adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

102 Commits

Author SHA1 Message Date
cgranleese-r7 d52220cccb Fixes the create session datastore option from appearing for payloads 2024-02-22 14:58:41 +00:00
adfoster-r7 08a2a293a9 Add proxies datastore support to kerberos 2023-07-21 11:19:50 +01:00
adfoster-r7 2d30909a2f Change option name namespacing convention 2023-01-26 16:17:50 +00:00
adfoster-r7 9a6c298a43 Use shared helper for creating kerberos options 2023-01-23 11:04:01 +00:00
adfoster-r7 aaad9436f2 Fix winrm offered etypes 2023-01-20 10:59:25 +00:00
Spencer McIntyre 138f3bb4b2 Make the encryption type configurable 2023-01-09 17:20:57 -05:00
Christophe De La Fuente 868072e6c8 Land #17317, Fix various WinRM modules 2023-01-03 19:57:07 +01:00
Christophe De La Fuente 9f869f5a11 Add a call to super in run 2023-01-03 19:54:06 +01:00
Ashley Donaldson 45c0af48c2 Suggested changes from code review 2023-01-03 11:26:07 +11:00
Spencer McIntyre fea259f6e7 Switch everything to use the ticket storage 2022-12-15 18:31:14 -05:00
Ashley Donaldson 5fce80ed1d Added comments to most functions 2022-11-30 11:53:57 +11:00
Ashley Donaldson 3a93fcb404 Rubocop'd 2022-11-30 11:32:23 +11:00
Ashley Donaldson 97aef31180 Removed vestigial code while we're at it 2022-11-30 11:31:27 +11:00
Ashley Donaldson 1231eefe55 Fixed WQL module while I'm at it 2022-11-30 10:26:19 +11:00
Spencer McIntyre 7da5f2ad4a Changes from PR feedback 2022-07-28 16:05:22 -04:00
Spencer McIntyre 52e84fa328 Add explicit ticket support for WinRM modules 2022-07-28 16:03:24 -04:00
Ashley Donaldson 39f90d95b1 Create sessions for winrm_login successes. 
Reuses the connection, so that authentication doesn't need to happen again
 2022-07-08 16:57:09 +10:00
Ashley Donaldson d3e7152954 Changes from code review 2022-07-08 11:47:54 +10:00
Ashley Donaldson b2eb348d94 Added WinRM using Kerberos, including encryption 2022-07-07 13:17:09 +10:00
jheysel-r7 3b12461e9e Merge branch 'master' into feat/db-skip 2021-09-24 12:01:30 -04:00
Ashley Donaldson 9d8193150f Allow running a shell command separately to the currently interactive shell 2021-09-21 19:12:49 +10:00
Ashley Donaldson 91d0a6cc55 Re-auth after the session times out 
This seems to happen after 8 hours. WinRM doesn't like having bodies
in the authentication requests, so we force the HTTP client to send
an empty one first
 2021-09-17 07:32:18 +10:00
Ashley Donaldson 0927737948 Adapted WinRM module logging to MSF logging 
Separated WinRM module into separate files
 2021-09-10 15:54:50 +10:00
Ashley Donaldson b0e1502c86 Implemented suggestions from code review 
- Use a literal hash
- Comment meaning of NTLM transforms
- store loot with data ready to go, to keep database in sync with file
 2021-09-10 08:25:25 +10:00
Ashley Donaldson 3acddf75b4 Suggested changes from code review 
* Report socket info
* Use existing Event class
* Remove debugging prints
* Comment obscure constant
 2021-09-08 07:36:59 +10:00
Ashley Donaldson a65bfc9b00 If we're told on the first request that our creds are wrong, don't try again 2021-09-07 00:10:39 +10:00
Ashley Donaldson 78d6c26ec0 Make winrm_cmd module work with the changes 2021-09-06 23:36:59 +10:00
Ashley Donaldson 00100f426c Handle the server ceasing to respond 2021-09-06 23:24:23 +10:00
Ashley Donaldson 170d911c71 Fixed edge case; scanner automagically changes the SSL value based on the port 2021-09-06 22:49:52 +10:00
Ashley Donaldson eeef8a3085 Support domain login in WinRM module 2021-09-06 10:25:36 +10:00
Ashley Donaldson 7a75a91dc6 Request stdout on a separate thread, so we are alerted when the shell dies. 2021-09-06 09:33:44 +10:00
Ashley Donaldson 142526904a Moved command shell creation across to winrm_login, rather than winrm_cmd 2021-09-03 13:34:07 +10:00
Spencer McIntyre dd86907b17 Move the prepend_db calls into the mixin 2021-09-02 11:57:38 -04:00
Spencer McIntyre 5d443b9409 Update AuthBrute modules 
This updates existing modules that use the AuthBrute mixin to use the
new build_credential_collection API to consistently handle the new
option.
 2021-09-02 11:57:38 -04:00
Ashley Donaldson b50a1aa988 Moved reusable functionality into separate file 2021-09-02 21:58:07 +10:00
Ashley Donaldson a530336630 Fix segfault apparently caused by using the Rex HTTP client in a finalizer 2021-09-02 19:08:25 +10:00
Ashley Donaldson 1138a5bba7 Better messages in the session info table 2021-09-02 17:31:57 +10:00
Ashley Donaldson fdfac2212f Cleanup up old socket-based approach 2021-09-02 16:58:07 +10:00
Ashley Donaldson f16d91f8b4 Coerce failure immediately on bad password when setting up a session 2021-09-02 15:00:48 +10:00
Ashley Donaldson 6648a47ce7 Check stdin repeatedly 2021-09-02 13:23:26 +10:00
Ashley Donaldson b78b7413ef Use stdin rather than separate commands 2021-09-01 17:05:42 +10:00
Ashley Donaldson 3192f9b4f7 Neatness improvements 2021-08-31 22:30:31 +10:00
Ashley Donaldson 3839bc5dea Use rex sockets for WinRM transport 2021-08-31 21:36:25 +10:00
Ashley Donaldson 8d047dca59 Basic command shell operational. Does not yet utilise Rex sockets. 2021-08-31 15:34:04 +10:00
Ashley Donaldson 3dc1b22cdc Created WinRM command shell type 2021-08-31 11:00:53 +10:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
James Barnett 2ed8e6db97 Deregister PASSWORD_SPRAY option for LoginScanner modules 2019-06-27 17:06:32 -05:00
Brent Cook b22c49679b remove some extra complication 2019-02-28 15:03:04 -06:00
y_k_oo7 31bf6a11ad Updated Module 2019-02-26 16:18:52 +05:30
y_k_oo7 97c4d8e6d9 Enhanced winrm_cmd module 2019-02-22 00:04:03 +05:30