Commit Graph

8375 Commits (e7fa4c2d068af1eb5a9cbee654382b7aca73f630)

Author SHA1 Message Date
Leon Jacobs c58e9acadd
Fix variable typos in rfrecv related methods. 2017-03-22 15:44:22 +02:00
darkbushido 60bc279eb3
removing extra whitespace 2017-03-21 10:40:59 -05:00
darkbushido 1221a20d0d
reversing the logic to check for .blank? 2017-03-21 10:35:19 -05:00
darkbushido 7ff7c707c9
setting host_name to address if host_name is blank. 2017-03-21 10:26:57 -05:00
Pearce Barry f397624a69
Land #7935, HWBridge RF transceiver extension 2017-03-21 06:12:32 -05:00
Brent Cook aa5e9cd702
Land #8058, Allow the http_payload stager to sleep before retry 2017-03-21 00:07:10 -05:00
Pearce Barry c4279a837a Minor formatting/spelling/verbiage changes. 2017-03-20 17:37:12 -05:00
Craig Smith 2fde287424 Initial patch for rftransceiver (RfCat / YardstickOne) 2017-03-20 17:36:16 -05:00
Pearce Barry 2acd941b16 Merge branch 'master' into dtc_fix 2017-03-20 14:10:01 -05:00
Pearce Barry 06ebb22a8f
Land #8065, Zigbee Hardware Bridge Extension 2017-03-20 10:44:15 -05:00
alpiste f715fee10c The option StagerRetryWait will be used by default with the value of 5 seconds 2017-03-17 20:28:14 -03:00
Brent Cook ad2222152c Merge remote-tracking branch 'upstream/master' into land-8056-outlook 2017-03-17 17:30:08 -05:00
Brent Cook e1f33f1616 Merge remote-tracking branch 'upstream/master' into land-8038- 2017-03-16 22:03:48 -05:00
Pearce Barry 095a110e65
Code and doc tweaks (minor).
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
William Vu bad1fc9948
Land #8041, loopback warning for LHOST 2017-03-16 13:30:12 -05:00
William Vu af3cd18c9f Fix #8041 so it works 2017-03-16 13:27:47 -05:00
bwatters-r7 ab75794cd4
Land #8071, Add API to send an MMS message to mobile devices 2017-03-16 11:57:34 -05:00
Spencer McIntyre 03698ec214 Fix how the psh mixing issues meterpreter commands 2017-03-16 08:45:10 -04:00
Brent Cook 8995629037
Land #7061, allow chaining the service stub with other encoders 2017-03-15 13:56:09 -05:00
wchen-r7 18cdb2f82f Add a -l option to the load command to list plugins
This allows the load command in msfconsole to list all the
available plugins in Framework.
2017-03-14 14:15:52 -05:00
wchen-r7 bb4d6e17c8 Resolve #8026, Add a plugin to notify new sessions via SMS
This plugin will notify you of a new session via SMS.

It also changes the SMS text format to MIME.

Resolve #8026
2017-03-13 16:13:59 -05:00
Noah Berman ad929b6427
indentation fix part 2 2017-03-09 15:44:09 -07:00
Noah Berman ef6831437a
indentation fix for clarity 2017-03-09 14:55:20 -07:00
Noah Berman ccf345f696
move method to module level 2017-03-09 14:32:51 -07:00
William Vu febe9625dd Add rcheck/recheck to aux modules and exploits 2017-03-09 15:30:34 -06:00
Noah Berman 10018e2a32
spacing fix in reverse.rb 2017-03-09 12:48:36 -07:00
Noah Berman 40204703f0
remove unnecessary newline 2017-03-09 12:26:11 -07:00
Noah Berman e7b47865be
ruby formatting fix 2017-03-09 12:23:02 -07:00
Noah Berman 274089a7f1
cleanup for lhost loopback warn 2017-03-09 11:33:27 -07:00
Noah Berman 7806173764 Merge branch 'master' of github.com:rapid7/metasploit-framework into lhost-setting-warning 2017-03-09 11:11:23 -07:00
Noah Berman 2f55b5e00e
reconfigure lhost warn for loopback address 2017-03-09 11:10:27 -07:00
William Vu 1a96fb03ae Allow start_service to specify a resource
This overrides URIPATH and random_uri if opts['Path'] is specified.
2017-03-09 02:33:02 -06:00
William Vu 1a0b342e68 Add srvport to HttpServer
This allows URIPORT to override SRVPORT.
2017-03-09 02:24:22 -06:00
wchen-r7 ed22902fd4 Support the subject field 2017-03-08 11:40:08 -06:00
Craig Smith f60dae0917 Lots of syntax fixups from rubocop 2017-03-08 09:21:33 -08:00
h00die 95683715e0
land #8069, a warning when setting rhost in rhosts modules 2017-03-07 18:42:38 -05:00
wchen-r7 dc13b84189 Bring mms branch up to date w/ master 2017-03-07 16:13:39 -06:00
Jin Qian 7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master
Merged #8047
2017-03-07 15:56:00 -06:00
Brendan Coles 1aec2203e5 Warn when setting RHOST option for module which expects RHOSTS 2017-03-07 21:02:30 +00:00
wchen-r7 fae05f2e98 And API to send an MMS message to mobile devices
This API allows you to send a malicious attachment to mobile
devices.
2017-03-07 12:34:45 -06:00
= 27c2795632
Issue #7188 resolved along with checking for all loopback addresses. 2017-03-08 00:02:50 +05:30
Craig Smith 4e9b8946d8 Fixed some small msftidy issues 2017-03-06 22:47:37 -08:00
Craig Smith 97ad8be7ff Added some Zigbee Documentation 2017-03-06 22:42:15 -08:00
Craig Smith 60cd04bc7b Added module for zstumbler 2017-03-06 16:10:14 -08:00
alpiste 09442f226a Functionality was added to allow the payload to wait before trying to reconnect.
Also the code was modified to allow the payload to infinite retry if 0 is set.
2017-03-04 18:12:09 -03:00
wchen-r7 6ad8afb8b3 Add API to send a text message (SMS) to mobile devices 2017-03-02 16:47:55 -06:00
Noah Berman 23474dfc70
change print_error to print_warning 2017-03-02 09:46:03 -07:00
William Vu 79c01a9577 Fix ancient copypasta of Aux to Post
Specifically a crash in the run command's help.
2017-03-02 01:24:27 -06:00
Noah Berman f91328b122
modify warning wording 2017-03-01 15:00:15 -07:00
Noah Berman d9f5b75dc5
warn when lhost set to 127.0.0.1 2017-03-01 14:53:49 -07:00
Tim 601131f236 hook Application class if found 2017-03-01 19:22:42 +08:00
Tim ee8b70e0df fix permission shuffling 2017-03-01 14:38:47 +08:00
Tim 063d999a64 randomize the payload, service and broadcast receiver names 2017-03-01 14:20:31 +08:00
Tim b273517f9a always set first byte to 1 on stageless configs 2017-03-01 12:46:00 +08:00
Tim c8816cacb0 Remove stageless classname from staged payloads, fixes #8034 2017-03-01 12:27:12 +08:00
Brent Cook 31568320f9 Merge branch 'upstream-master' into land-8021- 2017-02-28 03:02:03 -06:00
Brent Cook bbf271f6b0
Land #7981, allow handler launched by the handler command to persist
Merge remote-tracking branch 'upstream/pr/7981' into upstream-master
2017-02-28 02:38:42 -06:00
Craig Smith dcb42a3e69 Initial zigbee support using killerbee. Core session setup portion 2017-02-27 17:29:54 -08:00
Spencer McIntyre 3b2e5e0785 Add a new core_native_arch method for meterpreter 2017-02-26 14:22:24 -05:00
wchen-r7 f27ef55391
Land #7992, Improve Signature Evasions for browser exploits 2017-02-23 16:32:49 -06:00
Jeff Tang e3f613ecc6 Bypass: Metasploit OS detection
SEP is triggering on HTTP POSTs which start with `os_name`
2017-02-23 15:42:04 -05:00
Jeff Tang 84ab3c66cc Use obfuscated JS in BES 2017-02-22 12:47:36 -05:00
Rich Whitcroft f08478e02f fix handler persistence 2017-02-20 13:51:07 -05:00
dmohanty-r7 c4f1e0db1f
Land #7913, Fix Console Route Print with ipv4 and ipv6 2017-02-17 17:42:57 -06:00
Brent Cook 0e3eba18b3 simplify guard logic 2017-02-17 16:00:15 -06:00
Brent Cook f4befda59b inherit the options from the default target so we can autocomplete before the rhost resolution occurs 2017-02-17 15:50:45 -06:00
Brent Cook da82f0891e
Land #7860, Add OverrideScheme option to reverse_http/s handler 2017-02-17 11:12:49 -06:00
Craig Smith 1214ef5b79 Replaced tabs with spaces and removed trailing spaces at EOL 2017-02-15 16:46:11 -08:00
Craig Smith 8f1856c5d1 Fixed a bug with DTC decoding.
DTC Codes now print the English error messages next to their code with getvinfo
Frozen DTCs can also be fetched via get_frozen_dtcs()
2017-02-15 16:26:23 -08:00
wchen-r7 f600fa1caa Be aware of logout 2017-02-14 17:03:57 -06:00
wchen-r7 81abbfba46 Resolve #7959, Automatically login to RPC service after expiration
When the RPC client token expires, it will automatically login
again, and renew the token during the next RPC request.

Resolves #7959
2017-02-14 16:41:08 -06:00
Brent Cook c1d08b9574 rename udp_sock to udp_socket to avoid mixin collisions 2017-02-12 22:31:56 -06:00
wchen-r7 4b5bc84f5c
Land #7918, Fix report_vuln for aux/scanner checks 2017-02-09 12:18:33 -06:00
Tim 095831e029
fix silly typo 2017-02-08 23:41:15 +08:00
William Vu b06895b604 Hide RPORT more intelligently 2017-02-08 09:40:42 -06:00
Tim 870621d169
Add OverrideScheme option, fixes #7841 2017-02-08 23:30:29 +08:00
William Vu 31f93de150 Update HttpClient and WordPress mixins 2017-02-06 04:40:26 -06:00
William Vu ba80e1d9e5 Fix report_vuln for aux/scanner checks
Msf::Auxiliary::Scanner#setup sets it to nil in instance.check_simple.
2017-02-06 01:20:18 -06:00
Josh Hale 02afc3af96 Add lines for no IPv4/IPv6 routes 2017-02-05 17:38:30 -06:00
Pearce Barry cab19dc63c
Land #7904, Fix a bug where PHP tags were in the wrong place 2017-02-05 11:43:24 -06:00
Josh Hale 79b92ccdc7 Fix for Route Print IPv6 Error 2017-02-04 16:21:55 -06:00
Brent Cook 64e475a4ee
Land #7892, Enhance the creds command to allow creating logins 2017-02-03 11:53:46 -06:00
James Lee 3c7f78167a
Push up the preamble and modernize style 2017-02-02 17:57:03 -06:00
James Lee c9560b5aa8
Add error_reporting to preamble 2017-02-02 17:48:28 -06:00
Pearce Barry 23c2787d57
Land #7795, Hardware Bridge API.
Initial bridge API that supports the HW rest protocol.
2017-02-02 08:47:59 -06:00
Pearce Barry 16de745437
Minor code cleanups/corrections. 2017-02-01 16:12:45 -06:00
OJ 72c641fcab
Land #7889 - use a better check for whether rhosts exists 2017-01-31 07:49:14 +10:00
darkbushido e5d8a64770 adding the ability to create logins 2017-01-30 10:43:27 -06:00
Brent Cook 76529278b8 make sure we can actually invoke auto targeting before adding it 2017-01-30 05:24:57 -06:00
Brent Cook 7d32166c70 use a better check for whether rhosts exists 2017-01-29 19:18:23 -06:00
OJ d8511d1ad5
Add exception when SESSION doesn't exist 2017-01-30 10:26:23 +10:00
William Vu b44e7ff733 Fix argument passing for deprecated scripts
This allows the scripts to continue working while warning the user.

See also: c59b5eaa2f.
2017-01-29 14:14:55 -06:00
darkbushido 39d702ebd9
changing the syntax to work with ruby 2.1
Fixes #7881
2017-01-27 11:20:26 -06:00
William Vu c59b5eaa2f
Fix #7823, legacy_script_to_post_module fixes 2017-01-26 16:26:00 -06:00
Craig Smith 87701ff758 Added more error handling to bail out more gracefully when things go wrong. Could
be more common with bluetooth connections.
2017-01-25 18:23:57 -08:00
Craig Smith 2ff4e6f57e Fixed defaults for elm327 realy.
Array2Hex in the automotive extension how supports passing an array or integers or string hexes
Added some extra error handling for UDS calls to non-supported pids
2017-01-25 11:30:29 -08:00
Pearce Barry 9b16cdf602
Land #7845, Fix Msf::Exploit::EXE shellcode/template mismatch 2017-01-22 16:09:41 -06:00
Brent Cook 414977125f Merge remote-tracking branch 'upstream/master' into land-7847- 2017-01-22 14:11:40 -06:00
Brent Cook ac2ceca5e3
Land #7804, Switch the creds command to use named options 2017-01-22 10:49:19 -06:00
Brent Cook 6a2d036ea8 depend on regular rb-readline, bugs fixed upstream 2017-01-22 10:20:05 -06:00
Brent Cook 99047fa8a1 be stricter in what we accept for payload uri
datastore needs to contain something to produce a valid URI
2017-01-22 10:20:04 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
William Vu a7fac41172 Make shell_command_token time out again 2017-01-20 23:09:22 -06:00
William Vu 84513fd83c Add exception for HttpClient
Since it uses Rex::Proto::Http, which then uses Rex::Socket::Tcp.
2017-01-20 20:00:27 -06:00
William Vu 89b2f087fc Add TCP/UDP hint to RPORT
Caveat: works with mixins only (tenuously).
2017-01-20 19:50:40 -06:00
Tim 64e7f13067
improve error detection 2017-01-19 16:40:35 +07:00
Tim c1e30b632b
fix #7725, inject into the Activity constructor 2017-01-19 16:24:26 +07:00
Tim f8f764aefc
fix #7617, invalid register when hooking smali code 2017-01-19 14:52:30 +07:00
William Vu d8da7c6d43 Fix Msf::Exploit::EXE shellcode/template mismatch
Initialize EXE options unless code is supplied with platform/arch.
2017-01-19 00:07:35 -06:00
Brent Cook b94eefe724
Land #7771, Add history deduplication 2017-01-18 21:06:42 -06:00
William Vu ef487f6be5 Remove history clearing 2017-01-18 14:55:12 -06:00
David Maloney d564f5d60a
don't add auto targets to things without rhost
Things like browser exploits don't have remote host options
which is what auto targeting relies on, so it does not make sense
to include the auto-targeting in these exploits

7837
2017-01-17 11:40:07 -06:00
William Vu 77c78fa5f4 Move Rex::Text::Table workspace output to -v 2017-01-15 23:15:14 -06:00
William Vu 38382bb61a Convert workspace command to Rex::Text::Table
Still can't get over how it's called "loots." :D
2017-01-15 03:26:35 -06:00
William Vu b86c1f0465
Land #7823, legacy_script_to_post_module check 2017-01-13 17:37:41 -06:00
James Lee 3c0ce8eafb
Fix some rubocop complaints 2017-01-13 17:24:23 -06:00
William Vu 0800a4f816 Update RPC functionality 2017-01-12 19:35:42 -06:00
William Vu 601a88dad7 Update cmd_unload in CommandDispatcher 2017-01-12 19:29:28 -06:00
William Vu 2ad29a2351 Prefer find over each
Since we're modifying the load method directly, there should only ever
be one previously loaded instance. Suggestion by @egypt.
2017-01-12 19:28:06 -06:00
Brent Cook 8f6fe87400 fix assignment 2017-01-12 17:16:19 -06:00
William Vu d58db72cd0 Force unloading of already loaded plugins 2017-01-12 14:18:52 -06:00
Brent Cook c080d78922 intercept legacy meterpreter script runs and substitute post modules 2017-01-12 14:08:43 -06:00
Brent Cook b28f600aea
Land #7584, fix apk injection into proguarded apks 2017-01-11 12:45:23 -06:00
David Maloney 38a4c2aa97 fix autotargeting failure
the fallback to the original default was failing because
it was assuming rhost was already set, so it would always
go back to the first default target. now the auto_target? method
only returns true if can pull an auto_target_host
2017-01-10 14:12:28 -06:00
wchen-r7 18347a8de7
Land #7774, Fix pivoting of UDP sockets in scanners 2017-01-10 13:57:28 -06:00
bwatters_r7 b3e8c3376d
Land #7788, Add ability to interact with a manually backgrouned session 2017-01-10 08:55:00 -06:00
darkbushido 3e1cd0c789
adding a check to make sure you only give a signle private type 2017-01-09 15:13:36 -06:00
David Maloney 8c395338af
Land #7743, wchen's digest auth nonce fix
land sinn3r's pr for fixing the Digest Auth nonce
2017-01-09 14:16:09 -06:00
darkbushido 6bd2e03f37 dding realm tests showed a bug. its now squashed. 2017-01-09 13:04:34 -06:00
darkbushido 3674b25885 fixing the tests, more need to be added 2017-01-09 13:04:34 -06:00
darkbushido a3b1f7e360 the commands now work, onto tests 2017-01-09 13:04:34 -06:00
darkbushido 23cbc99341 changing the creds add command to use named params 2017-01-09 13:04:34 -06:00
darkbushido c179e0358f origin_type manual requires a user... 2017-01-09 13:04:34 -06:00
darkbushido ed3b34179b moving creds to its own dispatcher 2017-01-09 13:04:34 -06:00
William Vu 1a04691201
Fix #2504, edit command fixes I missed 3y ago
local_editor was never nil, so there was some dead code.
2017-01-08 03:02:19 -06:00
Craig Smith 5f07bca775 Hardware Bridge API. Initial bridge API that supports the HW rest protocol specified here:
http://opengarages.org/hwbridge  Supports an automotive extension with UDS calls for mdoule
development.
2017-01-06 19:51:41 -08:00
Adam Cammack dbdc558f0b
Land #7776, don't log on harmless DB errors 2017-01-06 18:25:13 -06:00
David Maloney 2108913e77
target_host method had a name collision
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
2017-01-06 12:44:37 -06:00
William Vu 969df408c7
Land #7786, Microsoft Edge constant for HttpClient 2017-01-05 21:07:57 -06:00
David Maloney 10cfadaf98 add optional output to merterp run_cmd
the run_cmd method on meterpreter sessions can now
take an optiona output IO to redirect output. This allows
backgrounded sessions to also run commands and still output
to the console
2017-01-05 12:12:20 -06:00
Carter e85721113a Add Edge to constants 2017-01-04 22:20:42 -05:00
wchen-r7 180795f209 Fix #7743, nil @cnonce in rex/proto/http/client.rb
Fix #7743
2017-01-04 11:50:31 -06:00
David Maloney 31d36d9112 if autotargeting fails fall back
fallback to the original first target if auto-targeting fails
2017-01-03 14:38:52 -06:00
David Maloney 5fd531028c ome minor guards and spec fixes
some minor conditional guards and spec fixes
2017-01-03 14:38:51 -06:00
David Maloney 2d5158403b add YARD docs to auto target methods
added YARD docs

MS-2325
2017-01-03 14:38:51 -06:00
David Maloney a61b92aa3e tweak target selection
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index

MS-2325
2017-01-03 14:38:51 -06:00
David Maloney 3d2957dff1 tying it all together
insert our autotarget routine into
the main target selection process

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 44830dfc54 prefer authour's target over ours
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 1afc57da40 determine most precise filter
drop back to our most precise level of filtering

MS-2325
2017-01-03 14:38:50 -06:00