e46893bfbd
Split command using Shellwords.shellwords
2019-03-12 13:34:51 -05:00
9186e00167
Add irb and pry commands to command shells
2019-03-12 12:22:12 -05:00
8e9c207d26
Clarify module name is filename as per msftidy
2019-03-11 23:53:36 -05:00
1d8538caee
Direct user to framework.log for load problems
...
This reduces long lines and cluttered output during startup.
2019-03-11 23:40:59 -05:00
6c4729de7e
Prefer a soft error for invalid module names
2019-03-11 22:54:34 -05:00
c06190c122
Revert Msf::ModuleLoadError exception
...
Msf::Modules::Error is already a thing! My bad.
2019-03-11 22:34:37 -05:00
fd20d29fd7
Land #11551 , jobify fix for aux modules
2019-03-11 16:33:55 -05:00
d14ace42ed
fix jobify support with aux modules
...
Looks like we hit another bug involving variable scope in parameters passed down to run_simple via 'run_single'. Since 'run_single' doesn't actually even run a single invocation of a module, let's just unwind that function, and get the rest of the parameters passed down.
This also explicitly disables 'jobify' support for non-scanner aux modules with multiple targets, which I don't think we're ready for until we add the RHOSTS iteration to the module proper. Otherwise, we'll have an explosion of jobs in the current implementation.
2019-03-11 14:20:34 -05:00
172a984d60
add deregister_tcp/udp_options
2019-03-08 16:04:32 -06:00
1bf93ab1bc
Land #11061 , allow the possibilty of empty string values for datastore options in msf5
2019-03-08 09:27:50 -06:00
7c97ca6a8e
Land #11535 , add deregister_http_client_options
2019-03-07 18:16:14 -06:00
3670dd8067
Land #11521 , add RMI support for UnicastRef2 responses
2019-03-06 20:05:33 -06:00
433af12942
add deregister_http_client_options
2019-03-06 19:37:56 -06:00
f873d94c10
Check that DB is active before looking up payload
2019-03-06 14:22:32 -05:00
a749b86730
Add missing ActiveRecord connection block
2019-03-06 13:07:35 -05:00
b2aa06560f
Add drupal_patch method to Drupal mixin
2019-03-05 18:52:27 -06:00
d70439f698
Add UNRELIABLE_SESSION Reliability constant
2019-03-05 13:10:56 -06:00
ecfd52dcb0
RMI/util.rb: add handling of UnicastRef2 responses
2019-03-05 15:23:11 +01:00
822f5357a2
Land #10675 , DB manager for payloads: Resolve conflicts, add 'create!' to trigger database write
2019-03-04 14:58:03 -06:00
b70d0f684c
Land #11498 , add documentation for the 'jobs' command
2019-03-01 15:53:20 -06:00
bd8d4d3f78
Deprecate pml_driver_config script
2019-03-01 19:43:38 +00:00
3aea9bc477
Fix `check` to use all the IP addresses passed
2019-02-28 10:52:26 -06:00
0c253ab085
add file: support for RHOSTS option on exploit modules
2019-02-28 06:01:30 -06:00
9dbbea8973
Further improve / fix RHOSTS support for aux modules
...
Peleus notes that when pulling more than a few RHOSTS targets from the database, MSF writes the intermediate results to a text file instead of leaving them in memory. The aux module check of instantiating a RangeWalker for validation is necessary but insufficient for validating 'file:' RHOSTS specifications.
This clones logic used in the 'check' method in exploit modules to be able to handle file: properly. I suspect this may need to be consolidated and implemented elsewhere tool.
2019-02-26 22:18:45 -06:00
d11d391e17
Land #11485 , VHOST support for full_uri
2019-02-26 10:35:50 -06:00
1fca26de49
Land #11467 , CMDSTAGER::TEMP with WritableDir
2019-02-26 10:34:43 -06:00
287667d4f7
simplify check
2019-02-25 21:59:54 -06:00
e9e29580a7
Fix several bugs running non-scanner aux modules
...
This fixes a couple of bugs in #11176 :
- RHOSTS is not always used in Aux modules, don't enforce it unless it's used.
- Be sure to pass the action to the run stub, since it's not a standard option.
2019-02-25 16:19:57 -06:00
d55fbdfbe5
Add VHOST support to full_uri
2019-02-25 14:45:26 -06:00
659621a40b
Add CMDSTAGER::TEMP with WritableDir fallback
2019-02-23 02:34:30 -06:00
087d653cd0
enhance BigDecimal deprecation message suppression
...
When BigDecimal.new is called without keyword arguments
pass along only the *arg list.
2019-02-21 21:47:03 -06:00
fc45e7d1b1
Land #11407 , Add support for showing extra help in msfconsole
2019-02-20 07:45:53 -06:00
d196020df1
Land #11289 , Add Nuuo mixin
2019-02-20 06:35:03 -06:00
1c1103f9da
Land #11400 , Add --sec-name to msfvenom, update generate command
2019-02-19 21:11:01 -06:00
760defd218
Land #11184 , update to Ruby 2.6.1
2019-02-19 21:06:40 -06:00
880e5976bf
Land #11176 , support RHOSTS in all auxiliary modules
2019-02-19 21:01:57 -06:00
d2775c02f8
Land #11393 , If an option alias is deregistered, also deregister the original option
2019-02-19 20:57:23 -06:00
d15095f452
Land #11191 , add analyze command
2019-02-19 21:50:20 -05:00
33948eb5c4
process each individual id returned from ranges
2019-02-19 15:43:38 -06:00
25743e1346
one more missing doc
2019-02-19 10:03:20 -06:00
e25abebd80
private can be nil
2019-02-18 20:30:08 -05:00
a13198189e
analyze all host if no range provided
2019-02-15 17:40:11 -06:00
5e8d33483e
update docs to clarify workspace rewuirements
2019-02-15 17:32:49 -06:00
6460180423
guard for unknown host, fix processing of modules
2019-02-15 17:19:23 -06:00
a5d5ccf67e
Deprecate get_env script
2019-02-15 08:51:11 +00:00
daf22bbde6
apply similar change to service enumeration
2019-02-14 12:13:36 -06:00
d3745e9a39
Enable cancel auxiliary mod for multiple targets.
2019-02-14 11:16:37 +08:00
5b213f36d5
fix #11395 , use db.hosts.each
...
Prefer iterating over hosts over the older method in the database.
2019-02-13 18:04:50 -06:00
a70c097b10
Remove extra lines from help
2019-02-13 15:57:37 -06:00
22eb2bb72b
Add support for showing detailed help for commands
2019-02-13 15:56:44 -06:00
5151473e09
Implement sec-name and pad-nops for command dispatcher
2019-02-13 13:35:42 -06:00
a5ae7c491d
Fixup line alignment.
2019-02-13 13:35:36 -06:00
1487ca8923
Fixed line alignment. New section name is made lowercase to comply with naming standard.
2019-02-13 13:35:26 -06:00
484329f6a0
Issue #6637 : Adds msfvenom option --sec-name to specify custom new section header name
2019-02-13 13:34:38 -06:00
16e800a7c4
Implement deregistering an option by alias
...
Rather than having to 'unregister' both 'RHOST' and 'RHOSTS' for modules using a network-connecting mixin, this allows just unregistering one option by exposing the alias key lookup to the module options library and allowing it to remove the datastore options for the module from validation.
Noted while testing #11108 that the module's unregister options were incomplete, and there were a few more like it. This allows modules operating in this style to work without modifications.
2019-02-13 05:07:20 -06:00
930d1fb78a
Land #11351 , many new John the Ripper module improvements
2019-02-13 03:05:14 -06:00
4a4717c3db
Land #10937 , remove server/client from module cache
2019-02-12 21:28:14 -06:00
c68c44c818
remove bigdecimal warning
2019-02-12 19:12:54 +01:00
7bad1eefd7
Land #11335 , Update hash parsing formats for JTR
2019-02-12 08:32:47 -06:00
5fc7167beb
Merge remote-tracking branch 'upstream/master' into land-10812-
2019-02-07 09:31:02 -06:00
0e838da56b
Land #11333 , Add initial scaffolding for external evasion module tools
2019-02-06 22:51:42 -06:00
08817d9c7e
Land #11342 , Modify Post read_file to check if file is readable
2019-02-06 22:48:13 -06:00
733f784472
add bcoles suggestions
2019-02-04 21:55:40 -06:00
cb3f91af0c
add bsdi to creds help and what the hashes start with
2019-02-04 17:02:50 -05:00
748e1468b3
creds upgrade and apply_pot
2019-02-03 10:17:25 -05:00
2d7c075f81
undefined method `to_linux_armle_elf_dll' for Msf::Util::EXE:Class
...
```
msfvenom -p linux/armle/shell_reverse_tcp lport=1337 lhost=192.168.1.100 -f elf-so > shell.so
[-] No platform was selected, choosing Msf::Module::Platform::Linux from the payload
[-] No arch selected, selecting arch: armle from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 172 bytes
Error: undefined method `to_linux_armle_elf_dll' for Msf::Util::EXE:Class
Did you mean? to_linux_armle_elf
to_linux_x64_elf_dll
to_linux_x86_elf_dll```
2019-02-03 16:34:30 +11:00
0908d5a2d2
Rename default_options to describe_payload_options
2019-02-02 15:01:05 -05:00
c5bfee1df7
add jtr to creds command
2019-02-01 20:25:03 -05:00
7fe381ac60
Land #11309 , Normalize newlines in CommandShell#run_single
2019-02-01 15:17:24 -06:00
47a13ea0e8
Modify Post read_file to check if file is readable
2019-02-01 19:44:18 +00:00
6343280364
Clean up external evasion module options
2019-02-01 11:54:22 -05:00
62560f9581
Add rudimentary Windows support to command_exists?
2019-01-31 22:07:30 -06:00
d0d383c8db
Move command_exists? to Msf::Post::Common
2019-01-31 22:04:29 -06:00
5cf97fd09b
remove nolonger used variable
2019-01-31 13:05:02 -06:00
162139ee1d
Keep advanced options in the same list
2019-01-31 13:41:18 -05:00
35ec947c17
remove is_server/is_client and `app` search term
2019-01-31 12:14:25 -06:00
a4d413348b
improve definition of `server/client` modules
...
update the cached data to define server vs client base on the
type of exploit module instead of the module stance.
2019-01-31 11:52:22 -06:00
9f6b9d586b
updating jtr formats in hashdumpers
2019-01-30 20:16:08 -05:00
da27c3eeae
centralize hash to jtr formatting
2019-01-30 16:24:05 -05:00
70cc03b707
Land #11329 , sessions -k range fix
2019-01-30 11:26:47 -06:00
2e7a71ee9b
Add support for mettle debug
2019-01-29 15:13:44 -06:00
acded21f0c
Support default options for external modules
2019-01-29 11:29:18 -05:00
a1b5fcc6d5
Support to_handler for evasion modules
2019-01-29 11:06:08 -05:00
548185747f
Add support for advanced options for ext evasions
2019-01-29 09:09:58 -05:00
4059a5f0c7
Changed range array building to correctly parse ranges using - or ..
...
Fixes #11328
2019-01-29 14:13:10 +01:00
9fce991d8e
Land #11322 , report hostname and OS version for Cisco aux mixin
2019-01-29 05:28:34 -06:00
61d677d9e0
Land #11327 , disable MSF5 development branch banner
2019-01-29 05:24:43 -06:00
1b9c7ef6ff
disable MSF5 development branch banner
2019-01-29 05:19:56 -06:00
92e846d09d
Chomp user input alone
...
[1] pry(main)> "\r\n".chomp("\n")
=> ""
[2] pry(main)>
Meh.
2019-01-28 17:46:03 -06:00
accdd791f7
Fix a args generation issue for external evasions
2019-01-28 16:10:44 -05:00
607bbe90e3
Add tab completion for evasion module options
2019-01-28 13:22:51 -05:00
28370b7f29
Add support for external evasion modules
2019-01-28 13:22:22 -05:00
32c090868c
adjustments for analyze
2019-01-28 10:11:40 -06:00
56de74b3d6
db cisco hostname and version
2019-01-27 20:33:19 -05:00
d078fcd87c
Land #11270 , fix miscellaneous loot issues
2019-01-25 19:15:14 -05:00
b98133cded
Dont assign unique file name when theres no file on disk
2019-01-25 16:36:17 -06:00
27a0cbfcab
Rename file on disk when updating path attribute
2019-01-25 13:34:14 -06:00
c6f1c10737
Normalize newlines in CommandShell#run_single
...
Lines from normal interaction will include a trailing newline, while
lines from resource scripting will not.
2019-01-24 12:53:09 -06:00
f0aa002009
Land #10119 , Linux post-exploitation metashell
2019-01-24 11:24:12 -06:00
8b6807254b
Fix whoami
2019-01-24 10:57:53 -06:00
William Vu
Brent Cook
Matthew Kienow
Clément Notin
Aaron Soto
Brendan Coles
Adam Cammack
Jeffrey Martin
Jacob Robles
h00die
Green-m
Patrick
Christian Mehlmauer
Pedro Ribeiro
Nathan
Spencer McIntyre
Wei Chen
bwatters
Nash van Gool
James Barnett