7ac4387d35
Land #18696 , Convert MSSQL mixin to class
2024-02-02 14:14:34 +00:00
372b792b8c
Land #18761 , Add alert to show user the new session options available in Metasploit 6.4
2024-02-02 10:25:32 +00:00
35778e92b2
client consolidation
...
convert first module from remote to client
move client to rex
remove metasploit mixin
2024-02-01 17:23:55 -06:00
3c46f51924
Land #18753 , Fix typo in alloc_and_write_wstring
...
The method str_to_uniz_a was being called but does not exist.
The actual method name is str_to_uni_z, this PR fixes that typo.
2024-02-01 15:09:16 -05:00
e21dcf34ed
Bump version of framework to 6.3.55
2024-02-01 12:08:45 -06:00
10dfe9c428
Remove prefix from alerts
2024-02-01 17:33:31 +00:00
5193d30db7
Move message order
2024-02-01 17:17:58 +00:00
2a4d50c6e7
Fix source location tracking for ruby kernel patches
2024-02-01 15:38:30 +00:00
1c334ad670
address stack trace noticed in testing
2024-02-01 08:49:16 -06:00
e5b5f12a4e
add missing sasl mechanism constant
...
* support mechanism reported as NTLM or GSS-SPNEGO
* return ResultCodeAuthMethodNotSupported for unknown bindRequest auth
2024-02-01 08:44:55 -06:00
764a87fda8
nil check and fix mock
2024-01-30 17:51:40 +00:00
4d0ba2fa1d
Land #18742 , Memory search module improvements
2024-01-30 17:39:12 +00:00
1abaef4945
Move new session information alerts behind a feature flag
2024-01-30 16:38:00 +00:00
44916e67d5
Check if the SMB share exists before overwriting
2024-01-29 16:55:25 -05:00
3d476f4ef3
Add the missing #on_client_connect method
2024-01-29 16:44:32 -05:00
b9cf7ba894
Fix an issue where info would raise an exception
...
Fix instances where the `info` command would raise an exception while
generating the payload to calculate its length.
2024-01-29 16:44:32 -05:00
1c36d89942
Fix a double deref issue with the HTTP service
2024-01-29 16:44:32 -05:00
96316a94fe
Initial SMB server for fetch payloads
2024-01-29 16:44:28 -05:00
b5906418c2
Update the HashCapture mixin
...
Use #srvport instead of the datastore and pull in upstream chanes for
the metasploit-credential gem to enable use within payloads.
2024-01-29 13:35:56 -05:00
33306fa4dd
The SRVPORT is already registered
...
The SRVPORT datastore option is registered by the Remote::SMB::Server
mixin so including it here is redundant.
2024-01-29 13:35:54 -05:00
a8c240f671
Refactor existing fetch work
...
* Build the HTTPS server on top of HTTP instead of the other way around
* Set the fetch service to nil after it has been cleaned up
* Don't capitalize the H in the word handler
* Check if the fetch_service is truthy before cleaning it up
* Remove the unused FetchServerName datastore option
* Fixup the description text
* Don't allow slashes in fetch file names
* Also add the #fetch_bindnetloc method
Fix a problem in fetch/tftp.rb
2024-01-29 13:34:56 -05:00
9a2ec90c16
Add alert to show user the new session options available in Metasploit 6.4
2024-01-29 17:06:21 +00:00
7ce13101df
Ensure DNS command config loading does not crash msfconsole
2024-01-29 13:23:18 +00:00
d05b85de50
Land #18680 , Shared SMB Service
...
Merge branch 'land-18680' into upstream-master
2024-01-26 14:42:11 -06:00
38c9185564
Add reviewed changes
2024-01-26 22:58:00 +05:30
9391e11202
Fix typo in alloc_and_write_wstring calling non-existent method
...
`str_to_uniz_a` does not exist, updated to `str_to_uni_z`. Looking at cross-references, only two modules use this method to convert from ruby strings to null-terminated WCHARs. Updated the comments to clarify usage of this method and fixed the typo.
2024-01-27 00:01:03 +08:00
94eeba3521
Update payload to_handler command to support option overrides
2024-01-26 12:37:36 +00:00
5ea35c9ffb
Bump version of framework to 6.3.54
2024-01-26 04:36:49 -06:00
2f97f86f49
Land #18746 , ensure the generate command does not update the module database
2024-01-25 19:40:28 +00:00
6ad359ee96
Don't change the main modules datastore options
2024-01-25 13:47:09 -05:00
4cb18483d6
cleanup LDAP NTLM type2 response
2024-01-25 10:56:25 -06:00
aac74778b9
Move memory search method to Meterpreter stdapi
2024-01-24 19:53:30 +00:00
4784afae6a
Land #18741 , add ntpath tests
2024-01-24 12:48:47 +00:00
f2a1d16fbc
Verify ntpath works as expected
2024-01-24 11:59:31 +00:00
15d0d4f0df
Land #18663 , Add new PostgreSQL Session Type
2024-01-24 10:46:26 +00:00
73dbe2e89d
Add PostgreSQL multi-line query transform tests
2024-01-23 17:03:16 +00:00
904e34434e
Land #18626 , SaltStack Minion Deployer
...
This PR adds an exploit module which allows for
a user who has compromised a host acting as a
SaltStack Master to deploy payloads to the Minions
attached to that Master.
2024-01-23 11:58:38 -05:00
583d39b038
Land #18720 , Mark unix encoders as compatible with linux
...
Merge branch 'land-18720' into upstream-master
2024-01-23 09:45:42 -06:00
4921f6bbd1
Land #18712 , Fix undefined method error in /api/v1/modules endpoint
2024-01-22 15:06:52 +00:00
1fe448f2f4
Revert remote/postgres verbosity changes
2024-01-22 14:27:38 +00:00
9de20d3c7f
Add additional comments to PostgreSQL cmd_run_help
2024-01-22 14:02:10 +00:00
7f0f65d867
Align PostgreSQL Shell REPL output with psql utility
2024-01-22 13:56:09 +00:00
82e9c2703f
Improve module ranking performance
2024-01-22 12:40:24 +00:00
a5dcf5a2f4
Fix PostgreSQL autoruns
2024-01-22 10:47:34 +00:00
b31abcc9b2
Mark unix encoders as compatible with linux
...
Fixes #18572
2024-01-19 13:40:43 -05:00
334a469d2c
rank modules consistently
2024-01-19 17:50:31 +00:00
f56c9fc9ac
Land #18662 , Fix dns resolution skipping over nameservers with valid responses
2024-01-19 16:44:16 +00:00
391bc4e69e
shuffle platform parsing and code quality
2024-01-19 14:30:34 +00:00
fbdb025542
Notify user on failed Postgres connection
2024-01-19 10:29:44 +00:00
a4305f0ca0
Allow PostgreSQL lib to use session client
2024-01-19 10:29:44 +00:00
adfoster-r7