adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,692 Commits 27 Branches 1,043 Tags
9b9d3013a40698890d473360ac94de945e76200d
Commit Graph

231 Commits

Author SHA1 Message Date
Adam Cammack 121a6fd0e7 Order matters sometimes 
Since the constants are evaluated when they are declared, they need to
be after the new `#initialize` method since it sets the messages.
 2019-10-18 10:57:16 -05:00
Adam Cammack ba9c46ee91 Remove CheckCodes kludge from external modules 
Now that the new CheckCode class can add boilerplate human text by
itself we no longer need the hash of built-in values.
 2019-10-15 16:24:35 -05:00
Adam Cammack 7e5f866ffe Keep extended check reasons separate from messages 
Have the long code text and the reason glued together does not make
sense for all check displayers. I would prefer to have this at a
different level, but I'm not too keen on refactoring all the places
where it's touched. I couldn't find any remaining places that depend on
the length of the struct, so this looks safe to add straight as another
field.
 2019-10-15 16:24:02 -05:00
Brent Cook 63acf686a6 Fixed typos, extended messages append existing ones 2019-10-14 15:52:24 +01:00
Adam Cammack 2a32c7b9c5 Extend check codes to allow custom messages 2019-10-08 09:57:53 -05:00
William Vu 9592e85975 Fix stack_adjustment nil bug and refactor method 
Also fix incorrect docs.
 2019-09-30 19:18:58 -05:00
Adam Cammack 969ad7aa8a Add Msf::Module::Alert for alerting users 2019-08-22 17:58:20 -05:00
Jeffrey Martin 2e06b4e93f Land #12126, Implement "set PAYLOAD" by index 2019-07-31 14:50:20 -05:00
bwatters-r7 05ffa6e4a0 More updates, optimizations, and style fixes 2019-07-29 16:29:32 -05:00
Brent Cook 463c147977 fix method check in metadata updates 2019-07-25 23:23:20 -05:00
bwatters-r7 7c2d214af2 Clean up debugging, move options to one place and delete superflous file 
change the uuid handing to prevent changes to it when it gets put in payloads
 2019-07-25 19:45:05 -05:00
bwatters-r7 310533f96c First stab at filtering payloads that require cleanup 2019-07-25 19:44:09 -05:00
bwatters-r7 80dbef20f2 Follow acammack's guidance for excluding filedropped exploits 
usage of pingback payloads
 2019-07-25 19:43:14 -05:00
asoto-r7 a12f9a5e4c Revert f162822 2019-07-25 19:43:14 -05:00
asoto-r7 53447462bd Remove a left-over 'pry' debugger invocation 2019-07-25 19:43:14 -05:00
asoto-r7 cb270cd57a WIP: Adding default pingback payload to parent check method 2019-07-25 19:42:50 -05:00
William Vu 40b040b3e6 Cache "show payloads" and set PAYLOAD by index 2019-07-24 20:15:12 -05:00
William Vu 29d6c270d4 Fix setting PAYLOAD clearing target DefaultOptions 2019-07-24 17:38:14 -05:00
William Vu 502a26bcbd Fix is_payload_compatible? for nil payloads 2019-07-11 14:00:24 -05:00
William Vu 6ea1e7aed2 Handle TypeError in case of nil 2019-05-13 17:32:54 -05:00
William Vu 249d3551ae Be good in other places 2019-05-13 17:15:31 -05:00
William Vu 9420b04dd9 Support generic payloads 2019-04-23 15:14:14 -05:00
William Vu e12b19a507 Enhance compatible_payloads to use module cache 2019-04-23 13:57:39 -05:00
Wei Chen c7efd57144 Sync up with master 2018-10-06 08:27:01 -05:00
Green-m 90b98a193c Refactor the rhosts for exploit modules. 2018-09-30 16:08:49 +08:00
Wei Chen 02ef565730 Update evasion_module_type branch 2018-09-24 08:20:32 -05:00
William Vu b3e9856851 Revert doc changes to exploit.rb autofilter 
I think the changes might have been accidental.

3cf4329335
 2018-09-13 13:27:52 -05:00
William Vu e2428b5c20 Fix target DisableNops not being passed to payload 2018-09-05 18:07:54 -05:00
Wei Chen 5c6b33bcf4 Add support for evasion targets, also module doc 2018-08-31 11:45:29 -05:00
William Vu 7e496ae067 Import target DefaultOptions into the datastore 2018-08-16 12:18:02 -05:00
William Vu e72b873f56 Fire off bind handlers when session_created? runs 
Also refactor because bind handlers don't use setup_handler.
 2018-07-12 10:45:59 -05:00
William Vu 8d135aec39 Implement first pass at deferred payload handling 
This is most useful for bind payloads, and I initially did just that,
but I've migrated the code to be more generic.
 2018-07-06 14:26:31 -05:00
Brent Cook 37f1e44a12 Land #10009, Add initial check support to external modules 2018-05-18 09:31:31 -05:00
Adam Cammack 147471fb79 Add constant for reverse check code lookup 2018-05-10 18:24:57 -05:00
William Vu 8881d32a45 Add target selection and tab completion by name 2018-05-03 21:03:05 -05:00
William Vu 1f5ece9c46 Fix target NOP generator not passed to payload 2018-04-20 17:12:55 -05:00
William Vu 33bde31eec Fix target encoder not being passed to payload 
Datastore functionality has been preserved as an override.
 2018-04-19 02:25:18 -05:00
Adam Cammack f1d426d257 Land #9833, Remove broken feature detection 2018-04-11 15:02:53 -05:00
Brent Cook 6fb6570f99 delete old feature detection code from exploit base 
This deletes some old code that apparently has been broken and somewhat unused for many years.

The 'derived_implementor?' method for modules relies on the debug output from Ruby in order to tell of a class implements a method, but the regex it used didn't work properly with any modern Ruby version until 2.5.x. This caused a random sleep to get inserted into certain payload staging operations, which actively breaks staging in certain scenarios (I'm not trying to address that here).

This also removes some ancient module feature detection code, which also is entirely unused today.
 2018-04-07 12:47:42 -05:00
William Vu 17ed88b766 Fix backgrounded aggressive exploits 
Any exploit that includes an aggressive stance is aggressive, regardless
of whether or not it has passive components.

This fix should prevent known-aggressive exploits from backgrounding.
 2018-04-05 18:34:36 -05:00
William Vu 333d57461a Check exploit stance for array as well as string 
An exploit can be both aggressive and passive.
 2018-01-08 13:52:04 -06:00
Brent Cook e414bdb876 don't try to guess intent for specified default targets, leave auto-auto targeting to unspecified modules 2017-05-11 15:19:11 -05:00
Brent Cook 0e3eba18b3 simplify guard logic 2017-02-17 16:00:15 -06:00
Brent Cook f4befda59b inherit the options from the default target so we can autocomplete before the rhost resolution occurs 2017-02-17 15:50:45 -06:00
Brent Cook 76529278b8 make sure we can actually invoke auto targeting before adding it 2017-01-30 05:24:57 -06:00
Brent Cook 7d32166c70 use a better check for whether rhosts exists 2017-01-29 19:18:23 -06:00
David Maloney d564f5d60a don't add auto targets to things without rhost 
Things like browser exploits don't have remote host options
which is what auto targeting relies on, so it does not make sense
to include the auto-targeting in these exploits

7837
 2017-01-17 11:40:07 -06:00
David Maloney 31d36d9112 if autotargeting fails fall back 
fallback to the original first target if auto-targeting fails
 2017-01-03 14:38:52 -06:00
David Maloney 5fd531028c ome minor guards and spec fixes 
some minor conditional guards and spec fixes
 2017-01-03 14:38:51 -06:00
David Maloney a61b92aa3e tweak target selection 
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index

MS-2325
 2017-01-03 14:38:51 -06:00