3d67d2ed12
Land #9443 , Add warning to FileDropper for deleting CWD
2018-02-19 21:22:39 -06:00
b3f26ea55f
bind_named_pipe fixes
2018-02-18 10:31:57 -07:00
bd2af0143a
properly handle when there is no stat callback specified on upload
2018-02-16 16:14:09 -06:00
289277c613
Land #9516 , Support Bash-Style Continuation Lines
2018-02-16 10:53:58 -06:00
6734e532f5
Land #9562 , avoid an error with aux module command dispatcher
2018-02-15 17:46:58 -06:00
a197997aca
avoid chinese finger trap logic, put it all on one side
2018-02-15 17:45:09 -06:00
38b03fdfff
Merge branch 'upstream-master' into land-9539-
2018-02-15 16:22:13 -06:00
2d3aef9031
Land #9533 , Add output file support to the vulns command
2018-02-15 15:52:25 -06:00
93450b87dd
use common retry options for UDP
2018-02-15 14:36:21 -06:00
6fe8691528
Fix #9090 , honoring retry counts for x86/64 payloads
...
Fix #9090
2018-02-15 13:52:34 -06:00
0f656d6b5b
Land #9563 : improve memory usage on meterpreter file upload
2018-02-15 12:07:19 -06:00
7e03bf838b
Fix src_size view
2018-02-15 17:44:41 +05:00
a0c473f29e
Upload memory usage optimization
...
Optimize xor_bytes memory usage, use small buffer for upload,
add verbosity
2018-02-15 17:05:22 +05:00
177e1321ae
Aux command dispatcher in exploit ctx with action
...
The Auxiliary command dispatcher checks modules for passive actions
expecting them to have included Msf::Module::HasActions mixin. The
mixin is included in post and aux modules already, but not in
exploits. When the aux dispatcher handles an exploit module, it
may get upset along the lines of:
```
[-] Error while running command exploit: undefined method 'passive'
for #<Msf::Modules::M...3::MetasploitModule:0x0000000d83de0428>
Did you mean? passive?
Call stack:
/opt/metasploit4/msf4/lib/msf/ui/console/command_dispatcher/
auxiliary.rb:106:in `cmd_run'
```
Avoid this mess by having the conditional which checks the methods
included by that mixin depend on the module having included the
mixin in the first place.
Testing:
In local fork (hence the lineno) it seems to fix the problem.
The problem condition and fix should be independently tested
upstream.
2018-02-15 04:20:09 -05:00
9a293cd30e
Fix #8120 , Fix undef method 'gsub' in bavision_cam_login
...
Fix #8120
2018-02-14 11:03:03 -06:00
3811665b69
Land #7699 , Add UDP handlers and payloads (redux)
2018-02-13 14:50:09 -06:00
f5768e7ced
gate session reported when using bind udp
...
While this method here is somewhat noisy on the network it eliminates
a poor user experience when the handler is started but the payload is
not yet running on the target.
When a target is sent a udp packet and it is not rejected push down
an initial "echo syn" command that will respond with output. This
allows framework to be aware that the payload is what is running on
the server port instead of assuming a non-existent target is a valid
session.
2018-02-13 14:44:57 -06:00
8ae8a0d94b
added bind_named_pipe payload
2018-02-11 18:56:50 -07:00
b9faa9e92b
Fix a typo
2018-02-09 20:28:55 -06:00
81e0d56261
Always write the file as long as the option is set
2018-02-09 20:28:12 -06:00
958513bd86
Fix #9522 , Add output file support to the vulns command
...
This adds a new feature for the vulns command for msfconsole. It
allows the user to be able to save the vulnerability as a CSV
file.
Fix #9522
2018-02-09 19:45:46 -06:00
c612dbfdbf
Also fix GitHub related pull request links
2018-02-09 15:16:10 -05:00
b2d617bde7
Fix a bug in the markdown docs references
2018-02-09 13:41:39 -05:00
c642d420c2
Land #9489 , Add scanner for the Bleichenbacker oracle (AKA: ROBOT)
2018-02-08 12:55:02 -06:00
214c137b4a
Don't use parenthesis around pgets
2018-02-07 15:53:11 -05:00
0ad7d10e05
Use a continuation flag to disable tab completion
2018-02-06 14:44:55 -05:00
6d7579d907
Support breaking commands into multiple lines
2018-02-06 14:29:11 -05:00
d5ae2bb55b
Fix pivot handler to not consume all packets
...
Packet handlers should only return true if they consume a packet.
Otherwise, they should return false so something else can consume it.
This fixes port forwards by allowing the socket handler to see packets
that were otherwise being discarded in the pivot handler.
2018-02-02 18:01:05 -06:00
0a3fe0c608
fix html escaping for UTF-8 module metadata
2018-02-02 16:35:50 -06:00
02e81d166d
Add Enum-type options for external modules
2018-02-02 14:40:04 -06:00
ab36b5dd5d
Add support for single-IP external scanners
2018-02-02 14:01:16 -06:00
c9473f8cbc
Land #9473 , new MS17-010 aux and exploit modules
2018-02-01 23:56:29 -06:00
afef1948bf
catch exception for patched Vista
2018-02-01 21:39:25 -07:00
469209a2b3
prefer x64 dynamite
2018-01-31 17:19:09 -07:00
6d7b48382e
fix print arch key
2018-01-31 17:17:53 -07:00
ec26f01360
fix x64 typo
2018-01-31 17:12:07 -07:00
da23432745
Update cleanup method to check CWD
2018-01-31 16:19:43 -06:00
e60aeca2db
Pass in session to CWD check
...
Oops, used to this being accessible universally. Not the case here.
2018-01-31 16:19:43 -06:00
199a7cc134
Check for subdirectories and relative paths
2018-01-31 16:19:43 -06:00
09d931e392
Split assignment across two lines for clarity
...
https://github.com/bbatsov/ruby-style-guide#use-if-case-returns
2018-01-31 16:19:43 -06:00
15ff70fbda
Add warning to FileDropper for deleting CWD
2018-01-31 16:19:43 -06:00
d5d3769517
more robust Windows XP SP0/SP1 fix
2018-01-30 18:11:07 -07:00
a9fa1b6a4d
catch TypeError for matched pairs Frag leak
2018-01-30 10:32:59 -07:00
bbeccdd024
more trace and more flexible tolerance for SP0/SP1
2018-01-29 19:57:43 -07:00
9ea64db26f
Fix proxy authentication
2018-01-30 11:55:04 +09:00
7007bc1444
hopefully fixed XP SP0/SP1 issues
2018-01-29 19:11:30 -07:00
cfb7aa6de7
NULL pointer checks on read/write primitives
2018-01-29 18:10:01 -07:00
b5a88e3c8b
remove VERBOSE req for prints in DBGTRACE
2018-01-29 15:01:37 -07:00
9b7c19db08
fix exception
2018-01-29 07:57:08 -07:00
a15befe94b
squelch ::Rex::Proto::SMB::Exceptions::NoReply
2018-01-29 07:48:00 -07:00
Brent Cook