Christophe De La Fuente
ae48236d07
Land #18122 , rocketmq version lib
2023-07-05 18:11:25 +02:00
jheysel-r7
53a761a13d
Update lib/msf/core/auxiliary/rocketmq.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
2023-07-05 11:13:08 -04:00
h00die
c9249fd9b7
basics
2023-07-02 12:37:58 -04:00
Grant Willcox
859ff288fc
Land #18147 , Add Ruby 3.3.0-preview1 to test suite
2023-06-29 17:20:24 -05:00
adfoster-r7
085943bd78
Add Ruby 3.3.0-preview1 to test suite
2023-06-29 22:53:17 +01:00
Jack Heysel
cc1b7db773
Method documentation comments
2023-06-29 15:52:03 -04:00
jheysel-r7
35f5b19512
Apply suggestions from code review
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
2023-06-29 15:23:27 -04:00
Metasploit
1426a5c12e
Bump version of framework to 6.3.24
2023-06-29 12:18:27 -05:00
adfoster-r7
0c8dff1ab0
Land #17901 , Add lazy loading for payloads on startup
2023-06-28 23:12:12 +01:00
jheysel-r7
f86f9c0440
Update lib/msf/core/auxiliary/rocketmq.rb
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
2023-06-27 16:39:16 -04:00
dwelch-r7
36e0d8f915
Land #18121 , Add proper SubjectAltName parsing
2023-06-27 16:54:33 +01:00
Jack Heysel
46629ca1d2
responded to comments
2023-06-26 14:01:12 -04:00
Grant Willcox
da34476a91
Land #17959 , rescue login scanner attempts
2023-06-23 14:49:26 -05:00
Metasploit
0f65368866
Bump version of framework to 6.3.23
2023-06-22 15:51:18 -05:00
Jack Heysel
4c73067dfe
Land #18104 , fix falsely caused empty file reads
...
This issue was happening frequently with the java metepreter.
The issue has been fixed and tested with test/file post module.
2023-06-22 13:07:19 -04:00
dwelch-r7
e298788a28
Land #18049 , Update jenkins login scanner to work with newer versions
2023-06-22 14:04:24 +01:00
cgranleese-r7
ace4c45c5d
Land #18118 , Update UA strings for June 2023
2023-06-22 12:31:09 +01:00
Jack Heysel
64b441be2a
Rspec tests, get_broker_port addition
2023-06-22 01:29:33 -04:00
Jeffrey Martin
1b562dd02b
Revert "Improve AMSI bypass on new Windows"
...
This reverts commit f97ab80224
, reversing
changes made to c8f942cc03
.
This change impacted the default `psexec` powershell target and needs further
testing to be reintroduced.
2023-06-21 16:35:41 -05:00
Spencer McIntyre
7cff25e639
Land #18117 , Consider Windows 10 Revision
...
Consider Windows 10 Revision number in version module
2023-06-21 14:32:59 -04:00
Grant Willcox
cd00585e12
Support properly handling tagging multiple hosts and then deleting those tags.
...
This involves updating add_host_tag and delete_host_tag and performing some refactoring.
2023-06-21 09:31:55 -05:00
cgranleese-r7
0609d246f3
adds more future proofing to implementation
2023-06-21 14:19:24 +01:00
usiegl00
44762f18e8
Increase Stack Space for Loader
...
This increases the stack stack space mmap'd for the 2nd stage loader and
should fix the invalid stack memory access crash on the staged payload.
2023-06-19 10:57:37 +02:00
usiegl00
e70bdb028a
Basic MachO Signing
...
This commit adds the sign method to Payload::MachO which performs a
basic SHA256 signature update on the provided macho to enable it to run
under osx aarch64 systems.
2023-06-19 10:57:37 +02:00
usiegl00
658c87996d
Hotwire MachO Signing
...
This commit hotwires in executable signing to some of the aarch64 osx
payloads in order to ensure that they are fully functional.
2023-06-19 10:57:37 +02:00
usiegl00
8a5442f7f0
Fix AARCH64 MachO Generation
...
This updates the exe util to properly generate stageless aarch64 macho
payloads. I've also added comments on how to assemble the aarch64
stages.
2023-06-19 10:57:37 +02:00
usiegl00
5f8767f4cf
M1ssion Dyld Mettle: Aarch64 Payloads
...
This builds on Back from the dyld by adding the required aarch64
assembly code to enable the OSX loader to run on the m1. This enables
the use of native payloads on M1 or M2 devices that do not have Rosetta
installed.
2023-06-19 10:57:37 +02:00
Ashley Donaldson
2a3cac051f
Suggestion from code review
2023-06-19 07:53:46 +10:00
h00die
e49e70ce93
update rocketmq tests
2023-06-16 16:26:35 -04:00
h00die
67225650de
convert _ to .
2023-06-16 16:13:36 -04:00
h00die
4f661ff230
rocketmq version lib
2023-06-16 15:36:06 -04:00
Spencer McIntyre
0ca978fe9d
Return arrays of values where applicable
...
Return arrays of values where applicable and update method docs.
2023-06-16 12:19:11 -04:00
Spencer McIntyre
2d800be5b1
Read the ORAddress definition
...
Note that there's a known issue that needs the changes from
sdaubert/rasn1#37 to work.
2023-06-16 11:48:36 -04:00
Dean Welch
8527eea15d
Add lazy loading for payloads
2023-06-16 12:04:48 +00:00
Ashley Donaldson
5832685f5e
Update UA strings for June 2023
2023-06-16 11:32:37 +10:00
Ashley Donaldson
381d291da9
Use revision in MSF modules
2023-06-16 10:07:35 +10:00
Ashley Donaldson
ddbd24554d
Take into account Windows 10 revision number
2023-06-16 06:50:39 +10:00
Spencer McIntyre
9e8a8d7c25
Remove our BMPString definition
...
It was added in https://github.com/sdaubert/rasn1/pull/33 and is present
in RASN 0.12.1.
2023-06-15 15:57:10 -04:00
Spencer McIntyre
0555b4ada0
Add SAN parsing with a proper ASN.1 definition
...
The ORAddress field is left out because it's significantly more
complicated than the rest and doesn't appear to be necessary at this
time.
2023-06-15 15:57:02 -04:00
Spencer McIntyre
39c9355715
Add additional string primitives
2023-06-15 15:51:14 -04:00
adfoster-r7
50832bef97
Land #18094 , Fix an edge case in .to_win32pe
2023-06-15 20:39:07 +01:00
space-r7
9776a6eb4a
Land #18078 , add SID support for icpr_cert
...
pulls in latest changes
2023-06-15 13:39:31 -05:00
space-r7
5b77805d68
Land #18078 , add support for SID in icpr_cert
2023-06-15 13:17:09 -05:00
Metasploit
ea34db64af
Bump version of framework to 6.3.22
2023-06-15 12:15:30 -05:00
Jack Heysel
f014033321
Land #18054 , Fix info command IP address issue
...
This PR fixes the issue where an ArgumentError was thrown
when running the info command when using a fetch payload
2023-06-15 11:51:16 -04:00
bwatters
63abeb331d
Remove default value
2023-06-15 08:46:45 -05:00
dwelch-r7
8da6f1efb9
Land #18105 , Fix time command bug when running complex commands
2023-06-15 13:41:16 +01:00
cgranleese-r7
c85b017c9e
Land #18106 , Update SessionTLVLogging to no longer truncate useful values
2023-06-15 12:50:33 +01:00
cgranleese-r7
95d05e0e9c
Land #18111 , Fix initialised constant error when meterpreter registry key reads timeout
2023-06-15 10:23:29 +01:00
adfoster-r7
552b76aa8f
Initialize to an empty string
2023-06-15 01:44:42 +01:00
adfoster-r7
c93adfb697
Land #17781 , adds support for module writers to supply include_dir iquote options when compiling mingw
2023-06-14 22:47:10 +01:00
Spencer McIntyre
6988227ee4
Fix AS-REQ with PKINIT and NTDS_CA_SECURITY_EXT
2023-06-14 16:18:04 -04:00
Spencer McIntyre
3ee02a0e41
Add the ALT_SID datastore option
2023-06-14 16:17:58 -04:00
adfoster-r7
bec47e8b59
Fix unitialized constant error when meterpreter registry key reads timeout
2023-06-14 19:50:28 +01:00
adfoster-r7
69b7635f0f
Update SessionTLVLogging to no longer truncate useful values
2023-06-14 18:39:58 +01:00
adfoster-r7
2d87447db7
Fix time command bug when running complex commands
2023-06-14 18:01:47 +01:00
adfoster-r7
fb6bb4031c
Fix issue that falsely caused empty file reads on meterpreter
2023-06-14 17:50:54 +01:00
adfoster-r7
b9f260d0f7
Land #18089 , Add Masm support
2023-06-14 13:51:41 +01:00
bwatters
cabae172f9
Remove superfluous setup_handler
2023-06-13 16:03:55 -05:00
bwatters
548d7e76a8
Fix accidental diff
2023-06-13 16:01:58 -05:00
bwatters
38f542174d
Land #17336 , A more robust implementation for Windows version comparisons
...
Merge branch 'land-17336' into upstream-master
2023-06-13 15:38:56 -05:00
Spencer McIntyre
c41483250f
Fix an edge case in .to_win32pe
...
When the entry point is after the payload, there woud occassionally be
cases where `poff` and `eidx` to be invalid, causing `entry` to be
truncated. `poff` should never be negative and `eidx` should reserve the
256 bytes that `entry` may occupy.
2023-06-13 13:41:47 -04:00
bwatters
1af9660296
Add routable address type
2023-06-13 10:29:15 -05:00
bwatters
9e773b3f35
Fix issue with info command and IP address check
2023-06-13 10:16:07 -05:00
Professor Araout
1fbfc8e4d4
Update lib/metasploit/framework/compiler/mingw.rb
...
Error in github review, replaced line 39 instead of 37-38-39 -> Fixed
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
2023-06-13 15:04:00 +02:00
Professor Araout
0b320f6209
Update lib/metasploit/framework/compiler/mingw.rb
...
Review made by @adfoster-r7 and tested by @ARaout
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
2023-06-13 14:59:22 +02:00
Professor Araout
9d315af25e
Update lib/metasploit/framework/compiler/mingw.rb
...
Review made by @adfoster-r7 and tested by @ARaout
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
2023-06-13 14:59:15 +02:00
Professor Araout
cb105d8978
Update lib/metasploit/framework/compiler/mingw.rb
...
Review made by @adfoster-r7 and tested by @araout
Works perfect
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
2023-06-13 14:58:36 +02:00
Ashley Donaldson
8d1e7a386c
Rubocop and code review suggestions
2023-06-13 15:58:30 +10:00
shellchocolat
0761f8f729
[+] add masm output support
2023-06-13 06:55:16 +02:00
Jack Heysel
f97ab80224
Land #17942 , Improve AMSI bypass on new Windows
...
The script generated by the web_delivery module is blocked
by the Antimalware Scan Interface (AMSI) on newer versions
of windows. This PR allows the script to bypass AMSI.
2023-06-12 18:50:48 -04:00
adfoster-r7
c8f942cc03
Land #17955 , Golf a bit the php payload
2023-06-12 16:31:00 +01:00
Spencer McIntyre
834ad18d28
Land #18069 , Handle LDAP UnbindRequest
...
Remote::JndiInjection: handle LDAP UnbindRequest
2023-06-12 09:53:38 -04:00
RageLtMan
668b72a4ca
Rex::Proto::LDAP::Server handle LDAP UnbindRequest
2023-06-10 09:42:58 -04:00
Spencer McIntyre
4c817ce1de
Land #17946 , CVE-2023-21839 - Oracle Weblogic RCE
...
CVE-2023-21839 - Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization
2023-06-09 14:55:43 -04:00
Grant Willcox
694c1006e4
Add more IPv6 support in to the module
2023-06-09 12:24:35 -05:00
Spencer McIntyre
296a7afc86
Land #18076 , Don't use length for freeing.
2023-06-09 10:10:29 -04:00
Spencer McIntyre
2acc014014
Fix AS-REQ with PKINIT and NTDS_CA_SECURITY_EXT
2023-06-08 15:10:35 -04:00
Spencer McIntyre
47835b57a7
Add the ALT_SID datastore option
2023-06-08 15:10:27 -04:00
Spencer McIntyre
5b5c29842c
Land #18022 , Add post/windows/manage/make_token
...
Add update_token to MSF + make_token post-ex module
2023-06-08 14:53:22 -04:00
Metasploit
92cf562950
Bump version of framework to 6.3.21
2023-06-08 12:12:50 -05:00
Ashley Donaldson
717ceae45b
Don't use length for freeing.
...
MSDN says this will never succeed - should always be zero.
2023-06-08 15:02:41 +10:00
Christophe De La Fuente
451735ad15
Fix exception handler & add doc
2023-06-06 17:43:22 +02:00
cgranleese-r7
18ddd72285
Update jenkins login scanner to work with newer versions
2023-06-06 11:54:55 +01:00
RageLtMan
e6b1ae2af8
Remote::JndiInjection: handle LDAP UnbindRequest
2023-06-06 00:54:40 -04:00
Grant Willcox
94ef437f9f
Add in YARD documentation
2023-06-05 12:10:10 -05:00
Grant Willcox
9574c79d36
Remove extra code
2023-06-05 12:07:27 -05:00
Ashley Donaldson
795980260b
Created mixin to retrieve the architecture of the current shell.
...
Currently only supports Windows, but does work on Win2000 upwards.
2023-06-05 11:10:53 +10:00
Spencer McIntyre
734e0b099e
Land #18018 , Add in CVE-2023-29084
...
Add in CVE-2023-29084 - Zoho ManageEngine ADManager Plus ChangePasswordAction
Authenticated Command Injection
2023-06-02 12:14:43 -04:00
bwatters
1e9d286c77
Land #18044 , Add MIPS64 Linux Fetch Payloads
...
Merge branch 'land-18044' into upstream-master
2023-06-02 10:53:43 -05:00
Grant Willcox
7728e1e2fb
Add in new library function for escaping PowerShell literals
2023-06-02 10:22:56 -05:00
Grant Willcox
0f71613b66
Land #18056 , Modify command stagers to not go over 100%
2023-06-01 16:06:13 -05:00
Metasploit
25e8cf8faf
Bump version of framework to 6.3.20
2023-06-01 12:10:08 -05:00
Zach Goldman
96f2c96a75
modify command stagers to not go over 100%
2023-06-01 12:07:07 -05:00
Spencer McIntyre
8378435051
Land #17430 , Add AWS SSM Sessions
2023-06-01 11:34:40 -04:00
Ashley Donaldson
7f4bda193d
Support retrieving Service Pack version on older OSes
2023-06-01 10:48:17 +10:00
Spencer McIntyre
9349dd24e3
Add a proper definition for NtdsCaSecurityExt
2023-05-31 17:31:33 -04:00
shellchocolat
1fbba702de
add support to masm formatting
2023-05-31 17:17:17 +02:00
Ashley Donaldson
4b1158d5f1
Use existing shell registry logic
2023-05-31 11:24:33 +10:00
Ashley Donaldson
778a2c47b7
Updated unit tests to use registry
2023-05-31 08:09:54 +10:00
Spencer McIntyre
8a0dfa57a0
Drop size requirement and fix descriptions
...
The size requriement is used when the adapted payload is executed from
the command line but that's not the case for the fetch payloads which
execute a command to fetch the payload from a URL. The payload size
doesn't matter because it's included in the executable file hosted at
the URL.
2023-05-30 15:03:06 -04:00
Grant Willcox
3d63d0b097
Land #18030 , Fix missing return in HTTP CmdStagers
2023-05-30 13:14:21 -05:00
Grant Willcox
42d4c73cda
Land #18031 , Improve help for "edit" and "log" commands
2023-05-30 11:43:21 -05:00
Christophe De La Fuente
7bde39ae73
Fixes from code review
2023-05-30 13:26:56 +02:00
adfoster-r7
e2718eb40c
Land #18019 , Fixes validation for `to_handler` command for Evasion and Payload modules
2023-05-30 10:39:01 +01:00
Ashley Donaldson
568e346d11
Support Windows 2000 by using `ver` command
2023-05-30 13:23:44 +10:00
Ashley Donaldson
a94f78ec03
Use direct registry lookups to get version data, to cater for different language packs.
2023-05-30 12:21:12 +10:00
wvu
00451e3aec
Improve help for "edit" and "log" commands
...
Talking about `LocalEditor` and `LocalPager`.
2023-05-25 23:22:54 -05:00
wvu
9528339761
Fix missing return in HTTP CmdStagers
...
Fetch payloads are cooler, but this was missed in https://github.com/rapid7/metasploit-framework/pull/13426 .
2023-05-25 22:22:23 -05:00
Jack Heysel
d8255157c9
Land #18021 , Fix #cd for Powershell Sessions
2023-05-25 14:26:01 -04:00
Metasploit
8368b80ad6
Bump version of framework to 6.3.19
2023-05-25 12:05:49 -05:00
Ashley Donaldson
75ba9110e2
Added module for Windows version comparisons
...
Utilised it in various existing modules - this should fix some subtle bugs in specific modules' version detection.
2023-05-25 14:36:46 +10:00
attl4s
42ef5ad322
remove TLV_TYPE_TOKEN_UPDATE_RESULT - update_token sends empty response when succeeds
2023-05-24 16:12:12 +02:00
attl4s
3a685849a8
add update_token bridge + make_token module
2023-05-24 10:33:52 +02:00
Spencer McIntyre
ed5d516c21
Sync the .NET working path for Powershell sessions
...
See: https://github.com/PowerShell/PowerShell/issues/10278
2023-05-23 15:21:52 -04:00
Spencer McIntyre
afb31b0f21
Add a function to escaple cmd.exe string literals
2023-05-23 15:17:39 -04:00
cgranleese-r7
3e327efdc4
Fixes validation for to_hanler command for Evasion and Payload modules
2023-05-23 10:16:06 +01:00
Spencer McIntyre
120dc877ad
Pr/collab/17430 ( #41 )
...
* Prevent using post modules with the session
It doesn't work reliably because of winpty and how the output is
mangled.
* Set the limit correctly
* Fix Linux PTY downgrade issues
* Remove filtering
The filtering implementation is incomplete and unnecessary.
Filtering is unnecessary because Linux sessions execute a stub on
session start up that uses a combiantion of stty and a fifo to emulate a
PTY-less session. Windows sessions do not need filtering because they
have been explictly marked as being incompatible with the Post API which
is confused by the extra characters.
The filtering implementation is incomplete because it does not account for
echo fragments that are split across lines. It also does not account for
all of the ANSI escape codes.
* Add module docs for enum_ssm
2023-05-22 17:11:16 -04:00
adfoster-r7
1eb6996ea5
Land #17989 , Improves flag formatting for kerberos ticket presenter
2023-05-22 17:42:10 +01:00
space-r7
60f6574bf3
Land #17965 , add module for AD CS cert management
2023-05-22 09:50:53 -05:00
Spencer McIntyre
ff4fafda2f
Add support for parsing SDDL
2023-05-22 09:21:24 -04:00
Spencer McIntyre
3af052390d
Add well known SID and RID constants
2023-05-22 09:21:24 -04:00
Spencer McIntyre
49fd6e876a
Add constants from MS-CRTD
2023-05-22 09:21:24 -04:00
Spencer McIntyre
1ffefcbea4
Treat the subauthority as optional
...
This allows some additional SIDs to function such as
SECURITY_CREATOR_SID_AUTHORITY.
2023-05-22 09:21:24 -04:00
Spencer McIntyre
d23f407c44
Monkey patch #modify to accept controls
2023-05-22 09:21:24 -04:00
Spencer McIntyre
dcbc6d19c5
Update #validate_query_result!
...
The function required a filter argument, but not every query has a
filter. By removing it, we can reuse the same logic for other operations
including modifications.
2023-05-22 09:21:20 -04:00
adfoster-r7
9dd10d6df7
Fix edgecase crash when running smb_login with Kerberos auth activated
2023-05-19 16:12:16 +01:00
Metasploit
428229aede
Bump version of framework to 6.3.18
2023-05-18 12:10:55 -05:00
Spencer McIntyre
f464401dde
Land #17782 , Add fetch payloads
...
Add http wget cmd based fetch payload for Linux and Windows
2023-05-18 12:18:27 -04:00
bwatters
548a2d7ab4
Add fetch payloads for Windows and Linux x64
2023-05-18 10:47:29 -05:00
cgranleese-r7
73a33a9f73
Addresses PR feedback
2023-05-17 16:45:15 +01:00
RageLtMan
f929d2c90f
Drop redundant shell_command in powershell.rb
2023-05-16 15:43:16 -04:00
RageLtMan
713ec6ae76
Merge branch 'master' into feature/aws_ssm_sessions
2023-05-16 14:39:37 -04:00
cgranleese-r7
82bf51647d
Improves flag formatting for kerberos ticket presenter
2023-05-16 15:25:36 +01:00
adfoster-r7
c723a2865e
Land #17987 , Split recalculate out into multiple functions
2023-05-12 18:27:46 +01:00
Dean Welch
3036a53697
Change `name` to `single_name` for consistency
2023-05-12 16:59:33 +01:00
Dean Welch
f6855f6aa4
Split recalculate out into multiple functions
2023-05-12 16:30:14 +01:00
dwelch-r7
b752735db1
Land #17967 , Fix ruby 3.1 crashes and resource leaks when garbage collecting Meterpreter resources
2023-05-12 14:14:02 +01:00
Metasploit
484639a2e0
Bump version of framework to 6.3.17
2023-05-11 12:13:25 -05:00
adfoster-r7
fa6a5e24f0
Land #17807 , Add in documentation on Metasploit's file system
2023-05-11 16:11:12 +01:00
adfoster-r7
eb959e2e40
Land #17060 , GSoC Project: Implement HTTP-Trace enabled login scanners
2023-05-11 15:45:01 +01:00
Spencer McIntyre
d8dd9bbe79
Move the publish timeout logic ( #40 )
...
This makes it accessible from enum_ssm so Linux sessions can be opened.
2023-05-11 09:58:16 -04:00
adfoster-r7
fe63d80679
Fix issues: double encoding bug, nessus scanner logging, remove dead cgi option
2023-05-11 13:01:52 +01:00
Spencer McIntyre
e92695149d
Fix linux tests, remove Windows support ( #39 )
...
* Revert "shell_command_token_base get 0th output index"
This reverts commit 3a4cb3560f
.
* Correct the order of arguments to #set_term_size
* Fix paths for directory checks
The path C:\ ends with a trailing backslash which will cause bash to
wait for another line if input. This places the shell in an undesirable
state.
* Fix post module tests for Linux
* Remove the command document
This hasn't been tested and it's unclear under what conditions this
would be used.
* Fix Windows SSM sessions
---------
Co-authored-by: Spencer McIntyre <zeroSteiner@gmail.com>
2023-05-10 17:48:53 -04:00
RageLtMan
62e59e6250
Replace [System.IO.File]::Exists with Test-Path
...
The exists? method in post/file has a different implementation for
PSH sessions than other shells which are testing for the existence
of a path, not the presence of a file.
Fix this by replacing [System.IO.File]::Exists with Test-Path.
Testing:
```
PS C:\Windows\system32> [System.IO.File]::Exists("C:\")
False
PS C:\Windows\system32>test-path C:\
PS C:\Windows\system32> test-path C:\
True
```
2023-05-10 11:10:08 -04:00
adfoster-r7
069ad805c1
Fix ruby 3.1 crashes when garbage collecting meterpreter resources
2023-05-05 14:04:17 +01:00
ErikWynter
b8856bbb87
fix capitalization of Htlm_fileName JSON parram
2023-05-05 09:59:11 +03:00
Grant Willcox
adec2f4fbb
Update the login.rb code so we aren't as strict on cookies since older versions sometimes use JSESSIONIDADAPSSO instead of JSESSIONIDSSO for login cookies
2023-05-04 15:40:39 -05:00
jvoisin
3b66b3416f
Golf a bit the php payload
...
- Put all the error-disabling statements on a single line
- Remove some useless spaces
- Use `stristr(…)` (available since PHP4) instead of `strpos(strtolower(…))`
- Use `&&` instead of `and`
- Use backticks instead of `passthru`, since they're equivalent: https://www.php.net/manual/en/language.operators.execution.php
2023-05-04 22:25:32 +02:00
Grant Willcox
8c7ae1b6bb
Minor update to comments for clarity
2023-05-04 15:12:32 -05:00
ErikWynter
c088430bd9
improve sanity checks in login method and other code review fixes
2023-05-04 15:12:31 -05:00
Grant Willcox
f27fc28411
Perform review updates
2023-05-04 15:12:31 -05:00
ErikWynter
9b596b3efd
minor changes
2023-05-04 15:12:31 -05:00
ErikWynter
1c6c1dffc6
final code review fixes
2023-05-04 15:12:31 -05:00
ErikWynter
9fe7db4648
improve status codes handling
2023-05-04 15:12:30 -05:00
ErikWynter
aede036b02
additional changes from code review
2023-05-04 15:12:30 -05:00
Grant Willcox
ba687c49aa
Fix a few typos
2023-05-04 15:12:29 -05:00
ErikWynter
a5e86a0c51
code review improvements, including renaming silent param
2023-05-04 15:12:29 -05:00
Grant Willcox
0fd743d851
Add in fixes from code review
2023-05-04 15:12:29 -05:00
ErikWynter
dd075d5c99
library improvements after code review, module update
2023-05-04 15:12:28 -05:00
ErikWynter
a2cf29ab98
partial fixes after library code review
2023-05-04 15:12:28 -05:00
Grant Willcox
61d1cf1460
Fix up things identified during review
2023-05-04 15:12:28 -05:00
ErikWynter
e639460b9f
fix library comments for json_post_data.rb
2023-05-04 15:12:27 -05:00
ErikWynter
47d374497a
create adaudit plus mixin and move some stuff there
2023-05-04 15:12:27 -05:00
Metasploit
783a1eb504
Bump version of framework to 6.3.16
2023-05-04 12:11:31 -05:00
Grant Willcox
e5c636f931
Move folder descriptions into README.md files
2023-05-03 14:06:13 -05:00
Jeffrey Martin
2059505ccd
improve login attempt guards
...
* tighted up rescue to catch individual attempt exceptions
* remove general rescue in SNMP
* ensure SNMP socket is released
2023-05-03 09:15:14 -05:00
adfoster-r7
3bf01f2cf2
Land #17911 , Update setting missing datastore values to a warning instead of an error
2023-05-03 13:04:03 +01:00
cgranleese-r7
67694c1ef7
Removes return false
2023-05-03 11:41:11 +01:00
Jeffrey Martin
152f9460f9
rescue login scanner attempts
...
* Improve base login scanner to catch any Exception
* Catch any Exception in SNMP scanner that overrides base method
* Expand connection errors possible in PostgreSQL scanner
2023-05-02 15:43:57 -05:00
Grant Willcox
22441f1064
Land #16390 , Implement Caching DNS Resolver in Rex
2023-04-28 16:42:44 -05:00
Grant Willcox
3e81408a24
Add support for getting IPv6 addresses from hosts files and saving them into the cache
2023-04-28 14:47:56 -05:00
Christophe De La Fuente
62806caeae
Update web_delivery
2023-04-28 16:09:51 +02:00
RageLtMan
867902e7d0
SSM start/stop publication
2023-04-28 09:00:37 -04:00
bcoles
71f938682c
Post::Windows::Service: Support start/stop service on shell sessions
2023-04-28 18:44:11 +10:00
Metasploit
601d9cef96
Bump version of framework to 6.3.15
2023-04-27 12:03:50 -05:00
3V3RYONE
9c8bc4e124
added yard docs
2023-04-27 16:56:49 +05:30
space-r7
03fcfa7559
Land #17914 , fix paths for directory checks
2023-04-26 12:20:46 -05:00
Spencer McIntyre
2dc5a94ab7
Land #17926 , Fix 64-bit pointer type
...
Update pointer type to support 64 bit calls
2023-04-25 16:20:43 -04:00
adfoster-r7
e7c05eabe3
Fix deadlock regression when printing multiple lines to console
2023-04-25 00:39:44 +01:00
bwatters
a8043adef0
Fix accidental copy/paste
2023-04-24 17:19:18 -05:00
bwatters
9215488d31
Update pointer type to support 64 bit calls
2023-04-24 17:14:50 -05:00
Grant Willcox
708da64a68
Add back in the require for dnsruby
2023-04-23 13:56:24 -05:00
RageLtMan
3a4cb3560f
shell_command_token_base get 0th output index
2023-04-22 18:00:44 -04:00
RageLtMan
d797e5ec2c
Simplify SSM shell output filtering
2023-04-22 17:18:21 -04:00
RageLtMan
5132302363
Filter control bytes from SSM output
2023-04-22 15:22:18 -04:00
Spencer McIntyre
8c15c31b56
Fix paths for directory checks
...
The path C:\ ends with a trailing backslash which will cause bash to
wait for another line if input. This places the shell in an undesirable
state.
2023-04-21 14:39:00 -04:00
Metasploit
04df1ef7e8
Bump version of framework to 6.3.14
2023-04-20 12:11:36 -05:00
Spencer McIntyre
2e3a2b6f6d
Combine AWS SSM modules, autodetect platform
2023-04-19 18:05:50 -04:00
Spencer McIntyre
59b3c0e945
Set the platform in enum_ssm
...
Update the enum_ssm module to use the correct session type with the
appropriate platform. Also set the session information to the same
string which also removes the eye sore that is the shell banner.
2023-04-19 18:05:50 -04:00
Spencer McIntyre
a7d8bc6757
Fix sessions opening over and over again
...
Also make some code cleanups
2023-04-19 18:05:50 -04:00
Jack Heysel
9563466037
Land #17873 , add ensure disconnect to ftp login
...
Add ensure disconnect to ftp login module and ftp timeout configuration
2023-04-18 18:31:12 -04:00
adfoster-r7
1b72de063e
Land #17903 , Add missing fields when reading metadata cache
2023-04-18 11:48:05 +01:00
Dean Welch
7667499011
Update comment and correctly format date
2023-04-18 11:06:19 +01:00
Dean Welch
d17ab39748
Remove active database check for module cache rebuild
2023-04-17 23:55:37 +01:00
Dean Welch
e874731781
Pull out `autofilter_ports` and `autofilter_services` from metadata cache
2023-04-17 23:45:19 +01:00
RageLtMan
97c0fa7411
Split CachedResolver to own file per jmartin-r7
2023-04-17 13:14:47 -04:00
bcoles
1e23dffc5b
Msf::Ui::Console::CommandDispatcher::Core: Fix 'help setg' output
2023-04-15 20:35:15 +10:00
Grant Willcox
246a69e897
Remove unneeded return statement after raising an exception
2023-04-14 15:28:17 -05:00
Grant Willcox
da5a361d3f
Remove extra require that wasn't needed with Zeitwerk
2023-04-14 15:28:17 -05:00