adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

13785 Commits

Author SHA1 Message Date
dwelch-r7 a82c936613 Land #16373, Add initial ruby 3.1 support 2022-04-07 16:44:02 +01:00
adfoster-r7 aafb38c7ed Fix crash when sorting modules by disclosure date 2022-04-06 18:51:28 +01:00
usiegl00 8495bff61c Merge master and update the smb_shadow module 
Add comments detailing the technique used to attack SMBv3. Remove some
comments that are no longer needed. Fix Gemfile.lock conflict.
 2022-04-06 07:06:45 +09:00
Jeffrey Martin d35137ed3a initial Msf::Analyze::Result top level states 2022-04-05 14:06:40 -05:00
usiegl00 09ae52fecd Update smb_shadow and shadow_mitm_dispatcher 
Remove duplicated print_status messages. Use respond_to? instead of
methods.include?. Simplify payload generation. Fix naming for the rst
capture thread.
 2022-04-05 20:03:14 +09:00
Jeffrey Martin fd809d49ea expose detailed results for each module match 2022-04-04 13:10:48 -05:00
sjanusz 3b313b4ebe Fix setg sessiontlvlogging crashing on non-Meterpreter sessions 2022-04-04 18:31:50 +01:00
usiegl00 7e010cbde2 Merge master and update smb_shadow + dispatcher 
The smb_shadow module can confirm the server smb version supported with
the ConfirmServerDialect option. The shadow_mitm_dispatcher closes each
stream before opening a new one to prevent leaking file descriptors.
 2022-04-02 10:39:02 +09:00
dwelch-r7 647463b5ad Use updated payloads gem and refactor debug option 2022-04-01 11:20:22 +01:00
dwelch-r7 8e773c1939 Rename debug option and make it advanced 2022-04-01 11:14:52 +01:00
dwelch-r7 13ca7c88f3 Add debug option for windows meterpreter 2022-04-01 11:14:52 +01:00
Brendan Coles 283dda8172 Land #16386, Exploit::Remote::SocketServer: Wait if service is running 2022-03-28 03:41:06 +00:00
adfoster-r7 c4b6eb0165 Fix java rmi service undefined method wait 2022-03-27 17:01:43 +01:00
Heyder Andrade 79783bbe9b Checking if datastore is defined 2022-03-25 16:32:58 +01:00
adfoster-r7 76ede9ef8f Add ruby 3.1 support 2022-03-24 21:59:02 +00:00
Heyder Andrade ee8618e68a Handling undefined local variable 
Auxiliary failed: NameError undefined local variable or method `datastore'
for #<Metasploit::Framework::LoginScanner::SSH
 2022-03-24 22:57:27 +01:00
Grant Willcox bf88b7f618 Land #16325 - Replace IO read on binary files with File binread 2022-03-24 10:08:40 -05:00
Tim W 014c98acd8 Land #16369, fix upgrading meterpreter sessions with shell_to_meterpreter 2022-03-23 07:15:55 +00:00
adfoster-r7 03d645016c Land #16250, Update service mixins for NAT options 2022-03-23 00:13:20 +00:00
sjanusz b54cfee665 Open a new Meterpreter session when trying to upgrade Meterpreter 2022-03-22 14:08:25 +00:00
Spencer McIntyre ff0ecfa49e Display the HTTP port when necessary 2022-03-21 20:11:31 -04:00
Jeffrey Martin 122d380f85 Land #16368, Conditionally recalculate in ModuleSet 2022-03-21 17:50:03 -05:00
Spencer McIntyre df04435d49 Only recalculate sometimes 
Recalculations are time consuming, so only do it if necessary.
 2022-03-21 17:00:31 -04:00
Grant Willcox 024da204d1 Land #16353, respect ssl_version in crawler 2022-03-21 12:24:38 -05:00
Spencer McIntyre aca272dd76 Always return a comm from #_determine_server_comm 
Instead of returning nil from Rex::Socket::SwitchBoard.best_comm, return
the local comm which Rex::Socket will defer to anyways.
 2022-03-21 11:47:56 -04:00
Spencer McIntyre 551f159993 Don't pass nill to #best_comm 
It'll crash if you do
 2022-03-21 11:47:56 -04:00
Spencer McIntyre 0ab97b858f Update the TCP server and HTTP server mixins 2022-03-21 11:47:56 -04:00
Spencer McIntyre 2e4f04a804 Add and use the new bindhost/bindport options 2022-03-21 11:47:55 -04:00
sjanusz bbf9e3163a Fix file reads on Windows for binary files 2022-03-21 12:47:39 +00:00
Tim W a4956bfe7c Land #16358, fix apk injection on some apks by finding the correct hook point 2022-03-21 07:36:00 +00:00
Brendan Coles d9bd985cef Msf::Payload::Apk: find_hook_point: Return full packagename.classname 2022-03-19 21:08:02 +00:00
Tim W bdb729a43b Land #16340, fall back to running apktool with --use-aapt2 if apktool fails 2022-03-19 11:47:56 +00:00
Jeffrey Martin ebaf584a00 use 'Auto' for ssl_version 2022-03-18 17:06:02 -05:00
Spencer McIntyre da1e4853b8 Land #16317, Free UDP ports after use 2022-03-17 16:39:09 -04:00
Grant Willcox ce062973cb Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations. 2022-03-17 11:29:05 -05:00
Grant Willcox c1d6dced8d Update library code to read exchange versions from exchange_versions.json and populate exchange_versions.json with initial info 2022-03-17 11:29:01 -05:00
Grant Willcox 419c9ea554 Fix review comments to simplify regex, and also add in new is_exchange? function to check if a target is running Exchange Server or not. 2022-03-17 11:29:00 -05:00
Grant Willcox 1f53e9d1c4 Rubocop and fix a mistake on commenting too much of the code out from testing 2022-03-17 11:29:00 -05:00
Grant Willcox 269cd5cfed Add in Exchange Version mixin and module example 2022-03-17 11:28:53 -05:00
Ashley Donaldson 7fe9d0b2b6 Don't start the DNS server twice 2022-03-17 08:02:31 +11:00
Jeffrey Martin c3445ccb6f respect ssl_version in crawler 
When utilizing `Anemone` to crawl pages using `Rex` sockets
Framework common `SSL` settings can pull from standardized options.
This change enables more fine grained user control and avoids issues
with missing or deprecated SSL versions in newer Ruby versions.
 2022-03-16 14:24:45 -05:00
Grant Willcox 008071888c Land #16347, Catch SocketError when normalizing the hostname 2022-03-15 16:45:29 -05:00
Spencer McIntyre e28ee9ca53 Improve an error message when addr is nil 
The normalized value can be nil when the hostname failed to resolve.
That is not helpful in the exception information, so use the original
value.
 2022-03-15 14:01:26 -04:00
sjanusz a3f4af1775 Fix encrypted shells crashing with no DB connection 2022-03-15 16:00:30 +00:00
Spencer McIntyre a6a63d0895 Rename scope to zone_id 2022-03-15 11:14:41 -04:00
bwatters c936c45167 Land #16186, Add Python Meterpreter Command Payloads 
Merge branch 'land-16186' into upstream-master
 2022-03-14 17:29:03 -05:00
Grant Willcox 2142c877ad Land #16262, Use bash instead of netcat as a default payload 2022-03-14 17:18:37 -05:00
Spencer McIntyre 71cacc4cc2 Catch SocketError when normalizing the hostname 2022-03-14 17:09:37 -04:00
Spencer McIntyre 735c1256a3 Put reverse_netcat back in the default list 
See #16262 for context. This will select reverse_bash if no required
commands are specified, which should be suitable for most environments.
The RequiredCmd payload compatibility key can be specified to override
this behavior by marking the commands that are available.
 2022-03-14 09:16:39 -04:00
Brendan Coles fe70296f1e Msf::Payload::Apk: Try rebuilding APK with AAPT2 if rebuilding APK fails 2022-03-13 14:35:15 +00:00