2211459b9d
Correct workspace_associations_counts API path
2018-01-20 14:54:14 -05:00
b7e5b0f161
Update API URLs per design discussion
2018-01-20 14:50:59 -05:00
ff9c69c7c8
Merge branch 'rapid7/master' into goliath
2018-01-19 13:28:17 -06:00
764ecf6562
Land #6 JSON to MDM
...
Deserialize JSON returned from a remote data service to an in-memory MDM object
2018-01-18 17:21:10 -05:00
0654979be6
Remove separate code path for openstruct for creds.
...
Also fix RemoteCredentialDataService to work with json_to_mdm
2018-01-18 13:27:33 -06:00
b4bb1b5ed1
fix whitespace patchups for current python meterpreter
2018-01-18 00:28:04 -06:00
86c927edb7
fix msfvenom referencing a nil typed_module_set
2018-01-18 00:16:42 -06:00
7fe237abe1
Land #9220 , Module cache improvements
2018-01-17 22:34:51 -06:00
06459e2dee
cowardly continue using ~/.msf4 until we have an actual reason to switch
2018-01-17 22:01:56 -06:00
facecb40d7
change default prompt for users who use '-q'
2018-01-17 22:01:34 -06:00
cbd1a2a505
update default startup with version info
2018-01-17 21:59:53 -06:00
08f622b0ce
update version
2018-01-17 17:24:15 -06:00
2916c5ae45
Rescue Rex::Proto::SunRPC::RPCTimeout
...
Coincidentally, this also fixes the rescue in the library, since
rescuing Timeout instead of Timeout::Error does nothing.
2018-01-12 19:34:59 -06:00
bab9b66521
Only send back one object for host create
2018-01-12 10:52:16 -06:00
809d3d28c7
Merge branch 'rapid7/master' into goliath
2018-01-11 16:18:41 -06:00
b2666ad3f2
Update host delete method to return full objects of deleted hosts
2018-01-11 16:12:25 -06:00
18f16e7c66
Bump version of framework to 4.16.32
2018-01-11 10:03:16 -08:00
e964e8bcbb
Fix incorrect HTTP request method calls
2018-01-10 23:59:53 -05:00
f895169c7f
Fix incorrect HTTP request method calls
2018-01-10 23:53:24 -05:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
1a8ffed5e3
Land #9369 , register_dir{,s}_for_cleanup
2018-01-10 22:02:15 -06:00
b1cecd4193
Bump TIMEOUT in Msf::Exploit::Remote::SunRPC
2018-01-10 20:36:35 -06:00
1c1f3b161e
Rescue XDR errors in Msf::Exploit::Remote::SunRPC
2018-01-10 20:11:30 -06:00
3c73892a70
Use json_to_mdm for Credentials.
2018-01-10 16:58:44 -06:00
4a377af5e6
Deserialize JSON to Mdm Object
2018-01-09 15:18:49 -06:00
cb82015c87
Land #9387 , Check exploit stance for array as well as string
2018-01-09 03:52:59 -05:00
333d57461a
Check exploit stance for array as well as string
...
An exploit can be both aggressive and passive.
2018-01-08 13:52:04 -06:00
461f1c12e6
Fix nil bug(s) by moving arrays to initialize
2018-01-06 02:31:16 -06:00
14143c2b90
Fix missed file_dropper_win_path
2018-01-06 01:44:25 -06:00
51e5fb450f
Detect and return on bad VNC negotiations
2018-01-05 10:12:13 -06:00
9fbddd6474
Land #9374 , fix HTML parsing problems for info -d
...
Land #9374
2018-01-04 16:08:56 -06:00
67e7ea4df9
Fix markdown premature less-than sign escape
2018-01-04 15:51:05 -05:00
3a7a539c84
Bump version of framework to 4.16.31
2018-01-04 12:17:08 -08:00
78872be2ad
Merge released '4.x'
2018-01-04 14:13:18 -06:00
d4de9eef9b
Bump version of framework to 4.16.30
2018-01-04 10:03:21 -08:00
50f4ebb3b2
Add register_dirs_for_cleanup to FileDropper
2018-01-04 11:06:32 -06:00
d7c826b5e8
Add rm_rf to Post::File
2018-01-03 23:14:21 -06:00
16fa3b99ef
Land #9350 , Improve fake SSL cert details
2018-01-03 15:32:27 -06:00
92e435898b
Missed a file in the merge somehow
2018-01-02 17:38:41 -06:00
4aac8f5c39
Merge branch 'rapid7/master' into goliath
2018-01-02 17:34:40 -06:00
40d15bf3e6
Hash#each style correction
2018-01-02 12:25:14 -05:00
a444bdb329
handle no datastore
2017-12-29 15:26:28 -06:00
198aeda2c8
rename option
2017-12-29 12:31:56 -06:00
e546598cf1
Implement a method for command shells to register a post-session cleanup command
2017-12-29 12:14:34 -06:00
c32ef4a3be
Require msf/core/cert_provider in framework.rb
...
Add an explicit require for the new cert_provider in framework.rb
in case it has not yet been loaded.
This should address the Travis failure on initial PR, although the
gem version in socket has not been updated, so this might take a
bit to propagate. In the end, if the dependency already gives us
this functionality by the time we call Rex::Socket::Ssl then this
commit can safely be dropped
2017-12-29 02:14:48 -05:00
18f3815147
Update TLS certificate generation routines
...
Msf relies on Rex::Socket to create TLS certificates for services
hosted in the framework and used by some payloads. These certs are
flagged by NIDS - snort sid 1-34864 and such.
Now that Rex::Socket can accept a @@cert_provider from the Msf
namespace, a more robust generation routine can be used by all TLS
socket services, provided down from Msf to Rex, using dependencies
which Rex does not include.
This work adds the faker gem into runtime dependencies, creates an
Msf::Exploit::Remote::Ssl::CertProvider namespace, and provides
API compatible method invocations with the Rex version, but able
to generate higher entropy certs with more variables, options, etc.
This should reduce the hit rate against NIDS on the wire, reducing
pesky blue team interference until we slip up some other way. Also,
with the ability to generate different cert types, we may want to
look at extending this effort to probide a more comprehensive key
oracle to Framework and consumers.
Testing:
None yet, internal tests pending.
Travis should fail as this requires rex-socket #8 .
2017-12-28 21:00:03 -05:00
7254130b77
Bump version of framework to 4.16.29
2017-12-28 15:19:22 -08:00
66ca61f636
Merge released '4.x'
2017-12-28 17:15:29 -06:00
c2bb144d0f
Land #9302 , Implement ARD auth and add remote CVE-2017-13872 (iamroot) module
2017-12-28 14:11:26 -06:00
c681c7881d
Bump version of framework to 4.16.28
2017-12-28 10:03:39 -08:00
Matthew Kienow