adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,787 Commits 27 Branches 1,043 Tags
6e4ec6fbf335e99fe00843f15fc9eebb2e75cfcb
Commit Graph

2352 Commits

Author SHA1 Message Date
dwelch-r7 e7061439ef Adds rhost url support behind a feature flag 
Tidy up test

Return a string instead of a URI object

Code review comments

Rubcocop
 2020-08-18 12:25:27 +01:00
Jeffrey Martin d3c04b13dc Land #13968, Add a method for SQL injections where query output is not needed, and read_from_file support for MySQLi 2020-08-14 15:44:53 -05:00
gwillcox-r7 4cbf4d9301 Land #13975, Fixes for bug #13956 2020-08-11 13:48:17 -05:00
Spencer McIntyre e21cf15854 Land #13778, [GSOC 2020] - EV1 - Conditionality system for module options 2020-08-11 13:31:12 -04:00
gwillcox-r7 c35950c2c5 Update one of the messages so we can identify it easier when we review the output of this module, and add in @bcoles's Errno:ECONNRESET recommendation 2020-08-11 11:59:10 -05:00
Robin 92e0522524 Fixes for bug #13956 2020-08-10 16:31:11 +01:00
Niboucha Redouane 812a0b78e2 Fix write_to_file, and add read_from_file support for MySQL 2020-08-09 19:23:22 +02:00
Brendan Coles 2955a2f6ac Skip CNAME records in DNS SRV parsing - Fix #13952 2020-08-07 08:45:07 +00:00
Jeffrey Martin 35017886b8 Land #13935, Preliminary Version 6 2020-08-06 10:19:34 -05:00
Jeffrey Martin 9aa26d1208 Merge upstream into 6.x 2020-08-03 11:43:47 -05:00
Jeffrey Martin 07cbe426e2 Rails 5, all models inherit from ApplicationRecord 
ApplicationRecord is a new superclass for all app models, analogous to app controllers subclassing ApplicationController instead of ActionController::Base. This gives apps a single spot to configure app-wide model behavior.
https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#active-record-models-now-inherit-from-applicationrecord-by-default

Deprecated Relation#uniq use Relation#distinct instead.
https://edgeguides.rubyonrails.org/5_0_release_notes.html#active-record-deprecations
 2020-07-31 11:56:49 -05:00
María Belén Tualombo Chimbo 938173feb3 [GSoC] Ev1 - Conditionality system for module OPTIONS/ACTIONS/TARGETS 2020-07-31 10:28:21 -04:00
William Vu 8e94fd55db Force OpenSSL::SSL::VERIFY_NONE 
Thanks, @HynekPetrak!
 2020-07-22 16:33:37 -05:00
William Vu f736b0192f Add LDAPS support and update vCenter vmdir modules 2020-07-22 14:23:00 -05:00
Jeffrey Martin 65039a5091 Merge upstream into 6.x 2020-07-15 09:58:07 -05:00
Jeffrey Martin f6d21abb51 require instead of autoload for exploit mixin 2020-07-10 22:15:12 -05:00
Jeffrey Martin c61f34ed16 Land #13596, [GSoC] SQLi library with support to MySQL (and MariaDB) 2020-07-10 13:45:47 -05:00
Niboucha Redouane 4c229c0a24 Add method for writing to files using SQL injection 2020-07-06 16:53:46 +02:00
Spencer McIntyre 700d2ff819 Fix the SMB share for the psexec command target 2020-07-06 10:36:25 -04:00
Spencer McIntyre 9dc02229e9 Support ARCH_CMD payloads in the psexec exploit module 2020-07-06 10:33:03 -04:00
Niboucha Redouane 4950c2dacf Fix minor bugs, in safe mode, and in the name of the attribute passed to attr_accessor 2020-07-01 23:00:23 +02:00
William Vu 89f7be3ef0 Improve error message 2020-07-01 14:20:04 -05:00
Niboucha Redouane f9ade608b5 minor change: add default value to some arguments 2020-07-01 02:56:01 +02:00
William Vu 4b78de5416 Refactor AutoCheck a bit more 2020-06-30 11:58:42 -05:00
Niboucha Redouane 0680113288 get rid of database parameter in MySQLi methods 2020-06-30 18:49:13 +02:00
Niboucha Redouane b230adebba Add check for positional arguments on class constructor (SQLi::Common) 2020-06-30 16:16:35 +02:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
Niboucha Redouane 440294ff07 make some attributes writable, and specify its the SQLi library in any verbose message 2020-06-27 18:28:12 +02:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Niboucha Redouane 34e8eae471 move hex_encode_strings to MySQLi::Common, as it is specific to MySQL 2020-06-26 16:04:51 +02:00
Niboucha Redouane 7291a77807 minor fix to verbose logging / some comments 2020-06-25 12:46:05 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00
Niboucha Redouane c94bd3b2d8 remove verbose prints in blind injections 2020-06-23 21:33:03 +02:00
Niboucha Redouane 2bdc693930 Replace puts with print_status and similar 2020-06-23 21:25:59 +02:00
Niboucha Redouane aaa38a3188 Fix formatting 2020-06-22 17:41:20 +02:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
Niboucha Redouane 4f756ba229 replace some classes with modules 2020-06-20 21:09:13 +02:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
Niboucha Redouane 7c630f0403 Avoid repetitive code in blind injections 2020-06-18 20:52:02 +02:00
Niboucha Redouane fa43dc6dfb minor fix to the structure 2020-06-18 17:28:47 +02:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
Niboucha Redouane 0887f3feee Improve the blind injection queries 2020-06-13 12:24:22 +02:00
Niboucha Redouane 3639765277 Improve code quality: less repetitive code 2020-06-11 19:16:23 +02:00
Niboucha Redouane c319799c44 Add more comments 2020-06-11 00:07:53 +02:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
Niboucha Redouane 12681b0746 Add support for encodings to exfiltrate data containing bad characters/multibyte characters 2020-06-10 21:40:22 +02:00
Niboucha Redouane 0f936f7500 Various fixes and enhancements 2020-06-09 23:43:15 +02:00
Christophe De La Fuente a9a1d01419 Update some libraries and modules 2020-06-09 14:18:52 +02:00