adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

7956 Commits

Author SHA1 Message Date
HD Moore 903af02e08 Store at most one http.fingerprint per host/port, revert http_version 2014-03-23 10:42:20 -07:00
HD Moore f349f85a70 Reimplement HTTP fingerprinting, backwards compatible 
This commit changes the internals of HTTP fingerprinting to store
a whole trove of data about the HTTP response using a hash. The
current API is backwards compatible and has been tested with a
number of modules that depend on HttpFingerprint being sent.

In addition, this change paves the way for advanced fingerprints
that take advantage of the HTTP body and other headers. This is
a requested addition documented  across various module comments.

Finally, this commit completes the closed loop for OS identification
by connecting MSF to MDM to Recog and applying Recog databases for
HTTP Servers, HTTP Cookies, and HTTP Authentication headers to the
results of HTTP fingerprinting runs.

For example, with the appropriate version of MDM/Recog in place,
a http_version scan of Microsoft-IIS/7.0 server will update the
host.os_name field to 'Windows 2008'.
 2014-03-23 07:26:11 -07:00
Meatballs d53b56c161 Tidy up 2014-03-22 18:38:58 +00:00
Meatballs b524507e4e Merge remote-tracking branch 'upstream/master' into land_2551 
Conflicts:
	modules/exploits/windows/local/ask.rb
 2014-03-22 18:14:45 +00:00
Meatballs 7b2f0a64fc Tidy up 2014-03-22 18:07:57 +00:00
sinn3r 13f5c22536 Land #3129 - Fix 2782 with 2961 and stop stack-tracing download_exec 2014-03-21 11:36:59 -05:00
James Lee 0a141f1c02 Land #2810, masked password format switcheroo 2014-03-20 15:12:12 -05:00
David Maloney c4a9b4fda0 Land #3128, Put loot in correct workspace 2014-03-20 14:11:17 -05:00
Tod Beardsley 4d3f871e9d Land #2961, get_env and get_envs Post mixin 
This unbreaks the changes introduced by #2782 by introducing
get_env and get_envs for shell sessions (not just meterpreter sessions).
 2014-03-20 10:53:50 -05:00
Trevor Rosen dd4b16ad60 Remove some dead code 2014-03-20 09:38:14 -05:00
Trevor Rosen dc85a99fbd report_loot now sets proper Mdm::Workspace 
* Uses an Mdm::Workspace when passed one in conf hash
 2014-03-20 09:27:09 -05:00
Samuel Huckins 33ca577010 Zip Workspace imports now working. 
MSP-9531

* Was trying to delete XML file, not sure why, running into permission
error
* General clarification and cleanup
 2014-03-19 22:53:15 -05:00
Samuel Huckins cc4c958d58 Merge remote-tracking branch 'metasploit-framework/master' into masked-cred-format-update 2014-03-19 15:47:46 -05:00
Meatballs 9ee13afe6a Catch file not found 2014-03-19 14:08:52 +00:00
Meatballs c78a6b36b6 Remove service 2014-03-19 14:02:36 +00:00
Meatballs d3992773ed Use error codes to give more feedback 2014-03-19 14:00:23 +00:00
Meatballs 8082c19469 Allow servicename/displayname to be set 
Tidyup psexec some more
 2014-03-19 13:16:14 +00:00
Meatballs 16a553937b Allow passing of servicename etc 2014-03-19 12:46:41 +00:00
Meatballs 71818b59d1 Check for a valid handle 
If service already exists open a handle.
If we have a valid handle ensure we try and close it.
 2014-03-19 12:44:31 +00:00
Meatballs fcc5cfb155 Dont rescue Exception 2014-03-19 12:05:58 +00:00
David Maloney 130474fdfd Fix java payload generation 
jsp payloads are java but do not generate JARs
also we were not merging datastore options in properly
 2014-03-18 13:41:27 -05:00
David Maloney da0c37cee2 Land #2684, Meatballs PSExec refactor 2014-03-14 13:01:20 -05:00
sinn3r 6e37493471 Land #3091 - native shellcode payloads from a FF privileged js shell 2014-03-13 13:36:37 -05:00
Joe Vennix db036e44ad Use RdlCopyMemory from Kernel32. 2014-03-13 11:05:58 -05:00
sinn3r 7ead04414c Land #3024 - Allow encoder Compat options 2014-03-13 10:59:40 -05:00
Joe Vennix 851fca2107 Add posix fork() call before running code. 2014-03-12 02:56:26 -05:00
Joe Vennix 7afcb6aee8 Add CreateThread wrapper for windows. 2014-03-12 02:49:09 -05:00
Joe Vennix ce0c5380a5 Kill stray //. 2014-03-12 02:20:49 -05:00
Joe Vennix 9bdf570763 All working now. In-memory meterpreter even. 2014-03-12 02:19:28 -05:00
sinn3r b431bf3da9 Land #3052 - Fix nil error in BES 2014-03-11 12:51:03 -05:00
AnwarMohamed b45524ecdd generate cert @ payload/dalvik.rb 2014-03-10 21:50:00 -05:00
AnwarMohamed 99cc94e6fc moving string_sub() to payload/dalvik.rb 2014-03-10 21:49:59 -05:00
Joe Vennix c07f390382 Add CookieExpiration option, add trailing slash to URI. 2014-03-10 13:07:17 -05:00
Meatballs 311d4665ce Re-use CreateService Handle 
and remove unused variable
 2014-03-06 21:37:49 +00:00
Joe Vennix 05067b4e33 Oops. Need to init the profile before accessed. 2014-03-06 11:48:54 -06:00
Joe Vennix ad592fd114 Remove unnecessary method. 2014-03-05 23:36:43 -06:00
Joe Vennix a792f85a5f Fix re-initialize bug. 2014-03-05 23:27:04 -06:00
William Vu 096d6ad951 Land #3055, heapLib2 integration 2014-03-05 15:48:13 -06:00
OJ a1aef92652 Land #2431 - In-memory bypass uac 2014-03-05 11:15:54 +10:00
Joe Vennix 5790547d34 Start undoing some work. 2014-03-04 17:01:53 -06:00
David Maloney 72c6b995de adjust timeout for shadowcopy 
WMIC defaults to 10 sec timeout but shadowcopy
often needs longer.
 2014-03-04 10:18:59 -06:00
Etienne Stalmans e452b81fb1 style changes as suggested by @jlee-r7 2014-03-04 08:49:52 +02:00
Joe Vennix 3360f7004d Update form_post vars, add Expires to cookie. 2014-03-03 23:29:02 -06:00
Meatballs 43715eeb7f Blame @OJ 
He changed the clipboard API underneat me.
 2014-03-03 22:06:05 +00:00
Meatballs 32d83887d3 Merge remote-tracking branch 'upstream/master' into wmic_post 2014-03-03 21:56:31 +00:00
sinn3r ee1209b7fb This should work 2014-03-03 11:53:51 -06:00
Joe Vennix 894d16af80 Add specs for new/returning/previous visitors. 2014-03-02 20:50:10 -06:00
Joe Vennix 6825fd2486 Whitespace tweaks and cleanup. 2014-03-02 19:57:48 -06:00
Joe Vennix 46f27289ed Reorganizes form_post into separate file. 2014-03-02 19:55:21 -06:00
Joe Vennix 785a35a81a Needed to kill objToQuery. 2014-03-02 19:48:55 -06:00