adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,692 Commits 27 Branches 1,043 Tags
9b9d3013a40698890d473360ac94de945e76200d
Commit Graph

16175 Commits

Author SHA1 Message Date
Brent Cook 6a9cc9b384 use the common method for enabling secure TLV channel 2019-10-28 06:25:51 -05:00
Brent Cook 4f33267db5 Wait for threads to exit after killing them. 2019-10-28 06:25:15 -05:00
Metasploit 7d6235e062 Bump version of framework to 5.0.57 2019-10-25 13:43:22 -05:00
bwatters-r7 315164b388 Land #12467, Bug Fix: nops generate '-s' option ignored 
Merge branch 'land-12467' into upstream-master
 2019-10-25 12:02:20 -05:00
Brent Cook c62f4598f8 Land #12482, Fix the default meterpreter prompt 2019-10-25 11:11:22 -04:00
nil0x42 d7b629c858 Apply suggestions from code review 
Co-Authored-By: Brendan <bwatters@rapid7.com>
 2019-10-25 05:34:56 -03:00
Metasploit 519b75d4d3 Bump version of framework to 5.0.56 2019-10-24 12:06:04 -05:00
Brendan Coles 991ccdbda5 Land #12106, Add Linux PTRACE_TRACEME local root exploit 2019-10-23 14:01:14 +00:00
Tim W 8c93b219d1 fix compile.rb and rubocop 2019-10-23 20:54:42 +08:00
Tim W 3cb9f2d709 remove pointless upload_binary function 2019-10-23 20:28:13 +08:00
Spencer McIntyre e771147046 Fix the default meterpreter prompt 2019-10-22 20:02:32 -04:00
bwatters-r7 ee282fe84c Land #12458, Refactor extended check messages 
Merge branch 'land-12458' into upstream-master
 2019-10-21 12:23:06 -05:00
Brent Cook 100c0a7580 Land #12438, add support for custom Meterpreter prompts 2019-10-21 12:20:06 -05:00
sinn3r 7683ab4fc1 Land #12455, Add generate_random_c method to randomized compiler 
Add generate_random_c method to randomized compiler
 2019-10-18 15:51:19 -05:00
nil0x42 e48132d7df Bug Fix: nops generate '-s' option ignored 
This error was trying to parse the contents of undefined '-c' option instead of '-s'.
Making impossible the definition of SaveRegisters from the console.

Step to reproduce:
`msfconsole -q -x 'use nop/x86/single_byte; generate -s esp 10; exit' | grep -v '0m' | tr -d '\n\\x+ ";' | rasm2 -b 32 -D -`
```asm
0x00000000   1                       0e  push cs
0x00000001   1                       d6  salc
0x00000002   1                       54  push esp
0x00000003   1                       f8  clc
0x00000004   1                       43  inc ebx
0x00000005   1                       56  push esi
0x00000006   1                       5a  pop edx
0x00000007   1                       56  push esi
0x00000008   1                       5a  pop edx
0x00000009   1                       44  inc esp
```
As we can see, 'inc esp', and some 'push/pop' instructions have been generated although having explicitly asked to save `esp` register through `generate` command.

This commit addresses this issue
 2019-10-18 17:31:03 +00:00
Shelby Pace ca755843f1 remove call to generate_random_c 2019-10-18 11:06:40 -05:00
Adam Cammack 121a6fd0e7 Order matters sometimes 
Since the constants are evaluated when they are declared, they need to
be after the new `#initialize` method since it sets the messages.
 2019-10-18 10:57:16 -05:00
Shelby Pace 42b251be01 generate random c within compile_random_c 2019-10-18 08:28:25 -05:00
Jeffrey Martin b2c753d446 Land #12459, Imports need workspace 2019-10-17 17:01:12 -05:00
Metasploit ccd4e93a9e Bump version of framework to 5.0.55 2019-10-17 12:05:32 -05:00
Adam Cammack ba9c46ee91 Remove CheckCodes kludge from external modules 
Now that the new CheckCode class can add boilerplate human text by
itself we no longer need the hash of built-in values.
 2019-10-15 16:24:35 -05:00
Adam Cammack 7e5f866ffe Keep extended check reasons separate from messages 
Have the long code text and the reason glued together does not make
sense for all check displayers. I would prefer to have this at a
different level, but I'm not too keen on refactoring all the places
where it's touched. I couldn't find any remaining places that depend on
the length of the struct, so this looks safe to add straight as another
field.
 2019-10-15 16:24:02 -05:00
Jeffrey Martin 289a9c56f3 when making requests to report send workspace 
The report methods of the db layer require the workspace during import.
 2019-10-15 15:32:00 -05:00
Jeffrey Martin b494bf5d65 cred imports need a workspace object passed to lib 
Metasploit::Credential importers expect an Mdm::Workspace object.
 2019-10-15 14:51:53 -05:00
Shelby Pace 3c50f3d54e add generate_random_c method 2019-10-15 12:50:58 -05:00
bwatters-r7 f5bb6f8ca2 Land #12428, Extend check codes with custom messages 
Merge branch 'land-12428' into upstream-master
 2019-10-15 11:06:33 -05:00
Brent Cook 59bf03b947 Land #12420, Add environment-based API token authentication 2019-10-15 15:27:05 +01:00
Emmett Kelly d670e31e34 Remove unnecessary requirement 2019-10-15 15:18:41 +01:00
Brent Cook 63acf686a6 Fixed typos, extended messages append existing ones 2019-10-14 15:52:24 +01:00
Brent Cook fd447736dc colors are safe on Windows 2019-10-11 16:23:10 -05:00
Brent Cook b300284d82 switch logic 2019-10-11 16:22:51 -05:00
Spencer McIntyre 8bb9f1798b Add a few more variables including local variants 2019-10-10 22:20:37 -04:00
Spencer McIntyre 85a39f75d8 Use a larger payload size to include the UUID 2019-10-10 22:08:26 -04:00
Spencer McIntyre ef81205123 Add the %M meterpreter prompt var 2019-10-10 21:13:12 -04:00
Spencer McIntyre d87308e9c0 Fix a couple of bugs in the MeterpreterPrompt 2019-10-10 21:13:12 -04:00
Spencer McIntyre 48f1e1d909 Add the %D and %U meterpreter prompt chars 2019-10-10 21:13:12 -04:00
Spencer McIntyre f63fd37938 Support a dynmaic meterpreter prompt 2019-10-10 21:13:12 -04:00
Metasploit 6c44605799 Bump version of framework to 5.0.54 2019-10-10 12:05:04 -05:00
Tim 620609c955 Update lib/msf/core/post/linux/compile.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-10-10 13:13:40 +08:00
William Vu 6fac30aec8 Change vprint_status to vprint_error 2019-10-09 11:36:39 -05:00
Brent Cook 62412c8d00 log a bit more about what happened 2019-10-09 08:39:03 -05:00
Brent Cook c4365cfe08 handle extra data on rdp_recv with length check 
We should really be doing something like strictly parsing PDU headers in rdp_recv and then parseling out PDUs instead of recv_and_pray, but this should get us past the initial issue where sometimes there is an extra PDU right after
 2019-10-09 08:22:02 -05:00
Adam Cammack f9c5939a29 Teach more things about the new check codes 2019-10-08 16:21:40 -05:00
Brent Cook 7e2ea42b54 Land #12404, fix potential nil object and mass deletion in shell session handler 2019-10-08 13:02:41 -05:00
Adam Cammack 2a32c7b9c5 Extend check codes to allow custom messages 2019-10-08 09:57:53 -05:00
Emmett Kelly e0c86b2423 Remove references to file based token provision 2019-10-08 14:29:25 +01:00
Emmett Kelly fe3ec50239 Set API token in env instead of file 2019-10-08 13:46:07 +01:00
Emmett Kelly fcfc78acc5 Use consistent API auth failure error handling 2019-10-08 11:14:23 +01:00
Emmett Kelly 8697b424b2 Use consistent environment variable name 2019-10-08 11:09:04 +01:00
Emmett Kelly 6d74fa2586 Load token config from yml instead of json 2019-10-08 11:03:24 +01:00