github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-09-18 14:00:12 +02:00
Code Releases Activity
48,808 Commits 15 Branches 911 Tags 1.2 GiB
c7efd57144
Commit Graph

355 Commits

Author SHA1 Message Date
Brent Cook
edb2d8b762
fix windows unicode usernames, add recursive directory delete 2017-11-29 17:01:01 -06:00
Brent Cook
035d1ef2c6
bump payloads, pull in AES negotation & transport fixes 2017-11-25 18:21:57 -06:00
Brent Cook
8645a518b3 add mettle support for custom headers 2017-11-24 20:27:34 -06:00
Brent Cook
4050985649
update payloads 2017-11-21 13:53:33 -06:00
OJ
6f9671ff11
Updated Payloads version to 1.3.14 2017-11-08 12:36:50 +10:00
Brent Cook
ebaf0c5484 bump mettle, update toolchain, add e500v2 and reduce size of x86_64 2017-10-30 05:09:31 -05:00
Brent Cook
254c2a33d3 bump metasploit payloads, windows meterpreter fixes 2017-10-27 11:44:23 -05:00
Jeffrey Martin
f2cba8d920
Land #8933, Web_Delivery - Merge regsvr32_applocker_bypass_server & Add PSH(Binary) 
This restores the original PR
 2017-10-25 16:29:11 -05:00
Jeffrey Martin
ca28abf2a2 Revert "Land #8933, Web_Delivery - Merge regsvr32_applocker_bypass_server & Add PSH(Binary)" 
This reverts commit 4999606b61, reversing
changes made to 4274b76473.
 2017-10-25 16:19:14 -05:00
Jeffrey Martin
4999606b61 Land #8933, Web_Delivery - Merge regsvr32_applocker_bypass_server & Add PSH(Binary) 2017-10-25 12:44:04 -05:00
Tim
7e398e2ef5 Fix #9111, bump metasploit-payloads gem to include php 5.3.10 fix 2017-10-24 11:40:02 +08:00
OJ
7ea14e8431
Update payloads for getsystem fixes 2017-09-28 09:43:02 +10:00
g0tmi1k
1ee590ac07 Move over to rex-powershell and version bump 
Version bump for:
- https://github.com/rapid7/rex-powershell/pull/10
- https://github.com/rapid7/rex-powershell/pull/11
 2017-09-25 13:45:06 +01:00
William Webb
721277d39d
bump metasploit-payloads to 1.3.8 2017-09-20 05:04:13 -05:00
Brent Cook
6b0b2550ec
bump payloads, add shell expansion for java/android payloads 2017-09-08 13:45:54 -05:00
Brent Cook
d38ee0f1ee bump payloads, grab java/android fixes for #8938 
fixes #8938
 2017-09-08 10:08:22 +02:00
Brent Cook
9877a61eff bump payloads 2017-09-07 01:36:25 -05:00
OJ
7acd772c10 Pivot session stability, display and handling 2017-09-07 01:36:21 -05:00
Brent Cook
928d632042 import https://github.com/fizx/robots.git 0.10.1 2017-08-28 15:47:46 -05:00
Brent Cook
582b2e238e update mettle payload to 0.2.2, add background and single-thread http comms 2017-08-28 05:31:44 -05:00
Brent Cook
430251b8f6
fix compatibility with php meterpreter 2017-08-21 15:37:31 -05:00
Brent Cook
20b6f37fb8 bump payloads with crypttlv format awareness 2017-08-20 19:01:42 -05:00
Brent Cook
b9b779da9e update references to sourceforge ML 2017-08-20 13:23:54 -05:00
Brent Cook
bb2304a2d1
Land #8769, improve style, compatibility, for ssh modules 2017-08-01 21:43:32 -05:00
Brent Cook
390f4d52db add ed25519 support for net-ssh 2017-08-01 16:05:25 -05:00
Brent Cook
ddc4fd95a5 Update payloads 
This incorporates support for HiDPI displays with screen capture for Windows
meterpreter, and fixes a communications bug with Android meterpreter.
 2017-07-28 09:56:03 -07:00
Brent Cook
a0511c79a4
pull in minor build fixes and filesystem stat implementation from python 
This pulls in https://github.com/rapid7/metasploit-payloads/pull/219
and https://github.com/rapid7/metasploit-payloads/pull/195
 2017-07-23 22:37:43 -07:00
Brent Cook
3bc0c18e6a Properly handle threads and window destruction, add PID logging 
This pulls in https://github.com/rapid7/metasploit-payloads/pull/213
which fixes https://github.com/rapid7/metasploit-framework/issues/8608
and adds PID logging to verbose keyboard capture.
 2017-07-23 22:27:42 -07:00
Brent Cook
8444038c62
Add eval alternative to PHP Meterpreter to bypass suhosin 
See https://suhosin.org/stories/index.html for more information on this system.
 2017-07-23 22:04:09 -07:00
Brent Cook
b75530b978 Fix an issue where 'sleep' with Python Meterpreter appears to fail. 2017-07-23 05:38:06 -07:00
Brent Cook
302b66c2d8
add payloads support for OSX with python meterpreter 2017-07-23 05:26:59 -07:00
Brent Cook
072b0dc90b Hide errors in Windows Meterpreter sessions 
In Windows Meterpreter sessions, set newly created threads via
SetThreadErrorMode to not display error popups when there are failures.
 2017-07-23 05:09:01 -07:00
Brent Cook
1d0db02a64 bump payloads 2017-07-20 09:10:19 -05:00
Brent Cook
cc3168933f update mettle payloads, template generator 2017-07-18 13:13:38 -05:00
David Maloney
3ad4ff69b4
try and hard lock rex-powershell version 
remove this later when the issues with this gem release are addressed
 2017-07-17 15:25:26 -05:00
Christian Mehlmauer
3c7d6c3a6a
fixed some bugs 2017-07-17 10:10:12 +02:00
Christian Mehlmauer
7d6992c0e8
respect windows 2017-07-17 09:58:20 +02:00
Christian Mehlmauer
d24e2943ca
update docker stuff 2017-07-10 16:38:10 +02:00
Brendan Coles
6a29b87a4c Add pdf-reader dependency 2017-07-07 11:19:06 +00:00
William Webb
6349026134
Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Brent Cook
eba8979914 bump payloads 2017-06-27 04:08:15 -05:00
Rob Fuller
2918b3af13
Land #8599, Dynamic DNS updater module 2017-06-25 15:08:22 -05:00
Brent Cook
7a006e0f71 bump payloads 2017-06-23 18:13:52 -05:00
OJ
87cee65a06
Bump payloads to 1.2.35 to include kiwi updates 2017-06-23 13:43:00 +10:00
Brent Cook
fda2e8c73d
Land #8523, Add support for session GUIDs 2017-06-22 20:10:10 -05:00
KINGSABRI
5528084e27 add Dnsruby 2017-06-22 15:55:04 -05:00
Brent Cook
ebfd920222 document why 2017-06-21 03:13:43 -05:00
Brent Cook
22db17a87a bind ruby-pg back to version 0.20 2017-06-21 03:11:11 -05:00
OJ
a3f3dc0a70
Upload payloads/mettle gems, update cache sizes 
Updated both the metasploit-payload and metasploit-payload-mettle gems
to the versions that match for the session GUID pull requests. Updated
the payload cached sizes to match the new payloads.
 2017-06-09 17:15:52 +10:00
Brent Cook
5f10e63923 bump payloads 2017-06-05 08:43:16 -05:00
Brent Cook
43ac76ee2b
Fix #8464, use pathname when determining where .git is 2017-05-30 08:56:10 -05:00
Brent Cook
b05fa9c01e add missing dirname 2017-05-30 08:50:43 -05:00
Brent Cook
a01a2ead1a
Land #8467, Samba CVE-2017-7494 Improvements 2017-05-30 00:15:03 -05:00
Brent Cook
e31e3fc545 add additional architectures and targets 2017-05-30 00:07:37 -05:00
Brent Cook
1a8f84083c data/gui has not existed in a long time 2017-05-26 22:57:59 -05:00
Brent Cook
0f832fd4d1 skip generating gem file contents if this is not a git checkout 2017-05-26 22:57:59 -05:00
Brent Cook
ab6b5f381d msfupdate is no longer a distributed binary, it's a dev tool 2017-05-26 22:57:59 -05:00
Matthew Daley
52363aec13 Add module for CVE-2017-8895, UAF in Backup Exec Windows agent 
This module exploits a use-after-free vulnerability in the handling of
SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for
Windows. When SSL is re-established on a NDMP connection that previously
has had SSL established, the BIO struct for the connection's previous
SSL session is reused, even though it has previously been freed.

Successful exploitation will give remote code execution as the user of
the Backup Exec Remote Agent for Windows service, almost always
NT AUTHORITY\SYSTEM.
 2017-05-24 00:18:20 +12:00
Brent Cook
c59371dd5e add ruby backports compat library 2017-05-17 23:41:20 -05:00
Brent Cook
337db56d4f bump payloads 2017-05-11 14:57:10 -05:00
James Lee
fd05cea033
Update packetfu and remove version lock 2017-05-09 11:03:32 -05:00
Zero_Chaos
9295a39c92 update packetfu dep now that 1.1.13 is released 
Please use the release instead of the pre-release
 2017-05-09 11:18:28 -04:00
Brent Cook
7f1e2e6c71 bump metasploit-payloads 2017-05-08 17:34:55 -05:00
Brent Cook
0bc9d9259d meterpreter bugfixes 
fixed stdapi_fs_mount_show to show full mapped drive path for Python
Meterpreter on Windows

Updated the Windows Meterpreter `getprivs` command to list all privileges
 2017-05-08 16:26:32 -05:00
Brent Cook
7c11e0065d update mettle 2017-04-26 18:00:50 -05:00
Brent Cook
7613bd8964 bump metasploit-payloads, fix 64-bit builds 2017-04-16 08:52:41 -05:00
Brent Cook
fe33fe5571 bump payloads with new keyscan code 2017-04-14 21:54:50 -05:00
Brent Cook
7eaba1fdee bump payloads 2017-04-14 13:17:25 -05:00
Brent Cook
eedbf25f06 bump android meterpreter, adding in-app screenshot support 2017-04-14 12:38:53 -05:00
Brent Cook
f8a94de671 bump metasploit-payloads, enhance windows support in python meterpreter 2017-04-14 12:28:52 -05:00
Brent Cook
5dd681ead7 we only need xmlrpc for ruby >= 2.3 2017-04-13 17:33:29 -05:00
Brent Cook
cdccd1df19 add xmlrpc as an explicit dependency 2017-04-13 07:12:38 -05:00
Jeffrey Martin
157d28ab3d
make metasploit-aggregator a framework package 2017-04-12 12:33:13 -05:00
Jeffrey Martin
c845745f0b
remove platform restriction on metasploit-aggregator 2017-04-06 13:09:09 -05:00
David Maloney
2d9c2321d1
add ruby_smb as a dep 
added the ruby_smb library to the gemspec

MS-2557
 2017-03-28 16:12:12 -05:00
Brent Cook
9542087642 bump mettle to 0.1.8 2017-03-21 16:45:25 -05:00
Brent Cook
2701fef34b bump to metasploit-payloads 1.2.29 2017-03-17 17:34:16 -05:00
Brent Cook
0631bc4c29 bump payloads and such 2017-03-16 23:51:51 -05:00
bwatters-r7
637a9b018d Bump to metasploit-payloads 1.2.17 that has needed code changes 2017-03-15 18:39:21 -05:00
Brent Cook
031285d49a update payloads 2017-02-28 03:04:53 -06:00
bwatters-r7
adcb65c66b Update gemspec file to use metasploit-payloads 1.2.15 per payloads PR#171 2017-02-24 20:15:50 -06:00
James Barnett
2631259919 Land #7973, Enable cert validation for Nexpose 
This PR enables connection to a Nexpose console using the
nexpose client gem.

It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
 2017-02-24 14:27:24 -06:00
Brent Cook
86c04cd9f4 update metasploit payloads with Python fixes 2017-02-17 18:52:14 -06:00
Brent Cook
40c86567aa import packetfu fix for https://github.com/packetfu/packetfu/pull/163 2017-02-06 15:51:01 -06:00
Jeffrey Martin
eeba1e0bb2
first pass of upgrading nexpose gem to latest 2017-01-25 10:16:48 -06:00
bwatters
49da83cf74 Bump metasploit-payloads to 1.2.11 to incorporate changes to metasploit-payloads 
PR# 163; timestomp fixes
 2017-01-25 09:54:07 -06:00
Brent Cook
2e1d381e2e bump gem 2017-01-24 09:48:40 -06:00
Brent Cook
d9602f49a2 bump payloads 2017-01-22 15:45:45 -06:00
Brent Cook
6a2d036ea8 depend on regular rb-readline, bugs fixed upstream 2017-01-22 10:20:05 -06:00
Brent Cook
28211c3b73 bump payloads 2017-01-22 10:02:41 -06:00
Brent Cook
f11cf92040 bump mettle gem to include pivoting support 2017-01-10 16:43:49 -06:00
Brent Cook
cd950e91a9 bump payloads gem 2016-12-29 15:59:07 -06:00
William Webb
5702bd6745
Land #7674, Move migration stub generation code into msf 2016-12-22 17:53:00 -06:00
William Webb
ea704211ca incorporate payload stub generation changes 2016-12-22 17:50:43 -06:00
Brent Cook
50f95f9940
Land #7681, Get ready for stageless mettle 2016-12-09 09:31:47 -06:00
Brent Cook
6dcdf74850 bump mettle gem 2016-12-09 09:27:56 -06:00
Adam Cammack
eeef8fa6ad
Add new arches to UUIDs 2016-12-08 16:29:43 -06:00
OJ
fc1d601d13
Bump the payloads version to 1.2.4 2016-12-07 14:57:05 +10:00
Brent Cook
7346223a65
update payloads 2016-12-06 07:16:44 -06:00
Brent Cook
d7dce28018 bump mettle to get fix for UUID encoding 2016-11-21 00:57:50 -06:00