df81a48e4a
Land #16332 , fix zipalign to align shared object files
2022-03-13 12:48:22 +00:00
d28a172ab4
Msf::Payload::Apk: Extract cert details from APK files not JAR signed
...
Since Android 11, APK contents must be signed with signature scheme
v2 or higher (v2/v3/v4). In order to maintain compatibility with
older versions of Android, APKs can also be signed with v1 (after
first signing with v2/v3/v4), but this is not mandatory.
When using a template apk file, the APK library now attempts to
extract signing scheme v1 certificate details (using keytool)
and falls back to extracting v2/v3/v4 certificate details (using
apksigner) if the APK is not signed with signing scheme v1.
Fixes #16295 .
2022-03-12 18:40:37 +00:00
6ae54566b6
Msf::Payload::Apk: zipalign: align APK stored shared object files
2022-03-12 18:22:34 +00:00
a62ca2259e
Land #16316 , deref services correctly
2022-03-11 12:08:42 +00:00
d5373a7278
Removed redundant cleanup calls which exploit_driver will call anyway
2022-03-11 12:08:51 +11:00
b747e55dda
Land #16303 , add Dirty Pipe exploit
2022-03-10 11:16:28 -06:00
6f159fa54e
Consistent handling of DNS and LDAP servers wrt ServiceManager
2022-03-10 11:01:37 +11:00
9761d68c19
Rename stop_service to cleanup_service for services that use reference counting
2022-03-10 10:28:25 +11:00
c2e0a61a74
Fix the hosts command's tab completion
2022-03-09 18:17:14 -05:00
5c5340b6fd
Fix the hosts command's --search flag
2022-03-09 18:17:09 -05:00
c9d43aafe6
Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity
2022-03-10 09:06:25 +11:00
dd47017b5c
Added support to old key exchange algorithms
...
This commit fix the issue #16138 by adding support to old key
exchange algorithms in the net/ssh lib by defining the
`append_all_supported_algorithms` to `true`.
2022-03-09 10:25:50 +01:00
955cc9c986
fix cross compiling
2022-03-09 06:59:25 +00:00
3b524360ed
Explicitly specify server/client versions, fix logger crash, and specify jtr format
2022-03-09 01:37:22 +00:00
837cf199a0
Use reference counting consistently for HTTP handlers ( Fixes #16315 )
2022-03-09 10:56:38 +11:00
22f88f9ab7
Add docs
2022-03-08 23:52:24 +00:00
6f2a7d6167
Add note that SMB v1 is not supported
2022-03-08 23:52:24 +00:00
53772fa366
Gracefully handle relay host timeout, fix typos, and move SMBHashCapture location
2022-03-08 23:52:24 +00:00
bcb0850e07
Rename SMBHOST
2022-03-08 23:52:23 +00:00
144fc5eddf
Add smarter targetlist support
2022-03-08 23:52:23 +00:00
25265c7a7b
Linting
2022-03-08 23:52:23 +00:00
3e68e298a1
Add targets
2022-03-08 23:52:23 +00:00
e02021ee91
Fix database cred reporting and error handling
2022-03-08 23:52:23 +00:00
507b1dab2b
Apply PR feedback
2022-03-08 23:52:22 +00:00
b4fe2502aa
Update smb_relay to support smb 2 and smb3
2022-03-08 23:52:22 +00:00
fe57bebc58
Land #16310 , only iterate if RHOSTS is registered
2022-03-08 14:31:59 -05:00
79761c942c
Ignore iterating multiple rhosts if option not registered
2022-03-08 17:52:42 +00:00
d99d14eaa8
Defer TLV logging until session is bootstrapped
2022-03-07 15:47:49 +00:00
7bb575a24e
Msf::Payload::Apk: Replace jarsigner with apksigner
...
This allows signing APK files with Signature Scheme v2/v3/v4.
2022-03-06 13:50:38 +00:00
be928f9154
Msf::Payload::Apk: raise if apktool output includes Java exceptions
2022-03-05 15:32:24 +00:00
ac72803543
Msf::Payload::Apk: raise if APK is unsigned or generating new key fails
2022-03-05 05:36:24 +00:00
1253878dd3
Land #16135 , Add setg sessiontlvlogging command to log TLV packets
2022-03-04 16:30:09 +00:00
a2fadf0606
Init logging on meterpreter's init, add option to change log file
2022-03-04 14:21:00 +00:00
e1ccd178ff
Land #16141 , Add service manager commands to msfconsle
2022-03-04 13:47:46 +00:00
f29ff681f7
Rename to _servicemanager and hide behind a feature flag
2022-03-04 12:45:15 +00:00
5cfb692567
Land #16145 , Fix to_handler case sensitivity issue
2022-03-04 12:04:44 +00:00
2cd6e66791
Land #16269 , Msf::Payload::Apk: Check Java is installed and apktool.jar exists
2022-03-04 11:33:34 +00:00
69f7008a07
Msf::Payload::Apk: raise if keytool cannot parse APK file or certificate
2022-03-04 08:10:37 +00:00
03419e8a19
Msf::Payload::Apk: Check Java is installed and apktool.jar exists
2022-03-04 06:39:51 +00:00
ad2fab6fee
Land #16153 , read full response on smtp send/recv
2022-03-04 01:24:46 +00:00
6be3443680
Land #16103 , LPE in polkit's pkexec (CVE-2021-4034)
2022-03-03 09:24:11 -05:00
c9408c7b1b
Remove pointless format string
2022-03-03 06:40:26 -06:00
5246e9cb7e
Add rescue for failed authentication on info -d
2022-03-02 16:41:19 -06:00
146859dc12
Use bash instead of netcat as a default payload
...
Bash is more likely to be installed than netcat and therefore should be
more reliable.
2022-03-02 10:41:57 -05:00
06e897436c
Add Fedora results to docs and some minor final cleanup
2022-03-02 09:12:01 -06:00
ef135a8440
Msf::Payload::Apk: Print warning if apktool version < 2.5.1
2022-03-02 06:31:43 +00:00
0516badd8e
Change the way we cd after new session is created
2022-03-01 14:20:07 -06:00
0c3f0e38f7
Land #16228 , validate payload size if not encoded
2022-03-01 14:04:01 -06:00
869f073a1b
Add setg option to log TLV packets to console or file
2022-03-01 12:50:35 +00:00
0081811c52
Land #16185 , Firefox CVE-2020-26950 use after free browser exploit
...
Merge branch 'land-16185' into upstream-master
2022-02-28 14:38:23 -06:00
Tim W