a41fd9deda
Land #18532 , Fix db2 scanner module crashes
2023-11-16 15:21:48 +00:00
e011fbeb32
Land #18516 , extract common dispatcher commands into a single resuable mixin
...
Extract reusable core session commands
2023-11-15 11:25:52 +00:00
fc988c2033
Fix db2 scanner module crashes
2023-11-13 21:41:28 +00:00
1a07ab5aee
Improved comments on functions
2023-11-10 15:56:45 +11:00
f351d7b5e1
Don't create DNS cached resolver on every test, because it'll exhaust the OS's resources
2023-11-10 12:07:37 +11:00
d0585e0df5
Added unit tests
2023-11-09 14:45:06 +11:00
8ce328022c
Clearer dns feature results
2023-11-08 11:15:01 +11:00
1a7eefd972
Support saving and loading DNS in the MSF config file
2023-11-08 07:38:12 +11:00
7442655ab9
Override to TCP when encountering UDP-unfriendly comms
2023-11-07 15:58:45 +11:00
21f3335c31
Fully integrated Rex-socket-friendly DNS
2023-11-07 14:05:24 +11:00
a7c4b29748
Register nameserver with framework
2023-11-07 06:46:06 +11:00
c7e0e094fa
Add core session commands and test suite
2023-11-06 16:34:37 +00:00
672d651221
Optimization-of-the-libraries-using-Net-NTLM
2023-11-04 11:41:27 -04:00
17f7d5c253
Land #18497 , Add Exploit For F5 CVE-2023-46747
...
This module exploits a flaw in F5s BIG-IP Traffic Management User
Interface (TMUI) that enables an external, unauthenticated
attacker to create an administrative user. The attacker can then use
the admin user to execute arbitrary code in the context of the root user.
2023-11-02 11:46:15 -04:00
d26742a266
Add check code annotations, update AJP link
2023-11-02 08:53:56 -04:00
714eeaaa3a
Finish cleaning the exploit up
2023-11-01 16:55:36 -04:00
ac6aa53fc7
Land #18386 , Add a new lmkdir command
...
Merge branch 'land-18386' into upstream-master
2023-10-30 14:36:56 -05:00
6e9facbefb
Merge pull request #18419 from smashery/dcsync_kerberos
...
DCSync using Kerberos Pass-the-Ticket
2023-10-30 09:41:22 -04:00
79a3e756b3
Add the ENUM_LUIDS action
2023-10-27 12:47:19 -04:00
7b4caf79f8
Move the code into libraries for reuse
2023-10-27 12:47:19 -04:00
0dea63904f
Allow passing pointers for PBLOB in parameters
...
This will cause railgun to use the pointer as is it were defined as an
LPVOID parameter type. This is useful in cases where the contents are
already in the target's memory.
2023-10-27 12:47:19 -04:00
ba9cb1ef40
Update advapi32 definitions
...
Add definitions for ConvertSidToStringSid and fix the data type of the
ThreadHandle parameter.
2023-10-27 12:47:19 -04:00
71f019c359
Add initial secur32.dll railgun definitions
2023-10-27 12:47:19 -04:00
ff699aae00
Accept BinData::Struct instances in railgun
...
This updates railgun to accept BinData::Structs in key locations of
railgun for convenience.
2023-10-27 12:47:19 -04:00
5b5d5ade40
Free data using the new util API
2023-10-27 12:47:19 -04:00
3b4302d902
Land #18441 , Add at rest encryption to Meterpreter payloads
2023-10-27 12:18:19 +01:00
b58f963355
Land #18299 , extend error message for timeouts to include more detail to user
2023-10-26 00:21:22 +01:00
862e738015
extend error message for timeouts to include more detail to user
...
initial functionality, testing/cleanup still needed
script and command functionality
remove unnecessary accessor
switch puts to print_error in proc
ensure proc is reset, run on every error, add yard docs
fix yard, refactor/remove dead code
rename on_error_proc
2023-10-25 11:08:00 -05:00
9253b35fb2
Allow freeing allocated utility strings
...
Also use HeapAlloc so we're not leaking entire pages.
2023-10-24 17:18:36 -04:00
58176b6627
Update lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
...
formatting
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com >
2023-10-13 12:16:20 -05:00
102662d61a
Update lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
...
formatting
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com >
2023-10-13 12:16:04 -05:00
423262c979
Update lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
...
formatting
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com >
2023-10-13 12:15:54 -05:00
187ff951c3
Update lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
...
formatting
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com >
2023-10-13 12:15:39 -05:00
daa8b8ae99
Use Metasploit-Payloads Crypto to decrypt payloads
2023-10-13 14:42:10 +01:00
b428736e03
Add support for injection of encrypted dll payloads
2023-10-13 14:42:10 +01:00
7baf199f50
Add support for loading of encrypted libraries
2023-10-13 14:42:10 +01:00
6af8d3f6e6
Land #18431 , Fix how port forwards are listed
...
Merge branch 'land-18431' into upstream-master
2023-10-10 16:56:11 -05:00
ccb3927254
Update lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
...
Sets the path variable via a loop so that it fixes the path assignment and lets the user give a series of directories
Co-authored-by: Brendan <bwatters@rapid7.com >
2023-10-10 12:23:31 -05:00
1071341b23
Changes from code review
2023-10-09 10:31:36 +11:00
7876912eab
Changes-as-per-comments
2023-10-08 02:49:46 -04:00
d60993f7e8
Enable using modules when deferred loading is turned on
2023-10-06 16:04:34 +01:00
d46e80f17f
Fix how port forwards are listed
...
Fixes #18291
2023-10-06 09:04:28 -04:00
dff907b6ca
Land #18425 , Add history support to nasm and metasm shells
2023-10-05 17:20:31 +01:00
1f6009333e
Add history support to nasm and metasm shells
2023-10-04 22:36:19 +01:00
1ee7f03a2b
Land #18420 , Update user agent strings
...
Merge branch 'land-18420' into upstream-master
2023-10-04 14:13:04 -05:00
2deb3a831a
Update user agent strings
2023-10-03 11:47:23 +11:00
ea189d6c34
Changes-to-the-helper-lib
2023-10-02 13:35:28 -04:00
e70f356239
Show errors on inaccessible payload files
2023-10-02 14:46:25 +01:00
587c327944
Correctly align sec trailer and stub along a 16-byte boundary
2023-09-28 17:25:22 +10:00
1bd229056e
Support Kerberos auth for DCERPC
2023-09-28 16:26:06 +10:00
dwelch-r7