adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,683 Commits 27 Branches 1,043 Tags
4950c2dacf390c7cfee9db70f009f8fa63abcbb2
Commit Graph

2322 Commits

Author SHA1 Message Date
Niboucha Redouane 4950c2dacf Fix minor bugs, in safe mode, and in the name of the attribute passed to attr_accessor 2020-07-01 23:00:23 +02:00
Niboucha Redouane f9ade608b5 minor change: add default value to some arguments 2020-07-01 02:56:01 +02:00
Niboucha Redouane 0680113288 get rid of database parameter in MySQLi methods 2020-06-30 18:49:13 +02:00
Niboucha Redouane b230adebba Add check for positional arguments on class constructor (SQLi::Common) 2020-06-30 16:16:35 +02:00
Niboucha Redouane 440294ff07 make some attributes writable, and specify its the SQLi library in any verbose message 2020-06-27 18:28:12 +02:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Niboucha Redouane 34e8eae471 move hex_encode_strings to MySQLi::Common, as it is specific to MySQL 2020-06-26 16:04:51 +02:00
Niboucha Redouane 7291a77807 minor fix to verbose logging / some comments 2020-06-25 12:46:05 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00
Niboucha Redouane c94bd3b2d8 remove verbose prints in blind injections 2020-06-23 21:33:03 +02:00
Niboucha Redouane 2bdc693930 Replace puts with print_status and similar 2020-06-23 21:25:59 +02:00
Niboucha Redouane aaa38a3188 Fix formatting 2020-06-22 17:41:20 +02:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
Niboucha Redouane 4f756ba229 replace some classes with modules 2020-06-20 21:09:13 +02:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
Niboucha Redouane 7c630f0403 Avoid repetitive code in blind injections 2020-06-18 20:52:02 +02:00
Niboucha Redouane fa43dc6dfb minor fix to the structure 2020-06-18 17:28:47 +02:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
Niboucha Redouane 0887f3feee Improve the blind injection queries 2020-06-13 12:24:22 +02:00
Niboucha Redouane 3639765277 Improve code quality: less repetitive code 2020-06-11 19:16:23 +02:00
Niboucha Redouane c319799c44 Add more comments 2020-06-11 00:07:53 +02:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
Niboucha Redouane 12681b0746 Add support for encodings to exfiltrate data containing bad characters/multibyte characters 2020-06-10 21:40:22 +02:00
Niboucha Redouane 0f936f7500 Various fixes and enhancements 2020-06-09 23:43:15 +02:00
Niboucha Redouane 92d8464ac1 Various fixes and enhancements 2020-06-05 21:59:16 +02:00
Niboucha Redouane 118ada96a2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine 2020-06-04 17:55:38 +02:00
Adam Cammack 001910473b Land #13448, Fix relative location redirects 2020-06-04 09:17:45 -05:00
Niboucha Redouane db4880762a Add common MySQL injection payloads and options 2020-06-03 01:18:19 +02:00
cn-kali-team 1b796aa50b OptString to OptPort 2020-05-30 10:27:48 +08:00
William Vu 16886fa41e Move generate_viewstate_payload to mixin 2020-05-21 18:37:13 -05:00
William Vu c50e242151 Add ViewState mixin 2020-05-21 18:37:11 -05:00
William Vu aa6624e7f8 Land #13436, service encoder fix for psexec 2020-05-14 16:43:07 -05:00
William Vu 6034f48e8f Land #13405, once more with feeling 2020-05-13 11:54:41 -05:00
Clément Notin 91ea692cbe socket_server.rb: better describe "0.0.0.0" 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:30:00 +02:00
William Vu 44b0ddf2ed Land #13405, OptAddressLocal for SRVHOST 2020-05-13 09:15:42 -05:00
Clément Notin ec33651243 socket_server.rb: SRVHOST can be an interface 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:14:20 +02:00
Niboucha Redouane a4b316a91e Fix following redirects from send_request_cgi! 2020-05-13 09:54:14 +02:00
Clément Notin 258895f534 Use print_error for error messages 2020-05-12 00:02:52 +02:00
Clément Notin b7d16b1e72 Fix regression in psexec mixing filename and encoder 
Closes #13407
 2020-05-12 00:02:52 +02:00
William Vu 646c10ff02 Disable RuboCop Security/Eval the non-hacky way 
Hat tip @adfoster-r7!
 2020-05-11 12:05:38 -05:00
William Vu f346b1b001 Add SaltStack Salt root key disclosure module 
Also adds a new ZeroMQ mixin, mainly for use with Salt modules.
 2020-05-11 12:05:38 -05:00
William Vu 1214ac17a7 Refactor Msf::Exploit::CmdStager::HTTP 
Minor updates to align with current style.
 2020-05-10 04:12:45 -05:00
Spencer McIntyre 683ecb7b8d Tweak handling of the DnsNote option 2020-05-08 12:21:52 -04:00
Spencer McIntyre 6be4b5431c Remove the TLD wordlist option for now 2020-05-08 12:21:52 -04:00
Spencer McIntyre 0a8cb83e7f Fix TXT records, the DNS port, and messages for cloud_lookup 2020-05-08 12:21:52 -04:00
Spencer McIntyre 715dfc13f8 Refactor the auxiliary mixin to an enumeration exploit mixin 2020-05-08 12:21:52 -04:00
Clément Notin c42db7959b Use OptAddressLocal for SRVHOST to specify by interface name instead of IP 2020-05-06 19:51:13 +02:00
dwelch-r7 8ac04d5312 Land #13367, Surface helpful error messages to users 2020-05-06 14:40:21 +01:00
Alan Foster 2c8b5c2647 Fix edge cases in raising metasploit exceptions 2020-05-05 20:18:04 +01:00