Commit Graph

5637 Commits (263e967a6a076b7762bf58464804f7f179429ff8)

Author SHA1 Message Date
HD Moore f5c7f4c41a Remove trailing whitespace 2012-11-19 19:42:22 -06:00
sinn3r 527ba0e401 Merge branch 'feature/automatic-fs-cleanup' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/automatic-fs-cleanup 2012-11-19 15:59:19 -06:00
James Lee 2526dce20a Add attrib.exe for removing read-only files
This really should be a standard part of session.fs.file.rm
2012-11-19 15:18:03 -06:00
sinn3r d4749ff009 Merge branch 'feature/automatic-fs-cleanup' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/automatic-fs-cleanup 2012-11-16 19:02:46 -06:00
James Lee c81a289d5d Fix a few bad tabs and some 1.9-only syntax 2012-11-16 16:07:12 -06:00
James Lee 591b085858 Add support for shell sessions in FileDropper 2012-11-16 15:51:54 -06:00
Tasos Laskos c659b37c94 Updated indentation to use tabs 2012-11-16 23:11:48 +02:00
James Lee 3363475f99 Fix backwards order of @param comment 2012-11-15 17:55:17 -06:00
James Lee 83708a5a48 Add a FileDropper mixin for recording cleanup targets
Doesn't cover shell sessions yet, so needs a bit more work
2012-11-15 17:52:10 -06:00
James Lee 0e7c3a82f5 Prepend unlink instead of appending
Makes it work when using meterpreter.  Because "quit" or "exit" in the
console ends up calling die() instead of falling through to whatever's
left in the file, a meterpreter session would never reach the code to
delete itself before this change.
2012-11-15 16:22:21 -06:00
Tasos Laskos 7032ef0f6f Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-09 00:21:38 +02:00
jvazquez-r7 b75c622813 Merge branch 'master' into feature/udp-scanner-mixin 2012-11-08 20:15:25 +01:00
HD Moore 4d2147f392 Adds normalize_uri() and fixes double-slash typos 2012-11-08 07:16:51 -06:00
HD Moore 0e8a3f0ea6 Merge branch 'master' into feature/udp-scanner-mixin 2012-11-08 06:09:22 -06:00
James Lee 2ebe2fa08e Merge branch 'rapid7' into bug/rm7037-hash-iteration 2012-11-07 19:27:11 -06:00
James Lee 8a4fb07a0c Merge branch 'bug/read-module-content-errno-enoent' into rapid7
Really [Closes #1025]
2012-11-07 19:25:39 -06:00
James Lee 26a145e527 Always overwrite the old module even when ambiguous 2012-11-07 18:51:12 -06:00
James Lee 3a572625f5 return inside a block returns from outer method
So no need to check its return value.
2012-11-07 17:43:22 -06:00
James Lee aaa5a3c0bb Add "Call stack:" to the log when a module load fails 2012-11-07 12:48:55 -06:00
David Maloney 04a80e0648 Fixes to the WMI setup 2012-11-07 11:26:48 -06:00
David Maloney 208e706307 Module title fixes 2012-11-07 10:33:14 -06:00
Tod Beardsley 81ed0bbcce Avoiding 1.8.7 variable assignment incompat.
Reported on twitter:

http://twitter.com/SoapyWetDish/status/266155915256938496
2012-11-07 10:10:13 -06:00
Luke Imhoff 3ad00f7c63 Merge branch 'master' into bug/read-module-content-errno-enoent 2012-11-06 17:39:55 -06:00
Luke Imhoff 16407f91c8 Rescue Errno::ENOENT from File.open in read_module_content
[Fixes #38426061, #38097411]

Msf::Modules::Loader::Directory#read_module_content may calculate a non-existent
module_path that gets passed to File.open causing an Errno::ENOENT exception
to be raised when using the module cache with a module that has been
moved to a new path (as is the case that originally found this bug) or
deleted.  Now, the exception is rescued and read_module_content returns
an empty string (''), which load_module detects with
module_content.empty? and returns earlier without attempting to module
eval the (empty) content.

As having Msf::Modules::Loader::Directory#read_module_content rescue the
exception, meant there was another place that needed to log and error
and store an error in Msf::ModuleManager#module_load_error_by_path, I
refactored the error reporting to call
Msf::Modules::Loader::Base#load_error, which handles writing to the log
and setting the Hash, so the error reporting is consistent across the
loaders.

The exception hierarchy was also refactored so that
namespace_module.metasploit_class now has an error raising counter-part:
namespace_module.metasploit_class! that can be used with
Msf::Modules::Loader::Base#load_error as it requires an exception, and
not just a string so the exception class, message, and backtrace can be
logged.
2012-11-06 17:38:38 -06:00
jvazquez-r7 9166d12179 Merge branch 'WinRM_piecemeal' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal 2012-11-05 23:08:59 +01:00
Tod Beardsley 23cc2bd1a1 Merge remote branch 'origin/master' 2012-11-05 15:56:21 -06:00
Tod Beardsley 6a4d398b5d Merge remote branch 'origin/feature/addp-modules' 2012-11-05 15:55:30 -06:00
jvazquez-r7 0f5f5f966b Merge branch 'master' into feature/realport-modules 2012-11-05 22:52:38 +01:00
HD Moore 3d7e0b7b3d Fix bad indent that snuck into the comments 2012-11-04 22:50:47 -06:00
HD Moore ae9b462b99 Fix baud rate (see PR #1008) 2012-11-04 22:38:16 -06:00
David Maloney fca8208171 Some minor code cleanup 2012-11-04 14:45:15 -06:00
David Maloney f69ccc779f Unified smarter module 2012-11-04 13:14:02 -06:00
David Maloney c30ada5eac Adds temp vbs mod and tweaked decoder stub 2012-11-04 12:49:15 -06:00
HD Moore 752ae33135 Minor tweak (kill useless variable, fix gsub) 2012-11-04 01:18:40 -05:00
HD Moore 99ab722aca Dont forget our actual mixin 2012-11-04 01:14:08 -05:00
HD Moore 910a91a0f6 First commit of a udp_mixin and modified scanners 2012-11-04 01:13:38 -05:00
HD Moore 963fdd6430 Initial commit for Digi RealPort modules 2012-11-03 17:44:53 -05:00
HD Moore 0d6acad1a0 Updates for PR #981 (cleanup) 2012-11-02 15:47:52 -05:00
HD Moore 0bf5f63d67 Merge branch 'master' into feature/addp-modules 2012-11-02 15:41:03 -05:00
HD Moore 52f0bca9be Merge branch 'master' into feature/addp-modules 2012-11-02 15:40:36 -05:00
Tasos Laskos 33502b52b0 Rex::Text.refine: removed redundant Array operations 2012-11-02 16:10:42 +02:00
James Lee 4a1087d3fa Merge branch 'rapid7' into bug/wrong-file_changed-argument 2012-11-01 16:53:06 -05:00
Tasos Laskos 0d2ad8734e #report_web_vuln: updated to include an owner and payload 2012-11-01 22:23:56 +02:00
Tasos Laskos a88031a02a added web exploit mixin 2012-11-01 21:37:12 +02:00
Tasos Laskos 4cdd26d579 added Anemone path extractors 2012-11-01 21:18:05 +02:00
Tasos Laskos 385d225305 Updated support for Web modules and analysis techniques (committing to new clean branch due to corruption) 2012-11-01 21:14:38 +02:00
David Maloney 519eb0c2be Behold the King of Typos in all my glory 2012-11-01 11:30:52 -05:00
David Maloney 0eccfaf1bb Add a disclosure date 2012-11-01 10:24:28 -05:00
Luke Imhoff a745c3a4a0 metasploit_data_models 0.3.0 installed in gemcache 2012-11-01 08:56:00 -05:00
Luke Imhoff 558b8b0fcf File renames and restructuring for metasploit_data_models 0.3.0 2012-11-01 08:43:06 -05:00
Luke Imhoff 6aed38f309 Update metasploit_data_models paths for version 0.3.0 2012-11-01 08:39:18 -05:00
David Maloney dd7ab11e38 Minor cleanup 2012-10-31 16:14:34 -05:00
jvazquez-r7 c27a4d5de2 Merge branch 'master' into bug/handle-100-continue 2012-10-31 18:56:33 +01:00
Luke Imhoff de07ca5f07 Merge branch 'bug/wrong-file_changed-argument' of github.com:/rapid7/metasploit-framework into bug/wrong-file_changed-argument 2012-10-31 11:49:02 -05:00
Luke Imhoff 471ac6d15d Use typed_enable?(type) instead of protected enablement_by_type[type]
Msf::Modules::Loader::Archive#each_module_reference_name tried to check
the enabled types for the module_manager by accessing the
enabledment_by_type Hash, which is protected.  Instead, it should use
the public type_enabled? method.

Add specs to test all of Msf::Modules::Loader::Archive while testing
each_module_reference_name.  In order to properly test that modules
could be found in archives, I had to produce a fastlib archive, so there
is now a spec for FastLib.dump and FastLib.load.  Some specs are marked
pending as I found a bug in FastLib, which has a work-around.  The bug
is filed in PivotalTracker as
https://www.pivotaltracker.com/story/show/38730815 and the pending tests
include the URL also in their tags.
2012-10-31 11:43:28 -05:00
James Lee be57f7ca74 Merge branch 'bug/wrong-file_changed-argument' of github.com:rapid7/metasploit-framework into bug/wrong-file_changed-argument 2012-10-30 13:07:07 -05:00
Luke Imhoff 6c11b870da Check for payload in :type instead of :modification_time
Just had a brain fart when converting the hash key names and translated
:mtype to :modification_time instead of the correct :type.  Correct key
names are in
Msf::ModuleManager::Cache#module_info_by_path_from_database!.
2012-10-30 12:10:31 -05:00
James Lee d402b3fd08 Merge branch 'bug/wrong-file_changed-argument' of github.com:rapid7/metasploit-framework into bug/wrong-file_changed-argument 2012-10-30 10:54:26 -05:00
Luke Imhoff 5709ffc42b Use Msf::Config.install_root instead of Msf.root
Msf::Config.install_root already existed, but I didn't know about it
until egypt pointed it out, so remove the new Msf.root and use
Msf::Config.install_root in the specs instead.
2012-10-30 10:46:02 -05:00
James Lee 2f41452879 Merge branch 'rapid7' into bug/wrong-file_changed-argument 2012-10-30 10:11:06 -05:00
James Lee d0650dfb25 Put a bandaid over getsockname
Depending on how a socket was created, #getsockname will return either a
struct sockaddr as a String (the default ruby Socket behavior) or an
Array (the extend'd Rex::Socket::Tcp behavior). Avoid the ambiguity when
generating SSL certificates for meterpreter handlers by always picking a
random hostname.

This is by no means a proper fix for the underlying problem of
Socket#getsockname having ambiguous behavior before and after being
extended with Rex::Socket::Tcp. It does, however, solve the immediate
problem of not being able to create tunneled meterpreter sessions over
http(s) sessions.

[SeeRM #7350]
2012-10-29 22:45:46 -05:00
HD Moore 6ec392c4cf Add Rex::Text.sha1 and Rex::Text.sha1_raw 2012-10-28 23:49:21 -05:00
HD Moore adc9532ec7 Reset this back to master's copy, fixes this pull 2012-10-28 23:13:32 -05:00
HD Moore 3a42eb3f73 New modules and library for the ADDP protocol 2012-10-28 23:04:18 -05:00
HD Moore 43fe219a05 This improves handling of 100-continue responses 2012-10-28 22:57:18 -05:00
sinn3r 7a1c3e7cf6 Merge branch 'dmaloney-r7-WinRM_piecemeal' 2012-10-27 18:55:24 -05:00
scriptjunkie 3efa4186df Fix search error when platform not in target name 2012-10-27 16:28:38 -05:00
Luke Imhoff 055f95898d Merge branch 'master' into bug/wrong-file_changed-argument
Conflicts:
	lib/msf/core/modules/loader/base.rb
2012-10-24 15:25:49 -05:00
Luke Imhoff 69a8739d52 Pass module_path instead of parent_path to file_changed?
[Fixes #37630057]

Modules were always being detected as having file changes because the
parent_path directory, instead of the actual module_path, was being
passed to module_manager.file_changed?, which caused the modification
times to not match.

To ensure this change fixes the ambiguous module warnings, a full spec
for Msf::Core::Modules::Loader::Base has been written.

spec/msf has moved to spec/lib/msf to match conventional spec layout and
allow for the spec/support directory to not be confused as a lib
subdirectory being tested.
2012-10-24 15:11:53 -05:00
David Maloney bfbae5fbb7 Merge branch 'upstream-master' into WinRM_piecemeal
Conflicts:
	lib/msf/core/exploit/winrm.rb
2012-10-24 14:12:28 -05:00
David Maloney 1dcbbdf162 changed indent level 2012-10-24 13:50:44 -05:00
David Maloney a15c35091d Add the WinRM login module 2012-10-24 11:25:39 -05:00
sinn3r 77c8548855 Merge branch 'dmaloney-r7-WinRM_piecemeal' 2012-10-23 16:33:16 -05:00
sinn3r 8c1304557f Code cleanup 2012-10-23 16:32:26 -05:00
sinn3r 67c46fc97a Merge branch 'WinRM_piecemeal' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal 2012-10-23 14:03:44 -05:00
David Maloney e19f2d235c Actually use the timeout in winrm cmd 2012-10-23 11:29:32 -05:00
sinn3r f71f83095b Merge branch 'WinRM_piecemeal' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal 2012-10-22 17:13:37 -05:00
David Maloney 04fd990741 bad indent 2012-10-22 17:03:40 -05:00
David Maloney e08cedec2e Requested revisions/cleanup
minor fixes to spacing, some typos, and abse64 switched to Rex
2012-10-22 17:01:00 -05:00
sinn3r af918b84a0 Merge branch 'standardize_authorship' of git://github.com/mubix/metasploit-framework into mubix-standardize_authorship 2012-10-22 16:47:03 -05:00
Rob Fuller 28f47e9aa0 fix spacing for all authors 2012-10-22 17:22:37 -04:00
Rob Fuller a13a88ce28 fix spacing 2012-10-22 17:07:58 -04:00
Rob Fuller 7437d9844b standardizing author info 2012-10-22 17:01:58 -04:00
James Lee dafb56f6b6 Merge branch 'dmaloney-r7-findpids' into rapid7
[Closes #950]
2012-10-22 15:52:07 -05:00
corelanc0d3r 7733843bf3 added option ReverseListenerBindAddress 2012-10-22 22:17:50 +02:00
James Lee 651f9b9c8f Use opts.usage instead of a Table 2012-10-22 15:16:55 -05:00
HD Moore 2436ac3a58 Revert "Merge branch 'migrator' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-migrator"
This reverts commit ca07bdbad6, reversing
changes made to ed3f87b738.
2012-10-20 22:38:31 -05:00
HD Moore 04e1856a4f Fix a copypasta error triggered by a failed load 2012-10-20 15:00:11 -05:00
sinn3r c80005b85f Merge branch 'WinRM_piecemeal' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal 2012-10-19 17:46:15 -05:00
David Maloney 57514e5407 Msftidyness 2012-10-19 16:56:52 -05:00
sinn3r 51c03bbf47 Merge branch 'WinRM_piecemeal' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal 2012-10-19 15:44:05 -05:00
sinn3r ca07bdbad6 Merge branch 'migrator' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-migrator 2012-10-19 15:25:45 -05:00
David Maloney 56cbe6a67e Some minor fixups 2012-10-19 15:25:03 -05:00
David Maloney 3a8dd261ae WinRM mixin and basic discovery module 2012-10-19 15:08:58 -05:00
Tod Beardsley b7652b44d5 Adding prepend_migrate? 2012-10-19 14:24:13 -05:00
James Lee ffa4373242 Merge branch 'rapid7' into wchen-r7-print_warning
[Closes #899]
2012-10-19 13:49:32 -05:00
jvazquez-r7 205dc8870a Merge branch 'prependsetguid' of https://github.com/mephos/metasploit-framework into mephos-prependsetguid 2012-10-19 10:33:56 +02:00
James Lee 768d2c5921 Go back to old behavior for unknown versions
May not be correct, but it's what we used to do, so probably better than
just raising.

Also documents things a bit better.
2012-10-18 16:57:40 -05:00
James Lee 1eccb24bf8 Raise if the version isn't what we expect
Also adds some clarifying commentation and adds todb to the list of
authors since he wrote the original module for windows upon which this
one is based.
2012-10-18 15:55:55 -05:00
James Lee 0221f75f39 Merge branch 'rapid7' into midnitesnake-postgres_payload 2012-10-18 13:57:25 -05:00