adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40,756 Commits 27 Branches 1,043 Tags
38382bb61a8be2effe64c8d55eacec39bfd39dba
Commit Graph

12661 Commits

Author SHA1 Message Date
William Vu 38382bb61a Convert workspace command to Rex::Text::Table 
Still can't get over how it's called "loots." :D
 2017-01-15 03:26:35 -06:00
William Vu b86c1f0465 Land #7823, legacy_script_to_post_module check 2017-01-13 17:37:41 -06:00
James Lee 3c0ce8eafb Fix some rubocop complaints 2017-01-13 17:24:23 -06:00
James Lee 7f839a04f3 Land #7825, don't double-load plugins 2017-01-13 14:07:32 -06:00
Metasploit 56ed8bc021 Bump version of framework to 4.13.15 2017-01-13 10:05:02 -08:00
William Vu 0800a4f816 Update RPC functionality 2017-01-12 19:35:42 -06:00
William Vu 601a88dad7 Update cmd_unload in CommandDispatcher 2017-01-12 19:29:28 -06:00
William Vu 2ad29a2351 Prefer find over each 
Since we're modifying the load method directly, there should only ever
be one previously loaded instance. Suggestion by @egypt.
 2017-01-12 19:28:06 -06:00
Brent Cook 8f6fe87400 fix assignment 2017-01-12 17:16:19 -06:00
William Vu d58db72cd0 Force unloading of already loaded plugins 2017-01-12 14:18:52 -06:00
Brent Cook c080d78922 intercept legacy meterpreter script runs and substitute post modules 2017-01-12 14:08:43 -06:00
Brent Cook b28f600aea Land #7584, fix apk injection into proguarded apks 2017-01-11 12:45:23 -06:00
Brent Cook 5b2e76b981 Land #7794, Fix #7793, incorrect command name in android meterpreter extension 2017-01-11 12:38:36 -06:00
Metasploit f311511e6d Bump version of framework to 4.13.14 2017-01-10 14:03:16 -08:00
David Maloney 38a4c2aa97 fix autotargeting failure 
the fallback to the original default was failing because
it was assuming rhost was already set, so it would always
go back to the first default target. now the auto_target? method
only returns true if can pull an auto_target_host
 2017-01-10 14:12:28 -06:00
wchen-r7 18347a8de7 Land #7774, Fix pivoting of UDP sockets in scanners 2017-01-10 13:57:28 -06:00
bwatters_r7 b3e8c3376d Land #7788, Add ability to interact with a manually backgrouned session 2017-01-10 08:55:00 -06:00
David Maloney 8c395338af Land #7743, wchen's digest auth nonce fix 
land sinn3r's pr for fixing the Digest Auth nonce
 2017-01-09 14:16:09 -06:00
William Vu 1a04691201 Fix #2504, edit command fixes I missed 3y ago 
local_editor was never nil, so there was some dead code.
 2017-01-08 03:02:19 -06:00
Adam Cammack dbdc558f0b Land #7776, don't log on harmless DB errors 2017-01-06 18:25:13 -06:00
Ubuntu 6dee63d727 Incorrect command name 2017-01-06 23:58:18 +00:00
dmohanty-r7 5cba9b0034 Land #7747, Add LoginScanner module for BAVision IP cameras 2017-01-06 16:25:44 -06:00
Metasploit b074042b99 Bump version of framework to 4.13.13 2017-01-06 12:00:26 -08:00
dmohanty-r7 171f3b3e7d Land #7791, Fix target_host name collision 2017-01-06 13:50:52 -06:00
David Maloney 2108913e77 target_host method had a name collision 
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
 2017-01-06 12:44:37 -06:00
Metasploit 1ef2e54539 Bump version of framework to 4.13.12 2017-01-06 10:03:13 -08:00
William Vu 969df408c7 Land #7786, Microsoft Edge constant for HttpClient 2017-01-05 21:07:57 -06:00
David Maloney 10cfadaf98 add optional output to merterp run_cmd 
the run_cmd method on meterpreter sessions can now
take an optiona output IO to redirect output. This allows
backgrounded sessions to also run commands and still output
to the console
 2017-01-05 12:12:20 -06:00
dmohanty-r7 a5665d53f2 Land #7766, Add Automatic Targeting to all Exploits 2017-01-05 11:05:53 -06:00
Carter e85721113a Add Edge to constants 2017-01-04 22:20:42 -05:00
Metasploit 7ef4db1465 Bump version of framework to 4.13.11 2017-01-04 14:53:33 -08:00
wchen-r7 180795f209 Fix #7743, nil @cnonce in rex/proto/http/client.rb 
Fix #7743
 2017-01-04 11:50:31 -06:00
David Maloney 31d36d9112 if autotargeting fails fall back 
fallback to the original first target if auto-targeting fails
 2017-01-03 14:38:52 -06:00
David Maloney 5fd531028c ome minor guards and spec fixes 
some minor conditional guards and spec fixes
 2017-01-03 14:38:51 -06:00
David Maloney 2d5158403b add YARD docs to auto target methods 
added YARD docs

MS-2325
 2017-01-03 14:38:51 -06:00
David Maloney a61b92aa3e tweak target selection 
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index

MS-2325
 2017-01-03 14:38:51 -06:00
David Maloney 3d2957dff1 tying it all together 
insert our autotarget routine into
the main target selection process

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 44830dfc54 prefer authour's target over ours 
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 1afc57da40 determine most precise filter 
drop back to our most precise level of filtering

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 201b65e43d remaining os filtering 
now can filter by os name and service pack
need to do final logic to turn that into an actual
target selection

MS-2325
 2017-01-03 14:38:50 -06:00
David Maloney 05ac2ee6ed convert first stage to os_family 
added the new os-family column to Host
so now we use that as our first stage filter
for targets

MS-2325
 2017-01-03 14:38:49 -06:00
David Maloney 95d5c7a778 filtering by os_name 
targets now filtered by OS name, but a little
more processing may be needed on this part because
it looks like what you'd expect in os_flavor gets jammed
into name instead

MS-2325
 2017-01-03 14:38:49 -06:00
David Maloney 4060e63b89 add tests for auto target addition 
tests to make sure we add auto targets only
in the appropriate conditions

MS-2325
 2017-01-03 14:38:49 -06:00
David Maloney 84d5e42e4f start gearing up for testing 
start getting auto-targeting test framework in place
so we can have unit tests for this behaviour

MS-2325
 2017-01-03 14:38:45 -06:00
David Maloney 769d477e97 if no automatic target defined, add one 
if an exploit does not have a defined automatic target
then we add one in for our fallback auto-targeting

MS-2325
 2017-01-03 13:54:34 -06:00
Brent Cook 3808eebad8 Land #7704, Update jobs output to show TCP listener information 2017-01-02 15:44:49 -06:00
Brent Cook d9be9f3b2e Land #7764, add to_handler command to launch a handler from the payload module 2017-01-02 15:40:38 -06:00
Brent Cook 35bb725f19 rubocop fixes for payload dispatcher 2017-01-02 15:39:48 -06:00
Brent Cook 5a4abeb110 make Rex UDPSocket.send work just like the real thing 2017-01-02 09:38:26 -06:00
Brent Cook 4f0569c6ce support pivoting with UDP port scanners 
Use bound UDP sockets for each UDP service/ip that we wish to scan,
managing and closing them locally as they expire, rather than an unbound
socket.
 2017-01-02 08:55:27 -06:00