dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
63,655 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

921 Commits

Author SHA1 Message Date
Brendan Coles a31052afbd post/multi/manage/sudo: Abort if session type is Meterpreter 2022-01-20 12:44:29 +00:00
Brendan Coles 2bb5edac9e local_exploit_suggester: Print session_host if session is valid 2022-01-16 03:24:41 +00:00
Grant Willcox e21812fa5c
Land #15864, fix #15856, fix shell_to_meterpreter to detect x64 windows and return an x64 meterpreter session 2021-11-24 17:41:31 -06:00
Grant Willcox 1b9f9f0620
Add in final review fixes to handle Windows ARM if ever encountered 2021-11-24 16:37:21 -06:00
Jeffrey Martin 21a6a18d92
trade `URI.encode` & `URI.escape` for Ruby 3 
Ruby 3 removed the `URI.escape` methods however access to
the a parse for the same RFC is stil available at `URI::DEFAULT_PARSER.escape`.

Per the Ruby forum [comment](https://bugs.ruby-lang.org/issues/17309#note-1) this should equal.
 2021-11-22 14:11:03 -06:00
Tim W 423810ca5c fix shell_to_meterpreter cmd_exec powershell 2021-11-22 03:11:26 +00:00
Tim W f2d7f33280 run rubocop on shell_to_meterpreter 2021-11-11 16:00:05 +00:00
Tim W 7a2eb1cbcb fix #15856, fix shell_to_meterpreter to detect x64 windows and return an x64 meterpreter session 2021-11-11 14:40:18 +00:00
dwelch-r7 73e55fcaee
Land #15665, Add Meterpreter compatibility metadata 2021-10-29 12:45:26 +01:00
Christophe De La Fuente 1befd545e3
Land #15558, add module to access a sessions filesystem in a browser 2021-10-25 18:37:42 +02:00
Tim W 86d1e3cb0a fix get_drives format 2021-10-25 17:30:47 +01:00
adfoster-r7 28eab4d871
Add Meterpreter compatibility metadata 2021-10-06 13:54:51 +01:00
adfoster-r7 959527a4c4
Land #15669, Add meterpreter compatibility metadata to screenshare module 2021-09-27 15:18:01 +01:00
adfoster-r7 06762d0934
Update references to railgun to be consistent 2021-09-27 12:37:14 +01:00
adfoster-r7 e81f1b5687
Gracefully fallback to sesion.ui.screenshot when espia is not supported 2021-09-23 21:10:40 +01:00
Tim W 4d3dda67ea fix msftidy 2021-09-23 13:02:17 +01:00
Tim W 18015e5a0e add support for powershell sessions 2021-09-23 13:02:17 +01:00
Tim W d3a372e92b add support for shell sessions 2021-09-23 13:02:17 +01:00
Tim W fad8aef5f7 add support for 404 and 500 if files are inaccessible 2021-09-23 13:02:17 +01:00
Tim W fdea8bb805 add module to access a sessions filesystem in a browser 2021-09-23 13:02:17 +01:00
adfoster-r7 39ca4660a9
Add meterpreter compatibility metadata to screenshare module 2021-09-15 17:34:57 +01:00
adfoster-r7 46718e3390
Run Rubocop layout rules on modules 2021-09-10 12:53:39 +01:00
adfoster-r7 ded8200396
Land #15537, Add support for ruby 3 2021-09-01 10:30:54 +01:00
adfoster-r7 4a9a15e638
Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Alan Foster 03400991af Update uses of open ssl 2021-08-10 15:40:23 +01:00
Tim W d1fa2e857d fix #15528, fix powershell command length in shell_to_meterpreter 2021-08-10 12:08:50 +01:00
sjanusz 1288e85b6b
Improved exception handling 2021-07-28 10:22:15 +01:00
sjanusz c63ef142c5
Update local exploit suggester to handle nil targets 2021-07-28 10:22:15 +01:00
bwatters 8266f2ffdc
Land #15113, post gather module for saltstack salt #15113 
Merge branch 'land-15113' into upstream-master
 2021-05-17 15:33:20 -05:00
h00die b2f8bc6958 guard on nil minions 2021-05-15 09:38:15 -04:00
Ashley Donaldson 929197b85e
Fix rubocop errors 2021-05-04 11:34:22 +10:00
Ashley Donaldson 2ac4eeb141
Check VAS configuration to find defined kerberos location. 
Also verify root prior to exploitation (gives better error message)
 2021-05-04 11:31:11 +10:00
h00die 75ed65a0ab properly name saltstack salt 2021-05-03 19:34:37 -04:00
Ashley Donaldson 4cd7637274
Fixed Rubocop errors added since this module was forked 2021-05-03 13:28:07 +10:00
Ashley Donaldson f0a442b77d
Retrieve configured kerberos ticket location before retrieving tickets 
Rather than assume that file-configured kerberos tickets will be at /tmp/krb5_*, let's check the config file.
Also allows us to give more meaningful error messages and point people in the direction of where to look if it doesn't work.
 2021-05-03 13:07:45 +10:00
h00die 2c76671436 add windows minion file 2021-05-02 10:01:06 -04:00
h00die 2c0c7791a0 more error handling, updated docs 2021-05-02 08:19:43 -04:00
Ashley Donaldson 86a7b7b915
Forked a long time ago, so let's get it closer to the main branch 2021-05-02 14:23:56 +10:00
h00die fde1696ae2 windows and osx updates 2021-04-30 20:59:54 -04:00
h00die 938b4741a9 saltstack doc update and tested 2021-04-10 13:46:19 -04:00
Vladimir Ivanov 690e687e7e Updates from code review 
Update modules/post/multi/sap/smdagent_get_properties.rb
Update modules/auxiliary/admin/sap/cve_2020_6207_solman_rce.rb
Update documentation for auxiliary module cve_2020_6207_solman_rce.md
Update documentation for post module smdagent_get_properties.md
Move setup_xml_and_variables to `run` method in auxiliary module cve_2020_6207_solman_rce.rb
Delete list_dir, read_file, file_exist in post module smdagent_get_properties.rb
 2021-04-06 21:23:39 +02:00
Vladimir Ivanov 1f4046c45f Update references and delete check_addr in post module smdagent_get_properties.rb 2021-03-29 22:58:48 +03:00
Ivanov Vladimir a803d7a0d1 CVE-2019-0307 
Add post module smdagent_get_properties.rb
Add lib sap_smd_agent_unencrypted_property.rb
Update auxiliary module cve_2020_6207_solman_rce.rb
Update lib sap_sol_man_eem_miss_auth.rb
 2021-03-29 20:29:30 +03:00
friedrico 3b5cdd767f Base64 encoding is set iff encoding attribute is set to base64 and not when it "could be due to length and alphabet of the password" 2021-03-17 08:49:28 +01:00
Security Curious 59086989f7
Update Firefox Default Profile Directory 
The default firefox profile directory now no longer ends in `.default`
but instead `.default-release`. For backwards compat the new regex
supports both. For more information see:

https://support.mozilla.org/bm/questions/1264072#answer-1235567

It's possible we might want to also support things like
`.default-nightly`, etc but really if we want to do more than grab
the default profile we should read the `profiles.ini` file to get
an itemized list of profiles from Firefox itself. This would also
future-proof this script.

Since profiles are not generally used by most Firefox users just going
for the simpler solution of looking for `.default-release`.
 2021-03-10 21:43:04 -05:00
Alan Foster b06c5c12aa
Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
agalway-r7 8a339f54c1
Land #14734, updates and runs rubocop against recent modules 
Rubocop recently landed modules
 2021-02-19 13:48:47 +00:00
agalway-r7 275e9c5454
Land #14696, Further Zeitwerk lands to improve boot speed 
Zeitwerk rex folder
 2021-02-19 10:33:37 +00:00
Alan Foster 5b3fde7735
Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Tim W 0ab4213630 use & disown 2021-02-11 12:26:27 +00:00