dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
63,671 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

18741 Commits

Author SHA1 Message Date
Grant Willcox 743138abed
Add in initial fixes from review and remove extra BREAKAWAY_FROM_JOB code changes not directly related to this PR as we'll raise a separate PR for those 2022-03-31 12:13:29 -05:00
Grant Willcox 5ad16a1864
Undo changes to changing process in prepend_migrate, my idea was only to add in CREATE_BREAKAWAY_FROM_JOB flags 2022-03-25 12:48:23 -05:00
Grant Willcox b1ce05f97c
Add in updated Ruby code and also update the DLLs and prepend_migrate.rb to use the CREATE_BREAKAWAY_FROM_JOB flag with CreateProcess to break away from the job if the job has the JOB_OBJECT_LIMIT_BREAKAWAY_OK limit set to allow breakaway jobs 2022-03-23 17:47:25 -05:00
Tim W bdb729a43b
Land #16340, fall back to running apktool with --use-aapt2 if apktool fails 2022-03-19 11:47:56 +00:00
Spencer McIntyre ccdc2db9e7
Land #16309, Catch an exception in ssh_login 
The ssh_login module would crash when the channel used to execute the
commands to gather the platform information reported that they failed.
 2022-03-17 16:41:47 -04:00
Spencer McIntyre da1e4853b8
Land #16317, Free UDP ports after use 2022-03-17 16:39:09 -04:00
bwatters 54ad2b82c3
Land #16249, Add in Exchange Mixin - Initial Version with Version Detection 
Merge branch 'land-16249' into upstream-master
 2022-03-17 15:04:17 -05:00
Metasploit 374220f72f
Bump version of framework to 6.1.35 2022-03-17 12:05:14 -05:00
Grant Willcox ce062973cb
Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations. 2022-03-17 11:29:05 -05:00
Grant Willcox c1d6dced8d
Update library code to read exchange versions from exchange_versions.json and populate exchange_versions.json with initial info 2022-03-17 11:29:01 -05:00
Grant Willcox 419c9ea554
Fix review comments to simplify regex, and also add in new is_exchange? function to check if a target is running Exchange Server or not. 2022-03-17 11:29:00 -05:00
Grant Willcox 1f53e9d1c4
Rubocop and fix a mistake on commenting too much of the code out from testing 2022-03-17 11:29:00 -05:00
Grant Willcox 269cd5cfed
Add in Exchange Version mixin and module example 2022-03-17 11:28:53 -05:00
Hynek Petrak 43cec440ac
Treat failed proof as successful connection with nil proof. 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-03-17 14:05:17 +01:00
Hynek Petrak 2841f70048 Catch exception from net/ssh/connection/session.rb:381 2022-03-16 23:11:21 +01:00
Ashley Donaldson 7fe9d0b2b6
Don't start the DNS server twice 2022-03-17 08:02:31 +11:00
bwatters b4de9fa92a
Land #16344, Add module for CVE-2022-21999 and More Railgun Definitions 
Merge branch 'land-16344' into upstream-master
 2022-03-16 08:37:05 -05:00
Grant Willcox 008071888c
Land #16347, Catch SocketError when normalizing the hostname 2022-03-15 16:45:29 -05:00
Spencer McIntyre e28ee9ca53 Improve an error message when addr is nil 
The normalized value can be nil when the hostname failed to resolve.
That is not helpful in the exception information, so use the original
value.
 2022-03-15 14:01:26 -04:00
sjanusz a3f4af1775
Fix encrypted shells crashing with no DB connection 2022-03-15 16:00:30 +00:00
Spencer McIntyre a6a63d0895 Rename scope to zone_id 2022-03-15 11:14:41 -04:00
Spencer McIntyre 4dd7fc60e6
Land #16324, Fix broken DNS native_server 2022-03-15 09:06:03 -04:00
Ashley Donaldson 8cc2b87f59
Use Dnsruby::Message for all inputs 2022-03-15 16:41:05 +11:00
bwatters c936c45167
Land #16186, Add Python Meterpreter Command Payloads 
Merge branch 'land-16186' into upstream-master
 2022-03-14 17:29:03 -05:00
Grant Willcox 2142c877ad
Land #16262, Use bash instead of netcat as a default payload 2022-03-14 17:18:37 -05:00
Spencer McIntyre 71cacc4cc2 Catch SocketError when normalizing the hostname 2022-03-14 17:09:37 -04:00
Spencer McIntyre 735c1256a3 Put reverse_netcat back in the default list 
See #16262 for context. This will select reverse_bash if no required
commands are specified, which should be suitable for most environments.
The RequiredCmd payload compatibility key can be specified to override
this behavior by marking the commands that are available.
 2022-03-14 09:16:39 -04:00
Brendan Coles fe70296f1e Msf::Payload::Apk: Try rebuilding APK with AAPT2 if rebuilding APK fails 2022-03-13 14:35:15 +00:00
Tim W df81a48e4a
Land #16332, fix zipalign to align shared object files 2022-03-13 12:48:22 +00:00
Brendan Coles d28a172ab4 Msf::Payload::Apk: Extract cert details from APK files not JAR signed 
Since Android 11, APK contents must be signed with signature scheme
v2 or higher (v2/v3/v4). In order to maintain compatibility with
older versions of Android, APKs can also be signed with v1 (after
first signing with v2/v3/v4), but this is not mandatory.

When using a template apk file, the APK library now attempts to
extract signing scheme v1 certificate details (using keytool)
and falls back to extracting v2/v3/v4 certificate details (using
apksigner) if the APK is not signed with signing scheme v1.

Fixes #16295.
 2022-03-12 18:40:37 +00:00
Brendan Coles 6ae54566b6 Msf::Payload::Apk: zipalign: align APK stored shared object files 2022-03-12 18:22:34 +00:00
adfoster-r7 a62ca2259e
Land #16316, deref services correctly 2022-03-11 12:08:42 +00:00
Ashley Donaldson d5373a7278
Removed redundant cleanup calls which exploit_driver will call anyway 2022-03-11 12:08:51 +11:00
space-r7 bc9f64f043
use default printer in case target is server 
clean up code, add EnumPrinters definitions
 2022-03-10 16:45:20 -06:00
Metasploit 8ec9c89a1d
Bump version of framework to 6.1.34 2022-03-10 12:05:16 -06:00
space-r7 b747e55dda
Land #16303, add Dirty Pipe exploit 2022-03-10 11:16:28 -06:00
Ashley Donaldson 9b651eef32
Use encode (from Dnsruby), not data (from Net::DNS) 2022-03-10 13:31:58 +11:00
Ashley Donaldson 6f159fa54e
Consistent handling of DNS and LDAP servers wrt ServiceManager 2022-03-10 11:01:37 +11:00
Ashley Donaldson 9761d68c19
Rename stop_service to cleanup_service for services that use reference counting 2022-03-10 10:28:25 +11:00
Spencer McIntyre c2e0a61a74 Fix the hosts command's tab completion 2022-03-09 18:17:14 -05:00
Spencer McIntyre 5c5340b6fd Fix the hosts command's --search flag 2022-03-09 18:17:09 -05:00
Ashley Donaldson c9d43aafe6
Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity 2022-03-10 09:06:25 +11:00
Tim W 955cc9c986 fix cross compiling 2022-03-09 06:59:25 +00:00
adfoster-r7 3b524360ed
Explicitly specify server/client versions, fix logger crash, and specify jtr format 2022-03-09 01:37:22 +00:00
Ashley Donaldson 837cf199a0
Use reference counting consistently for HTTP handlers (Fixes #16315) 2022-03-09 10:56:38 +11:00
adfoster-r7 22f88f9ab7
Add docs 2022-03-08 23:52:24 +00:00
adfoster-r7 6f2a7d6167
Add note that SMB v1 is not supported 2022-03-08 23:52:24 +00:00
adfoster-r7 53772fa366
Gracefully handle relay host timeout, fix typos, and move SMBHashCapture location 2022-03-08 23:52:24 +00:00
adfoster-r7 bcb0850e07
Rename SMBHOST 2022-03-08 23:52:23 +00:00
adfoster-r7 144fc5eddf
Add smarter targetlist support 2022-03-08 23:52:23 +00:00