Grant Willcox
743138abed
Add in initial fixes from review and remove extra BREAKAWAY_FROM_JOB code changes not directly related to this PR as we'll raise a separate PR for those
2022-03-31 12:13:29 -05:00
Grant Willcox
5ad16a1864
Undo changes to changing process in prepend_migrate, my idea was only to add in CREATE_BREAKAWAY_FROM_JOB flags
2022-03-25 12:48:23 -05:00
Grant Willcox
b1ce05f97c
Add in updated Ruby code and also update the DLLs and prepend_migrate.rb to use the CREATE_BREAKAWAY_FROM_JOB flag with CreateProcess to break away from the job if the job has the JOB_OBJECT_LIMIT_BREAKAWAY_OK limit set to allow breakaway jobs
2022-03-23 17:47:25 -05:00
Tim W
bdb729a43b
Land #16340 , fall back to running apktool with --use-aapt2 if apktool fails
2022-03-19 11:47:56 +00:00
Spencer McIntyre
ccdc2db9e7
Land #16309 , Catch an exception in ssh_login
...
The ssh_login module would crash when the channel used to execute the
commands to gather the platform information reported that they failed.
2022-03-17 16:41:47 -04:00
Spencer McIntyre
da1e4853b8
Land #16317 , Free UDP ports after use
2022-03-17 16:39:09 -04:00
bwatters
54ad2b82c3
Land #16249 , Add in Exchange Mixin - Initial Version with Version Detection
...
Merge branch 'land-16249' into upstream-master
2022-03-17 15:04:17 -05:00
Metasploit
374220f72f
Bump version of framework to 6.1.35
2022-03-17 12:05:14 -05:00
Grant Willcox
ce062973cb
Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations.
2022-03-17 11:29:05 -05:00
Grant Willcox
c1d6dced8d
Update library code to read exchange versions from exchange_versions.json and populate exchange_versions.json with initial info
2022-03-17 11:29:01 -05:00
Grant Willcox
419c9ea554
Fix review comments to simplify regex, and also add in new is_exchange? function to check if a target is running Exchange Server or not.
2022-03-17 11:29:00 -05:00
Grant Willcox
1f53e9d1c4
Rubocop and fix a mistake on commenting too much of the code out from testing
2022-03-17 11:29:00 -05:00
Grant Willcox
269cd5cfed
Add in Exchange Version mixin and module example
2022-03-17 11:28:53 -05:00
Hynek Petrak
43cec440ac
Treat failed proof as successful connection with nil proof.
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
2022-03-17 14:05:17 +01:00
Hynek Petrak
2841f70048
Catch exception from net/ssh/connection/session.rb:381
2022-03-16 23:11:21 +01:00
Ashley Donaldson
7fe9d0b2b6
Don't start the DNS server twice
2022-03-17 08:02:31 +11:00
bwatters
b4de9fa92a
Land #16344 , Add module for CVE-2022-21999 and More Railgun Definitions
...
Merge branch 'land-16344' into upstream-master
2022-03-16 08:37:05 -05:00
Grant Willcox
008071888c
Land #16347 , Catch SocketError when normalizing the hostname
2022-03-15 16:45:29 -05:00
Spencer McIntyre
e28ee9ca53
Improve an error message when addr is nil
...
The normalized value can be nil when the hostname failed to resolve.
That is not helpful in the exception information, so use the original
value.
2022-03-15 14:01:26 -04:00
sjanusz
a3f4af1775
Fix encrypted shells crashing with no DB connection
2022-03-15 16:00:30 +00:00
Spencer McIntyre
a6a63d0895
Rename scope to zone_id
2022-03-15 11:14:41 -04:00
Spencer McIntyre
4dd7fc60e6
Land #16324 , Fix broken DNS native_server
2022-03-15 09:06:03 -04:00
Ashley Donaldson
8cc2b87f59
Use Dnsruby::Message for all inputs
2022-03-15 16:41:05 +11:00
bwatters
c936c45167
Land #16186 , Add Python Meterpreter Command Payloads
...
Merge branch 'land-16186' into upstream-master
2022-03-14 17:29:03 -05:00
Grant Willcox
2142c877ad
Land #16262 , Use bash instead of netcat as a default payload
2022-03-14 17:18:37 -05:00
Spencer McIntyre
71cacc4cc2
Catch SocketError when normalizing the hostname
2022-03-14 17:09:37 -04:00
Spencer McIntyre
735c1256a3
Put reverse_netcat back in the default list
...
See #16262 for context. This will select reverse_bash if no required
commands are specified, which should be suitable for most environments.
The RequiredCmd payload compatibility key can be specified to override
this behavior by marking the commands that are available.
2022-03-14 09:16:39 -04:00
Brendan Coles
fe70296f1e
Msf::Payload::Apk: Try rebuilding APK with AAPT2 if rebuilding APK fails
2022-03-13 14:35:15 +00:00
Tim W
df81a48e4a
Land #16332 , fix zipalign to align shared object files
2022-03-13 12:48:22 +00:00
Brendan Coles
d28a172ab4
Msf::Payload::Apk: Extract cert details from APK files not JAR signed
...
Since Android 11, APK contents must be signed with signature scheme
v2 or higher (v2/v3/v4). In order to maintain compatibility with
older versions of Android, APKs can also be signed with v1 (after
first signing with v2/v3/v4), but this is not mandatory.
When using a template apk file, the APK library now attempts to
extract signing scheme v1 certificate details (using keytool)
and falls back to extracting v2/v3/v4 certificate details (using
apksigner) if the APK is not signed with signing scheme v1.
Fixes #16295 .
2022-03-12 18:40:37 +00:00
Brendan Coles
6ae54566b6
Msf::Payload::Apk: zipalign: align APK stored shared object files
2022-03-12 18:22:34 +00:00
adfoster-r7
a62ca2259e
Land #16316 , deref services correctly
2022-03-11 12:08:42 +00:00
Ashley Donaldson
d5373a7278
Removed redundant cleanup calls which exploit_driver will call anyway
2022-03-11 12:08:51 +11:00
space-r7
bc9f64f043
use default printer in case target is server
...
clean up code, add EnumPrinters definitions
2022-03-10 16:45:20 -06:00
Metasploit
8ec9c89a1d
Bump version of framework to 6.1.34
2022-03-10 12:05:16 -06:00
space-r7
b747e55dda
Land #16303 , add Dirty Pipe exploit
2022-03-10 11:16:28 -06:00
Ashley Donaldson
9b651eef32
Use encode (from Dnsruby), not data (from Net::DNS)
2022-03-10 13:31:58 +11:00
Ashley Donaldson
6f159fa54e
Consistent handling of DNS and LDAP servers wrt ServiceManager
2022-03-10 11:01:37 +11:00
Ashley Donaldson
9761d68c19
Rename stop_service to cleanup_service for services that use reference counting
2022-03-10 10:28:25 +11:00
Spencer McIntyre
c2e0a61a74
Fix the hosts command's tab completion
2022-03-09 18:17:14 -05:00
Spencer McIntyre
5c5340b6fd
Fix the hosts command's --search flag
2022-03-09 18:17:09 -05:00
Ashley Donaldson
c9d43aafe6
Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity
2022-03-10 09:06:25 +11:00
Tim W
955cc9c986
fix cross compiling
2022-03-09 06:59:25 +00:00
adfoster-r7
3b524360ed
Explicitly specify server/client versions, fix logger crash, and specify jtr format
2022-03-09 01:37:22 +00:00
Ashley Donaldson
837cf199a0
Use reference counting consistently for HTTP handlers ( Fixes #16315 )
2022-03-09 10:56:38 +11:00
adfoster-r7
22f88f9ab7
Add docs
2022-03-08 23:52:24 +00:00
adfoster-r7
6f2a7d6167
Add note that SMB v1 is not supported
2022-03-08 23:52:24 +00:00
adfoster-r7
53772fa366
Gracefully handle relay host timeout, fix typos, and move SMBHashCapture location
2022-03-08 23:52:24 +00:00
adfoster-r7
bcb0850e07
Rename SMBHOST
2022-03-08 23:52:23 +00:00
adfoster-r7
144fc5eddf
Add smarter targetlist support
2022-03-08 23:52:23 +00:00