github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-09-25 10:48:31 +02:00
Code Releases Activity
45,265 Commits 16 Branches 911 Tags 1.2 GiB
MS-2855/keylogger-mettle-extension
Commit Graph

45265 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
a1exdandy
a0c473f29e Upload memory usage optimization 
Optimize xor_bytes memory usage, use small buffer for upload,
add verbosity
 2018-02-15 17:05:22 +05:00
Daniel Teixeira
651ddbb7eb
Disk Savvy Server Buffer Overflow 2018-02-15 10:09:07 +00:00
RageLtMan
177e1321ae Aux command dispatcher in exploit ctx with action 
The Auxiliary command dispatcher checks modules for passive actions
expecting them to have included Msf::Module::HasActions mixin. The
mixin is included in post and aux modules already, but not in
exploits. When the aux dispatcher handles an exploit module, it
may get upset along the lines of:
```
[-] Error while running command exploit: undefined method 'passive'
for #<Msf::Modules::M...3::MetasploitModule:0x0000000d83de0428>
Did you mean?  passive?

Call stack:
/opt/metasploit4/msf4/lib/msf/ui/console/command_dispatcher/
auxiliary.rb:106:in `cmd_run'
```

Avoid this mess by having the conditional which checks the methods
included by that mixin depend on the module having included the
mixin in the first place.

Testing:
  In local fork (hence the lineno) it seems to fix the problem.
  The problem condition and fix should be independently tested
upstream.
 2018-02-15 04:20:09 -05:00
Daniel Teixeira
630e9dd0de
Verification steps update 2018-02-14 20:40:32 +00:00
Daniel Teixeira
929027ab96
Disk Savvy Server Buffer Overflow 2018-02-14 20:35:32 +00:00
Daniel Teixeira
07763ccd6a
Disk Savvy Server Buffer Overflow Documentation 2018-02-14 20:35:03 +00:00
Brent Cook
d5ab7b127b
Land #9557, add back udp_probe for now 2018-02-14 11:24:21 -06:00
Wei Chen
9a293cd30e Fix #8120, Fix undef method 'gsub' in bavision_cam_login 
Fix #8120
 2018-02-14 11:03:03 -06:00
Wei Chen
ef948ccc38 Fix #9417, map timeout exp to a var for telnet_encrypt_overflow 
Fix #9417
 2018-02-14 09:19:28 -06:00
HD Moore
7cfc17860d udp_probe is necessary for pivot scans 2018-02-14 08:45:46 -06:00
HD Moore
ef13f01820 Remove actually deprecated modules 2018-02-14 08:43:20 -06:00
HD Moore
234f5a316b Revert "Remove old deprecated modules" 
This reverts commit a2c5cc0ffb.
 2018-02-14 08:42:44 -06:00
Jacob Robles
9611bfdd01
Land #9547, Delete meterpreter scripts, imporve spelling 2018-02-14 02:24:07 -06:00
Spencer McIntyre
5063415b79
Land #9552, add private_type for stored tomcat pw 
Fixes #9513
 2018-02-13 19:25:27 -05:00
Jeffrey Martin
3811665b69
Land #7699, Add UDP handlers and payloads (redux) 2018-02-13 14:50:09 -06:00
Jeffrey Martin
f5768e7ced
gate session reported when using bind udp 
While this method here is somewhat noisy on the network it eliminates
a poor user experience when the handler is started but the payload is
not yet running on the target.

When a target is sent a udp packet and it is not rejected push down
an initial "echo syn" command that will respond with output.  This
allows framework to be aware that the payload is what is running on
the server port instead of assuming a non-existent target is a valid
session.
 2018-02-13 14:44:57 -06:00
Jeffrey Martin
d56111a33c
update cache sizes from new tests 2018-02-13 14:34:21 -06:00
Wei Chen
fbeba8bfd2 Fix #9513, Add private_type to be able to store password for Tomcat 
If there is no :private_type, the create_credential method in
Metasploit::Credential::Creation will quietly skip the password,
which makes it look like a bug when the user is trying to view
the password from the creds command.

Fix #9513
 2018-02-13 14:31:56 -06:00
Jeffrey Martin
b80445e448
add missing payload tests 2018-02-13 14:20:43 -06:00
Jeffrey Martin
2221779ddd
update package namespaces 2018-02-13 13:33:36 -06:00
Jacob Robles
b21f5d7036
Land #9546, Correct Typo 2018-02-13 09:59:34 -06:00
Brent Cook
18983d1fae s/imporve/improve/g 2018-02-13 05:30:05 -06:00
Brent Cook
252e80b9bf remove a couple of broken meterpreter scripts (upstream is dead) 2018-02-13 05:28:09 -06:00
Agahlot
de24451035 Correct Typo 2018-02-13 15:57:09 +05:30
Jacob Robles
aefd0d3875
Land #9542, Correct Typo 2018-02-13 02:41:12 -06:00
Jeffrey Martin
9800d450f5
Land #9543, bump gems, remove rbnacl/ffi since unneeded 2018-02-12 11:47:15 -06:00
Brent Cook
316e657d10
bump gems, remove rbnacl/ffi since unneeded 2018-02-12 11:21:04 -06:00
follower
ecb5fffb0b
Typo fix: "withint" --> "within" 2018-02-13 06:20:57 +13:00
UserExistsError
bad1429989 reverted CachedSize values 2018-02-11 19:07:41 -07:00
UserExistsError
8ae8a0d94b added bind_named_pipe payload 2018-02-11 18:56:50 -07:00
h00die
285b329ee1
Land #9422 abrt race condition priv esc on linux 2018-02-11 11:58:39 -05:00
Pearce Barry
add7ae8fa1
Land #9536, Add Ubuntu notes to documentation 2018-02-11 07:27:00 -06:00
Pearce Barry
321b78b0fe
Land #9408, Add Juju-run Agent Privilege Escalation module (CVE-2017-9232) 2018-02-11 07:19:49 -06:00
Brendan Coles
4e5cbd68b9 Add Ubuntu notes to documentation 2018-02-11 06:52:36 +00:00
Pearce Barry
4b6362a37d
Minor doc tweaks. 2018-02-10 16:14:14 -06:00
Brendan Coles
1177efef89 Update tested versions 2018-02-10 16:32:20 +00:00
h00die
fcaee81fba
Land #9467 linux priv esc against glibc origin 2018-02-10 07:20:35 -05:00
h00die
38252e4384 success against x64 2018-02-10 07:17:15 -05:00
Wei Chen
b9faa9e92b Fix a typo 2018-02-09 20:28:55 -06:00
Wei Chen
81e0d56261 Always write the file as long as the option is set 2018-02-09 20:28:12 -06:00
Wei Chen
8aa8b6df3d
Land #9532, Fix a bug in the MD docs references 
Land #9532
 2018-02-09 20:22:35 -06:00
Wei Chen
46a0ea6582 Fix db_spec 2018-02-09 20:06:43 -06:00
Wei Chen
958513bd86 Fix #9522, Add output file support to the vulns command 
This adds a new feature for the vulns command for msfconsole. It
allows the user to be able to save the vulnerability as a CSV
file.

Fix #9522
 2018-02-09 19:45:46 -06:00
Brendan Coles
0d573e1434 Support shell sessions 2018-02-09 16:15:04 -05:00
Brendan Coles
45249d582d Add partition check 2018-02-09 16:15:04 -05:00
Brendan Coles
9e11632608 Add documentation 2018-02-09 16:15:04 -05:00
Brendan Coles
0ba37f8104 Add glibc $ORIGIN Expansion Privilege Escalation exploit 2018-02-09 16:15:04 -05:00
Spencer McIntyre
c612dbfdbf Also fix GitHub related pull request links 2018-02-09 15:16:10 -05:00
Spencer McIntyre
7a18aaa74a Fix the normalizer_spec to expect the md syntax 2018-02-09 14:56:42 -05:00
h00die
cb1b59545b
Land #9469 linux local exploit for glibc ld audit 2018-02-09 14:00:42 -05:00