4ccab4543d
Register VulnAttempts for both Exploit and Auxiliary modules
2025-05-28 18:19:12 +02:00
5aa91bd57c
Rubocop: Resolve Rubocop Style/RedundantRegexpArgument violations
2025-05-24 13:34:32 +10:00
b0f8df0894
Flow the action through to the exploit class
2025-04-29 17:13:02 +10:00
bb510bf256
Fix check_simple arg & searching by port integer
2025-04-08 15:41:39 +01:00
468f168f04
Call LDAP whoami when the username is not present
2025-03-27 15:00:53 -04:00
95e8b31d4b
Merge pull request #19925 from zeroSteiner/fix/auxiliary/validate
...
Call #validate in run_simple like it is in call_simple
2025-03-05 18:29:01 +00:00
7a1892e6e7
Land #19745 , applying argument escaping to other shells
...
Apply escaping args to other command shells
2025-03-05 09:24:15 +01:00
fa4dd1d420
Add error handling on unknown shell type
2025-03-05 18:16:31 +11:00
f2bcf34d51
Apply the same refactoring to exploits
2025-03-04 17:01:46 -05:00
f12ddc7252
Apply the same refactoring to posts
2025-03-04 17:01:46 -05:00
8d3d8d8662
Call #validate in run_simple like it is in call_simple
2025-03-04 13:05:56 -05:00
8e9c144e2c
Consolidate datastore with fallbacks logic
2025-02-09 20:26:52 +00:00
6861b1fb67
Merge pull request #19729 from sempervictus/bug/shell_command_overlap
...
Fix overlap of shell built-in commands with host's
2025-02-06 10:27:12 -08:00
e024c115f3
Don't do any escaping on platforms with unknown escaping
2025-01-10 11:20:28 +11:00
851beb77b0
Change from code review
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2024-12-20 08:48:38 +11:00
25cb21908a
Apply escaping args to other command shells
2024-12-18 10:44:38 +11:00
40f2eaaab1
Recognise broken SMB sessions and close them
2024-12-16 19:52:19 +11:00
df6bd846e5
Add . prefix tip to shell command help
2024-12-15 18:28:18 -05:00
54bec338c3
Fix overlap of shell built-in commands with host's
...
When a shell session is established against a system which offers
limited shells, its very common to run into something like "help"
being a native command in the target. MSF now intercepts those as
built-ins and presents the MSF shell help instead of letting the
user see the relevant output from the target.
Implement a fix by allowing the user to prepend built-ins with '.'
to pass-through execution of the intended command (such as '.help'
being executed as 'help') to the target.
Testing:
Local testing with racadm SSH shell - works as intended
2024-12-15 18:06:33 -05:00
566e12b69e
Add error_callback to SSH Command Stream
2024-11-25 16:43:59 +00:00
358e79bd3c
Handle SSH errors by closing the session
2024-11-17 14:53:42 +00:00
26e041dbfe
Merge pull request #19108 from smashery/new_cmd_exec
...
New process launch API
2024-10-17 00:08:06 +01:00
9972587fef
Handle weird PowerShell edge case
2024-10-16 16:04:39 +11:00
205adfe2fd
Handle edge case in command shell when input contains backslash-quote combination already
2024-10-16 10:26:29 +11:00
1c4b22028d
Comment neatening from code review
2024-10-12 14:36:09 +11:00
0cf227ff00
Change API. Support backwards compatibility for PHP
2024-10-12 14:36:09 +11:00
c543971b8a
Support uploading files on linux shell containing quote characters
2024-10-12 14:36:09 +11:00
ec4e944405
Fix file upload in PowerShell
2024-10-12 14:36:09 +11:00
0ab16ae3af
Fix bug when no arguments are present
2024-10-12 14:36:08 +11:00
d9ed8ec4dc
Rework unix command line based on testing
2024-10-12 14:36:08 +11:00
5d71aa26e3
Treat old-style path separately to new (unescaped) path
2024-10-12 14:36:08 +11:00
7d30c67b01
Fix error sending legacy args
2024-10-12 14:36:08 +11:00
fe61e46475
Changes from code review
2024-10-12 14:36:08 +11:00
85d019cd3c
Handle CommandLineToArgv behaviour
2024-10-12 14:36:08 +11:00
0d4d6f345d
create_process works for basic CommandShell instances
2024-10-12 14:36:08 +11:00
e9f86c4865
Reworked unix create_process, as it was buggy
2024-10-12 14:36:08 +11:00
e0aca71029
Add unix shell to create_process API
2024-10-12 14:36:08 +11:00
72e657a19c
Implement new cmd_exec API for Windows cmd
2024-10-12 14:36:08 +11:00
955c675334
Implement new cmd_exec API for PowerShell
2024-10-12 14:36:08 +11:00
c732fed617
Feedback from code review
2024-10-11 08:22:39 +11:00
22cf3f05d5
Send a benign LDAP request every 10 minutes to keep sessions alive
2024-10-11 08:22:39 +11:00
6a31ceb9e6
Improve setg SessionLogging support
2024-07-24 17:22:11 +01:00
f92ebb34ca
fix: moved begin/rescue inside the update_session_info; added logging
2024-06-28 03:21:42 -04:00
1a8746f076
fix: updated warning messages, inverted is_weak_key logic
2024-06-14 10:19:56 -04:00
acfaf52611
feat(meterpreter): display a warning when a weak encryption aes_key is used. skip module loading if encryption is weak.
2024-06-13 09:30:17 -04:00
91cb94e725
Add _close method to history manager, use generic method for Msf Config history file
2024-06-03 17:23:51 +01:00
60c09e5ca3
SQL sessions have correct history manager support
2024-05-23 13:57:31 +01:00
ce49fa4e76
don't show regular option groups when viewing advanced options
2024-05-17 15:47:02 +01:00
0bba494d1d
Fix edgecase in Meterpreter job persistence
2024-05-16 11:16:55 +01:00
3cedb20f75
Add initial ldap session support
2024-05-15 15:12:51 +01:00
Christophe De La Fuente