e60aeca2db
Pass in session to CWD check
...
Oops, used to this being accessible universally. Not the case here.
2018-01-31 16:19:43 -06:00
199a7cc134
Check for subdirectories and relative paths
2018-01-31 16:19:43 -06:00
09d931e392
Split assignment across two lines for clarity
...
https://github.com/bbatsov/ruby-style-guide#use-if-case-returns
2018-01-31 16:19:43 -06:00
15ff70fbda
Add warning to FileDropper for deleting CWD
2018-01-31 16:19:43 -06:00
309deb9ee7
Land #9446 , Post API fix for setuid_nmap
2018-01-25 16:00:40 -06:00
fd4d5756bf
Land #9335 , Added socket bind port option for reverse tcp payload.
...
Merge branch 'land-9335' into upstream-master
2018-01-24 11:50:10 -06:00
6caba521d3
Land #9424 , Add SharknAT&To external scanner
2018-01-24 12:40:29 -05:00
d08510596f
Keep reading external messages on stderr eof
2018-01-23 10:46:06 -06:00
df633247bb
expose linux/osx process rename functionality
2018-01-23 09:56:12 -06:00
18b8fc2e0e
Add Msf::Post::File#setuid?
2018-01-23 02:05:26 -06:00
03d1523d43
Land #6611 , add native DNS to Rex, MSF mixin, sample modules
2018-01-22 23:54:32 -06:00
afaf832034
remove verbose error from library, bubble consistent exceptions to the module instead
2018-01-22 23:52:20 -06:00
aae77fc1a4
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-22 23:10:36 -06:00
670055da4b
Prevent leaked sockets in edge cases
2018-01-22 22:14:16 -06:00
c76fa2c58f
Vendor async_timeout
2018-01-22 22:12:28 -06:00
964810146a
Python library style fixes
2018-01-22 22:10:32 -06:00
9a35c324c0
Land #9352 , Pull out HTTP-specific code from PacketDispatcher
2018-01-22 16:52:24 -06:00
10fde42adc
Land #9431 , Fix owa_login to handle inserting credentials for a hostname
2018-01-22 16:46:39 -06:00
27a007fb57
Land #9432 , cmd_edit improvements (again!)
...
We seem to enjoy refactoring this method.
2018-01-22 12:38:08 -06:00
a255586750
Refactor to use guard clauses
2018-01-22 12:38:02 -06:00
e927c97652
Land #9434 , Fix timing issue with rspec
2018-01-22 09:42:07 -06:00
7ad296d511
bump payloads, fix cmd_exec meterpreter logic
2018-01-21 07:56:24 -06:00
ba75d19d34
Fix failing spec.
2018-01-19 15:52:25 -06:00
2a6b3671bf
Add connection addr+port info to http response object.
...
Update owa_login to use this instead of doing lookups on its own.
2018-01-19 13:37:33 -06:00
87f8b68099
Ensure config directory always exist, seems to be timing issue in rspec
2018-01-18 14:56:07 -06:00
df71defdea
fix library-specific error messages to not appear with modules
2018-01-18 05:55:51 -06:00
b4bb1b5ed1
fix whitespace patchups for current python meterpreter
2018-01-18 00:28:04 -06:00
86c927edb7
fix msfvenom referencing a nil typed_module_set
2018-01-18 00:16:42 -06:00
7fe237abe1
Land #9220 , Module cache improvements
2018-01-17 22:34:51 -06:00
06459e2dee
cowardly continue using ~/.msf4 until we have an actual reason to switch
2018-01-17 22:01:56 -06:00
facecb40d7
change default prompt for users who use '-q'
2018-01-17 22:01:34 -06:00
cbd1a2a505
update default startup with version info
2018-01-17 21:59:53 -06:00
08f622b0ce
update version
2018-01-17 17:24:15 -06:00
0f0b116751
Rename scanner bits to avoid confusion
2018-01-17 14:46:31 -06:00
37bf68869f
Add scanner for the open proxy from 'SharknAT&To'
2018-01-16 21:05:19 -06:00
a5be16f74e
Add batch scanner external module type
2018-01-16 21:05:19 -06:00
fb41eea8cc
Add vuln reporting to external module API
2018-01-16 21:05:19 -06:00
9527c6ffcf
Ensure all messages are read from external modules
2018-01-16 21:05:19 -06:00
3363bcf629
Add DataStore serialization that preserves Arrays
2018-01-16 21:05:19 -06:00
de411e764a
Msf DNS server - add :use_resolver? method
2018-01-13 02:40:53 -05:00
ee218658b6
Cleanup Msf server and add dnsruby to gemspec
2018-01-13 02:30:08 -05:00
2916c5ae45
Rescue Rex::Proto::SunRPC::RPCTimeout
...
Coincidentally, this also fixes the rescue in the library, since
rescuing Timeout instead of Timeout::Error does nothing.
2018-01-12 19:34:59 -06:00
c65c03722c
Migrate native DNS services to Dnsruby data format
...
Dnsruby provides advanced options like DNSSEC in its data format
and is a current and well supported library.
The infrastructure services - resolver, server, etc, were designed
for a standalone configuration, and carry entirely too much weight
and redundancy to implement for this context. Instead of porting
over their native resolver, update the Net::DNS subclassed Rex
Resolver to use Dnsruby data formats and method calls.
Update the Msf namespace infrastructure mixins and native server
module with new method calls and workarounds for some instance
variables having only readers without writers. Implement the Rex
ServerManager to start and stop the DNS service adding relevant
alias methods to the Rex::Proto::DNS::Server class.
Rex services are designed to be modular and lightweight, as well
as implement the sockets, threads, and other low-level interfaces.
Dnsruby's operations classes implement their own threading and
socket semantics, and do not fit with the modular mixin workflow
used throughout Framework. So while the updated resolver can be
seen as adding rubber to the tire fire, converting to dnsruby's
native classes for resolvers, servers, and caches, would be more
like adding oxy acetylene and heavy metals.
Testing:
Internal tests for resolution of different record types locally
and over pivot sessions.
2018-01-12 05:00:00 -05:00
18f16e7c66
Bump version of framework to 4.16.32
2018-01-11 10:03:16 -08:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
1a8ffed5e3
Land #9369 , register_dir{,s}_for_cleanup
2018-01-10 22:02:15 -06:00
b1cecd4193
Bump TIMEOUT in Msf::Exploit::Remote::SunRPC
2018-01-10 20:36:35 -06:00
1c1f3b161e
Rescue XDR errors in Msf::Exploit::Remote::SunRPC
2018-01-10 20:11:30 -06:00
cb82015c87
Land #9387 , Check exploit stance for array as well as string
2018-01-09 03:52:59 -05:00
333d57461a
Check exploit stance for array as well as string
...
An exploit can be both aggressive and passive.
2018-01-08 13:52:04 -06:00
William Vu