383314530a
Bump version of framework to 4.13.0
2016-11-16 07:48:26 -08:00
927e195e28
Generate payload apk from permissionless apk
2016-11-16 00:48:10 -04:00
1deacad2be
Add a print_bad alias for print_error
...
Came up on Twitter, where Justin may have been trolling a little:
https://twitter.com/jstnkndy/status/798671298302017536
We have a `print_good` method, but not a `print_bad`, which seems a
little weird for Ruby -- opposite methods should be intuitive as Justin
is implying.
Anyway, I went with alias_method, thanks to the compelling argument at
https://github.com/bbatsov/ruby-style-guide#alias-method
...since Metasploit is all about the singleton, and didn't want to risk
some unexpected scoping thing.
Also dang, we define the `print_` methods like fifty billion times!
Really should fix that some day.
2016-11-15 19:20:42 -06:00
7e4645afb3
Land #7527 , Add LURI support to the reverse_http/s stagers
2016-11-15 16:31:20 -06:00
5490fda0ae
Merge remote-tracking branch 'upstream/master' into land-7261
2016-11-14 16:49:28 -06:00
98a54cd458
Merge branch 'upstream-master' into land-7456-android-hide-app
2016-11-14 02:43:04 -06:00
fbcc4baf58
Land #7553 , apk inject cert fix
...
Lands dana-at-cp's fix for the certtool localization
issues for the APK injection routine.
Fixes #7524
2016-11-11 12:54:41 -06:00
f116ad2c59
Bump version of framework to 4.12.42
2016-11-11 10:02:14 -08:00
c0e839dfd9
Fixes keytool bug in APK inject code
2016-11-11 06:12:47 -08:00
2c39a14ada
Bump version of framework to 4.12.41
2016-11-04 10:02:13 -07:00
50c2ed8509
Fix post mixin platform/session check
2016-11-05 02:41:52 +10:00
b0970783ff
Another interim commit moving towards universal handlers
2016-11-04 13:25:02 +10:00
dae1f26313
Land #7521 , Modernize TLS protocol configuration for SMTP / SQL Server
2016-11-03 12:56:50 -05:00
47ac122c15
Add LURI support to the reverse_http/s stagers
2016-11-03 14:51:07 +10:00
09d9733a75
Interim commit while working on multi payloads
2016-11-03 06:44:39 +10:00
a7c8060af5
Land #7523 , Fix template location for psh payload creation
2016-11-02 12:09:20 -05:00
cc8c1adc00
Add first pass of multi x86 http/s payload (not working yet)
2016-11-03 02:44:53 +10:00
494b4e67bd
Refactor http/s handler & payloads
...
This commit moves much of the platform-specific logic from the
reverse_http handler down into the payloads. This makes the handler
a bit more agnostic of what the payload is (which is a good thing).
There is more to do here though, and things can be improved.
Handling of datastore settings has been changed to make room for the
ability to override the datastore completely when generating the
payloads. If a datastore is given via the `opts` then this is used
instead otherwise it falls back to the settings specified in the usual
datatstore location.
Down the track, we'll have a payload that supports multiple stages, and
the datastore will be generated on the fly, along with the stage itself.
Without this work, there's no other nice way of getting datastore
settings to be contained per-stager.
2016-11-02 11:33:59 +10:00
451686309b
fixes #7519 psh payload generation
...
a few files references to the templates for pwoershell were
missed when transfering the templates over to the rex-powershell gem
2016-11-01 14:32:40 -05:00
51ad285521
Landing #7517 Nexpose API error fix
2016-11-01 12:02:35 -05:00
0fca4483c0
Correctly call generate_stage on native init
2016-11-02 00:52:25 +10:00
6ec76611c3
Fix arch typo in meterpreter_options for x64
2016-11-02 00:38:34 +10:00
6577728fa9
enable auto-negotiation for TLS version with SQL Server
2016-11-01 05:45:27 -05:00
f08a7ac10b
modernize default smtp_deliver TLS options
2016-11-01 05:42:05 -05:00
ac0984e8dd
this fixes an issue with nexposeapi errors
...
on newer versions of the nexpose api the error
XML schema has been changed, this prevents the
exception from being generated correctly
MS-289
2016-10-31 13:42:15 -05:00
294b1e5ed7
Move session_type to base, and map shell arch to string
2016-11-01 03:02:23 +10:00
44ac3f8781
Use ARCH constant in mainframe_shell
2016-11-01 02:24:44 +10:00
ddd2d5e43f
Remove junk spaces from EXE exploit module
2016-11-01 01:28:21 +10:00
eeff24d2ef
Change BSD regex as per Brent's suggestion
2016-11-01 01:26:45 +10:00
0730613c67
Add comment to hilight need to support ARCH_CMD in sess check
2016-10-29 14:29:05 +10:00
7773d90da4
Update railgun to use arch to check for 64 bit
2016-10-29 14:26:06 +10:00
8605992cdf
Remove superfluous session check in the post mixin
2016-10-29 14:19:27 +10:00
e5d3feebea
Final regex fix for jobs arch check
2016-10-29 14:10:01 +10:00
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
0737d7ca12
Tidy code, remove regex and use comparison for platform checks
2016-10-29 13:41:20 +10:00
9e3960f334
Update session listing to show type or platform
2016-10-29 12:46:11 +10:00
6364e93ece
Update session types to have base_platform and base_arch
2016-10-29 12:45:37 +10:00
bf7e7ae4be
Fix silly mistake with resetting arch in sysinfo
2016-10-29 08:32:32 +10:00
a7485c4bba
Use constants for base_arch
2016-10-29 08:10:44 +10:00
d201c5bccc
Force x86_64 to change over to x64 in sysinfo, tidy arch checks
2016-10-29 06:49:35 +10:00
ffc62964d6
Bump version of framework to 4.12.40
2016-10-28 10:02:36 -07:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
9672759be8
Land #7462 , Add support for Unicode domains
2016-10-26 16:47:09 -05:00
ca377cadd7
Move the binary suffix stuff to a better location
2016-10-27 07:43:27 +10:00
6a23168800
Bump version of framework to 4.12.39
2016-10-25 12:22:52 -07:00
5ce886cf5c
Land #7490 , xml importer fingerprinting fixed
2016-10-25 14:13:15 -05:00
c83474ea5c
Land #7488 Allows DRDoS mixin to handle empty responses
2016-10-25 13:53:39 -05:00
56d5c49d4d
host was no associated with the workspace
...
* searching mdm host by wspace id instead
2016-10-25 12:05:06 -05:00
1378e2e61a
preserve hosts should still fingerprint new hosts
2016-10-25 09:58:30 -05:00
Metasploit