infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,813 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

8587 Commits (25d1caabb5709400d49192e31063e57576f06a3a)

Author SHA1 Message Date
Matt Buck 25d1caabb5
Merge branch 'master' into staging/rails-4.0 
Conflicts:
	Gemfile
	Gemfile.lock
	metasploit-framework.gemspec
 2014-10-14 15:20:15 -05:00
William Vu fdd79e64c3
Land #4010, ReverseAllowProxy clarification 2014-10-14 15:10:50 -05:00
William Vu 5c4f61057f
Show available actions for info 2014-10-14 12:41:02 -05:00
Pedro Laguna 70d1eefaa9 Update reverse_tcp.rb 
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:

>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.

Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
 2014-10-14 11:24:59 +01:00
Jon Hart 458da2bca4
Land #3988, @wchen-r7's fix for #3985, a lack of logging for 'check' 2014-10-12 18:46:35 -07:00
sinn3r 96be53dcf1
Land #3962 - Show selected action 2014-10-12 14:02:40 -05:00
William Vu a04ad3aa8c
Update print_error to reflect new usage 2014-10-10 14:38:26 -05:00
William Vu 26743b4c38
Rewrite existing code to use HasActions 
And fix a bug in the initial use case where mod.action was dropped.
 2014-10-10 14:35:54 -05:00
William Vu 7e7e0259e4 Fix tab completion for post actions 2014-10-10 12:24:23 -05:00
William Vu 238a30a769
Update print_error to include post modules 2014-10-10 12:12:43 -05:00
sinn3r 48d2343152 Fix #3985 - check command should elog 2014-10-10 01:06:37 -05:00
Spencer McIntyre a535d236f6
Land #3947, login scanner for jenkins by @nstarke 2014-10-09 12:59:02 -04:00
William Vu 1d766ba95b
Rename dump_auxiliary_action{,s} 
To dump_module_action{,s} to accommodate post modules, etc.
 2014-10-08 14:49:14 -05:00
jvazquez-r7 f30309fe81
Land #3919, @wchen-r7's Fixes #3914, Inconsistent unicode names 2014-10-08 14:46:14 -05:00
William Vu f6a9cfcc52
Break away the elsif into a separate if 
In case exploits support actions for some crazy reason in the future.
 2014-10-08 14:30:41 -05:00
William Vu b2ba6e7ae1
Make the code more maintainable 
Despite the code around it.

Thanks for the advice, @jlee-r7!
 2014-10-08 14:14:28 -05:00
jvazquez-r7 dbc199ad77 space after commas 2014-10-08 13:56:59 -05:00
William Vu c0ef2c7938
Support post modules 
I kinda hate this code.

TODO: Get rid of and/or and the extra parens.
 2014-10-08 13:23:50 -05:00
William Vu a8b5bf4625
Show selected auxiliary action 2014-10-07 14:34:41 -05:00
nstarke eed0958de5 Fixing Comment 
Comment was incorrect and needed to be fixed.
 2014-10-07 11:28:40 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs 
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
 2014-10-06 21:14:10 -05:00
sinn3r 17f278effd Fix #3822 - Support file:// syntax for check() 2014-10-06 13:37:14 -05:00
James Lee a65ee6cf30
Land #3373, recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-10-03 18:05:58 -05:00
Tod Beardsley 097d2bfbb5
Land #3922: Metasploit Park banner 2014-10-03 16:32:56 -05:00
Tod Beardsley d048bb7725 Add some color to the msfpark banner 
It looks kind of naked without some color compared to all the other
banners.
 2014-10-03 14:52:54 -05:00
Samuel Huckins f2fc0d88ef Lands #3943, changes to engine require 2014-10-03 14:26:50 -05:00
Matt Buck 0bb4eac259
Rename the method for optional requires 
MSP-11412
 2014-10-03 14:06:13 -05:00
Matt Buck 88cbf22ef0
Optionally require mdm, as well 
MSP-11412
 2014-10-03 13:49:39 -05:00
William Vu f7e709dcb3
Land #3941, new WPVDB reference 2014-10-03 10:17:02 -05:00
Christian Mehlmauer f45b89503d change WPVULNDBID to WPVDB 2014-10-03 17:13:18 +02:00
sinn3r 6f50ef581c
Land #3935 - Fix SNMP scanners on OS X/FreeBSD 2014-10-02 16:38:36 -05:00
sinn3r 6d7870a4ac
Land #3934 - New :vuln_test option to BES 2014-10-02 16:31:50 -05:00
Christian Mehlmauer 33b37727c7 Added wpvulndb links 2014-10-02 23:03:31 +02:00
Matt Buck dabec92e61
Ensure require of metasploit/credential/engine is optional 2014-10-02 14:46:56 -05:00
Matt Buck 7ed1977d0b
Specific require all metasploit gem dependencies' engines 
MSP-11412
 2014-10-02 14:20:10 -05:00
sinn3r 0820a4fe6a
Land #3933 - Fix cmd_exec with Python Meterpreter on OS X 2014-10-02 13:48:19 -05:00
Samuel Huckins 0dfd8e25b8
Land #3846, Rex::ImageSource specs 2014-10-02 12:33:56 -05:00
Joe Vennix 7861b17e16
Use write() to fix SNMP on osx/freebsd. 2014-10-02 09:15:43 -05:00
Joe Vennix 6571213f1c
Remove un-truthy doc string. 2014-10-01 23:41:02 -05:00
Joe Vennix 5a8eca8946
Adds a :vuln_test option to BES, just like in BAP. 
I needed this to run a custom JS check for the Android
webview vuln when the exploit is served straight
through BES. The check already existed when using BAP,
so I tried to preserve that syntax, and also added a
:vuln_test_error as an optional error message.

This commit also does some mild refactoring of un-
useful behavior in BES.
 2014-10-01 23:34:31 -05:00
Joe Vennix b1b8cba4c5
Rescue an IOError on channel double-close. 
This was causing output from python meterpreter
commands run on OSX to be discarded when the error
was raised, making cmd_exec not-so-useful.
 2014-10-01 22:35:41 -05:00
James Lee 5cb016c1b1
Use Match constant in BES as well 2014-10-01 16:17:13 -05:00
James Lee a75d47aad9
Use yardoc for new methods 
Also substitute '&&' for 'and', and fix some whitespace
 2014-10-01 16:02:33 -05:00
Matt Buck 51ca54205b
Merge branch 'master' into staging/rails-4.0 2014-10-01 13:23:46 -05:00
William Vu 909ac522d1
Add metasploit-park.txt banner to msfconsole 
Obviously a homage to Jurassic Park. :)
 2014-09-30 16:28:23 -05:00
sinn3r 1e2d860ae1 Fix #3914 - Inconsistent unicode names 2014-09-30 12:19:27 -05:00
sinn3r 7163b8c55a Fixes #3915 - NoMethodError private method `rhost' 
There's no self.rhost, but rhost is defined
 2014-09-30 11:34:16 -05:00
darkbushido 701291e029
Merge branch 'master' into staging/rails-4.0 
Conflicts:
	Gemfile.lock
 2014-09-29 15:48:12 -05:00
sinn3r 9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits 2014-09-29 11:15:14 -05:00
Meatballs d5959d6bd6
Land #2585, Refactor Bypassuac with Runas Mixin 2014-09-28 09:24:22 +01:00