adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,470 Commits 27 Branches 1,043 Tags
8b324c19d881cbbd56babd151cfe4e5ffd8a010d
Commit Graph

6957 Commits

Author SHA1 Message Date
Brent Cook 08290b81c0 Land #10282, Add support for running external modules outside of msfconsole 2018-07-18 17:38:40 -05:00
James Barnett 612959d9ab Land #10323, add authentication to REST API 2018-07-18 17:29:22 -05:00
Matthew Kienow ee6de3da39 Make endpoint plural and uniform with the others 2018-07-18 17:35:47 -04:00
Matthew Kienow 3147b8307b Fix issue when adding authenticated data service 
Add authentication to MsfServlet as a simple workaround to an issue
that occurs when data_services cmd is used to add a remote service
that requires an API token and no token or an invalid token are
provided.
 2018-07-18 14:08:30 -04:00
Matthew Kienow 4ff39e3799 Fix error code returned by authentication failure 
Previously an authentication failure message would indicate that the
error was permissions related yet the error code remained 401. The fix
allows the Authentication::Strategies classes to specify an error code
that is returned to the user.
 2018-07-18 14:04:09 -04:00
William Vu 38daeb1b9f Fix #10283, SOUNDTRACK and LOGO refs 
Some dupe code came in from master. Fixing and refactoring.
 2018-07-17 19:36:35 -05:00
William Vu 6a38b36a45 Land #10283, SOUNDTRACK and LOGO refs 
:'(
 2018-07-17 19:11:52 -05:00
William Vu 07203dccc6 Clean up some things 2018-07-17 19:11:26 -05:00
Matthew Kienow 5d048a6eb2 Use a class variable for auth initialized flag 2018-07-16 18:22:47 -04:00
James Barnett d5814ae9f6 Use the unpkg hosted versions of SwaggerUI 2018-07-16 15:16:27 -05:00
Matthew Kienow 70104ab25e Rename request env variables to conform with Rack 2018-07-16 15:04:05 -04:00
Matthew Kienow f7a4c577d6 Add UserServlet and admin_api scope 2018-07-16 12:56:43 -04:00
Matthew Kienow 4680455041 Implement report_user and password hashing 2018-07-16 12:55:00 -04:00
Matthew Kienow 67721bc616 Refactor strategies to support admin token role 2018-07-16 12:51:41 -04:00
Brent Cook 4e5ad576b2 Land #10267, defer bind payload connections until exploit has run 2018-07-13 17:35:27 -05:00
William Vu c8891206af Add vprint_status back to bind_named_pipe 
I thought it was redundant with the improved handler start message, but
it broke consistency with the other print statements. Fixing.
 2018-07-13 17:29:52 -05:00
Brendan Coles 104e4cee2e Merge branch 'master' into soundtrack_logo_module_refs 2018-07-13 03:01:33 +10:00
William Vu e72b873f56 Fire off bind handlers when session_created? runs 
Also refactor because bind handlers don't use setup_handler.
 2018-07-12 10:45:59 -05:00
Brendan Coles df2f58fb08 Add WPCHECK (Bool) advanced option to Exploit::Remote::HTTP::Wordpress 2018-07-11 07:09:28 +00:00
Brendan Coles f9daabcee3 Add support for SOUNDTRACK and LOGO to module refs 2018-07-10 17:23:07 +00:00
Adam Cammack 4f3cdd22f0 Allow Python modules to run independently 2018-07-10 10:24:07 -05:00
Adam Cammack 0dd89bf428 Add standalone runner for external modules 2018-07-10 10:24:07 -05:00
Adam Cammack 64c38ec6b8 Only elog when run inside of Framework 2018-07-10 10:24:07 -05:00
Adam Cammack 22167eba5c Make the Python login scanner API more sane 2018-07-10 10:24:07 -05:00
Adam Cammack 1fddbdb8ef Specify the command option external modules 2018-07-10 10:24:07 -05:00
William Vu 8d135aec39 Implement first pass at deferred payload handling 
This is most useful for bind payloads, and I initially did just that,
but I've migrated the code to be more generic.
 2018-07-06 14:26:31 -05:00
asoto-r7 ef78d70a00 Land #9356. Remove ring buffers from command dispatcher. 2018-07-06 13:12:13 -05:00
Brent Cook 8680379875 fix logic bug in handler thread for bind_named_pipe 2018-07-05 10:39:20 -05:00
William Vu f0b9b1c113 Add more verbose printing to bind handlers 2018-07-03 19:41:08 -05:00
Brent Cook 0543dfc95c Land #10217, keep bind_named_pipe with SMBv1 2018-07-02 14:54:00 -05:00
Brent Cook 85dc81a58b Land #10185, add SMBv1/2 support in psexec 2018-06-29 17:49:27 -05:00
Jacob Robles 5e02e7a2c8 smb_file_exist check for rubysmb 2018-06-28 18:10:39 -05:00
William Vu 40ac79ced0 Land #10218, MS17-010 Windows Embedded Standard 7 2018-06-28 16:11:56 -05:00
Brent Cook c06f13b33e remove superfluous sleeps, simplify logic 2018-06-28 12:15:42 -05:00
Brent Cook b01bd060ee remove unneeded slashes 2018-06-28 12:15:42 -05:00
Brent Cook 055c90c076 fix filename randomization while debugging 2018-06-28 12:15:42 -05:00
zerosum0x0 f742df028b shitty typos 2018-06-27 20:34:01 -06:00
zerosum0x0 a5c0881c08 add Windows Embedded Standard 7 support 2018-06-27 19:17:18 -06:00
UserExistsError bbf26c66f6 bind_named_pipe fixed for simpleclient versions param 2018-06-27 16:14:53 -06:00
Jacob Robles 2fd0d797ac psexec smb2 support 2018-06-25 15:06:23 -05:00
Matthew Kienow f125fd62c8 Add authentication to protected endpoints 2018-06-22 17:14:45 -04:00
Matthew Kienow f38e5af0bf Use external style sheet 2018-06-22 15:38:17 -04:00
Matthew Kienow c0717d9306 Add MSF REST web service authentication support 2018-06-22 15:09:36 -04:00
Adam Cammack 6dafb13f28 Module metadata cleanup 2018-06-21 15:10:47 -05:00
William Vu 0820268d8a Improve rank handling with shim logic 2018-06-19 16:46:20 -05:00
William Vu 9545bac809 Rename remote_exploit_generic template 
Dropping "generic" from the name. I initially had some reservations
about leaving it in, and after discussion with @acammack-r7, we've
decided it adds nothing useful.
 2018-06-19 11:43:56 -05:00
William Vu 781478b283 Document some things 2018-06-19 11:20:15 -05:00
William Vu 02384371c4 Add remote_exploit_generic template 2018-06-18 13:29:52 -05:00
christopher lee 2cc73abf4e merge master 2018-06-04 08:13:07 -05:00
William Vu b0392ae6ba Land #10029, msfvenom quality of life improvements 2018-06-01 18:35:11 -05:00