adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,733 Commits 27 Branches 1,043 Tags
d3d9acf1e4dca483bf09c3cb57dff60ab962cf47
Commit Graph

2632 Commits

Author SHA1 Message Date
Grant Willcox bf88b7f618 Land #16325 - Replace IO read on binary files with File binread 2022-03-24 10:08:40 -05:00
Spencer McIntyre ff0ecfa49e Display the HTTP port when necessary 2022-03-21 20:11:31 -04:00
Spencer McIntyre aca272dd76 Always return a comm from #_determine_server_comm 
Instead of returning nil from Rex::Socket::SwitchBoard.best_comm, return
the local comm which Rex::Socket will defer to anyways.
 2022-03-21 11:47:56 -04:00
Spencer McIntyre 551f159993 Don't pass nill to #best_comm 
It'll crash if you do
 2022-03-21 11:47:56 -04:00
Spencer McIntyre 0ab97b858f Update the TCP server and HTTP server mixins 2022-03-21 11:47:56 -04:00
Spencer McIntyre 2e4f04a804 Add and use the new bindhost/bindport options 2022-03-21 11:47:55 -04:00
sjanusz bbf9e3163a Fix file reads on Windows for binary files 2022-03-21 12:47:39 +00:00
Spencer McIntyre da1e4853b8 Land #16317, Free UDP ports after use 2022-03-17 16:39:09 -04:00
Grant Willcox ce062973cb Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations. 2022-03-17 11:29:05 -05:00
Grant Willcox c1d6dced8d Update library code to read exchange versions from exchange_versions.json and populate exchange_versions.json with initial info 2022-03-17 11:29:01 -05:00
Grant Willcox 419c9ea554 Fix review comments to simplify regex, and also add in new is_exchange? function to check if a target is running Exchange Server or not. 2022-03-17 11:29:00 -05:00
Grant Willcox 1f53e9d1c4 Rubocop and fix a mistake on commenting too much of the code out from testing 2022-03-17 11:29:00 -05:00
Grant Willcox 269cd5cfed Add in Exchange Version mixin and module example 2022-03-17 11:28:53 -05:00
Ashley Donaldson 7fe9d0b2b6 Don't start the DNS server twice 2022-03-17 08:02:31 +11:00
adfoster-r7 a62ca2259e Land #16316, deref services correctly 2022-03-11 12:08:42 +00:00
Ashley Donaldson d5373a7278 Removed redundant cleanup calls which exploit_driver will call anyway 2022-03-11 12:08:51 +11:00
Ashley Donaldson 6f159fa54e Consistent handling of DNS and LDAP servers wrt ServiceManager 2022-03-10 11:01:37 +11:00
Ashley Donaldson 9761d68c19 Rename stop_service to cleanup_service for services that use reference counting 2022-03-10 10:28:25 +11:00
Ashley Donaldson c9d43aafe6 Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity 2022-03-10 09:06:25 +11:00
adfoster-r7 3b524360ed Explicitly specify server/client versions, fix logger crash, and specify jtr format 2022-03-09 01:37:22 +00:00
adfoster-r7 22f88f9ab7 Add docs 2022-03-08 23:52:24 +00:00
adfoster-r7 6f2a7d6167 Add note that SMB v1 is not supported 2022-03-08 23:52:24 +00:00
adfoster-r7 53772fa366 Gracefully handle relay host timeout, fix typos, and move SMBHashCapture location 2022-03-08 23:52:24 +00:00
adfoster-r7 bcb0850e07 Rename SMBHOST 2022-03-08 23:52:23 +00:00
adfoster-r7 144fc5eddf Add smarter targetlist support 2022-03-08 23:52:23 +00:00
adfoster-r7 25265c7a7b Linting 2022-03-08 23:52:23 +00:00
adfoster-r7 3e68e298a1 Add targets 2022-03-08 23:52:23 +00:00
adfoster-r7 e02021ee91 Fix database cred reporting and error handling 2022-03-08 23:52:23 +00:00
adfoster-r7 507b1dab2b Apply PR feedback 2022-03-08 23:52:22 +00:00
adfoster-r7 b4fe2502aa Update smb_relay to support smb 2 and smb3 2022-03-08 23:52:22 +00:00
adfoster-r7 ad2fab6fee Land #16153, read full response on smtp send/recv 2022-03-04 01:24:46 +00:00
Spencer McIntyre 6be3443680 Land #16103, LPE in polkit's pkexec (CVE-2021-4034) 2022-03-03 09:24:11 -05:00
bwatters 06e897436c Add Fedora results to docs and some minor final cleanup 2022-03-02 09:12:01 -06:00
bwatters 0081811c52 Land #16185, Firefox CVE-2020-26950 use after free browser exploit 
Merge branch 'land-16185' into upstream-master
 2022-02-28 14:38:23 -06:00
Jeffrey Martin abe55c8f91 raise RuntimeError on incomplete or extra data 2022-02-24 14:02:44 -06:00
Tim W 480c44e9cb refactor DEBUG_EXPLOIT code into mixin 2022-02-16 11:38:04 +00:00
bwatters 0239ef1cc6 Land #16117, Updates for Log4Shell 2022-02-15 16:39:00 -06:00
adfoster-r7 18b4ce8a13 Update replicant pattern to increment refs 2022-02-15 16:08:35 +00:00
Jeffrey Martin af3fa09896 refactor smtp delivery to support continuation 
When dealing with SMTP servers the communication needs to flow
a known protocol. To ensure the socket is in the correct state
after a send and receive it needs to be read until a line return
a response code followed by a `space` and additional data and `\r\n`
or the response code immediately followed by `\r\n` is returned.
 2022-02-14 16:55:49 -06:00
Tim W a13ae3882b Land #16174, fix specifying the mode on File.read for ruby 3 on multiple modules 2022-02-13 12:08:13 +00:00
alanfoster 395ab1d77e Specify mode rb on file reads 2022-02-12 21:39:12 +00:00
Jeffrey Martin 5bc60f5bf7 clear any additional response on smtp connect 
When connecting to an SMTP server after `HELO` and auth
complete there can be additional data sent from the client
that sits in the socket queue. Adding a `get_once` after connection
has settled ensure any pending for extension responses are cleared.
 2022-02-10 14:25:05 -06:00
bwatters 9635fde12d Add support and templates for aarch64 targets 2022-02-10 10:49:02 -06:00
Jake Baines 9758251278 Initial commit of CVE-2021-37343 2022-02-05 18:21:18 -08:00
Spencer McIntyre 965493191f Add and use a Log4Shell mixin 2022-02-03 16:09:49 -05:00
Redouane NIBOUCHA 51814a4a8b Refactor the code, using if(CONDITION,sleep(...),0) only 2022-01-30 23:49:07 +00:00
Redouane NIBOUCHA e329d78a46 Use = instead of <> for blind queries (fixes some wordpress plugin SQLis) 2022-01-30 23:01:08 +00:00
Spencer McIntyre d46822184f Updates for Log4Shell 2022-01-28 14:56:44 -05:00
Spencer McIntyre dd2d512851 Support session -1 for ListenerComm options 2022-01-24 11:42:39 -05:00
bwatters 4cf3ae352c Land #16050, Log4Shell: vCenter RCE 
Merge branch 'land-16050' into upstream-master
 2022-01-19 16:30:33 -06:00