adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
32,248 Commits 27 Branches 1,043 Tags
91aeef0a8a1416ec00beb1e66fd1625b47efac6d
Commit Graph

10082 Commits

Author SHA1 Message Date
OJ 46dca23ffe Land #5047: Metasploit is magic (Banner Adjustments) 2015-04-01 21:51:10 +10:00
OJ 24171a1a08 Land #5045 : Convert stageless proxy to new format 2015-04-01 12:06:57 +10:00
OJ 1a313ad943 Fix up the proxy patching 
Patching of the proxy details was failing, so this commit fixes that.
Also, added code that makes the proxy type check case-insensitive.
 2015-04-01 11:48:22 +10:00
Samuel Huckins d5030f7e53 Land 5036, vuln push to NX updates into master 2015-03-31 17:32:02 -05:00
James Lee 2fc22132e0 Link the new constant as default in documentation 2015-03-31 16:48:02 -05:00
James Lee 44dd45e48d Use a const instead of hardcoding "tcp" everywhere 2015-03-31 16:15:04 -05:00
James Lee 76bfaa6ce9 Fix dumb inverted logic. Thanks, rspec! 2015-03-31 14:28:07 -05:00
James Lee 8b8ec5990a Ask the database how long the column should be 
Instead of hardcoding a number
 2015-03-31 14:12:22 -05:00
Tod Beardsley 34d637c7b8 Needs more ponies 2015-03-31 13:59:37 -05:00
James Lee a8ef465b46 Use the variables we worked so hard to create 2015-03-31 13:34:27 -05:00
James Lee 3695d4b0c7 Don't modify argument in place 2015-03-31 13:32:28 -05:00
James Lee adcf88761d Save ref names for easier debugging 2015-03-31 13:07:09 -05:00
James Lee 176cdcb836 Use sym-to-proc instead of reimplementing it 2015-03-31 11:21:53 -05:00
James Lee a1a7faa77a Don't modify argument in place 2015-03-31 10:41:24 -05:00
James Lee 7e559f7b13 Don't modify argument in place 2015-03-31 10:16:14 -05:00
James Lee 971120ce98 Use create! instead of new ... save! 2015-03-31 10:15:23 -05:00
OJ 86d8aab854 Land #5040: Remove wininet hack for http/s meterp 2015-03-31 14:50:13 +10:00
Brent Cook d89cd118e0 remove wininet workaround in meterpreter http/s 
We had a workaround to close connections on very old wininet implementations
that would not do it themselves. With the new WinHttp API-using meterpreters
and stagers, we no longer should use this workaround. It can actually be
actively bad and prematurely close the connection.

This needs testing around different payloads, and they should be on real
networks, ideally where TCP really has to work to get data transfered.
 2015-03-30 23:38:32 -05:00
James Lee 790a08a848 It's pronounced "exploit", not "assoc_exploit" 2015-03-30 16:21:17 -05:00
Tod Beardsley 3f0f659eaf Land #5019, add rescues to some LoginScanners 2015-03-30 16:06:51 -05:00
James Lee 2394d4bae8 Merge branch 'staging/single-vuln-push' into feature/MSP-11934/refactor-report-exploit-success 
Conflicts:
	Gemfile
	Gemfile.lock
	spec/support/shared/examples/msf/db_manager/exploit_attempt.rb
 2015-03-30 14:08:54 -05:00
James Lee 2ab4584079 Merge remote-tracking branch 'upstream/master' into staging/single-vuln-push 2015-03-30 13:50:52 -05:00
James Lee 1b0e3f13c6 Remove unnecessary extra assignment 2015-03-30 13:14:36 -05:00
James Lee 310779d7bf Death to hashrockets 2015-03-30 13:13:58 -05:00
James Lee e65f4e92ea Separate the two ways to make Mdm::Sessions 
Failing spec due to reuse of Mdm::Module::Detail instead of also
instantiating an Msf::Module
 2015-03-30 13:05:20 -05:00
James Lee 374db22d5b Re-enable host lookup for _failure 
Again needed when called from exploit_driver because nothing is reported
yet at that point.

Also adds some yardoc
 2015-03-30 12:30:52 -05:00
David Maloney 103373a7eb add back accidentally remvoed error 
accidentally dropped Errno::ETIMEDOUT from the exception
handling

MSP-12389
 2015-03-30 11:19:28 -05:00
James Lee f0eeef3cbb Move copy-pasta into a new method 2015-03-30 01:43:56 -05:00
James Lee 49902a6395 We actually do need the port/proto for failure 
Because it is called from lib/msf/core/exploit.rb Exploit#report_failure
with datstore values

Partial revert of e3605aa252
 2015-03-30 01:01:34 -05:00
James Lee 415510ca6a Fix stupid typo that made vuln_id an Array 2015-03-30 00:52:02 -05:00
Samuel Huckins 13fc498523 Land #4948, fixes several AppScan import issues 2015-03-29 23:33:01 -05:00
HD Moore e65ac57d1b Fix a logic check in EncodedPayload, which unbreaks stageless testing 2015-03-29 19:08:35 -05:00
HD Moore 607cc8fef6 Remove a stale comment 2015-03-29 01:54:07 -05:00
HD Moore 0a4a72f49d Support templates with small text sections (win32) 2015-03-29 01:51:58 -05:00
HD Moore b9b40edde9 Major speedup, especially for large shellcode (stageless) 2015-03-29 00:44:06 -05:00
Meatballs 9eca3a0ab5 Impersonation spec 2015-03-29 00:52:27 +00:00
Meatballs f7e3abf760 sqlcmd specs and fixes 2015-03-28 23:23:00 +00:00
Meatballs 3b651aecdc Specs for sqlserver check and fixes 2015-03-28 22:59:00 +00:00
Meatballs da49709845 Add yarddoc 2015-03-28 20:31:36 +00:00
Meatballs 8e22255a40 Small tidyup/rubocop 
Signed-off-by: Meatballs <eat_meatballs@hotmail.co.uk>
 2015-03-28 20:31:36 +00:00
Meatballs 9529eed41d More specific matching 2015-03-28 20:31:35 +00:00
Meatballs a30d8f7040 Add requires 2015-03-28 20:31:35 +00:00
Meatballs a1d74c27c6 Check for only running services 2015-03-28 20:31:35 +00:00
Meatballs 99f79e8533 Use incognito token stealing rather than process migration if we have 
the privileges required for successful impersonation.
 2015-03-28 20:31:35 +00:00
Meatballs 9c2219124c Remove some comments 2015-03-28 20:31:35 +00:00
Meatballs e2af15a0df Refactor MSSQL Post 2015-03-28 20:31:35 +00:00
sinn3r 9cfafdd8b8 Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
Trevor Rosen 2815462375 Update Mdm to staging hash 2015-03-27 15:16:33 -05:00
David Maloney 441feec360 fix missing exception handling 
a few of our http login scanners needed to
handle a couple of other exception classes
for when network communication errors occur

MSP-12389
 2015-03-27 12:31:14 -05:00
James Lee e3605aa252 We always pass a Service, get rid of port/proto 2015-03-27 11:54:03 -05:00