552b76aa8f
Initialize to an empty string
2023-06-15 01:44:42 +01:00
c93adfb697
Land #17781 , adds support for module writers to supply include_dir iquote options when compiling mingw
2023-06-14 22:47:10 +01:00
6988227ee4
Fix AS-REQ with PKINIT and NTDS_CA_SECURITY_EXT
2023-06-14 16:18:04 -04:00
3ee02a0e41
Add the ALT_SID datastore option
2023-06-14 16:17:58 -04:00
bec47e8b59
Fix unitialized constant error when meterpreter registry key reads timeout
2023-06-14 19:50:28 +01:00
69b7635f0f
Update SessionTLVLogging to no longer truncate useful values
2023-06-14 18:39:58 +01:00
2d87447db7
Fix time command bug when running complex commands
2023-06-14 18:01:47 +01:00
fb6bb4031c
Fix issue that falsely caused empty file reads on meterpreter
2023-06-14 17:50:54 +01:00
b9f260d0f7
Land #18089 , Add Masm support
2023-06-14 13:51:41 +01:00
cabae172f9
Remove superfluous setup_handler
2023-06-13 16:03:55 -05:00
548d7e76a8
Fix accidental diff
2023-06-13 16:01:58 -05:00
38f542174d
Land #17336 , A more robust implementation for Windows version comparisons
...
Merge branch 'land-17336' into upstream-master
2023-06-13 15:38:56 -05:00
c41483250f
Fix an edge case in .to_win32pe
...
When the entry point is after the payload, there woud occassionally be
cases where `poff` and `eidx` to be invalid, causing `entry` to be
truncated. `poff` should never be negative and `eidx` should reserve the
256 bytes that `entry` may occupy.
2023-06-13 13:41:47 -04:00
1af9660296
Add routable address type
2023-06-13 10:29:15 -05:00
9e773b3f35
Fix issue with info command and IP address check
2023-06-13 10:16:07 -05:00
1fbfc8e4d4
Update lib/metasploit/framework/compiler/mingw.rb
...
Error in github review, replaced line 39 instead of 37-38-39 -> Fixed
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-06-13 15:04:00 +02:00
0b320f6209
Update lib/metasploit/framework/compiler/mingw.rb
...
Review made by @adfoster-r7 and tested by @ARaout
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-06-13 14:59:22 +02:00
9d315af25e
Update lib/metasploit/framework/compiler/mingw.rb
...
Review made by @adfoster-r7 and tested by @ARaout
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-06-13 14:59:15 +02:00
cb105d8978
Update lib/metasploit/framework/compiler/mingw.rb
...
Review made by @adfoster-r7 and tested by @araout
Works perfect
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-06-13 14:58:36 +02:00
8d1e7a386c
Rubocop and code review suggestions
2023-06-13 15:58:30 +10:00
0761f8f729
[+] add masm output support
2023-06-13 06:55:16 +02:00
f97ab80224
Land #17942 , Improve AMSI bypass on new Windows
...
The script generated by the web_delivery module is blocked
by the Antimalware Scan Interface (AMSI) on newer versions
of windows. This PR allows the script to bypass AMSI.
2023-06-12 18:50:48 -04:00
c8f942cc03
Land #17955 , Golf a bit the php payload
2023-06-12 16:31:00 +01:00
834ad18d28
Land #18069 , Handle LDAP UnbindRequest
...
Remote::JndiInjection: handle LDAP UnbindRequest
2023-06-12 09:53:38 -04:00
668b72a4ca
Rex::Proto::LDAP::Server handle LDAP UnbindRequest
2023-06-10 09:42:58 -04:00
4c817ce1de
Land #17946 , CVE-2023-21839 - Oracle Weblogic RCE
...
CVE-2023-21839 - Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization
2023-06-09 14:55:43 -04:00
694c1006e4
Add more IPv6 support in to the module
2023-06-09 12:24:35 -05:00
296a7afc86
Land #18076 , Don't use length for freeing.
2023-06-09 10:10:29 -04:00
2acc014014
Fix AS-REQ with PKINIT and NTDS_CA_SECURITY_EXT
2023-06-08 15:10:35 -04:00
47835b57a7
Add the ALT_SID datastore option
2023-06-08 15:10:27 -04:00
5b5c29842c
Land #18022 , Add post/windows/manage/make_token
...
Add update_token to MSF + make_token post-ex module
2023-06-08 14:53:22 -04:00
92cf562950
Bump version of framework to 6.3.21
2023-06-08 12:12:50 -05:00
717ceae45b
Don't use length for freeing.
...
MSDN says this will never succeed - should always be zero.
2023-06-08 15:02:41 +10:00
451735ad15
Fix exception handler & add doc
2023-06-06 17:43:22 +02:00
18ddd72285
Update jenkins login scanner to work with newer versions
2023-06-06 11:54:55 +01:00
e6b1ae2af8
Remote::JndiInjection: handle LDAP UnbindRequest
2023-06-06 00:54:40 -04:00
94ef437f9f
Add in YARD documentation
2023-06-05 12:10:10 -05:00
9574c79d36
Remove extra code
2023-06-05 12:07:27 -05:00
795980260b
Created mixin to retrieve the architecture of the current shell.
...
Currently only supports Windows, but does work on Win2000 upwards.
2023-06-05 11:10:53 +10:00
734e0b099e
Land #18018 , Add in CVE-2023-29084
...
Add in CVE-2023-29084 - Zoho ManageEngine ADManager Plus ChangePasswordAction
Authenticated Command Injection
2023-06-02 12:14:43 -04:00
1e9d286c77
Land #18044 , Add MIPS64 Linux Fetch Payloads
...
Merge branch 'land-18044' into upstream-master
2023-06-02 10:53:43 -05:00
7728e1e2fb
Add in new library function for escaping PowerShell literals
2023-06-02 10:22:56 -05:00
0f71613b66
Land #18056 , Modify command stagers to not go over 100%
2023-06-01 16:06:13 -05:00
25e8cf8faf
Bump version of framework to 6.3.20
2023-06-01 12:10:08 -05:00
96f2c96a75
modify command stagers to not go over 100%
2023-06-01 12:07:07 -05:00
8378435051
Land #17430 , Add AWS SSM Sessions
2023-06-01 11:34:40 -04:00
7f4bda193d
Support retrieving Service Pack version on older OSes
2023-06-01 10:48:17 +10:00
9349dd24e3
Add a proper definition for NtdsCaSecurityExt
2023-05-31 17:31:33 -04:00
1fbba702de
add support to masm formatting
2023-05-31 17:17:17 +02:00
4b1158d5f1
Use existing shell registry logic
2023-05-31 11:24:33 +10:00
adfoster-r7