b7620e13a3
remove special case check for invalid options
2017-05-27 00:53:14 -05:00
11b3fd9067
Land #8468 , Update system info after running getsystem
2017-05-26 23:37:00 -05:00
53cbbbacd8
getsystem update session info
2017-05-26 17:28:11 -06:00
e8b5cc3397
Avoid a stacktrace by verifying that the share is known
2017-05-26 17:01:44 -05:00
8caaba01f1
Add share enumeration methods to the SMB mixin
2017-05-26 17:01:18 -05:00
15b3b7de41
Bump version of framework to 4.14.23
2017-05-26 10:02:14 -07:00
1582d3a902
support i386
2017-05-26 15:55:42 +08:00
a9e6df6f15
fix shell command on osx meterpreter
2017-05-26 15:55:14 +08:00
18a871d6a4
Delete the .so, add PID bruteforce option, cleanup
2017-05-25 16:03:14 -05:00
92a1a3ecf7
Adding for loop instead of while, removing 'counter'
2017-05-25 15:09:34 +05:30
0520d7cf76
First crack at Samba CVE-2017-7494
2017-05-24 19:42:04 -05:00
52363aec13
Add module for CVE-2017-8895, UAF in Backup Exec Windows agent
...
This module exploits a use-after-free vulnerability in the handling of
SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for
Windows. When SSL is re-established on a NDMP connection that previously
has had SSL established, the BIO struct for the connection's previous
SSL session is reused, even though it has previously been freed.
Successful exploitation will give remote code execution as the user of
the Backup Exec Remote Agent for Windows service, almost always
NT AUTHORITY\SYSTEM.
2017-05-24 00:18:20 +12:00
d333077308
osx meterpreter
2017-05-23 14:23:22 +08:00
3e4e5dc810
Land #8421 , fix rspec failures with newer OpenSSL
2017-05-22 21:49:52 -04:00
86aad6b7c3
Fix proxy_type references to handle nil case
2017-05-22 21:47:37 +10:00
29d1022ae2
Fix the rake spec failures under ruby 2.4.
...
Ths typo3_spec is giving some errors under ruby 2.4+
and OpenSSL 1.1+.
2017-05-21 21:56:04 +02:00
18f520382b
Bump version of framework to 4.14.22
2017-05-19 12:12:27 -07:00
a6f416e8df
Land #8290 , Hwbridge Automotive Fix and Extension Enhancements
2017-05-19 13:46:54 -05:00
c54c999efc
Bump version of framework to 4.14.21
2017-05-19 10:02:32 -07:00
22828fcc0f
Land #8406 , add compatibility shims for older Ruby versions
2017-05-18 21:50:45 -05:00
4def7ce6cc
Land #8327 , Simplify storing credentials
2017-05-18 16:49:01 -05:00
126c078ced
Bump version of framework to 4.14.20
2017-05-18 11:53:33 -07:00
02211db664
Land #8412 , fix for smb_login errors
...
Merge branch 'land-8412' into upstream-master
2017-05-18 13:43:10 -05:00
94e4dc2938
fix for smb_login errors
...
do not try the TreeConnect if the SESSION_SETUP
has already failed.
2017-05-18 11:26:03 -05:00
1af6c08356
Land #8409 , mark osx-app macho as executable
2017-05-18 09:28:01 -05:00
a68a1858a9
Fix #7703 , mark osx-app macho as executable
2017-05-18 18:24:35 +08:00
c59371dd5e
add ruby backports compat library
2017-05-17 23:41:20 -05:00
b78749bc1b
Land #8221 , move autoroute
2017-05-17 15:17:45 -05:00
d0b13544dd
Agreed-upon feedback updates.
2017-05-17 10:57:39 -05:00
729f2a9ab8
Bump version of framework to 4.14.19
2017-05-16 14:09:45 -07:00
58d65ce4b5
Land #8380 , check for command injection in smtp email addresses
...
aborts
2017-05-16 15:36:22 -05:00
e3f4cc0dfd
Land #8345 , WordPress PHPMailer Exim injection
...
CVE-2016-10033
2017-05-16 15:07:21 -05:00
416a5cdc3b
Land #8379 , payload opts check for RHOST warning
2017-05-14 22:21:58 -05:00
78148c7979
Prefer && instead of and
...
I think @zeroSteiner's been writing a lot of Python. :-)
2017-05-14 22:19:15 -05:00
e7be0af72e
update bad mail checks
2017-05-14 22:13:31 -05:00
cc72850847
Land #8369 , add PSH decompressor & decoder convenience methods
2017-05-14 21:28:02 -05:00
8ac5d2d377
tidy up a bit while we're in here
2017-05-14 21:27:38 -05:00
544ea6926c
trim leading and trailing whitespace in mail addresses
2017-05-14 11:22:46 -05:00
70bfdf17b2
Check payload options before showing RHOST warning
2017-05-13 14:46:07 -04:00
f39e378496
Land #8330 , fix ps_wmi_exec and psh staging
2017-05-13 14:26:47 -04:00
3cbeebe3af
Rename env_ variable to be more accurately named
2017-05-13 14:24:00 -04:00
3a1ed19a42
Making use of StagerRetryConnect
2017-05-13 17:49:53 +05:30
405f2c6ca1
Bump version of framework to 4.14.18
2017-05-12 10:10:30 -07:00
123462bdca
Land #8293 , add initial multi-platform railgun support
2017-05-11 22:32:23 -05:00
e414bdb876
don't try to guess intent for specified default targets, leave auto-auto targeting to unspecified modules
2017-05-11 15:19:11 -05:00
099fc0176a
move autoroute to a more sensible location
2017-05-10 23:01:02 -05:00
cf29a512d0
Upstream Msf namespace PSH decompressor & decoder
...
Present convenience interfaces in Msf::Exploit::Powershell ns for
decoding and decompressing PSH strings built with Rex::Powershell
or compatible implementations.
2017-05-10 22:44:56 -04:00
18d95b6625
Land #8346 , Templatize shims for external modules
2017-05-10 18:15:54 -05:00
ee55516e06
Allow lowercase HTTP in command strings
2017-05-10 15:17:20 -05:00
3a45c2f321
Allow complete override of Host header
2017-05-10 15:17:20 -05:00
42fd287038
remove debug
2017-05-10 13:04:12 -05:00
beea5e1a5c
use wfsdelay consistently
2017-05-08 15:34:09 -05:00
fede672a81
further revise templates
2017-05-08 14:26:24 -05:00
a2ce3743a2
move wait_status to a mixin
2017-05-08 12:23:27 -05:00
a1efa30fa2
comments adjustments & enum better
2017-05-08 11:57:06 -05:00
f213482659
small fixe
2017-05-08 11:52:37 -05:00
e2fe70d531
convert store_valid_credential to named params
2017-05-05 18:23:15 -05:00
c297e1679c
Land #8336 , Specify LHOST by interface name
2017-05-05 18:05:20 -05:00
fa47092bfe
Land #8348 , typo fix in Net::DNS
...
Since the lib is vendored, I doubt it'd get fixed otherwise.
2017-05-05 14:17:41 -05:00
a0b50390c5
Bump version of framework to 4.14.17
2017-05-05 10:02:17 -07:00
6e312fd009
Minor spelling correction: lenght => length
2017-05-05 10:42:33 -05:00
2e880c9fdf
move module template to an ERB
2017-05-05 01:16:54 -05:00
3bc4ac68dc
merge all available keys for login storage
2017-05-04 22:51:48 -05:00
63b6ab5355
simplify valid credential storage
2017-05-04 22:51:40 -05:00
fee0fb5e90
Missed an LHOST option
...
making OptAddressLocal inherit from OptAddress
2017-05-04 12:57:50 -05:00
81bcf2ca70
updating all LHOST to use the new opt type
2017-05-04 12:57:50 -05:00
a6afd0b9bf
adding in a new option type
...
this will grab the first ipv4 address on a given iface
2017-05-04 12:55:46 -05:00
73be4f1c2e
Adding StagerRetryWait option in reverse_tcp_ssl
2017-05-04 14:51:40 +05:30
494711ee65
Land #8307 , Add lib for writing Python modules
2017-05-02 15:53:13 -05:00
ba9010730a
Minor cleanup
2017-05-02 15:52:21 -05:00
1b58a4f392
Land #8329 , Make `help route` more informative
2017-05-02 14:19:58 -05:00
2f1df4d4c2
Bump version of framework to 4.14.16
2017-05-02 11:11:20 -07:00
bf2abaeeaf
Make `help route` more informative
2017-05-02 11:07:08 -05:00
b7d6be05ee
split python loader from generic implementation
2017-05-01 16:10:12 -05:00
585fac0457
Fix nil bug when creating nonexistent encoder
...
Found by irthewinner on IRC.
2017-04-30 03:43:51 -05:00
e026a8c663
Fix typo (s/Remote/Reverse/) in portfwd -L
...
Found by ThePortWhisperer on IRC.
2017-04-29 00:10:13 -05:00
f8fb03682a
Fix issue in ps_wmi_exec and powershell staging
...
The staging function in the post/windows/powershell class was broken
in a previous commit as the definition for env_variable was removed and
env_prefix alone is now used. This caused an error to be thrown when
attempting to stage the payload. This changes the reference from
env_variable to env_prefix.
Additionally, the ps_wmi_exec module created a powershell script to be
run that was intended to be used with the EncodedCommand command line
option; however the script itself was never actually encoded. This
change passes the compressed script to the encode_script function to
resolve that issue.
2017-04-28 03:31:56 -04:00
5450e96204
Land #8306 , fix #8305 , escape unadorned periods within SMTP payloads
2017-04-27 17:51:14 -05:00
cd73bd137a
Making use of while loop and solving StagerRetryWait issue
2017-04-27 11:50:13 +05:30
7a6a124272
Land #8279 , POSIX Meterpreter replaced by Mettle
2017-04-26 18:32:17 -05:00
a57067c4a7
append metasploit lib to PYTHONPATH
2017-04-26 18:13:46 -05:00
037fdf854e
move common json-rpc bits to a library
2017-04-26 18:08:08 -05:00
43ac2c339e
Land #8291 , Acunetix XML import improvements
2017-04-26 17:38:52 -05:00
353191992f
move mettle payloads to meterpreter, add reverse_http/s stageless
2017-04-26 17:06:34 -05:00
288cb6536d
fix #8305 , escape unadorned periods in the front of SMTP payloads
2017-04-26 16:05:46 -05:00
c4f1130619
Acunetix XML import improvements.
...
This patch updates the MSF db_import functionality w.r.t. importing Acunetix XML files to do the following:
- import web vulnerabilities identified by Acunetix
- import all services for each scanned host
- does not pull in the specifc program/version name of each service, as that's pretty loosely formatted in the Acunetix XML
2017-04-26 12:16:20 -05:00
3347af24ba
Add some basic libc definitions for railgun
2017-04-25 15:12:39 -04:00
9c60c3ee46
Support platform specific railgun constants
2017-04-25 14:36:15 -04:00
6f763a616d
Land #8225 , Expose the shared wifi profile dumping feature in Mimikatz
2017-04-25 11:23:34 -05:00
aeed81de29
Code cleanup from Rubocop output
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
c2296dcd1b
Addes 'isotpsend' command to interactive commands to send ISO-TP related queries
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
36026ba8b4
Fixed active buses not being recorded. The 'connect' command now works for other extensions as well as modules. Added TesterPresent background packet transmissions to hold debugging sessions open.
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
2012ebf38f
Fixed bug with a duplicate ID in hash for errors
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
406051a3ff
Added more session management to hwbridge. Commands 'sessions' and 'background' added.
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
5537348e28
Addes Statistics support from the API. When typing status in a hardware bridge it will also print packet statistics.
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
c4a6cc1907
Array was being checked with even? and should be array.size.even?
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
daf8833174
Refactor a bunch of windows_name references
2017-04-24 19:54:00 -04:00
3cc089bcef
Support loading platform specific railgun defs
2017-04-24 19:46:56 -04:00
d3a759d631
Make changes for initial linux railgun support
2017-04-24 17:11:27 -04:00
bd2379784e
Improved error handling for the python reverse_tcp payload
...
Handling all kinds of errors
Removing 'e'
Updating payload cached sizes
Updating payload cached sizes 2.0
Adding option to set retry time
2017-04-23 20:43:57 +05:30
89e81253ed
Bump version of framework to 4.14.15
2017-04-21 10:02:32 -07:00
6b37e1ecfc
Land #8268 , Improve metasploit-aggregator UX
2017-04-21 11:21:49 -05:00
32da0ed3d7
fix some comment typos
2017-04-19 14:14:26 -05:00
f90911e09e
Bump version of framework to 4.14.14
2017-04-19 09:35:29 -07:00
8d4ccb5d51
SMB over NtBIOS no longer works
...
don't try to run the smb loginscanner
against port 139
2017-04-18 13:34:00 -05:00
05e15cee18
Bump version of framework to 4.14.13
2017-04-18 08:17:22 -07:00
9634248211
treat socket reads as a connection error
...
treat failures to read from the socket
as a connection error
2017-04-17 21:58:22 -05:00
a597de516d
actually use the coerced values
2017-04-17 11:24:57 -05:00
bbdf06af5d
coerece nil credentials to empty strings
...
rubySMB doesn't take nils for credential data, so coerce any nils into
empty strings bfore sending it on
2017-04-17 11:17:09 -05:00
7b936b0012
Land #8184 , convert IPMI protocol and modules to bindata
2017-04-17 07:40:15 -05:00
484a545629
Replace exe.rb double variable declare
2017-04-16 22:38:49 -05:00
67047cf770
Revert "Fixes MS-1716, keep sessions in progress alive."
...
This reverts commit e5d0370a94
2017-04-16 15:52:22 -05:00
7950087804
Merge branch 'upstream-master' into land-8237-
2017-04-14 21:53:26 -05:00
cbebc5dc39
really remove errant keyscan_extract() call
2017-04-14 15:21:11 -05:00
42122d2835
Land #8238 , move SMB2 support back into smb_login, add simpler permissions checks
2017-04-14 14:06:46 -05:00
b8e14d7543
Merge branch 'upstream-master' into land-8224-
2017-04-14 12:55:29 -05:00
036d579228
Bump version of framework to 4.14.12
2017-04-14 10:04:35 -07:00
a3fc6791ca
Land #8217 , don't log empty attributes if they are ignored
2017-04-13 22:08:23 -05:00
bb0a0b5cd9
apply empty attribute fix in more places, simplify and unify
2017-04-13 22:07:10 -05:00
91fb3ce6b8
collapse SMB2 support into smb_login
...
converge the SMB and SMB loginscanners so that
there is only one SMB loginscanner that supports both
MS-2636
2017-04-13 15:22:03 -05:00
89bd110422
reinsert guest checks and uniq fallback
...
add checks back from original loginscanner
MS-2636
2017-04-13 14:55:37 -05:00
adeb4d10d7
smb2 login scanner admin check now working
...
we can now check for admin privs in the smb2
login scanner
MS-2636
2017-04-13 14:40:32 -05:00
303a767ccc
bring ukl branch up to date with upstream
2017-04-12 21:59:13 -05:00
ced1412ee0
Bump version of framework to 4.14.11
2017-04-12 14:39:40 -07:00
bb64f5d7e3
Land #8230 , Sum the results of the module loaders
2017-04-12 11:51:03 -05:00
c21d78b23b
Land #8186 , Convert DNS Fuzzer to use bindata
2017-04-11 23:27:08 -05:00
2d8001aa62
Sum the results of the module loaders
...
Fixes #8229
2017-04-11 23:21:58 -05:00
3cf51b7d43
Remove external module debugging code
...
Causes EACCESS when run by separate users.
Fixes #8226
2017-04-11 09:29:02 -05:00
271da4b4a5
Add new shared wifi profile dumping from kiwi
2017-04-11 22:01:52 +10:00
6983b0f857
Update the kiwi extension to show correct version number
2017-04-11 20:23:56 +10:00
e0ecf0972e
dropping extra spaces
2017-04-10 15:19:36 -05:00
099cf87e54
Catching errors where we are passing invalid attributes
...
We need to pass :task down for some functionality in pro.
while the error is valid we really shouldnt be passing the task all the way down if its blank but we need
the check there or we will end up with the same problem with pro.
2017-04-10 15:05:53 -05:00
0189c40317
compromise
2017-04-09 15:03:05 -05:00
d9ba993d25
handle general failure getting module info for external modules
2017-04-09 11:50:03 -05:00
7fc05bcb25
Bump version of framework to 4.14.10
2017-04-07 10:07:31 -07:00
b1bd92d57c
Land #8197 , fix HttpTrace with chunked encoding
2017-04-07 11:52:50 -05:00
3103decc98
Add -H/--history-file to msfconsole
...
Save command history to an alternative file instead of ~/.msf4/history.
2017-04-07 03:00:37 -05:00
5a754a0333
Land #8157 - Fix missing dll_data var in parse_pe
2017-04-07 09:55:12 +10:00
3c260ea452
fix #7921 , HttpTrace and chunked encoding
2017-04-05 22:58:11 +02:00
9e89567ce5
Fix #8191 (msfvenom cannot create exe-service)
...
Fixes issue #8191 : Cannot create exe-service from msfvenom
2017-04-05 12:49:46 -04:00
4e79aaccb7
Bump version of framework to 4.14.9
2017-04-04 16:14:28 -07:00
bd21d2811b
Update client to use TLS1.2
2017-04-04 17:57:07 -05:00
ed0e539249
handle sending bindata structs
2017-04-04 03:03:27 -05:00
5f88971ca9
convert NTP modules to bindata
2017-04-04 02:57:38 -05:00
46c7e822c8
convert IPMI protocol and modules to bindata
2017-04-04 02:44:17 -05:00
94a0b4b06c
Stop special-casing masscan
2017-04-04 00:33:13 -05:00
95c4dd8108
Prefer start_with? over =~
...
Oops, old habit.
2017-04-03 02:38:50 -05:00
7de2aa1a63
Update Nmap parser to handle masscan
...
masscan is missing <status>, meaning hosts aren't treated as alive.
Thanks to @jhart-r7 and @jlmurray for working on this previously.
2017-04-03 02:26:14 -05:00
98ffa4d380
Land #7652 , add varnish cache CLI authentication scanner module
2017-04-02 21:52:45 -05:00
4c0539d129
Land #8178 , Add support for non-Ruby modules
2017-04-02 21:02:37 -05:00
2de8f1b97d
Fixups for specs
2017-03-31 22:19:53 -05:00
a3e196e31e
Support arbitrary external command_stager exploits
...
So much done, so much more to do.
2017-03-31 17:06:28 -05:00
9edc08cd36
Bump version of framework to 4.14.8
2017-03-31 14:38:29 -07:00
c00b9ca1e5
Land #8175 , Get into the DANGER ZOOOOOOONE
2017-03-31 14:31:22 -05:00
7b9772376a
deregeister smb2_login from pro bruteforce
...
this loginscanner is temporary while we continue
to add the smb2 support and so we don't want the
Metasploit Pro bruteforcer picking it up
MS-2609
2017-03-31 13:34:10 -05:00
b5771b0f72
Get into the DANGER ZOOOOOOONE
2017-03-31 12:26:42 -05:00
b6085e188d
Bump version of framework to 4.14.7
2017-03-31 10:02:19 -07:00
1306065c91
Always run both loaders
...
How did I miss this? How did this work before??? I have a bad feeling
this may break pro.
2017-03-31 10:42:13 -05:00
a13d6a7810
Land #8166 , Add new SMB LoginScanner using RubySMB for SMB1/SMB2 Support
2017-03-30 11:08:17 -05:00
418e371e35
add SMB2 login scanner and module
...
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity
MS-2557
2017-03-29 11:36:33 -05:00
bf9b0130d9
Clean up odd code
2017-03-28 11:19:30 -05:00
71df231918
Add new loader for arbitrary executables
...
Still some kluges left in the shim and we have to hit the disk when
constructing the module path
2017-03-28 10:27:12 -05:00
a65936452f
Add android wakelock command to turn the screen on
2017-03-28 16:24:11 +08:00
d47e59b04e
Fix missing dll_data var in parse_pe
...
Also clean up YARD.
2017-03-27 01:17:23 -05:00
31c03840bb
Style fixes for HWBridge RF and a couple small bug fixes
...
I should have tweaked these earlier, my bad.
2017-03-26 13:45:19 -05:00
29b30217d2
Land #8149 , Add -h for the check command
2017-03-24 15:47:59 -05:00
4e6cf58b22
Land #8143 , Fix variable typos in rfrecv related methods.
2017-03-24 15:38:52 -05:00
51646e44a1
Bump version of framework to 4.14.6
2017-03-24 10:02:24 -07:00
1c3c2ecdc6
Add -h for the check command
...
Because even I don't remember what it can do anymore.
2017-03-24 11:47:36 -05:00
92c0748447
Land #8102 , Add a plugin to notify new sessions via SMS
2017-03-24 11:17:59 -05:00
e04f01ed6b
Land #7778 , RCE on Netgear WNR2000v5
2017-03-23 15:34:16 -05:00
8976faa3d1
Bump version of framework to 4.14.5
2017-03-23 08:41:49 -07:00
271fd589f2
Revert "Land #8135 , Report hosts always add ip to hostname if hostname is blank"
...
This reverts commit 5a1c7ca8afd10b3da6ec
2017-03-23 10:05:58 -05:00
c58e9acadd
Fix variable typos in rfrecv related methods.
2017-03-22 15:44:22 +02:00
ef53e6a593
fix execute and kill cmd usage/help
2017-03-22 16:29:47 +08:00
df181c1792
Bump version of framework to 4.14.4
2017-03-21 14:58:37 -07:00
686f30e118
Land #8117 , p{grep,kill} for Meterpreter <3
2017-03-21 16:37:34 -05:00
60bc279eb3
removing extra whitespace
2017-03-21 10:40:59 -05:00
1221a20d0d
reversing the logic to check for .blank?
2017-03-21 10:35:19 -05:00
7ff7c707c9
setting host_name to address if host_name is blank.
2017-03-21 10:26:57 -05:00
f397624a69
Land #7935 , HWBridge RF transceiver extension
2017-03-21 06:12:32 -05:00
aa5e9cd702
Land #8058 , Allow the http_payload stager to sleep before retry
2017-03-21 00:07:10 -05:00
7477e44d30
Use urlsafe Base64 en/decode calls.
2017-03-20 17:37:16 -05:00
c4279a837a
Minor formatting/spelling/verbiage changes.
2017-03-20 17:37:12 -05:00
2fde287424
Initial patch for rftransceiver (RfCat / YardstickOne)
2017-03-20 17:36:16 -05:00
321988c282
Replace errant '.' with ','
2017-03-20 16:36:13 -05:00
2acd941b16
Merge branch 'master' into dtc_fix
2017-03-20 14:10:01 -05:00
0be6b8c905
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-03-20 13:49:39 -05:00
06ebb22a8f
Land #8065 , Zigbee Hardware Bridge Extension
2017-03-20 10:44:15 -05:00
f9ecefe465
Land #8031 , nil fixes for HWBridge
2017-03-19 22:37:28 -05:00
f715fee10c
The option StagerRetryWait will be used by default with the value of 5 seconds
2017-03-17 20:28:14 -03:00
ad2222152c
Merge remote-tracking branch 'upstream/master' into land-8056-outlook
2017-03-17 17:30:08 -05:00
6200a3abb8
Bump version of framework to 4.14.3
2017-03-17 10:02:41 -07:00
dd6e75986d
add -l and -f flag simulation for pgrep, XXX rex handles flag opts poorly
2017-03-16 23:48:39 -05:00
70bbacf7ed
kill processes in reverse, allow children before parents more likely
2017-03-16 23:48:04 -05:00
e1f33f1616
Merge remote-tracking branch 'upstream/master' into land-8038-
2017-03-16 22:03:48 -05:00
095a110e65
Code and doc tweaks (minor).
...
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
bad1fc9948
Land #8041 , loopback warning for LHOST
2017-03-16 13:30:12 -05:00
af3cd18c9f
Fix #8041 so it works
2017-03-16 13:27:47 -05:00
ab75794cd4
Land #8071 , Add API to send an MMS message to mobile devices
2017-03-16 11:57:34 -05:00
03698ec214
Fix how the psh mixing issues meterpreter commands
2017-03-16 08:45:10 -04:00
85f7d73d4d
add pgrep as well
2017-03-16 04:14:45 -05:00
c9a85f58c0
add pkill command, rework to share filtering logic with ps
2017-03-16 03:57:49 -05:00
a1be63e449
fix warnings in rex argument parser
2017-03-16 03:57:49 -05:00
91a4657c36
Bumped the metasploit-payloads version and cache sizes with PR#8043
2017-03-15 19:02:21 -05:00
8995629037
Land #7061 , allow chaining the service stub with other encoders
2017-03-15 13:56:09 -05:00
befc5e05e5
Fix more kernel32 railgun definitions using DWORD
2017-03-14 18:42:52 -04:00
d759c603b2
Fix more kernel32 railgun definitions using DWORD
...
Some railgun definitions for the kernel32 module define DWORD for the
functions return type when it should be HANDLE. This causes errors on
64-bit systems when the return value is truncated.
2017-03-14 16:58:22 -04:00
18cdb2f82f
Add a -l option to the load command to list plugins
...
This allows the load command in msfconsole to list all the
available plugins in Framework.
2017-03-14 14:15:52 -05:00
bb4d6e17c8
Resolve #8026 , Add a plugin to notify new sessions via SMS
...
This plugin will notify you of a new session via SMS.
It also changes the SMS text format to MIME.
Resolve #8026
2017-03-13 16:13:59 -05:00
ad929b6427
indentation fix part 2
2017-03-09 15:44:09 -07:00
ef6831437a
indentation fix for clarity
2017-03-09 14:55:20 -07:00
ccf345f696
move method to module level
2017-03-09 14:32:51 -07:00
febe9625dd
Add rcheck/recheck to aux modules and exploits
2017-03-09 15:30:34 -06:00
10018e2a32
spacing fix in reverse.rb
2017-03-09 12:48:36 -07:00
40204703f0
remove unnecessary newline
2017-03-09 12:26:11 -07:00
e7b47865be
ruby formatting fix
2017-03-09 12:23:02 -07:00
274089a7f1
cleanup for lhost loopback warn
2017-03-09 11:33:27 -07:00
7806173764
Merge branch 'master' of github.com:rapid7/metasploit-framework into lhost-setting-warning
2017-03-09 11:11:23 -07:00
2f55b5e00e
reconfigure lhost warn for loopback address
2017-03-09 11:10:27 -07:00
1a96fb03ae
Allow start_service to specify a resource
...
This overrides URIPATH and random_uri if opts['Path'] is specified.
2017-03-09 02:33:02 -06:00
1a0b342e68
Add srvport to HttpServer
...
This allows URIPORT to override SRVPORT.
2017-03-09 02:24:22 -06:00
702d1c2b7e
Fix bug for subject
2017-03-08 11:43:36 -06:00
ed22902fd4
Support the subject field
2017-03-08 11:40:08 -06:00
f60dae0917
Lots of syntax fixups from rubocop
2017-03-08 09:21:33 -08:00
95683715e0
land #8069 , a warning when setting rhost in rhosts modules
2017-03-07 18:42:38 -05:00
036a443a41
Add Google Fi gateway
2017-03-07 17:02:32 -06:00
dc36bc4a0d
Add rspec
2017-03-07 16:49:42 -06:00
dc13b84189
Bring mms branch up to date w/ master
2017-03-07 16:13:39 -06:00
7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master
...
Merged #8047
2017-03-07 15:56:00 -06:00
1aec2203e5
Warn when setting RHOST option for module which expects RHOSTS
2017-03-07 21:02:30 +00:00
d32f08f969
Add doc and fix mms message class
2017-03-07 14:40:37 -06:00
fae05f2e98
And API to send an MMS message to mobile devices
...
This API allows you to send a malicious attachment to mobile
devices.
2017-03-07 12:34:45 -06:00
27c2795632
Issue #7188 resolved along with checking for all loopback addresses.
2017-03-08 00:02:50 +05:30
db581a040a
Bump version of framework to 4.14.2
2017-03-07 07:01:57 -08:00
4e9b8946d8
Fixed some small msftidy issues
2017-03-06 22:47:37 -08:00
97ad8be7ff
Added some Zigbee Documentation
2017-03-06 22:42:15 -08:00
60cd04bc7b
Added module for zstumbler
2017-03-06 16:10:14 -08:00
a466dc44c6
Do exception handling for sms client
2017-03-06 10:54:08 -06:00
09442f226a
Functionality was added to allow the payload to wait before trying to reconnect.
...
Also the code was modified to allow the payload to infinite retry if 0 is set.
2017-03-04 18:12:09 -03:00
4d44911d5c
Do doc for google fi
2017-03-03 11:38:47 -06:00
d9b21b16a9
Support Google Project Fi gateway
2017-03-03 11:36:13 -06:00
2edb116855
Send texts individually
...
If we pass all the phone numbers at once in one email, it becomes
a group chat, and that allows the recipients to see each other's
number, which isn't the intended behavior.
2017-03-03 11:12:59 -06:00
c61f8ded78
Comment out Sprint
...
It looks like the Sprint gateways won't accept our email for
some reason, so we can't use it.
2017-03-03 11:09:04 -06:00
6ad8afb8b3
Add API to send a text message (SMS) to mobile devices
2017-03-02 16:47:55 -06:00
23474dfc70
change print_error to print_warning
2017-03-02 09:46:03 -07:00
79c01a9577
Fix ancient copypasta of Aux to Post
...
Specifically a crash in the run command's help.
2017-03-02 01:24:27 -06:00
f91328b122
modify warning wording
2017-03-01 15:00:15 -07:00
d9f5b75dc5
warn when lhost set to 127.0.0.1
2017-03-01 14:53:49 -07:00
2d51801b01
Use native_arch for railfun multi and test it
2017-03-01 13:07:04 -05:00
Brent Cook
TheNaterz
HD Moore
Metasploit
Tim
itsmeroy2012
Matthew Daley
OJ
Renato Piccoli
Pearce Barry
James Lee
bwatters-r7
David Maloney
Jeffrey Martin
wchen-r7
William Vu
Spencer McIntyre
RageLtMan
Adam Cammack
William Webb
Carter Harwood
darkbushido
Brandon Knight
Brent Cook
Craig Smith
nixawk
Christian Mehlmauer
Elijah Frederickson
James Barnett
dmohanty-r7
Leon Jacobs
alpiste
Noah Berman
h00die
Jin Qian
Brendan Coles
=