adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

2235 Commits

Author SHA1 Message Date
William Vu de6306fa35 Fix message, once more with feeling 2020-02-20 11:26:21 -06:00
William Vu 9c69059a24 Fix DisablePayloadHandler warning once and for all 2020-02-20 10:35:47 -06:00
Tim W aa1fdb2075 Land #12724, server AMSI and SBL separately from psh stager in web_delivery 2020-02-19 09:33:25 +08:00
Adam Galway 65521270ea Land #12853, InfiniteWP exploit & mixin upgrades 2020-02-10 11:33:49 +00:00
William Vu a9ae212b27 Replace ForceExploit with AutoCheck mixin 2020-02-07 12:04:57 -06:00
William Vu 3b258eeb19 Refactor plugin editing 2020-02-07 01:10:42 -06:00
William Vu 3282ec5c55 Change vprint_status to print_status in mixin 2020-02-06 15:43:45 -06:00
William Vu e053ed7a1e Add Msf::Exploit::Expect mixin and refactor again 2020-02-05 21:16:24 -06:00
William Vu 972cb545f0 Restore the original PLUGIN_FILE contents 2020-01-18 14:57:41 -06:00
William Vu f5c36ffd92 Add methods we'll use to the WordPress mixin 2020-01-17 20:04:23 -06:00
William Vu c53e7703fc Land #12795, lwp-request CmdStager 2020-01-16 13:17:41 -06:00
William Vu 92de0b132f Make HttpClientTimeout a float, f'ing finally 2020-01-13 22:25:18 -06:00
William Vu fe23d4b72b Clobber datastore in CheckModule again! 
Seems adding VHOST and SSL wasn't enough. This is a stopgap...
 2020-01-13 20:25:07 -06:00
Brent Cook 33dadefd53 move rdp_move_mouse to rdp library, add GROOMDELAY 2020-01-12 08:19:44 -06:00
Brendan Coles c2a12949a0 Add lwp-request CmdStager 2020-01-06 16:47:17 +00:00
Brent Cook f4a0ef2ee9 Land #12640, improve Wordpress check versions 
Merge remote-tracking branch 'upstream/pr/12640' into upstream-master
 2019-12-26 13:47:04 -06:00
Tim W 58bf71d555 simplify amsi resource url 2019-12-17 17:35:29 +08:00
William Vu c43106216f Improve error handling 2019-12-16 19:51:50 -06:00
William Vu 11b8ef006c Return CheckCode associated with RHOST 2019-12-16 19:51:50 -06:00
William Vu 1f0d491a4f Add print saying what module 2019-12-16 19:51:50 -06:00
William Vu 442f36e466 Complete refactor of CheckModule 2019-12-16 19:51:50 -06:00
Brent Cook fde942bc37 Land #12517, replace CheckScanner mixin with CheckModule, which works with anything 2019-12-16 17:40:10 -06:00
William Vu 14b6282e51 Update other error to CheckCode message 2019-12-16 13:43:00 -06:00
wvu-r7 f23ec6bc88 Add instantiation error to CheckCode 
It's better here, now that it's supported.

Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2019-12-16 13:32:56 -06:00
wvu-r7 7c071d2254 Remove instantiation error 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2019-12-16 13:28:34 -06:00
Francesco Soncina e0a3af39aa expose bypass_powershell_protections 2019-12-14 19:48:53 +01:00
Francesco Soncina c8d4dfee7e http-server: fix bug with random uris 2019-12-14 19:47:06 +01:00
William Vu ce0f08d064 Register RHOST(S) and RPORT in SSH mixin 2019-12-11 13:41:32 -06:00
Tim W 3200781292 Land #12446, add powershell AMSI bypass to web_delivery 2019-12-09 18:03:54 +08:00
William Vu 347c63377d Print a warning for lack of CheckCode 2019-12-03 10:36:34 -06:00
William Vu 0b99b78c91 Don't validate exploit options needlessly 2019-12-03 10:36:34 -06:00
William Vu 9adc87c786 Check for nil 2019-12-03 10:36:34 -06:00
William Vu 1c87c21d8e Validate exploit options, too 2019-12-03 10:36:34 -06:00
William Vu 91c6c74173 Add only targeting options and validate datastore 2019-12-03 10:36:34 -06:00
William Vu 1952697404 Refactor CheckScanner to CheckModule 2019-12-03 10:36:34 -06:00
Christophe De La Fuente 857677f39d Update log message 2019-11-29 11:35:14 +01:00
Christophe De La Fuente 39ab534773 Improve Wordpress version check 
- Add log message to Detected and Unknown check codes
- Add an exception handler to catch Gem::Version parsing errors
 2019-11-28 12:56:08 +01:00
Tim W b63fd963aa default AMSI bypass off except for web_delivery 2019-11-19 22:26:40 +08:00
Francesco Soncina 927264e3e5 Update powershell.rb 2019-11-05 00:23:43 +01:00
Francesco Soncina 099054ded2 Update powershell.rb 2019-11-01 15:19:36 +01:00
William Vu f302df31aa Add note about opts['headers'] 2019-10-31 12:24:04 -05:00
William Vu b9baa80823 Refactor to use config hash and new option 2019-10-31 11:11:43 -05:00
Francesco Soncina d17f041dbd fix inner payload for web_delivery 2019-10-31 16:29:56 +01:00
William Vu b268feda73 Allow partial response due to timeout 2019-10-29 21:25:21 -05:00
bwatters-r7 f5bb6f8ca2 Land #12428, Extend check codes with custom messages 
Merge branch 'land-12428' into upstream-master
 2019-10-15 11:06:33 -05:00
Francesco Soncina b1b59fca35 add support for Powershell::prepend_protections_bypass 2019-10-13 03:27:21 +02:00
William Vu 6fac30aec8 Change vprint_status to vprint_error 2019-10-09 11:36:39 -05:00
Brent Cook 62412c8d00 log a bit more about what happened 2019-10-09 08:39:03 -05:00
Brent Cook c4365cfe08 handle extra data on rdp_recv with length check 
We should really be doing something like strictly parsing PDU headers in rdp_recv and then parseling out PDUs instead of recv_and_pray, but this should get us past the initial issue where sometimes there is an extra PDU right after
 2019-10-09 08:22:02 -05:00
Adam Cammack f9c5939a29 Teach more things about the new check codes 2019-10-08 16:21:40 -05:00