adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
33,458 Commits 27 Branches 1,043 Tags
447c4ee7df613eef5f56eb4e95757d0366e1d9bc
Commit Graph

33458 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erwanlr 447c4ee7df Allows the targetèuri to be shared between the #check and #dos 2015-05-28 09:30:04 +01:00
erwanlr d9d8634948 Changes the message displayed when vulnerable 2015-05-21 08:46:16 +01:00
erwanlr 4f6fe2abce Avoids swallowing exceptions 2015-05-20 21:36:03 +01:00
erwanlr 202a77fc12 Improves detection of the MS15-034 2015-05-20 18:08:00 +01:00
William Vu c1b8cee315 Land #5369, @dmaloney-r7's snmp_login fixes 2015-05-19 10:39:03 -05:00
Brent Cook 84060bbaeb Land #5370, support specifying maximum encoder space with msfvenom 2015-05-18 16:43:12 -05:00
Brent Cook fb43ef4494 realign msfvenom help text 2015-05-18 16:39:52 -05:00
Brent Cook 5d085a3e13 Land #5351, use 32-bit registry view when detecting epo_sql 2015-05-18 15:48:14 -05:00
Brent Cook 79db696c15 fix EOL character 2015-05-18 15:46:55 -05:00
Brent Cook 657746c97f Land #5364, fix endian in meterpreter config block 2015-05-18 15:23:42 -05:00
HD Moore a82168d7bb Fixes #5361 by adding --encoder-space to msfvenom 2015-05-18 14:27:52 -05:00
David Maloney 69a7a89936 use the correct print_error message 
vrpint_error feeds through the old authbrute mixin
which does not behave properly anymore. use
print_error instead

5266
 2015-05-18 13:51:23 -05:00
David Maloney 09d735e855 remove proof from failure message 
the snmp login scanner will only have
proof on success, not on failure. remove it from
the failure message for cleaner formatting

5266
 2015-05-18 13:45:01 -05:00
David Maloney 7376d4d94e account for public only credentials in #to_s 
SNMP in particular will only have a public, so we need
to account for this so we don't output poorly formed text
with a trailing ':' char

5266
 2015-05-18 13:42:15 -05:00
David Maloney c69b6b2b8b only issue db warning once 
cache the fact that we have issued the db warning
so we do not issue it for every credential attempt
on the module run.

5266
 2015-05-18 13:41:18 -05:00
Donny Maasland (Fox-IT) e1eed6e9d9 single quotes and slashes.. 2015-05-18 16:33:57 +02:00
Donny Maasland (Fox-IT) 7d65095472 fix quotes 2015-05-18 12:20:42 +02:00
Donny Maasland (Fox-IT) 30f7c651c9 use REGISTRY_VIEW_32_BIT 2015-05-18 10:19:32 +02:00
OJ 8bd41a3834 Land #5354 - transport config fallback in stager 2015-05-18 10:16:44 +10:00
OJ 8b2e5c88d9 Adjust transport config fallback to include https 2015-05-18 10:16:09 +10:00
OJ dbe4f3f1c8 Adjust single pack statement, fix up some quotes 
* Moved over to using single quotes for strings that don't need
escaping or interpolation.
* Changed one pack spec to be "more correct". Thankfully, we were only
packing 0 so the endianness isn't a problem, however it should be
correct, hence the fix.
 2015-05-18 09:29:48 +10:00
Brent Cook 20ad2a80f3 Land #5357, switch UUID to be binary rather than string 2015-05-17 11:09:12 -05:00
Brent Cook d804f5fe49 update to metasploit-payloads 0.0.7 2015-05-17 10:06:38 -05:00
OJ 178ba50b98 Merge branch 'upstream/master' into rage-stager-transport 2015-05-17 20:09:50 +10:00
OJ d725554a87 Fix UUID code so that it always deals with 16 bytes 
Also re-add the payload ID to session validation now that the UUID stuff
is reliable.
 2015-05-17 17:49:21 +10:00
William Vu 636d8151d0 Land #5355, emergency fix for Meterpreter UUIDs 2015-05-17 02:21:32 -05:00
OJ 37e4d71a6a Remove check for UUID in the valid session check 
This is causing sessions to fail because meterpreter isn't doing the
right thing. I have another fix in the works which will properly solve
this, but in the short term the best way of solving the problem is to
remove this line.
 2015-05-17 17:13:54 +10:00
RageLtMan 11e715ae46 Configure transport from stager mixin 
Transport configuration for basic session types can be performed
by the stager mixin.

Add a default transport_config method to Msf::Payload::Stager by
mixing in Msf::Payload::TransportConfig and attempting to guess
the default tranport and direction types from the currently loaded
module's (MSF module) refname.

Users with custom payloads will no longer need to update them with
transport_config methods unless they use a non standard transport,
direction, or other innovation which affects the default approach.

Testing:
  Tested with payloads lacking transport_config methods or access
to the TransportConfig module (Ruby) namespace. This also resolves
problems with the RC4 payloads in upstream as they can't currently
generate stagers for meterpreter.
 2015-05-17 03:03:17 -04:00
Brent Cook 829f8420e2 Update static payload sizes for metasploit-payloads-0.0.6 2015-05-15 18:43:47 -05:00
Brent Cook b1507f6d2a Land #5339, support for 'sleep' with meterpreter sessions 2015-05-15 18:14:37 -05:00
Brent Cook f3c22e4168 update metasploit-payloads to 0.0.6 
This includes:
  - support for the 'sleep' command (metasploit-framework #5339)
  - support for Unicode file names with Java (metasploit-javapayloads #29)
  - proxy support with winhttp (meterpreter #159)
  - support for showing domain and logged in users (meterpreter #161)
 2015-05-15 18:04:04 -05:00
Brent Cook fb3a2079f2 Merge branch 'master' into land-5339-sleep 2015-05-15 18:00:52 -05:00
Brent Cook 02994bc83b Land #5352, display domain and user info in sysinfo if available 2015-05-15 16:37:00 -05:00
David Maloney 7d44d6d67a client side for new sysinfo fields 
added Domain and Logged On Users fields to
the meterpreter sysinfo command

MSP-12715
 2015-05-15 15:09:33 -05:00
jvazquez-r7 dd5060e08c Land #5340, @wchen-r7's change to the symantec_web_gateway_login writing style 2015-05-15 13:18:35 -05:00
jvazquez-r7 cf5fa6752e Use parenthesis 2015-05-15 13:17:54 -05:00
Brent Cook 5cf6d28c34 Land #5426, use RAW for TLV hash binary data 2015-05-15 11:54:45 -05:00
Brent Cook 93ba08738c add backward compatibility for hash responses 2015-05-15 11:53:12 -05:00
jvazquez-r7 3c92d5365e Lnad #5334, @wchen-r7's deletes unnecessary check on mysql_drop_and_create_sys_exec 2015-05-15 11:51:21 -05:00
wchen-r7 25099dd877 Land #5212, HTA Powershell template 2015-05-15 11:49:07 -05:00
wchen-r7 3bc3614be6 Do a check for powershell.exe before running it. 2015-05-15 11:48:21 -05:00
jvazquez-r7 4c1558b398 Land #5331, @wchen-r7's fixes #5330 by using print_warning 2015-05-15 11:42:57 -05:00
jvazquez-r7 b7b00666fa Use parenthesis 2015-05-15 11:41:14 -05:00
jvazquez-r7 d05cae5faf Land #5329, @wchen-r7's add configurable options to jenkins_login 2015-05-15 11:38:21 -05:00
Brent Cook c614f6059d Merge branch 'master' into land-5326- 2015-05-15 11:29:54 -05:00
jvazquez-r7 2882374582 Land #5276, @lanjelot fixes #4243 and improves java_jdwp_debugger 2015-05-15 11:12:10 -05:00
jvazquez-r7 a46975f1f0 Fix read_reply to use get_once correctly 2015-05-15 11:11:25 -05:00
Brent Cook 1653acd527 Land #5344, print payload size from msfvenom 2015-05-15 09:49:05 -05:00
Donny Maasland (Fox-IT) 2721be946a also check Wow6432Node keys 2015-05-15 14:28:12 +02:00
Joshua Smith c62cbe6555 Land #5342, import dev keys script 2015-05-14 21:43:04 -05:00