adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

2235 Commits

Author SHA1 Message Date
Tab Assassin adf9ff356c Merge for retab 2013-09-05 13:41:23 -05:00
Meatballs 1471a4fcef Fixes an error in file_dropper where @dropped_files is nil 
causing an exception to be raised and on_new_session to fail.

I have moved super to the top of the chain so it always gets
called regardless.
 2013-09-03 23:45:41 +01:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
James Lee 37f8d7a536 And one more. 2013-08-29 23:52:00 -05:00
James Lee 63adde2429 Fix load order in posts, hopefully forever 2013-08-29 13:37:50 -05:00
Meatballs 96c093dce0 Fix Exploit::Exe 2013-08-25 19:56:29 +01:00
Meatballs 66ee15f461 Merge and deconflict 2013-08-25 19:14:15 +01:00
Christian Mehlmauer 035258389f use feed first before trying to bruteforce 2013-08-25 10:16:43 +02:00
Christian Mehlmauer 7cd150b850 another module 2013-08-24 18:42:22 +02:00
Christian Mehlmauer 009d8796f6 wordpress is now a module, not a mixin 2013-08-22 00:05:58 +02:00
Christian Mehlmauer 0a2bf9e9e7 implement @limhoff-r7 feedback 2013-08-21 21:10:00 +02:00
Christian Mehlmauer 2e9a579a08 implement @limhoff-r7 feedback 2013-08-21 21:05:52 +02:00
Christian Mehlmauer ffdd057f10 -) Documentation 
-) Added Wordpress checks
 2013-08-21 14:27:11 +02:00
Christian Mehlmauer 655e2dcf6c more methods 2013-08-21 13:13:41 +02:00
Christian Mehlmauer 68a51f4055 msftidy 2013-08-21 12:50:26 +02:00
Christian Mehlmauer 11ef8d077c -) added wordpress mixin 
-) fixed typo in web mixin
 2013-08-21 12:45:15 +02:00
jvazquez-r7 491ea81acf Fix calls to fail_with from mixins 2013-08-19 16:42:52 -05:00
James Lee 3827b14103 Land #1726, ssl verify mode 
Conflicts:
	lib/rex/socket/parameters.rb
Fix doc strings
 2013-08-12 17:57:10 -05:00
RageLtMan 2c850d8f8b Merge branch 'powershell_import' of github.com:sempervictus/metasploit-framework into powershell_import 2013-07-31 18:39:46 -04:00
RageLtMan 7c46e95e8f Merge branch 'master' of https://github.com/rapid7/metasploit-framework into powershell_import 2013-07-31 18:34:57 -04:00
Meatballs e1cfe7cfe2 Update datastore changes 2013-07-29 15:31:59 +01:00
Meatballs 4b84b49674 Fix payload corruption 2013-07-24 19:08:02 +01:00
jvazquez-r7 b0c17fdebc Land #2002, @jlee-r7's patch for better handling uri resources 2013-07-23 15:49:21 -05:00
RageLtMan 4df3b0215c replace lib/msf/core/exploit/powershell.rb, thanks @Meatballs1 2013-07-20 19:55:01 -04:00
RageLtMan eb185375f7 Trim to core requirements 
Remove .NET compiler, post lib and modules.
 2013-07-20 19:31:26 -04:00
RageLtMan dc15c5b505 Merge branch 'master' into powershell_import 
Resolve conflicts from old code being pulled into master.

Conflicts:
	lib/msf/core/exploit/powershell.rb
	modules/exploits/windows/smb/psexec_psh.rb
 2013-07-20 19:29:55 -04:00
James Lee 94f8b1d177 Land #2073, psexec_psh 2013-07-12 16:14:17 -05:00
James Lee 91b748a701 Make it clear where we failed 
Even when VERBOSE=false
 2013-07-12 15:57:30 -05:00
James Lee 1ac1d322f2 Dup before modifying 
Because `remove_resource` modifies @my_resources, we can't call it while
iterating over the actual @my_resources. The following snippet
illustrates why:

```
>> a = [1,2,3,4]; a.each {|elem| a.delete(elem); puts elem }
1
3
=> [2, 4]
```

[See #2002]
 2013-07-12 00:57:10 -05:00
James Lee 38e837dc28 Remove inaccurate comment 2013-07-11 22:48:35 -05:00
Tod Beardsley 56ffa4ae2f Fixes for network_interface PR #2085 
Implementing the suggestions from @limhoff-r7.

See #2085

FixRM #8023
FixRM #7943
 2013-07-10 13:25:06 -05:00
lsanchez-r7 4541a9e49e now with passing msftidy 2013-07-08 17:44:50 -05:00
lsanchez-r7 5c93fb2849 arp_sweep is once again working 
modified the capture mixin to use NetworkInteface instead of
pcaprub for interfaces and addresses

FIXRM #8023,#7943
 2013-07-08 17:24:28 -05:00
RageLtMan 4554cc6e51 Import Powershell libs and modules (again) 
Add Rex powershell parser:
 reads PSH, determines functions, variables, blocks
 compresses and cleans up the code it's read, obfuscates
 handles string literals and reserved variable names
 extracts code blocks and functions for reuse
  turns powersploit into a useful sub-component for MSF
Rewire Msf powershell modules
 Make use of Rex parser
 Handles payload generation, substituions
 Brings convenience methods - byte array generation and download
 Re-add .NET compiler
  Compiles .NET code (C#/VB.NET) in memory
  Can generate binary output file (dynamic persistence)
  Handles code-signing (steal cert with mimikatz, sign your bin)
  Not detected by AV (still...)
 Update payload generation
  GZip compression and decompression (see Rex module as well)
  msftidy violations for space efficiency - each char counts
Re-submit psexec-psh
 Makes use of updated Msf and Rex modules
 Runs shellcode in-memory (in a hidden PSH window)
 Completely bypasses all AVs tested for the last year...
 2013-07-04 14:04:19 -04:00
Meatballs 1a0bdf335e Retab lib 2013-07-04 12:09:46 +01:00
Meatballs a76ee6c2ec Add flexibility to lib 2013-07-04 11:03:48 +01:00
Meatballs 1368c1c27f Move options to lib 2013-07-04 10:25:08 +01:00
Meatballs 03de8c1c3d Pull in exploit/powershell 2013-07-04 09:54:40 +01:00
Josh d7eda343e9 fix typo in comment 
change runing to running
 2013-06-27 03:12:49 -05:00
James Lee 3c42fe594e No need to have rescue around a print 2013-06-21 15:55:43 -05:00
James Lee 2c12a43e77 Add a method for dealing with hardcoded URIs 2013-06-21 15:48:02 -05:00
James Lee 39d011780e Move deletion into #remove_resource 
Doing it here means that modules manually calling remove_resource won't
screw up the cleanup
 2013-06-21 15:34:54 -05:00
James Lee e8a92eb196 Keep better track of resources 
[See #1623]
[SeeRM #7692]
 2013-06-21 14:51:47 -05:00
James Lee 81b4efcdb8 Fix requires for PhpEXE 
And incidentally fix some msftidy complaints
 2013-06-19 16:27:59 -05:00
HD Moore 819080a147 Enable rhost/rport option overrides in HttpClient 2013-06-17 11:45:01 -05:00
sinn3r e97aad1111 Restore file_create 
file_create shouldn't have the 'filename' argument, because that
defeats the purpose of function 'file_format_filename'.  The code
change was committed by accident.  Related to #1934.
 2013-06-13 16:42:18 -05:00
sinn3r 0440c03c7a Land #1934 - Fix UltraISO Exploit File Creation 2013-06-13 13:57:09 -05:00
Tod Beardsley 9a08090b0f Inch toward making modules more testable 2013-06-10 16:02:19 -05:00
Ruslaideemin cd64e3593c Fix UltraISO file creation 
This makes file creation where datastore['FILENAME'] is not used when
a different filename is required, and ends up creating files in the
wrong place.
 2013-06-09 12:37:34 +10:00
sinn3r 8e2de6d14f Updates js_property_spray documentation 
After many tests, it turns out address 0x0c0d2020 is the most
consistent location acorss various IE versions.  For dev purposes,
it's rather important to have this documented somewhere.

Thanks to corelanc0d3r for the data.
 2013-06-07 00:28:22 -05:00