e3ed7905f1
Add tnftp_savefile exploit
...
Also add URI{HOST,PORT} and {,v}print_good to HttpServer.
2014-10-30 20:38:16 -05:00
325c01e45d
Log constants leaked before and after suite
...
MSP-11130
Some constants can be leaked before suite if module are loaded during
spec loading, such as if a framework instance in made in the context
body of a spec instead of in a before callback.
2014-10-30 14:04:07 -05:00
ae0a98785f
Print when Metasploit::Framework::Spec::Constants::Each before(:each) cleans
...
MSP-11130
Print to stderr the full description of the example when
`Metasploit::Framework::Spec::Constants.configure!`'s `before(:each)`
cleans constants as it may clean constants that are leaked from the
class level at parse time.
2014-10-30 12:34:55 -05:00
c8e4745d6d
Fail `rake spec` if leak tracking unnecessary
...
MSP-11130
Fail `rake spec` if
`Metasploit::Framework::Spec::Constants::Each.configure!`'s
`before(:each)` does not clean all leaked constants and if should be
removed so that it does not interefore with future specs.
2014-10-30 09:37:17 -05:00
667f1ca876
Move readline choice into a method
2014-10-29 22:33:23 -05:00
7b77bbedaa
Better explanations
2014-10-29 22:32:56 -05:00
867329d4b3
Fix readline by mucking with load path
2014-10-29 22:14:49 -05:00
c2bd75b587
Clean up leaked constants
...
MSP-11130
2014-10-29 15:50:47 -05:00
892aeaf727
Metasploit::Framework::Spec::Constants cleaner
...
MSP-11130
Shared context will calls `Metasploit::Framework::Spec::Constants.clean
after each example.
2014-10-29 11:31:17 -05:00
0d4b22ce7a
Detect constant leaks in individual examples
...
MSP-11130
`Metasploit::Framework::Spec::Constants::Each.configure!` will set up an
`after(:each)` callback that will fail the example if there are leaked
constants. Leaked constants are cleaned up to prevent misattribution.
2014-10-28 15:50:24 -05:00
f9b1f2a424
Extract Metasploit::Framework::Spec::Constants::Suite
...
MSP-11130
`Metasploit::Framework::Spec::Constants::Suite` extracts out
`LOG_PATHNAME`, `configure!`, and `define_task` as those piece are
specific to handling constant leaks for the entire suite. This is in
preparation for `Metasploit::Framework::Spec::Constants::Each`.
2014-10-28 15:07:32 -05:00
3ec9cf54c9
Filter non-loaded-module constants from leaked constants
...
MSP-11130
Constants from library Modules or Classes should not be reported as
leaked since they have been required and should be persistent between
spec runs.
2014-10-28 14:05:27 -05:00
1a1f3335b8
Extract Metasploit::Framework::Spec::Constants.full_name
...
MSP-11130
Extract method to convert child constant names to module full names so
it can be reused 'Metasploit::Framework::Spec::Constants tracker' shared
context.
2014-10-28 13:53:48 -05:00
a0a9c2140b
Log leaked constants and fail rake spec on leak
...
MSP-11130
Instead of printing the leaked constants to stderr, log them to
`log/leaked-constants.log`. In task action for spec, read
`log/leaked-constants.log`. If it exists, print each leaked constants
(and it appropriate it's module full name) and then exit with 1. If the
file does not exist, do nothing.
2014-10-28 11:21:35 -05:00
c6bbc5bccf
Merge branch 'landing-4055' into upstream-master
2014-10-28 11:18:20 -05:00
4251ad199e
Change killing back to stopping
...
Got a little excited with the copypasta, I guess.
2014-10-28 05:49:30 -05:00
5547890002
Add support for sessions -d ranges
2014-10-28 03:07:46 -05:00
36c85b7150
Add support for jobs -k ranges
2014-10-28 03:01:53 -05:00
e31c9f579d
Land #3987 - Buffalo Linkstation NAS Login Scanner
2014-10-28 01:45:57 -05:00
d8cf45ef67
Allow FTP server exploits pick a PASV port
...
This makes it somewhat easier to use FTP server exploit modules in
somewhat more restrictive networks, where you might only have a few
inbound ports to choose from.
2014-10-27 22:21:54 -05:00
7d34452448
TCP and TCPServer should use TLS1 by default
2014-10-27 15:55:50 -05:00
1508be6254
Fix whitespace in lib/msf/ui/banner.rb for #4073
2014-10-27 14:49:44 -05:00
7f66d18cfd
Clean up whitespace a bit
2014-10-27 14:49:27 -05:00
626cd55b5e
Land #4073 , improved banner selection
2014-10-27 14:20:10 -05:00
c84febea5f
tools/missing-payload-tests.rb
...
MSP-11145
**NOTE: Failing specs**
Add a tool for reading `log/untested-payload.log` and
`framework.payloads` to determine `context`s to add
`spec/modules/payloads_spec.rb` to test the untested payloads.
2014-10-27 13:03:31 -05:00
b8c9ef96ca
Land #4003 , @nstarke's Login Scanner for WD MyBook Live NAS
2014-10-27 09:57:43 -07:00
765b5e686c
Use configured method and URI rather than duplicated values
2014-10-27 09:56:39 -07:00
605f48e58d
Detect leaked constants under Msf::Modules
...
MSP-11130
Detect constants leaked under Msf::Modules after the suite completes.
2014-10-27 11:13:43 -05:00
aba25cb28c
Make RPC creds work again
2014-10-26 15:50:40 -05:00
13b6f1cf48
Syntax changes
2014-10-25 09:39:15 -05:00
44f7db4798
Refactoring Success Case
...
I have refactored the code so that it will work with
non-root accounts.
2014-10-25 13:31:36 +00:00
136c2c4377
Use the SNMP fix from master.
2014-10-24 13:01:06 -05:00
c1a61e3b4e
Support an MSFLOGO env var and logo enumeration
2014-10-24 13:07:28 -04:00
a9e52437f0
fixes inverted EICAR corruption logic
2014-10-24 10:27:13 -05:00
82f41d56a6
Add [user_]logos_directory to Msf::Config
2014-10-24 10:52:05 -04:00
3b8067e9a2
fixes refactor error in msf/util/exe
2014-10-23 22:15:19 -05:00
34f29f218c
really resolve merge conflicts
2014-10-23 21:51:33 -05:00
bf63d85e5c
fixes merge conflicts msfpayload & exe
2014-10-23 21:43:46 -05:00
7cb4320a76
Land #3561 - unix cmd generic_sh encoder
2014-10-23 15:48:00 -05:00
48d6880f1d
Add docs for untested payload testing
...
MSP-11145
Add docs to rake task, shared examples, and share contexts for how to
use all 3 together.
2014-10-23 11:17:05 -05:00
f827a1c761
Extract untested-payloads.log checker spec task action
...
MSP-11145
Extract the spec task action which errored out if
`log/untested-payloads.log` exists to
`Metasploit::Framework::Spec::UntestedPayloads.define_task`.
2014-10-23 10:24:33 -05:00
2a6a8245cf
Allow killing multiple specific sessions
2014-10-23 05:56:26 -05:00
f19b093529
cleans & DRYs exploit/exe & util/exe & msfpayload
2014-10-23 01:10:38 -05:00
83df08aaa7
Properly encode body and catch invalid configs
2014-10-22 22:43:06 -07:00
42cd288bc0
Land #4057 - Bring back TCP::max_send_size and TCP::send_delay options
...
Fix #3967
2014-10-22 16:23:15 -05:00
a5a84886ee
Make sure vnc closes the socket
2014-10-22 15:53:05 -05:00
7f7f257426
fix session.shell_upgrade after #3401
2014-10-22 21:22:10 +01:00
22fc6496ac
Merge branch 'pr/3401' into landing-3401
2014-10-22 19:23:01 +01:00
ce8a9941ea
Cleanup. Sanity check in setup. vprint
2014-10-22 10:36:24 -07:00
7b33ff1363
Land #3767 , @jvazquez-r7's specs for Rex::Encoder::XDR
2014-10-22 09:22:53 -07:00
46acf08e2d
Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions
2014-10-22 09:09:34 -05:00
ee3dd3a2ac
More Fixes for WD MyBook Live Scanner
...
Fixes include removing deregistered options
from credentials collection object and adding proof
when there is no response
2014-10-22 03:06:21 +00:00
e1a7e902d6
Re-enable tcp evasions for more LoginScanners
...
Untested since I don't have targets for these.
2014-10-21 18:58:28 -05:00
79d393c5aa
Resolve merge conflicts
...
Conflicts:
lib/msf/core/exploit/smb.rb
lib/msf/core/exploit/tcp.rb
modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
83b1d270cd
Fix ftp and mssql
2014-10-21 11:09:39 -05:00
8b2dcac730
Fix telnet
2014-10-21 11:08:41 -05:00
2fcb1004fb
Move tcp options to Tcp::Client out of RexSocket
2014-10-21 09:59:26 -05:00
e76ee294a1
Restore tcp evasions to telnet
2014-10-21 09:44:55 -05:00
9dfbbbde7d
Add missing require
...
MSP-11145
2014-10-21 09:39:31 -05:00
cb9a77c06b
Fix NoMethodError when unable to connect
...
Derp.
2014-10-21 08:58:45 -05:00
6f3b26f5e9
Remove tcp evasions from Http
...
Can't use 'em anyway
2014-10-21 08:27:29 -05:00
82b74d5f3c
Fixes to MyBook Live Module
...
This commit contains three fixes as requested on PR
#4003 . Those include:
+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
2014-10-21 00:50:40 +00:00
70b13819d9
Adding Login Scanner for MyBook Live
...
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
2014-10-21 00:50:40 +00:00
82de2eb1f3
Fix Rex::Encoder::XDR.decode_int! to properly handle short data
2014-10-20 11:30:13 -07:00
85f48a3fb2
Land #3738 , SMBServer file descriptor updates
2014-10-20 12:40:43 -05:00
935a23296d
Updates to NAT-PMP, lands #4041
2014-10-20 11:26:26 -05:00
3051b6c5ba
Clean up exceptions
...
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
2014-10-20 10:27:02 -05:00
b7d69bec83
Restore proxies to ssh scanners
2014-10-20 10:19:06 -05:00
6498ed0dc8
Report the actual host that failed to connect
...
Instead of the eventual target where our proxy chain will connect. In
the usual case (no Proxies set), this will be the same output as before.
When proxies are given, the user will see that the first proxy
connection is actually what failed.
2014-10-17 17:37:04 -05:00
ce40c1152a
Land #4014 , msfconsole spinnerz
2014-10-17 16:25:31 -05:00
080ea3e56a
Merge branch 'staging/great-backport' into feature/MSP-11126/msf-module-reorg
...
MSP-11126
2014-10-17 14:28:13 -05:00
06fbbf7001
Fully-qualified Msf::NormalRanking in Msf::Module::Ranking
...
MSP-11126
Needed due to loss of `Msf` lexical scope.
2014-10-17 13:58:57 -05:00
43354774e1
Fully qualified Msf::RankingName in Msf::Module::Ranking
...
MSP-11126
To compensate for loss of `Msf` lexical scope.
2014-10-17 13:43:51 -05:00
ae45c1b9d3
Msf::Module::Rank -> Msf::Module::Ranking
...
MSP-11126
So that mixin module won't appear as Rank constant that Msf::Module
subclasses are supposed to define.
2014-10-17 13:39:53 -05:00
a431bff13f
@wvu-r7 is a skilled negotiator. s/stdout/stderr/
2014-10-17 13:13:44 -05:00
a6a2886faa
Fully-qualify Msf::OptionContainer references
...
MSP-11126
2014-10-17 13:09:27 -05:00
112b5988f2
Add missing autoload to fix loading on travis-ci
...
MSP-11126
`Msf::Module::Failure` fails to load on travis-ci probably due to a load
order difference, so add `:Failure` to autoloads in `Msf::Module`.
2014-10-17 13:05:59 -05:00
0c00c7cc50
Fully-qualifiy Msf::MODULE_TYPES constants
...
MSP-11126
Fully-qualify `Msf::MODULE_TYPES`, `Msf::MODULE_ANY`,
Msf::MODULE_ENCODER`, `Msf::MODULE_EXPLOIT`, `Msf::MODULE_NOP`,
`Msf::MODULE_AUX`, `Msf::MODULE_PAYLOAD`, `Msf::MODULE_POST` so that
their usage isn't dependent on nested lexical scoping.
2014-10-17 12:43:40 -05:00
5978bd5e62
Control the startup msg with -q, too
2014-10-17 12:41:58 -05:00
a45b21b6bf
-q will quiet the animation, too
2014-10-17 12:32:28 -05:00
200d64040d
Fully-qualify Msf::ServiceState
...
MSP-11152
Replace unqualified `ServiceState` with `Msf::ServiceState`.
2014-10-17 11:58:11 -05:00
172afd180a
Extract Msf::Module::Privileged
...
MSP-11126
2014-10-17 11:45:03 -05:00
cbae9be5b5
Extract Msf::Module::UUID
...
MSP-11126
2014-10-17 11:31:56 -05:00
a59e635913
Extract Msf::Module::Author
...
MSP-11126
2014-10-17 11:17:12 -05:00
9f32cbd476
Use :: to force top-level constant resolution
...
MSP-11152
When `Msf::DBManager::Import::MetasploitFramework` is included in
`Msf::DBManager::Import`, it's child namespace of
`Msf::DBManager::Import::MetasploitFramework::Zip becomes resolvable as
`Zip` in `Msf::DBManager::Import` methods, so need to use `::Zip` to
cause `Zip` to be resolved from rubyzip gem.
2014-10-17 10:15:59 -05:00
13923a8ca5
Fully-qualify Msf::DBImportError
...
MSP-11152
Constant was unqualified in some of the reorganized Msf::DBManager code
because that code was take advantage of the old nested lexical scope
that included `Msf`.
2014-10-17 09:29:01 -05:00
e822920298
Msf::Module::Author -> Msf::Author
...
MSP-11126
`Msf::Module::Author` was already aliased to `Msf::Author`. This just
moved `Msf::Module::Author` to that alias to free up
`Msf::Module::Author` so it can be used for a concern for
`Msf::Module`'s author methods.
2014-10-17 08:59:54 -05:00
b5039c3817
Extract Msf::Module::Network
...
MSP-11126
2014-10-16 15:51:59 -05:00
2e538bd72d
Extract Msf::Module::Search
...
MSP-11126
2014-10-16 15:27:54 -05:00
7743fdb2f9
Extract Msf::Module::FullName
...
MSP-11126
2014-10-16 15:24:59 -05:00
8fdae8fbfb
Move protocol and lifetime to mixin, use correct map_target if CHOST
2014-10-16 13:24:17 -07:00
0e53548c82
Extract Msf::Target
...
MSP-11126
2014-10-16 15:13:18 -05:00
e5cc456be7
Extract Msf::Platform
...
MSP-11126
2014-10-16 15:11:59 -05:00
27c006a8f9
Extract Msf::SiteReference
...
MSP-11126
2014-10-16 15:09:55 -05:00
9981271e2a
extract Msf::Reference
...
MSP-11126
2014-10-16 15:03:21 -05:00
c8730ca55b
Extract Msf::Author
...
MSP-11126
2014-10-16 14:59:15 -05:00
fe5ffa9cec
Standardize on autoload over require
...
MSP-11126
Standardize on autoload to prevent trying to use colliding names for
included Module with Modules/Classes just under the namespace.
2014-10-16 14:58:08 -05:00
d5c7a50e86
Extract Msf::Module::Rank
...
MSP-11126
2014-10-16 14:39:33 -05:00
e6f442697b
Extract Msf::Module::Type
...
MSP-11126
2014-10-16 14:23:21 -05:00
e418f98d45
arch -> Msf::Module::Arch
...
MSP-11126
2014-10-16 13:21:11 -05:00
44b2e5e35c
Extract Msf::Module::Arch
...
MSP-11126
2014-10-16 13:14:56 -05:00
31c93e9dbc
Extract Msf::Module::ModuleInfo
...
MSP-11126
2014-10-16 13:01:42 -05:00
c503e8a3d8
Merge branch 'landing/4026' into upstream-master
...
Land #4026
* db.rb (DBManager) now in multiple files
* Cucumber coverage for DB-related msfconsole commands
2014-10-16 11:52:57 -05:00
f9caa4d25e
Extract Msf::Module::Options
...
MSP-11126
Methods for registering, derigsterings, and validating options.
2014-10-16 11:14:42 -05:00
c50cb2eb8a
Extract Msf::Module::UI::*::Verbose and shared examples
...
MSP-11126
2014-10-16 10:05:45 -05:00
a9a6f0c5f9
Extract Msf::Module::UI::Line
...
MSP-11126
2014-10-16 09:50:07 -05:00
bc2bd99698
Extract Msf::Module::UI::Message
...
MSP-11126
2014-10-16 09:39:30 -05:00
f5d09f735e
Extract Msf::Module::Compatibility
...
MSP-11126
2014-10-16 09:14:57 -05:00
85169d5e8d
Extract Msf::Module::DataStore
...
MSP-11126
2014-10-16 09:03:23 -05:00
f068d669d6
Extract Msf::Module::ModuleStore
...
MSP-11126
2014-10-16 09:03:07 -05:00
370daaed5e
Extract Msf::Module::Failure
...
MSP-11126
Move `Msf::Module::Failure` to a file of its own.
2014-10-16 09:02:55 -05:00
41a57b7ba5
Re-enable proxies for HTTP-based login scanners
2014-10-15 17:00:44 -05:00
d5a0b81680
Land #4024 , auto-negotiate SSL versions
...
Thanks @hmoore-r7!
2014-10-15 16:04:38 -05:00
62be638258
Add 'Auto' to tcp.rb as well.
2014-10-15 16:01:42 -05:00
3a9c2f95c9
Add magic encoding to new files
2014-10-15 14:23:34 -05:00
2986031db5
Move SMBServer into its own file
2014-10-15 14:22:23 -05:00
1064488ada
Whitespace
2014-10-15 14:21:39 -05:00
9456506e3d
Merge branch 'master' into feature/MSP-11124/msf-dbmanager-reorg
...
MSP-11124
2014-10-15 14:08:55 -05:00
1f7ad1cac9
unserialize_object -> Msf::DBManager::Import::MetasploitFramework
...
MSP-11124
2014-10-15 14:03:18 -05:00
bed98fe43b
nils_for_nulls -> Msf::DBManager::Import::MetasploitFramework
...
MSP-11124
2014-10-15 13:59:03 -05:00
fcd9b4b293
Allow non-SSLv3 Meterpreters (auto-negotiate)
2014-10-15 13:57:51 -05:00
ac30990177
Move libpcap helpers to Libpcap module
...
MSP-11124
2014-10-15 13:55:24 -05:00
7aed88f11b
Extract Msf::DBManager::Import::Report
...
MSP-11124
2014-10-15 13:51:57 -05:00
cb3a4afac5
Typo: request -> requested in message
2014-10-15 13:48:22 -05:00
e5e051c905
Extract Msf::DBManager::Import::Wapiti
...
MSP-11124
2014-10-15 13:42:54 -05:00
e65a386d3d
Extract Msf::DBManager::Import::Spiceworks
...
MSP-11124
2014-10-15 13:37:35 -05:00
7516512650
Raise an ArgumentError vs RuntimeError for backwards compatibility
2014-10-15 13:30:38 -05:00
a762d871bf
Autonegotiate SSL/TLS versions when not explicit
2014-10-15 13:26:40 -05:00
dfe690ac52
Extract Msf::DBManager::Import::Retina
...
MSP-11124
2014-10-15 13:23:12 -05:00
8af280b1cb
Extract Msf::DBManager::Import::Outpost24
...
MSP-11124
2014-10-15 13:16:11 -05:00
eff95221da
Order methods
...
MSP-11124
2014-10-15 13:14:20 -05:00
cf555e2390
Extract Msf::DBManager::Import::OpenVAS
...
MSP-11124
2014-10-15 13:11:49 -05:00
5d6044786a
Extract Msf::DBManager::Import::Nmap
...
MSP-11124
2014-10-15 13:06:28 -05:00
cf3a3a0d65
Move nexpose requires to appropriate module
...
MSP-11124
2014-10-15 12:54:30 -05:00
16f143c2ed
Extract Msf::DBManager::Import::Nikto
...
MSP-11124
2014-10-15 12:51:16 -05:00
e64a14c748
Extract Msf::DBManager::Import::Nexpose::Simple
...
MSP-11124
2014-10-15 12:40:04 -05:00
c4d1a4c7dc
Revert #4022 , as the solution is incomplete
...
Revert "Land 4022, datastore should default TLS1 vs SSL3"
This reverts commit 4c8662c6c10937f32ff9
2014-10-15 12:32:08 -05:00
2b861f91e9
Extract Msf::DBManager::Import::Nexpose::Raw
...
MSP-11124
2014-10-15 11:59:03 -05:00
c371eab26a
Extract Msf::DBManager::Import::Netsparker
...
MSP-11124
2014-10-15 11:46:38 -05:00
a73b0e2283
Move requires for nessus parses to appropriate module
...
MSP-11124
2014-10-15 11:42:00 -05:00
b43035145d
Move nessus helper function to closest module
...
MSP-11124
2014-10-15 11:39:23 -05:00
aae6dc9066
Extract Msf::DBManager::Import::Nessus::XML::V*
...
MSP-11124
Extract different versions of Nessus XML format.
2014-10-15 11:34:37 -05:00
a0494b2eeb
Extract Msf::DBManager::Import::Nessus::XML
...
MSP-11124
2014-10-15 11:27:23 -05:00
0c861848bc
Extract Msf::DBManager::Import::Nessus::NBE
...
MSP-11124
2014-10-15 11:21:26 -05:00
d0d0c478aa
Extract Msf::DBManager::Import::MetasploitFramework::Credential
...
MSP-11124
2014-10-15 11:12:13 -05:00
46a2c47dfe
Extract Msf::DBManager::Import::MetasploitFramework::Zip
...
MSP-11124
2014-10-15 10:59:41 -05:00
1754b23ffb
Datastore options should default to TLS1, not SSL3
...
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)
Squashed commit of the following:
commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:19:04 2014 -0500
Whoops missed one
commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:16:59 2014 -0500
Other datastore options also want TLS1 as default
commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:12:06 2014 -0500
TCP datastore opts default to TLS1
Old encryption is old. See also: POODLE
2014-10-15 10:28:53 -05:00
65885c8cc8
MsfXml -> MetasploitFramework::XML
...
MSP-11124
2014-10-15 10:25:42 -05:00
ac9a593b43
import_msf_file -> Msf::DBManager::Import::MsfXml
...
MSP-11124
2014-10-15 10:02:42 -05:00
d870188377
Extract Msf::DBManager::Import::MBSA
...
MSP-11124
2014-10-15 09:54:03 -05:00
f29408680f
Extract Msf::DBManager::Import::Libpcap
...
MSP-11124
2014-10-15 09:48:23 -05:00
44968400e9
Extract Msf::DBManager::Import::IPList
...
MSP-11124
2014-10-15 09:42:11 -05:00
e5236e9b56
Extract Msf::DBManager::Import::FusionVM
...
MSP-11124
2014-10-15 09:36:29 -05:00
2e85dc910a
Extracts Msf::DBManager::Import::Foundstone
...
MSP-11124
2014-10-15 09:27:53 -05:00
68a1ebd2fb
Extract Msf::DBManager::Import::CI
...
MSP-11124
2014-10-15 09:23:08 -05:00
8d628c221b
Extract Msf::DBManager::Import::Burp
...
MSP-11124
2014-10-15 09:16:57 -05:00
f42307a6ff
Extract Msf::DBManager::Import::Appscan
...
MSP-11124
2014-10-15 09:12:38 -05:00
dcac8a45ee
Extract Msf::DBManager::Import::Amap
...
MSP-11124
2014-10-15 09:06:03 -05:00
07f2d4dafe
Further improvements to NAT-PMP. Faster, more useful, less not useful
2014-10-15 06:39:38 -07:00
6cf62765de
Default to TLSv1 for RPC connections
2014-10-15 01:20:43 -05:00
5434996969
Move TcpServer into its own file
2014-10-14 18:43:40 -05:00
ea6824c46f
WIP of NAT-PMP rework
2014-10-14 14:20:24 -07:00
a00d039796
Move require for IP360 XML parser
...
MSP-11124
2014-10-14 16:18:47 -05:00
599bcc33a9
Extract Msf::DBManager::Import::IP360::V3
...
MSP-11124
2014-10-14 16:16:47 -05:00
e68aaa4226
Don't disclose empty disclosure dates
...
For rapid7#4015
2014-10-14 16:02:23 -05:00
81c18c96ee
Extract Msf::DBManager::Import::IP260::ASPL
...
MSP-11124
2014-10-14 15:58:43 -05:00
6c0f549abb
Extract Msf::DBManager::Import::Acunetix
...
MSP-11124
2014-10-14 15:40:29 -05:00
0c10b5a859
Extract #handle_qualys to Msf::DBManager::Import::Qualys
...
MSP-11124
2014-10-14 15:32:22 -05:00
11bcac8a4e
Extract Msf::DBManager::Import::Qualys::Scan
...
MSP-11124
2014-10-14 15:19:55 -05:00
f612c8cd3e
Add disclosure date to info
2014-10-14 15:15:24 -05:00
fdd79e64c3
Land #4010 , ReverseAllowProxy clarification
2014-10-14 15:10:50 -05:00
e010d70913
No need for that bool option
2014-10-14 14:59:57 -05:00
bf0a5d038e
Add an animation to comfort the user
...
Sometimes msfconsole takes a little while to start.
This adds a fairly common ASCII spinner to the startup sequence.
I haven't spec'ed it, and the code organization isn't great, so consider
this PR more of a cry for help than something immediately landable.
That said, it works for me.
2014-10-14 14:54:45 -05:00
5c4f61057f
Show available actions for info
2014-10-14 12:41:02 -05:00
70d1eefaa9
Update reverse_tcp.rb
...
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:
>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
2014-10-14 11:24:59 +01:00
1f49f767dc
Extract Msf::DBManager::Import::Qualys::Asset
...
MSP-11124
2014-10-13 16:06:15 -05:00
a7d1577494
ImportMsfXml -> Import::MsfXml
...
MSP-11124
2014-10-13 15:46:13 -05:00
87825d40b1
Fix migration.rb loading
...
MSP-11124
2014-10-13 15:39:15 -05:00
b8ea44235b
Remove nesting in Msf::DBManager::ImportMsfXml
...
MSP-11124
Don't use nested modules to prevent Msf::DBManager::ImportMsfXml from
being the declaring location for Msf::DBManager.
2014-10-13 15:37:16 -05:00
ef04261686
Fix indentation in Msf::DBManager
...
MSP-11124
2014-10-13 15:26:19 -05:00
c6ea3a3880
Distribute requires to where they are needed
...
MSP-11124
Push requires down to the Msf::DBManager mixins that actually need them.
2014-10-13 15:24:56 -05:00
4371254dd2
Reorder remaining code in Msf::DBManager
...
MSP-11124
2014-10-13 15:13:28 -05:00
2dd925c18c
Move add_rails_engine_migration_paths to Msf::DBManager::Migration
...
MSP-11124
2014-10-13 15:01:14 -05:00
1dfaba1884
Remove nesting in Msf::DBManager::Migration
...
MSP-11124
To prevent migration.rb as counting as the definer of `Msf::DBManager`.
2014-10-13 14:56:08 -05:00
bc4d2ff152
Extract Msf::DBManager::Adapter
...
MSP-11124
Extract methods related to setting up the adapter/driver(s).
2014-10-13 14:49:26 -05:00
930b020211
Extract Msf::DBManager::Connection
...
MSP-11124
Extract methods that connect, disconnect and show status of connection
to database.
2014-10-13 12:07:13 -05:00
f472411c8c
Extract Msf::DBManager::Web
...
MSP-11124
Extract `Mdm::Web*` methods.
2014-10-13 11:59:39 -05:00
5067e43ac1
Extract Msf::DBManager::VulnAttempt
...
MSP-11124
Extract `Mdm::VulnAttempt` methods.
2014-10-13 11:32:15 -05:00
e7e12ec6a5
Extract Msf::DBManager::Route
...
MSP-11124
Extract `Mdm::Route` methods.
2014-10-13 11:23:37 -05:00
8011187aa9
Extract Msf::DBManager::SessionEvent
...
MSP-11124
Extract `Mdm::SessionEvent` methods.
2014-10-13 11:13:39 -05:00
1f86712d63
Extract Msf::DBManager::HostTag
...
MSP-11124
Extract `Mdm::HostTag` method.
2014-10-13 11:00:36 -05:00
1811d4e58f
Extract Msf::DBManager::Session
...
MSP-11124
Extract methods related to `Mdm::Session`s.
2014-10-13 10:50:11 -05:00
f16b3f05b4
Extract Msf::DBManager::HostDetail
...
MSP-11124
Extract method related to `Mdm::HostDetail`s.
2014-10-13 10:15:14 -05:00
87ee06b792
Extract Msf::DBManager::Ref
...
MSP-11124
Extract methods related to `Mdm::Ref`s.
2014-10-13 10:06:37 -05:00
5668a2820e
Move #report_artifact to Msf::DBManager::Report
...
MSP-11124
2014-10-13 10:00:19 -05:00
43c9909636
Extract Msf::DBManager::VulnDetail
...
MSP-11124
Extract methods related to `Mdm::VulnDetail`s.
2014-10-13 09:54:38 -05:00
f42f8e106a
Extract Msf::DBManager::ExploitAttempt
...
MSP-11124
Extract methods that create `Mdm::ExploitAttempt`s.
2014-10-13 09:41:32 -05:00
e0f76a7517
Extract Msf::DBManager::Task
...
MSP-11124
Extract methods related to `Mdm::Task`s.
2014-10-13 09:28:48 -05:00
90b50339c3
Extract Msf::DBManager::Report
...
MSP-11124
Extract methods related to the obsolete `Mdm::Report`. These methods
should be deleted, but since this branch is just for moves, I won't
delete them now.
2014-10-13 09:19:39 -05:00
9632c83cde
Extract Msf::DBManager::Event
...
MSP-11124
Extract methods related to `Mdm::Event`s.
2014-10-13 09:05:10 -05:00
William Vu
Luke Imhoff
James Lee
Joe Vennix
sinn3r
Tod Beardsley
Jon Hart
scriptjunkie
Tom Sellers
nstarke
Spencer McIntyre
Joshua Smith
Tim Wright
HD Moore
Trevor Rosen
Pedro Laguna