github
/
metasploit-framework
mirror of https://github.com/rapid7/metasploit-framework
1
Fork 0
Code Releases Activity
74,173 Commits 15 Branches 898 Tags 2.1 GiB
Commit Graph

1801 Commits

Author SHA1 Message Date
Spencer McIntyre 7f7f106b92 Update metasploit-payloads gem to 2.0.156 
Includes changes from:
* rapid7/metasploit-payloads#672
* rapid7/metasploit-payloads#678
 2023-10-11 14:05:45 -04:00
adfoster-r7 5e7097197d Remove reline dependency update 2023-10-06 17:56:06 +01:00
adfoster-r7 d11f15b9af Update gem dependencies 2023-10-06 15:49:06 +01:00
adfoster-r7 88c849de74 Add pin to rails 7.0.x 2023-10-06 14:08:57 +01:00
adfoster-r7 f3c105916a
Land #18256, general dependency update 2023-10-06 10:27:57 +01:00
Metasploit ec33707381
Bump version of framework to 6.3.38 2023-10-05 12:08:28 -05:00
sjanusz-r7 e70f356239 Show errors on inaccessible payload files 2023-10-02 14:46:25 +01:00
Metasploit 8de942d9d9
Bump version of framework to 6.3.37 2023-09-28 13:32:45 -05:00
Jeffrey Martin 5310d00d85 more general updates for security hygiene 
* updates to sshkey adds support for ECDSA
* skips irb update due to added dependencies on psych that has added native build requirements
 2023-09-27 15:45:49 -05:00
Jeffrey Martin ef27b6124f
general dependency update 
* general maintenance update for all gems
* used for security review of current updates
 2023-09-27 15:34:03 -05:00
Metasploit 0d6aee89dd
Bump version of framework to 6.3.36 2023-09-21 12:05:50 -05:00
Simon Janusz 1378bfbfc7
Land #18294, pick up netifaces updates, improve error catching 2023-09-15 13:04:26 +01:00
Metasploit 126e6b6e7a
Bump version of framework to 6.3.35 2023-09-14 12:10:09 -05:00
adfoster-r7 1b29c48193
Land #18362, Fix msfrpc hanging forever if rsock pair doesnt connect 2023-09-14 15:56:58 +01:00
adfoster-r7 bc2fdba422 Fix msfrpc hanging forever if rsock pair doesnt connect 2023-09-13 17:41:00 +01:00
adfoster-r7 30e66c43a4
Land #18343, add support for configurable DNS resolver to metasploit-framework 2023-09-12 22:56:37 +01:00
Zach Goldman 615aa8dff5 pick up netifaces updates, improve error catching 2023-09-11 12:12:27 -05:00
Metasploit 030fc99331
Bump version of framework to 6.3.34 2023-09-07 12:05:08 -05:00
Spencer McIntyre 6b20c19964 Update rex-socket gem to 0.1.53 
Includes changes from:
* rapid7/rex-socket#43
 2023-09-05 09:41:08 -04:00
Metasploit 90cf371376
Bump version of framework to 6.3.33 2023-08-31 12:06:37 -05:00
Metasploit ecaa038afe
Bump version of framework to 6.3.32 2023-08-24 12:08:09 -05:00
dwelch-r7 1878c08293
Land #18276, Add sasl scram 256 auth support to postgres modules 2023-08-18 14:34:51 +01:00
Metasploit 8e89a6a3dc
Bump version of framework to 6.3.31 2023-08-17 12:05:48 -05:00
adfoster-r7 9a50e66c50
Land #18278, Use latest version of ruby-mysql from upstream 2023-08-15 14:29:36 +01:00
adfoster-r7 68ce65c6c9
Revert "Revert "Add Meterpreter sanity tests to CI"" 2023-08-15 13:24:59 +01:00
Rory McKinley d154247c84
Introduce `ruby-mysql` gem 2023-08-14 21:34:01 +02:00
Metasploit 020320922d
Bump version of framework to 6.3.30 2023-08-10 13:33:02 -05:00
adfoster-r7 cdbd591f07
Revert "Add Meterpreter sanity tests to CI" 2023-08-10 19:08:09 +01:00
adfoster-r7 98ac76d54f
Add sasl scram 256 auth support to postgres modules 2023-08-09 16:41:01 +01:00
dwelch-r7 6f7ebb3824
Land #18210, Add Meterpreter sanity tests to CI 2023-08-04 13:24:39 +01:00
Metasploit 4ebf4fd52e
Bump version of framework to 6.3.29 2023-08-03 17:39:55 -05:00
Jeffrey Martin a8583438c1
fix nokogiri version out of sync in lock file 2023-08-03 17:31:01 -05:00
Jeffrey Martin 776b4918a7
remove double reference in Gemfile.lock 
merge introduced double entries for aws-sdk-ec2instanceconnect
 2023-08-03 13:44:07 -05:00
adfoster-r7 d8dc189168
Add Meterpreter sanity tests to CI 2023-08-03 17:11:44 +01:00
Spencer McIntyre 39382c4652
Land #17600, Add AWS Instance Connect Sessions 
Implement AWS Instance Connect Sessions
 2023-08-03 12:06:29 -04:00
adfoster-r7 a643fa517a Give better error messages when failing to load mettle extensions 2023-08-02 23:03:27 +01:00
adfoster-r7 9a40e2612b
Land #17129, Add OSX Aarch64 Payload support 2023-08-02 18:37:56 +01:00
Jeffrey Martin 5c67f3231b add aws-sdk-ec2instanceconnect gem 2023-08-01 15:04:58 -04:00
Grant Willcox f95a39254a Bump up dependency versions 2023-08-01 15:04:57 -04:00
Jeffrey Martin eaa4768547 add aws-sdk-ec2instanceconnect gem 2023-08-01 15:04:30 -04:00
Metasploit 1390d50ca4
Bump version of framework to 6.3.28 2023-07-27 12:09:19 -05:00
Metasploit b4ec01de83
Bump version of framework to 6.3.27 2023-07-20 12:14:17 -05:00
Metasploit 7bebee0f42
Bump version of framework to 6.3.26 2023-07-13 12:13:12 -05:00
Metasploit a0bdbce3c9
Bump version of framework to 6.3.25 2023-07-06 17:49:06 -05:00
adfoster-r7 fa0e53775f Update PHP Meterpreter to correctly show file sizes for large files 2023-06-30 10:22:13 +01:00
Grant Willcox 859ff288fc
Land #18147, Add Ruby 3.3.0-preview1 to test suite 2023-06-29 17:20:24 -05:00
adfoster-r7 085943bd78 Add Ruby 3.3.0-preview1 to test suite 2023-06-29 22:53:17 +01:00
Metasploit 1426a5c12e
Bump version of framework to 6.3.24 2023-06-29 12:18:27 -05:00
adfoster-r7 50c675cc90
Fix windows Meterpreter clipboard manipulation access denied errors 2023-06-29 00:00:48 +01:00
adfoster-r7 7aa1dafc1f
Fix windows python meterpreter getuid intermittent crash 2023-06-23 15:30:02 +01:00
Metasploit 0f65368866
Bump version of framework to 6.3.23 2023-06-22 15:51:18 -05:00
Jeffrey Martin 1b562dd02b
Revert "Improve AMSI bypass on new Windows" 
This reverts commit f97ab80224, reversing
changes made to c8f942cc03.

This change impacted the default `psexec` powershell target and needs further
testing to be reintroduced.
 2023-06-21 16:35:41 -05:00
Spencer McIntyre 5d96b23d19 Update metasploit-payloads gem to 2.0.143 
Includes changes from:
* rapid7/metasploit-payloads#662
* rapid7/metasploit-payloads#660
 2023-06-20 15:14:18 -04:00
usiegl00 7e3e30f9d0 Bump Mettle Version 2023-06-19 11:56:52 +02:00
usiegl00 8c4c260911 Mettle now supports aarch64-apple-darwin 
This bumps the metasploit_payloads-mettle version to enable the new
target triple.
 2023-06-19 10:57:37 +02:00
Metasploit ea34db64af
Bump version of framework to 6.3.22 2023-06-15 12:15:30 -05:00
adfoster-r7 8f11798f5f Update unknown windows errors on python meterpreter to include hex error code 2023-06-15 11:56:32 +01:00
Jack Heysel 6f297a8619
Land #18102, bump metasploit-payloads 2.0.140 
This metasploit-payloads bump is a fix for false negatives
on files not existing on windows python meterpreter
 2023-06-14 13:51:27 -04:00
Jeffrey Martin d3fa7608db
Land #18103, lock nokogiri due to compile issue 2023-06-14 11:40:08 -05:00
Jeffrey Martin ceb85e08c9
update to latest nokogiri 1.14.x 2023-06-14 11:30:25 -05:00
Jeffrey Martin b2d0cdaa28
lock nokogiri due to compile issue 2023-06-14 11:21:49 -05:00
adfoster-r7 00d1f03b8a
Fix false negatives on files not existing on windows python meterpreter 2023-06-14 17:09:06 +01:00
adfoster-r7 793e0887ff
Fix osx route command when mac addresses are split by dots 2023-06-14 16:43:51 +01:00
cgranleese-r7 9187b96756
Land #18099, Fix python meterpreter subprocess deadlock and file descriptor leak 2023-06-14 15:40:10 +01:00
dwelch-r7 de07c2eae2
Land #18098, Fix rex-text crashes when running ruby 3.3 2023-06-14 13:26:02 +01:00
Jeffrey Martin 41429aec97
Land #18080, Weekly dependency updates for Gemfile.lock 2023-06-14 07:16:48 -05:00
adfoster-r7 d6a50acf83
Fix python meterpreter subprocess deadlock and file descriptor leak 2023-06-14 13:10:46 +01:00
adfoster-r7 f30bc86c8a
Fix rex-text crashes when running ruby 3.3 2023-06-14 13:04:20 +01:00
adfoster-r7 21b2e3a597 Fix python meterpreter crashing when extracting osx network configuration 2023-06-14 12:28:15 +01:00
Jack Heysel f97ab80224
Land #17942, Improve AMSI bypass on new Windows 
The script generated by the web_delivery module is blocked
by the Antimalware Scan Interface (AMSI) on newer versions
of windows. This PR allows the script to bypass AMSI.
 2023-06-12 18:50:48 -04:00
Jack Heysel 14dc102e31 Bump rex-powershell to 0.1.98 2023-06-12 16:34:28 -04:00
Spencer McIntyre 4c817ce1de
Land #17946, CVE-2023-21839 - Oracle Weblogic RCE 
CVE-2023-21839 - Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization
 2023-06-09 14:55:43 -04:00
Grant Willcox 694c1006e4
Add more IPv6 support in to the module 2023-06-09 12:24:35 -05:00
Spencer McIntyre eab324714d Update metasploit-payloads gem to 2.0.136 
Includes changes from:
* rapid7/metasploit-payloads#656
 2023-06-09 12:57:02 -04:00
Grant Willcox dce2965d3f
Bump up dependency versions 2023-06-08 14:20:59 -05:00
Metasploit 92cf562950
Bump version of framework to 6.3.21 2023-06-08 12:12:50 -05:00
Spencer McIntyre 372f9cdcfc Update metasploit-payloads gem to 2.0.135 
Includes changes from:
* rapid7/metasploit-payloads#648
* rapid7/metasploit-payloads#637
* rapid7/metasploit-payloads#646
* rapid7/metasploit-payloads#645
* rapid7/metasploit-payloads#643
* rapid7/metasploit-payloads#640
 2023-06-02 09:49:57 -04:00
Metasploit 25e8cf8faf
Bump version of framework to 6.3.20 2023-06-01 12:10:08 -05:00
Spencer McIntyre 8378435051
Land #17430, Add AWS SSM Sessions 2023-06-01 11:34:40 -04:00
Metasploit 8368b80ad6
Bump version of framework to 6.3.19 2023-05-25 12:05:49 -05:00
Zach Goldman 7215b88bad
bump credential version 2023-05-25 10:38:39 -05:00
Metasploit 428229aede
Bump version of framework to 6.3.18 2023-05-18 12:10:55 -05:00
cgranleese-r7 de6e26de8e
Land #18006, Fix error when msfconsole opens browser links without a display present 2023-05-18 16:56:29 +01:00
adfoster-r7 39f4ccd9f9 Fix error when msfconsole opens browser links without a display present 2023-05-18 10:29:22 +01:00
adfoster-r7 3e32c0e22d Fix crash when running a module through socks 4a proxy 2023-05-18 10:25:56 +01:00
RageLtMan 713ec6ae76
Merge branch 'master' into feature/aws_ssm_sessions 2023-05-16 14:39:37 -04:00
Metasploit 484639a2e0
Bump version of framework to 6.3.17 2023-05-11 12:13:25 -05:00
Metasploit 783a1eb504
Bump version of framework to 6.3.16 2023-05-04 12:11:31 -05:00
Jeffrey Martin 0a85cba56d
lock msgpack until build resolved 
MessagePack 1.7.0 gem introduced code not compatible with the current
build env used for nightly packages. This may be addressed in several
ways and has been reported upstream. Lock the version a until a path
forward is determined.
 2023-05-02 15:53:26 -05:00
adfoster-r7 ca0739b3b2 Update rubocop dependency 2023-04-28 23:42:00 +01:00
Grant Willcox 41c75c2e30
Land #17906, Weekly dependency updates for Gemfile.lock 2023-04-28 17:01:09 -05:00
Grant Willcox 5169174c45
Remove Rubocop updates until we can fix underlying issues in our code 2023-04-28 15:19:03 -05:00
Spencer McIntyre 36f9025cea Update metasploit-payloads gem to 2.0.130 
Includes changes from:
* rapid7/metasploit-payloads#631
* rapid7/metasploit-payloads#639
* rapid7/metasploit-payloads#634
 2023-04-27 13:47:37 -04:00
Metasploit 601d9cef96
Bump version of framework to 6.3.15 2023-04-27 12:03:50 -05:00
bwatters f1602dd772
Bump payloads to 2.0.127 2023-04-20 18:50:36 -05:00
Metasploit 04df1ef7e8
Bump version of framework to 6.3.14 2023-04-20 12:11:36 -05:00
adfoster-r7 8e77b70c99
Fix Windows7 Meterpreter crash when in debug mode 2023-04-19 17:30:05 +01:00
Jeffrey Martin 2de950c244
Weekly dependency updates for Gemfile.lock 2023-04-18 14:25:28 -05:00
Spencer McIntyre afce19d378 Update metasploit-payloads gem to 2.0.125 
Includes changes from:
* rapid7/metasploit-payloads#633
* rapid7/metasploit-payloads#625
 2023-04-14 11:19:33 -04:00
dwelch-r7 2c8ad1f158
Land #17809, Add bootsnap for bootup performance 2023-04-14 14:01:12 +01:00
Metasploit fae910eb6b
Bump version of framework to 6.3.13 2023-04-13 12:11:45 -05:00
dwelch-r7 275963eca2
Land #17353, Persist icpr cert as pkcs12 credential 2023-04-12 13:16:18 +01:00
adfoster-r7 875ad34b62
Persist icpr cert as pkcs12 credential 
Update creds command to support pkcs12
 2023-04-11 16:25:25 +01:00
Spencer McIntyre eec0e71dd7 Update metasploit-payloads gem to 2.0.123 
Includes changes from:
* rapid7/metasploit-payloads#628
 2023-04-07 10:45:14 -04:00
Metasploit 261fc5227d
Bump version of framework to 6.3.12 2023-04-06 12:13:28 -05:00
adfoster-r7 653234e1d0
Add bootsnap for bootup performance 2023-04-04 10:35:53 +01:00
Metasploit 3aabb738bf
Bump version of framework to 6.3.11 2023-03-30 12:10:12 -05:00
space-r7 f9c6caa804
Land #17785, add SolarWinds (SWIS) deser RCE 2023-03-27 15:25:17 -05:00
Spencer McIntyre a36a475111 Bump rex-socket to 0.1.49 
This includes the SSL fix from rapid7/rex-socket#58
 2023-03-27 16:02:57 -04:00
Metasploit 99aca10c8d
Bump version of framework to 6.3.10 2023-03-23 12:10:35 -05:00
Metasploit 8b26064855
Bump version of framework to 6.3.9 2023-03-16 12:14:04 -05:00
Metasploit 192af217b6
Bump version of framework to 6.3.8 2023-03-13 13:23:26 -05:00
Metasploit d188170169
Bump version of framework to 6.3.7 2023-03-09 14:03:37 -06:00
Christophe De La Fuente 4866c2b8b8
Land #17686, Additional PetitPotam Methods 2023-03-09 19:29:16 +01:00
Spencer McIntyre 0cbac03f91 Update ruby_smb gem to 3.2.5 2023-03-09 11:58:49 -05:00
Spencer McIntyre 876b7c2c0f Update metasploit-payloads gem to 2.0.122 
Includes changes from:
* rapid7/metasploit-payloads#621
* rapid7/metasploit-payloads#623
 2023-03-09 11:40:45 -05:00
h00die-gr3y d3f84af790
Included mixin for PHP code injection at PNGs 2023-03-09 09:28:14 -06:00
Jeffrey Martin 350984bc41
Land #17661, Weekly dependency updates for Gemfile.lock 2023-03-09 08:36:26 -06:00
Grant Willcox 0fc94f14e8
Bump up gems again 2023-03-08 10:26:29 -06:00
Grant Willcox 0bf809697c
Update metasploit-payloads gem to 2.0.120 2023-03-07 10:55:07 -06:00
Spencer McIntyre 2c1de9b2e4 Update metasploit-payloads gem to 2.0.118 
Includes changes from:
* rapid7/metasploit-payloads#619
* rapid7/metasploit-payloads#617
* rapid7/metasploit-payloads#610
 2023-03-03 17:19:05 -05:00
Grant Willcox 96c9f60cc1
Land #17715, Update metasploit-payloads gem to 2.0.115 2023-03-02 16:52:24 -06:00
Metasploit 673a574b3d
Bump version of framework to 6.3.6 2023-03-02 12:11:53 -06:00
Spencer McIntyre 75ed29964e Update metasploit-payloads gem to 2.0.115 
Includes changes from:
* rapid7/metasploit-payloads#614
* rapid7/metasploit-payloads#611
 2023-02-28 12:56:34 -05:00
Spencer McIntyre 7db2d86147 Update metasploit-payloads gem to 2.0.113 
Includes changes from:
  * rapid7/metasploit-payloads#604
  * rapid7/metasploit-payloads#605
  * rapid7/metasploit-payloads#607
  * rapid7/metasploit-payloads#606
  * rapid7/metasploit-payloads#609
 2023-02-24 12:09:21 -05:00
Metasploit f4549b0a1e
Bump version of framework to 6.3.5 2023-02-23 12:11:22 -06:00
Grant Willcox 676dd5cbbd
Bump up gems 2023-02-17 11:40:23 -06:00
Metasploit 71cecfb1d4
Bump version of framework to 6.3.4 2023-02-16 12:12:20 -06:00
Metasploit e420dc123d
Bump version of framework to 6.3.3 2023-02-09 12:10:37 -06:00
Grant Willcox affe47957b
Bump up Gems 2023-02-07 17:21:16 -06:00
Metasploit 5d6e989e64
Bump version of framework to 6.3.2 2023-02-02 12:11:52 -06:00
cgranleese-r7 d1e68e634a Add row indicator to show targets command 2023-02-02 16:12:19 +00:00
Spencer McIntyre 0d9a282237 Use the new NDR types in RubySMB v3.2.4 2023-01-31 10:08:27 -05:00
cgranleese-r7 fb196cb378 Testing Ruby 3.2 against CI 2023-01-31 13:19:06 +00:00
Metasploit d80a18a00c
Bump version of framework to 6.3.1 2023-01-26 13:40:05 -06:00
Jeffrey Martin bdb0cadc4f Land #17291, Add support for rails 7 2023-01-26 11:50:29 -06:00
adfoster-r7 672fb9ce9f
Land #17460, add support for feature kerberos authentication 2023-01-26 17:47:27 +00:00
Jeffrey Martin b295429fc9
latest metasploit-credential gem 2023-01-26 09:22:56 -06:00
adfoster-r7 25ba3304ab
Fix rails 7 deprecation warning for secrets dump module 2023-01-26 10:22:28 +00:00
adfoster-r7 ea96629925
Bump Metasploit version to 6.3.0 2023-01-25 18:36:48 +00:00
Jeffrey Martin 58172267ac
update to latest Rails 7 gem 2023-01-23 09:59:21 -06:00
Jeffrey Martin 6b64a15ab1
updated metasploit_data_models 2023-01-23 09:59:19 -06:00
Jeffrey Martin 1323889b65
update to released Rails 7 supported deps 2023-01-23 09:58:22 -06:00
Jeffrey Martin 5ce04e97e8
update Gemfile dev deps 2023-01-23 09:57:51 -06:00
Jeffrey Martin d9716ebecf
core updates for Rails 7 2023-01-23 09:57:09 -06:00
adfoster-r7 20408f4446
Fix deprecation warning in socks proxy 2023-01-23 12:05:57 +00:00
Spencer McIntyre 9d07f206fc Bump windows_error to 0.1.5 2023-01-20 16:29:24 -05:00
Spencer McIntyre 190249b993 Bump ruby_smb to 3.2.2 2023-01-20 16:29:24 -05:00
Spencer McIntyre 15237e5154 Update metasploit-payloads gem to 2.0.108 
Includes changes from:
  * rapid7/metasploit-payloads#599
  * rapid7/metasploit-payloads#600
  * rapid7/metasploit-payloads#602
 2023-01-20 09:21:28 -05:00
Metasploit 3602a420d3
Bump version of framework to 6.2.37 2023-01-19 12:05:00 -06:00