infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
40,889 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

40889 Commits (d48ec09934cf2a2dc9abad1101736d7f14b48749)

Author SHA1 Message Date
David Maloney a61b92aa3e tweak target selection 
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index

MS-2325
 2017-01-03 14:38:51 -06:00
David Maloney 3d2957dff1 tying it all together 
insert our autotarget routine into
the main target selection process

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 44830dfc54 prefer authour's target over ours 
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 1afc57da40 determine most precise filter 
drop back to our most precise level of filtering

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 201b65e43d remaining os filtering 
now can filter by os name and service pack
need to do final logic to turn that into an actual
target selection

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 05ac2ee6ed convert first stage to os_family 
added the new os-family column to Host
so now we use that as our first stage filter
for targets

MS-2325
 2017-01-03 14:38:49 -06:00
David Maloney 95d5c7a778 filtering by os_name 
targets now filtered by OS name, but a little
more processing may be needed on this part because
it looks like what you'd expect in os_flavor gets jammed
into name instead

MS-2325
 2017-01-03 14:38:49 -06:00
David Maloney f107408389 target_host specs 
add specs for finding the 'target host' ie.
the mdm::Host object related to the RHOST value
to see what we know about our target

MS-2325
 2017-01-03 14:38:49 -06:00
David Maloney 4060e63b89 add tests for auto target addition 
tests to make sure we add auto targets only
in the appropriate conditions

MS-2325
 2017-01-03 14:38:49 -06:00
David Maloney 84d5e42e4f start gearing up for testing 
start getting auto-targeting test framework in place
so we can have unit tests for this behaviour

MS-2325
 2017-01-03 14:38:45 -06:00
David Maloney 769d477e97 if no automatic target defined, add one 
if an exploit does not have a defined automatic target
then we add one in for our fallback auto-targeting

MS-2325
 2017-01-03 13:54:34 -06:00
William Vu f25ced04af
Update rex-exploitation to 0.1.8 2017-01-03 12:04:18 -06:00
Brent Cook 3808eebad8
Land #7704, Update jobs output to show TCP listener information 2017-01-02 15:44:49 -06:00
Brent Cook d9be9f3b2e
Land #7764, add to_handler command to launch a handler from the payload module 2017-01-02 15:40:38 -06:00
Brent Cook 35bb725f19 rubocop fixes for payload dispatcher 2017-01-02 15:39:48 -06:00
Brent Cook 04a026e786 remove lies from module, this is a bound socket 2017-01-02 09:47:18 -06:00
Brent Cook 5a4abeb110 make Rex UDPSocket.send work just like the real thing 2017-01-02 09:38:26 -06:00
Brent Cook 4f0569c6ce support pivoting with UDP port scanners 
Use bound UDP sockets for each UDP service/ip that we wish to scan,
managing and closing them locally as they expire, rather than an unbound
socket.
 2017-01-02 08:55:27 -06:00
Brent Cook d5bc6a089f recvfrom_nonblock need flag = 0, not nil 2017-01-02 08:55:12 -06:00
Brent Cook 225aaac8fd remove logging of expected exceptions in connection_established? method 2017-01-02 08:31:05 -06:00
William Vu 640aa33e3a
Land #7775, CVE ref fix and other ref updates 2017-01-01 23:27:33 -06:00
William Vu 4264521354 Fix broken CVE reference and update links 
Prefer HTTPS over HTTP, too.
 2017-01-01 21:33:59 -06:00
William Vu f1fa65b9a3
Land #7772, database check for WMAP 2016-12-31 17:41:51 -06:00
William Vu ac28c70dab Add database check to WMAP plugin 2016-12-31 17:39:46 -06:00
William Vu fdfa8b8fdb Remove erroneous newline 2016-12-30 19:09:37 -06:00
William Vu db90d541fb Add history deduplication and clearing 2016-12-30 19:02:47 -06:00
William Vu 73d454387c
Fix #7765, additional fixes for history command 
1. Really fix crash by restoring default behavior
2. Add whitespace padding to command number
3. Refactor logic a bit for clarity
 2016-12-30 18:21:24 -06:00
William Vu 3ff74f019d
Fix #7765, history command fixes and improvements 
1. Fix crash when no arguments are specified
2. Print history index starting at 1 like every shell
3. Fixed wording/phrasing
4. Fixed formatting/whitespace
 2016-12-30 17:35:18 -06:00
Adam Cammack c2fec5db82
Land #7770, Improve TCP channel handling 2016-12-30 15:17:18 -06:00
Brent Cook fdca963b61 check if the socket exists before closing 2016-12-30 14:59:31 -06:00
Brent Cook bb684bb3b1 tcp channel fixes 2016-12-30 14:59:10 -06:00
Spencer McIntyre cd90fd3b1c Fix PHPMailer targets since 5.2.20 is not affected 2016-12-30 15:31:15 -05:00
h00die 6584da718a got docs 2016-12-30 15:16:08 -05:00
h00die 2856facdf0
Land #7765, adds the history command to msfconsole 2016-12-30 14:54:32 -05:00
Luis Fontes e729254b4f minor tweaks 
added dots to the end of lines,
checked val for nil before runing match
 2016-12-30 19:30:01 +00:00
Spencer McIntyre 1eab4b3a7d Add an optional explicit triggeruri for phpmailer 2016-12-30 14:24:07 -05:00
Luis Fontes f073e78838 replaced hardcoded value variable 2016-12-30 08:49:13 +00:00
Brent Cook d2624ef574
Land #7758, Add HTTP CmdStagers - wget and curl 2016-12-30 02:13:45 -06:00
William Vu 36e0bad421 Update rex-exploitation to 0.1.7 2016-12-30 00:56:02 -06:00
William Vu 0321000ea7 Update Http mixin for opts[:ssl] 
1. Add opts[:ssl]
2. Remove opts[:busybox]
3. Refactor logic
4. Remove resource_uri
 2016-12-30 00:56:02 -06:00
William Vu 34d358b8d7 Update CmdStager with new toys 2016-12-30 00:56:02 -06:00
William Vu 58dd59fad5 Add Http mixin for CmdStager 2016-12-30 00:56:02 -06:00
Spencer McIntyre 64037b0d6e Use a proper target instead of VERSION 2016-12-29 17:37:16 -05:00
Brent Cook fae4751771
Land #7744, update kiwi extension to Mimikatz 2.1 2016-12-29 16:22:45 -06:00
Spencer McIntyre c9dd7a50b6 Add the PHPMailer Argument Injection exploit 2016-12-29 17:17:06 -05:00
Brent Cook cd950e91a9 bump payloads gem 2016-12-29 15:59:07 -06:00
Luis Fontes 968286657e Added the command menu option 2016-12-29 17:44:09 +00:00
Luis Fontes e7249742b3 Added the history command 
Added the "history" command to see a list of commands used before.

```
msf exploit(handler) > history -n 4
2344  set PAYLOAD windows/meterpreter/reverse_tcp
2345  set LHOST 10.0.1.109
2346  exploit
2347  history -n 4
msf exploit(handler) > history -h
Usage: history [options]

Show the command history


OPTIONS:

    -a        Show length commands in history
    -h        Help banner.
    -n <opt>  Show the last n commands

msf exploit(handler) > 
```
 2016-12-29 17:03:54 +00:00
Luis Fontes cb0a7986bf Added to_handler command 
This commit adds a "to_handler" command to msfconsole when "using" a payload.

After generating a payload from msfconsole, we needed to set multi/handler and the payload with the same param as we used to generate it. That was really boring...
The to_handler command creates the handler and sets the payload and the options set for it.

### Example Output:





```
msf > use payload/windows/meterpreter_reverse_tcp 
msf payload(meterpreter_reverse_tcp) > set LHOST 10.0.1.109
LHOST => 10.0.1.109
msf payload(meterpreter_reverse_tcp) > set LPORT 3377
LPORT => 3377
msf payload(meterpreter_reverse_tcp) > show options

Module options (payload/windows/meterpreter_reverse_tcp):

   Name        Current Setting  Required  Description
   ----        ---------------  --------  -----------
   EXITFUNC    process          yes       Exit technique (Accepted: '', seh, thread, process, none)
   EXTENSIONS                   no        Comma-separate list of extensions to load
   EXTINIT                      no        Initialization strings for extensions
   LHOST       10.0.1.109       yes       The listen address
   LPORT       3377             yes       The listen port

msf payload(meterpreter_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0
[*] Started reverse TCP handler on 10.0.1.109:3377 
[*] Starting the payload handler...
msf payload(meterpreter_reverse_tcp) > 
```
 2016-12-28 20:03:40 +00:00
bwatters_r7 4906b8a85a
LAND #7760, prevent duplicate UUIDs when generating Android HTTP/S payloads 2016-12-28 10:48:36 -06:00