infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,556 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

6869 Commits (d10b20b7a3effe16ad23cd3f5e735823902733c3)

Author SHA1 Message Date
jvazquez-r7 d10b20b7a3
Land #5251, @hmoore-r7's second opportunity to Oracle connect 
SYSTEM shouldn't have SYSDBA privileges by default anymore
 2015-05-22 17:47:41 -05:00
jvazquez-r7 41a86b2e9b
add vprint_status 2015-05-22 17:46:56 -05:00
jvazquez-r7 c201955fdf
Land #5387, @wchen-r7's user-configurable HTTP timeout 
Fixes #5219, Add connection timeout and response timeout for HttpClient
 2015-05-22 15:36:11 -05:00
jvazquez-r7 e0d9ee062f
Use HttpClientTimeout 2015-05-22 13:35:37 -05:00
Brent Cook 9ce669f878
Land #5328: reworked x64 http/https stagers 2015-05-21 23:26:34 -05:00
HD Moore 9b17b63259 Switch to append mode for x86 service templates, fixes #5403 2015-05-21 20:42:20 -05:00
HD Moore ea9059f930 Fix broken endian specification (<I vs I<) 2015-05-21 20:00:22 -05:00
wchen-r7 c29bb35e28 Change datastore name 2015-05-21 10:15:03 -05:00
root ee1a366e2b Use select with ActiveRecord::Associations::CollectionProxy for subset selection 2015-05-21 11:04:03 +05:00
wchen-r7 bdf30dd383
Land #5374, --smallest option in msfvenom 2015-05-20 21:06:10 -05:00
wchen-r7 93900087c7 Resolve #5219, user-configurable HTTP timeout 
Resolve #5219
 2015-05-20 13:30:45 -05:00
OJ 44f8cf4124 Add more size to stagers, adjust psexec payloads 
This psexec payload size should be evaluated to make sure I'm not doing
anything stupid. i can't see a reason why increasing these sizes would
be bad. They seem to work fine.
 2015-05-20 17:07:56 +10:00
OJ 6859b24c1c Fix missing label, update payload sizes 2015-05-20 15:42:31 +10:00
OJ d43e11f5af WinHTTP rework with proxy support, and SSL verification 
This commit fixes up the winhttps stuff properly too. PHEW!
 2015-05-20 15:32:34 +10:00
OJ fd2534914d Small tweaks to reverse_http 2015-05-20 12:15:38 +10:00
Christian Catalan 046003acb4
Increase REXML expansion text limit 
MSP-9532

* Increase to reasonable size to handle larger xml file expansion on import
* Prevents the 'RuntimeError entity expansion has grown too large' error that prevents import
 2015-05-19 12:47:19 -05:00
William Vu c1b8cee315
Land #5369, @dmaloney-r7's snmp_login fixes 2015-05-19 10:39:03 -05:00
OJ 9fddc21cf3 Shaved another sneaky byte off the payload 2015-05-19 21:21:07 +10:00
OJ 6e96e6d118 Shellcode golf to make the payload smaller 
Tried to implement some more of the stuff that egypt suggested, managed
to get some in, but not others. Ultimately, its smaller than it was, and
I'm sure there are ways to make it better as well.
 2015-05-19 21:17:42 +10:00
OJ 62720ab357 Fix the wininet stager for http/s 
For some reason this was only working on Windows7/2008, yet when tired
on Windows 2012 it was resulting in crashes. It was also stopping
working in exploits such as psexec_psh.

Went back to the beginning and started again. With this in place, we can
now do a bit of shellcode golf to make it a bit smaller.

Adjusted payload sizes as well.
 2015-05-19 20:03:22 +10:00
HD Moore 9dd82d94ae Exclude Manual ranked encoders from automatic selection, these can still be specified with -e 2015-05-18 15:47:15 -05:00
HD Moore 71eab7a236 Implements msfvenom --smallest, still some blockers 2015-05-18 15:24:59 -05:00
HD Moore a82168d7bb Fixes #5361 by adding --encoder-space to msfvenom 2015-05-18 14:27:52 -05:00
David Maloney 7376d4d94e
account for public only credentials in #to_s 
SNMP in particular will only have a public, so we need
to account for this so we don't output poorly formed text
with a trailing ':' char

5266
 2015-05-18 13:42:15 -05:00
David Maloney c69b6b2b8b
only issue db warning once 
cache the fact that we have issued the db warning
so we do not issue it for every credential attempt
on the module run.

5266
 2015-05-18 13:41:18 -05:00
OJ 677acb22a4 Fix up module include in x64 winhttp 2015-05-18 14:59:49 +10:00
OJ bf2b113abb
Merge branch 'upstream/master' into update-x64-stagers 2015-05-18 13:28:36 +10:00
OJ 8bd41a3834
Land #5354 - transport config fallback in stager 2015-05-18 10:16:44 +10:00
OJ 8b2e5c88d9 Adjust transport config fallback to include https 2015-05-18 10:16:09 +10:00
OJ 178ba50b98
Merge branch 'upstream/master' into rage-stager-transport 2015-05-17 20:09:50 +10:00
OJ d725554a87 Fix UUID code so that it always deals with 16 bytes 
Also re-add the payload ID to session validation now that the UUID stuff
is reliable.
 2015-05-17 17:49:21 +10:00
OJ 37e4d71a6a Remove check for UUID in the valid session check 
This is causing sessions to fail because meterpreter isn't doing the
right thing. I have another fix in the works which will properly solve
this, but in the short term the best way of solving the problem is to
remove this line.
 2015-05-17 17:13:54 +10:00
RageLtMan 11e715ae46 Configure transport from stager mixin 
Transport configuration for basic session types can be performed
by the stager mixin.

Add a default transport_config method to Msf::Payload::Stager by
mixing in Msf::Payload::TransportConfig and attempting to guess
the default tranport and direction types from the currently loaded
module's (MSF module) refname.

Users with custom payloads will no longer need to update them with
transport_config methods unless they use a non standard transport,
direction, or other innovation which affects the default approach.

Testing:
  Tested with payloads lacking transport_config methods or access
to the TransportConfig module (Ruby) namespace. This also resolves
problems with the RC4 payloads in upstream as they can't currently
generate stagers for meterpreter.
 2015-05-17 03:03:17 -04:00
jvazquez-r7 3c92d5365e
Lnad #5334, @wchen-r7's deletes unnecessary check on mysql_drop_and_create_sys_exec 2015-05-15 11:51:21 -05:00
wchen-r7 25099dd877
Land #5212, HTA Powershell template 2015-05-15 11:49:07 -05:00
wchen-r7 3bc3614be6 Do a check for powershell.exe before running it. 2015-05-15 11:48:21 -05:00
jvazquez-r7 4c1558b398
Land #5331, @wchen-r7's fixes #5330 by using print_warning 2015-05-15 11:42:57 -05:00
jvazquez-r7 b7b00666fa
Use parenthesis 2015-05-15 11:41:14 -05:00
Brent Cook 1653acd527
Land #5344, print payload size from msfvenom 2015-05-15 09:49:05 -05:00
OJ 7b2aee2a60
Merge branch 'upstream/master' into update-x64-stagers 2015-05-15 12:27:40 +10:00
OJ 83fbd41970 Merge branch 'upstream/master' into multi-transport-support 
Conflicts:
	Gemfile.lock
	modules/payloads/singles/cmd/windows/powershell_bind_tcp.rb
 2015-05-14 14:50:25 +10:00
HD Moore 5f3947312d
Lands #5327, SSL support + refactor for PowerShell 2015-05-13 23:25:15 -05:00
wchen-r7 2e61973411 Resolve #5343, Print payload size 
Resolve #5343. Prints payload size
 2015-05-13 16:33:22 -05:00
benpturner 1f294eac0b Updated to remove dup code 2015-05-13 17:26:21 +01:00
Brent Cook 9549d572cc
Land #5280, update to Ruby on Rails 4.0 
This upgrades a number of other gems as a side-effect.
 2015-05-12 16:48:49 -05:00
HD Moore b1b8f86aae
Lands #5270, improvements to Msf::ModuleSet 2015-05-12 11:01:23 -05:00
OJ 06dfdbcc2c Merge updated transport changes 
Discard changes that were made for reverse_https transport in x64 as
they no longer apply here.
 2015-05-12 10:26:39 +10:00
OJ 836feaa2d8 Fix uuid setting, fix reverse_https x64 payload 
The payload changes in this PR will be fixed up/removed in the
update-x64-stagers PR.
 2015-05-12 10:24:11 +10:00
OJ 5f735c917c Add condition before overwriting payload_uuid 2015-05-12 09:56:55 +10:00
OJ 51e6c13bc4 Adjust transport configuration include for x64/reverse_http 
Not sure how I missed this, but I did!
 2015-05-12 09:54:08 +10:00