a59aa864c3
Bump version of framework to 6.1.36
2022-03-24 18:44:06 -05:00
cec44f0cab
Land #16371 , Fix websocket crash
2022-03-24 13:07:34 -04:00
bf88b7f618
Land #16325 - Replace IO read on binary files with File binread
2022-03-24 10:08:40 -05:00
014c98acd8
Land #16369 , fix upgrading meterpreter sessions with shell_to_meterpreter
2022-03-23 07:15:55 +00:00
cebdebb188
Fix kubernetes websocket crash when identifying peer host
2022-03-23 02:28:47 +00:00
03d645016c
Land #16250 , Update service mixins for NAT options
2022-03-23 00:13:20 +00:00
964f78fc69
Land #16341 , Implement VNC hash types
2022-03-22 17:00:02 -05:00
1408ffbab7
Fix up typo and wording on some comments
2022-03-22 16:29:08 -05:00
02c616a29e
Land #16207 , Fix VNC scanner modules and libraries to make them work in 2022
2022-03-22 13:40:29 -05:00
c0b0c418d2
Update constants explanation to explain VeNCrypt 19 option a little clearer
2022-03-22 13:06:45 -05:00
b54cfee665
Open a new Meterpreter session when trying to upgrade Meterpreter
2022-03-22 14:08:25 +00:00
fd2d1c0784
Add and use the ListenerComm option for SOCKS
2022-03-22 09:23:09 -04:00
ff0ecfa49e
Display the HTTP port when necessary
2022-03-21 20:11:31 -04:00
4e8613904a
Address comments from review and make explanations tidier
2022-03-21 17:54:41 -05:00
122d380f85
Land #16368 , Conditionally recalculate in ModuleSet
2022-03-21 17:50:03 -05:00
df04435d49
Only recalculate sometimes
...
Recalculations are time consuming, so only do it if necessary.
2022-03-21 17:00:31 -04:00
024da204d1
Land #16353 , respect ssl_version in crawler
2022-03-21 12:24:38 -05:00
aca272dd76
Always return a comm from #_determine_server_comm
...
Instead of returning nil from Rex::Socket::SwitchBoard.best_comm, return
the local comm which Rex::Socket will defer to anyways.
2022-03-21 11:47:56 -04:00
551f159993
Don't pass nill to #best_comm
...
It'll crash if you do
2022-03-21 11:47:56 -04:00
0ab97b858f
Update the TCP server and HTTP server mixins
2022-03-21 11:47:56 -04:00
2e4f04a804
Add and use the new bindhost/bindport options
2022-03-21 11:47:55 -04:00
bbf9e3163a
Fix file reads on Windows for binary files
2022-03-21 12:47:39 +00:00
a4956bfe7c
Land #16358 , fix apk injection on some apks by finding the correct hook point
2022-03-21 07:36:00 +00:00
d9bd985cef
Msf::Payload::Apk: find_hook_point: Return full packagename.classname
2022-03-19 21:08:02 +00:00
bdb729a43b
Land #16340 , fall back to running apktool with --use-aapt2 if apktool fails
2022-03-19 11:47:56 +00:00
ebaf584a00
use 'Auto' for ssl_version
2022-03-18 17:06:02 -05:00
ccdc2db9e7
Land #16309 , Catch an exception in ssh_login
...
The ssh_login module would crash when the channel used to execute the
commands to gather the platform information reported that they failed.
2022-03-17 16:41:47 -04:00
da1e4853b8
Land #16317 , Free UDP ports after use
2022-03-17 16:39:09 -04:00
54ad2b82c3
Land #16249 , Add in Exchange Mixin - Initial Version with Version Detection
...
Merge branch 'land-16249' into upstream-master
2022-03-17 15:04:17 -05:00
374220f72f
Bump version of framework to 6.1.35
2022-03-17 12:05:14 -05:00
ce062973cb
Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations.
2022-03-17 11:29:05 -05:00
c1d6dced8d
Update library code to read exchange versions from exchange_versions.json and populate exchange_versions.json with initial info
2022-03-17 11:29:01 -05:00
419c9ea554
Fix review comments to simplify regex, and also add in new is_exchange? function to check if a target is running Exchange Server or not.
2022-03-17 11:29:00 -05:00
1f53e9d1c4
Rubocop and fix a mistake on commenting too much of the code out from testing
2022-03-17 11:29:00 -05:00
269cd5cfed
Add in Exchange Version mixin and module example
2022-03-17 11:28:53 -05:00
43cec440ac
Treat failed proof as successful connection with nil proof.
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-03-17 14:05:17 +01:00
2841f70048
Catch exception from net/ssh/connection/session.rb:381
2022-03-16 23:11:21 +01:00
7fe9d0b2b6
Don't start the DNS server twice
2022-03-17 08:02:31 +11:00
c3445ccb6f
respect ssl_version in crawler
...
When utilizing `Anemone` to crawl pages using `Rex` sockets
Framework common `SSL` settings can pull from standardized options.
This change enables more fine grained user control and avoids issues
with missing or deprecated SSL versions in newer Ruby versions.
2022-03-16 14:24:45 -05:00
b4de9fa92a
Land #16344 , Add module for CVE-2022-21999 and More Railgun Definitions
...
Merge branch 'land-16344' into upstream-master
2022-03-16 08:37:05 -05:00
008071888c
Land #16347 , Catch SocketError when normalizing the hostname
2022-03-15 16:45:29 -05:00
e28ee9ca53
Improve an error message when addr is nil
...
The normalized value can be nil when the hostname failed to resolve.
That is not helpful in the exception information, so use the original
value.
2022-03-15 14:01:26 -04:00
a3f4af1775
Fix encrypted shells crashing with no DB connection
2022-03-15 16:00:30 +00:00
a6a63d0895
Rename scope to zone_id
2022-03-15 11:14:41 -04:00
4dd7fc60e6
Land #16324 , Fix broken DNS native_server
2022-03-15 09:06:03 -04:00
8cc2b87f59
Use Dnsruby::Message for all inputs
2022-03-15 16:41:05 +11:00
c936c45167
Land #16186 , Add Python Meterpreter Command Payloads
...
Merge branch 'land-16186' into upstream-master
2022-03-14 17:29:03 -05:00
2142c877ad
Land #16262 , Use bash instead of netcat as a default payload
2022-03-14 17:18:37 -05:00
71cacc4cc2
Catch SocketError when normalizing the hostname
2022-03-14 17:09:37 -04:00
735c1256a3
Put reverse_netcat back in the default list
...
See #16262 for context. This will select reverse_bash if no required
commands are specified, which should be suitable for most environments.
The RequiredCmd payload compatibility key can be specified to override
this behavior by marking the commands that are available.
2022-03-14 09:16:39 -04:00
Metasploit