David Maloney
418e371e35
add SMB2 login scanner and module
...
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity
MS-2557
2017-03-29 11:36:33 -05:00
Adam Cammack
bf9b0130d9
Clean up odd code
2017-03-28 11:19:30 -05:00
Adam Cammack
71df231918
Add new loader for arbitrary executables
...
Still some kluges left in the shim and we have to hit the disk when
constructing the module path
2017-03-28 10:27:12 -05:00
William Vu
d47e59b04e
Fix missing dll_data var in parse_pe
...
Also clean up YARD.
2017-03-27 01:17:23 -05:00
Pearce Barry
31c03840bb
Style fixes for HWBridge RF and a couple small bug fixes
...
I should have tweaked these earlier, my bad.
2017-03-26 13:45:19 -05:00
Pearce Barry
29b30217d2
Land #8149 , Add -h for the check command
2017-03-24 15:47:59 -05:00
Pearce Barry
4e6cf58b22
Land #8143 , Fix variable typos in rfrecv related methods.
2017-03-24 15:38:52 -05:00
Metasploit
51646e44a1
Bump version of framework to 4.14.6
2017-03-24 10:02:24 -07:00
wchen-r7
1c3c2ecdc6
Add -h for the check command
...
Because even I don't remember what it can do anymore.
2017-03-24 11:47:36 -05:00
dmohanty-r7
92c0748447
Land #8102 , Add a plugin to notify new sessions via SMS
2017-03-24 11:17:59 -05:00
William Webb
e04f01ed6b
Land #7778 , RCE on Netgear WNR2000v5
2017-03-23 15:34:16 -05:00
Metasploit
8976faa3d1
Bump version of framework to 4.14.5
2017-03-23 08:41:49 -07:00
darkbushido
271fd589f2
Revert "Land #8135 , Report hosts always add ip to hostname if hostname is blank"
...
This reverts commit 5a1c7ca8af
, reversing
changes made to d10b3da6ec
.
2017-03-23 10:05:58 -05:00
Leon Jacobs
c58e9acadd
Fix variable typos in rfrecv related methods.
2017-03-22 15:44:22 +02:00
Tim
ef53e6a593
fix execute and kill cmd usage/help
2017-03-22 16:29:47 +08:00
Metasploit
df181c1792
Bump version of framework to 4.14.4
2017-03-21 14:58:37 -07:00
William Vu
686f30e118
Land #8117 , p{grep,kill} for Meterpreter <3
2017-03-21 16:37:34 -05:00
darkbushido
60bc279eb3
removing extra whitespace
2017-03-21 10:40:59 -05:00
darkbushido
1221a20d0d
reversing the logic to check for .blank?
2017-03-21 10:35:19 -05:00
darkbushido
7ff7c707c9
setting host_name to address if host_name is blank.
2017-03-21 10:26:57 -05:00
Pearce Barry
f397624a69
Land #7935 , HWBridge RF transceiver extension
2017-03-21 06:12:32 -05:00
Brent Cook
aa5e9cd702
Land #8058 , Allow the http_payload stager to sleep before retry
2017-03-21 00:07:10 -05:00
Pearce Barry
7477e44d30
Use urlsafe Base64 en/decode calls.
2017-03-20 17:37:16 -05:00
Pearce Barry
c4279a837a
Minor formatting/spelling/verbiage changes.
2017-03-20 17:37:12 -05:00
Craig Smith
2fde287424
Initial patch for rftransceiver (RfCat / YardstickOne)
2017-03-20 17:36:16 -05:00
Pearce Barry
321988c282
Replace errant '.' with ','
2017-03-20 16:36:13 -05:00
Pearce Barry
2acd941b16
Merge branch 'master' into dtc_fix
2017-03-20 14:10:01 -05:00
Craig Smith
0be6b8c905
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-03-20 13:49:39 -05:00
Pearce Barry
06ebb22a8f
Land #8065 , Zigbee Hardware Bridge Extension
2017-03-20 10:44:15 -05:00
William Vu
f9ecefe465
Land #8031 , nil fixes for HWBridge
2017-03-19 22:37:28 -05:00
alpiste
f715fee10c
The option StagerRetryWait will be used by default with the value of 5 seconds
2017-03-17 20:28:14 -03:00
Brent Cook
ad2222152c
Merge remote-tracking branch 'upstream/master' into land-8056-outlook
2017-03-17 17:30:08 -05:00
Metasploit
6200a3abb8
Bump version of framework to 4.14.3
2017-03-17 10:02:41 -07:00
Brent Cook
dd6e75986d
add -l and -f flag simulation for pgrep, XXX rex handles flag opts poorly
2017-03-16 23:48:39 -05:00
Brent Cook
70bbacf7ed
kill processes in reverse, allow children before parents more likely
2017-03-16 23:48:04 -05:00
Brent Cook
e1f33f1616
Merge remote-tracking branch 'upstream/master' into land-8038-
2017-03-16 22:03:48 -05:00
Pearce Barry
095a110e65
Code and doc tweaks (minor).
...
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
William Vu
bad1fc9948
Land #8041 , loopback warning for LHOST
2017-03-16 13:30:12 -05:00
William Vu
af3cd18c9f
Fix #8041 so it works
2017-03-16 13:27:47 -05:00
bwatters-r7
ab75794cd4
Land #8071 , Add API to send an MMS message to mobile devices
2017-03-16 11:57:34 -05:00
Spencer McIntyre
03698ec214
Fix how the psh mixing issues meterpreter commands
2017-03-16 08:45:10 -04:00
Brent Cook
85f7d73d4d
add pgrep as well
2017-03-16 04:14:45 -05:00
Brent Cook
c9a85f58c0
add pkill command, rework to share filtering logic with ps
2017-03-16 03:57:49 -05:00
Brent Cook
a1be63e449
fix warnings in rex argument parser
2017-03-16 03:57:49 -05:00
bwatters-r7
91a4657c36
Bumped the metasploit-payloads version and cache sizes with PR#8043
2017-03-15 19:02:21 -05:00
Brent Cook
8995629037
Land #7061 , allow chaining the service stub with other encoders
2017-03-15 13:56:09 -05:00
Spencer McIntyre
befc5e05e5
Fix more kernel32 railgun definitions using DWORD
2017-03-14 18:42:52 -04:00
Spencer McIntyre
d759c603b2
Fix more kernel32 railgun definitions using DWORD
...
Some railgun definitions for the kernel32 module define DWORD for the
functions return type when it should be HANDLE. This causes errors on
64-bit systems when the return value is truncated.
2017-03-14 16:58:22 -04:00
wchen-r7
18cdb2f82f
Add a -l option to the load command to list plugins
...
This allows the load command in msfconsole to list all the
available plugins in Framework.
2017-03-14 14:15:52 -05:00
wchen-r7
bb4d6e17c8
Resolve #8026 , Add a plugin to notify new sessions via SMS
...
This plugin will notify you of a new session via SMS.
It also changes the SMS text format to MIME.
Resolve #8026
2017-03-13 16:13:59 -05:00
Noah Berman
ad929b6427
indentation fix part 2
2017-03-09 15:44:09 -07:00
Noah Berman
ef6831437a
indentation fix for clarity
2017-03-09 14:55:20 -07:00
Noah Berman
ccf345f696
move method to module level
2017-03-09 14:32:51 -07:00
William Vu
febe9625dd
Add rcheck/recheck to aux modules and exploits
2017-03-09 15:30:34 -06:00
Noah Berman
10018e2a32
spacing fix in reverse.rb
2017-03-09 12:48:36 -07:00
Noah Berman
40204703f0
remove unnecessary newline
2017-03-09 12:26:11 -07:00
Noah Berman
e7b47865be
ruby formatting fix
2017-03-09 12:23:02 -07:00
Noah Berman
274089a7f1
cleanup for lhost loopback warn
2017-03-09 11:33:27 -07:00
Noah Berman
7806173764
Merge branch 'master' of github.com:rapid7/metasploit-framework into lhost-setting-warning
2017-03-09 11:11:23 -07:00
Noah Berman
2f55b5e00e
reconfigure lhost warn for loopback address
2017-03-09 11:10:27 -07:00
William Vu
1a96fb03ae
Allow start_service to specify a resource
...
This overrides URIPATH and random_uri if opts['Path'] is specified.
2017-03-09 02:33:02 -06:00
William Vu
1a0b342e68
Add srvport to HttpServer
...
This allows URIPORT to override SRVPORT.
2017-03-09 02:24:22 -06:00
wchen-r7
702d1c2b7e
Fix bug for subject
2017-03-08 11:43:36 -06:00
wchen-r7
ed22902fd4
Support the subject field
2017-03-08 11:40:08 -06:00
Craig Smith
f60dae0917
Lots of syntax fixups from rubocop
2017-03-08 09:21:33 -08:00
h00die
95683715e0
land #8069 , a warning when setting rhost in rhosts modules
2017-03-07 18:42:38 -05:00
wchen-r7
036a443a41
Add Google Fi gateway
2017-03-07 17:02:32 -06:00
wchen-r7
dc36bc4a0d
Add rspec
2017-03-07 16:49:42 -06:00
wchen-r7
dc13b84189
Bring mms branch up to date w/ master
2017-03-07 16:13:39 -06:00
Jin Qian
7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master
...
Merged #8047
2017-03-07 15:56:00 -06:00
Brendan Coles
1aec2203e5
Warn when setting RHOST option for module which expects RHOSTS
2017-03-07 21:02:30 +00:00
wchen-r7
d32f08f969
Add doc and fix mms message class
2017-03-07 14:40:37 -06:00
wchen-r7
fae05f2e98
And API to send an MMS message to mobile devices
...
This API allows you to send a malicious attachment to mobile
devices.
2017-03-07 12:34:45 -06:00
=
27c2795632
Issue #7188 resolved along with checking for all loopback addresses.
2017-03-08 00:02:50 +05:30
Metasploit
db581a040a
Bump version of framework to 4.14.2
2017-03-07 07:01:57 -08:00
Craig Smith
4e9b8946d8
Fixed some small msftidy issues
2017-03-06 22:47:37 -08:00
Craig Smith
97ad8be7ff
Added some Zigbee Documentation
2017-03-06 22:42:15 -08:00
Craig Smith
60cd04bc7b
Added module for zstumbler
2017-03-06 16:10:14 -08:00
wchen-r7
a466dc44c6
Do exception handling for sms client
2017-03-06 10:54:08 -06:00
alpiste
09442f226a
Functionality was added to allow the payload to wait before trying to reconnect.
...
Also the code was modified to allow the payload to infinite retry if 0 is set.
2017-03-04 18:12:09 -03:00
wchen-r7
4d44911d5c
Do doc for google fi
2017-03-03 11:38:47 -06:00
wchen-r7
d9b21b16a9
Support Google Project Fi gateway
2017-03-03 11:36:13 -06:00
wchen-r7
2edb116855
Send texts individually
...
If we pass all the phone numbers at once in one email, it becomes
a group chat, and that allows the recipients to see each other's
number, which isn't the intended behavior.
2017-03-03 11:12:59 -06:00
wchen-r7
c61f8ded78
Comment out Sprint
...
It looks like the Sprint gateways won't accept our email for
some reason, so we can't use it.
2017-03-03 11:09:04 -06:00
wchen-r7
6ad8afb8b3
Add API to send a text message (SMS) to mobile devices
2017-03-02 16:47:55 -06:00
Noah Berman
23474dfc70
change print_error to print_warning
2017-03-02 09:46:03 -07:00
William Vu
79c01a9577
Fix ancient copypasta of Aux to Post
...
Specifically a crash in the run command's help.
2017-03-02 01:24:27 -06:00
Noah Berman
f91328b122
modify warning wording
2017-03-01 15:00:15 -07:00
Noah Berman
d9f5b75dc5
warn when lhost set to 127.0.0.1
2017-03-01 14:53:49 -07:00
Spencer McIntyre
2d51801b01
Use native_arch for railfun multi and test it
2017-03-01 13:07:04 -05:00
Tim
601131f236
hook Application class if found
2017-03-01 19:22:42 +08:00
Tim
ee8b70e0df
fix permission shuffling
2017-03-01 14:38:47 +08:00
Tim
063d999a64
randomize the payload, service and broadcast receiver names
2017-03-01 14:20:31 +08:00
Tim
b273517f9a
always set first byte to 1 on stageless configs
2017-03-01 12:46:00 +08:00
Tim
c8816cacb0
Remove stageless classname from staged payloads, fixes #8034
2017-03-01 12:27:12 +08:00
Brent Cook
31568320f9
Merge branch 'upstream-master' into land-8021-
2017-02-28 03:02:03 -06:00
Brent Cook
bbf271f6b0
Land #7981 , allow handler launched by the handler command to persist
...
Merge remote-tracking branch 'upstream/pr/7981' into upstream-master
2017-02-28 02:38:42 -06:00
Craig Smith
d4e5cb7993
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-02-27 21:09:57 -08:00
Craig Smith
dcb42a3e69
Initial zigbee support using killerbee. Core session setup portion
2017-02-27 17:29:54 -08:00
Spencer McIntyre
0ebd51d224
Use native_arch for railgun sizes
2017-02-26 14:42:55 -05:00
Spencer McIntyre
3b2e5e0785
Add a new core_native_arch method for meterpreter
2017-02-26 14:22:24 -05:00
William Webb
076848e904
Land #7993 , Keep sessions in progress alive
2017-02-24 16:57:47 -06:00
Metasploit
f9e4fd54fe
Bump version of framework to 4.14.1
2017-02-24 13:31:17 -08:00
Jeffrey Martin
a954521d75
bump minor version
2017-02-24 15:07:07 -06:00
James Barnett
2631259919
Land #7973 , Enable cert validation for Nexpose
...
This PR enables connection to a Nexpose console using the
nexpose client gem.
It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
2017-02-24 14:27:24 -06:00
Pearce Barry
e5d0370a94
Fixes MS-1716, keep sessions in progress alive.
2017-02-24 12:56:05 -06:00
Metasploit
0f4e03be7b
Bump version of framework to 4.13.27
2017-02-24 10:03:33 -08:00
wchen-r7
f27ef55391
Land #7992 , Improve Signature Evasions for browser exploits
2017-02-23 16:32:49 -06:00
Jeff Tang
e3f613ecc6
Bypass: Metasploit OS detection
...
SEP is triggering on HTTP POSTs which start with `os_name`
2017-02-23 15:42:04 -05:00
Jeff Tang
84ab3c66cc
Use obfuscated JS in BES
2017-02-22 12:47:36 -05:00
bwatters-r7
4f839299f1
Land #7978 , Add a test module for railgun API calls
2017-02-21 17:15:49 -06:00
Metasploit
01558d3d51
Bump version of framework to 4.13.26
2017-02-21 14:01:15 -08:00
James Barnett
d738b63fa6
Land #7985 , Fix bug in check_setup for bavision
...
@wchen-r7 fix uncovered another bug in the logic for the
check_setup return. This switches the return to the expected
values.
Fixes #7984
2017-02-21 14:29:21 -06:00
James Barnett
93f75746c4
Fix logic error in #7985
...
The check_setup method expects an error message if the
web server is not compatible with the module, and false otherwise.
We were previously returning the opposite of the expected behavior.
2017-02-21 13:49:59 -06:00
William Webb
2a20d24c29
Land #7966 , Fix 'rm' to handle multiple files
2017-02-21 13:32:19 -06:00
wchen-r7
adf1385427
Fix #7984 , Fix NoMethodError `match' for bavision_cameras.rb
...
Fix #7984
2017-02-21 12:00:01 -06:00
Rich Whitcroft
f08478e02f
fix handler persistence
2017-02-20 13:51:07 -05:00
Spencer McIntyre
7d1fadb84f
Add a test module for railgun api calls
2017-02-18 17:37:49 -05:00
Metasploit
647020289f
Bump version of framework to 4.13.25
2017-02-17 17:03:42 -08:00
dmohanty-r7
c4f1e0db1f
Land #7913 , Fix Console Route Print with ipv4 and ipv6
2017-02-17 17:42:57 -06:00
Brent Cook
17b88da080
Land #7964 , fix running a scanner with USER_AS_PASS and USER_FILE
2017-02-17 17:16:49 -06:00
Brent Cook
566bafe65d
Land #7962 , Uploading files without specifying the destination closes a Meterpreter session.
2017-02-17 17:04:22 -06:00
Brent Cook
5207cb6c3a
Land #7914 , send the correct exception on channel open failure
2017-02-17 17:00:30 -06:00
Brent Cook
807a27e73d
clarify error handling when a channel cannot be opened
2017-02-17 16:59:09 -06:00
Brent Cook
0e3eba18b3
simplify guard logic
2017-02-17 16:00:15 -06:00
Brent Cook
f4befda59b
inherit the options from the default target so we can autocomplete before the rhost resolution occurs
2017-02-17 15:50:45 -06:00
Metasploit
6e62899e1c
Bump version of framework to 4.13.24
2017-02-17 10:02:51 -08:00
Brent Cook
da82f0891e
Land #7860 , Add OverrideScheme option to reverse_http/s handler
2017-02-17 11:12:49 -06:00
Craig Smith
1214ef5b79
Replaced tabs with spaces and removed trailing spaces at EOL
2017-02-15 16:46:11 -08:00
Craig Smith
8f1856c5d1
Fixed a bug with DTC decoding.
...
DTC Codes now print the English error messages next to their code with getvinfo
Frozen DTCs can also be fetched via get_frozen_dtcs()
2017-02-15 16:26:23 -08:00
Rich Whitcroft
5bd38af8d6
fix rm to handle multiple files
2017-02-15 19:22:39 -05:00
Rich Whitcroft
4e5dabf35f
fix cred_scanner's has_privates? method
2017-02-15 16:05:49 -05:00
Rich Whitcroft
24a4211bb9
fix upload when dest not specified
2017-02-14 22:08:49 -05:00
wchen-r7
f600fa1caa
Be aware of logout
2017-02-14 17:03:57 -06:00
wchen-r7
81abbfba46
Resolve #7959 , Automatically login to RPC service after expiration
...
When the RPC client token expires, it will automatically login
again, and renew the token during the next RPC request.
Resolves #7959
2017-02-14 16:41:08 -06:00
Brent Cook
b741c8b2f7
fix typo in failure path, pointed out by rw-
2017-02-13 21:16:48 -06:00
Metasploit
184707c6fc
Bump version of framework to 4.13.23
2017-02-13 16:04:35 -08:00
Brent Cook
c1d08b9574
rename udp_sock to udp_socket to avoid mixin collisions
2017-02-12 22:31:56 -06:00
Metasploit
44d229ad49
Bump version of framework to 4.13.22
2017-02-10 10:02:43 -08:00
James Lee
4f13bde471
Override `empty?` for the weird ones
...
Fixes #7899
2017-02-09 14:57:20 -06:00
wchen-r7
4b5bc84f5c
Land #7918 , Fix report_vuln for aux/scanner checks
2017-02-09 12:18:33 -06:00
Christian Mehlmauer
8ade9b8aae
Land #7905 , WordPress content injection module
2017-02-09 15:49:50 +01:00
Tim
095831e029
fix silly typo
2017-02-08 23:41:15 +08:00
William Vu
b06895b604
Hide RPORT more intelligently
2017-02-08 09:40:42 -06:00
Tim
870621d169
Add OverrideScheme option, fixes #7841
2017-02-08 23:30:29 +08:00
Metasploit
d81bdc1c02
Bump version of framework to 4.13.21
2017-02-07 17:27:47 -08:00
Brent Cook
74e029f3b1
Land #7932 , Fix CVE-2017-5229
2017-02-07 19:22:36 -06:00
Brent Cook
522c6dce8e
Land #7931 , Fix CVE-2017-5231 and respect user's dest
2017-02-07 19:22:17 -06:00
Brent Cook
68a5d300fe
minor style issues
2017-02-07 18:35:35 -06:00
Brent Cook
b370dd0654
Fix CVE-2017-5229 - extapi Clipboard.parse_dump() Directory Traversal
2017-02-07 18:24:06 -06:00