adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,569 Commits 27 Branches 1,043 Tags
ffc49ccf83ae06ce8a720cb8a3e4fa62ebfc3a6b
Commit Graph

16823 Commits

Author SHA1 Message Date
William Vu 382168550e Land #13522, OptAddressRange CIDR completion fix 2020-05-28 13:36:09 -05:00
Metasploit 24af5cddca Bump version of framework to 5.0.92 2020-05-28 12:07:01 -05:00
Alan Foster f1c492fa2d Land #13470, Pi-Hole < 4.3.3 dhcp static address RCE 2020-05-28 16:57:22 +01:00
Spencer McIntyre 129c45e666 Fix Msf::OptAddressRange (RHOSTS) tab completion 2020-05-26 20:07:26 -04:00
William Vu 0a5fb8fc44 Land #13500, unloadable modules fix for search-use 2020-05-26 12:12:53 -05:00
William Vu 16886fa41e Move generate_viewstate_payload to mixin 2020-05-21 18:37:13 -05:00
William Vu c50e242151 Add ViewState mixin 2020-05-21 18:37:11 -05:00
Metasploit 3b2290e497 Bump version of framework to 5.0.91 2020-05-21 12:03:52 -05:00
Adam Cammack 4c47ea5510 Ignore unloadable modules in search-after-use 
The new `use` option is not listed in the help output for now, since I
do not think that it provides much end-user value.
 2020-05-21 09:47:57 -05:00
bwatters-r7 e6e47ed890 Land #13262, Add Python stager 
Merge branch 'land-13262' into upstream-master
 2020-05-20 16:22:48 -05:00
Spencer McIntyre 3b30b53772 Land #13465, Prioritise incomplete packets in the dispatch loop 
Fixes #7403, a race condition where requeued packets are processed out
of order leading to corrupt protocol negotiations.
 2020-05-19 10:37:48 -04:00
Spencer McIntyre 5bb109c41a Add a dlog line when an incomplete packet is requeued 2020-05-19 10:37:26 -04:00
OJ aac9173497 Update the changes with some commentary 
I renamed the queues as well.
 2020-05-19 08:07:48 +10:00
h00die a8673e0efc pihole dhcp exec 2020-05-16 01:30:58 -04:00
William Vu b8ca608800 Land #13415, badchar-free encoded payload fix 2020-05-15 17:50:59 -05:00
OJ ea552c414f Remove from iqueue instead of pqueue 2020-05-16 02:22:53 +10:00
OJ ef172086e5 Prioritise incomplete packets in the dispatch loop 
In certain cases, packets would arrive before their handlers were ready
to handle them. This resulted in packets going into the incomplete list
and being re-queued into the packet input queue. This is a problem when
MORE packets arrive while processing because the older packets end up at
the end of the queue instead of the start of the queue. This means newer
packets are processed FIRST, and hence we have an out-of-order
sequencing problem.

This commit adds an "incomplete queue" which gets prioritised over new
packets. If packets are incomplete at any point, they are added to this
queue, and are dequeued prior to the new packet queue. This results in
packet sequences being maintained.

This was causing issues with things like port forwards. BUT NOT ANY
MORE!
 2020-05-16 01:58:53 +10:00
William Vu aa6624e7f8 Land #13436, service encoder fix for psexec 2020-05-14 16:43:07 -05:00
Metasploit c47de9705d Bump version of framework to 5.0.90 2020-05-14 12:03:15 -05:00
William Vu 6034f48e8f Land #13405, once more with feeling 2020-05-13 11:54:41 -05:00
Clément Notin 91ea692cbe socket_server.rb: better describe "0.0.0.0" 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:30:00 +02:00
William Vu 44b0ddf2ed Land #13405, OptAddressLocal for SRVHOST 2020-05-13 09:15:42 -05:00
Clément Notin ec33651243 socket_server.rb: SRVHOST can be an interface 
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-05-13 16:14:20 +02:00
Shelby Pace fc762f8a82 Land #13402, add service_exists? method 2020-05-12 13:37:54 -05:00
Clément Notin 258895f534 Use print_error for error messages 2020-05-12 00:02:52 +02:00
Clément Notin b7d16b1e72 Fix regression in psexec mixing filename and encoder 
Closes #13407
 2020-05-12 00:02:52 +02:00
William Vu 646c10ff02 Disable RuboCop Security/Eval the non-hacky way 
Hat tip @adfoster-r7!
 2020-05-11 12:05:38 -05:00
William Vu f346b1b001 Add SaltStack Salt root key disclosure module 
Also adds a new ZeroMQ mixin, mainly for use with Salt modules.
 2020-05-11 12:05:38 -05:00
William Vu 1214ac17a7 Refactor Msf::Exploit::CmdStager::HTTP 
Minor updates to align with current style.
 2020-05-10 04:12:45 -05:00
Spencer McIntyre 8ccb93ef8c Land #12234, Add a module to identify web servers behind cloud based protections 2020-05-08 16:34:51 -04:00
bwatters-r7 6fae8f0ad4 Land #13358, Fix packet ordering check 
Merge branch 'land-13358' into upstream-master
 2020-05-08 13:23:27 -05:00
Spencer McIntyre 683ecb7b8d Tweak handling of the DnsNote option 2020-05-08 12:21:52 -04:00
Spencer McIntyre 6be4b5431c Remove the TLD wordlist option for now 2020-05-08 12:21:52 -04:00
Spencer McIntyre 0a8cb83e7f Fix TXT records, the DNS port, and messages for cloud_lookup 2020-05-08 12:21:52 -04:00
Spencer McIntyre 715dfc13f8 Refactor the auxiliary mixin to an enumeration exploit mixin 2020-05-08 12:21:52 -04:00
RAMELLA Sébastien 09ded72247 migrate enum_dns to mixin (add. TLDs wordlist) and update cloud_lookup 2020-05-08 12:21:52 -04:00
RAMELLA Sébastien 578a13732d add. move DNS functions into a mixin 2020-05-08 12:21:52 -04:00
Adam Cammack f118589bba Use squiggly heredoc 2020-05-08 02:55:26 -05:00
Metasploit 0f67e25bc6 Bump version of framework to 5.0.89 2020-05-07 12:03:49 -05:00
Adam Cammack 5f8181efa7 Avoid auto-encoding payloads free of badchars 
Payloads without any of the specified badchars will no longer be encoded
by default. This should hopefully lead to less surprising results when
using simple payloads (especially commands. Things that had incomplete
badchar analysis may break as a result, since not everything will be
encoded by default anymore. Sorry in advance if they do.
 2020-05-07 10:58:03 -05:00
Spencer McIntyre 9769e04b6e Land #13322, CVE-2020-0668 Service tracing file junction overwrite 2020-05-07 09:47:20 -04:00
Alan Foster 61e17d3a2c Land #13406, Fix multiple DNS enumeration related bugs 2020-05-07 10:38:07 +01:00
Tim W f897806589 use python squiggly heredoc 2020-05-07 14:21:36 +08:00
bwatters-r7 a5fe498610 Update ARCH handling, suggested changes, and last-minute fixes 2020-05-06 15:36:53 -05:00
Clément Notin c42db7959b Use OptAddressLocal for SRVHOST to specify by interface name instead of IP 2020-05-06 19:51:13 +02:00
Spencer McIntyre f8fe5974be Properly skip over unsupported RRs when doing DNS zone transfers 2020-05-06 13:15:33 -04:00
Brendan Coles d313f196d9 Add Post::Windows::Services.service_exists? method 2020-05-06 15:26:52 +00:00
dwelch-r7 48f9d1a223 Land #13386, Raise exception for stageless android payload -x option 2020-05-06 14:58:23 +01:00
dwelch-r7 8ac04d5312 Land #13367, Surface helpful error messages to users 2020-05-06 14:40:21 +01:00
Spencer McIntyre 73994ece12 Fix send_(tc|ud)p method signatures to match parent class 
Rex::Proto::DNS::Resolver inherits from Net::DNS::Resolver however it
changes the signature of the send_tcp and send_udp methods, making it
break when a method from the parent class (such as #axfr) is called.
 2020-05-05 16:54:32 -04:00