adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34,732 Commits 27 Branches 1,043 Tags
672d83eaaecdd97b180ae2e33f567c0986355ee0
Commit Graph

11016 Commits

Author SHA1 Message Date
wchen-r7 629afd86fc Land #5788, local exploit suggestor 
Good luck getting Mr. Robot, Elliot.
 2015-07-31 11:43:53 -05:00
jvazquez-r7 a112ccd023 Lnad #5660, @wchen-r7's warbird check 
* Fixes #4380
 2015-07-31 10:25:43 -05:00
wchen-r7 08338b73b2 Add get_target_arch and get_target_os 
We cannot use session.platform to fingerprint the target's platform
and arch, because it's not really meant to be used that way.
 2015-07-30 18:26:41 -05:00
William Vu 61b2ca6675 Land #5781, Msf::Format::Webarchive rename 2015-07-29 13:38:42 -05:00
William Vu e6a932eadb Land #5778, final cmdstager generic payload fix 2015-07-29 11:48:01 -05:00
William Vu 5ff46a5dbd Fix indentation 2015-07-29 11:45:49 -05:00
HD Moore bf96b34108 Tweak module->class 2015-07-28 04:13:35 -07:00
HD Moore 7681d73e01 Relocate Webarchive into the Exploit namespace, fixes #5717 2015-07-28 04:11:17 -07:00
Brent Cook e53419a911 use password_prompt? not @password_prompt 2015-07-27 19:21:59 -05:00
wchen-r7 768de00214 Automatically pass arch & platform from cmdstager 
This allows the cmdstager mixin to automatically pass the arch
and platform information without changing the modules. This should
address the following tickets:

Fix #5727
Fix #5718
Fix #5761
 2015-07-27 14:17:21 -05:00
Brent Cook 226516ef20 restore PPID to the meterpreter process list table 
This restores pre-66bd881ac5a6de636c2eea7528946bc2d3abd52c behavior, but merges
the current search and output fixups currently in the tree.
 2015-07-25 18:10:10 -05:00
Brent Cook eb70ecb448 Land #5752, synchronize calls to payload.stop_handler 2015-07-24 17:49:54 -05:00
Brent Cook 347f48b0ec Land #5762, adjust PHP stager to work in and outside of eval() 2015-07-24 17:43:26 -05:00
Brent Cook c30127cfe8 Land #5729, add user-agent list, MeterpreterUserAgent derives from this 
Later PRs will convert modules to use this. A random user agent might be nice
for meterpreter actually.
 2015-07-24 17:39:30 -05:00
jvazquez-r7 18636e3b9b Land #5739, @wchen-r7 fixes #5738 updating L/URI HOST/PORT options 2015-07-24 15:45:31 -05:00
jvazquez-r7 ec7bf606c6 Land #5735, @rcvalle's for CVE-2015-1793 OpenSSL mitm 2015-07-24 14:38:27 -05:00
jvazquez-r7 45b4334006 Use Rex::Socket::SslTcpServer 
* Also add rex sockets managing
 2015-07-24 11:16:09 -05:00
William Vu 1f95491b45 Drop bang method and tweak formatting 2015-07-24 10:35:47 -05:00
wchen-r7 6720a57659 Fix #5761, pass the correct arch and platform for exe generation 
Fix #5761
 2015-07-23 01:34:44 -05:00
OJ 0929d7695a Fix PHP stagers 2015-07-23 14:50:04 +10:00
Brent Cook 264bc0f921 Land #5726, support multiple glob patterns with search 2015-07-22 17:58:33 -05:00
William Vu a52bf4526d Use uniq on the globs array 
This avoids search repetition.
 2015-07-22 14:25:49 -05:00
William Vu fe67be0ece Land #5734, notes -o 2015-07-22 13:52:40 -05:00
OJ 121fe1adda Land #5654 : Python Meterpreter Transport 2015-07-22 10:39:06 +10:00
jvazquez-r7 a59fa059dc Fix #5675 Synchronize access to stop_handler 2015-07-20 16:09:13 -05:00
wchen-r7 da445a52aa Update URIHOST and URIPORT 2015-07-16 14:27:46 -05:00
wchen-r7 1fdbcc71c1 Support URIHOST and URIPORT for exploit URI generation 2015-07-16 14:10:49 -05:00
wchen-r7 73fd4bd853 Allow the notes command to save notes as a file 
The -o option can save notes as a file.
 2015-07-16 00:28:15 -05:00
wchen-r7 18ca617c23 Land #5649, Fix undefined sysinfo method error in meterpreter.rb 2015-07-15 23:27:02 -05:00
William Vu f6cdbb65dd Land #5706, Kiwi creds_* -o write to file 2015-07-15 15:43:29 +00:00
jvazquez-r7 886ca47dfb Land #5650, @wchen-r7's browser autopwn 2 2015-07-15 10:21:44 -05:00
OJ b6e25506d0 Add a common user agent list, use the shortest for Meterpreter 2015-07-15 13:03:47 +10:00
wchen-r7 4f8f640189 Rename autopwnv2 to just autopwn2 2015-07-14 17:38:51 -05:00
jvazquez-r7 709676e6cc Make exploits quiet 2015-07-14 17:00:44 -05:00
wchen-r7 219d0032fa Do print_good to make this important stand up more 2015-07-14 15:36:35 -05:00
William Vu 6685fc479b Add multi-glob filesystem search to Meterpreter 2015-07-14 20:23:23 +00:00
wchen-r7 1992a5648d Make up our damn mind 2015-07-14 15:09:23 -05:00
wchen-r7 d64f4be691 Check if URIPORT is 0 2015-07-14 14:45:10 -05:00
wchen-r7 5e63b5f93e Can't use cli 2015-07-14 14:37:45 -05:00
wchen-r7 cf714fe4aa Change port logic too 2015-07-14 14:19:00 -05:00
wchen-r7 61d49f29e8 Check nil for SRVHOST option 2015-07-14 14:16:49 -05:00
wchen-r7 8efb4df8af Change the HOST IP logic again 2015-07-14 14:15:32 -05:00
wchen-r7 9980e8f285 Change SRVHOST vs URIHOST vs Rex again 2015-07-14 14:06:33 -05:00
wchen-r7 f76fe07872 Fix SRVHOST 2015-07-14 13:49:28 -05:00
William Vu 9be030bbff Fix nil in executable generation 2015-07-14 18:47:33 +00:00
wchen-r7 9dddb13d0b Slow down on killing exploits 
Jobs aren't thread safe, so we kind of have to take it easy.
 2015-07-14 13:10:57 -05:00
wchen-r7 2264efac15 Reduce output 2015-07-14 12:22:38 -05:00
HD Moore 100d3c8d46 A number of small fixes for BAPv2 
* Use module.register_parent() to pass WORKSPACE and other fields
* Prevent partial resource matching in URIs
* Make disclosure_date sorting resilient
 2015-07-14 11:40:28 -05:00
Samuel Huckins 60444c208b Land #5658, MSF version includes git hash now 2015-07-14 09:21:25 -05:00
wchen-r7 0582e7e3ca Return nil instead of "null" 
A scenario is when FF disables Flash, BES returns "null", and when
modules try to use Gem::Version, the "null" is considered a malformed
data and it won't be able to continue.
 2015-07-14 01:25:41 -05:00