infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,548 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

24548 Commits (1055efbeaa8aea2a578f8dea141628fdeeed51ce)

Author SHA1 Message Date
Luke Imhoff 1055efbeaa
Add module paths from paths['modules'] from Rails app and engines 
MSP-9653

Allow rails engines (and other applications, like
Metasploit::Pro::Engine::Application) to define their own module paths
using the paths['modules'] entry for Rails Applications/Engines.
 2014-06-02 12:32:54 -05:00
Luke Imhoff 84f5a0d499
Explicitly require gem dependencies 
MSP-9653
 2014-06-02 12:27:15 -05:00
Luke Imhoff 0e60f08e51
Don't re-establish connection 
MSP-9653

If ActiveRecord::Base is already connected, then don't attempt to create
the database (as it involves establishing a new connection) or
establishing a new connection after the creation.  Still run the
migrations as the normal Rails::Application.initialize! will result in
ActiveRecord::Base.connected? being true even if migrations are missing.
 2014-05-28 14:34:36 -05:00
Luke Imhoff 38fbbdc1b5
Print tm_call one caller per line 
MSP-9653

The inspect format was difficult to read so convert to standard
backtrace format of one caller per line.
 2014-05-20 10:59:29 -05:00
Luke Imhoff 91cc9dc2d6
Add missing Msf::DBManager#drivers initialization 
MSP-9606
 2014-05-13 13:01:59 -05:00
Luke Imhoff 3448b601ee
Remove old, unused cucumber features 
MSP-9606
 2014-05-13 09:26:16 -05:00
Luke Imhoff 14cf51db91
Remove unused DatabaseCleaner 
MSP-9606

DatabaseCleaner is no longer used in the specs since the use of railties
allowed the use of transactional fixtures.
 2014-05-13 09:13:47 -05:00
Luke Imhoff b1598e83c3
Re-enable `bundle install --without db` support 
MSP-9606

Catch LoadError in config/application.rb when trying to require
'active_record/railtie` so that end-users can run without any of the
database gems installed.  NOTE: you can't run in the development or
test environment without the database because factory_girl needs
ActiveRecord.
 2014-05-12 15:39:34 -05:00
Luke Imhoff cea7b6cd77
Revert to production as default environment 
MSP-9606

When switching to Rails.env to integrate better with railties for
Rails::Engines, I forgot that rails would default to development instead
of production.
 2014-05-12 15:37:59 -05:00
Luke Imhoff 3370465d84
Use railties to load Metasploit::Credential correctly 
MSP-9606

In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines.  To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
 2014-05-12 15:03:51 -05:00
Luke Imhoff c70ef2afbd
Make fastlib compatible with Pathnames 
MSP-9606
 2014-05-12 10:16:39 -05:00
Luke Imhoff f83e8a4a4f
Add missing requires 
MSP-9606

require 'msf/base/config' when required directly was not working.
 2014-05-12 10:16:10 -05:00
Luke Imhoff cadc2dd81f
Order Gemfile 
MSP-9606
 2014-05-09 13:47:00 -05:00
Trevor Rosen 894ecaafb4 Merge pull request #12 from rapid7/feature/login_scanner/pg 
Add Postgres LoginScanner class

MSP-9679 #land
 2014-05-08 14:38:56 -05:00
David Maloney cace6581ce
Merge branch 'master' into staging/electro_release 2014-05-08 14:34:19 -05:00
David Maloney 42de1ab1f1
whitespace removal 2014-05-08 14:18:06 -05:00
Trevor Rosen d0d9100802 Merge pull request #11 from rapid7/feature/login_scanner/mssql 
Add the MSSQL LoginScanner class

MSP-9679 #land
 2014-05-08 13:52:09 -05:00
David Maloney a9df810072 Merge branch 'feature/login_scanner/mssql' of github.com:rapid7/metasploit-framework-private into feature/login_scanner/mssql 2014-05-08 13:44:52 -05:00
David Maloney e0c6e90ae8
trivial cleanup work 
whitespace and alignment stuff
 2014-05-08 13:42:52 -05:00
Trevor Rosen cf58f214a9 New-style RVM stuff now in .gitignore 2014-05-08 13:26:08 -05:00
jvazquez-r7 8c55858eae
Land #3309, @arnaudsoullie's changes for modblusclient 2014-05-08 10:45:19 -05:00
jvazquez-r7 25f13eac37 Clean a little response parsing 2014-05-08 10:44:53 -05:00
David Maloney b72f0f8ffc
try to fix bad push/revert mess 2014-05-07 18:43:37 -05:00
David Maloney 9919d54116 Revert "final touches and specs" 
This reverts commit e025fa1791.
 2014-05-07 18:34:34 -05:00
David Maloney e025fa1791
final touches and specs 
add finishing touches to postgres
Loginscanner and add specs to cover
the behaviour
 2014-05-07 18:32:36 -05:00
David Maloney acbff23c32
final wrap-up specs 
successkid.jpg
 2014-05-07 16:07:18 -05:00
David Maloney 7a476dc21a
fully operational lgoinscanner 
Now you will witness the power of this fully operational
LoginScanner. fire at will, Commander!
 2014-05-07 15:57:06 -05:00
David Maloney ec974535ac
create base object for mssql scanner 
created skeleton for MSSQL Loginscanner
included concerns.

also added an NTLM concern and shared example group
 2014-05-07 14:43:15 -05:00
David Maloney 234e129523
add NTLM concern for loginscanners 
add a new concern for LoginScanners
that provides the basic accessors and validations
for anything requiring NTLM
 2014-05-07 14:28:10 -05:00
David Maloney e6b15541ff
replace datastore calls 
replace datastore calls with stub
methods that will be implmeneted by the loginscanner
 2014-05-07 11:41:49 -05:00
David Maloney 6077135782
extract login neccisary methods 
create new mssql mixin. extract only the methods
required for mssql_login to work and copy them
into this mixin.
 2014-05-06 11:59:21 -05:00
David Maloney 507fe566a4
Merge branch 'master' into staging/electro_release 2014-05-06 11:36:19 -05:00
Arnaud SOULLIE 1f3466a3a3 Added Modbus error handling. 
It now checks for error and displays the appropriate error message.
The only error simulated was "ILLEGAL ADDRESS", don't know how
to test for others.
 2014-05-05 23:21:54 +02:00
Tod Beardsley a8e7dc8ec5
Land #3338 for real (see 3542f85) 
The other commit ended up having a changed hash. This is a nop for
mostly accounting purposes.
 2014-05-05 16:07:42 -05:00
Christian Mehlmauer 7f9a460c20
Land #3338, yardoc fixes 2014-05-05 22:46:17 +02:00
Meatballs 3542f851bf Fix some yarddoc issues 2014-05-05 22:45:41 +02:00
Meatballs 57df34b54f
Fix some yarddoc issues 2014-05-05 21:18:48 +01:00
William Vu e8bc89af30
Land #3337, release fixes 2014-05-05 14:03:48 -05:00
Trevor Rosen 5fd4151004 Merge pull request #10 from rapid7/feature/login_scanners/mixin_refactor 
LoginScanner refactor
 2014-05-05 13:50:42 -05:00
Tod Beardsley c97c827140
Adjust desc and ranking on ms13-053 
Since it's likely to crash winlogin.exe in the normal use case
(eventually), I've kicked this down to Average ranking.
 2014-05-05 13:46:19 -05:00
Tod Beardsley 3536ec9a74
Description update 2014-05-05 13:43:44 -05:00
jvazquez-r7 b81f94a229
Land #3336, @todb-r7's CVEs addition 2014-05-05 13:43:04 -05:00
Tod Beardsley c6affcd6d3
Fix caps, description on F5 module 
The product name isn't "Load Balancer" as far as I can tell.
 2014-05-05 13:38:53 -05:00
William Vu 353a50cdd0
Land #3316, Content-Length fix for http_ntlmrelay 2014-05-05 13:38:36 -05:00
Tod Beardsley 3072c2f08a
Update CVEs for RootedCon Yokogawa modules 
Noticed they were nicely documented at

http://chemical-facility-security-news.blogspot.com/2014/03/ics-cert-publishes-yokogawa-advisory.html

We apparently never updated with CVE numbers.
 2014-05-05 13:25:55 -05:00
sinn3r 6bfc9a8aa0
Land #3333 - Adobe Flash Player Integer Underflow Remote Code Execution 2014-05-05 10:39:26 -05:00
joev b67418e7f1
Merge #3335, @bcoles's fixes to FF JS payloads for single-line payloads. 2014-05-05 08:12:39 -05:00
Brendan Coles cc8ab9bcba Support one line js payload 
Add missing ';' in `run_cmd_source`
 2014-05-05 18:57:15 +10:00
William Vu a8915f0ed8
Land #3310, OpenSSH timing attack improvements 2014-05-04 19:47:51 -05:00
Tod Beardsley 8ae5dfea23
Land todb-r7#7, fix indents and grammar 2014-05-04 19:33:40 -05:00