4e6cf58b22
Land #8143 , Fix variable typos in rfrecv related methods.
2017-03-24 15:38:52 -05:00
92c0748447
Land #8102 , Add a plugin to notify new sessions via SMS
2017-03-24 11:17:59 -05:00
e04f01ed6b
Land #7778 , RCE on Netgear WNR2000v5
2017-03-23 15:34:16 -05:00
271fd589f2
Revert "Land #8135 , Report hosts always add ip to hostname if hostname is blank"
...
This reverts commit 5a1c7ca8afd10b3da6ec
2017-03-23 10:05:58 -05:00
c58e9acadd
Fix variable typos in rfrecv related methods.
2017-03-22 15:44:22 +02:00
60bc279eb3
removing extra whitespace
2017-03-21 10:40:59 -05:00
1221a20d0d
reversing the logic to check for .blank?
2017-03-21 10:35:19 -05:00
7ff7c707c9
setting host_name to address if host_name is blank.
2017-03-21 10:26:57 -05:00
f397624a69
Land #7935 , HWBridge RF transceiver extension
2017-03-21 06:12:32 -05:00
aa5e9cd702
Land #8058 , Allow the http_payload stager to sleep before retry
2017-03-21 00:07:10 -05:00
2fde287424
Initial patch for rftransceiver (RfCat / YardstickOne)
2017-03-20 17:36:16 -05:00
2acd941b16
Merge branch 'master' into dtc_fix
2017-03-20 14:10:01 -05:00
06ebb22a8f
Land #8065 , Zigbee Hardware Bridge Extension
2017-03-20 10:44:15 -05:00
f715fee10c
The option StagerRetryWait will be used by default with the value of 5 seconds
2017-03-17 20:28:14 -03:00
ad2222152c
Merge remote-tracking branch 'upstream/master' into land-8056-outlook
2017-03-17 17:30:08 -05:00
e1f33f1616
Merge remote-tracking branch 'upstream/master' into land-8038-
2017-03-16 22:03:48 -05:00
095a110e65
Code and doc tweaks (minor).
...
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
bad1fc9948
Land #8041 , loopback warning for LHOST
2017-03-16 13:30:12 -05:00
af3cd18c9f
Fix #8041 so it works
2017-03-16 13:27:47 -05:00
ab75794cd4
Land #8071 , Add API to send an MMS message to mobile devices
2017-03-16 11:57:34 -05:00
03698ec214
Fix how the psh mixing issues meterpreter commands
2017-03-16 08:45:10 -04:00
8995629037
Land #7061 , allow chaining the service stub with other encoders
2017-03-15 13:56:09 -05:00
bb4d6e17c8
Resolve #8026 , Add a plugin to notify new sessions via SMS
...
This plugin will notify you of a new session via SMS.
It also changes the SMS text format to MIME.
Resolve #8026
2017-03-13 16:13:59 -05:00
ad929b6427
indentation fix part 2
2017-03-09 15:44:09 -07:00
ef6831437a
indentation fix for clarity
2017-03-09 14:55:20 -07:00
ccf345f696
move method to module level
2017-03-09 14:32:51 -07:00
10018e2a32
spacing fix in reverse.rb
2017-03-09 12:48:36 -07:00
40204703f0
remove unnecessary newline
2017-03-09 12:26:11 -07:00
e7b47865be
ruby formatting fix
2017-03-09 12:23:02 -07:00
274089a7f1
cleanup for lhost loopback warn
2017-03-09 11:33:27 -07:00
7806173764
Merge branch 'master' of github.com:rapid7/metasploit-framework into lhost-setting-warning
2017-03-09 11:11:23 -07:00
2f55b5e00e
reconfigure lhost warn for loopback address
2017-03-09 11:10:27 -07:00
1a96fb03ae
Allow start_service to specify a resource
...
This overrides URIPATH and random_uri if opts['Path'] is specified.
2017-03-09 02:33:02 -06:00
1a0b342e68
Add srvport to HttpServer
...
This allows URIPORT to override SRVPORT.
2017-03-09 02:24:22 -06:00
ed22902fd4
Support the subject field
2017-03-08 11:40:08 -06:00
f60dae0917
Lots of syntax fixups from rubocop
2017-03-08 09:21:33 -08:00
dc13b84189
Bring mms branch up to date w/ master
2017-03-07 16:13:39 -06:00
fae05f2e98
And API to send an MMS message to mobile devices
...
This API allows you to send a malicious attachment to mobile
devices.
2017-03-07 12:34:45 -06:00
27c2795632
Issue #7188 resolved along with checking for all loopback addresses.
2017-03-08 00:02:50 +05:30
4e9b8946d8
Fixed some small msftidy issues
2017-03-06 22:47:37 -08:00
97ad8be7ff
Added some Zigbee Documentation
2017-03-06 22:42:15 -08:00
60cd04bc7b
Added module for zstumbler
2017-03-06 16:10:14 -08:00
09442f226a
Functionality was added to allow the payload to wait before trying to reconnect.
...
Also the code was modified to allow the payload to infinite retry if 0 is set.
2017-03-04 18:12:09 -03:00
6ad8afb8b3
Add API to send a text message (SMS) to mobile devices
2017-03-02 16:47:55 -06:00
601131f236
hook Application class if found
2017-03-01 19:22:42 +08:00
ee8b70e0df
fix permission shuffling
2017-03-01 14:38:47 +08:00
063d999a64
randomize the payload, service and broadcast receiver names
2017-03-01 14:20:31 +08:00
b273517f9a
always set first byte to 1 on stageless configs
2017-03-01 12:46:00 +08:00
c8816cacb0
Remove stageless classname from staged payloads, fixes #8034
2017-03-01 12:27:12 +08:00
f27ef55391
Land #7992 , Improve Signature Evasions for browser exploits
2017-02-23 16:32:49 -06:00
e3f613ecc6
Bypass: Metasploit OS detection
...
SEP is triggering on HTTP POSTs which start with `os_name`
2017-02-23 15:42:04 -05:00
84ab3c66cc
Use obfuscated JS in BES
2017-02-22 12:47:36 -05:00
0e3eba18b3
simplify guard logic
2017-02-17 16:00:15 -06:00
f4befda59b
inherit the options from the default target so we can autocomplete before the rhost resolution occurs
2017-02-17 15:50:45 -06:00
da82f0891e
Land #7860 , Add OverrideScheme option to reverse_http/s handler
2017-02-17 11:12:49 -06:00
1214ef5b79
Replaced tabs with spaces and removed trailing spaces at EOL
2017-02-15 16:46:11 -08:00
8f1856c5d1
Fixed a bug with DTC decoding.
...
DTC Codes now print the English error messages next to their code with getvinfo
Frozen DTCs can also be fetched via get_frozen_dtcs()
2017-02-15 16:26:23 -08:00
f600fa1caa
Be aware of logout
2017-02-14 17:03:57 -06:00
81abbfba46
Resolve #7959 , Automatically login to RPC service after expiration
...
When the RPC client token expires, it will automatically login
again, and renew the token during the next RPC request.
Resolves #7959
2017-02-14 16:41:08 -06:00
c1d08b9574
rename udp_sock to udp_socket to avoid mixin collisions
2017-02-12 22:31:56 -06:00
095831e029
fix silly typo
2017-02-08 23:41:15 +08:00
b06895b604
Hide RPORT more intelligently
2017-02-08 09:40:42 -06:00
870621d169
Add OverrideScheme option, fixes #7841
2017-02-08 23:30:29 +08:00
31f93de150
Update HttpClient and WordPress mixins
2017-02-06 04:40:26 -06:00
3c7f78167a
Push up the preamble and modernize style
2017-02-02 17:57:03 -06:00
c9560b5aa8
Add error_reporting to preamble
2017-02-02 17:48:28 -06:00
23c2787d57
Land #7795 , Hardware Bridge API.
...
Initial bridge API that supports the HW rest protocol.
2017-02-02 08:47:59 -06:00
16de745437
Minor code cleanups/corrections.
2017-02-01 16:12:45 -06:00
72c641fcab
Land #7889 - use a better check for whether rhosts exists
2017-01-31 07:49:14 +10:00
76529278b8
make sure we can actually invoke auto targeting before adding it
2017-01-30 05:24:57 -06:00
7d32166c70
use a better check for whether rhosts exists
2017-01-29 19:18:23 -06:00
d8511d1ad5
Add exception when SESSION doesn't exist
2017-01-30 10:26:23 +10:00
87701ff758
Added more error handling to bail out more gracefully when things go wrong. Could
...
be more common with bluetooth connections.
2017-01-25 18:23:57 -08:00
2ff4e6f57e
Fixed defaults for elm327 realy.
...
Array2Hex in the automotive extension how supports passing an array or integers or string hexes
Added some extra error handling for UDS calls to non-supported pids
2017-01-25 11:30:29 -08:00
9b16cdf602
Land #7845 , Fix Msf::Exploit::EXE shellcode/template mismatch
2017-01-22 16:09:41 -06:00
414977125f
Merge remote-tracking branch 'upstream/master' into land-7847-
2017-01-22 14:11:40 -06:00
99047fa8a1
be stricter in what we accept for payload uri
...
datastore needs to contain something to produce a valid URI
2017-01-22 10:20:04 -06:00
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
f69b4a330e
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
a7fac41172
Make shell_command_token time out again
2017-01-20 23:09:22 -06:00
64e7f13067
improve error detection
2017-01-19 16:40:35 +07:00
c1e30b632b
fix #7725 , inject into the Activity constructor
2017-01-19 16:24:26 +07:00
f8f764aefc
fix #7617 , invalid register when hooking smali code
2017-01-19 14:52:30 +07:00
d8da7c6d43
Fix Msf::Exploit::EXE shellcode/template mismatch
...
Initialize EXE options unless code is supplied with platform/arch.
2017-01-19 00:07:35 -06:00
d564f5d60a
don't add auto targets to things without rhost
...
Things like browser exploits don't have remote host options
which is what auto targeting relies on, so it does not make sense
to include the auto-targeting in these exploits
7837
2017-01-17 11:40:07 -06:00
3c0ce8eafb
Fix some rubocop complaints
2017-01-13 17:24:23 -06:00
0800a4f816
Update RPC functionality
2017-01-12 19:35:42 -06:00
2ad29a2351
Prefer find over each
...
Since we're modifying the load method directly, there should only ever
be one previously loaded instance. Suggestion by @egypt.
2017-01-12 19:28:06 -06:00
d58db72cd0
Force unloading of already loaded plugins
2017-01-12 14:18:52 -06:00
b28f600aea
Land #7584 , fix apk injection into proguarded apks
2017-01-11 12:45:23 -06:00
38a4c2aa97
fix autotargeting failure
...
the fallback to the original default was failing because
it was assuming rhost was already set, so it would always
go back to the first default target. now the auto_target? method
only returns true if can pull an auto_target_host
2017-01-10 14:12:28 -06:00
18347a8de7
Land #7774 , Fix pivoting of UDP sockets in scanners
2017-01-10 13:57:28 -06:00
8c395338af
Land #7743 , wchen's digest auth nonce fix
...
land sinn3r's pr for fixing the Digest Auth nonce
2017-01-09 14:16:09 -06:00
5f07bca775
Hardware Bridge API. Initial bridge API that supports the HW rest protocol specified here:
...
http://opengarages.org/hwbridge Supports an automotive extension with UDS calls for mdoule
development.
2017-01-06 19:51:41 -08:00
dbdc558f0b
Land #7776 , don't log on harmless DB errors
2017-01-06 18:25:13 -06:00
2108913e77
target_host method had a name collision
...
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
2017-01-06 12:44:37 -06:00
969df408c7
Land #7786 , Microsoft Edge constant for HttpClient
2017-01-05 21:07:57 -06:00
e85721113a
Add Edge to constants
2017-01-04 22:20:42 -05:00
180795f209
Fix #7743 , nil @cnonce in rex/proto/http/client.rb
...
Fix #7743
2017-01-04 11:50:31 -06:00
31d36d9112
if autotargeting fails fall back
...
fallback to the original first target if auto-targeting fails
2017-01-03 14:38:52 -06:00
5fd531028c
ome minor guards and spec fixes
...
some minor conditional guards and spec fixes
2017-01-03 14:38:51 -06:00
2d5158403b
add YARD docs to auto target methods
...
added YARD docs
MS-2325
2017-01-03 14:38:51 -06:00
a61b92aa3e
tweak target selection
...
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index
MS-2325
2017-01-03 14:38:51 -06:00
3d2957dff1
tying it all together
...
insert our autotarget routine into
the main target selection process
MS-2325
2017-01-03 14:38:50 -06:00
44830dfc54
prefer authour's target over ours
...
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better
MS-2325
2017-01-03 14:38:50 -06:00
1afc57da40
determine most precise filter
...
drop back to our most precise level of filtering
MS-2325
2017-01-03 14:38:50 -06:00
201b65e43d
remaining os filtering
...
now can filter by os name and service pack
need to do final logic to turn that into an actual
target selection
MS-2325
2017-01-03 14:38:50 -06:00
05ac2ee6ed
convert first stage to os_family
...
added the new os-family column to Host
so now we use that as our first stage filter
for targets
MS-2325
2017-01-03 14:38:49 -06:00
95d5c7a778
filtering by os_name
...
targets now filtered by OS name, but a little
more processing may be needed on this part because
it looks like what you'd expect in os_flavor gets jammed
into name instead
MS-2325
2017-01-03 14:38:49 -06:00
4060e63b89
add tests for auto target addition
...
tests to make sure we add auto targets only
in the appropriate conditions
MS-2325
2017-01-03 14:38:49 -06:00
84d5e42e4f
start gearing up for testing
...
start getting auto-targeting test framework in place
so we can have unit tests for this behaviour
MS-2325
2017-01-03 14:38:45 -06:00
769d477e97
if no automatic target defined, add one
...
if an exploit does not have a defined automatic target
then we add one in for our fallback auto-targeting
MS-2325
2017-01-03 13:54:34 -06:00
3808eebad8
Land #7704 , Update jobs output to show TCP listener information
2017-01-02 15:44:49 -06:00
4f0569c6ce
support pivoting with UDP port scanners
...
Use bound UDP sockets for each UDP service/ip that we wish to scan,
managing and closing them locally as they expire, rather than an unbound
socket.
2017-01-02 08:55:27 -06:00
225aaac8fd
remove logging of expected exceptions in connection_established? method
2017-01-02 08:31:05 -06:00
4264521354
Fix broken CVE reference and update links
...
Prefer HTTPS over HTTP, too.
2017-01-01 21:33:59 -06:00
956602cbfe
add final wnr2000 sploits
2016-12-31 16:49:05 +00:00
0321000ea7
Update Http mixin for opts[:ssl]
...
1. Add opts[:ssl]
2. Remove opts[:busybox]
3. Refactor logic
4. Remove resource_uri
2016-12-30 00:56:02 -06:00
34d358b8d7
Update CmdStager with new toys
2016-12-30 00:56:02 -06:00
58dd59fad5
Add Http mixin for CmdStager
2016-12-30 00:56:02 -06:00
e74239b30f
allow reusing the already-generated payload uuid in generate_uri_uuid_mode
2016-12-27 15:37:39 -06:00
5702bd6745
Land #7674 , Move migration stub generation code into msf
2016-12-22 17:53:00 -06:00
0221d2d904
Land #7735 , make assigning payloads fast again!
2016-12-21 00:16:52 -06:00
f95136ce67
Prefer && over and
2016-12-21 00:16:33 -06:00
6e830a886e
Land #7737 , print_warning on session_compatible?
2016-12-20 20:11:11 -06:00
1098bc6d90
Warn user when session not compat instead of failing
...
This commit changes the post mixin so that the session compat check only
shows a warning rather than throwing an exception and stopping the
module from working completely.
This is off the back of the discussion involved with #7736
2016-12-21 11:14:52 +10:00
efb015facc
make assigning payload fast again
...
This streamlines the check for whether the currently-selected payload is
compatible on assignment. Rather than building the entire list of
compatible payloads, and seeing if what the user typed is in it (and
making multiple giant lists on the way), we simply check the module the
user typed directly.
2016-12-20 17:39:09 -06:00
62d8cc7b21
Handle some error conditions with SMTP delivery
2016-12-16 16:06:02 -06:00
47df88a5cc
Make SMTP delivery work with a range of server SSL
2016-12-15 16:57:08 -06:00
fa016de78a
Land #7634 , Implement universal HTTP/S handlers for Meterpreter payloads
2016-12-13 18:13:22 -06:00
505cc19662
Update reverse_tcp to show TCP listener information
...
Also update the readable text to only output the listener information if
it differs from the payload information.
2016-12-12 15:56:26 +10:00
eeef8fa6ad
Add new arches to UUIDs
2016-12-08 16:29:43 -06:00
d0696a09ad
Move migration stub generation into MSF
...
This code adds support for transport-specific migration stubs to be
generated in MSF rather than having them hard-coded in Meterpreter.
2016-12-08 16:01:13 +10:00
ffee0ff1b6
Fix payload cache size issue, fix shell/bind payloads
2016-12-06 11:12:02 +10:00
9ba6797d19
use arch for session_compatible? to support shell sessions
2016-12-05 15:56:28 -06:00
483228c4ea
use platform for session_compatible? to support shell sessions
2016-12-05 14:14:37 -06:00
86ec5861f9
Land #7649 , update session_compatible? for changes from PR#7507
...
Fixing the ability to find compatible post scripts for sessions
2016-12-02 16:29:08 -06:00
b218c7690a
cleanup stray comment
2016-12-02 15:25:58 -06:00
0be166e719
update session_compatible? for changes from PR#7507
2016-12-02 14:55:38 -06:00
889de05af4
removing some commented code
2016-12-02 13:06:22 -06:00
486f8cd2a3
adding arch to search
2016-12-02 13:05:23 -06:00
f6694992ce
changing module search to use the new scopes
2016-12-02 13:05:23 -06:00
5a2eb29a1b
remove unused generate_small_uri
2016-12-01 18:33:36 +08:00
4da614532b
fix luri
2016-12-01 18:22:13 +08:00
72a20ce464
Merge timwr's changes that fix android/reverse_http
2016-12-01 09:59:41 +10:00
2a065cd220
Land #7591 , sinn3r's warbird check fix
...
Lands sinn3r's fix to the warbird license verification
check in the payload segment injector
2016-11-30 15:45:04 -06:00
78480e31e7
remove AutoLoadAndroid
2016-11-30 21:23:14 +08:00
b494d069f7
fix android/meterpreter/reverse_https
2016-11-30 20:53:09 +08:00
92751714c1
fix android/meterpreter/reverse_http
2016-11-30 20:12:00 +08:00
e5db0f4610
Fix unpack causing puid breakage in some cases
2016-11-30 15:51:17 +10:00
3fad75641d
Final touches to make MSF happy with all refactorings
2016-11-30 11:30:59 +10:00
834756c337
Rework android structure to function with the multi arch payload
2016-11-29 17:55:31 +10:00
bdfaaf01b2
Make multi work with https
2016-11-29 15:51:38 +10:00
bd8f8fd6cb
More rework of payload structure to handle multi arch handlers
2016-11-29 15:21:13 +10:00
beca63645e
Revamp of java payload structure
2016-11-29 11:54:30 +10:00
e8d7a074fa
Tweak to stageless handling for python payloads
2016-11-29 07:54:51 +10:00
5e8a47ac00
Merge upstream/master into universal handler work
2016-11-28 15:26:43 +10:00
496836fc06
Remove debug junk, rejig order of ops in initializer
2016-11-28 15:25:07 +10:00
e8158bd200
Add multi platform type, wire into the multi stage
2016-11-28 09:34:09 +10:00
5fdd5a7326
More progress on http universal staged handler
2016-11-25 13:00:35 +10:00
9f4784354a
Disconnect after making the HTTP transaction in send_request_cgi
...
Add a disconnect call after cgi is done.
2016-11-23 11:20:10 -06:00
b45a36180e
Don't complain when Proxies is an empty string
2016-11-22 09:29:04 -06:00
c606eabbb9
Merge 'upstream/master' into universal-handlers
2016-11-22 14:06:46 +10:00
b2cc8e2b95
Fix #7569 , Fix warbird check for missing text section
...
Fix #7569
2016-11-21 14:57:01 -06:00
daae46d37b
Fixes #7552 , fix apk injection into proguarded apks
2016-11-21 15:05:59 +08:00
f313389be4
Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch
2016-11-20 19:08:56 -06:00
cd01b07682
Land #7565
...
Lands print_bad and vprint_bad from todb-r7
2016-11-18 13:29:39 -05:00
66ba2b077b
Land #7567 , fix apk injection when template has no permissions
2016-11-17 11:42:54 +00:00
927e195e28
Generate payload apk from permissionless apk
2016-11-16 00:48:10 -04:00
1deacad2be
Add a print_bad alias for print_error
...
Came up on Twitter, where Justin may have been trolling a little:
https://twitter.com/jstnkndy/status/798671298302017536
We have a `print_good` method, but not a `print_bad`, which seems a
little weird for Ruby -- opposite methods should be intuitive as Justin
is implying.
Anyway, I went with alias_method, thanks to the compelling argument at
https://github.com/bbatsov/ruby-style-guide#alias-method
...since Metasploit is all about the singleton, and didn't want to risk
some unexpected scoping thing.
Also dang, we define the `print_` methods like fifty billion times!
Really should fix that some day.
2016-11-15 19:20:42 -06:00
7e4645afb3
Land #7527 , Add LURI support to the reverse_http/s stagers
2016-11-15 16:31:20 -06:00
c0e839dfd9
Fixes keytool bug in APK inject code
2016-11-11 06:12:47 -08:00
50c2ed8509
Fix post mixin platform/session check
2016-11-05 02:41:52 +10:00
b0970783ff
Another interim commit moving towards universal handlers
2016-11-04 13:25:02 +10:00
47ac122c15
Add LURI support to the reverse_http/s stagers
2016-11-03 14:51:07 +10:00
09d9733a75
Interim commit while working on multi payloads
2016-11-03 06:44:39 +10:00
cc8c1adc00
Add first pass of multi x86 http/s payload (not working yet)
2016-11-03 02:44:53 +10:00
494b4e67bd
Refactor http/s handler & payloads
...
This commit moves much of the platform-specific logic from the
reverse_http handler down into the payloads. This makes the handler
a bit more agnostic of what the payload is (which is a good thing).
There is more to do here though, and things can be improved.
Handling of datastore settings has been changed to make room for the
ability to override the datastore completely when generating the
payloads. If a datastore is given via the `opts` then this is used
instead otherwise it falls back to the settings specified in the usual
datatstore location.
Down the track, we'll have a payload that supports multiple stages, and
the datastore will be generated on the fly, along with the stage itself.
Without this work, there's no other nice way of getting datastore
settings to be contained per-stager.
2016-11-02 11:33:59 +10:00
0fca4483c0
Correctly call generate_stage on native init
2016-11-02 00:52:25 +10:00
f08a7ac10b
modernize default smtp_deliver TLS options
2016-11-01 05:42:05 -05:00
294b1e5ed7
Move session_type to base, and map shell arch to string
2016-11-01 03:02:23 +10:00
ddd2d5e43f
Remove junk spaces from EXE exploit module
2016-11-01 01:28:21 +10:00
0730613c67
Add comment to hilight need to support ARCH_CMD in sess check
2016-10-29 14:29:05 +10:00
8605992cdf
Remove superfluous session check in the post mixin
2016-10-29 14:19:27 +10:00
e5d3feebea
Final regex fix for jobs arch check
2016-10-29 14:10:01 +10:00
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
0737d7ca12
Tidy code, remove regex and use comparison for platform checks
2016-10-29 13:41:20 +10:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
ca377cadd7
Move the binary suffix stuff to a better location
2016-10-27 07:43:27 +10:00
5ce886cf5c
Land #7490 , xml importer fingerprinting fixed
2016-10-25 14:13:15 -05:00
56d5c49d4d
host was no associated with the workspace
...
* searching mdm host by wspace id instead
2016-10-25 12:05:06 -05:00
1378e2e61a
preserve hosts should still fingerprint new hosts
2016-10-25 09:58:30 -05:00
744724c083
conditionalize fingerprinting
...
* fix bug where host not preserved
2016-10-24 18:45:48 -05:00
12508f7140
Fix DRDoS mixin to handle empty responses
2016-10-24 14:21:28 -07:00
39b889ea29
Land #7459 , Delay fingerprinting during import
2016-10-24 10:47:25 -05:00
ce1f3e6b9e
Land #7451 , copy original signing certificate when backdooring APK
2016-10-22 18:04:22 +08:00
6b77f509ba
fixes bad file refs for cmdstagers
...
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced
Fixes #7466
2016-10-21 12:31:18 -05:00
de87fccf85
Land #7469 , OJ's php preamble fix
...
this is OJ's fix for the bind_php payload
preamble that causes it to be missing the php
tags
2016-10-21 12:05:39 -05:00
b8e30a241e
Copy original cert data into new signing cert created for APK injection
2016-10-20 08:43:45 -07:00
Pearce Barry
dmohanty-r7
William Webb
darkbushido
Leon Jacobs
Brent Cook
Craig Smith
alpiste
William Vu
bwatters-r7
Spencer McIntyre
wchen-r7
Noah Berman
=
Tim
Jeff Tang
James Lee
OJ
Brent Cook
David Maloney
Adam Cammack
Carter
Pedro Ribeiro
Jeffrey Martin
Jin Qian
h00die
Brian Yip
Tod Beardsley
dana-at-cp
Sonny Gonzalez
Louis Sato
Jon Hart