ecbbf1d940
Pass workspace when using db_nmap
2018-03-30 15:27:32 -05:00
2b7c3872d4
Add proxy method for find_or_create_note
2018-03-29 18:43:34 -04:00
3b1e3a4256
Missed one more bug in append_workspace
2018-03-29 15:18:31 -05:00
19e01b4b66
Fix bug in append workspace when using :wspace
2018-03-29 15:04:00 -05:00
7f42235ad7
Create default workspace if it doesnt exist
2018-03-28 15:39:24 -05:00
d23e33a7bc
Make workspace -v work with updates
2018-03-28 13:31:49 -05:00
1b6aa86d92
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces
2018-03-27 15:57:41 -05:00
0b5d3d31f9
WIP remote note read, update, delete
2018-03-27 16:36:56 -04:00
cfa03a999c
Finish moving current_workspace tracking to client
2018-03-26 15:58:47 -05:00
def0e4d93b
Merge branch 'goliath' into MS-3062_workspaces
2018-03-23 11:37:01 -05:00
6b3a4a56dc
Merge branch 'rapid7/master' into goliath
2018-03-23 11:26:31 -05:00
ed5b22a541
Address more code review comments
2018-03-22 21:47:59 -05:00
6c5a7a663a
Merge branch 'goliath' into MS-2879_db_export
2018-03-22 21:22:23 -05:00
466c97f114
WIP: move tracking active workspace to client side
...
* Move the @current_workspace tracking to workspace proxy
* Create helper for handling workspace value in opts
* Call framework.db.proxy across dbmanager files now that active ws is tracked in proxy
NOTE: This commit throws an exception when adding a remote data service.
2018-03-22 21:00:06 -05:00
93d4f5cd0b
Last few review comments
2018-03-21 17:50:11 -05:00
eee24366c9
Address code review comments and bug
2018-03-21 17:42:54 -05:00
553789557b
Merge branch 'goliath' into MS-2910-remote-vuln-read-update-delete
2018-03-21 01:45:58 -04:00
7e5214fef5
Improved CTRL-C edge case, Invalid Options edge case, help output, version output
2018-03-20 13:34:15 -05:00
90bebc2096
Convert workspace update to new api
2018-03-19 14:24:16 -05:00
929fb041ab
Fix bug when adding workspace remotely
2018-03-19 11:01:22 -05:00
35bc8e905e
Refactor workspace delete to be consistent with other commands
2018-03-16 16:11:09 -05:00
8ddaae5fe4
Remove unused code
2018-03-15 12:12:12 -05:00
4d04319d2a
Merged master
2018-03-15 11:31:44 -05:00
0d170571da
Fix bug with file name
2018-03-14 15:59:07 -05:00
b179603b4a
Externalize db_export command
2018-03-14 15:06:28 -05:00
ac5669388a
Merge branch 'goliath' into MS-2879_db_export
2018-03-14 11:37:08 -05:00
fcd2bbd1de
workaround attempt to parse nil JSON string value
2018-03-12 14:29:42 -04:00
636284d530
Update session inferred vuln handling
...
Add remote vuln attempt
2018-03-12 14:26:03 -04:00
ec7a62bc4c
move ssh platforms to lib
2018-03-08 21:23:11 -05:00
b18ed03407
Merge branch 'goliath' into MS-2909
2018-03-07 14:55:50 -06:00
c670748fe3
Update services signature
2018-03-07 13:59:09 -06:00
c058d0fba0
WIP: port db_export command
2018-03-06 15:15:27 -06:00
d6871f5733
Land #9614 , Juniper post enum module
2018-03-06 10:29:56 -06:00
68d72cbfa7
Goliath Cleanup in preparation for merge to master
2018-03-06 10:21:22 -06:00
b42c3ff654
Merge branch 'goliath' into MS-2909
2018-03-02 16:32:55 -06:00
fd4032928e
Add services search
2018-03-02 10:57:35 -06:00
4f6b1de9a3
Merge branch 'master' into goliath
2018-03-01 14:14:39 -06:00
06d2482e86
Implement services update
...
NOTE: This changes functionality for the services command flags.
Previously -s and -p were used for searching for services.
Now the commands will only be used for adds/updates.
If you would like to search, please use -s and pass a search string
2018-02-28 15:12:23 -06:00
dffbc67e71
Implement service delete
...
Also fix bug searching for services by host address
2018-02-27 17:17:07 -06:00
9597e5294d
treat MUST_CHANGE + PASSWORD_EXPIRED as valid
2018-02-27 15:21:21 -06:00
c90fabee60
Implement remote service create
2018-02-27 14:20:43 -06:00
9dc6089fcf
Merge branch 'goliath' into MS-2909
2018-02-27 11:14:15 -06:00
66e3ac4c76
treat 'password must change' as a successful login
2018-02-26 17:57:31 -06:00
c7bbc6eca4
juniper post enum module
2018-02-22 21:08:21 -05:00
22752518ea
WIP remote vuln read, update, delete
2018-02-22 13:53:22 -05:00
d4440d049d
Merge branch 'goliath' of github.com:clee-r7/metasploit-framework into goliath
2018-02-21 11:16:31 -06:00
3005a8b7ce
Merge branch 'rapid7/master' into goliath
2018-02-21 11:16:05 -06:00
b3642b1079
Address PR comments
2018-02-20 15:30:37 -06:00
09ae4ac8ac
Add more info to console output
2018-02-20 13:34:33 -06:00
9a293cd30e
Fix #8120 , Fix undef method 'gsub' in bavision_cam_login
...
Fix #8120
2018-02-14 11:03:03 -06:00
efd23d37c3
Use common error handling
2018-02-09 16:24:45 -06:00
bbd25fc97b
WIP: getting services add working
2018-02-08 17:20:50 -06:00
f114092445
Merge branch 'goliath' into MS-2833
2018-02-08 14:32:03 -06:00
352cf295b5
Merge branch 'goliath' into MS-2833
2018-02-07 14:38:26 -06:00
5b35662dbf
Address PR comments
2018-02-07 14:21:31 -06:00
cb093d8063
Use proper logging
2018-02-07 10:25:56 -06:00
52b8f405bd
Refactor change host methods, remove debug output
2018-02-06 18:54:05 -05:00
5bc38206c0
Few more loot bugs
2018-02-06 17:22:09 -06:00
6e2503bbd8
Add loot update
2018-02-06 16:16:22 -06:00
629f79ebf7
WIP remote host update
2018-02-06 16:11:46 -05:00
49b88dbef7
Pass loot search using query string
2018-02-05 18:15:05 -06:00
f176e339bc
Merge pull request #12 from clee-r7/ms-2911
...
Ms 2911
2018-02-05 15:46:28 -06:00
1759621b03
Make 8080 default service port
2018-02-05 15:01:03 -06:00
020a28f5c7
Unify data service command
2018-02-05 13:28:17 -06:00
e8b29af208
Merge branch 'goliath' into MS-2833
2018-02-02 17:32:17 -06:00
dcf4171cfb
Fix query array encoding issue
2018-02-02 17:16:12 -05:00
5a899d5126
Renamed msfdb to avoid omnibus collision, removed inline data service startup code
2018-02-01 16:28:36 -06:00
3bc0608579
Finish POC cleanup
2018-02-01 13:59:15 -06:00
59bc1a34d5
Remove 'puts' logging and cleanup AWS poc
2018-02-01 13:38:20 -06:00
fc7ab6cbff
Merge branch 'externalize-host-data-search' into MS-2833
2018-02-01 11:24:11 -06:00
5c38207a8e
WIP externalize host data search
2018-01-31 16:34:42 -05:00
3ff613db8f
"fix" adding loot from the command line
2018-01-31 10:31:09 -06:00
e1b61b8180
Merge branch 'goliath' into MS-2833
2018-01-31 10:06:36 -06:00
3a01a16dcb
Fix issue with workspace in query data
2018-01-25 17:29:58 -05:00
4989e94e68
Add HTTP PUT request method
2018-01-25 10:40:57 -05:00
5505996518
Add loot delete
2018-01-24 16:42:16 -06:00
2ffd627c56
Merge branch 'goliath' into add_https
2018-01-23 18:59:59 -05:00
dd65141a22
Merge branch 'goliath' into MS-2891
2018-01-23 10:45:44 -06:00
d10cd2d92a
Add verification methods to HTTPS
...
This commit enables peer verification for SSL.
It also gives the user options to verify the server if the server uses a self-signed cert.
There is an override to skip verification as well.
2018-01-22 18:08:16 -06:00
6ffae7f6ad
Merge pull request #9 from clee-r7/correct-api-url
...
Update API URLs
2018-01-22 15:17:09 -06:00
2521c941d4
Ported singleton calls
2018-01-22 14:57:28 -06:00
2211459b9d
Correct workspace_associations_counts API path
2018-01-20 14:54:14 -05:00
b7e5b0f161
Update API URLs per design discussion
2018-01-20 14:50:59 -05:00
cb4999c1ac
Add URI query data option to request methods
2018-01-19 16:51:49 -05:00
d5978803eb
Fix all failing rspec for goliath
2018-01-19 15:16:19 -06:00
b8296a809c
Merge branch 'goliath' into add_https
2018-01-19 13:33:24 -06:00
ff9c69c7c8
Merge branch 'rapid7/master' into goliath
2018-01-19 13:28:17 -06:00
764ecf6562
Land #6 JSON to MDM
...
Deserialize JSON returned from a remote data service to an in-memory MDM object
2018-01-18 17:21:10 -05:00
0654979be6
Remove separate code path for openstruct for creds.
...
Also fix RemoteCredentialDataService to work with json_to_mdm
2018-01-18 13:27:33 -06:00
7fe237abe1
Land #9220 , Module cache improvements
2018-01-17 22:34:51 -06:00
08f622b0ce
update version
2018-01-17 17:24:15 -06:00
bab9b66521
Only send back one object for host create
2018-01-12 10:52:16 -06:00
809d3d28c7
Merge branch 'rapid7/master' into goliath
2018-01-11 16:18:41 -06:00
b2666ad3f2
Update host delete method to return full objects of deleted hosts
2018-01-11 16:12:25 -06:00
18f16e7c66
Bump version of framework to 4.16.32
2018-01-11 10:03:16 -08:00
e964e8bcbb
Fix incorrect HTTP request method calls
2018-01-10 23:59:53 -05:00
f895169c7f
Fix incorrect HTTP request method calls
2018-01-10 23:53:24 -05:00
3c73892a70
Use json_to_mdm for Credentials.
2018-01-10 16:58:44 -06:00
4a377af5e6
Deserialize JSON to Mdm Object
2018-01-09 15:18:49 -06:00
173705ad35
Add error handling when no data returned from server
2018-01-05 11:44:25 -06:00
3a7a539c84
Bump version of framework to 4.16.31
2018-01-04 12:17:08 -08:00
d4de9eef9b
Bump version of framework to 4.16.30
2018-01-04 10:03:21 -08:00
5058c2d36f
Merge branch 'goliath' into add_https
2018-01-03 10:51:22 -06:00
4aac8f5c39
Merge branch 'rapid7/master' into goliath
2018-01-02 17:34:40 -06:00
40d15bf3e6
Hash#each style correction
2018-01-02 12:25:14 -05:00
f015b926da
Merge branch 'goliath' into add_https
2018-01-02 10:38:48 -06:00
7254130b77
Bump version of framework to 4.16.29
2017-12-28 15:19:22 -08:00
66ca61f636
Merge released '4.x'
2017-12-28 17:15:29 -06:00
c2bb144d0f
Land #9302 , Implement ARD auth and add remote CVE-2017-13872 (iamroot) module
2017-12-28 14:11:26 -06:00
c681c7881d
Bump version of framework to 4.16.28
2017-12-28 10:03:39 -08:00
6f1196d30c
clarify what's happening when there is a connection failure
2017-12-27 22:32:08 -06:00
5e4836b1e9
Implement hosts remote data store delete
...
Also, resolve an issue when adding a host where the client-side
raises an exception.
2017-12-26 23:09:23 -05:00
d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-22 08:07:40 -08:00
909caa0425
Bump version of framework to 4.16.27
2017-12-21 13:27:52 -08:00
9d8cb8a8d0
Merge branch '4.x' into upstream-master
2017-12-21 15:17:38 -06:00
ee2f10efc5
Bump version of framework to 4.16.26
2017-12-21 10:04:38 -08:00
962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 18:58:36 -08:00
d0b3abc14b
Better handling of MQTT endpoints which don't require authentication
...
Arguably this is working around LoginScanner's inability to provide
blank usernames AND passwords
2017-12-20 18:02:52 -08:00
8cd7185a7f
Land #9313 , Add DirectAdmin login_scanner module
2017-12-20 15:23:24 -06:00
7f8a5d3834
improved credential reporting
2017-12-20 15:09:11 -06:00
b4262662dc
Add missing mqtt login helper
2017-12-20 12:33:49 -08:00
66b1a555a1
Bump version of framework to 4.16.25
2017-12-18 16:33:25 -08:00
be2a3ca270
edited sid comment
2017-12-18 08:18:02 -05:00
f447fa1a12
Added DirectAdmin Login Utillity
2017-12-17 22:43:37 -05:00
b99f044de5
Implement VNC security type 30 (Apple Remote Desktop) authentication
2017-12-14 13:57:38 -06:00
be4f9236f2
Bump version of framework to 4.16.24
2017-12-14 10:08:05 -08:00
973f3bacd8
Remove require statements for remote_service_endpoint
2017-12-13 11:31:29 -06:00
74c00cf8ba
WIP: Enable HTTPS client.
...
Removed RemoteServiceEndpoint and using URI instead.
2017-12-12 16:42:20 -06:00
c7e7b5861d
Fix error in exception message
2017-12-11 17:52:24 -05:00
348cbe54b6
Bump version of framework to 4.16.23
2017-12-08 10:01:55 -08:00
8835dae6f0
Switch to net/http header handling
2017-12-05 15:06:15 -06:00
35b217b748
Merge branch 'goliath' into http_client_change
2017-12-05 11:13:53 -06:00
fd1681edd9
Bump version of framework to 4.16.22
2017-12-01 10:04:07 -08:00
174d0d46de
Bump version of framework to 4.16.21
2017-11-29 10:45:55 -08:00
c9da8f7a18
Bump version of framework to 4.16.20
2017-11-24 10:01:50 -08:00
770f092e5d
Use more accurate variable name
2017-11-22 12:34:24 -06:00
e0837fb01d
Create local copies of loot
2017-11-21 16:28:19 -06:00
82a30ed618
Fix bug in db_nmap with RDS
...
The cmd_db_nmap method was cleaning up the nmap XML file
before it could be read. Making the call synchronous will prevent
it from hitting the ensure block before the processing is done
when running msfdb locally.
2017-11-20 15:40:27 -06:00
602406a423
Bump version of framework to 4.16.19
2017-11-17 10:02:22 -08:00
5cdd364590
Bump version of framework to 4.16.18
2017-11-15 19:46:12 -08:00
fe1af35107
First pass at changes needed for module metadata caching
2017-11-15 16:38:01 -06:00
9647f8d951
DRY up HTTP request code.
2017-11-14 15:31:31 -06:00
4f660d7dd7
Bump version of framework to 4.16.17
2017-11-10 10:05:05 -08:00
029d3b718d
Connect and get working with net/http.
...
POST looks to be working too.
2017-11-09 17:10:26 -06:00
fbbc8da8fb
Fix raise(s) in MSSQL client aborting mssql_login
2017-11-07 14:30:47 -06:00
deb5a7b015
Bump version of framework to 4.16.16
2017-11-03 10:03:38 -07:00
a14102083c
Bump version of framework to 4.16.15
2017-11-02 10:01:12 -07:00
04f5f41265
Merge branch 'port_dbnmap' into loot_and_creds
2017-10-31 17:03:40 -05:00
cfdda37f62
Send nmap file across the wire.
2017-10-31 10:12:45 -05:00
f42b980cf0
fix misspelled RuntimeError
2017-10-30 15:42:11 -05:00
140955f220
Bump version of framework to 4.16.14
2017-10-27 10:03:00 -07:00
9d00093d81
Initial commit for nmap proxying
2017-10-25 16:04:31 -05:00
a4914074fb
Merge branch 'goliath' into loot_and_creds
2017-10-24 12:01:32 -05:00
d63b087610
Fix bug with creating session_events
2017-10-24 11:51:27 -05:00
ffcec527a7
Successfully storing creds remotely
2017-10-23 11:30:50 -05:00
884b68fa60
Bump version of framework to 4.16.13
2017-10-20 10:02:23 -07:00
2c8f27cd98
More general cleanup including is_local db check
2017-10-16 17:07:26 -05:00
5232e9926e
creds command converted
2017-10-16 15:27:53 -05:00
88585a5cfd
Bump version of framework to 4.16.12
2017-10-13 10:03:48 -07:00
4c164fafb0
WIP: proxy credentials
2017-10-10 13:52:30 -05:00
4acef04e0d
Bump version of framework to 4.16.11
2017-10-06 10:01:51 -07:00
0dbfc9d447
WIP: Drop session objects before JSON conversion
...
The session object is not intended to be store in the DB.
There are a ton of subobjects and unneeded data that causes the JSON conversion
to hang or fail with 'stack level too deep' errors.
2017-10-06 11:43:01 -05:00
08b62db061
Pass loot contents over the API and write file
2017-10-03 12:31:57 -05:00
49f5256f88
Make session_events retrievable from the API
2017-09-29 16:04:17 -05:00
eb927663ff
use a better method for storing session_events
2017-09-29 14:59:08 -05:00
32104eb90e
Bump version of framework to 4.16.10
2017-09-29 10:04:04 -07:00
293d1edeb1
Merge master: 8853193542
2017-09-29 11:06:16 -05:00
ed74c3726f
Proxy session events.
...
This enables modules to use report_loot with a remote data service
2017-09-28 17:03:09 -05:00
0b29408aa2
Allow filtering of loot
2017-09-26 13:48:01 -05:00
ee3e354f4f
Get posting working with loot -a
2017-09-22 16:13:58 -05:00
40abbccb03
Merge remote-tracking branch 'rapid7/master' into proxy_loot
2017-09-22 14:10:02 -05:00
68fa3d45f3
Bump version of framework to 4.16.9
2017-09-22 10:05:19 -07:00
812ad9f9cb
loot printing (maybe) working
2017-09-21 15:20:49 -05:00
9f95f88035
Fix a couple of bugs.
2017-09-19 16:35:18 -05:00
765ea01e9f
loot posting working
2017-09-18 15:58:40 -05:00
b2f5bd16e6
Bump version of framework to 4.16.8
2017-09-15 10:02:38 -07:00
2cd9649139
Added msf red connection mechanism
2017-09-14 12:57:03 -05:00
faa84faf25
Bump version of framework to 4.16.7
2017-09-08 15:38:22 -07:00
f5a73f3efe
Bump version of framework to 4.16.6
2017-09-08 10:03:41 -07:00
000f561d6f
Added session data export
2017-09-08 11:09:15 -05:00
92f5290a50
Bump version of framework to 4.16.5
2017-09-01 10:08:40 -07:00
a0131f450e
Bump version of framework to 4.16.4
2017-08-28 14:34:39 -07:00
779b25bdf6
Bump version of framework to 4.16.3
2017-08-25 10:02:45 -07:00
2f72404b26
Bump version of framework to 4.16.2
2017-08-23 19:11:11 -07:00
7c2fa20191
Bump version of framework to 4.16.1
2017-08-23 10:36:19 -07:00
c09796ea7e
Merge master
2017-08-23 11:37:04 -05:00
ca7d481658
Bump version of framework to 4.16.0
2017-08-20 16:57:48 -07:00
95824ce132
Bump version of framework to 4.15.8
2017-08-18 10:03:23 -07:00
be926e1d75
Bump version of framework to 4.15.7
2017-08-11 10:12:37 -07:00
83cd0bc977
Bump version of framework to 4.15.6
2017-08-04 10:07:09 -07:00
70f659370f
Bump version of framework to 4.15.5
2017-07-28 10:21:44 -07:00
50474a1ea7
Bump version of framework to 4.15.4
2017-07-21 10:03:44 -07:00
39b2e824ec
Bump version of framework to 4.15.3
2017-07-17 15:43:31 -07:00
f80c053114
Bump version of framework to 4.15.2
2017-07-17 12:01:22 -07:00
d6ee0ca94d
Merge branch 'master' into kill-cucumber
2017-07-14 10:23:38 -05:00
03691cc35f
Bump version of framework to 4.15.1
2017-07-12 20:08:07 -07:00
dbef4ee816
kill cucumber in framework
2017-07-12 08:00:29 -05:00
b81e9a4d2a
Pass 1: externalize database
2017-07-07 13:33:42 -05:00
fad696ed58
Bump version of framework to 4.15.0
2017-06-22 18:02:38 -07:00
c0efb7bc76
Land #8573 , Adapted the authentitcity_token scheme
2017-06-19 15:45:20 -05:00
James Barnett
Matthew Kienow
Aaron Soto
christopher lee
h00die
Brent Cook
Wei Chen
jbarnett-r7
Matthew Kienow
Metasploit
Jeffrey Martin
Jon Hart
Nick Marcoccio
jgor
William Vu
dmaloney-r7
Brent Cook
Pearce Barry