a87ae41d81
Land #9446 , Post API fix for setuid_nmap
2018-01-26 18:08:47 -06:00
af0c58c2ae
Land #9335 , Added socket bind port option for reverse tcp payload.
...
Merge branch 'land-9335' into upstream-master
2018-01-24 17:20:14 -06:00
b515a582f0
Land #9424 , Add SharknAT&To external scanner
2018-01-24 17:20:03 -06:00
d6beb94c59
Land #6611 , add native DNS to Rex, MSF mixin, sample modules
2018-01-24 17:12:52 -06:00
55c345418d
Land #9438 , address cmd_exec inconsistencies
2018-01-24 17:11:40 -06:00
0916d8402e
fix whitespace patchups for current python meterpreter
2018-01-24 17:08:33 -06:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
1a8ffed5e3
Land #9369 , register_dir{,s}_for_cleanup
2018-01-10 22:02:15 -06:00
b1cecd4193
Bump TIMEOUT in Msf::Exploit::Remote::SunRPC
2018-01-10 20:36:35 -06:00
1c1f3b161e
Rescue XDR errors in Msf::Exploit::Remote::SunRPC
2018-01-10 20:11:30 -06:00
333d57461a
Check exploit stance for array as well as string
...
An exploit can be both aggressive and passive.
2018-01-08 13:52:04 -06:00
461f1c12e6
Fix nil bug(s) by moving arrays to initialize
2018-01-06 02:31:16 -06:00
14143c2b90
Fix missed file_dropper_win_path
2018-01-06 01:44:25 -06:00
50f4ebb3b2
Add register_dirs_for_cleanup to FileDropper
2018-01-04 11:06:32 -06:00
d7c826b5e8
Add rm_rf to Post::File
2018-01-03 23:14:21 -06:00
c32ef4a3be
Require msf/core/cert_provider in framework.rb
...
Add an explicit require for the new cert_provider in framework.rb
in case it has not yet been loaded.
This should address the Travis failure on initial PR, although the
gem version in socket has not been updated, so this might take a
bit to propagate. In the end, if the dependency already gives us
this functionality by the time we call Rex::Socket::Ssl then this
commit can safely be dropped
2017-12-29 02:14:48 -05:00
18f3815147
Update TLS certificate generation routines
...
Msf relies on Rex::Socket to create TLS certificates for services
hosted in the framework and used by some payloads. These certs are
flagged by NIDS - snort sid 1-34864 and such.
Now that Rex::Socket can accept a @@cert_provider from the Msf
namespace, a more robust generation routine can be used by all TLS
socket services, provided down from Msf to Rex, using dependencies
which Rex does not include.
This work adds the faker gem into runtime dependencies, creates an
Msf::Exploit::Remote::Ssl::CertProvider namespace, and provides
API compatible method invocations with the Rex version, but able
to generate higher entropy certs with more variables, options, etc.
This should reduce the hit rate against NIDS on the wire, reducing
pesky blue team interference until we slip up some other way. Also,
with the ability to generate different cert types, we may want to
look at extending this effort to probide a more comprehensive key
oracle to Framework and consumers.
Testing:
None yet, internal tests pending.
Travis should fail as this requires rex-socket #8 .
2017-12-28 21:00:03 -05:00
8ea50572df
Land #9329 , Add basic framework for interacting with MQTT
2017-12-27 14:59:34 -06:00
e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
...
These cover several of the CVEs mentioned in
https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
8b0f2214b1
few more updates
2017-12-23 03:04:11 +05:30
038119d9df
Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more
2017-12-23 00:14:27 +05:30
caae33b417
Land #9170 , Linux UDF for mysql_udf_payload
2017-12-21 20:48:24 -06:00
becc05b4f1
Cleaner client_id handling
2017-12-21 06:57:33 -08:00
82bdce683b
Remove to_s
2017-12-20 19:13:12 -08:00
b78f1105f7
Add missing port
2017-12-20 19:11:33 -08:00
ddb2566f3b
Remove duplicate options, set less suspicious client_id
2017-12-20 19:09:35 -08:00
cf21d13b2e
Resolve conflict
2017-12-20 18:58:16 -08:00
741d08f604
Style cleanup
2017-12-20 13:33:47 -08:00
ac1daaf10e
Fix rubocop warning
2017-12-20 12:41:44 -08:00
f15309bc48
Add basic framework for interacting with MQTT
2017-12-20 12:28:02 -08:00
210f137b7b
Merge branch 'upstream-master' into land-9296-
2017-12-20 12:07:53 -06:00
15da7c699d
Fix #7779 , fix multi/meterpreter/reverse_http with web_delivery
2017-12-20 16:32:07 +08:00
6b216f2a20
Land #9290 , Fix OverrideLHOST/LPORT with http/s Meterpreter payloads
2017-12-20 00:26:06 -06:00
72d3592b9c
New requires for Cambium mixins
2017-12-18 16:38:18 -06:00
27a324237b
Initial commit for Cambium issues from @juushya
...
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
2017-12-18 16:32:55 -06:00
8e4b007edc
Move verify_arch to dcerpc_getarch
...
We can use this code elsewhere, such as the MS17-010 scanner.
2017-12-14 02:08:25 -06:00
c4e20e01e3
iOS meterpreter
2017-12-12 23:23:21 +08:00
f7dfba6bae
deduplicate code from python meterpreter
2017-12-12 03:12:36 -06:00
b7c231bb93
further normalize transport config
2017-12-12 03:12:36 -06:00
bb5ea540ab
fix a number of TODO's in the HTTP handler, remove duplication in handlers
2017-12-12 03:12:36 -06:00
528a423fc0
fix python override scheme
2017-12-12 03:12:36 -06:00
f49006222c
remove unneeded uri
2017-12-12 03:12:36 -06:00
8e76c4cb4f
handle override at the meterpreter config layer
2017-12-12 03:12:36 -06:00
636b93b026
minor simplification
2017-12-12 03:12:36 -06:00
017374be71
pass lhost/lport back into generate_stage with reverse_http/s
2017-12-12 03:12:36 -06:00
1653e31f71
Merge branch 'upstream-master' into land-9126-
2017-12-11 03:57:00 -06:00
2565ad6a27
Handle IPv6 addresses in full_uri (add brackets)
2017-12-07 12:56:55 -06:00
c848379ecb
simply use refname in the prompt?
2017-11-29 20:52:14 -06:00
e5a5d35ad8
add 'promptname' that expands the module path a bit more
...
This allows the user to actually see the module context.
2017-11-29 19:49:43 -06:00
70ec576d52
use correct session variable
2017-11-29 11:53:56 -06:00
William Vu