infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
51,101 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2026 Commits (23a86e7ad2e6178cc7dbe6cef49a9f454d7d11bf)

Author SHA1 Message Date
Spencer McIntyre c8033d69c5 Use the new keyword style for v6 2018-03-30 13:56:15 -04:00
Spencer McIntyre bb17bdb6dd Fix adding IPv6 routes with subnets or cidr masks 2018-03-30 13:18:03 -04:00
Matthew Kienow f10924a5c0
Update cmd note operations, validation and output 2018-03-29 23:15:10 -04:00
James Barnett d23e33a7bc
Make workspace -v work with updates 2018-03-28 13:31:49 -05:00
James Barnett 1b6aa86d92
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces 2018-03-27 15:57:41 -05:00
William Vu e761d211b9
Land #9708, reload_lib command for msfconsole 2018-03-26 17:10:11 -05:00
James Barnett cfa03a999c
Finish moving current_workspace tracking to client 2018-03-26 15:58:47 -05:00
Matthew Kienow 991f4e35ea
Remove added regex options from search_term 2018-03-26 14:07:21 -04:00
Jon Hart d0ef5617fa
Merge master and resolve conflict 2018-03-23 14:25:21 -07:00
James Barnett def0e4d93b
Merge branch 'goliath' into MS-3062_workspaces 2018-03-23 11:37:01 -05:00
James Barnett 6c5a7a663a
Merge branch 'goliath' into MS-2879_db_export 2018-03-22 21:22:23 -05:00
James Barnett 466c97f114
WIP: move tracking active workspace to client side 
* Move the @current_workspace tracking to workspace proxy
* Create helper for handling workspace value in opts
* Call framework.db.proxy across dbmanager files now that active ws is tracked in proxy

NOTE: This commit throws an exception when adding a remote data service.
 2018-03-22 21:00:06 -05:00
Jon Hart a1287a0776
Remove blank before services output 2018-03-22 18:26:50 -07:00
Jon Hart 2ce8423883
Make vulns and notes with -o similar to services and hosts 
Now all of them will simply save the requested information to an output
file if specified and will let you know where the file is when done.
Previously, notes and vulns would also print out all of the notes and
vulns, which just felt weird and inconsistent.  So, I fixed it.
 2018-03-22 18:18:12 -07:00
Matthew Kienow 975948439d
Make vulns cmd option string literals consistent 2018-03-21 16:35:06 -04:00
Matthew Kienow 09bea3ec39
Remove vulns cmd help short-circuit 2018-03-21 16:34:11 -04:00
Matthew Kienow 553789557b
Merge branch 'goliath' into MS-2910-remote-vuln-read-update-delete 2018-03-21 01:45:58 -04:00
g0tmi1k 973d00aca0 Add a message about DisablePayloadHandler 
Based on 26bf96b3ce/lib/msf/core/exploit/exe.rb (L43)
 2018-03-20 13:04:41 +00:00
g0tmi1k 8463ed99b0 Add standardised header comments 2018-03-20 11:33:34 +00:00
James Barnett 90bebc2096
Convert workspace update to new api 2018-03-19 14:24:16 -05:00
Matthew Kienow cd7ecc4b74
Display vulns information column based on option 2018-03-19 14:29:38 -04:00
James Barnett 35bc8e905e
Refactor workspace delete to be consistent with other commands 2018-03-16 16:11:09 -05:00
James Barnett ac5669388a
Merge branch 'goliath' into MS-2879_db_export 2018-03-14 11:37:08 -05:00
Mehmet İnce 6811097bed Create reload_file method for edit and reload_lib cms 2018-03-14 11:47:23 +03:00
Matthew Kienow e4cc2a565a
Correct services cmd help message for protocol 2018-03-13 16:09:35 -04:00
Mehmet İnce 9b84477ddc Changing cmd name to reload_lib 2018-03-13 22:17:59 +03:00
Mehmet İnce b7f95b9cbe Add a loadlib command 2018-03-13 14:03:44 +03:00
James Barnett 2e287135c4
Fix bug in services search 2018-03-12 16:37:16 -05:00
Brent Cook 3f3ed4aa70 change replicant to clone module objects to copy singleton methods 
Without this, we are missing methods like exploit_simple.
https://coderwall.com/p/1zflyg/ruby-the-differences-between-dup-clone
 2018-03-12 15:46:03 -05:00
Brent Cook db6377134e restore original module RHOST on abort 2018-03-12 15:46:03 -05:00
Brent Cook 5d9f2266da handle passive exploits without RHOST 2018-03-12 15:46:03 -05:00
Brent Cook 4f824af696 add support for '-J' which is the opposite of '-j' 2018-03-12 15:46:03 -05:00
Brent Cook 17c8f7c4c7 support iterating across RHOSTS for exploits 2018-03-12 15:46:03 -05:00
Brent Cook 4ab36bc713 factor out exploit runner from command parsing 2018-03-12 15:46:02 -05:00
Brent Cook b456cd2c8c use RHOSTS in many places where we used RHOST 2018-03-12 15:46:02 -05:00
James Barnett b18ed03407
Merge branch 'goliath' into MS-2909 2018-03-07 14:55:50 -06:00
James Barnett c670748fe3
Update services signature 2018-03-07 13:59:09 -06:00
James Barnett c058d0fba0
WIP: port db_export command 2018-03-06 15:15:27 -06:00
christopher lee 68d72cbfa7 Goliath Cleanup in preparation for merge to master 2018-03-06 10:21:22 -06:00
James Barnett fd4032928e
Add services search 2018-03-02 10:57:35 -06:00
James Barnett 06d2482e86
Implement services update 
NOTE: This changes functionality for the services command flags.
Previously -s and -p were used for searching for services.
Now the commands will only be used for adds/updates.
If you would like to search, please use -s and pass a search string
 2018-02-28 15:12:23 -06:00
James Barnett dffbc67e71
Implement service delete 
Also fix bug searching for services by host address
 2018-02-27 17:17:07 -06:00
James Barnett c90fabee60
Implement remote service create 2018-02-27 14:20:43 -06:00
Matthew Kienow ecad74cf99
Add cmd_vulns search and delete operations 2018-02-22 19:05:18 -05:00
James Barnett d4440d049d Merge branch 'goliath' of github.com:clee-r7/metasploit-framework into goliath 2018-02-21 11:16:31 -06:00
James Barnett 3005a8b7ce
Merge branch 'rapid7/master' into goliath 2018-02-21 11:16:05 -06:00
Brent Cook 6734e532f5
Land #9562, avoid an error with aux module command dispatcher 2018-02-15 17:46:58 -06:00
Brent Cook a197997aca avoid chinese finger trap logic, put it all on one side 2018-02-15 17:45:09 -06:00
RageLtMan 177e1321ae Aux command dispatcher in exploit ctx with action 
The Auxiliary command dispatcher checks modules for passive actions
expecting them to have included Msf::Module::HasActions mixin. The
mixin is included in post and aux modules already, but not in
exploits. When the aux dispatcher handles an exploit module, it
may get upset along the lines of:
```
[-] Error while running command exploit: undefined method 'passive'
for #<Msf::Modules::M...3::MetasploitModule:0x0000000d83de0428>
Did you mean?  passive?

Call stack:
/opt/metasploit4/msf4/lib/msf/ui/console/command_dispatcher/
auxiliary.rb:106:in `cmd_run'
```

Avoid this mess by having the conditional which checks the methods
included by that mixin depend on the module having included the
mixin in the first place.

Testing:
  In local fork (hence the lineno) it seems to fix the problem.
  The problem condition and fix should be independently tested
upstream.
 2018-02-15 04:20:09 -05:00
Wei Chen b9faa9e92b Fix a typo 2018-02-09 20:28:55 -06:00
Wei Chen 81e0d56261 Always write the file as long as the option is set 2018-02-09 20:28:12 -06:00
Wei Chen 958513bd86 Fix #9522, Add output file support to the vulns command 
This adds a new feature for the vulns command for msfconsole. It
allows the user to be able to save the vulnerability as a CSV
file.

Fix #9522
 2018-02-09 19:45:46 -06:00
James Barnett effd0c3db2
Fix bug when not updating type 2018-02-08 16:07:20 -06:00
James Barnett f12405191e
Fix a few bugs and PR comments 2018-02-08 15:10:44 -06:00
James Barnett f114092445 Merge branch 'goliath' into MS-2833 2018-02-08 14:32:03 -06:00
James Barnett be1ce573e7
Fix style issue 2018-02-08 13:35:28 -06:00
James Barnett 1d2af0658c
Fix bug with updating loot type 2018-02-08 13:26:40 -06:00
jbarnett-r7 352cf295b5
Merge branch 'goliath' into MS-2833 2018-02-07 14:38:26 -06:00
James Barnett 5b35662dbf
Address PR comments 2018-02-07 14:21:31 -06:00
Matthew Kienow 52b8f405bd
Refactor change host methods, remove debug output 2018-02-06 18:54:05 -05:00
James Barnett 74f811d865
Add TODOs 2018-02-06 17:31:42 -06:00
James Barnett 6e2503bbd8
Add loot update 2018-02-06 16:16:22 -06:00
Matthew Kienow 629f79ebf7
WIP remote host update 2018-02-06 16:11:46 -05:00
James Barnett c72c41e7f3
Move loot search to db_manager 2018-02-05 16:43:02 -06:00
jbarnett-r7 f176e339bc
Merge pull request #12 from clee-r7/ms-2911 
Ms 2911
 2018-02-05 15:46:28 -06:00
christopher lee 1759621b03 Make 8080 default service port 2018-02-05 15:01:03 -06:00
christopher lee 020a28f5c7 Unify data service command 2018-02-05 13:28:17 -06:00
James Barnett 326fdacc41
couple of fixes 
- Handle bug with hostless loot
- include host data in the JSON
 2018-02-02 15:44:42 -06:00
James Barnett f52cf28e56
cmd_loot now queries on loot directly 2018-02-02 14:07:58 -06:00
christopher lee 5a899d5126 Renamed msfdb to avoid omnibus collision, removed inline data service startup code 2018-02-01 16:28:36 -06:00
christopher lee 3bc0608579 Finish POC cleanup 2018-02-01 13:59:15 -06:00
christopher lee 59bc1a34d5 Remove 'puts' logging and cleanup AWS poc 2018-02-01 13:38:20 -06:00
James Barnett fc7ab6cbff
Merge branch 'externalize-host-data-search' into MS-2833 2018-02-01 11:24:11 -06:00
Matthew Kienow 5c38207a8e
WIP externalize host data search 2018-01-31 16:34:42 -05:00
James Barnett 858981d814
Convert hosts delete to use id method 2018-01-24 17:38:51 -06:00
James Barnett 5505996518 Add loot delete 2018-01-24 16:42:16 -06:00
Matthew Kienow 2ffd627c56
Merge branch 'goliath' into add_https 2018-01-23 18:59:59 -05:00
James Barnett bfcb7f2e50
Add long option for cert. 2018-01-23 17:10:10 -06:00
Brent Cook aae77fc1a4
Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-22 23:10:36 -06:00
James Barnett d10cd2d92a
Add verification methods to HTTPS 
This commit enables peer verification for SSL.
It also gives the user options to verify the server if the server uses a self-signed cert.
There is an override to skip verification as well.
 2018-01-22 18:08:16 -06:00
christopher lee 2521c941d4 Ported singleton calls 2018-01-22 14:57:28 -06:00
William Vu a255586750 Refactor to use guard clauses 2018-01-22 12:38:02 -06:00
James Barnett 8022294d1d
Fix bug with -s flag 2018-01-19 16:18:20 -06:00
James Barnett 4f3ee6dd83
Address PR comments regarding command options 2018-01-19 15:46:24 -06:00
christopher lee d5978803eb Fix all failing rspec for goliath 2018-01-19 15:16:19 -06:00
James Barnett b8296a809c Merge branch 'goliath' into add_https 2018-01-19 13:33:24 -06:00
James Barnett ff9c69c7c8
Merge branch 'rapid7/master' into goliath 2018-01-19 13:28:17 -06:00
James Barnett 0654979be6
Remove separate code path for openstruct for creds. 
Also fix RemoteCredentialDataService to work with json_to_mdm
 2018-01-18 13:27:33 -06:00
Brent Cook df71defdea fix library-specific error messages to not appear with modules 2018-01-18 05:55:51 -06:00
Brent Cook 7fe237abe1
Land #9220, Module cache improvements 2018-01-17 22:34:51 -06:00
Brent Cook facecb40d7 change default prompt for users who use '-q' 2018-01-17 22:01:34 -06:00
Brent Cook cbd1a2a505 update default startup with version info 2018-01-17 21:59:53 -06:00
James Barnett b2666ad3f2
Update host delete method to return full objects of deleted hosts 2018-01-11 16:12:25 -06:00
James Barnett 16cdf1c9f4
Add help text to cmd_add_data_service 2018-01-04 16:41:42 -06:00
James Barnett 5058c2d36f Merge branch 'goliath' into add_https 2018-01-03 10:51:22 -06:00
James Barnett 92e435898b
Missed a file in the merge somehow 2018-01-02 17:38:41 -06:00
James Barnett 4aac8f5c39
Merge branch 'rapid7/master' into goliath 2018-01-02 17:34:40 -06:00
HD Moore 258ce2ceb2 Allow stub payloads to be autoselected when compatible 2017-12-28 16:19:22 -06:00
Matthew Kienow 5e4836b1e9
Implement hosts remote data store delete 
Also, resolve an issue when adding a host where the client-side
raises an exception.
 2017-12-26 23:09:23 -05:00
Brent Cook 05c6079e0d remove unused 'active_resource' accessor 2017-12-20 06:15:09 -06:00
William Vu 0a1eea9860 Allow local_editor in cmd_edit to take arguments 
Such as vim -i NONE. This may allow command injection via arguments.
However, you can already start an arbitrary program by setting
LocalEditor or escaping the editor.

msf > setg LocalEditor /bin/sh
LocalEditor => /bin/sh
msf > edit -i
[*] Launching /bin/sh -i
$
 2017-12-14 19:51:57 -06:00
James Barnett 973f3bacd8
Remove require statements for remote_service_endpoint 2017-12-13 11:31:29 -06:00
James Barnett 74c00cf8ba
WIP: Enable HTTPS client. 
Removed RemoteServiceEndpoint and using URI instead.
 2017-12-12 16:42:20 -06:00
Brent Cook c15f379343 remove some unneeded backward-compat code 2017-12-04 22:27:21 -06:00
William Vu 19b37c7070
Land #9263, drb_remote_codeexec fixes 
See pull requests #7531 and #7749 for hysterical raisins.
 2017-12-04 18:45:03 -06:00
Brent Cook 09dd5b8489 fix check command to not require an rport _method_ 2017-11-30 10:51:21 -06:00
Brent Cook e5a5d35ad8 add 'promptname' that expands the module path a bit more 
This allows the user to actually see the module context.
 2017-11-29 19:49:43 -06:00
Brent Cook 55f56a5350
Land #9110, added -C option to change default hosts columns 2017-11-29 17:48:44 -06:00
Brent Cook 0aeb245c9c
Land #9252, docker improvements 2017-11-29 17:15:47 -06:00
William Vu f132c1572f
Fix #9194, clarified error for reloading modules 2017-11-28 17:15:56 -06:00
Christian Mehlmauer 50351320d7
more docker work 2017-11-28 21:35:20 +01:00
William Vu 65412cd2f1
Land #9201, enhanced tab completion 2017-11-27 11:37:04 -06:00
christopher lee fe1af35107 First pass at changes needed for module metadata caching 2017-11-15 16:38:01 -06:00
James Barnett ebcf6924d5
Add a command to performance test HTTP 2017-11-14 11:50:16 -06:00
Spencer McIntyre fb7635502d Tab completion for exploit and handler commands 2017-11-11 17:11:54 -05:00
Spencer McIntyre 68a43fef36 Add the new generic tab completion functoin 2017-11-11 16:47:11 -05:00
William Vu 97859ebf8c Clarify XXX comment no user will ever see anyway 2017-11-09 15:23:37 -06:00
William Vu 577baf6070 Add a check for .rb in cmd_edit 2017-11-09 15:17:53 -06:00
christopher lee 43ddc66350 Initial fix for non db cache 2017-11-07 10:33:47 -06:00
Spencer McIntyre d815e42ccf Add a generic tab completion function 2017-11-01 20:38:45 -04:00
Spencer McIntyre 1462330f34 Add tab completion to the payload generate command 2017-10-31 20:33:31 -04:00
Spencer McIntyre 940573ad49 Support ruby directives in Meterpreter rc scripts 2017-10-29 15:57:33 -04:00
William Vu 73c9807c55 Add module support for sessions -s 2017-10-27 12:28:53 -05:00
James Barnett a4914074fb Merge branch 'goliath' into loot_and_creds 2017-10-24 12:01:32 -05:00
Tim ca4feb5136 fix session upgrading 2017-10-23 01:26:45 +08:00
Dave Farrow 636551aa03 Fixed help message to match test 2017-10-20 21:32:54 -07:00
Dave Farrow ea1ac3d5b3 #9108: added -C option to change default hosts columns 
The -C option saves the column list the user provided and uses that as the default column list until msfconsole is restarted
 2017-10-20 20:39:38 -07:00
William Vu 8e5deac3f4 Fix nil bug in setting PromptChar without Prompt 2017-10-20 00:38:01 -05:00
christopher lee 2c8f27cd98 More general cleanup including is_local db check 2017-10-16 17:07:26 -05:00
James Barnett 5232e9926e
creds command converted 2017-10-16 15:27:53 -05:00
Adam Cammack 436b72d4cc
Land #9023, Add tab completion to the edit command 2017-10-09 11:37:12 -05:00
William Vu 27dcc162b2 Revert to Vim because ed is the standard editor 
https://www.gnu.org/fun/jokes/ed-msg.html
 2017-10-09 11:34:45 -05:00
James Barnett 56e95f15c9
Land #9024, fix bug when manually adding loot 
cmd_loot was throwing a stack trace when the host was not properly defined.
This fixes it to give a useful error message.
 2017-10-06 16:02:12 -05:00
William Vu 5b9a4d73ee Readd hostless loot display 
In the chance event someone actually managed to store it.
 2017-10-02 23:31:44 -05:00
William Vu 403b5e2fa8 Move TARGET check into option_values_payloads 2017-10-02 23:22:42 -05:00
William Vu 9941097a5c Remove extraneous else 2017-09-29 19:01:04 -05:00
William Vu 6de986bd70 Fix cache invalidation bug in tab completion 
We use active_module instead of cmd_use to invalidate @cache_payloads,
since the ivar is no longer shared between cmd_set and cmd_use.

Fixes #8483. See #7655.
 2017-09-29 18:01:50 -05:00
William Vu 0723477b49 Fix nil bug in loot -a and nix hostless loot 
Apparently you can't actually store hostless loot.
 2017-09-29 16:16:16 -05:00
William Vu 1ec968192b Add tab completion to the edit command 2017-09-29 15:43:53 -05:00
bwatters-r7 e0fee9e317
Land #8821, Expose session naming 2017-09-29 15:32:47 -05:00
christopher lee 293d1edeb1 Merge master: 8853193542 2017-09-29 11:06:16 -05:00
James Barnett ed74c3726f
Proxy session events. 
This enables modules to use report_loot with a remote data service
 2017-09-28 17:03:09 -05:00
James Barnett 0b29408aa2
Allow filtering of loot 2017-09-26 13:48:01 -05:00
Adam Cammack 968ae8e267
Land #8925, Allow `edit` to optionally take a path 2017-09-26 13:32:39 -05:00
James Barnett 40abbccb03
Merge remote-tracking branch 'rapid7/master' into proxy_loot 2017-09-22 14:10:02 -05:00
James Barnett f87adf53c6
Print host with loot output 2017-09-22 13:06:44 -05:00
James Barnett 812ad9f9cb
loot printing (maybe) working 2017-09-21 15:20:49 -05:00
James Barnett 765ea01e9f
loot posting working 2017-09-18 15:58:40 -05:00
christopher lee 2cd9649139 Added msf red connection mechanism 2017-09-14 12:57:03 -05:00
Tim 9afb09813f update cmd_edit_help text 2017-09-13 14:54:35 +08:00
christopher lee 000f561d6f Added session data export 2017-09-08 11:09:15 -05:00
Tim bc02df16b3 update cmd_edit_help 2017-09-06 16:04:54 +08:00
Tim e83e4d0a7e add argument to cmd_edit 2017-09-06 11:30:28 +08:00
Tim 636d1a5fcb fix #8921, fix crash on nmap tab completion 2017-09-05 16:36:14 +08:00
Adam Cammack d6ed1f6f8d
Make backgrounding messages more consistent 
Inspired by the work in #8896
 2017-08-28 11:19:17 -05:00
Marc Green d50c7d7f5c Output job id when jobifying exploit 2017-08-28 14:36:04 +02:00
William Vu b797e96a19 Remove nil check because blank? handles it 
The check used to be session_name.strip.empty?, but I forgot to remove
the nil case when I converted to blank?.
 2017-08-25 14:11:59 -05:00
christopher lee c09796ea7e Merge master 2017-08-23 11:37:04 -05:00
William Vu 100afaf251 Add ./ to cmd_use for paths and simplify cases 
Don't accommodate typos.
 2017-08-23 10:24:37 -05:00
William Vu 5b7785438f Add session naming support to CommandDispatcher 2017-08-16 18:18:49 -05:00
christopher lee 53530b358b Bug fixes 2017-07-13 10:46:54 -05:00
William Vu 18c9ac7abb Update stdin processing in resource scripting 
Originally in #4674, I wanted to add stdin to msfconsole -r, but I
purposefully left off support for stdin in the console. Now it works.
 2017-07-12 13:40:44 -05:00
christopher lee b81e9a4d2a Pass 1: externalize database 2017-07-07 13:33:42 -05:00
Brent Cook 06aa239d47 pass loggger conditionally to common search function 2017-07-03 16:22:47 -05:00
David Maloney 1cbc4af6b6
Land #8606 
land's bcook's module search rpc work
 2017-06-30 14:58:46 -05:00
William Vu 1637f55c65 Handle ArgumentError when previous gets args 
Dumb patch.
 2017-06-27 00:41:26 -05:00
Brent Cook 5635e81a87 export module.search command 2017-06-24 15:50:37 -05:00
Brent Cook e0695cbf9b add a framework-wide search method 2017-06-24 15:09:32 -05:00
Brent Cook 8eceef18d9 refactor search, separate search bits from output 2017-06-24 14:51:14 -05:00
RageLtMan 42d1fae2e6 Upstream console search additions and fixes 
The -S flag for console commands, backed by search functionality
in Rex' tables, originally pushed upstream in #1604 (iirc), lacks
coverage for a number of commands which benefit a good deal from
inline filtering of the potentially large number of results.

Push more -S flags and surrounding table functionality upstream
to provide coverage for the console commands included in framework.

Include a fix for deleting hosts when DB references are a problem.

Include a fix for the upstream route command wherein scope must be
defined for the routing target by assuming a /32 without explicit
definition.

Note:
  With this in place, console behavior when filtering results is
roughly analagous to the R7 filtering in web UI, which should help
those of us trying to use both maintain corresponding workflows.

Testing:
  Used in-house for years, though changes to the diff from upstream
and our fork (expunging some internal code) are untested, so would
appreciate eyes and hands on.
 2017-06-16 20:28:51 -04:00
William Vu 4198efa41f
Remove pry from CommandDispatcher::Creds... 
My bad. Should have been caught in #8517.
 2017-06-08 00:18:46 -05:00
William Vu 596924552e Fix literal \n in jobs -i 
Regression from #4063.
 2017-06-07 03:19:30 -05:00
darkbushido f4013b02e1
renaming db_common to common 
this moves the following methods into common
  arg_host_range ( used in creds and db )
  arg_port_range ( used in creds and db )
  set_rhosts_from_addrs ( used in creds and db )
  show_options ( used in jobs and modules )
 2017-06-05 14:19:18 -05:00
William Vu abeececb46
Land #8493, creds -R fix with DbCommon 2017-06-01 14:19:16 -05:00
darkbushido 2682874652
fixing a busted -R on creds search 
I broke this when moving creds to its own file.
 2017-05-30 15:56:51 -05:00
Brent Cook b7620e13a3 remove special case check for invalid options 2017-05-27 00:53:14 -05:00
William Vu 78148c7979 Prefer && instead of and 
I think @zeroSteiner's been writing a lot of Python. :-)
 2017-05-14 22:19:15 -05:00
Spencer McIntyre 70bfdf17b2 Check payload options before showing RHOST warning 2017-05-13 14:46:07 -04:00
James Lee bf2abaeeaf Make `help route` more informative 2017-05-02 11:07:08 -05:00
William Vu 7de2aa1a63 Update Nmap parser to handle masscan 
masscan is missing <status>, meaning hosts aren't treated as alive.

Thanks to @jhart-r7 and @jlmurray for working on this previously.
 2017-04-03 02:26:14 -05:00
HD Moore b5771b0f72 Get into the DANGER ZOOOOOOONE 2017-03-31 12:26:42 -05:00
wchen-r7 1c3c2ecdc6 Add -h for the check command 
Because even I don't remember what it can do anymore.
 2017-03-24 11:47:36 -05:00
wchen-r7 18cdb2f82f Add a -l option to the load command to list plugins 
This allows the load command in msfconsole to list all the
available plugins in Framework.
 2017-03-14 14:15:52 -05:00
William Vu febe9625dd Add rcheck/recheck to aux modules and exploits 2017-03-09 15:30:34 -06:00
Brendan Coles 1aec2203e5 Warn when setting RHOST option for module which expects RHOSTS 2017-03-07 21:02:30 +00:00
William Vu 79c01a9577 Fix ancient copypasta of Aux to Post 
Specifically a crash in the run command's help.
 2017-03-02 01:24:27 -06:00
Rich Whitcroft f08478e02f fix handler persistence 2017-02-20 13:51:07 -05:00
dmohanty-r7 c4f1e0db1f
Land #7913, Fix Console Route Print with ipv4 and ipv6 2017-02-17 17:42:57 -06:00
William Vu ba80e1d9e5 Fix report_vuln for aux/scanner checks 
Msf::Auxiliary::Scanner#setup sets it to nil in instance.check_simple.
 2017-02-06 01:20:18 -06:00
Josh Hale 02afc3af96 Add lines for no IPv4/IPv6 routes 2017-02-05 17:38:30 -06:00
Josh Hale 79b92ccdc7 Fix for Route Print IPv6 Error 2017-02-04 16:21:55 -06:00
darkbushido e5d8a64770 adding the ability to create logins 2017-01-30 10:43:27 -06:00
darkbushido 39d702ebd9
changing the syntax to work with ruby 2.1 
Fixes #7881
 2017-01-27 11:20:26 -06:00
Brent Cook ac2ceca5e3
Land #7804, Switch the creds command to use named options 2017-01-22 10:49:19 -06:00
Brent Cook 6a2d036ea8 depend on regular rb-readline, bugs fixed upstream 2017-01-22 10:20:05 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
Brent Cook b94eefe724
Land #7771, Add history deduplication 2017-01-18 21:06:42 -06:00
William Vu ef487f6be5 Remove history clearing 2017-01-18 14:55:12 -06:00
William Vu 77c78fa5f4 Move Rex::Text::Table workspace output to -v 2017-01-15 23:15:14 -06:00
William Vu 38382bb61a Convert workspace command to Rex::Text::Table 
Still can't get over how it's called "loots." :D
 2017-01-15 03:26:35 -06:00
William Vu 601a88dad7 Update cmd_unload in CommandDispatcher 2017-01-12 19:29:28 -06:00
bwatters_r7 b3e8c3376d
Land #7788, Add ability to interact with a manually backgrouned session 2017-01-10 08:55:00 -06:00
darkbushido 3e1cd0c789
adding a check to make sure you only give a signle private type 2017-01-09 15:13:36 -06:00
darkbushido 6bd2e03f37 dding realm tests showed a bug. its now squashed. 2017-01-09 13:04:34 -06:00
darkbushido 3674b25885 fixing the tests, more need to be added 2017-01-09 13:04:34 -06:00
darkbushido a3b1f7e360 the commands now work, onto tests 2017-01-09 13:04:34 -06:00
darkbushido 23cbc99341 changing the creds add command to use named params 2017-01-09 13:04:34 -06:00
darkbushido c179e0358f origin_type manual requires a user... 2017-01-09 13:04:34 -06:00
darkbushido ed3b34179b moving creds to its own dispatcher 2017-01-09 13:04:34 -06:00
William Vu 1a04691201
Fix #2504, edit command fixes I missed 3y ago 
local_editor was never nil, so there was some dead code.
 2017-01-08 03:02:19 -06:00
David Maloney 10cfadaf98 add optional output to merterp run_cmd 
the run_cmd method on meterpreter sessions can now
take an optiona output IO to redirect output. This allows
backgrounded sessions to also run commands and still output
to the console
 2017-01-05 12:12:20 -06:00
Brent Cook d9be9f3b2e
Land #7764, add to_handler command to launch a handler from the payload module 2017-01-02 15:40:38 -06:00
Brent Cook 35bb725f19 rubocop fixes for payload dispatcher 2017-01-02 15:39:48 -06:00
William Vu fdfa8b8fdb Remove erroneous newline 2016-12-30 19:09:37 -06:00
William Vu db90d541fb Add history deduplication and clearing 2016-12-30 19:02:47 -06:00
William Vu 73d454387c
Fix #7765, additional fixes for history command 
1. Really fix crash by restoring default behavior
2. Add whitespace padding to command number
3. Refactor logic a bit for clarity
 2016-12-30 18:21:24 -06:00
William Vu 3ff74f019d
Fix #7765, history command fixes and improvements 
1. Fix crash when no arguments are specified
2. Print history index starting at 1 like every shell
3. Fixed wording/phrasing
4. Fixed formatting/whitespace
 2016-12-30 17:35:18 -06:00
Luis Fontes e729254b4f minor tweaks 
added dots to the end of lines,
checked val for nil before runing match
 2016-12-30 19:30:01 +00:00
Luis Fontes f073e78838 replaced hardcoded value variable 2016-12-30 08:49:13 +00:00
Luis Fontes e7249742b3 Added the history command 
Added the "history" command to see a list of commands used before.

```
msf exploit(handler) > history -n 4
2344  set PAYLOAD windows/meterpreter/reverse_tcp
2345  set LHOST 10.0.1.109
2346  exploit
2347  history -n 4
msf exploit(handler) > history -h
Usage: history [options]

Show the command history


OPTIONS:

    -a        Show length commands in history
    -h        Help banner.
    -n <opt>  Show the last n commands

msf exploit(handler) > 
```
 2016-12-29 17:03:54 +00:00
Luis Fontes cb0a7986bf Added to_handler command 
This commit adds a "to_handler" command to msfconsole when "using" a payload.

After generating a payload from msfconsole, we needed to set multi/handler and the payload with the same param as we used to generate it. That was really boring...
The to_handler command creates the handler and sets the payload and the options set for it.

### Example Output:





```
msf > use payload/windows/meterpreter_reverse_tcp 
msf payload(meterpreter_reverse_tcp) > set LHOST 10.0.1.109
LHOST => 10.0.1.109
msf payload(meterpreter_reverse_tcp) > set LPORT 3377
LPORT => 3377
msf payload(meterpreter_reverse_tcp) > show options

Module options (payload/windows/meterpreter_reverse_tcp):

   Name        Current Setting  Required  Description
   ----        ---------------  --------  -----------
   EXITFUNC    process          yes       Exit technique (Accepted: '', seh, thread, process, none)
   EXTENSIONS                   no        Comma-separate list of extensions to load
   EXTINIT                      no        Initialization strings for extensions
   LHOST       10.0.1.109       yes       The listen address
   LPORT       3377             yes       The listen port

msf payload(meterpreter_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0
[*] Started reverse TCP handler on 10.0.1.109:3377 
[*] Starting the payload handler...
msf payload(meterpreter_reverse_tcp) > 
```
 2016-12-28 20:03:40 +00:00
Brent Cook a4950a1598 add auto-complete info for 'show info' 
msf > use auxiliary/admin/http/nuuo_nvrmini_reset
msf auxiliary(nuuo_nvrmini_reset) > show
show actions    show all        show encoders   show exploits   show missing    show options    show plugins    show targets
show advanced   show auxiliary  show evasion    show info       show nops       show payloads   show post
 2016-12-27 15:48:41 -06:00
Brent Cook 9e75866188
Land #7738, Add sort by column to services and hosts commands 2016-12-22 01:10:45 -06:00
William Vu 574ebd07d7 Update cmd_hosts 2016-12-20 23:32:10 -06:00
h00die cc293f06fe
Adds some fail safes to cmd_use 2016-12-20 22:08:41 -05:00
William Vu 11e3e1f3dd Handle a couple more edge cases 
I don't want to go any further down the rabbit hole.
 2016-12-20 18:36:22 -06:00
William Vu 41605c533c Add reference name enforcement to cmd_use 2016-12-20 18:21:24 -06:00
OJ ee4caba646
Remove `terminal` and tweak `sessions` 
Hopefully everyone is now happy!
 2016-12-20 07:50:07 +10:00
OJ 74040c4ee6
Rename the `sess` command to `terminal` 
Lots of people have been frustrated by the `sess` command as it mucks
with the autocomplete for `sessions`. This is a fair concern, especially
given that `sess` was intended to be a non-annoying shortcut.

This commit changes the `sess` command so that it is instead called
`terminal`. I couldn't think of a better option that didn't already
clash with another name or meaning. At least `terminal` is something
that doesn't clash, doesn't muck with any existin autocomplete rules,
and is in some way another name for the existing sessions.

Feedback appreciated!
 2016-12-19 17:05:04 +10:00
David Maloney 8b02f422f7 add meterpreter cmd interaction to console 
add the -C flag to the sessions command to trigger
meterpreter commands on sessions without going
full interactive
 2016-12-15 23:17:06 -06:00
William Vu ad7b3dac2d Account for negative indices 2016-12-12 14:24:24 -06:00
William Vu b9e9d97479 Add -O (order_by) to services (cmd_services) 2016-12-12 14:24:24 -06:00
David Maloney 74b3a00035
fix payload datastore merge 
fix the way we merge the payload datastore in so
the options actually take
 2016-12-07 14:04:42 -06:00
David Maloney 606232828f
freeze punk, it's rubocop! 
rubocop autocrrecting a bunch of stuff *fingers crossed*
 2016-12-06 17:17:56 -06:00
David Maloney dc53057639
more bcook fixes 
the rebase lost some of these
 2016-12-06 17:14:22 -06:00
David Maloney c8f6ac99a1
reapply bcook's indentation fixes 2016-12-06 16:52:46 -06:00
David Maloney d3225ce2fb
Merge branch 'master' into feature/handler-command 2016-12-06 16:51:57 -06:00
Brent Cook d091a32be8 whitespace/indentation 2016-12-06 16:37:22 -06:00
David Maloney 62f0e7b20a
add the handler console command 
sometimes, as a user, you need to start a handler
but don't want to exit your current console context.
The new handler command allows a user to spin up a handler
in background job without switching contexts
 2016-12-06 14:04:39 -06:00
David Maloney f56c7f9a8e
cosmetic touchups 2016-12-05 11:25:56 -06:00
David Maloney d85f9880ff
fix command dispatcher specs 2016-12-05 11:16:15 -06:00
David Maloney ab2e88a49e
created modules command dispatcher 
moved all commands related to navigating around
modules, editing them, and viewing their info into
a new command dispatcher
 2016-12-05 10:30:18 -06:00
David Maloney 6557a84784
add resource command dispatcher 
move resource script related commands into
their own command dispatcher
 2016-12-05 09:20:07 -06:00
David Maloney 2008dcb946
create jobs command dispatcher 
split the jobs related commands into their own
command dispatcher to start cleaning up the 'core'
dispatcher
 2016-12-05 09:12:52 -06:00
Brent Cook 7c1fa3eb51 fix 'info -d module', it assumed active module only 2016-10-08 19:31:00 -05:00
Brent Cook 6241e48b34
Land #7350, add 'sess' command for direct session switching support 2016-09-29 23:18:53 -05:00
OJ af4b1cf48f
Add the `sess` command to MSF and Meterp shells 
This new command is a simpler shortcut that allows for moving around sessions much faster from within the console.

* From inside MSF, `sess <id>` is shorthand for `sessions -i <id>`
* From inside Meterp, `sess <id>` is shorthand for `background; sessions -i <id>`

In the latter case, if the session being switched to is the same id, then no swiching happens.
 2016-09-22 16:09:59 +10:00
Brent Cook b4b709d921
Land #7342, remove OSVDB links and references from library code - leave in modules 2016-09-22 00:45:05 -05:00
William Vu fda5faf4ed
Land #7346, route command fixes 
Also adds session -1 support.
 2016-09-21 15:44:24 -05:00
Spencer McIntyre a3e3bbf2b0 Remove unnecessary reference to idx 2016-09-21 12:42:25 -04:00
Spencer McIntyre 08836a317d Fix "route add" error and support using session -1 2016-09-21 12:02:30 -04:00
Spencer McIntyre 0671e854a9 Default the route command to printing the table 2016-09-21 10:36:59 -04:00
“Brian 4ff8235304
Remove semicolon 2016-09-20 17:57:48 -05:00
“Brian 53170cca01 msfconsole command 
resolves #7330

Warns the user if they try to run msfconsole in msfconsole and does not let them do it
 2016-09-20 17:46:25 -05:00
Brent Cook 1b31e0a63e remove osvdb links 2016-09-20 14:27:59 -05:00
David Maloney 405c59b8b8 move bidirectional pipe into rex/ui/text 
this didn't really fit with the rest of rex::io and it inherits
from inside rex/ui/text so just put it there

MS-1715
 2016-09-07 11:34:04 -05:00
David Maloney eb73a6914d
replace old rex::ui::text::table refs 
everywhere we called the class we have now rewritten it
to use the new namespace

MS-1875
 2016-08-10 13:30:09 -05:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
wchen-r7 dbcdc300e5 Fix #7019, Pad host field in notes -d command 
The notes -d command is always expecting a host address, but
fileformat exploits don't have this type of information when the
exploit file is generated, therefore there isn't enough fields
provided for Rex table.

Fix #7019
 2016-06-30 15:38:58 -05:00
James Lee 5d4cc7ab40
Add nodejs to list of defaults 2016-06-24 16:06:50 -05:00
thao doan f5bfc84453 Land #6977, Add a more verbose message when generating module documentation 2016-06-15 14:55:55 -07:00
h00die 78775f7833 first attempt at 6964 2016-06-15 07:44:32 -04:00
David Maloney ffa4177575
missed a few joins 
missed a few joins statements before

MS-1593
 2016-06-01 15:32:51 -05:00
David Maloney 2047475901
host tags commands eagerloaded instead of joining 
someone tried to fix a rails deprecation warning by doing an
eager load, but caused an actual exception instead. switching to
propper joins makes everything work properly

MS-1593
 2016-06-01 13:50:38 -05:00
Brent Cook f29463f119 include {peer} in the context of the command dispatcher 2016-05-23 14:55:58 -05:00
wchen-r7 ffc91a193c Fix #6841, info -d [module path] not spawning module documentation 
Fix #6841
 2016-05-02 14:23:29 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
Brent Cook 57ab974737 File.exists? must die 2016-04-21 00:47:07 -04:00
James Lee 8cc1d2ec89
Make advanced and evasion options readable 2016-04-05 15:05:58 -05:00
RageLtMan 992df12fa7 Address ActiveRecord deprecation warning 
AR will start to complain about eager loading in command_dispatcher
/db.rb:519 because it references hosts as string without explicitly
stating that the table is being referenced.

Add a call .references in the AR call chain after the where clause
to silence this abysmal warning.
 2016-04-02 00:22:26 -04:00
wchen-r7 797acd625d
Land #6714, Kill defanged mode 2016-03-30 10:54:56 -05:00
James Lee f1857d6350
Kill defanged mode 2016-03-28 09:02:07 -05:00
wchen-r7 57984706b8 Resolve merge conflict with Gemfile 2016-03-24 18:13:31 -05:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
James Lee a878926f31
Remove unused datastore option 2016-03-16 14:13:17 -05:00
Brent Cook 5a72f2df16 remove subversion support 2016-03-15 22:00:32 -05:00
Brent Cook 3b6a3374ae prefer explicit defaults to implicit 2016-03-15 20:58:14 -05:00
Brent Cook 654590911b Enforce integrity of datastore options on assignment 2016-03-15 14:00:32 -05:00
HD Moore 42689df6b3 Fix a stack trace with ``set PAYLOAD`` in ``msf>`` context 2016-03-13 14:56:54 -05:00
David Maloney 15ba85bac2
fix missed deprecations 
missed some deprecation warnings
 2016-03-09 13:29:35 -06:00
Brent Cook a2c3b05416
Land #6405, prefer default module base class of simply 'Metasploit' 2016-03-06 17:10:55 -06:00
Brent Cook 85acfabfca remove various library workarounds for the datastore not preserving types 2016-03-05 23:10:57 -06:00
wchen-r7 5f510df2ab Resolve merge conflict with upstream's Gemfile.lock 2016-03-01 22:06:17 -06:00
wchen-r7 24530e2734 Scrollable list, tab name change, print_status 2016-02-19 20:46:39 -06:00
Louis Sato 9ba82453f8
Land #6584, cidr notation addition for route command 2016-02-19 12:20:00 -06:00
Brent Cook 1e58b1574a
Land #6502, add -x flag for showing extended sessions info 2016-02-18 15:37:41 -06:00
Brent Cook d316609fef put extra columns under the -x flag 2016-02-18 15:36:43 -06:00
wchen-r7 a5f3bddfc8 Support RPC API 2016-02-18 00:39:12 -06:00
wchen-r7 089d6985b6 Add more demo templates 2016-02-18 00:17:32 -06:00
James Lee 28e6d8ef9e
Allow CIDR notation for the route command 2016-02-17 09:44:32 -06:00
wchen-r7 b0cfb4aacf Add info -d to show module documentation in .md 2016-02-16 22:44:03 -06:00
James Lee 35e0a433ea
Make error output more useful 2016-02-16 14:45:00 -06:00
Brent Cook 3d1861b3f4 Land #6526, integrate {peer} string into logging by default 2016-02-15 15:19:26 -06:00
Brent Cook 2386cb1344
Land #6527, add support for importing Burp suite vuln exports 2016-02-10 13:19:21 -06:00
Brian Patterson 4dcbd7c1ae
Add a nokogiri xml stream parser for Burp issue xml and rename original burp parser to burp session parser so both are supported. 2016-02-04 10:30:56 -06:00
William Vu 93bdea0a60 Add tab completion for ReverseListenerBindAddress 2016-02-01 13:57:45 -06:00
OJ 7b4f3f8148 Remove -vv, restore -v and add -ci 2016-01-29 11:52:21 +10:00
James Lee ad026b3a7a
Add #peer to Tcp 2016-01-28 13:58:24 -06:00
OJ 69d9ff7958 Add an extended mode to the session list 2016-01-25 22:36:13 +10:00
Christian Mehlmauer 8f4752d11e show load warnings to the user 2016-01-22 23:38:45 +01:00
Manuel Mancera 4ab58caa93 Fix the help option for vulns command 2016-01-11 22:19:44 +01:00
James Lee 2dd59a932b
Clean up some warnings 2016-01-04 16:02:43 -06:00
James Lee 05d8f9d186
Make sure addr is not nil 
See http://ruby-doc.org/stdlib-2.2.2/libdoc/socket/rdoc/Socket/Ifaddr.html#method-i-addr
Which says:
    Returns the address of *ifaddr*. nil is returned if address is not
    available in *ifaddr*.

I ran into this with a teql interface, but who knows what else might
trigger it.
 2016-01-04 15:58:03 -06:00
Chris Doughty bb857e7a33 Add new line after json output for cleaner usability 2015-12-30 14:32:31 -06:00
Chris Doughty 3f98511d7c Cleanup logic to force an output type 2015-12-29 15:11:16 -06:00
Chris Doughty 29ea553e03 Adding a json formatting option to the info command 2015-12-29 13:57:35 -06:00
wchen-r7 fa390358a2 Add linux/x86/meterpreter/reverse_tcp to the preference list 
linux/x86/meterpreter/reverse_tcp was not added to the preference
list, because at the time it was reliable. For example: it would
crash while running a post module. This is not the case anymore,
so it looks like linux/x86/meterpreter/reverse_tcp is ready to
serve.
 2015-12-21 23:09:54 -06:00
jvazquez-r7 58cf9f4fcd
Land #6301 for sure, @busterb's REALLY wants to delete go_pro :) 2015-12-02 09:38:40 -06:00
jvazquez-r7 545e8a2ea0
Land #6301, @busterb removes the go_pro command 2015-12-02 09:28:08 -06:00
Brent Cook fbeaeb2877 remove more unneeded machinery for go_pro 2015-12-01 22:32:50 -06:00
Brent Cook 6ab2919c40 remove go_pro command 2015-12-01 15:29:21 -06:00
wchen-r7 c888726a1a Fix #6287, check DisablePayloadHandler value in exploit.rb 
It looks active_module datastore options are always strings. They
are actually different than what the module uses (normalized), so
we have to always have to check it.
 2015-11-26 18:30:31 -06:00
wchen-r7 776455d10a Add another sound and event 
Add sound: "We've got a shell"
Add event on_session_fail
 2015-11-25 22:46:51 -06:00
James Lee 596b2b025d
Land #6173, improve advanced, info, and options 2015-11-04 13:40:49 -06:00
Spencer McIntyre 1fbc4da36c Fix tab completion for set StageEncoder 2015-11-03 17:32:41 -05:00
Jon Hart a4c260f7be
Simplify docs 2015-11-02 09:51:40 -08:00
Jon Hart 0dc6f6605b
Remove errant options print 2015-11-02 09:48:48 -08:00
Jon Hart c54f034f62
Correct help feature 2015-10-30 12:34:34 -07:00
Jon Hart 377017a2d5 Include module name in advanced options output 2015-10-30 11:54:44 -07:00
Jon Hart 0091a05fa6 Add 'advanced' and 'options' commands to mirror 'info' 2015-10-30 11:54:40 -07:00
Jon Hart 6bfa6095c6 Add 'show info'; just calls 'info' 2015-10-30 11:54:35 -07:00
wchen-r7 4e20b8f369 Fix #5875, Add report_vuln for Msf::Exploit::CheckCode::Vulnerable 
Msf::Exploit::CheckCode::Vulnerable requires the module to be
explicit, as in actually triggering the bug and get a vulnerable
response, therefore it should be appropriate to use report_vuln
to report it.

Other vuln check codes (such as Appears, or Detected, etc) will
not call report_vuln, because it's not explicit enough.
 2015-10-29 13:22:59 -05:00
William Vu 8670224ea0 Prefer do/end 2015-10-09 11:26:33 -05:00
William Vu 2f50374bf9 Add SRVHOST tab completion 
A trivial update to @jlee-r7's code.
 2015-10-08 14:01:21 -05:00
jvazquez-r7 c967b60bf8
Land #5948, @bcook-r7's fix shell_to_meterpreter from powershell 2015-10-02 15:59:43 -05:00
William Vu eb751822d8 Remove dead option in db_export 2015-10-01 10:58:15 -05:00
Brent Cook 4cbe35e1b2 specifically use shell or powershell 2015-09-23 22:08:32 -05:00
Brent Cook 66b453edd6 ensure the database cache is always updated, present accurate reporting on search 2015-09-22 12:56:26 -05:00
Brent Cook 4aae9b8272 support upgrading a powershell session to meterpreter 2015-09-08 15:37:42 +02:00
HD Moore 2b03487e1f Fix the module cache rebuild logic 2015-09-01 12:38:20 -05:00
HD Moore d84caeca72 Ignore cached modules outside of load path, only load cache once on startup 2015-09-01 12:31:05 -05:00
Jon Hart 3f7c8e03e2
Update workspace command to support deleting all workspaces 2015-08-28 10:23:41 -07:00
jvazquez-r7 83ca4e984f
Land #5772, @wchen-r7's fixes #5753, support Origin for the creds command 2015-08-21 16:07:45 -05:00
wchen-r7 717b1bdd6a Fix bugs: Empty -O, empty origins 2015-08-21 15:46:18 -05:00
William Vu 0bb01c8b6b Fix nil bug with an empty database.yml 
Use an empty hash instead of false.
 2015-08-17 14:45:11 -05:00
wchen-r7 75d59be87d Resolve #5753, Support Origin for the creds command 
Resolve #5753. Add an Origin column and allow the user to search
by origin.
 2015-07-24 14:04:23 -05:00
wchen-r7 73fd4bd853 Allow the notes command to save notes as a file 
The -o option can save notes as a file.
 2015-07-16 00:28:15 -05:00
Brent Cook 8349a274ea use and include git hash of Framework as part of the version 
Because we do not always update the version number, multiple releases have
shown version string, which is not useful for helping debug issues, or for
knowing what features are enabled.

This adds the git hash or reads from a file a copy of the git hash (useful for
doing packaged builds without git) so that it is clear the origin of a
particular metasploit-framework version.
 2015-07-10 18:03:37 -05:00
Mo Sadek 25bdf7a50a
Land #5427, check payload compatability for set payload fix 2015-07-06 12:56:21 -05:00
Joshua Smith 5be94c12b6
Land #5602, adds irb -e to core 2015-07-02 16:21:20 -05:00
Joshua Smith 434cffa258 clean up so idiomatic ruby details 2015-07-02 16:16:57 -05:00
Mo Sadek dde853b0a0 Fixed "linee" to "line" 2015-06-29 11:27:50 -05:00
Mo Sadek e5836fbdac Removed session -d from core.rb 
Ticket #4423
 2015-06-29 10:57:50 -05:00
Spencer McIntyre f6f21724a3 Support expressions for the irb command 2015-06-24 20:52:17 -04:00
HD Moore bd36908383 Fix #5500 by checking for session.respond_to?(:response_timeout) 2015-06-06 17:07:03 -05:00
William Vu f761d411c4 Adjust line clearing to cover only the text 2015-06-06 15:58:23 -05:00
HD Moore fe09d9888e Small rework of the spinners, clear the line when done 2015-06-06 14:30:42 -05:00
William Vu a53a68cfc2 Refactor db_nmap and fix the save option 2015-06-04 18:40:19 -05:00
wchen-r7 b33ace2f44 Put is_payload_compatible? in exploit.rb 2015-05-29 15:07:59 -05:00