adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3133 Commits

Author SHA1 Message Date
Spencer McIntyre 9dc02229e9 Support ARCH_CMD payloads in the psexec exploit module 2020-07-06 10:33:03 -04:00
Niboucha Redouane 4950c2dacf Fix minor bugs, in safe mode, and in the name of the attribute passed to attr_accessor 2020-07-01 23:00:23 +02:00
William Vu 89f7be3ef0 Improve error message 2020-07-01 14:20:04 -05:00
Niboucha Redouane f9ade608b5 minor change: add default value to some arguments 2020-07-01 02:56:01 +02:00
William Vu 4b78de5416 Refactor AutoCheck a bit more 2020-06-30 11:58:42 -05:00
Niboucha Redouane 0680113288 get rid of database parameter in MySQLi methods 2020-06-30 18:49:13 +02:00
Niboucha Redouane b230adebba Add check for positional arguments on class constructor (SQLi::Common) 2020-06-30 16:16:35 +02:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
Niboucha Redouane 440294ff07 make some attributes writable, and specify its the SQLi library in any verbose message 2020-06-27 18:28:12 +02:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Niboucha Redouane 34e8eae471 move hex_encode_strings to MySQLi::Common, as it is specific to MySQL 2020-06-26 16:04:51 +02:00
Niboucha Redouane 7291a77807 minor fix to verbose logging / some comments 2020-06-25 12:46:05 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00
Niboucha Redouane c94bd3b2d8 remove verbose prints in blind injections 2020-06-23 21:33:03 +02:00
Niboucha Redouane 2bdc693930 Replace puts with print_status and similar 2020-06-23 21:25:59 +02:00
Niboucha Redouane aaa38a3188 Fix formatting 2020-06-22 17:41:20 +02:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
Niboucha Redouane 4f756ba229 replace some classes with modules 2020-06-20 21:09:13 +02:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
Niboucha Redouane 7c630f0403 Avoid repetitive code in blind injections 2020-06-18 20:52:02 +02:00
Niboucha Redouane fa43dc6dfb minor fix to the structure 2020-06-18 17:28:47 +02:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
Niboucha Redouane 0887f3feee Improve the blind injection queries 2020-06-13 12:24:22 +02:00
Niboucha Redouane 3639765277 Improve code quality: less repetitive code 2020-06-11 19:16:23 +02:00
Niboucha Redouane c319799c44 Add more comments 2020-06-11 00:07:53 +02:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
Niboucha Redouane 12681b0746 Add support for encodings to exfiltrate data containing bad characters/multibyte characters 2020-06-10 21:40:22 +02:00
Niboucha Redouane 0f936f7500 Various fixes and enhancements 2020-06-09 23:43:15 +02:00
Christophe De La Fuente a9a1d01419 Update some libraries and modules 2020-06-09 14:18:52 +02:00
Christophe De La Fuente 0bb93b4efb Update modules 
- ms17_010_command  and ms17_010_psexec: deregister
  SMB::ProtocolVersion option
- client: update error handling
- is_known_pipename: force SMB1 only for #enumerate_directories and
  update error handling
 2020-06-09 14:18:52 +02:00
Christophe De La Fuente 04a44d2334 Improve client error/warning/debug messages 2020-06-09 14:18:52 +02:00
Christophe De La Fuente 31a117f8f7 Update modules 
- smb_ms17_010.rb
- psexec_ms17_010.rb
- psexec_psh.rb
- smb_enumshares.rb
 2020-06-09 14:18:52 +02:00
Christophe De La Fuente 474d7ebbab Update SMB client 
- Add SMB::AlwaysEncrypt option
- Force SMB1 for SMB fingerprint
- Update smb_netshareenumall
 2020-06-09 14:18:51 +02:00
Christophe De La Fuente 6ab47eb001 Update SMB Client and SimpleClient 
- multiple protocol version negotiation
- SMB 1, 2 and 3 by default
- add SMB::ProtocolVersion option to SMB Client mixin
 2020-06-09 14:18:51 +02:00
Niboucha Redouane 92d8464ac1 Various fixes and enhancements 2020-06-05 21:59:16 +02:00
Niboucha Redouane 118ada96a2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine 2020-06-04 17:55:38 +02:00
Adam Cammack 001910473b Land #13448, Fix relative location redirects 2020-06-04 09:17:45 -05:00
Niboucha Redouane db4880762a Add common MySQL injection payloads and options 2020-06-03 01:18:19 +02:00
cn-kali-team 1b796aa50b OptString to OptPort 2020-05-30 10:27:48 +08:00
William Vu 16886fa41e Move generate_viewstate_payload to mixin 2020-05-21 18:37:13 -05:00
William Vu c50e242151 Add ViewState mixin 2020-05-21 18:37:11 -05:00
William Vu aa6624e7f8 Land #13436, service encoder fix for psexec 2020-05-14 16:43:07 -05:00
William Vu 6034f48e8f Land #13405, once more with feeling 2020-05-13 11:54:41 -05:00
Clément Notin 91ea692cbe socket_server.rb: better describe "0.0.0.0" 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:30:00 +02:00
William Vu 44b0ddf2ed Land #13405, OptAddressLocal for SRVHOST 2020-05-13 09:15:42 -05:00
Clément Notin ec33651243 socket_server.rb: SRVHOST can be an interface 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:14:20 +02:00
Niboucha Redouane a4b316a91e Fix following redirects from send_request_cgi! 2020-05-13 09:54:14 +02:00
Clément Notin 258895f534 Use print_error for error messages 2020-05-12 00:02:52 +02:00