James Lee
1064488ada
Whitespace
2014-10-15 14:21:39 -05:00
James Lee
5434996969
Move TcpServer into its own file
2014-10-14 18:43:40 -05:00
Tod Beardsley
e68aaa4226
Don't disclose empty disclosure dates
...
For rapid7#4015
2014-10-14 16:02:23 -05:00
William Vu
f612c8cd3e
Add disclosure date to info
2014-10-14 15:15:24 -05:00
William Vu
fdd79e64c3
Land #4010 , ReverseAllowProxy clarification
2014-10-14 15:10:50 -05:00
William Vu
5c4f61057f
Show available actions for info
2014-10-14 12:41:02 -05:00
Pedro Laguna
70d1eefaa9
Update reverse_tcp.rb
...
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:
>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
2014-10-14 11:24:59 +01:00
Jon Hart
458da2bca4
Land #3988 , @wchen-r7's fix for #3985 , a lack of logging for 'check'
2014-10-12 18:46:35 -07:00
sinn3r
96be53dcf1
Land #3962 - Show selected action
2014-10-12 14:02:40 -05:00
William Vu
a04ad3aa8c
Update print_error to reflect new usage
2014-10-10 14:38:26 -05:00
William Vu
26743b4c38
Rewrite existing code to use HasActions
...
And fix a bug in the initial use case where mod.action was dropped.
2014-10-10 14:35:54 -05:00
William Vu
7e7e0259e4
Fix tab completion for post actions
2014-10-10 12:24:23 -05:00
William Vu
238a30a769
Update print_error to include post modules
2014-10-10 12:12:43 -05:00
sinn3r
48d2343152
Fix #3985 - check command should elog
2014-10-10 01:06:37 -05:00
William Vu
1d766ba95b
Rename dump_auxiliary_action{,s}
...
To dump_module_action{,s} to accommodate post modules, etc.
2014-10-08 14:49:14 -05:00
jvazquez-r7
f30309fe81
Land #3919 , @wchen-r7's Fixes #3914 , Inconsistent unicode names
2014-10-08 14:46:14 -05:00
William Vu
f6a9cfcc52
Break away the elsif into a separate if
...
In case exploits support actions for some crazy reason in the future.
2014-10-08 14:30:41 -05:00
William Vu
b2ba6e7ae1
Make the code more maintainable
...
Despite the code around it.
Thanks for the advice, @jlee-r7!
2014-10-08 14:14:28 -05:00
jvazquez-r7
dbc199ad77
space after commas
2014-10-08 13:56:59 -05:00
William Vu
c0ef2c7938
Support post modules
...
I kinda hate this code.
TODO: Get rid of and/or and the extra parens.
2014-10-08 13:23:50 -05:00
William Vu
a8b5bf4625
Show selected auxiliary action
2014-10-07 14:34:41 -05:00
sinn3r
17f278effd
Fix #3822 - Support file:// syntax for check()
2014-10-06 13:37:14 -05:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
Tod Beardsley
097d2bfbb5
Land #3922 : Metasploit Park banner
2014-10-03 16:32:56 -05:00
Tod Beardsley
d048bb7725
Add some color to the msfpark banner
...
It looks kind of naked without some color compared to all the other
banners.
2014-10-03 14:52:54 -05:00
William Vu
f7e709dcb3
Land #3941 , new WPVDB reference
2014-10-03 10:17:02 -05:00
Christian Mehlmauer
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
sinn3r
6d7870a4ac
Land #3934 - New :vuln_test option to BES
2014-10-02 16:31:50 -05:00
Christian Mehlmauer
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
Joe Vennix
6571213f1c
Remove un-truthy doc string.
2014-10-01 23:41:02 -05:00
Joe Vennix
5a8eca8946
Adds a :vuln_test option to BES, just like in BAP.
...
I needed this to run a custom JS check for the Android
webview vuln when the exploit is served straight
through BES. The check already existed when using BAP,
so I tried to preserve that syntax, and also added a
:vuln_test_error as an optional error message.
This commit also does some mild refactoring of un-
useful behavior in BES.
2014-10-01 23:34:31 -05:00
Joe Vennix
b1b8cba4c5
Rescue an IOError on channel double-close.
...
This was causing output from python meterpreter
commands run on OSX to be discarded when the error
was raised, making cmd_exec not-so-useful.
2014-10-01 22:35:41 -05:00
James Lee
5cb016c1b1
Use Match constant in BES as well
2014-10-01 16:17:13 -05:00
James Lee
a75d47aad9
Use yardoc for new methods
...
Also substitute '&&' for 'and', and fix some whitespace
2014-10-01 16:02:33 -05:00
William Vu
909ac522d1
Add metasploit-park.txt banner to msfconsole
...
Obviously a homage to Jurassic Park. :)
2014-09-30 16:28:23 -05:00
sinn3r
1e2d860ae1
Fix #3914 - Inconsistent unicode names
2014-09-30 12:19:27 -05:00
sinn3r
9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits
2014-09-29 11:15:14 -05:00
Meatballs
d5959d6bd6
Land #2585 , Refactor Bypassuac with Runas Mixin
2014-09-28 09:24:22 +01:00
Meatballs
e14dd9900b
Land #3896 , Change Max LOGLEVEL to 3
2014-09-28 09:18:29 +01:00
Meatballs
67c25c20ca
Land #3357 , Run Local Exploits in AutoRunScript
2014-09-28 09:12:26 +01:00
Meatballs
3fc57109e6
Dont rescue Exception
2014-09-28 09:12:03 +01:00
sinn3r
ae82ebc734
Change max LogLevel to 3
...
There is no such thing as a LogLevel 5.
2014-09-26 14:20:47 -05:00
jvazquez-r7
a31b4ecad9
Merge branch 'review_3893' into test_land_3893
2014-09-26 08:41:43 -05:00
James Lee
86f85a356d
Add DHCP server module for CVE-2014-6271
2014-09-26 01:24:42 -05:00
Ramon de C Valle
bdac82bc7c
Fix lib/msf/core/exploit/dhcp.rb
2014-09-25 22:18:26 -03:00
Joe Vennix
2b02174999
Yank Android->jsobfu integration. Not really needed currently.
2014-09-25 16:00:37 -05:00
Joe Vennix
b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu.
2014-09-24 16:05:00 -05:00
Joe Vennix
5d234c0e01
Pass #send in this so jsobfu is not confused.
2014-09-24 15:07:14 -05:00
Jon Hart
650b65250f
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
2014-09-22 11:51:10 -07:00
Jon Hart
4e9f1282de
Land #3834 , @jabra-'s updates to UDPscanner to support spoofing
2014-09-22 11:49:53 -07:00