adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,164 Commits 27 Branches 1,043 Tags
edcc423eeacf5406dbee0ff592cdbe94780d0b2d
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
OJ edcc423eea Lots more RDP mixin changes, and first pass of ruby exploit 
This code is at the point where we SHOULD see a crash (given that the
payloads in use for kernel/user are both just As and Bs (deliberate at
this point).

Unforunately the exploit does not result in a crash. Things just keep
on going! I've looked at the difference in the traffic across the two
different exploits (py and rb) and what's clear is that the mixin is
doing a lot more work at the start.

Also, the mixin generates packets of smaller size in the way that it
encodes data (ie. it doesn't always use 2 bytes for a short value, it'll
use 1 instead if only 1 is required).

Pretty sure that the size issues aren't the problem, I think there's
something else in play. I'm at the point where diving into the RDP stuff
even more isn't inspiring so I'm hoping that opening this up to collab
will help us move forward.
2019-09-19 06:05:08 -05:00
.github
update PR template to ask for unique branch
2019-01-04 21:53:25 -05:00
app
Move shared example from pro into framework
2016-04-07 13:09:52 -05:00
config
move BigDecimal patch earlier in boot process
2019-05-31 12:31:35 -05:00
data
@LoadLow Marks the generated ODT file readonly
2019-08-18 18:36:31 +02:00
db
automatic module_metadata_base.json update
2019-09-08 00:09:39 -05:00
docker
remove debug output
2018-10-21 22:34:19 +02:00
documentation
Land #12189, Add module for LibreNMS CVE-2019-10669
2019-09-06 12:01:09 -05:00
external
Land #12011, Add module for cve-2018-8453
2019-07-15 11:31:07 -05:00
lib
Lots more RDP mixin changes, and first pass of ruby exploit
2019-09-19 06:05:08 -05:00
modules
Lots more RDP mixin changes, and first pass of ruby exploit
2019-09-19 06:05:08 -05:00
plugins
Land #11603, Fail nicely when load aggregator.
2019-03-25 23:20:49 -05:00
script
kill cucumber in framework
2017-07-12 08:00:29 -05:00
scripts
replace trivial usage of expand_path with getenv
2019-05-31 17:44:35 -05:00
spec
Unify spec and lib
2019-08-22 18:03:13 -05:00
test
add automation tests for bluekeep server targets
2019-06-19 13:54:14 -05:00
tools
Prefer Rex::Text.dehex over Rex::Text.hex_to_raw
2019-08-14 20:32:30 -05:00
.dockerignore
change docker root exec
2018-10-21 22:30:01 +02:00
.gitignore
Land #9220, Module cache improvements
2018-01-17 22:34:51 -06:00
.gitmodules
Add RDI submodule, port Kitrap0d
2013-11-27 16:04:41 +10:00
.mailmap
update current employees
2019-08-30 11:50:56 -05:00
.rspec
Add modern --require to .rspec
2014-10-08 10:55:40 -05:00
.rubocop.yml
remove Ruby 2.2 constraint
2019-03-11 15:32:25 -05:00
.ruby-gemset
Remove gitignore, change to metasploit-framework
2013-09-13 12:44:19 -05:00
.ruby-version
ruby 2.6.2
2019-03-16 21:31:19 +01:00
.simplecov
Remove fastlib
2014-09-18 15:24:21 -05:00
.travis.yml
also kill 2.4.x
2019-05-31 14:09:36 -05:00
.yardopts
remove HACKING from yardopts
2017-09-07 02:35:56 -05:00
CODE_OF_CONDUCT.md
Change individual contacts
2018-12-13 10:38:55 -06:00
CONTRIBUTING.md
Fix italics to bold
2019-04-30 17:13:38 -05:00
COPYING
Update COPYING
2018-01-09 00:01:35 -06:00
CURRENT.md
add CURRENT.md to track major changes and how to migrate with them
2018-01-18 06:35:53 -06:00
docker-compose.override.yml
change docker root exec
2018-10-21 22:30:01 +02:00
docker-compose.yml
change docker root exec
2018-10-21 22:30:01 +02:00
Dockerfile
fix compatibility with --chown flag with COPY
2019-09-09 23:02:26 -05:00
Gemfile
Bump to released metasm 1.0.4
2019-04-08 17:55:43 -05:00
Gemfile.local.example
update Gemfile.local example, use Gemfile.local if it exists when bundling
2017-04-30 10:57:55 -05:00
Gemfile.lock
update lock for unpinned gem
2019-09-09 22:52:54 -05:00
LICENSE
add jtr license
2019-02-12 17:57:38 -05:00
LICENSE_GEMS
Bump version of framework to 5.0.47
2019-09-05 12:13:53 -05:00
metasploit-framework.gemspec
Unify SSL cert generate interfaces
2019-08-30 00:01:55 -05:00
msf-json-rpc.ru
Move under Msf::WebServices namespace
2018-11-26 12:58:10 -05:00
msf-ws.ru
Add Metasploit data web service rackup file
2019-01-14 23:30:47 -05:00
msfconsole
Improved CTRL-C edge case, Invalid Options edge case, help output, version output
2018-03-20 13:34:15 -05:00
msfd
Removing unnecessary spaces
2017-09-12 10:00:18 -03:00
msfdb
Don't delete ssl key and cert if a user asked not to
2019-03-05 15:25:53 -06:00
msfrpc
Removing unnecessary spaces
2017-09-12 10:00:18 -03:00
msfrpcd
Add background process ID output
2019-01-09 17:42:57 -05:00
msfupdate
remove "require 'os'", not needed or available
2018-05-14 01:16:55 -05:00
msfvenom
Changes to venom to handle pingbacks and really delete extra files, this time.
2019-07-25 19:45:10 -05:00
Rakefile
trying rspec-retry
2017-06-20 14:02:32 -05:00
README.md
add docker pull badge to readme
2017-12-06 20:34:40 +01:00
Vagrantfile
neither Dockerfile nor Vagrant should actually install bundler these days
2019-03-15 07:19:18 -05:00

README.md

Metasploit Build Status Code Climate Docker Pulls

The Metasploit Framework is released under a BSD-style license. See COPYING for more details.

The latest version of this software is available from: https://metasploit.com

Bug tracking and development information can be found at: https://github.com/rapid7/metasploit-framework

New bugs and feature requests should be directed to: https://r-7.co/MSF-BUGv1

API documentation for writing modules can be found at: https://rapid7.github.io/metasploit-framework/api

Questions and suggestions can be sent to: Freenode IRC channel or e-mail the metasploit-hackers mailing list

Installing

Generally, you should use the free installer, which contains all of the dependencies and will get you up and running with a few clicks. See the Dev Environment Setup if you'd like to deal with dependencies on your own.

Using Metasploit

Metasploit can do all sorts of things. The first thing you'll want to do is start msfconsole, but after that, you'll probably be best served by reading Metasploit Unleashed, the great community resources, or the wiki.

Contributing

See the Dev Environment Setup guide on GitHub, which will walk you through the whole process from installing all the dependencies, to cloning the repository, and finally to submitting a pull request. For slightly more information, see Contributing.

Reference in New Issue View Git Blame Copy Permalink
S
Description
Metasploit Framework
Readme Multiple Licenses 1.6 GiB
Languages
Ruby 95%
PowerShell 2.7%
C 1.2%
Python 0.4%
HTML 0.2%
Other 0.1%