adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

13785 Commits

Author SHA1 Message Date
sjanusz-r7 085071da02 Convert generic SQL mixin into a class 2024-02-21 18:01:55 +00:00
sjanusz-r7 1b7c2bbaec SQL sessions consolidation 2024-02-21 16:16:14 +00:00
dwelch-r7 cc565a1731 Land #18871, Fix crash when using webconsole 2024-02-21 14:05:16 +00:00
adfoster-r7 82c2eb9899 Fix crash when using webconsole 2024-02-21 13:53:17 +00:00
Dean Welch bf1608a4ad Show session/rhost options separate from each other 2024-02-21 12:51:11 +00:00
Dean Welch e288592beb Add yard docs and small tidy up 2024-02-20 16:15:16 +00:00
Dean Welch 175d584ff7 Consolidate option dump remove condition datastore condition on tests 2024-02-20 14:09:17 +00:00
sfewer-r7 60bc412026 file_dropper_exist? needs to test if teh path if either a file or a directory, the logic for shell sessions on wqindows is testing if a path if a file and not a directory. this is wrong. Origionally FileDropper only supported cleaningup files, so this logic made sense (it was copied over from teh File post moduile) but FileDropper has since supported directories so teh logic here neds to reflect that. 2024-02-19 09:12:17 +00:00
sjanusz-r7 fc963bd8bb Add Proxies support to creating a session with postgres_login 2024-02-16 14:45:17 +00:00
sfewer-r7 3483419d50 file_dropper_exist? was broken on the windows platform, so files registered for cleanup were not being deleted. We must call session.shell_command_token 2024-02-16 10:09:07 +00:00
adfoster-r7 7b56d012e8 Land #18678, add LDAP capture capabilities 2024-02-15 22:11:04 +00:00
adfoster-r7 e49c6a792a Land #18770, Extract SMB, PostgreSQL, MySQL and MSSQL optional sessions into their own mixins 2024-02-15 13:19:37 +00:00
adfoster-r7 1d406cfc2a Land #18809, DNS command improvements 2024-02-14 22:12:30 +00:00
Spencer McIntyre eca99e2c77 Refactor resolver types 2024-02-14 14:40:22 -05:00
Spencer McIntyre 27ccb26de1 Adjust the confirmation logic before resetting 2024-02-14 14:27:05 -05:00
Dean Welch fa5c4c0193 lowercase session types 2024-02-14 15:45:34 +00:00
Dean Welch 0d4e1ed755 Use mssql option session mixin with mssql modules 2024-02-14 15:37:11 +00:00
Dean Welch 587a8690a1 Use individual session mixins 2024-02-14 15:37:11 +00:00
Dean Welch 08872d0211 Add session type to info hash in the mixin 2024-02-14 15:37:11 +00:00
Dean Welch 0f319bdfb9 Extract SMB and PostgreSQL optional sessions into their own mixins 2024-02-14 15:37:11 +00:00
Christophe De La Fuente fc5a12431c Land #18664, Add an SMB-based fetch payload for Windows 2024-02-14 14:57:32 +01:00
adfoster-r7 1794a5fbee Land #18763, Mssql session modules 2024-02-14 10:54:04 +00:00
Spencer McIntyre b6b382c4d2 Catch exception when updating non-existing session 2024-02-13 16:28:45 -05:00
Zach Goldman d18520adc6 update rhost and rport calls 2024-02-13 13:00:38 -06:00
Zach Goldman c05c6773df adjust session logic in modules 2024-02-13 11:59:09 -06:00
Spencer McIntyre 9c6e1a584a Add a base64 ARCH_CMD encoder 2024-02-13 18:34:40 +01:00
Dean Welch 94005719f4 Revert change to each_module for compatible nops 2024-02-13 11:15:27 +00:00
adfoster-r7 b762d2ba65 Land #18795, Move CreateSession from advanced into basic options 2024-02-13 10:00:35 +00:00
adfoster-r7 88e1e2e932 Land #18826, Fix a bug where clean up was not being invoked 2024-02-12 18:01:11 +00:00
adfoster-r7 9e456a27e3 Land #18825, improve error message for incompatible sessions 2024-02-12 17:44:20 +00:00
dwelch-r7 8717e91a3c Land #18823, Fix module metadata platform list comparison 2024-02-12 17:31:46 +00:00
Spencer McIntyre d67aa2e250 Fix a bug where clean up was not being invoked 2024-02-12 17:24:24 +00:00
cgranleese-r7 982f92b9b6 Improve error message for incompatible sessions 2024-02-12 17:02:42 +00:00
cgranleese-r7 b40f36e62a Land #18774, Add support for newer sqlcmd versions 2024-02-12 15:33:15 +00:00
Christophe De La Fuente a90ff41f71 Use casecmp? instead of casecmp 2024-02-12 16:20:12 +01:00
Spencer McIntyre 7e5938061c Fix a bug where clean up was not being invoked 2024-02-12 08:51:10 -05:00
adfoster-r7 5fa1ce8ed2 Add support for newer sqlcmd versions 2024-02-12 11:51:02 +00:00
adfoster-r7 3cf3d0995e Land #18813, fix broken hosts and services help command 2024-02-12 11:50:14 +00:00
cgranleese-r7 5d165466ff Move CreateSession from advanced into basic options 2024-02-12 11:35:27 +00:00
Spencer McIntyre 5036d28b44 Validate hostnames before storing them 
This proactively fixes a potential DoS condition where if a user were to
add a hostname containing a ; and followed by data that is not an IP
address that MSF may fail to start.

Example:
dns add-static 'foo;bar' 192.0.2.1
save
 2024-02-09 14:52:41 -05:00
Zach Goldman 94223f05fc update relevant modules to work with sessions 
separate out optional session logic

fixing session handling
 2024-02-09 13:18:49 -06:00
adfoster-r7 72932bdae1 Fix broken hosts and services help command 2024-02-09 16:28:47 +00:00
sjanusz-r7 30fc29e0f5 Use PostgreSQL session type for modules 2024-02-09 15:38:06 +00:00
adfoster-r7 9caa2fac17 Land #18747, Add new mssql session type 2024-02-09 15:27:43 +00:00
Spencer McIntyre 99b2bfec1f Support -1 in the --session argument 2024-02-09 08:57:23 -05:00
Zach Goldman 2c60780dc0 Add MSSQL session Type 2024-02-09 07:27:01 -06:00
Spencer McIntyre 56d2dfa46a Fix removing invalid DNS rule IDs 2024-02-08 17:00:40 -05:00
Spencer McIntyre 934b10a626 Fix a bug when dns -h is run 2024-02-08 16:52:45 -05:00
Spencer McIntyre 1cab98f4c2 Support multiple addresses for a static hostname 2024-02-08 16:05:54 -05:00
Spencer McIntyre 62e960352f Refactor naming entries as rules 2024-02-08 13:05:53 -05:00