Commit Graph

212 Commits (02ea38516f96142586b65568580ddd9e5ae9a86c)

Author SHA1 Message Date
Efrain Torres 21c6da5e12 Added wmap_vuln to see web_vulns table results. Basic reporting at this time. 2012-03-02 10:18:32 -06:00
Efrain Torres 4b412dc9e1 Minor fixes on view nodes jobs. 2012-03-02 10:18:32 -06:00
Efrain Torres 6437181542 Added job.info as part of nodes jobs details 2012-03-02 10:18:31 -06:00
Efrain Torres d35291d1bc Handle site tree leafs as directories if dont have extension 2012-03-02 10:18:31 -06:00
Efrain Torres 6938b91d07 Execute tests agains a specific path and bug fix in blind sqli module 2012-03-02 10:18:31 -06:00
Efrain Torres a2e5a4d9d5 New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention 2012-03-02 10:18:31 -06:00
James Lee 624e19fd8b Merge session-host-rework branch back to master
Squashed commit of the following:

commit 2f4e8df33c5b4baa8d6fd67b400778a3f93482aa
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:31:03 2012 -0700

    Clean up some rdoc comments

    This adds categories for the various interfaces that meterpreter and
    shell sessions implement so they are grouped logically in the docs.

commit 9d31bc1b35845f7279148412f49bda56a39c9d9d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 13:00:25 2012 -0700

    Combine the docs into one output dir

    There's really no need to separate the API sections into their own
    directory.  Combining them makes it much easier to read.

commit eadd7fc136a9e7e4d9652d55dfb86e6f318332e0
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:27:22 2012 -0700

    Keep the order of iface attributes the same accross rubies

    1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
    end up with ~random order for the display with the previous technique.
    Switch to an Array instead of a Hash so it's always the same.

commit 6f66dd40f39959711f9bacbda99717253a375d21
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:23:35 2012 -0700

    Fix a few more compiler warnings

commit f39cb536a80c5000a5b9ca1fec5902300ae4b440
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:17:39 2012 -0700

    Fix a type-safety warning

commit 1e52785f38146515409da3724f858b9603d19454
Author: James Lee <egypt@metasploit.com>
Date:   Mon Feb 27 15:21:36 2012 -0700

    LHOST should be OptAddress, not OptAddressRange

commit acef978aa4233c7bd0b00ef63646eb4da5457f67
Author: James Lee <egypt@metasploit.com>
Date:   Sun Feb 26 17:45:59 2012 -0700

    Fix a couple of warnings and a typo

commit 29d87f88790aa1b3e5db6df650ecfb3fb93c675b
Author: HD Moore <hdm@digitaloffense.net>
Date:   Mon Feb 27 11:54:29 2012 -0600

    Fix ctype vs content_type typo

commit 83b5400356c47dd1973e6be3aa343084dfd09c73
Author: Gregory Man <man.gregory@gmail.com>
Date:   Sun Feb 26 15:38:33 2012 +0200

    Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x

commit 49c2c80b347820d02348d694cc71f1b3028b4365
Author: Steve Tornio <swtornio@gmail.com>
Date:   Sun Feb 26 07:13:13 2012 -0600

    add osvdb ref

commit e18e1fe97b89c3a2b8c22bc6c18726853d2c2bee
Author: Matt Andreko <mandreko@gmail.com>
Date:   Sat Feb 25 18:02:56 2012 -0500

    Added aspx target to msfvenom.  This in turn added it to msfencode as well.
    Ref: https://github.com/rapid7/metasploit-framework/pull/188
    Tested on winxp with IIS in .net 1.1 and 2.0 modes

commit e6aa5072112d79bbf8a4d2289cf8d301db3932f5
Author: Joshua J. Drake <github.jdrake@qoop.org>
Date:   Sat Feb 25 13:00:48 2012 -0600

    Fixes #6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver

commit b3371e8bfeea4d84f9d0cba100352b57d7e9e78b
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 17:07:42 2012 -0700

    Simplify logic for whether an inner iface has the same address

commit 5417419f35a40d1c08ca11ca40744722692d3b0d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:58:16 2012 -0700

    Whitespace

commit 9036875c2918439ae23e11ee7b958e30ccc29545
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:53:45 2012 -0700

    Set session info before worrying about address

    get_interfaces can take a while on Linux, grab uid and hostname earlier
    so we can give the user an idea of what they popped as soon as possible.

commit f34b51c6291031ab25b5bfb1ac6307a516ab0ee9
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:48:42 2012 -0700

    Clean up rdoc

commit e61a0663454400ec66f59a80d18b0baff4cb8cd9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:54:45 2012 -0600

    Ensure the architecture is only the first word (not the full WOW64
    message in some cases)

commit 4c701610976a92298c1182eecc9291a1b301e43b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:49:17 2012 -0600

    More paranoia code, just in case RHOST is set to whitespace

commit c5ff89fe3dc9061e0fa9f761e6530f6571989d28
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:47:01 2012 -0600

    A few more small bug fixes to handle cases with an empty string target
    host resulting in a bad address

commit 462d0188a1298f29ac83b10349aec6737efc5b19
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 03:55:10 2012 -0600

    Fix up the logic (reversed by accident)

commit 2b2b0adaec2448423dbd3ec54d90a5721965e2df
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 23:29:52 2012 -0600

    Automatically parse system information and populate the db, identify and
    report NAT when detected, show the real session_host in the sessions -l
    listing

commit 547a4ab4c62dc3248f847dd5d305ad3b74157348
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:16:03 2012 -0600

    Fix typo introduced

commit 27a7b7961e61894bdecd55310a8f45d0917c5a5c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:11:38 2012 -0600

    More session.session_host tweaks

commit e447302a1a9915795e89b5e29c89ff2ab9b6209b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:08:20 2012 -0600

    Additional tunnel_peer changes

commit 93369fcffaf8c6b00d992526b4083acfce036bb3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:06:21 2012 -0600

    Additional changes to session.session_host

commit c3552f66d158685909e2c8b51dfead7c240c4f40
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:00:19 2012 -0600

    Merge changes into the new branch
2012-02-28 18:29:39 -07:00
Carlos Perez 74c2046440 Fix several of the prints for tables, change Constant variables to instace variables so they are removed when plugin is unloaded, removed several if statements for variables no longer set by user input and commented out the generation of the exploit index since it is not used at this moment 2012-02-06 21:48:05 -04:00
Jonathan Cran e578a13c05 Revert "Revert "make the esx driver dependent on meterpreter""
This reverts commit 7a71d22625.
2012-01-05 23:09:29 -06:00
Jonathan Cran 7a71d22625 Revert "make the esx driver dependent on meterpreter"
This reverts commit eec70706d0.
2012-01-05 23:09:05 -06:00
Jonathan Cran eec70706d0 make the esx driver dependent on meterpreter 2012-01-05 20:42:58 -06:00
Jonathan Cran c522514030 update the meterpreter modifier to reflect the new copy_ api 2012-01-05 18:26:05 -06:00
Michael Boman 1102d56a27 Incorporating mboman's save credentials
I don't think the use of the constant is a show stopper since it is
identical to the existing Nessus plugin scheme as well. It doesn't make
it right but it's not a reason to block. Both should be fixed some time.

Made a handful of minor edits regarding file handle management, and also
noted that the act of saving nexpose credentials will always cause the
SSL nag screen to not display.

Thanks for the implementation, mboman!

[Closes #57] [Fixes #6156]

Squashed commit of the following:

commit 8d421ab8e3004bcb67e156b45f1355a608e0320c
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Dec 23 15:55:35 2011 -0600

    Adds a comment note about bypassing the SSL verify warning

commit fd956b380f14bbb394f36b0a3c565906f9aed869
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Dec 23 15:53:29 2011 -0600

    Changing file write mode from w+ to wb.

commit d884c87482b033b7200d5045ba5f9b2d910f4aa8
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Dec 23 15:15:46 2011 -0600

    ::File instead of File throughout

commit 6d72f87e8f175f088ac7beeb80742d50ab01b38a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Dec 23 15:14:54 2011 -0600

    Space change

commit f6f3527595379ba11b3be4341a0c620b06340fbb
Merge: a978d19 2335614
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Dec 23 15:13:12 2011 -0600

    Merge branch 'master' of github_r7:rapid7/metasploit-framework into mboman_nexpose

commit a978d1962f756f507fdabb988380a7ecf3ce76bb
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Dec 23 15:12:51 2011 -0600

    Minor fixups mostly around ::File handling.

commit bddd0249b956c3e2c960b0bd6028b88e6e99eac5
Merge: 2ddc161 bb2ea62
Author: Michael Boman <michael@michaelboman.org>
Date:   Fri Dec 16 08:39:10 2011 +0100

    Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose

commit 2ddc1616714b37e89415195b2a9ef9c569e4065e
Author: Michael Boman <michael@michaelboman.org>
Date:   Wed Dec 14 11:44:29 2011 +0100

    msftidy cleanup (whitespace after EOL)

commit b202c7ff3a61ac450c181d4f60b01923bad9625f
Author: Michael Boman <michael@michaelboman.org>
Date:   Wed Dec 14 11:28:13 2011 +0100

    Removed a ncusage call

commit 45da9728d1867b04ce557521650abbc41753165e
Author: Michael Boman <michael@michaelboman.org>
Date:   Wed Dec 14 09:19:58 2011 +0100

    Fixed indenting, removed ncusage function until later...

commit e9f03aafba7db0d907c431eca3a3b55672437ea4
Merge: 41d3fae 8dc85f1
Author: Michael Boman <michael@michaelboman.org>
Date:   Wed Dec 14 07:35:17 2011 +0100

    Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose

commit 41d3fae61b9501179d5b474de018ea370ae90192
Merge: 63b6f38 d87d8d5
Author: Michael Boman <michael@michaelboman.org>
Date:   Tue Dec 13 20:07:34 2011 +0100

    Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose

commit 63b6f3873d466b7c6e4f3be5f0cea0a2a72e46f9
Merge: b3b7be4 cfa128a
Author: Michael Boman <michael@michaelboman.org>
Date:   Tue Dec 13 17:01:06 2011 +0100

    Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose

commit b3b7be4594eedbb82424e89ad44372dd71a0c507
Author: Michael Boman <michael@michaelboman.org>
Date:   Tue Dec 13 16:54:54 2011 +0100

    Nexpose plugin can now save/load credentials
2011-12-23 16:12:34 -06:00
Tod Beardsley db90989db4 Merge pull request #76 from kernelsmith/lab_tab_complete
lab_load now tab completes from data/lab (lab plugin), for real tho
2011-12-22 13:21:11 -08:00
Jonathan Cran e48031cf22 squashed lab upload commit 2011-12-22 14:56:45 -06:00
Joshua Smith ee94e3e697 lab_load now tab completes from data/lab (lab plugin), for real tho 2011-12-22 01:25:43 -05:00
Marc Bevand 2dc4319bba Fix Nexpose plugin bug to allow pass the hash to work 2011-12-20 17:51:47 -06:00
Tod Beardsley cfa3e9818e Merge pull request #68 from averagesecurityguy/master
Cosmetic changes to openvas plugin output. Replaced puts with print_line.
2011-12-20 15:37:09 -08:00
Stephen Haywood 18635387d5 Changed puts to print_line. 2011-12-18 20:03:49 -05:00
Stephen Haywood a35564c723 cosmetic changes to openvas plugin output 2011-12-17 18:46:30 -05:00
HD Moore e91a64f91f Remove xmlrpc support in this branch (only msgpack is supported) 2011-12-05 13:07:25 -06:00
HD Moore c30f328560 Purge code deprecated in the 4.1.0 release 2011-11-10 20:16:14 -06:00
Carlos Perez a41b2f9654 Patch and changes sent in by Zate
git-svn-id: file:///home/svn/framework3/trunk@14134 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 01:42:40 +00:00
Tod Beardsley b070bcd763 See #3597. Whoops adding an Id keyword.
git-svn-id: file:///home/svn/framework3/trunk@14095 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 22:46:12 +00:00
Tod Beardsley 247ba1f931 Fixes #3597 by adding the plugin. Thanks Jeff!
git-svn-id: file:///home/svn/framework3/trunk@14094 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 22:44:42 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Carlos Perez 258094046a Removed space in print_line call
git-svn-id: file:///home/svn/framework3/trunk@13900 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 23:28:02 +00:00
Tod Beardsley a4cd830442 Fixes #5436. Thanks averagesecurityguy!
git-svn-id: file:///home/svn/framework3/trunk@13851 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 16:10:20 +00:00
HD Moore 5c4be24088 Consistent spelling
git-svn-id: file:///home/svn/framework3/trunk@13811 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-03 19:22:30 +00:00
Wei Chen 4376207e8d Apply fix #5512
git-svn-id: file:///home/svn/framework3/trunk@13777 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 02:04:22 +00:00
amaloteaux c332ed5e58 typo
git-svn-id: file:///home/svn/framework3/trunk@13514 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 20:33:42 +00:00
Jonathan Cran 1b854622c9 redundant comment is redundant.
git-svn-id: file:///home/svn/framework3/trunk@13421 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 09:04:32 +00:00
Jonathan Cran 2d589e72dc allow us to parse ranges and addresses from a file
git-svn-id: file:///home/svn/framework3/trunk@13420 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 08:59:16 +00:00
HD Moore 7f758e42e8 Fix up SSL behavior (correctly, this time). Update the msfrpc tools to support the new MessagePack code, fix various defaults in the plugin. Fixes #5116
git-svn-id: file:///home/svn/framework3/trunk@13416 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 23:58:05 +00:00
Jonathan Cran 24d2b48f64 Initial commit of an esx/esxi driver for the lab plugin (thanks to kernelsmith). Also updated documentation in lib/lab/README.
git-svn-id: file:///home/svn/framework3/trunk@13151 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-11 05:52:51 +00:00
HD Moore f67675a0ff Update string matches
git-svn-id: file:///home/svn/framework3/trunk@13076 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-30 07:40:28 +00:00
James Lee b53d23ebac remove deprecated db plugins.
git-svn-id: file:///home/svn/framework3/trunk@13049 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-28 18:05:21 +00:00
Jonathan Cran 6ebf4781bc handle a couple of error cases, improve the way commands run on multiple vms
git-svn-id: file:///home/svn/framework3/trunk@12856 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-05 06:57:24 +00:00
Jonathan Cran 74e40f8e15 copypasta error, fixes #4633.
git-svn-id: file:///home/svn/framework3/trunk@12824 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 21:39:12 +00:00
Jonathan Cran df56bff027 do the right thing w/ a suspend or reset command on all vms. fixes #4630
git-svn-id: file:///home/svn/framework3/trunk@12814 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 06:18:38 +00:00
HD Moore aacfd0dcda Support for the new NeXpose release
git-svn-id: file:///home/svn/framework3/trunk@12788 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 20:28:28 +00:00
Jonathan Cran 65886d7fa3 add the comma, thanks kernelsmith
git-svn-id: file:///home/svn/framework3/trunk@12768 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 05:04:11 +00:00
Jonathan Cran 840b20a371 add the run_command and open_uri commands back in
git-svn-id: file:///home/svn/framework3/trunk@12767 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 04:46:29 +00:00
Jonathan Cran 1ba8db7321 add help, thanks for the suggestion kernelsmith
git-svn-id: file:///home/svn/framework3/trunk@12766 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 04:11:47 +00:00
HD Moore f126805ea1 Cleanup SSL key passing to match egypt's changes (cert + key in the same PEM). Add token management functions
git-svn-id: file:///home/svn/framework3/trunk@12756 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-28 04:01:15 +00:00
HD Moore a8c474d7d6 Add the versioned (1.0) RPC backend
git-svn-id: file:///home/svn/framework3/trunk@12679 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 03:50:14 +00:00
James Lee 14b20159c4 fix case sensitivity and a variable scoping typo
git-svn-id: file:///home/svn/framework3/trunk@12669 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 06:14:22 +00:00
HD Moore 5cda8acbaf Switch to raw-xml, not the invalid ns-raw
git-svn-id: file:///home/svn/framework3/trunk@12665 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 18:21:25 +00:00
HD Moore 80f71b441e This adds a basic RPC server that operates over HTTP and uses MessagePack. The client/server wrappers are still being finalized. MessagePack libraries are avavailable for all major languages ( http://msgpack.org/ ) and this implementation is ridiculous fast and binary safe, relative to XMLRPC.
git-svn-id: file:///home/svn/framework3/trunk@12616 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-14 18:38:44 +00:00
HD Moore bfef110932 Add a compatibility check, prevents errors caused by interaction with out of date engines
git-svn-id: file:///home/svn/framework3/trunk@12318 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 21:45:42 +00:00