1e23dffc5b
Msf::Ui::Console::CommandDispatcher::Core: Fix 'help setg' output
2023-04-15 20:35:15 +10:00
246a69e897
Remove unneeded return statement after raising an exception
2023-04-14 15:28:17 -05:00
da5a361d3f
Remove extra require that wasn't needed with Zeitwerk
2023-04-14 15:28:17 -05:00
2d90bdcecb
Fix up some YARD issues
2023-04-14 15:28:17 -05:00
db08c5df11
Address @gwilcox-r7's notes
2023-04-14 15:28:17 -05:00
4be8cd3752
Annotate skip of Debian IPv6 hosts
2023-04-14 15:28:16 -05:00
89a564c378
Fix up YARD documentation to account for potential nil being returned
2023-04-14 15:28:16 -05:00
b01b3a5ecd
Fix typo that prevented entries from being cached
2023-04-14 15:28:16 -05:00
9a23e63365
DNS Resolver Improvements
...
Handle proxy connection resets over TCP (common w/ ENUM_BRT & TOR).
Ensure qtype is a string before passing to cache.
2023-04-14 15:28:16 -05:00
6039affe0d
Address @gwilcox-r7's comments
2023-04-14 15:28:15 -05:00
da93c9440f
Cleanup cache API
2023-04-14 15:28:15 -05:00
3d49b4b429
Use ivar_set for answer setters
2023-04-14 15:28:15 -05:00
513779fd3f
Drop vestigial #validate_path calls
2023-04-14 15:28:15 -05:00
c4e29eaa94
Implement Caching DNS Resolver in Rex
...
Rex::Proto::DNS::Resolver is currently unable to approximate the
host OS' native resolver because:
1. It cannot cache responses and has to go out to its defined NS'
each time to query for the answers,
2. Because it is not aware of the system's hostsfile entries which
can result in leaks/mis-targeted execution, and a bunch of other
unpleasantly nuanced problems.
Address the concern by:
1. Creating a descendant CachedResolver class from
Rex::Proto::DNS::Resolver, with a #send method override which
performs cache query and population.
2. Moving the Cache class up one namespace to Rex::Proto::DNS and
updating the server accordingly.
3. Fixing the MATCH_HOSTNAME regex in Rex::Proto::DNS::Constants to
allow a short-name (vs FQDN) and creating a relevant MATCH_FQDN.
TODO:
1. Deal with adding search domains from the system to short-name
queries and records; if we decide this is a good idea (potential
for leaks).
2. Look at performance optimization for multiple concurrent queries
via singleton/refcounted/other optimized concurrent access patters.
Testing:
1. Pry-level tests of the objects edited/created in this PR. Needs
some runtime testing to QA.
2023-04-14 15:28:05 -05:00
cda2e9610b
Land #17820 , optimising the nagiosxi modules
...
This PR refactors the authenticated nagiosxi modules and mixins..
2023-04-14 16:21:26 -04:00
fae910eb6b
Bump version of framework to 6.3.13
2023-04-13 12:11:45 -05:00
f9d5459a9c
Land #17872 , Ensure identify hashes helper is accessible to modules
2023-04-13 16:20:20 +01:00
87c0faa73a
Add ensure disconnect to ftp login module, ftp timeout configuration
2023-04-12 11:18:50 -05:00
8e2169ed47
Ensure identify hashes helper is accessible to modules
2023-04-12 13:28:56 +01:00
275963eca2
Land #17353 , Persist icpr cert as pkcs12 credential
2023-04-12 13:16:18 +01:00
a6b478e046
Land #17832 , Two modules for UniRPC - CVE-2023-28502 and CVE-2023-28503
2023-04-12 11:43:13 +02:00
e6c1aecd26
Land #17502 , Adds SCTP Sessions
2023-04-12 10:15:43 +01:00
59ff65d58d
Land #17821 , DBManager: Import: Add Nuclei JSON database import
2023-04-11 17:51:22 +02:00
875ad34b62
Persist icpr cert as pkcs12 credential
...
Update creds command to support pkcs12
2023-04-11 16:25:25 +01:00
3b7cf035ea
DBManager: Import: Add Nuclei JSON database import
2023-04-10 22:22:19 +10:00
8525849763
Msf::Payload::Apk: Bump apktool minimum required version to 2.7.0
2023-04-10 21:07:25 +10:00
ce111f158a
Better error handling
2023-04-06 10:35:33 -07:00
261fc5227d
Bump version of framework to 6.3.12
2023-04-06 12:13:28 -05:00
c345fe78b8
Fix up error handling and other comments from the PR
2023-04-05 15:13:35 -07:00
04a9ae7335
Add check methods
2023-04-05 10:55:28 -07:00
c93a4d0e30
So we don't actually use an http server when we use cmdstager::flavor certutil
2023-04-03 15:06:26 -05:00
812d3c7f35
PR Review Changes for optimizing the nagiosxi modules
2023-04-01 14:28:37 +05:30
eb12cfec05
Land #17778 , Update brocade tests to pass locally
2023-03-31 10:51:31 +01:00
3aabb738bf
Bump version of framework to 6.3.11
2023-03-30 12:10:12 -05:00
f40e843b4e
Land #17833 , Add check metadata to rpc module info
2023-03-30 17:08:04 +01:00
ab08cd2d1c
Land #17753 , Update get_ticket to support using forged golden tickets
2023-03-30 14:15:48 +01:00
c926f4961b
Add check metadata to rpc module info
2023-03-30 10:24:31 +01:00
4cab9b1a34
Make rubocop happy
2023-03-29 08:05:05 -07:00
41fe44ef1a
Merge branch 'master' into unirpc-auth-bypass
2023-03-29 08:03:05 -07:00
6897be4b01
Add two Metasploit modules for UniData vulnerabilities
2023-03-29 08:01:50 -07:00
9cd024a7a2
Land #17828 , add AMQP login scanner module
2023-03-29 09:24:48 -05:00
e1ecdac2a5
Land #17724 , Add ticket checksum to kerberos ticket creation
2023-03-29 09:01:39 +01:00
72ec93d27a
Land #17827 , add AMQP version scanner module
2023-03-28 16:00:42 -05:00
865251b8aa
Land #17818 , fix crash in RPC job info
2023-03-28 12:02:56 -04:00
7a2643304e
Add a missing require line
2023-03-27 16:54:04 -04:00
97d67c6a79
Add an AMQP login scanner
2023-03-27 16:53:03 -04:00
5d0ae3e0c0
Add a missing require line
2023-03-27 16:48:40 -04:00
f9c6caa804
Land #17785 , add SolarWinds (SWIS) deser RCE
2023-03-27 15:25:17 -05:00
5f382cedba
Fix crash in rpc job info command
2023-03-24 12:08:58 +00:00
bfac7e6e0b
Add a formatter_compatible_gadget_chains function
2023-03-23 17:28:58 -04:00
bcoles