ecb1a0bb16
add test_vulnerable to MySQLi class, and fix minor issues with the test modules
2020-06-10 21:59:51 +02:00
12681b0746
Add support for encodings to exfiltrate data containing bad characters/multibyte characters
2020-06-10 21:40:22 +02:00
ec183d7293
Don't sort requires, since order matters here...
2020-06-09 17:20:32 -05:00
8aae30e410
Require msf/core/post/windows/filesystem
...
And sort the list alphabetically.
2020-06-09 17:06:24 -05:00
0f936f7500
Various fixes and enhancements
2020-06-09 23:43:15 +02:00
f1d3b33099
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine
2020-06-09 21:15:18 +02:00
64669d1132
Land #13576 , Deprecate the psexec_psh module
2020-06-09 18:40:56 +02:00
a9a1d01419
Update some libraries and modules
2020-06-09 14:18:52 +02:00
0bb93b4efb
Update modules
...
- ms17_010_command and ms17_010_psexec: deregister
SMB::ProtocolVersion option
- client: update error handling
- is_known_pipename: force SMB1 only for #enumerate_directories and
update error handling
2020-06-09 14:18:52 +02:00
04a44d2334
Improve client error/warning/debug messages
2020-06-09 14:18:52 +02:00
31a117f8f7
Update modules
...
- smb_ms17_010.rb
- psexec_ms17_010.rb
- psexec_psh.rb
- smb_enumshares.rb
2020-06-09 14:18:52 +02:00
474d7ebbab
Update SMB client
...
- Add SMB::AlwaysEncrypt option
- Force SMB1 for SMB fingerprint
- Update smb_netshareenumall
2020-06-09 14:18:51 +02:00
6ab47eb001
Update SMB Client and SimpleClient
...
- multiple protocol version negotiation
- SMB 1, 2 and 3 by default
- add SMB::ProtocolVersion option to SMB Client mixin
2020-06-09 14:18:51 +02:00
3f569507a0
Move Rex::Socket.source_address outside loop
2020-06-08 22:22:11 -05:00
5a4fa3705c
Use module cache in Evasion#compatible_payloads
...
See e12b19a507
2020-06-08 22:22:11 -05:00
3436a1c26f
Show automatically selected payload in options
...
By choosing a default payload when the module is used, not run.
2020-06-08 22:22:10 -05:00
ec2d1a886f
Update modules to reference COMMAND IDs not strings
2020-06-09 11:38:14 +10:00
48290ac38a
Fix a stupid mistake with core_patch_url
...
This was not originally ported to an int when it should have been.
2020-06-09 08:58:27 +10:00
695accbb44
update deprecation notice to have a reason
2020-06-08 23:07:01 +01:00
92d8464ac1
Various fixes and enhancements
2020-06-05 21:59:16 +02:00
d2fa21a1ee
Make some change for Python version compatibility
2020-06-05 12:04:04 -04:00
118ada96a2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine
2020-06-04 17:55:38 +02:00
001910473b
Land #13448 , Fix relative location redirects
2020-06-04 09:17:45 -05:00
b0bec9c3aa
Land #13540 , Replace OptString with OptPort for RPORT
2020-06-04 13:01:22 +01:00
db4880762a
Add common MySQL injection payloads and options
2020-06-03 01:18:19 +02:00
1b796aa50b
OptString to OptPort
2020-05-30 10:27:48 +08:00
382168550e
Land #13522 , OptAddressRange CIDR completion fix
2020-05-28 13:36:09 -05:00
f1c492fa2d
Land #13470 , Pi-Hole < 4.3.3 dhcp static address RCE
2020-05-28 16:57:22 +01:00
129c45e666
Fix Msf::OptAddressRange (RHOSTS) tab completion
2020-05-26 20:07:26 -04:00
0a5fb8fc44
Land #13500 , unloadable modules fix for search-use
2020-05-26 12:12:53 -05:00
16886fa41e
Move generate_viewstate_payload to mixin
2020-05-21 18:37:13 -05:00
c50e242151
Add ViewState mixin
2020-05-21 18:37:11 -05:00
4c47ea5510
Ignore unloadable modules in search-after-use
...
The new `use` option is not listed in the help output for now, since I
do not think that it provides much end-user value.
2020-05-21 09:47:57 -05:00
e6e47ed890
Land #13262 , Add Python stager
...
Merge branch 'land-13262' into upstream-master
2020-05-20 16:22:48 -05:00
3aa48528ed
sorry Forget about it
2020-05-19 21:38:21 +08:00
ae3601cee1
Add Unicode support
2020-05-18 16:30:13 +08:00
a8673e0efc
pihole dhcp exec
2020-05-16 01:30:58 -04:00
b8ca608800
Land #13415 , badchar-free encoded payload fix
2020-05-15 17:50:59 -05:00
aa6624e7f8
Land #13436 , service encoder fix for psexec
2020-05-14 16:43:07 -05:00
6034f48e8f
Land #13405 , once more with feeling
2020-05-13 11:54:41 -05:00
91ea692cbe
socket_server.rb: better describe "0.0.0.0"
...
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
2020-05-13 16:30:00 +02:00
44b0ddf2ed
Land #13405 , OptAddressLocal for SRVHOST
2020-05-13 09:15:42 -05:00
ec33651243
socket_server.rb: SRVHOST can be an interface
...
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
2020-05-13 16:14:20 +02:00
a4b316a91e
Fix following redirects from send_request_cgi!
2020-05-13 09:54:14 +02:00
fc762f8a82
Land #13402 , add service_exists? method
2020-05-12 13:37:54 -05:00
fee523f6cf
Remove some unnecessary bytes
2020-05-12 15:22:56 +10:00
d39ca5c47f
Remove ref to base64 where not needed, more code golf
2020-05-12 15:08:43 +10:00
905ee564ee
Add zlib/base64 support to python stagers
...
This forces python to use zlib and base64 when transferring the stages
around. In my testing this dropped the stage for reverse_tcp from 111801
bytes to 36200 bytes (while still including the encryption libs).
2020-05-12 14:54:08 +10:00
258895f534
Use print_error for error messages
2020-05-12 00:02:52 +02:00
b7d16b1e72
Fix regression in psexec mixing filename and encoder
...
Closes #13407
2020-05-12 00:02:52 +02:00
Niboucha Redouane