adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

12939 Commits

Author SHA1 Message Date
Brendan 7e4645afb3 Land #7527, Add LURI support to the reverse_http/s stagers 2016-11-15 16:31:20 -06:00
Brent Cook 5490fda0ae Merge remote-tracking branch 'upstream/master' into land-7261 2016-11-14 16:49:28 -06:00
Brent Cook 98a54cd458 Merge branch 'upstream-master' into land-7456-android-hide-app 2016-11-14 02:43:04 -06:00
David Maloney fbcc4baf58 Land #7553, apk inject cert fix 
Lands dana-at-cp's fix for the certtool localization
issues for the APK injection routine.

Fixes #7524
 2016-11-11 12:54:41 -06:00
Metasploit f116ad2c59 Bump version of framework to 4.12.42 2016-11-11 10:02:14 -08:00
dana-at-cp c0e839dfd9 Fixes keytool bug in APK inject code 2016-11-11 06:12:47 -08:00
Metasploit 2c39a14ada Bump version of framework to 4.12.41 2016-11-04 10:02:13 -07:00
OJ 50c2ed8509 Fix post mixin platform/session check 2016-11-05 02:41:52 +10:00
OJ b0970783ff Another interim commit moving towards universal handlers 2016-11-04 13:25:02 +10:00
Brendan dae1f26313 Land #7521, Modernize TLS protocol configuration for SMTP / SQL Server 2016-11-03 12:56:50 -05:00
OJ 47ac122c15 Add LURI support to the reverse_http/s stagers 2016-11-03 14:51:07 +10:00
OJ 09d9733a75 Interim commit while working on multi payloads 2016-11-03 06:44:39 +10:00
Brendan a7c8060af5 Land #7523, Fix template location for psh payload creation 2016-11-02 12:09:20 -05:00
OJ cc8c1adc00 Add first pass of multi x86 http/s payload (not working yet) 2016-11-03 02:44:53 +10:00
OJ 494b4e67bd Refactor http/s handler & payloads 
This commit moves much of the platform-specific logic from the
reverse_http handler down into the payloads. This makes the handler
a bit more agnostic of what the payload is (which is a good thing).
There is more to do here though, and things can be improved.

Handling of datastore settings has been changed to make room for the
ability to override the datastore completely when generating the
payloads. If a datastore is given via the `opts` then this is used
instead otherwise it falls back to the settings specified in the usual
datatstore location.

Down the track, we'll have a payload that supports multiple stages, and
the datastore will be generated on the fly, along with the stage itself.
Without this work, there's no other nice way of getting datastore
settings to be contained per-stager.
 2016-11-02 11:33:59 +10:00
David Maloney 451686309b fixes #7519 psh payload generation 
a few files references to the templates for pwoershell were
missed when transfering the templates over to the rex-powershell gem
 2016-11-01 14:32:40 -05:00
Brian Patterson 51ad285521 Landing #7517 Nexpose API error fix 2016-11-01 12:02:35 -05:00
OJ 0fca4483c0 Correctly call generate_stage on native init 2016-11-02 00:52:25 +10:00
OJ 6ec76611c3 Fix arch typo in meterpreter_options for x64 2016-11-02 00:38:34 +10:00
Brent Cook 6577728fa9 enable auto-negotiation for TLS version with SQL Server 2016-11-01 05:45:27 -05:00
Brent Cook f08a7ac10b modernize default smtp_deliver TLS options 2016-11-01 05:42:05 -05:00
David Maloney ac0984e8dd this fixes an issue with nexposeapi errors 
on newer versions of the nexpose api the error
XML schema has been changed, this prevents the
exception from being generated correctly

MS-289
 2016-10-31 13:42:15 -05:00
OJ 294b1e5ed7 Move session_type to base, and map shell arch to string 2016-11-01 03:02:23 +10:00
OJ 44ac3f8781 Use ARCH constant in mainframe_shell 2016-11-01 02:24:44 +10:00
OJ ddd2d5e43f Remove junk spaces from EXE exploit module 2016-11-01 01:28:21 +10:00
OJ eeff24d2ef Change BSD regex as per Brent's suggestion 2016-11-01 01:26:45 +10:00
OJ 0730613c67 Add comment to hilight need to support ARCH_CMD in sess check 2016-10-29 14:29:05 +10:00
OJ 7773d90da4 Update railgun to use arch to check for 64 bit 2016-10-29 14:26:06 +10:00
OJ 8605992cdf Remove superfluous session check in the post mixin 2016-10-29 14:19:27 +10:00
OJ e5d3feebea Final regex fix for jobs arch check 2016-10-29 14:10:01 +10:00
OJ 57eabda5dc Merge upstream/master 2016-10-29 13:54:31 +10:00
OJ 8b97183924 Update UUID to match detected platform, fail exploit on invalid session 2016-10-29 13:45:28 +10:00
OJ 0737d7ca12 Tidy code, remove regex and use comparison for platform checks 2016-10-29 13:41:20 +10:00
OJ 9e3960f334 Update session listing to show type or platform 2016-10-29 12:46:11 +10:00
OJ 6364e93ece Update session types to have base_platform and base_arch 2016-10-29 12:45:37 +10:00
OJ bf7e7ae4be Fix silly mistake with resetting arch in sysinfo 2016-10-29 08:32:32 +10:00
OJ a7485c4bba Use constants for base_arch 2016-10-29 08:10:44 +10:00
OJ d201c5bccc Force x86_64 to change over to x64 in sysinfo, tidy arch checks 2016-10-29 06:49:35 +10:00
Metasploit ffc62964d6 Bump version of framework to 4.12.40 2016-10-28 10:02:36 -07:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
William Webb 9672759be8 Land #7462, Add support for Unicode domains 2016-10-26 16:47:09 -05:00
OJ ca377cadd7 Move the binary suffix stuff to a better location 2016-10-27 07:43:27 +10:00
Metasploit 6a23168800 Bump version of framework to 4.12.39 2016-10-25 12:22:52 -07:00
Sonny Gonzalez 5ce886cf5c Land #7490, xml importer fingerprinting fixed 2016-10-25 14:13:15 -05:00
Brian Patterson c83474ea5c Land #7488 Allows DRDoS mixin to handle empty responses 2016-10-25 13:53:39 -05:00
Louis Sato 56d5c49d4d host was no associated with the workspace 
* searching mdm host by wspace id instead
 2016-10-25 12:05:06 -05:00
Louis Sato 1378e2e61a preserve hosts should still fingerprint new hosts 2016-10-25 09:58:30 -05:00
Louis Sato 744724c083 conditionalize fingerprinting 
* fix bug where host not preserved
 2016-10-24 18:45:48 -05:00
Metasploit e29567f390 Bump version of framework to 4.12.38 2016-10-24 14:25:47 -07:00
Jon Hart 12508f7140 Fix DRDoS mixin to handle empty responses 2016-10-24 14:21:28 -07:00