adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,125 Commits 27 Branches 1,043 Tags
c8d50bda0f2ade01c0b38fdd4fbf6eeca030d0e9
Commit Graph

5601 Commits

Author SHA1 Message Date
cgranleese-r7 4fcb4a4e3a Land #18863, Expose MSSQL initial connection info in client 2024-02-20 14:17:34 +00:00
sjanusz-r7 200d03c417 Expose MSSQL initial connection info in client 2024-02-20 11:36:10 +00:00
cgranleese-r7 3be5988679 Land #18848, Add Proxies support to creating a session with mssql_login 2024-02-19 16:10:37 +00:00
sjanusz-r7 b2f36e41c4 Add Proxies support to creating a session with mysql_login 2024-02-19 12:22:51 +00:00
sjanusz-r7 64ab62f2c3 Use database_name for SQL sessions 2024-02-17 03:31:58 +00:00
sjanusz-r7 bc6bf1c4f3 Add Proxies support to creating a session with mssql_login 2024-02-16 20:22:11 +00:00
adfoster-r7 7b56d012e8 Land #18678, add LDAP capture capabilities 2024-02-15 22:11:04 +00:00
adfoster-r7 40701bf59a Fix auhtentication typo in lib/rex/proto/ldap/auth.rb 2024-02-15 21:26:45 +00:00
adfoster-r7 1d406cfc2a Land #18809, DNS command improvements 2024-02-14 22:12:30 +00:00
Spencer McIntyre eca99e2c77 Refactor resolver types 2024-02-14 14:40:22 -05:00
adfoster-r7 1794a5fbee Land #18763, Mssql session modules 2024-02-14 10:54:04 +00:00
Zach Goldman d18520adc6 update rhost and rport calls 2024-02-13 13:00:38 -06:00
Zach Goldman c05c6773df adjust session logic in modules 2024-02-13 11:59:09 -06:00
cgranleese-r7 450fd0876f Improve unknown command handling 2024-02-12 16:43:56 +00:00
Spencer McIntyre 5036d28b44 Validate hostnames before storing them 
This proactively fixes a potential DoS condition where if a user were to
add a hostname containing a ; and followed by data that is not an IP
address that MSF may fail to start.

Example:
dns add-static 'foo;bar' 192.0.2.1
save
 2024-02-09 14:52:41 -05:00
Zach Goldman 94223f05fc update relevant modules to work with sessions 
separate out optional session logic

fixing session handling
 2024-02-09 13:18:49 -06:00
Zach Goldman 2c60780dc0 Add MSSQL session Type 2024-02-09 07:27:01 -06:00
Spencer McIntyre 1b2a2af4d4 Fix unit tests on Ruby 3.2 because IPAddr =~ fails 2024-02-08 17:10:49 -05:00
Spencer McIntyre 56d2dfa46a Fix removing invalid DNS rule IDs 2024-02-08 17:00:40 -05:00
Spencer McIntyre 630301a0df Add versioning to the DNS configuration 2024-02-08 16:39:24 -05:00
Spencer McIntyre 1cab98f4c2 Support multiple addresses for a static hostname 2024-02-08 16:05:54 -05:00
Spencer McIntyre 62e960352f Refactor naming entries as rules 2024-02-08 13:05:53 -05:00
Spencer McIntyre 243ebcb3a6 Add some missing documentation 2024-02-08 13:05:53 -05:00
Spencer McIntyre c1a08b97d2 Load the termux hosts file path too 2024-02-08 13:05:50 -05:00
Spencer McIntyre 5c9b454291 Change initialization to allow reseting 
Change how the resolver is initialized so the instance can be reset to
sane default values loaded from the operating system.
 2024-02-08 11:22:33 -05:00
Spencer McIntyre 2653a180e4 Update tests add new initialization methods 2024-02-08 11:22:33 -05:00
Spencer McIntyre 648a7b394d Update configuration saving and loading 2024-02-08 11:22:33 -05:00
Spencer McIntyre bd7d4f0099 Add commands to manage static hostname records 2024-02-08 11:22:33 -05:00
Spencer McIntyre fcd84a41aa Add a DNS resolver for static entries 
Move support for static entries out of the cache so it can be controlled
like the other resolvers.
 2024-02-08 11:22:33 -05:00
Spencer McIntyre 2cf706e91f Use the dns entry index instead of unique IDs 2024-02-08 11:22:33 -05:00
Spencer McIntyre 43a7993215 Show the matching rule for DNS resolution 2024-02-08 11:22:33 -05:00
Spencer McIntyre 3c716041bd Add the blackhole resolver 2024-02-08 11:22:33 -05:00
Spencer McIntyre 3445c1b588 Add the system resolver for A and AAAA queries 2024-02-08 11:22:33 -05:00
Spencer McIntyre a5dc63617f Refactor resolver entries to unify them 
Now resolution will match a single rule, but that rule can have multiple
servers.
 2024-02-08 11:22:33 -05:00
Spencer McIntyre 464d2eef73 Add a method for upstream resolvers from query args 2024-02-08 11:22:33 -05:00
Spencer McIntyre 7fe10d8613 Switch to a more generic upstream resolvers model 
Upstream resolvers can be DNS servers or something else.
 2024-02-08 11:22:33 -05:00
Spencer McIntyre 282f97ba2d Add the flush-cache subcommand 
Also rename purge to flush-entries and update descriptions to clarify
what exactly is being flushed.
 2024-02-08 11:22:33 -05:00
Spencer McIntyre 319cff7d3a Change the DNS timeout from 30 to 5 seconds 
Also, add the #to_i method for timeouts
This makes it compatible with Rex Sockets later on
 2024-02-08 11:22:33 -05:00
Spencer McIntyre c780bfcb66 Add a DNS query command for inspection 2024-02-08 11:22:32 -05:00
Spencer McIntyre 6fdfd7147c Print the system nameservers too 2024-02-08 11:22:32 -05:00
Spencer McIntyre 9181d93807 Search for a resolv.conf file 2024-02-08 11:22:32 -05:00
adfoster-r7 5975d668f6 Land #18773, Support CTRL + Z for interactive SQL REPL 2024-02-05 16:39:13 +00:00
sjanusz-r7 4039ae137a Support CTRL + Z for interactive SQL REPL 2024-02-05 11:14:51 +00:00
cgranleese-r7 0e9cad6d45 Adds MySQL session type 2024-02-02 14:39:37 +00:00
Jeffrey Martin bed552d26e set error on unsupported LDAP auth 2024-02-02 08:36:00 -06:00
adfoster-r7 48221e594d Land #18704, Leverage the module metadata cache in the module_sets 2024-02-02 14:16:46 +00:00
adfoster-r7 7ac4387d35 Land #18696, Convert MSSQL mixin to class 2024-02-02 14:14:34 +00:00
Zach Goldman 35778e92b2 client consolidation 
convert first module from remote to client

move client to rex

remove metasploit mixin
 2024-02-01 17:23:55 -06:00
Jack Heysel 3c46f51924 Land #18753, Fix typo in alloc_and_write_wstring 
The method str_to_uniz_a was being called but does not exist.
The actual method name is str_to_uni_z, this PR fixes that typo.
 2024-02-01 15:09:16 -05:00
Jeffrey Martin 1c334ad670 address stack trace noticed in testing 2024-02-01 08:49:16 -06:00