c675c104d3
LAnd #16771 , Fix msfconsole crashing with openssl3
2022-07-14 11:06:48 -05:00
1103f525a6
Stop msfconsole crashing with openssl3
2022-07-14 12:05:01 +01:00
44e4714b9b
Land #16764 , Rex::Proto::Http: Add evasion options to shuffle GET / POST parameters
2022-07-11 14:17:07 +01:00
39f288bfe3
Rex::Proto::Http: Add evasion options to shuffle GET / POST parameters
2022-07-11 01:37:41 +10:00
728cf97f6e
Land #16718 , Fix run_as module on x64 systems
2022-07-08 09:22:22 -04:00
5b8680ee91
Land #16567 from h00die/juniper_enhancements
...
Juniper config processor enhancements
2022-07-05 12:06:34 +01:00
0e3fdd0799
Fix from code review
2022-06-29 19:18:47 +02:00
66009ca5e5
Exploit::CmdStager: Expose CMDSTAGER::URIPATH option for HTTP stagers
2022-06-25 23:49:47 +10:00
7983f878a8
Land #16597 , psh cmd adapter fix for encrypt shell
2022-06-21 09:47:05 -05:00
b10386ba08
Land #16650 , Add #read_from_file for MSSQL and PostgreSQL, fix the MySQL implementation
2022-06-17 14:58:22 -05:00
d47d1bc259
Remove newlines from base64 output on MySQL also
2022-06-17 00:51:52 +02:00
be45688dbc
Land #16602 , Fix error when service is already running and update exception documentation in lib/msf/core/post/windows/services.rb
2022-06-16 10:59:35 -05:00
c94f22cebe
Add in fixes from discussion and also update documentation to correctly note what functions can raise
2022-06-15 19:28:31 -05:00
b292586fb3
Avoid exception 'TypeError exception class/object expected'
2022-06-09 11:58:01 +02:00
63822f6e37
Land #16651 , [SQLi library] Ensure the encoder is always used in the #test_vulnerable methods
2022-06-08 17:15:22 -05:00
88036a7f1f
Check for nil before using the decoder in test_vulnerable
2022-06-08 22:00:03 +02:00
67ea2bc23c
Land #16630 Fix duplicate ntlm hash storage
...
Net-NTLM (v1 and v2) hashes were being duplicated when
stored in the database due to the unique data in the challenge
dispite being the same. This fixes that issue
2022-06-08 14:07:34 -04:00
1a7cbe5b4f
Update lib/msf/core/exploit/remote/smb/server/hash_capture.rb
2022-06-08 13:45:57 -04:00
a983bbd8ba
Land #16615 , Solicited multicast-address creation bugfix
2022-06-07 14:41:52 -05:00
2b99967d0c
Merge branch 'master' into fix/duplicate-netntlm
2022-06-07 11:42:51 -04:00
5331c343a0
Use the encoder in all the #test_vulnerable methods from the common class
2022-06-06 23:13:26 +02:00
6d9c789f4d
Add method #read_from_file for MSSQL and PostgreSQL, and update the MySQL #read_from_file method
2022-06-06 23:07:25 +02:00
8ccc1ebf91
Land PR #16628 , Log ntlm_session hashes
...
This PR fixes the logging and storing of
NTLM session hashes
2022-06-02 11:20:37 -04:00
6d3ccab1be
Land #16435 , add Microsoft SQL Server sqli support
2022-06-01 10:27:48 -05:00
dac355d9cf
Land #16492 , nfs_mount more intelligent mountability
2022-05-31 11:56:19 +02:00
b8cebe0dbe
nfs mount more intelligent
2022-05-30 09:47:00 -04:00
264085b63c
juniper lib updates
2022-05-29 15:55:18 -04:00
adcf45b0ff
Fix the arch in #handle_connection too
...
This fixes an issue with the adated peinject stage which supported both
x86 and x64 via a library that checked its own #arch.
2022-05-27 16:42:14 -04:00
a47b3fe694
Don't report duplicate Net-NTLM hashes
2022-05-27 14:13:06 -04:00
1e5f86703f
Report the correct JtR type
2022-05-27 10:16:02 -04:00
862c6a94a2
Log ntlm_session hashes too
...
Despite being called ntlm_session, these hashes are capable of being
cracked as the John 'netntlm' format. Additionally the format is
reported as NTLMv1-SSP in similar tools.
2022-05-27 10:07:39 -04:00
5f5444936f
Land #16488 , Windows Task Scheduler Mixin
2022-05-25 12:37:03 -04:00
d225d4663c
Land #16413 , update local exploit suggester
2022-05-25 13:24:11 +01:00
2bf0107865
Update the cmd_exec_with_result documentation
2022-05-24 17:22:07 +02:00
c33f284786
change from lambda to line by line logic
2022-05-24 16:24:15 +03:00
7f9ead454e
bugfix of improper solicited address creation
2022-05-23 15:25:53 +03:00
e09169b281
Raise Error::SERVICE_ALREADY_RUNNING
2022-05-20 22:41:27 +02:00
677b16e09c
Fix error when service is already running
2022-05-20 22:13:17 +02:00
886f031daa
Set @staged for adapted payloads when necessary
2022-05-19 16:30:54 -04:00
a8a9b4bbe1
Update the #generate signature to take opts
2022-05-19 16:30:54 -04:00
08266beac3
Pass around the conf and opts to share the arch
2022-05-19 16:30:54 -04:00
9a345052b6
Set the arch while generating
2022-05-19 16:30:52 -04:00
7103a619c2
Add validation opts, tables, custom stylers to exploit suggester
2022-05-19 16:22:47 +01:00
5fd18ef864
Fixes from review
2022-05-19 14:54:07 +02:00
5d637b5292
Small fixes and improvements found while writing specs
2022-05-18 15:49:57 +02:00
dba4c25a18
Fix #check_compatibility
2022-05-17 17:04:47 +02:00
fb85d060ec
Update TaskScheduler after first review
...
- Now, it exposes 4 methods to manage scheduled tasks: `#task_create`,
`#task_start`, `#task_delete` and `#task_query`
- Adds `#check_compatibility` to check the OS version and make sure
`schtasks.exe` and `reg.exe` options are compatible
- Adds `#log_and_print`to print log messages on the console (using
`vprint_*` methods) and in the MSF logs at the same time
- `#get_system_privs` now takes care of checking if the session is a
Meterpreter session and if it has loaded the appropriate extension
- Adds `#run_one_off_task` to run a command on a remote host by using
another scheduled task
- Adds `#add_reg_key_value` to restores the Security Descriptor registry
key value to unhide the task
2022-05-17 14:52:47 +02:00
c37387de78
Add #cmd_exec_with_result in lib/msf/core/post/common.rb
2022-05-17 14:52:47 +02:00
14cd7bc335
Add task scheduler mixin and update persistence_exe and vss_persistence modules
2022-05-17 14:52:47 +02:00
19a9ff1198
Update a couple of modules for the new SMB server
2022-05-16 14:39:45 -04:00
Jeffrey Martin