adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

16492 Commits

Author SHA1 Message Date
wchen-r7 6dada5f20f add another we can check 
administrator/manifests/files/joomla.xml
 2015-12-19 12:06:06 -06:00
wchen-r7 7d8ecf2341 Add Joomla mixin 2015-12-18 21:14:04 -06:00
Jon Hart b78f7b4d55 Land #6319, @all3g's module for abusing redis to achieve file uploads 2015-12-14 18:00:44 -08:00
Jon Hart 6611da9239 strip, not stripgit diff. strip! returns nil if the string was unmodified 2015-12-11 19:22:57 -08:00
Jon Hart dcdc21e2db Correct unbalanced quotes 
You down with OCD (Yeah you know me).
 2015-12-11 18:44:14 -08:00
Jon Hart e23908d672 Improve verbose output related to authentication handling 2015-12-11 18:32:00 -08:00
Jon Hart 1a0f71b6fa Try to catch case where post-auth commands are failing 2015-12-11 17:23:03 -08:00
Jon Hart 9cec3d9e6b Move redis password option to non-advanced 2015-12-11 17:03:49 -08:00
Jon Hart 1fecd9846c Bury some helper methods behind private 2015-12-11 10:13:13 -08:00
Jon Hart 9ef46140c0 Improve output when success 2015-12-11 10:10:44 -08:00
Jon Hart 32a64c3d8e Make auth easier, work automatically and on older redis versions 
Also, improve check
 2015-12-11 10:04:47 -08:00
Jon Hart ac47c87af4 Move Password option to redis mixin 2015-12-11 08:53:11 -08:00
Jon Hart 38d0b0a0f2 Wire in @all3g's redis auth code 2015-12-11 08:42:59 -08:00
Luke Imhoff 4858ae63bd Thread class name for debugger has changed, so add new name 
MSP-13484
 2015-12-10 21:47:22 -06:00
Jon Hart 555e52e416 Document the redis upload process more 2015-12-10 09:35:46 -08:00
Jon Hart 00f72b279b Cleaner printing when in verbose 2015-12-10 09:12:54 -08:00
Jon Hart 21ab4e96e5 First pass at redis mixin 2015-12-10 08:29:59 -08:00
wchen-r7 07ef09e0b6 Avoid Msf::Module::Platform 
We don't know how to generate an exe payload if the platform is
Msf::Module::Platform, so don't use it.
 2015-12-08 21:40:30 -06:00
wchen-r7 9e52663705 Doc 
Fix #6330
 2015-12-08 21:24:39 -06:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails 
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
 2015-12-08 21:13:23 -06:00
wchen-r7 5b27d3a99c This looks right 2015-12-08 20:42:35 -06:00
wchen-r7 cea8c40432 Fix generate_payload_exe for generic payload support 
Platform can be seen from different sources:

1. From the opts argument. For example: When you are using
   generate_payload_exe, and you want to set a specific platform.
   This is the most explicit. So we check first.

2. From the metadata of a payload module. Normally, a payload module
   should include the platform information, with the exception of
   some generic payloads. For example: generic/shell_reverse_tcp.
   This is the most trusted source.

3. From the exploit module's target.

4. From the exploit module's metadata.

Architecture shares the same load order.
 2015-12-08 20:26:07 -06:00
Jon Hart 39da306b1d Land #6057, @danilbaz's module for dumping Bitlocker master key (FVEK) 2015-12-08 18:16:39 -08:00
wchen-r7 080ec26afb Land #4489, Update SMB admin modules to use Scanner & fixes 2015-12-08 14:49:26 -06:00
OJ c747ffc05a Implement support for TLV packet XORing, and RECV removal 2015-12-08 16:37:10 +10:00
wchen-r7 ef217c4b6d Land #6315, Support migrating to processes by process name 2015-12-07 23:53:06 -06:00
William Vu db788d1b7c Land #6238, CmdStager BOURNE_{PATH,FILE} options 2015-12-07 12:34:42 -06:00
Stuart Morgan 0cb18004ec Rubocop 2015-12-05 15:28:56 +00:00
Stuart Morgan 61ad1a60f5 Removed EOL spaces (msftidy) 2015-12-05 15:27:13 +00:00
Stuart Morgan e190dcb61a Merge branch 'master' of https://github.com/rapid7/metasploit-framework into add_delay_jitter_to_scan 2015-12-05 15:25:11 +00:00
Stuart Morgan d645052391 Moved the 'add_delay_jitter' function to scanner.rb so that all modules can benefit from it if needed 2015-12-05 15:02:31 +00:00
Jon Hart 06836d9b8a Better handling of invalid process name/IDs 2015-12-04 14:25:57 -08:00
wchen-r7 14b1b3a1f0 Land #6299, Stageless HTTP(S) Python Meterpreter 2015-12-04 16:16:54 -06:00
Jon Hart 3ecac615a2 Support migrating to processes by process name 
Fixes #6313
 2015-12-04 13:33:01 -08:00
jvazquez-r7 340fe5640f Land #6255, @wchen-r7's module for Atlassian HipChat JIRA plugin 2015-12-03 20:01:06 -06:00
Louis Sato 0bcac5e73b Use concat instead of assignment on java proxy classes encoding 
* fixes bug in java serialization encoding proxy class
 2015-12-03 17:31:13 -06:00
William Vu aa9969c81a Add more normalization to temporary directory 2015-12-03 11:37:02 -06:00
James Lee 762fdbed40 Simplify meterpreter liveness check 2015-12-03 09:16:18 -06:00
James Lee 6fa2269764 PacketResponseWaiter - improve yardoc coverage 2015-12-03 09:16:17 -06:00
Sonny Gonzalez d7aeabbb71 Land #6293, listener bind_port fix 2015-12-02 13:16:23 -06:00
jvazquez-r7 58cf9f4fcd Land #6301 for sure, @busterb's REALLY wants to delete go_pro :) 2015-12-02 09:38:40 -06:00
jvazquez-r7 545e8a2ea0 Land #6301, @busterb removes the go_pro command 2015-12-02 09:28:08 -06:00
Rory McNamara 98b3919e94 Remove .bin from default behaviour 2015-12-02 09:58:11 +00:00
Rory McNamara 15dd18dc4b use single quotes, remove explicit nil 2015-12-02 09:36:07 +00:00
William Vu 6d3c4868a3 Land #6286, bind port display in jobs 2015-12-02 02:21:14 -06:00
William Vu 098c573f82 Land #6291, DisablePayloadHandler Boolean fix 
Nice call with Regexp#===, @wchen-r7. :)
 2015-12-02 02:17:59 -06:00
Brent Cook fbeaeb2877 remove more unneeded machinery for go_pro 2015-12-01 22:32:50 -06:00
Brent Cook 6ab2919c40 remove go_pro command 2015-12-01 15:29:21 -06:00
Spencer McIntyre 388edd3207 Fix the scheme for the pymet ProxyHandler 2015-11-30 13:45:24 -05:00
Spencer McIntyre fba9715a56 Add stageless python meterpreter http & https payloads 2015-11-28 17:41:55 -05:00