adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

1897 Commits

Author SHA1 Message Date
Brent Cook 2ec87d1f67 check if constant aliases are already set before setting 
(I'm presuming that was what removing was intended to help with)
 2016-09-22 07:12:42 -05:00
Brent Cook 4acb29a129 restore NTLM constant class shortcuts 2016-09-22 07:01:38 -05:00
Brent Cook e09fe08983 Land #7278, fix FTP path traversal scanners 2016-09-12 10:47:36 -05:00
Brendan a30711ddcd Land #7279, Use the rubyntlm gem (again) 2016-09-07 16:33:35 -05:00
William Vu b701048ce2 Fix data_disconnect to shutdown only if datasocket 
Seeing people use this with ensure when their data channel was never set
up. This breaks things. :)
 2016-09-05 15:54:26 -05:00
Pearce Barry 226ded8d7e Land #6921, Support basic and form auth at the same time 2016-08-25 16:31:26 -05:00
William Vu 61f1e7e9c2 Add server_port to HTTP fingerprint 
MS-1982
 2016-08-24 13:24:24 -05:00
Pearce Barry 03e14ec86f Land #7232, Net::SSH Regression Fixes 
Fixes #7160
Fixes #7175
Fixes #7229
 2016-08-23 14:53:42 -05:00
David Maloney b6dff719f3 add a hard require to the ssh mixin 
added hard require for SSHFactory into the ssh exploit mixin
this should prevent any laod-order bugs from cropping up again
 2016-08-22 09:56:07 -05:00
James Lee 91417e62a8 Cleanup docs 2016-08-18 10:40:32 -05:00
wchen-r7 498657ab35 Fix #3860, tearing down TCP connection for send_request_cgi 
Fix #3860
 2016-08-15 15:45:52 -05:00
David Maloney eb73a6914d replace old rex::ui::text::table refs 
everywhere we called the class we have now rewritten it
to use the new namespace

MS-1875
 2016-08-10 13:30:09 -05:00
dmohanty-r7 b027176799 Land #7156, use windows_error gem for constants 2016-08-10 11:47:37 -05:00
wchen-r7 4055fd1930 Do e.message instead of e.to_s 2016-08-05 14:12:50 -05:00
wchen-r7 d59b6d99ee Make the debug output more readable 2016-08-05 13:20:53 -05:00
wchen-r7 a8d9a5c02c Print exceptions if needed 2016-08-04 18:14:22 -05:00
wchen-r7 7538b3dcf8 Fix #7170, Add HttpTrace option for HttpClient 
Fix #7170
 2016-08-04 16:09:17 -05:00
Brendan ee40c9d809 Land #6625, Send base64ed shellcode and decode with certutil (Actually MSXML) 2016-07-28 13:01:05 -07:00
Brendan 2525eab996 persistance -> persistence 2016-07-28 12:56:04 -07:00
Pearce Barry 1f5fbd4a67 Put remaining consts in exploit mixin... 2016-07-27 17:43:29 -05:00
Pearce Barry bdf073516b Switch errors over to windows_error gem... 2016-07-27 17:43:00 -05:00
William Vu a0c42f5dd2 Add wordpress_url_uploads 2016-07-26 19:10:19 -05:00
wchen-r7 390f69313a Fix grammar in browser_exploit_server 2016-07-21 11:51:10 -05:00
James Lee a54945c82c whitespace 2016-07-19 17:07:17 -05:00
David Maloney 01d0d1702b Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-14 09:48:28 -05:00
William Vu 277950cc79 Land #6733, psexec StackAdjustment fix 2016-07-12 11:14:16 -05:00
William Vu 108c3961e2 Make sure GATEWAY_PROBE_PORT is 0 
This ensures that dst_port is set for UDPSocket#send.
 2016-07-11 12:10:46 -05:00
James Lee cfb56211e7 Revert "Revert "Land #7009, egypt's rubyntlm cleanup"" 
This reverts commit 1164c025a2.
 2016-07-07 15:00:41 -05:00
James Lee 1164c025a2 Revert "Land #7009, egypt's rubyntlm cleanup" 
This reverts commit d90f0779f8, reversing
changes made to e3e360cc83.
 2016-07-05 15:22:44 -05:00
David Maloney 5f9f3259f8 Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-05 10:48:38 -05:00
wchen-r7 118caa13bf Fix #7021, Pass exploit SRVPORT in BrowserAutopwn2 
In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.

Fix #7021
 2016-06-30 14:20:53 -05:00
David Maloney a796a1bc63 wierd namespace issues? 2016-06-28 16:13:49 -05:00
David Maloney 39fa8bf2d4 missing require 2016-06-28 15:40:56 -05:00
David Maloney 3d93c55174 move sshfactory into a mixin method 
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention

MS-1688
 2016-06-28 15:23:12 -05:00
David Maloney 97f9ca4028 Merge branch 'master' into egypt/ruby-ntlm 2016-06-28 14:14:56 -05:00
Louis Sato d5d0b9e9b8 Revert "Land #6729, Speed up the datastore" 
This reverts commit c6b1955a5a, reversing
changes made to 4fb7472391.
 2016-06-28 13:39:52 -05:00
James Lee 0126ec61d8 Style 2016-06-22 10:15:23 -05:00
James Lee b3f59ebd19 Whitespace 2016-06-22 10:15:23 -05:00
James Lee 07f7e5e148 Convert non-loginscanner MSSQL to rubyntlm 2016-06-22 10:15:22 -05:00
James Lee 4b3f6c5d29 Use rubyntlm for mssql login scanner 2016-06-22 10:15:22 -05:00
wchen-r7 c6b1955a5a Land #6729, Speed up the datastore 2016-06-15 17:55:42 -05:00
William Webb 563b8206c5 Land #6962, Apache Continuum Exploit 2016-06-13 16:41:53 -05:00
William Vu b7139da624 Clean up whitespace 2016-06-13 10:51:38 -05:00
Trenton Ivey 776dd57803 get_uri missing port fix 2016-06-12 19:27:34 -05:00
William Vu 5adc360b2a Make opts truly optional 2016-06-10 20:35:40 -05:00
wchen-r7 61f9cc360b Correct casing - should be HttpUsername and HttpPassword 2016-05-27 18:31:54 -05:00
wchen-r7 4dcddb2399 Fix #4885, Support basic and form auth at the same time 
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.

Fix #4885
 2016-05-27 16:25:42 -05:00
wchen-r7 05680ab6f3 Land #6887, add a missing postgresql 9.4.1-5 matching case 2016-05-24 22:19:03 -05:00
wchen-r7 ff4d150449 Show IP for print_* 2016-05-24 14:12:54 -05:00
Brent Cook 3bc020178f use the correct variable for cookie expiration 2016-05-24 07:16:55 -05:00