adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

16492 Commits

Author SHA1 Message Date
Shelby Pace 8bb1c5102b opt for inline asm instead of pre-compiled object 2019-10-31 11:55:40 -05:00
William Vu 866a1c9bed Fix Boolean validation to match our idiom 2019-10-31 11:29:43 -05:00
William Vu b9baa80823 Refactor to use config hash and new option 2019-10-31 11:11:43 -05:00
Francesco Soncina d17f041dbd fix inner payload for web_delivery 2019-10-31 16:29:56 +01:00
William Vu b268feda73 Allow partial response due to timeout 2019-10-29 21:25:21 -05:00
Metasploit 352e7a83ac Bump version of framework to 5.0.58 2019-10-29 14:09:13 -05:00
Adam Cammack de845214d1 Add module check result tracking to RPC API 
This adds a few sets and a hash to the Msf::Simple::Framework that help
keep track of running checks and their eventual results.
 2019-10-29 12:45:09 -05:00
Shelby Pace a04291678f add require, fix module context generate 2019-10-29 08:35:04 -05:00
Shelby Pace f65c5a30b2 use SecureRandom, bail if no db present 2019-10-28 16:25:28 -05:00
Shelby Pace c9dc2141a0 use stdlib flag instead of nostartfiles 2019-10-28 16:06:21 -05:00
Shelby Pace 041b91961f handle nil nonce 2019-10-28 15:39:37 -05:00
Brent Cook 6a9cc9b384 use the common method for enabling secure TLV channel 2019-10-28 06:25:51 -05:00
Brent Cook 4f33267db5 Wait for threads to exit after killing them. 2019-10-28 06:25:15 -05:00
Metasploit 7d6235e062 Bump version of framework to 5.0.57 2019-10-25 13:43:22 -05:00
bwatters-r7 315164b388 Land #12467, Bug Fix: nops generate '-s' option ignored 
Merge branch 'land-12467' into upstream-master
 2019-10-25 12:02:20 -05:00
Brent Cook c62f4598f8 Land #12482, Fix the default meterpreter prompt 2019-10-25 11:11:22 -04:00
nil0x42 d7b629c858 Apply suggestions from code review 
Co-Authored-By: Brendan <bwatters@rapid7.com>
 2019-10-25 05:34:56 -03:00
Metasploit 519b75d4d3 Bump version of framework to 5.0.56 2019-10-24 12:06:04 -05:00
FenixH 72abac0683 Fix call to method in null object in rpc_creds method 2019-10-24 11:19:09 +02:00
bwatters-r7 13b54efbfa We don't need no stinking regexes.... 2019-10-23 13:47:46 -05:00
Brendan Coles 991ccdbda5 Land #12106, Add Linux PTRACE_TRACEME local root exploit 2019-10-23 14:01:14 +00:00
Tim W 8c93b219d1 fix compile.rb and rubocop 2019-10-23 20:54:42 +08:00
Tim W 3cb9f2d709 remove pointless upload_binary function 2019-10-23 20:28:13 +08:00
Spencer McIntyre e771147046 Fix the default meterpreter prompt 2019-10-22 20:02:32 -04:00
bwatters-r7 32e7787821 Clearly, I fail at ruby implicit returns 
Changed the newline remove to a chomp in case the newline is not there
 2019-10-22 11:51:00 -05:00
bwatters-r7 ee282fe84c Land #12458, Refactor extended check messages 
Merge branch 'land-12458' into upstream-master
 2019-10-21 12:23:06 -05:00
Brent Cook 100c0a7580 Land #12438, add support for custom Meterpreter prompts 2019-10-21 12:20:06 -05:00
sinn3r 7683ab4fc1 Land #12455, Add generate_random_c method to randomized compiler 
Add generate_random_c method to randomized compiler
 2019-10-18 15:51:19 -05:00
nil0x42 e48132d7df Bug Fix: nops generate '-s' option ignored 
This error was trying to parse the contents of undefined '-c' option instead of '-s'.
Making impossible the definition of SaveRegisters from the console.

Step to reproduce:
`msfconsole -q -x 'use nop/x86/single_byte; generate -s esp 10; exit' | grep -v '0m' | tr -d '\n\\x+ ";' | rasm2 -b 32 -D -`
```asm
0x00000000   1                       0e  push cs
0x00000001   1                       d6  salc
0x00000002   1                       54  push esp
0x00000003   1                       f8  clc
0x00000004   1                       43  inc ebx
0x00000005   1                       56  push esi
0x00000006   1                       5a  pop edx
0x00000007   1                       56  push esi
0x00000008   1                       5a  pop edx
0x00000009   1                       44  inc esp
```
As we can see, 'inc esp', and some 'push/pop' instructions have been generated although having explicitly asked to save `esp` register through `generate` command.

This commit addresses this issue
 2019-10-18 17:31:03 +00:00
Shelby Pace ca755843f1 remove call to generate_random_c 2019-10-18 11:06:40 -05:00
Adam Cammack 121a6fd0e7 Order matters sometimes 
Since the constants are evaluated when they are declared, they need to
be after the new `#initialize` method since it sets the messages.
 2019-10-18 10:57:16 -05:00
Shelby Pace 42b251be01 generate random c within compile_random_c 2019-10-18 08:28:25 -05:00
Jeffrey Martin b2c753d446 Land #12459, Imports need workspace 2019-10-17 17:01:12 -05:00
bwatters-r7 d1817d8f12 Fix the preceeding newline upstream when we read it rather than when 
after we pass it around for a while.
 2019-10-17 14:46:20 -05:00
bwatters-r7 299865bdeb * Clean up cmd_exec test module's dead code and add support for 
inconsistent windows platform type.
* Add extra front chomp to shell_command response string because
there's a leading newline there.. for some reason?
 2019-10-17 13:30:43 -05:00
Metasploit ccd4e93a9e Bump version of framework to 5.0.55 2019-10-17 12:05:32 -05:00
bwatters-r7 ef1fe8d62a Fix delimiter selection on commands 2019-10-16 20:06:50 -05:00
Adam Cammack ba9c46ee91 Remove CheckCodes kludge from external modules 
Now that the new CheckCode class can add boilerplate human text by
itself we no longer need the hash of built-in values.
 2019-10-15 16:24:35 -05:00
Adam Cammack 7e5f866ffe Keep extended check reasons separate from messages 
Have the long code text and the reason glued together does not make
sense for all check displayers. I would prefer to have this at a
different level, but I'm not too keen on refactoring all the places
where it's touched. I couldn't find any remaining places that depend on
the length of the struct, so this looks safe to add straight as another
field.
 2019-10-15 16:24:02 -05:00
Jeffrey Martin 7505e1bf71 Consolidate logic for actions taken on a workspace 
* When renaming a workspace allow validation to handle all cases the same
* Do not display backtrace on console for rename failure, this is still logged to framework.log
 2019-10-15 16:12:11 -05:00
Jeffrey Martin 289a9c56f3 when making requests to report send workspace 
The report methods of the db layer require the workspace during import.
 2019-10-15 15:32:00 -05:00
Jeffrey Martin b494bf5d65 cred imports need a workspace object passed to lib 
Metasploit::Credential importers expect an Mdm::Workspace object.
 2019-10-15 14:51:53 -05:00
Shelby Pace 3c50f3d54e add generate_random_c method 2019-10-15 12:50:58 -05:00
bwatters-r7 f5bb6f8ca2 Land #12428, Extend check codes with custom messages 
Merge branch 'land-12428' into upstream-master
 2019-10-15 11:06:33 -05:00
Brent Cook 59bf03b947 Land #12420, Add environment-based API token authentication 2019-10-15 15:27:05 +01:00
Emmett Kelly d670e31e34 Remove unnecessary requirement 2019-10-15 15:18:41 +01:00
Shelby Pace 4997d72201 add options for keeping/deleting files 
This change makes it optional to keep/delete
the files that are created when generating
compiled payloads
 2019-10-14 13:34:30 -05:00
Brent Cook 63acf686a6 Fixed typos, extended messages append existing ones 2019-10-14 15:52:24 +01:00
Francesco Soncina b1b59fca35 add support for Powershell::prepend_protections_bypass 2019-10-13 03:27:21 +02:00
Brent Cook fd447736dc colors are safe on Windows 2019-10-11 16:23:10 -05:00