adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,635 Commits 27 Branches 1,043 Tags
f1663afd53bd0958908ea644e1fc3f6658c8a642
Commit Graph

472 Commits

Author SHA1 Message Date
zerosum0x0 4a64401a58 fix ms17-010 similar to 4a56ecf3ae 2018-05-14 15:45:20 -06:00
Jacob Robles 4a56ecf3ae psexec native upload argument 2018-05-01 09:33:17 -05:00
Jeffrey Martin 28173222a8 Land #9881, cleanup psexec code 2018-04-30 18:39:36 -05:00
Brent Cook 4cba6d1df4 suggest a reason if we get no server response 2018-04-25 03:57:12 -05:00
Auxilus cbfdaf23a0 updated for requested changes 2018-04-25 08:56:54 +05:30
Auxilus e7ac2cd155 move report_auth to psexec module 2018-04-24 23:00:55 +05:30
Auxilus 3353102dc1 fix opt dependencies 2018-04-24 21:55:09 +05:30
William Vu a0f16b4a66 Prefer print_warning for consistency 2018-04-24 11:17:19 -05:00
William Vu 7ef8b99480 Improve printing in ETERNALBLUE's verify_arch 
Now shows the invalid arch instead of showing nothing.
 2018-04-24 11:09:54 -05:00
Auxilus f0b9ea635a cleanup psexec code 2018-04-16 09:04:36 +05:30
Biswajit Roy 3925686173 Fixed error in my correction 
Changed from `an username` to `a username`
 2018-03-03 10:16:44 +05:30
Biswajit Roy 38c42f3b10 Fixed Typos 
Fixed minor typing errors.
 2018-03-02 17:38:19 +05:30
Aaron Soto af45c1764b Tweak exception handling and timing of ms17_010_eternalblue 2018-02-21 13:40:04 -06:00
zerosum0x0 ffc7e078e2 don't disconnect until cleanup 2018-02-01 21:46:56 -07:00
zerosum0x0 7cc00c0e10 fixed padding/offsets for win 10 2018-01-28 21:10:51 -07:00
zerosum0x0 2723b328aa misc tidying, added more randomness 2018-01-28 18:20:18 -07:00
zerosum0x0 6c2d5b1fc2 semi-completed exploit files 2018-01-28 18:13:25 -07:00
William Vu 8e4b007edc Move verify_arch to dcerpc_getarch 
We can use this code elsewhere, such as the MS17-010 scanner.
 2017-12-14 02:08:25 -06:00
h00die c90f885938 Finished spelling issues 2017-09-17 16:00:04 -04:00
TC Johnson 8989d6dff2 Modified Accuvant bog posts to the new Optive urls 2017-08-02 13:25:17 +10:00
multiplex3r b2ecaa489d Rescue only RubySMB::Error::CommunicationError 2017-07-27 19:19:45 +10:00
multiplex3r f2091928ec Adding no SMBv1 error handler for ms17-010 exploit 2017-07-27 16:21:09 +10:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Brent Cook 1d290d2491 resurrect one print_error/bad conversion for symmetry 2017-07-24 05:55:34 -07:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
g0tmi1k 424522147e OCD fixes - Start of *.rb files 2017-07-13 23:53:59 +01:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
Stephen Shkardoon (ss23) a968a74ae0 Update ms17_010_eternalblue description and ranking. 
The module has been noted to cause crashes, reboots, BSOD, etc, on
some systems.
 2017-06-09 11:01:48 +12:00
David Maloney d5e74ffdf3 Merge branch 'master' into feature/eternal_blue/rubysmb_refactor 2017-05-30 13:59:31 -05:00
David Maloney a5f910ea63 move trans2 conditional to case statement 
this is cleaner as a case statement
 2017-05-30 13:52:29 -05:00
David Maloney b65c959347 limited port of the trans2 exploit packets 
ported some of the Trans2 packets for EternalBlue
over to RubySMB, but there is so much jacked up about these
packets I'm not sure we can do much more here
 2017-05-30 13:49:27 -05:00
William Vu 72ff4fbf48 Reword warning message, since it didn't make sense 2017-05-30 13:13:08 -05:00
William Vu 890d35cc30 Fix warning placement to be more helpful 2017-05-30 13:06:23 -05:00
David Maloney e9ac3fce5a update credential mode for EB exploit 
ExternalBlue can now just flat out take
credentials to authenticate with. If credentials
are not supplied then it will still do the
anonymous login.
 2017-05-30 10:55:28 -05:00
Brent Cook beb1cef835 rescue connection failure for netbios, suggest how to fix it 2017-05-30 08:06:39 -05:00
William Vu a781480e89 Add error handling to get_once 
And check for specific ack result/reason for 32-bit.
 2017-05-29 22:28:50 -05:00
William Vu 6e253a5be7 Use Rex::Proto::DCERPC::Response 2017-05-29 21:58:03 -05:00
William Vu 42b14a93b8 Add comments 2017-05-28 23:45:09 -05:00
William Vu 7a2944d113 Implement VerifyArch for ETERNALBLUE 2017-05-28 23:26:59 -05:00
David Maloney ee5f37d2f7 remove nt trans raw sock op 
don't send the nt transact packet as raw
socket data, instead use the client send_recv
method
 2017-05-26 15:50:18 -05:00
David Maloney f0f99ad479 nttrans packet setup correctly,everything broken 
got the nttrans packet setup correctly but somewhere
along the line i broke the whole exploit wtf?
 2017-05-26 14:54:46 -05:00
David Maloney 0b0e2f64ca update SMB1 "Freehole" packet 
the 'Freehole' packet is now generated with
RubySMB and sent by the client, rather than raw bytes
sent over the bare socket
 2017-05-25 13:43:16 -05:00
David Maloney bc8ad811aa remove old anonymous login packet 
we are now using the anonymous login from the
RubySMB client we no longer need this method to
manually build the packet
 2017-05-25 10:49:42 -05:00
David Maloney 238052a18b use RubySMB client echo 
replaced the manually created echo packet
with the RubySMB client echo command
 2017-05-25 10:47:14 -05:00
David Maloney 4ffe666b52 improve the cred fallback 
we might get a successful sessionsetup
but a failure on IPC$ due to anonymous access
 2017-05-24 17:36:07 -05:00
David Maloney 4c02b7b13a added credentialed fallback 
if anonymous login is blocked, then the user can
supply credentials for the exploit to try as a fallback
 2017-05-24 16:09:51 -05:00