adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

16492 Commits

Author SHA1 Message Date
h00die 6aca047dbb unifi ssh cleanup 2019-03-22 21:51:41 -04:00
h00die aada613cff Merge branch 'master' of https://github.com/rapid7/metasploit-framework into jtrout 2019-03-22 21:26:36 -04:00
Matt Robinson 771cd60a5e Add missing get_payload() method 2019-03-22 21:25:23 -04:00
h00die 0613018fc2 remove unused function 2019-03-22 21:22:39 -04:00
h00die 6d59b29884 move jtr output to -o function 2019-03-22 21:03:06 -04:00
h00die f00c38cfe2 make creds exporter for jtr format 2019-03-22 15:04:58 -04:00
Brent Cook 712cbecab3 Land #11570, Add option to keep temp files with JTR modules 2019-03-22 05:16:56 -05:00
Brent Cook 11951c18ab Land #11605, Improve tab completion for the load command. 2019-03-22 05:10:20 -05:00
bcoles 3f3395768a Fix a potential regexp issue 
Co-Authored-By: Green-m <greenm.xxoo@gmail.com>
 2019-03-22 10:36:23 +08:00
bcoles 5a38cf17de Typo fix. 
Co-Authored-By: Green-m <greenm.xxoo@gmail.com>
 2019-03-22 10:34:35 +08:00
h00die 49b936f0d5 fix case of variable 2019-03-21 20:54:32 -04:00
James Barnett 0a4932a61c Remove swagger-ui css files 2019-03-21 12:52:30 -05:00
Metasploit 6be369e3bc Bump version of framework to 5.0.14 2019-03-21 10:09:15 -07:00
Green-m 2c05ce5377 Enhance the load completion. 2019-03-21 18:31:32 +08:00
Metasploit 59046eba20 Bump version of framework to 5.0.13 2019-03-19 08:17:20 -07:00
Jacob Robles 24143f812c Land #11466, Add Jenkins ACL bypass and metaprogramming RCE 2019-03-18 07:21:13 -05:00
William Vu af941b7541 Land #11573, Windows 2019 support in Windows::Priv 2019-03-17 12:13:55 -05:00
Brendan Coles e00b21d319 2019 2019-03-17 06:43:43 +00:00
William Vu 6658584142 Update HttpServer documentation 2019-03-16 13:55:04 -05:00
h00die 14febf69aa add no cleanup to jtr modules 2019-03-16 11:39:59 -04:00
h00die 33bc0b3a1d add unifi USG to ssh details 2019-03-16 08:35:32 -04:00
Brent Cook 2512156197 Land #11564, add a JavaMeterpreterDebug option to the java payloads 2019-03-15 08:19:58 -05:00
Brent Cook 69ff7b7698 Land #11561, Add OpenSUSE detection to Linux system lib 2019-03-15 07:57:26 -05:00
Matthew Kienow eeb131be29 Increase ActiveRecord version number 2019-03-15 02:23:12 -04:00
William Vu 9b8cc607ef Land #11554, irb and pry for command shells 2019-03-14 13:59:07 -05:00
Metasploit 4793f28e28 Bump version of framework to 5.0.12 2019-03-14 10:06:42 -07:00
Tim W 5cfe5b4567 add JavaMeterpreterDebug option 2019-03-14 23:43:22 +08:00
William Vu 173f251845 Land #11558, Ubiquiti UniFi for SSH LoginScanner 2019-03-14 09:53:57 -05:00
Brendan Coles 56bff4f748 Add OpenSUSE detection to Linux system lib 2019-03-13 23:18:54 +00:00
Jacob Robles a00f4bf508 Check fix 
Account for empty args array
 2019-03-13 09:18:18 -05:00
h00die a0b1ca1767 detect unifi in ssh sessions 2019-03-12 20:35:32 -04:00
William Vu 7a1b11b1b8 Support command-specific help command 2019-03-12 19:08:32 -05:00
William Vu e46893bfbd Split command using Shellwords.shellwords 2019-03-12 13:34:51 -05:00
William Vu 9186e00167 Add irb and pry commands to command shells 2019-03-12 12:22:12 -05:00
William Vu 8e9c207d26 Clarify module name is filename as per msftidy 2019-03-11 23:53:36 -05:00
William Vu 1d8538caee Direct user to framework.log for load problems 
This reduces long lines and cluttered output during startup.
 2019-03-11 23:40:59 -05:00
William Vu 6c4729de7e Prefer a soft error for invalid module names 2019-03-11 22:54:34 -05:00
William Vu c06190c122 Revert Msf::ModuleLoadError exception 
Msf::Modules::Error is already a thing! My bad.
 2019-03-11 22:34:37 -05:00
William Vu fd20d29fd7 Land #11551, jobify fix for aux modules 2019-03-11 16:33:55 -05:00
Brent Cook d14ace42ed fix jobify support with aux modules 
Looks like we hit another bug involving variable scope in parameters passed down to run_simple via 'run_single'. Since 'run_single' doesn't actually even run a single invocation of a module, let's just unwind that function, and get the rest of the parameters passed down.

This also explicitly disables 'jobify' support for non-scanner aux modules with multiple targets, which I don't think we're ready for until we add the RHOSTS iteration to the module proper. Otherwise, we'll have an explosion of jobs in the current implementation.
 2019-03-11 14:20:34 -05:00
Brent Cook 172a984d60 add deregister_tcp/udp_options 2019-03-08 16:04:32 -06:00
Brent Cook 1bf93ab1bc Land #11061, allow the possibilty of empty string values for datastore options in msf5 2019-03-08 09:27:50 -06:00
Brent Cook 7c97ca6a8e Land #11535, add deregister_http_client_options 2019-03-07 18:16:14 -06:00
Metasploit 1588928b44 Bump version of framework to 5.0.11 2019-03-07 10:06:39 -08:00
Brent Cook 656ef8f970 Land #11533, Fix credential reporting service lookups 2019-03-06 20:13:41 -06:00
Brent Cook 3670dd8067 Land #11521, add RMI support for UnicastRef2 responses 2019-03-06 20:05:33 -06:00
Brent Cook 433af12942 add deregister_http_client_options 2019-03-06 19:37:56 -06:00
Brent Cook 841c07a42c restore rescue for now 2019-03-06 19:35:12 -06:00
Brent Cook 4f08d1e864 Fix credential reporting service lookups. 
Noted by @actuated, auxiliary/scanner/ipmi/ipmi_dumphashes was displaying an error when run against an IPMI endpoint that had a common hash. This was due to the services lookup in the database not extracting the first element of the results array.

```
[-] Auxiliary failed: NoMethodError undefined method `id' for #<Array:0x000055615614b970>
[-] Call stack:
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:27:in `block (2 levels) in create_cracked_credential'
[-]   /home/bcook/.rvm/gems/ruby-2.6.1@metasploit-framework/gems/activerecord-4.2.11/lib/active_record/relation/delegation.rb:46:in `each'
[-]   /home/bcook/.rvm/gems/ruby-2.6.1@metasploit-framework/gems/activerecord-4.2.11/lib/active_record/relation/delegation.rb:46:in `each'
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:25:in `block in create_cracked_credential'
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/core.rb:166:in `data_service_operation'
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:15:in `create_cracked_credential'
[-]   /home/bcook/projects/metasploit-framework/lib/msf/core/auxiliary/report.rb:26:in `create_cracked_credential'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:317:in `report_cracked_cred'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:244:in `block (2 levels) in run_host'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:237:in `each'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:237:in `block in run_host'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:100:in `each'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:100:in `run_host'
[-]   /home/bcook/projects/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:111:in `block (2 levels) in run'
[-]   /home/bcook/projects/metasploit-framework/lib/msf/core/thread_manager.rb:106:in `block in spawn'
[*] Auxiliary module execution completed
```
 2019-03-06 17:08:34 -06:00
Matthew Kienow f873d94c10 Check that DB is active before looking up payload 2019-03-06 14:22:32 -05:00