adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,474 Commits 27 Branches 1,043 Tags
ffb681cb79b20d6eb44e2a8f4fcd9e8dd67b2b2f
Commit Graph

16814 Commits

Author SHA1 Message Date
Metasploit 3b2290e497 Bump version of framework to 5.0.91 2020-05-21 12:03:52 -05:00
bwatters-r7 e6e47ed890 Land #13262, Add Python stager 
Merge branch 'land-13262' into upstream-master
 2020-05-20 16:22:48 -05:00
Spencer McIntyre 3b30b53772 Land #13465, Prioritise incomplete packets in the dispatch loop 
Fixes #7403, a race condition where requeued packets are processed out
of order leading to corrupt protocol negotiations.
 2020-05-19 10:37:48 -04:00
Spencer McIntyre 5bb109c41a Add a dlog line when an incomplete packet is requeued 2020-05-19 10:37:26 -04:00
OJ aac9173497 Update the changes with some commentary 
I renamed the queues as well.
 2020-05-19 08:07:48 +10:00
William Vu b8ca608800 Land #13415, badchar-free encoded payload fix 2020-05-15 17:50:59 -05:00
OJ ea552c414f Remove from iqueue instead of pqueue 2020-05-16 02:22:53 +10:00
OJ ef172086e5 Prioritise incomplete packets in the dispatch loop 
In certain cases, packets would arrive before their handlers were ready
to handle them. This resulted in packets going into the incomplete list
and being re-queued into the packet input queue. This is a problem when
MORE packets arrive while processing because the older packets end up at
the end of the queue instead of the start of the queue. This means newer
packets are processed FIRST, and hence we have an out-of-order
sequencing problem.

This commit adds an "incomplete queue" which gets prioritised over new
packets. If packets are incomplete at any point, they are added to this
queue, and are dequeued prior to the new packet queue. This results in
packet sequences being maintained.

This was causing issues with things like port forwards. BUT NOT ANY
MORE!
 2020-05-16 01:58:53 +10:00
William Vu aa6624e7f8 Land #13436, service encoder fix for psexec 2020-05-14 16:43:07 -05:00
Metasploit c47de9705d Bump version of framework to 5.0.90 2020-05-14 12:03:15 -05:00
William Vu 6034f48e8f Land #13405, once more with feeling 2020-05-13 11:54:41 -05:00
Clément Notin 91ea692cbe socket_server.rb: better describe "0.0.0.0" 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:30:00 +02:00
William Vu 44b0ddf2ed Land #13405, OptAddressLocal for SRVHOST 2020-05-13 09:15:42 -05:00
Clément Notin ec33651243 socket_server.rb: SRVHOST can be an interface 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:14:20 +02:00
Shelby Pace fc762f8a82 Land #13402, add service_exists? method 2020-05-12 13:37:54 -05:00
Clément Notin 258895f534 Use print_error for error messages 2020-05-12 00:02:52 +02:00
Clément Notin b7d16b1e72 Fix regression in psexec mixing filename and encoder 
Closes #13407
 2020-05-12 00:02:52 +02:00
William Vu 646c10ff02 Disable RuboCop Security/Eval the non-hacky way 
Hat tip @adfoster-r7!
 2020-05-11 12:05:38 -05:00
William Vu f346b1b001 Add SaltStack Salt root key disclosure module 
Also adds a new ZeroMQ mixin, mainly for use with Salt modules.
 2020-05-11 12:05:38 -05:00
William Vu 1214ac17a7 Refactor Msf::Exploit::CmdStager::HTTP 
Minor updates to align with current style.
 2020-05-10 04:12:45 -05:00
Spencer McIntyre 8ccb93ef8c Land #12234, Add a module to identify web servers behind cloud based protections 2020-05-08 16:34:51 -04:00
bwatters-r7 6fae8f0ad4 Land #13358, Fix packet ordering check 
Merge branch 'land-13358' into upstream-master
 2020-05-08 13:23:27 -05:00
Spencer McIntyre 683ecb7b8d Tweak handling of the DnsNote option 2020-05-08 12:21:52 -04:00
Spencer McIntyre 6be4b5431c Remove the TLD wordlist option for now 2020-05-08 12:21:52 -04:00
Spencer McIntyre 0a8cb83e7f Fix TXT records, the DNS port, and messages for cloud_lookup 2020-05-08 12:21:52 -04:00
Spencer McIntyre 715dfc13f8 Refactor the auxiliary mixin to an enumeration exploit mixin 2020-05-08 12:21:52 -04:00
RAMELLA Sébastien 09ded72247 migrate enum_dns to mixin (add. TLDs wordlist) and update cloud_lookup 2020-05-08 12:21:52 -04:00
RAMELLA Sébastien 578a13732d add. move DNS functions into a mixin 2020-05-08 12:21:52 -04:00
Adam Cammack f118589bba Use squiggly heredoc 2020-05-08 02:55:26 -05:00
Metasploit 0f67e25bc6 Bump version of framework to 5.0.89 2020-05-07 12:03:49 -05:00
Adam Cammack 5f8181efa7 Avoid auto-encoding payloads free of badchars 
Payloads without any of the specified badchars will no longer be encoded
by default. This should hopefully lead to less surprising results when
using simple payloads (especially commands. Things that had incomplete
badchar analysis may break as a result, since not everything will be
encoded by default anymore. Sorry in advance if they do.
 2020-05-07 10:58:03 -05:00
Spencer McIntyre 9769e04b6e Land #13322, CVE-2020-0668 Service tracing file junction overwrite 2020-05-07 09:47:20 -04:00
Alan Foster 61e17d3a2c Land #13406, Fix multiple DNS enumeration related bugs 2020-05-07 10:38:07 +01:00
Tim W f897806589 use python squiggly heredoc 2020-05-07 14:21:36 +08:00
bwatters-r7 a5fe498610 Update ARCH handling, suggested changes, and last-minute fixes 2020-05-06 15:36:53 -05:00
Clément Notin c42db7959b Use OptAddressLocal for SRVHOST to specify by interface name instead of IP 2020-05-06 19:51:13 +02:00
Spencer McIntyre f8fe5974be Properly skip over unsupported RRs when doing DNS zone transfers 2020-05-06 13:15:33 -04:00
Brendan Coles d313f196d9 Add Post::Windows::Services.service_exists? method 2020-05-06 15:26:52 +00:00
dwelch-r7 48f9d1a223 Land #13386, Raise exception for stageless android payload -x option 2020-05-06 14:58:23 +01:00
dwelch-r7 8ac04d5312 Land #13367, Surface helpful error messages to users 2020-05-06 14:40:21 +01:00
Spencer McIntyre 73994ece12 Fix send_(tc|ud)p method signatures to match parent class 
Rex::Proto::DNS::Resolver inherits from Net::DNS::Resolver however it
changes the signature of the send_tcp and send_udp methods, making it
break when a method from the parent class (such as #axfr) is called.
 2020-05-05 16:54:32 -04:00
dwelch-r7 6ebcf950f6 Land #13392, Fix rex http client warnings 2020-05-05 20:35:45 +01:00
Alan Foster 2c8b5c2647 Fix edge cases in raising metasploit exceptions 2020-05-05 20:18:04 +01:00
William Vu 437a056f67 Land #13364, .NET deserialization tool 2020-05-05 11:02:31 -05:00
Alan Foster d5ca2e54bb Fix ruby 2.7 rex http client warnings 2020-05-04 19:32:16 +01:00
Adam Galway f5a432d328 Land #13313, warn users to change RPORT with SSL 2020-05-04 15:45:07 +01:00
Tim W b991042c4a add base64 encoding stub 2020-05-04 15:43:40 +08:00
Tim W 2b8568b487 fix #10181, add error when an android stageless payload is used with apk injection 2020-05-04 15:36:20 +08:00
gwillcox-r7 c367258826 Remove static off variable, inline its 0 declariation 2020-05-03 20:37:13 -05:00
gwillcox-r7 9501ec0b1b RuboCop alpanum.rb code 2020-05-02 21:48:31 -05:00