04:13:35 -07:00
HD Moore 7681d73e01 Relocate Webarchive into the Exploit namespace, fixes #5717 2015-07-28 04:11:17 -07:00
Brent Cook e53419a911 use password_prompt? not @password_prompt 2015-07-27 19:21:59 -05:00
wchen-r7 768de00214 Automatically pass arch & platform from cmdstager
This allows the cmdstager mixin to automatically pass the arch
and platform information without changing the modules. This should
address the following tickets:

Fix #5727
Fix #5718
Fix #5761
2015-07-27 14:17:21 -05:00
Brent Cook 226516ef20 restore PPID to the meterpreter process list table
This restores pre-66bd881ac5a6de636c2eea7528946bc2d3abd52c behavior, but merges
the current search and output fixups currently in the tree.
2015-07-25 18:10:10 -05:00
Brent Cook eb70ecb448
Land #5752, synchronize calls to payload.stop_handler 2015-07-24 17:49:54 -05:00
Brent Cook 347f48b0ec
Land #5762, adjust PHP stager to work in and outside of eval() 2015-07-24 17:43:26 -05:00
Brent Cook c30127cfe8
Land #5729, add user-agent list, MeterpreterUserAgent derives from this
Later PRs will convert modules to use this. A random user agent might be nice
for meterpreter actually.
2015-07-24 17:39:30 -05:00
jvazquez-r7 18636e3b9b
Land #5739, @wchen-r7 fixes #5738 updating L/URI HOST/PORT options 2015-07-24 15:45:31 -05:00
jvazquez-r7 ec7bf606c6
Land #5735, @rcvalle's for CVE-2015-1793 OpenSSL mitm 2015-07-24 14:38:27 -05:00
wchen-r7 75d59be87d Resolve #5753, Support Origin for the creds command
Resolve #5753. Add an Origin column and allow the user to search
by origin.
2015-07-24 14:04:23 -05:00
jvazquez-r7 45b4334006
Use Rex::Socket::SslTcpServer
* Also add rex sockets managing
2015-07-24 11:16:09 -05:00
William Vu 1f95491b45 Drop bang method and tweak formatting 2015-07-24 10:35:47 -05:00
Jack64 981d98443f fix local mods
Fixed some local modifications that were unintentionally pushed.
2015-07-23 17:04:12 +01:00
Jack64 31dcae6828 bug fixes 2015-07-23 16:58:55 +01:00
wchen-r7 6720a57659 Fix #5761, pass the correct arch and platform for exe generation
Fix #5761
2015-07-23 01:34:44 -05:00
OJ 0929d7695a Fix PHP stagers 2015-07-23 14:50:04 +10:00
Brent Cook 264bc0f921
Land #5726, support multiple glob patterns with search 2015-07-22 17:58:33 -05:00
William Vu a52bf4526d Use uniq on the globs array
This avoids search repetition.
2015-07-22 14:25:49 -05:00
William Vu fe67be0ece
Land #5734, notes -o 2015-07-22 13:52:40 -05:00
OJ 121fe1adda
Land #5654 : Python Meterpreter Transport 2015-07-22 10:39:06 +10:00
James Lee 85e806dc99
Add simple class for getting geo data from Google 2015-07-20 19:28:19 -05:00
jvazquez-r7 a59fa059dc
Fix #5675 Synchronize access to stop_handler 2015-07-20 16:09:13 -05:00
jvazquez-r7 035c0a8a38
Fix #5078 by improving actual_timeout calculation 2015-07-20 11:27:48 -05:00
jvazquez-r7 1a9664fcba
Delete default option 2015-07-20 09:54:51 -05:00
Jack64 0771d5ec39 minor fixes 2015-07-20 01:22:45 +01:00
Jack64 97f4ec72f9 minor fixes 2015-07-20 01:20:36 +01:00
Jack64 ad86a72918 send_sms + wlan_geolocate 2015-07-20 01:16:58 +01:00
xistence 844b47e8ce Additional changes 2015-07-18 14:10:46 +07:00
wchen-r7 da445a52aa Update URIHOST and URIPORT 2015-07-16 14:27:46 -05:00
wchen-r7 1fdbcc71c1 Support URIHOST and URIPORT for exploit URI generation 2015-07-16 14:10:49 -05:00
xistence 7f05403ae0 Added certutil cmdstager 2015-07-16 13:20:05 +07:00