adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

20644 Commits

Author SHA1 Message Date
Spencer McIntyre 5725dd2ded Fix an off by one size error 2023-02-14 18:01:14 -05:00
Spencer McIntyre ac9d60ce9e Land #17281, Added module for CVE-2022-2992 
Added module for CVE-2022-2992 - Gitlab Remote Command Execution via Github import
 2023-02-14 16:57:29 -05:00
space-r7 78ae5f49ce add gitlab prefix back to methods 2023-02-14 15:26:01 -06:00
space-r7 304b90ecc8 split mixins between forms and v4 api used 2023-02-14 12:37:43 -06:00
Spencer McIntyre c3fa924cfa Remove the NGROK_URL option 2023-02-13 14:31:44 -05:00
Spencer McIntyre 210b7a3254 Use #get_json_document instead of JSON.parse 
Also fix typos
 2023-02-13 14:00:13 -05:00
Spencer McIntyre fd6cd82f30 Upgrade DLL template size automatically 2023-02-09 15:09:50 -05:00
Metasploit e420dc123d Bump version of framework to 6.3.3 2023-02-09 12:10:37 -06:00
Grant Willcox 43b4ee268c Land #17592, Fix bypassuac_injection_winsxs for x64 2023-02-09 11:41:51 -06:00
RageLtMan a215d64574 Linux x64 binary reverse SCTP stager 
Implement binary SCTP stager for Linux x64.

Testing:
  Successful test against Arch Linux x64 VM in local Libvirt
 2023-02-08 21:47:28 -05:00
RageLtMan 8aef054dfd SCTP Sessions 
With the introduction of SCTP socket support in Rex::Socket via
https://github.com/rapid7/rex-socket/pull/56, Framework can utilize
this protocol for session transports similarly to  TCP as it is a
stream-wise transport.

Implement bind and reverse handlers for the new socket type.
Implement example bind and reverse payloads using socat copying
from the initial udp sessions implementation.

Testing:
  Rudimentary bind session test against local Libvirt Linux VM

Next steps:
  Implement the language-level payloads for the interpreters common
to POSIX environments supporting SCTP.
  Implement meterpreter transports for SCTP in Python, PHP, Mettle,
and Java modalities (Windows doesn't support it without carrying
its own usermode protocol library).
 2023-02-08 21:47:28 -05:00
dwelch-r7 7909fe32c2 Land #17612, Add exception handling for finalizer methods 2023-02-08 12:33:52 +00:00
dwelch-r7 782e4c0295 Add ul_type 12 (UPN and DNS info) to pac bindata 2023-02-07 23:14:00 +00:00
adfoster-r7 f145a214ca Add exception handling for finalizer methods 2023-02-07 20:28:15 +00:00
RageLtMan 153f950f11 Add AwsSsmCommandShellBind session type 
Create an AwsSsmCommandShellBind session type to provide intercept
points for shell command interactions and a wrapper class which is
used to register the new session.

Update Msf::Handler::BindAwsSsm with its own #create_session method
utilizing the new session type to provide direct control of session
initialization.

Restore standard handler attributes and thread nomenclature in an
attempt to resolve the repeating session creation when #to_handler
is called on the payloads.

Testing:
  Tested in local framework, unfortunately the recurring session
init problem appears to persist. Requesting testing on an upstream
Framework by saner folks.
 2023-02-04 20:57:26 -05:00
RageLtMan 7e19141dfc Standardize DS names and set OS platforms 
Update SSM handler code to standardize datastore option names per
@zeroSteiner.
Update payload modules to reflect the OS targets against which they
are to execute.
 2023-02-04 19:41:40 -05:00
Grant Willcox ad82437067 Land #17591, Fix metasm_shell by requiring readline 2023-02-03 15:14:32 -06:00
Spencer McIntyre dc179f6279 Fix stack trace on exit via Ctrl+D (EOF) 2023-02-03 14:38:07 -05:00
Spencer McIntyre f2e5e77e27 Fix bypassuac_injection_winsxs for x64 
Tested on Windows 8.1, prior to these chagnes the bad railgun definition
would cause the session to crash.
 2023-02-03 13:02:53 -05:00
cgranleese-r7 b789e00ea7 Enhances info -d with references to AttackerKB 2023-02-03 10:15:55 +00:00
Metasploit 5d6e989e64 Bump version of framework to 6.3.2 2023-02-02 12:11:52 -06:00
adfoster-r7 cfb5a55880 Land #16946, Add row indicator to show targets command 2023-02-02 17:26:53 +00:00
adfoster-r7 b408837b7f Land #17575, Load TGS tickets with a different sname 2023-02-02 17:02:48 +00:00
cgranleese-r7 d1e68e634a Add row indicator to show targets command 2023-02-02 16:12:19 +00:00
Spencer McIntyre 3eaed76025 Land #17561, Fix functions in def_iphlpapi.rb 
Fix input and output buffers for some mislabeled functions in def_iphlpapi.rb
 2023-02-02 09:10:28 -05:00
adfoster-r7 6870efc34a Land #17426, Update all references to old Wiki to point to new docs site 2023-02-01 23:49:20 +00:00
Spencer McIntyre 61c2726620 Fix NoMethodError for #opcode 2023-02-01 18:19:46 -05:00
Grant Willcox b5a83ffd0f Add in PULONG alias to PDWORD and update definitions 2023-02-01 12:36:22 -06:00
adfoster-r7 5a1eb16018 Land #17574, Use the new NDR types in RubySMB v3.2.4 2023-02-01 12:02:47 +00:00
Spencer McIntyre 84f798da32 Allow loading TGS tickets for other service names 
Fixes #17571
 2023-01-31 17:03:25 -05:00
Grant Willcox b866bf59c8 Land #17444, Fix parsing of module options with special characters 2023-01-31 10:42:16 -06:00
Spencer McIntyre 0d9a282237 Use the new NDR types in RubySMB v3.2.4 2023-01-31 10:08:27 -05:00
adfoster-r7 5076518fe4 Land #17559, add support for Ruby 3.2 2023-01-31 13:45:51 +00:00
cgranleese-r7 fb196cb378 Testing Ruby 3.2 against CI 2023-01-31 13:19:06 +00:00
Grant Willcox be85aa253d Fix input and output buffers for some mislabeled functions 2023-01-27 14:09:45 -06:00
Jack Heysel c3e73b9b11 Land #17557, Fix the logon_time in the MS14-068 2023-01-27 15:08:49 -05:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Grant Willcox 6111852df8 Land #17504, add 'favorite -l' and 'favorites' as aliases for show favorites 2023-01-27 09:37:06 -06:00
adfoster-r7 c681358f88 Land #17558, Fixes analyze command crashing with a winrm session opened 2023-01-27 15:35:40 +00:00
Spencer McIntyre 647cf1d402 Return Time from #extract_logon_time 2023-01-27 10:05:02 -05:00
adfoster-r7 020e221c42 Present unsupported ul_types in a clearer way to the user 2023-01-27 13:40:33 +00:00
cgranleese-r7 1d8c9d3690 Fixes analyze command crashing with a winrm session opened 2023-01-27 10:45:05 +00:00
Metasploit d80a18a00c Bump version of framework to 6.3.1 2023-01-26 13:40:05 -06:00
Jeffrey Martin dc6c1e333b Land #17553, Framework 6.3.0 2023-01-26 13:30:27 -06:00
Jeffrey Martin bdb0cadc4f Land #17291, Add support for rails 7 2023-01-26 11:50:29 -06:00
adfoster-r7 672fb9ce9f Land #17460, add support for feature kerberos authentication 2023-01-26 17:47:27 +00:00
adfoster-r7 ab60df7cda Land #17519, improve SMTP delivery error handling 2023-01-26 17:02:02 +00:00
dwelch-r7 4254276c26 Land #17531, Change kerberos option name namespacing convention to :: 2023-01-26 16:29:11 +00:00
Spencer McIntyre 1b34e5923f Land #17551, Fix issue on nil kerberos username 
Fix force encoding issue on nil kerberos username
 2023-01-26 11:23:05 -05:00
adfoster-r7 2d30909a2f Change option name namespacing convention 2023-01-26 16:17:50 +00:00