a76600f4a9
Land #16462 , add support for armle/aarch64 architectures
2022-05-03 15:48:50 +01:00
02d911e655
gdb_server_exec: Cleanup and add support for armle/aarch64 architectures
2022-04-25 19:25:06 +00:00
4417a335ff
Land #16379 , Make SSH defaults widely used
...
Refactored a number of modules to use ssh_client_defaults
2022-04-19 22:08:45 -07:00
0d3f50522d
Land #16318 Add support to old KEX algorithms
...
This commit fix the issue #16138 by adding
support to old key exchange algorithms in
the net/ssh lib by defining the
append_all_supported_algorithms to true.
2022-04-14 11:29:39 -07:00
04f042ae47
Land #16221 , a wordpress_scanner bug fix
...
Adjust wordpress_url_rest_api definition to support
sites that don't place REST API under /index.php/
2022-04-13 14:22:17 -07:00
0eb9d68319
Added support to depecreted key exchange algorithms
2022-04-13 18:53:50 +02:00
a82c936613
Land #16373 , Add initial ruby 3.1 support
2022-04-07 16:44:02 +01:00
8495bff61c
Merge master and update the smb_shadow module
...
Add comments detailing the technique used to attack SMBv3. Remove some
comments that are no longer needed. Fix Gemfile.lock conflict.
2022-04-06 07:06:45 +09:00
09ae52fecd
Update smb_shadow and shadow_mitm_dispatcher
...
Remove duplicated print_status messages. Use respond_to? instead of
methods.include?. Simplify payload generation. Fix naming for the rst
capture thread.
2022-04-05 20:03:14 +09:00
7e010cbde2
Merge master and update smb_shadow + dispatcher
...
The smb_shadow module can confirm the server smb version supported with
the ConfirmServerDialect option. The shadow_mitm_dispatcher closes each
stream before opening a new one to prevent leaking file descriptors.
2022-04-02 10:39:02 +09:00
283dda8172
Land #16386 , Exploit::Remote::SocketServer: Wait if service is running
2022-03-28 03:41:06 +00:00
c4b6eb0165
Fix java rmi service undefined method wait
2022-03-27 17:01:43 +01:00
79783bbe9b
Checking if datastore is defined
2022-03-25 16:32:58 +01:00
76ede9ef8f
Add ruby 3.1 support
2022-03-24 21:59:02 +00:00
ee8618e68a
Handling undefined local variable
...
Auxiliary failed: NameError undefined local variable or method `datastore'
for #<Metasploit::Framework::LoginScanner::SSH
2022-03-24 22:57:27 +01:00
bf88b7f618
Land #16325 - Replace IO read on binary files with File binread
2022-03-24 10:08:40 -05:00
ff0ecfa49e
Display the HTTP port when necessary
2022-03-21 20:11:31 -04:00
aca272dd76
Always return a comm from #_determine_server_comm
...
Instead of returning nil from Rex::Socket::SwitchBoard.best_comm, return
the local comm which Rex::Socket will defer to anyways.
2022-03-21 11:47:56 -04:00
551f159993
Don't pass nill to #best_comm
...
It'll crash if you do
2022-03-21 11:47:56 -04:00
0ab97b858f
Update the TCP server and HTTP server mixins
2022-03-21 11:47:56 -04:00
2e4f04a804
Add and use the new bindhost/bindport options
2022-03-21 11:47:55 -04:00
bbf9e3163a
Fix file reads on Windows for binary files
2022-03-21 12:47:39 +00:00
da1e4853b8
Land #16317 , Free UDP ports after use
2022-03-17 16:39:09 -04:00
ce062973cb
Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations.
2022-03-17 11:29:05 -05:00
c1d6dced8d
Update library code to read exchange versions from exchange_versions.json and populate exchange_versions.json with initial info
2022-03-17 11:29:01 -05:00
419c9ea554
Fix review comments to simplify regex, and also add in new is_exchange? function to check if a target is running Exchange Server or not.
2022-03-17 11:29:00 -05:00
1f53e9d1c4
Rubocop and fix a mistake on commenting too much of the code out from testing
2022-03-17 11:29:00 -05:00
269cd5cfed
Add in Exchange Version mixin and module example
2022-03-17 11:28:53 -05:00
7fe9d0b2b6
Don't start the DNS server twice
2022-03-17 08:02:31 +11:00
a62ca2259e
Land #16316 , deref services correctly
2022-03-11 12:08:42 +00:00
d5373a7278
Removed redundant cleanup calls which exploit_driver will call anyway
2022-03-11 12:08:51 +11:00
6f159fa54e
Consistent handling of DNS and LDAP servers wrt ServiceManager
2022-03-10 11:01:37 +11:00
9761d68c19
Rename stop_service to cleanup_service for services that use reference counting
2022-03-10 10:28:25 +11:00
c9d43aafe6
Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity
2022-03-10 09:06:25 +11:00
dd47017b5c
Added support to old key exchange algorithms
...
This commit fix the issue #16138 by adding support to old key
exchange algorithms in the net/ssh lib by defining the
`append_all_supported_algorithms` to `true`.
2022-03-09 10:25:50 +01:00
3b524360ed
Explicitly specify server/client versions, fix logger crash, and specify jtr format
2022-03-09 01:37:22 +00:00
22f88f9ab7
Add docs
2022-03-08 23:52:24 +00:00
6f2a7d6167
Add note that SMB v1 is not supported
2022-03-08 23:52:24 +00:00
53772fa366
Gracefully handle relay host timeout, fix typos, and move SMBHashCapture location
2022-03-08 23:52:24 +00:00
bcb0850e07
Rename SMBHOST
2022-03-08 23:52:23 +00:00
144fc5eddf
Add smarter targetlist support
2022-03-08 23:52:23 +00:00
25265c7a7b
Linting
2022-03-08 23:52:23 +00:00
3e68e298a1
Add targets
2022-03-08 23:52:23 +00:00
e02021ee91
Fix database cred reporting and error handling
2022-03-08 23:52:23 +00:00
507b1dab2b
Apply PR feedback
2022-03-08 23:52:22 +00:00
b4fe2502aa
Update smb_relay to support smb 2 and smb3
2022-03-08 23:52:22 +00:00
ad2fab6fee
Land #16153 , read full response on smtp send/recv
2022-03-04 01:24:46 +00:00
6be3443680
Land #16103 , LPE in polkit's pkexec (CVE-2021-4034)
2022-03-03 09:24:11 -05:00
06e897436c
Add Fedora results to docs and some minor final cleanup
2022-03-02 09:12:01 -06:00
0081811c52
Land #16185 , Firefox CVE-2020-26950 use after free browser exploit
...
Merge branch 'land-16185' into upstream-master
2022-02-28 14:38:23 -06:00
dwelch-r7