adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

20644 Commits

Author SHA1 Message Date
space-r7 fee037ac18 Land #15670, add opmanager sumpdu deser module 2021-09-20 12:15:26 -05:00
adfoster-r7 9574100760 Improve interactive shell performance 2021-09-17 11:43:28 +01:00
Ashley Donaldson 91d0a6cc55 Re-auth after the session times out 
This seems to happen after 8 hours. WinRM doesn't like having bodies
in the authentication requests, so we force the HTTP client to send
an empty one first
 2021-09-17 07:32:18 +10:00
Metasploit 8ceab1259c Bump version of framework to 6.1.7 2021-09-16 12:05:04 -05:00
Spencer McIntyre 56cd43a8b8 Land #15624, Add module for CVE-2020-27955 2021-09-15 14:54:19 -04:00
adfoster-r7 6072382666 Add session warnings on new lies 2021-09-15 17:43:05 +01:00
adfoster-r7 39ca4660a9 Add meterpreter compatibility metadata to screenshare module 2021-09-15 17:34:57 +01:00
Tim W ddd1d37d4b fix module description 2021-09-15 16:25:18 +01:00
Spencer McIntyre 1bd3a764a6 Fixup issues from testing 2021-09-14 16:32:25 -04:00
Tim W 27e09e0898 fix #15662, fix meterpreter download of utf8 filenames 2021-09-14 14:30:10 +01:00
Spencer McIntyre 02fde3ac51 Initial work on CVE-2021-3287 2021-09-14 09:10:44 -04:00
bwatters 07204dc99e Rubocop -A 2021-09-14 07:41:45 -05:00
bwatters ddebdbc770 Remove some debug prints I left in 2021-09-14 07:41:45 -05:00
bwatters 51c4c9bd4e Update file library and file test module to work correctly 
- added file append
- changed powershell commands to script-style (they seem to work much better)
- cleaned out use of string literals for filenames in test module
 2021-09-14 07:41:45 -05:00
adfoster-r7 1499b1988e Land #15609, Add Meterpreter compatibility commands 2021-09-13 15:21:03 +01:00
A Galway ed6ef51f64 demotes no db message from error to warning 2021-09-13 11:06:45 +01:00
Ashley Donaldson 5dceb48553 Fixed rubocop issues 2021-09-13 11:40:03 +10:00
Ashley Donaldson 44455fd165 Added some comments for clarity 2021-09-12 19:38:16 +10:00
Ashley Donaldson 4f8e435e69 Handle upgrading to Meterp on Windows 2012 command shell via WinRM 
These shells appear not to reflect input back to the user, which messes with
assumptions when it comes to parsing them out. So we utilise the code that
determines whether reflection is happening on Windows too.
 2021-09-12 17:10:09 +10:00
kensh1ro 4454a7600a add minor fixes to module code 2021-09-10 22:56:04 +03:00
A Galway 81a86379d7 handles unverified shells & warns db/mingw not installed 2021-09-10 17:56:08 +01:00
Ashley Donaldson 16af8ad028 Honour the timeout parameter for reading from the shell 2021-09-10 22:39:27 +10:00
Ashley Donaldson 12546865de Support Ctrl+C now we're using Command Shell rather than Powershell 2021-09-10 18:15:43 +10:00
Ashley Donaldson 50e31917da Emulate a stream to make the base command shell happy 2021-09-10 17:45:08 +10:00
Ashley Donaldson 0927737948 Adapted WinRM module logging to MSF logging 
Separated WinRM module into separate files
 2021-09-10 15:54:50 +10:00
Ashley Donaldson b0e1502c86 Implemented suggestions from code review 
- Use a literal hash
- Comment meaning of NTLM transforms
- store loot with data ready to go, to keep database in sync with file
 2021-09-10 08:25:25 +10:00
Ashley Donaldson 5cffa86e30 Removed unused code 2021-09-10 07:46:05 +10:00
Ashley Donaldson cf09d56be0 Support re-authentication during the shell 
After 8 hours, the server requests re-authentication, so need to support that.
 2021-09-10 07:41:31 +10:00
Metasploit e577de41d4 Bump version of framework to 6.1.6 2021-09-09 12:06:10 -05:00
A Galway 4a3fb6920e adds cmd_shell initial output reading to bootstrap 2021-09-09 16:34:21 +01:00
Ashley Donaldson 9ea3be903d Just use cmd, as powershell <= 3.0 doesn't actually use stdout/stderr 2021-09-09 22:40:43 +10:00
Ashley Donaldson c33b850ff8 Support terminating processes early by sending a Ctrl+C signal 2021-09-09 22:08:33 +10:00
Tim W 9d2065fee5 cleanup 2021-09-09 10:02:22 +01:00
Ashley Donaldson 51a8c834c3 Support Windows 2012 and earlier 2021-09-09 18:05:29 +10:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
Grant Willcox 8cb2583039 Land #15654, Fully receive stage - Encrypted Payloads 2021-09-08 16:29:50 -05:00
bwatters d5fee988be Land #15560, Add a binary safe write_file method for powershell session type 
Merge branch 'land-15560' into upstream-master
 2021-09-08 14:07:44 -05:00
bwatters f5a8c7e918 Add missing end 2021-09-08 12:53:41 -05:00
Spencer McIntyre 3443345417 Land #15655, Cleanup rbmysql options 2021-09-08 13:44:53 -04:00
adfoster-r7 f1ec12cb7e Cleanup rbmysql options 2021-09-08 15:51:21 +01:00
space-r7 9879593598 wait for all data when receiving stage 2021-09-08 09:31:03 -05:00
Ashley Donaldson 2f0509f2b5 Modified shell to a PowerShell shell 
This also resolves a bug with the session not upgrading to meterpreter
 2021-09-08 08:19:43 +10:00
Ashley Donaldson 3acddf75b4 Suggested changes from code review 
* Report socket info
* Use existing Event class
* Remove debugging prints
* Comment obscure constant
 2021-09-08 07:36:59 +10:00
Jack Heysel e30ccafd86 Refeactor lfs.rb, revert rubocop changes on library files 2021-09-07 13:43:10 -04:00
Ashley Donaldson b8e98ca99c Increase responsiveness of WinRM shell, while also reducing number of requests sent. 
Achieved by either waiting N seconds, or immediately after stdin is sent.
While we were sending them every 2 seconds, we could sometimes be held up
waiting for a stdout response before we could even send our stdin message.
 2021-09-07 14:59:12 +10:00
Ashley Donaldson e6dba1a84a Ignore channel binding on HTTP 2021-09-07 10:58:18 +10:00
Ashley Donaldson ea0925f877 Support Extended Protection for Authentication 2021-09-07 10:31:01 +10:00
test 044a9d3ad2 Clarified variable names 2021-09-06 15:46:05 -04:00
Ashley Donaldson 00100f426c Handle the server ceasing to respond 2021-09-06 23:24:23 +10:00
Ashley Donaldson 0e103e8550 Enabled encryption for WinRM when using Negotiate auth 2021-09-06 22:25:34 +10:00