Commit Graph

9017 Commits (21742b646927b952ad3148673f1baca1ad3f7fbd)

Author SHA1 Message Date
Luke Imhoff dee02fc85b
Automatically clear previous log/metasploit/framework/spec/constants/each.log
MSP-11130

Have a task, 'metasploit:framework:spec:constants:each:clean' run before
`rake spec` that removes the previous
`log/metasploit/framework/spec/constants/each.log` so that the user doesn't
have to manually remove the load when removing
`Metasploit::Framework::Spec::Constants::Each.configure!` from
`spec/spec_helper.rb`.
2014-11-04 13:58:13 -06:00
Luke Imhoff 313d86982c
Log Spec::Constants::Each error instead of flag.
MSP-11130

Instead of writing `1` to the file and then printing a verbose message
in the spec task action, log the verbose message and just print the log
in the spec task action, so other tools can just look at the log when
not using `rake spec`.

NOTE: Failing specs due to unnecessary
`Metasploit::Framework::Spec::Constants::Each.configure!`
2014-11-04 13:36:52 -06:00
Luke Imhoff 1d09fa677e
log/remove-cleaner -> log/metasploit/framework/spec/constants/each.log
MSP-11130

Rename log file to match naming scheme for
Metasploit::Framework::Spec::Constants::Suite.
2014-11-04 13:21:47 -06:00
Luke Imhoff 4f986c4a48
Add .log extension to metasploit/framework/spec/constants/suite log
MSP-11130
2014-11-04 13:20:10 -06:00
Jon Hart b0e388f4c3
Land #3516, @midnitesnake's snmp_enumusers fix for Solaris, OS X 2014-11-04 08:23:16 -08:00
Luke Imhoff 7cb0954a6e
Add manual removal of `log/remove-cleaner` to Each removal
MSP-11130

When removing `Metasploit::Framework::Spec::Constants::Each.configure`
from spec/spec_helper.rb,
`Metasploit::Framework::Spec::Constants::Each.define_task` will see the
`log/remove-cleaner` from the last run unless it is manually removed.
2014-11-04 10:10:28 -06:00
Luke Imhoff b0f1b2a1f7
Merge branch 'master' into feature/MSP-11130/metasploit-framework-spec-constants
MSP-11130

Conflicts:
	Rakefile
2014-11-04 10:10:12 -06:00
agix 333d420c94 Fix refactoring bug from 23 october in util/exe
23 October, {} instead of #{} totally break windows service generation
f19b093529 (diff-0f5729034d8b0b321e738f2fc047854fL578)
2014-11-04 11:59:36 +01:00
Tod Beardsley 0199e4d658
Land #3770, resolve random stager bugs 2014-11-03 14:15:14 -06:00
Tod Beardsley 0b39c2ed85
Land #4084, prep for Ruby 2.1 2014-11-03 13:43:50 -06:00
HD Moore 8aecd5e4a5 Address the two open comments from @jlee-r7 2014-11-03 12:33:11 -06:00
Jon Hart 8f197d4918 Move to build_probe 2014-11-03 08:41:51 -08:00
Jon Hart 05dd3fa4ba rport, not datastore['RPORT'] 2014-11-03 08:26:11 -08:00
Tom Sellers 0b8b0499f3 - Added range support to sessions -c and sessions -s
- Added check for un-detach-able sessions
- Added back the check for session.interactive? when detaching sessions
- Collapse build_jobs_array and build_sessions_array to build_range_array
- Added check for empty or invalid parameters to detach and kill [session | job]
- Reworked session id sanity check around line 1660
- RuboCop/Style guide change: Array.new -> []
- Misc RuboCop/Style guide spacing changes
2014-10-31 15:02:17 -05:00
Jon Hart c921611821 Move default probe and result store to UDPScanner, since most need it 2014-10-31 12:02:21 -07:00
Jon Hart 1f6658639f More sane % printing for aux scanner 2014-10-31 10:25:01 -07:00
Jon Hart f16720bb55 Trailing , 2014-10-31 09:39:34 -07:00
Jon Hart f66c43475b More sane % printing for aux scanner 2014-10-31 09:39:21 -07:00
Jon Hart 77cd6dbc8b Usability improvements to UDPScanner
* Add RPORT as a regular option, define rport
* Add CPORT as an advanced option, define cport
* Change CHOST to an advanced option
* Use a more sane THREADS value since hosts are scanned in batches
2014-10-31 09:20:14 -07:00
HD Moore 9b61ae5f63 This is halloween.
THISISHALLOWEEN=1 ./msfconsole
2014-10-30 23:35:12 -05:00
William Vu e3ed7905f1
Add tnftp_savefile exploit
Also add URI{HOST,PORT} and {,v}print_good to HttpServer.
2014-10-30 20:38:16 -05:00
Luke Imhoff 325c01e45d
Log constants leaked before and after suite
MSP-11130

Some constants can be leaked before suite if module are loaded during
spec loading, such as if a framework instance in made in the context
body of a spec instead of in a before callback.
2014-10-30 14:04:07 -05:00
Luke Imhoff ae0a98785f
Print when Metasploit::Framework::Spec::Constants::Each before(:each) cleans
MSP-11130

Print to stderr the full description of the example when
`Metasploit::Framework::Spec::Constants.configure!`'s `before(:each)`
cleans constants as it may clean constants that are leaked from the
class level at parse time.
2014-10-30 12:34:55 -05:00
Luke Imhoff c8e4745d6d
Fail `rake spec` if leak tracking unnecessary
MSP-11130

Fail `rake spec` if
`Metasploit::Framework::Spec::Constants::Each.configure!`'s
`before(:each)` does not clean all leaked constants and if should be
removed so that it does not interefore with future specs.
2014-10-30 09:37:17 -05:00
James Lee 667f1ca876
Move readline choice into a method 2014-10-29 22:33:23 -05:00
James Lee 7b77bbedaa
Better explanations 2014-10-29 22:32:56 -05:00
James Lee 867329d4b3 Fix readline by mucking with load path 2014-10-29 22:14:49 -05:00
Luke Imhoff c2bd75b587
Clean up leaked constants
MSP-11130
2014-10-29 15:50:47 -05:00
Luke Imhoff 892aeaf727
Metasploit::Framework::Spec::Constants cleaner
MSP-11130

Shared context will calls `Metasploit::Framework::Spec::Constants.clean
after each example.
2014-10-29 11:31:17 -05:00
Luke Imhoff 0d4b22ce7a
Detect constant leaks in individual examples
MSP-11130

`Metasploit::Framework::Spec::Constants::Each.configure!` will set up an
`after(:each)` callback that will fail the example if there are leaked
constants.  Leaked constants are cleaned up to prevent misattribution.
2014-10-28 15:50:24 -05:00
Luke Imhoff f9b1f2a424
Extract Metasploit::Framework::Spec::Constants::Suite
MSP-11130

`Metasploit::Framework::Spec::Constants::Suite` extracts out
`LOG_PATHNAME`, `configure!`, and `define_task` as those piece are
specific to handling constant leaks for the entire suite.  This is in
preparation for `Metasploit::Framework::Spec::Constants::Each`.
2014-10-28 15:07:32 -05:00
Luke Imhoff 3ec9cf54c9
Filter non-loaded-module constants from leaked constants
MSP-11130

Constants from library Modules or Classes should not be reported as
leaked since they have been required and should be persistent between
spec runs.
2014-10-28 14:05:27 -05:00
Luke Imhoff 1a1f3335b8
Extract Metasploit::Framework::Spec::Constants.full_name
MSP-11130

Extract method to convert child constant names to module full names so
it can be reused 'Metasploit::Framework::Spec::Constants tracker' shared
context.
2014-10-28 13:53:48 -05:00
Luke Imhoff a0a9c2140b
Log leaked constants and fail rake spec on leak
MSP-11130

Instead of printing the leaked constants to stderr, log them to
`log/leaked-constants.log`.  In task action for spec, read
`log/leaked-constants.log`.  If it exists, print each leaked constants
(and it appropriate it's module full name) and then exit with 1.  If the
file does not exist, do nothing.
2014-10-28 11:21:35 -05:00
Joe Vennix c6bbc5bccf
Merge branch 'landing-4055' into upstream-master 2014-10-28 11:18:20 -05:00
William Vu 4251ad199e
Change killing back to stopping
Got a little excited with the copypasta, I guess.
2014-10-28 05:49:30 -05:00
William Vu 5547890002
Add support for sessions -d ranges 2014-10-28 03:07:46 -05:00
William Vu 36c85b7150
Add support for jobs -k ranges 2014-10-28 03:01:53 -05:00
sinn3r e31c9f579d
Land #3987 - Buffalo Linkstation NAS Login Scanner 2014-10-28 01:45:57 -05:00
Tod Beardsley d8cf45ef67
Allow FTP server exploits pick a PASV port
This makes it somewhat easier to use FTP server exploit modules in
somewhat more restrictive networks, where you might only have a few
inbound ports to choose from.
2014-10-27 22:21:54 -05:00
Tod Beardsley 7d34452448
TCP and TCPServer should use TLS1 by default 2014-10-27 15:55:50 -05:00
William Vu 1508be6254
Fix whitespace in lib/msf/ui/banner.rb for #4073 2014-10-27 14:49:44 -05:00
William Vu 7f66d18cfd
Clean up whitespace a bit 2014-10-27 14:49:27 -05:00
William Vu 626cd55b5e
Land #4073, improved banner selection 2014-10-27 14:20:10 -05:00
Luke Imhoff c84febea5f
tools/missing-payload-tests.rb
MSP-11145

**NOTE: Failing specs**

Add a tool for reading `log/untested-payload.log` and
`framework.payloads` to determine `context`s to add
`spec/modules/payloads_spec.rb` to test the untested payloads.
2014-10-27 13:03:31 -05:00
Jon Hart b8c9ef96ca
Land #4003, @nstarke's Login Scanner for WD MyBook Live NAS 2014-10-27 09:57:43 -07:00
Jon Hart 765b5e686c
Use configured method and URI rather than duplicated values 2014-10-27 09:56:39 -07:00
Luke Imhoff 605f48e58d
Detect leaked constants under Msf::Modules
MSP-11130

Detect constants leaked under Msf::Modules after the suite completes.
2014-10-27 11:13:43 -05:00
scriptjunkie aba25cb28c Make RPC creds work again 2014-10-26 15:50:40 -05:00
Tom Sellers 13b6f1cf48 Syntax changes 2014-10-25 09:39:15 -05:00
nstarke 44f7db4798 Refactoring Success Case
I have refactored the code so that it will work with
non-root accounts.
2014-10-25 13:31:36 +00:00
Joe Vennix 136c2c4377
Use the SNMP fix from master. 2014-10-24 13:01:06 -05:00
Spencer McIntyre c1a61e3b4e Support an MSFLOGO env var and logo enumeration 2014-10-24 13:07:28 -04:00
Joshua Smith a9e52437f0 fixes inverted EICAR corruption logic 2014-10-24 10:27:13 -05:00
Spencer McIntyre 82f41d56a6 Add [user_]logos_directory to Msf::Config 2014-10-24 10:52:05 -04:00
Joshua Smith 3b8067e9a2 fixes refactor error in msf/util/exe 2014-10-23 22:15:19 -05:00
Joshua Smith 34f29f218c really resolve merge conflicts 2014-10-23 21:51:33 -05:00
Joshua Smith bf63d85e5c fixes merge conflicts msfpayload & exe 2014-10-23 21:43:46 -05:00
sinn3r 7cb4320a76
Land #3561 - unix cmd generic_sh encoder 2014-10-23 15:48:00 -05:00
Luke Imhoff 48d6880f1d
Add docs for untested payload testing
MSP-11145

Add docs to rake task, shared examples, and share contexts for how to
use all 3 together.
2014-10-23 11:17:05 -05:00
Luke Imhoff f827a1c761
Extract untested-payloads.log checker spec task action
MSP-11145

Extract the spec task action which errored out if
`log/untested-payloads.log` exists to
`Metasploit::Framework::Spec::UntestedPayloads.define_task`.
2014-10-23 10:24:33 -05:00
Tom Sellers 2a6a8245cf Allow killing multiple specific sessions 2014-10-23 05:56:26 -05:00
Joshua Smith f19b093529 cleans & DRYs exploit/exe & util/exe & msfpayload 2014-10-23 01:10:38 -05:00
Jon Hart 83df08aaa7 Properly encode body and catch invalid configs 2014-10-22 22:43:06 -07:00
sinn3r 42cd288bc0
Land #4057 - Bring back TCP::max_send_size and TCP::send_delay options
Fix #3967
2014-10-22 16:23:15 -05:00
James Lee a5a84886ee
Make sure vnc closes the socket 2014-10-22 15:53:05 -05:00
Tim Wright 7f7f257426
fix session.shell_upgrade after #3401 2014-10-22 21:22:10 +01:00
Tim Wright 22fc6496ac Merge branch 'pr/3401' into landing-3401 2014-10-22 19:23:01 +01:00
Jon Hart ce8a9941ea Cleanup. Sanity check in setup. vprint 2014-10-22 10:36:24 -07:00
Jon Hart 7b33ff1363
Land #3767, @jvazquez-r7's specs for Rex::Encoder::XDR 2014-10-22 09:22:53 -07:00
James Lee 46acf08e2d Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions 2014-10-22 09:09:34 -05:00
nstarke ee3dd3a2ac More Fixes for WD MyBook Live Scanner
Fixes include removing deregistered options
from credentials collection object and adding proof
 when there is no response
2014-10-22 03:06:21 +00:00
James Lee e1a7e902d6
Re-enable tcp evasions for more LoginScanners
Untested since I don't have targets for these.
2014-10-21 18:58:28 -05:00
sinn3r 79d393c5aa Resolve merge conflicts
Conflicts:
	lib/msf/core/exploit/smb.rb
	lib/msf/core/exploit/tcp.rb
	modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
James Lee 83b1d270cd
Fix ftp and mssql 2014-10-21 11:09:39 -05:00
James Lee 8b2dcac730
Fix telnet 2014-10-21 11:08:41 -05:00
James Lee 2fcb1004fb
Move tcp options to Tcp::Client out of RexSocket 2014-10-21 09:59:26 -05:00
James Lee e76ee294a1
Restore tcp evasions to telnet 2014-10-21 09:44:55 -05:00
Luke Imhoff 9dfbbbde7d
Add missing require
MSP-11145
2014-10-21 09:39:31 -05:00
James Lee cb9a77c06b
Fix NoMethodError when unable to connect
Derp.
2014-10-21 08:58:45 -05:00
James Lee 6f3b26f5e9
Remove tcp evasions from Http
Can't use 'em anyway
2014-10-21 08:27:29 -05:00
nstarke 82b74d5f3c Fixes to MyBook Live Module
This commit contains three fixes as requested on PR
#4003.  Those include:

+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
2014-10-21 00:50:40 +00:00
nstarke 70b13819d9 Adding Login Scanner for MyBook Live
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
2014-10-21 00:50:40 +00:00
Jon Hart 82de2eb1f3
Fix Rex::Encoder::XDR.decode_int! to properly handle short data 2014-10-20 11:30:13 -07:00
Tod Beardsley 85f48a3fb2
Land #3738, SMBServer file descriptor updates 2014-10-20 12:40:43 -05:00
HD Moore 935a23296d
Updates to NAT-PMP, lands #4041 2014-10-20 11:26:26 -05:00
James Lee 3051b6c5ba
Clean up exceptions
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
2014-10-20 10:27:02 -05:00
James Lee b7d69bec83
Restore proxies to ssh scanners 2014-10-20 10:19:06 -05:00
James Lee 6498ed0dc8
Report the actual host that failed to connect
Instead of the eventual target where our proxy chain will connect. In
the usual case (no Proxies set), this will be the same output as before.
When proxies are given, the user will see that the first proxy
connection is actually what failed.
2014-10-17 17:37:04 -05:00
William Vu ce40c1152a
Land #4014, msfconsole spinnerz 2014-10-17 16:25:31 -05:00
Luke Imhoff 080ea3e56a
Merge branch 'staging/great-backport' into feature/MSP-11126/msf-module-reorg
MSP-11126
2014-10-17 14:28:13 -05:00
Luke Imhoff 06fbbf7001
Fully-qualified Msf::NormalRanking in Msf::Module::Ranking
MSP-11126

Needed due to loss of `Msf` lexical scope.
2014-10-17 13:58:57 -05:00
Luke Imhoff 43354774e1
Fully qualified Msf::RankingName in Msf::Module::Ranking
MSP-11126

To compensate for loss of `Msf` lexical scope.
2014-10-17 13:43:51 -05:00
Luke Imhoff ae45c1b9d3
Msf::Module::Rank -> Msf::Module::Ranking
MSP-11126

So that mixin module won't appear as Rank constant that Msf::Module
subclasses are supposed to define.
2014-10-17 13:39:53 -05:00
Tod Beardsley a431bff13f
@wvu-r7 is a skilled negotiator. s/stdout/stderr/ 2014-10-17 13:13:44 -05:00
Luke Imhoff a6a2886faa
Fully-qualify Msf::OptionContainer references
MSP-11126
2014-10-17 13:09:27 -05:00
Luke Imhoff 112b5988f2
Add missing autoload to fix loading on travis-ci
MSP-11126

`Msf::Module::Failure` fails to load on travis-ci probably due to a load
order difference, so add `:Failure` to autoloads in `Msf::Module`.
2014-10-17 13:05:59 -05:00
Luke Imhoff 0c00c7cc50
Fully-qualifiy Msf::MODULE_TYPES constants
MSP-11126

Fully-qualify `Msf::MODULE_TYPES`, `Msf::MODULE_ANY`,
Msf::MODULE_ENCODER`, `Msf::MODULE_EXPLOIT`, `Msf::MODULE_NOP`,
`Msf::MODULE_AUX`, `Msf::MODULE_PAYLOAD`, `Msf::MODULE_POST` so that
their usage isn't dependent on nested lexical scoping.
2014-10-17 12:43:40 -05:00
Tod Beardsley 5978bd5e62
Control the startup msg with -q, too 2014-10-17 12:41:58 -05:00
Tod Beardsley a45b21b6bf
-q will quiet the animation, too 2014-10-17 12:32:28 -05:00
Luke Imhoff 200d64040d
Fully-qualify Msf::ServiceState
MSP-11152

Replace unqualified `ServiceState` with `Msf::ServiceState`.
2014-10-17 11:58:11 -05:00
Luke Imhoff 172afd180a
Extract Msf::Module::Privileged
MSP-11126
2014-10-17 11:45:03 -05:00
Luke Imhoff cbae9be5b5
Extract Msf::Module::UUID
MSP-11126
2014-10-17 11:31:56 -05:00
Luke Imhoff a59e635913
Extract Msf::Module::Author
MSP-11126
2014-10-17 11:17:12 -05:00
Luke Imhoff 9f32cbd476
Use :: to force top-level constant resolution
MSP-11152

When `Msf::DBManager::Import::MetasploitFramework` is included in
`Msf::DBManager::Import`, it's child namespace of
`Msf::DBManager::Import::MetasploitFramework::Zip becomes resolvable as
`Zip` in `Msf::DBManager::Import` methods, so need to use `::Zip` to
cause `Zip` to be resolved from rubyzip gem.
2014-10-17 10:15:59 -05:00
Luke Imhoff 13923a8ca5
Fully-qualify Msf::DBImportError
MSP-11152

Constant was unqualified in some of the reorganized Msf::DBManager code
because that code was take advantage of the old nested lexical scope
that included `Msf`.
2014-10-17 09:29:01 -05:00
Luke Imhoff e822920298
Msf::Module::Author -> Msf::Author
MSP-11126

`Msf::Module::Author` was already aliased to `Msf::Author`.  This just
moved `Msf::Module::Author` to that alias to free up
`Msf::Module::Author` so it can be used for a concern for
`Msf::Module`'s author methods.
2014-10-17 08:59:54 -05:00
Luke Imhoff b5039c3817
Extract Msf::Module::Network
MSP-11126
2014-10-16 15:51:59 -05:00
Luke Imhoff 2e538bd72d
Extract Msf::Module::Search
MSP-11126
2014-10-16 15:27:54 -05:00
Luke Imhoff 7743fdb2f9
Extract Msf::Module::FullName
MSP-11126
2014-10-16 15:24:59 -05:00
Jon Hart 8fdae8fbfb Move protocol and lifetime to mixin, use correct map_target if CHOST 2014-10-16 13:24:17 -07:00
Luke Imhoff 0e53548c82
Extract Msf::Target
MSP-11126
2014-10-16 15:13:18 -05:00
Luke Imhoff e5cc456be7
Extract Msf::Platform
MSP-11126
2014-10-16 15:11:59 -05:00
Luke Imhoff 27c006a8f9
Extract Msf::SiteReference
MSP-11126
2014-10-16 15:09:55 -05:00
Luke Imhoff 9981271e2a
extract Msf::Reference
MSP-11126
2014-10-16 15:03:21 -05:00
Luke Imhoff c8730ca55b
Extract Msf::Author
MSP-11126
2014-10-16 14:59:15 -05:00
Luke Imhoff fe5ffa9cec
Standardize on autoload over require
MSP-11126

Standardize on autoload to prevent trying to use colliding names for
included Module with Modules/Classes just under the namespace.
2014-10-16 14:58:08 -05:00
Luke Imhoff d5c7a50e86
Extract Msf::Module::Rank
MSP-11126
2014-10-16 14:39:33 -05:00
Luke Imhoff e6f442697b
Extract Msf::Module::Type
MSP-11126
2014-10-16 14:23:21 -05:00
Luke Imhoff e418f98d45
arch -> Msf::Module::Arch
MSP-11126
2014-10-16 13:21:11 -05:00
Luke Imhoff 44b2e5e35c
Extract Msf::Module::Arch
MSP-11126
2014-10-16 13:14:56 -05:00
Luke Imhoff 31c93e9dbc
Extract Msf::Module::ModuleInfo
MSP-11126
2014-10-16 13:01:42 -05:00
Trevor Rosen c503e8a3d8
Merge branch 'landing/4026' into upstream-master
Land #4026

* db.rb (DBManager) now in multiple files
* Cucumber coverage for DB-related msfconsole commands
2014-10-16 11:52:57 -05:00
Luke Imhoff f9caa4d25e
Extract Msf::Module::Options
MSP-11126

Methods for registering, derigsterings, and validating options.
2014-10-16 11:14:42 -05:00
Luke Imhoff c50cb2eb8a
Extract Msf::Module::UI::*::Verbose and shared examples
MSP-11126
2014-10-16 10:05:45 -05:00
Luke Imhoff a9a6f0c5f9
Extract Msf::Module::UI::Line
MSP-11126
2014-10-16 09:50:07 -05:00
Luke Imhoff bc2bd99698
Extract Msf::Module::UI::Message
MSP-11126
2014-10-16 09:39:30 -05:00
Luke Imhoff f5d09f735e
Extract Msf::Module::Compatibility
MSP-11126
2014-10-16 09:14:57 -05:00
Luke Imhoff 85169d5e8d
Extract Msf::Module::DataStore
MSP-11126
2014-10-16 09:03:23 -05:00
Luke Imhoff f068d669d6
Extract Msf::Module::ModuleStore
MSP-11126
2014-10-16 09:03:07 -05:00
Luke Imhoff 370daaed5e
Extract Msf::Module::Failure
MSP-11126

Move `Msf::Module::Failure` to a file of its own.
2014-10-16 09:02:55 -05:00
James Lee 41a57b7ba5
Re-enable proxies for HTTP-based login scanners 2014-10-15 17:00:44 -05:00
Tod Beardsley d5a0b81680
Land #4024, auto-negotiate SSL versions
Thanks @hmoore-r7!
2014-10-15 16:04:38 -05:00
Tod Beardsley 62be638258
Add 'Auto' to tcp.rb as well. 2014-10-15 16:01:42 -05:00
James Lee 3a9c2f95c9
Add magic encoding to new files 2014-10-15 14:23:34 -05:00
James Lee 2986031db5
Move SMBServer into its own file 2014-10-15 14:22:23 -05:00
James Lee 1064488ada
Whitespace 2014-10-15 14:21:39 -05:00
Luke Imhoff 9456506e3d
Merge branch 'master' into feature/MSP-11124/msf-dbmanager-reorg
MSP-11124
2014-10-15 14:08:55 -05:00
Luke Imhoff 1f7ad1cac9
unserialize_object -> Msf::DBManager::Import::MetasploitFramework
MSP-11124
2014-10-15 14:03:18 -05:00
Luke Imhoff bed98fe43b
nils_for_nulls -> Msf::DBManager::Import::MetasploitFramework
MSP-11124
2014-10-15 13:59:03 -05:00
HD Moore fcd9b4b293 Allow non-SSLv3 Meterpreters (auto-negotiate) 2014-10-15 13:57:51 -05:00
Luke Imhoff ac30990177
Move libpcap helpers to Libpcap module
MSP-11124
2014-10-15 13:55:24 -05:00
Luke Imhoff 7aed88f11b
Extract Msf::DBManager::Import::Report
MSP-11124
2014-10-15 13:51:57 -05:00
HD Moore cb3a4afac5 Typo: request -> requested in message 2014-10-15 13:48:22 -05:00
Luke Imhoff e5e051c905
Extract Msf::DBManager::Import::Wapiti
MSP-11124
2014-10-15 13:42:54 -05:00
Luke Imhoff e65a386d3d
Extract Msf::DBManager::Import::Spiceworks
MSP-11124
2014-10-15 13:37:35 -05:00
HD Moore 7516512650 Raise an ArgumentError vs RuntimeError for backwards compatibility 2014-10-15 13:30:38 -05:00
HD Moore a762d871bf Autonegotiate SSL/TLS versions when not explicit 2014-10-15 13:26:40 -05:00
Luke Imhoff dfe690ac52
Extract Msf::DBManager::Import::Retina
MSP-11124
2014-10-15 13:23:12 -05:00
Luke Imhoff 8af280b1cb
Extract Msf::DBManager::Import::Outpost24
MSP-11124
2014-10-15 13:16:11 -05:00
Luke Imhoff eff95221da
Order methods
MSP-11124
2014-10-15 13:14:20 -05:00
Luke Imhoff cf555e2390
Extract Msf::DBManager::Import::OpenVAS
MSP-11124
2014-10-15 13:11:49 -05:00
Luke Imhoff 5d6044786a
Extract Msf::DBManager::Import::Nmap
MSP-11124
2014-10-15 13:06:28 -05:00
Luke Imhoff cf3a3a0d65
Move nexpose requires to appropriate module
MSP-11124
2014-10-15 12:54:30 -05:00
Luke Imhoff 16f143c2ed
Extract Msf::DBManager::Import::Nikto
MSP-11124
2014-10-15 12:51:16 -05:00
Luke Imhoff e64a14c748
Extract Msf::DBManager::Import::Nexpose::Simple
MSP-11124
2014-10-15 12:40:04 -05:00
Tod Beardsley c4d1a4c7dc
Revert #4022, as the solution is incomplete
Revert "Land 4022, datastore should default TLS1 vs SSL3"

This reverts commit 4c8662c6c1, reversing
changes made to 0937f32ff9.
2014-10-15 12:32:08 -05:00
Luke Imhoff 2b861f91e9
Extract Msf::DBManager::Import::Nexpose::Raw
MSP-11124
2014-10-15 11:59:03 -05:00
Luke Imhoff c371eab26a
Extract Msf::DBManager::Import::Netsparker
MSP-11124
2014-10-15 11:46:38 -05:00
Luke Imhoff a73b0e2283
Move requires for nessus parses to appropriate module
MSP-11124
2014-10-15 11:42:00 -05:00
Luke Imhoff b43035145d
Move nessus helper function to closest module
MSP-11124
2014-10-15 11:39:23 -05:00
Luke Imhoff aae6dc9066
Extract Msf::DBManager::Import::Nessus::XML::V*
MSP-11124

Extract different versions of Nessus XML format.
2014-10-15 11:34:37 -05:00
Luke Imhoff a0494b2eeb
Extract Msf::DBManager::Import::Nessus::XML
MSP-11124
2014-10-15 11:27:23 -05:00
Luke Imhoff 0c861848bc
Extract Msf::DBManager::Import::Nessus::NBE
MSP-11124
2014-10-15 11:21:26 -05:00
Luke Imhoff d0d0c478aa
Extract Msf::DBManager::Import::MetasploitFramework::Credential
MSP-11124
2014-10-15 11:12:13 -05:00
Luke Imhoff 46a2c47dfe
Extract Msf::DBManager::Import::MetasploitFramework::Zip
MSP-11124
2014-10-15 10:59:41 -05:00
Tod Beardsley 1754b23ffb
Datastore options should default to TLS1, not SSL3
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)

Squashed commit of the following:

commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:19:04 2014 -0500

    Whoops missed one

commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:16:59 2014 -0500

    Other datastore options also want TLS1 as default

commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:12:06 2014 -0500

    TCP datastore opts default to TLS1

    Old encryption is old. See also: POODLE
2014-10-15 10:28:53 -05:00
Luke Imhoff 65885c8cc8
MsfXml -> MetasploitFramework::XML
MSP-11124
2014-10-15 10:25:42 -05:00
Luke Imhoff ac9a593b43
import_msf_file -> Msf::DBManager::Import::MsfXml
MSP-11124
2014-10-15 10:02:42 -05:00
Luke Imhoff d870188377
Extract Msf::DBManager::Import::MBSA
MSP-11124
2014-10-15 09:54:03 -05:00
Luke Imhoff f29408680f
Extract Msf::DBManager::Import::Libpcap
MSP-11124
2014-10-15 09:48:23 -05:00
Luke Imhoff 44968400e9
Extract Msf::DBManager::Import::IPList
MSP-11124
2014-10-15 09:42:11 -05:00
Luke Imhoff e5236e9b56
Extract Msf::DBManager::Import::FusionVM
MSP-11124
2014-10-15 09:36:29 -05:00
Luke Imhoff 2e85dc910a
Extracts Msf::DBManager::Import::Foundstone
MSP-11124
2014-10-15 09:27:53 -05:00
Luke Imhoff 68a1ebd2fb
Extract Msf::DBManager::Import::CI
MSP-11124
2014-10-15 09:23:08 -05:00
Luke Imhoff 8d628c221b
Extract Msf::DBManager::Import::Burp
MSP-11124
2014-10-15 09:16:57 -05:00
Luke Imhoff f42307a6ff
Extract Msf::DBManager::Import::Appscan
MSP-11124
2014-10-15 09:12:38 -05:00
Luke Imhoff dcac8a45ee
Extract Msf::DBManager::Import::Amap
MSP-11124
2014-10-15 09:06:03 -05:00
Jon Hart 07f2d4dafe
Further improvements to NAT-PMP. Faster, more useful, less not useful 2014-10-15 06:39:38 -07:00
HD Moore 6cf62765de Default to TLSv1 for RPC connections 2014-10-15 01:20:43 -05:00
James Lee 5434996969
Move TcpServer into its own file 2014-10-14 18:43:40 -05:00
Jon Hart ea6824c46f WIP of NAT-PMP rework 2014-10-14 14:20:24 -07:00
Luke Imhoff a00d039796
Move require for IP360 XML parser
MSP-11124
2014-10-14 16:18:47 -05:00
Luke Imhoff 599bcc33a9
Extract Msf::DBManager::Import::IP360::V3
MSP-11124
2014-10-14 16:16:47 -05:00
Tod Beardsley e68aaa4226
Don't disclose empty disclosure dates
For rapid7#4015
2014-10-14 16:02:23 -05:00
Luke Imhoff 81c18c96ee
Extract Msf::DBManager::Import::IP260::ASPL
MSP-11124
2014-10-14 15:58:43 -05:00
Luke Imhoff 6c0f549abb
Extract Msf::DBManager::Import::Acunetix
MSP-11124
2014-10-14 15:40:29 -05:00
Luke Imhoff 0c10b5a859
Extract #handle_qualys to Msf::DBManager::Import::Qualys
MSP-11124
2014-10-14 15:32:22 -05:00
Luke Imhoff 11bcac8a4e
Extract Msf::DBManager::Import::Qualys::Scan
MSP-11124
2014-10-14 15:19:55 -05:00
William Vu f612c8cd3e
Add disclosure date to info 2014-10-14 15:15:24 -05:00
William Vu fdd79e64c3
Land #4010, ReverseAllowProxy clarification 2014-10-14 15:10:50 -05:00
Tod Beardsley e010d70913
No need for that bool option 2014-10-14 14:59:57 -05:00
Tod Beardsley bf0a5d038e
Add an animation to comfort the user
Sometimes msfconsole takes a little while to start.

This adds a fairly common ASCII spinner to the startup sequence.

I haven't spec'ed it, and the code organization isn't great, so consider
this PR more of a cry for help than something immediately landable.

That said, it works for me.
2014-10-14 14:54:45 -05:00
William Vu 5c4f61057f
Show available actions for info 2014-10-14 12:41:02 -05:00
Pedro Laguna 70d1eefaa9 Update reverse_tcp.rb
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:

>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.

Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
2014-10-14 11:24:59 +01:00
Luke Imhoff 1f49f767dc
Extract Msf::DBManager::Import::Qualys::Asset
MSP-11124
2014-10-13 16:06:15 -05:00
Luke Imhoff a7d1577494
ImportMsfXml -> Import::MsfXml
MSP-11124
2014-10-13 15:46:13 -05:00
Luke Imhoff 87825d40b1
Fix migration.rb loading
MSP-11124
2014-10-13 15:39:15 -05:00
Luke Imhoff b8ea44235b
Remove nesting in Msf::DBManager::ImportMsfXml
MSP-11124

Don't use nested modules to prevent Msf::DBManager::ImportMsfXml from
being the declaring location for Msf::DBManager.
2014-10-13 15:37:16 -05:00
Luke Imhoff ef04261686
Fix indentation in Msf::DBManager
MSP-11124
2014-10-13 15:26:19 -05:00