c3445ccb6f
respect ssl_version in crawler
...
When utilizing `Anemone` to crawl pages using `Rex` sockets
Framework common `SSL` settings can pull from standardized options.
This change enables more fine grained user control and avoids issues
with missing or deprecated SSL versions in newer Ruby versions.
2022-03-16 14:24:45 -05:00
b4de9fa92a
Land #16344 , Add module for CVE-2022-21999 and More Railgun Definitions
...
Merge branch 'land-16344' into upstream-master
2022-03-16 08:37:05 -05:00
008071888c
Land #16347 , Catch SocketError when normalizing the hostname
2022-03-15 16:45:29 -05:00
e28ee9ca53
Improve an error message when addr is nil
...
The normalized value can be nil when the hostname failed to resolve.
That is not helpful in the exception information, so use the original
value.
2022-03-15 14:01:26 -04:00
a3f4af1775
Fix encrypted shells crashing with no DB connection
2022-03-15 16:00:30 +00:00
a6a63d0895
Rename scope to zone_id
2022-03-15 11:14:41 -04:00
4dd7fc60e6
Land #16324 , Fix broken DNS native_server
2022-03-15 09:06:03 -04:00
8cc2b87f59
Use Dnsruby::Message for all inputs
2022-03-15 16:41:05 +11:00
c936c45167
Land #16186 , Add Python Meterpreter Command Payloads
...
Merge branch 'land-16186' into upstream-master
2022-03-14 17:29:03 -05:00
2142c877ad
Land #16262 , Use bash instead of netcat as a default payload
2022-03-14 17:18:37 -05:00
71cacc4cc2
Catch SocketError when normalizing the hostname
2022-03-14 17:09:37 -04:00
735c1256a3
Put reverse_netcat back in the default list
...
See #16262 for context. This will select reverse_bash if no required
commands are specified, which should be suitable for most environments.
The RequiredCmd payload compatibility key can be specified to override
this behavior by marking the commands that are available.
2022-03-14 09:16:39 -04:00
a959725f7c
implement vnc hash types
2022-03-13 13:27:38 -04:00
fe70296f1e
Msf::Payload::Apk: Try rebuilding APK with AAPT2 if rebuilding APK fails
2022-03-13 14:35:15 +00:00
df81a48e4a
Land #16332 , fix zipalign to align shared object files
2022-03-13 12:48:22 +00:00
d28a172ab4
Msf::Payload::Apk: Extract cert details from APK files not JAR signed
...
Since Android 11, APK contents must be signed with signature scheme
v2 or higher (v2/v3/v4). In order to maintain compatibility with
older versions of Android, APKs can also be signed with v1 (after
first signing with v2/v3/v4), but this is not mandatory.
When using a template apk file, the APK library now attempts to
extract signing scheme v1 certificate details (using keytool)
and falls back to extracting v2/v3/v4 certificate details (using
apksigner) if the APK is not signed with signing scheme v1.
Fixes #16295 .
2022-03-12 18:40:37 +00:00
6ae54566b6
Msf::Payload::Apk: zipalign: align APK stored shared object files
2022-03-12 18:22:34 +00:00
a62ca2259e
Land #16316 , deref services correctly
2022-03-11 12:08:42 +00:00
d5373a7278
Removed redundant cleanup calls which exploit_driver will call anyway
2022-03-11 12:08:51 +11:00
bc9f64f043
use default printer in case target is server
...
clean up code, add EnumPrinters definitions
2022-03-10 16:45:20 -06:00
8ec9c89a1d
Bump version of framework to 6.1.34
2022-03-10 12:05:16 -06:00
b747e55dda
Land #16303 , add Dirty Pipe exploit
2022-03-10 11:16:28 -06:00
9b651eef32
Use encode (from Dnsruby), not data (from Net::DNS)
2022-03-10 13:31:58 +11:00
6f159fa54e
Consistent handling of DNS and LDAP servers wrt ServiceManager
2022-03-10 11:01:37 +11:00
9761d68c19
Rename stop_service to cleanup_service for services that use reference counting
2022-03-10 10:28:25 +11:00
c2e0a61a74
Fix the hosts command's tab completion
2022-03-09 18:17:14 -05:00
5c5340b6fd
Fix the hosts command's --search flag
2022-03-09 18:17:09 -05:00
c9d43aafe6
Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity
2022-03-10 09:06:25 +11:00
dd47017b5c
Added support to old key exchange algorithms
...
This commit fix the issue #16138 by adding support to old key
exchange algorithms in the net/ssh lib by defining the
`append_all_supported_algorithms` to `true`.
2022-03-09 10:25:50 +01:00
955cc9c986
fix cross compiling
2022-03-09 06:59:25 +00:00
3b524360ed
Explicitly specify server/client versions, fix logger crash, and specify jtr format
2022-03-09 01:37:22 +00:00
837cf199a0
Use reference counting consistently for HTTP handlers ( Fixes #16315 )
2022-03-09 10:56:38 +11:00
22f88f9ab7
Add docs
2022-03-08 23:52:24 +00:00
6f2a7d6167
Add note that SMB v1 is not supported
2022-03-08 23:52:24 +00:00
53772fa366
Gracefully handle relay host timeout, fix typos, and move SMBHashCapture location
2022-03-08 23:52:24 +00:00
bcb0850e07
Rename SMBHOST
2022-03-08 23:52:23 +00:00
144fc5eddf
Add smarter targetlist support
2022-03-08 23:52:23 +00:00
25265c7a7b
Linting
2022-03-08 23:52:23 +00:00
3e68e298a1
Add targets
2022-03-08 23:52:23 +00:00
e02021ee91
Fix database cred reporting and error handling
2022-03-08 23:52:23 +00:00
507b1dab2b
Apply PR feedback
2022-03-08 23:52:22 +00:00
b4fe2502aa
Update smb_relay to support smb 2 and smb3
2022-03-08 23:52:22 +00:00
4652605458
Respect communication channel when selecting existing service within ServiceManager ( resolves #16314 )
2022-03-09 10:22:11 +11:00
fe57bebc58
Land #16310 , only iterate if RHOSTS is registered
2022-03-08 14:31:59 -05:00
79761c942c
Ignore iterating multiple rhosts if option not registered
2022-03-08 17:52:42 +00:00
db9c544e6f
Land #16302 , Defer TLV logging until session is bootstrapped
2022-03-08 09:58:49 +00:00
d99d14eaa8
Defer TLV logging until session is bootstrapped
2022-03-07 15:47:49 +00:00
c02b3da666
Land #16282 , Add lcat command for meterpreter
2022-03-07 09:56:24 -05:00
7bb575a24e
Msf::Payload::Apk: Replace jarsigner with apksigner
...
This allows signing APK files with Signature Scheme v2/v3/v4.
2022-03-06 13:50:38 +00:00
be928f9154
Msf::Payload::Apk: raise if apktool output includes Java exceptions
2022-03-05 15:32:24 +00:00
Jeffrey Martin