Commit Graph

434 Commits (28ad0fccbd5134722050d871f1962c6543f503a0)

Author SHA1 Message Date
FireFart 551327bec6 Added a check for Set-Cookie header in msftidy 2014-03-01 13:30:24 +01:00
William Vu 506c354722
Land #3103, vars_get check for msftidy 2014-03-15 19:57:19 -05:00
William Vu 6aa75a328f Ax the arbitrary long line warning
It's not 80 or 132. ;)
2014-03-14 10:28:58 -05:00
William Vu f50d6c8709 Remove a couple more instances of "shit" 2014-03-04 15:00:48 -06:00
FireFart c62f4079f8 Added a check for vars_get in msftidy 2014-03-01 12:02:41 +01:00
Rob Fuller b19a652d78 add -i option as a requirement 2014-02-18 14:08:57 -05:00
sinn3r b5dcc0eb1d Make several changes.
Some important changes:

* Uses optparse to parse argumnets
* Prevent file handle leaks
2014-02-18 12:43:11 -06:00
Rob Fuller 6746793848 make write cleaner 2014-02-17 17:09:50 -05:00
Rob Fuller 11945786c9 standalone iplist creator 2014-02-17 11:22:15 -05:00
sinn3r 38bc587228
Land #2937 - Expand path in metasm_shell 2014-02-02 23:42:50 -06:00
Joe Vennix e50077844c Expand path in metasm_shell#file. 2014-02-02 17:26:48 -06:00
Tod Beardsley 6f93e3fb37
Modules shouldn't use Nokogiri
Nokogiri has a habit of shipping vulnerable builds of libxml2. For
example, see this:

http://www.ubuntu.com/usn/usn-1904-1/

and compare to Nokogiri's bundled requirements:

https://github.com/sparklemotion/nokogiri/blob/master/dependencies.yml

While Nokogiri is quite pleasant to use, it really shouldn't be trusted
to handle potentially malicious data. Imagine if a "vulnerable" target
was actually a malicious honeypot, lying in wait for a poor Metasploit
user to come along and parse out its payload. (OT: does such a thing
have a clever name? If not, I propose "beehive" to imply the offensive
capabilities of such a honeypot.)

Nokogiri is used elsewhere in Metasploit, but those functions handle
data sourced from the Metasploit user herself, so those XML hunks are
nominally trustworthy.
2014-02-02 11:51:21 -06:00
Tod Beardsley 03d65cd2bd
Address @wvu-r7's comments and better filtering 2014-01-31 16:44:42 -06:00
Tod Beardsley 87412be33d
Squash commit Travis-able msftidy checks
This change updates msftidy to be run automatically for new modules
added since the last tag release because we can't rely on folks using
tools/dev/pre-commit-hook before submitting a PR. Now, when one attempts
to open a PR with a non-tidy'ed module, the build will fail out of the
gate.

Related to the 100s of msftidy errors extant today.

[SeeRM #8498]

commit c894e52de5705a1133191be5e9caf3ebdee33621
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Fri Jan 31 14:17:02 2014 -0600

    Add a jacked up title to test travis. Revert this!

commit 2f00c190be71aeb456a7a546071286fd6d670bc1
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Fri Jan 31 11:39:42 2014 -0600

    Allow for checking and spotchecking.

commit db11e8dfad5381030b08c431a183dbafe7a5f304
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 17:16:37 2014 -0600

    Whoops, need to exit an Integer always.

commit 12d131d3157a78ff11e597476138323ed0a062fc
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 16:59:35 2014 -0600

    Allow for exit statuses from msftidy.

commit 2c3b294ff17416f49935472caf2b6be3dbdd93a4
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 15:36:43 2014 -0600

    Be more dynamic about tag checking years

commit d5d8a0b05ac17fb18666a9c252dbb6928d6b5e56
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 14:36:44 2014 -0600

    Don't warn when there's really nothing

commit fb44a3142fb01eb2647c1c240bb1cc2e7bf59120
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 14:21:50 2014 -0600

    Revert the intentional failure

    This reverts commit 99a7630b0da301b27ac495cb027009a8cd9e2caf.

    Fun fact: Reverting a commit does not automatically sign with my current
    aliases, one must git revert then git c --amend.

commit 99a7630b0da301b27ac495cb027009a8cd9e2caf
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 14:08:05 2014 -0600

    Cause an exit status in precommit check

    Maybe travis will see these and fail the build.

    Don't forget to revert this commit @todb-r7 !

commit 5a3b2fcd9598fae51a0dd2c7c87680c703a85448
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 13:11:04 2014 -0600

    Update msftidy pre-commit-hook for spotchecking

commit 3f255e36dad9ed3081aaf359f845525d96872ef0
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 12:35:16 2014 -0600

    Travis should run msftidy via precommit hook

commit 0959d9d2d281590a94c0ac960e43b74354e4e21b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 12:25:53 2014 -0600

    Add SPOTCHECK_RECENT to msftidy.rb
2014-01-31 14:19:04 -06:00
William Vu 7200a4f0e0 Fix in_super-reliant msftidy checks
The conversion from hard tabs to two-space soft tabs broke a few checks.
2014-01-30 14:39:28 -06:00
jvazquez-r7 9db295769d
Land #2905, @wchen-r7's update of exploit checks 2014-01-24 16:49:33 -06:00
Tod Beardsley 2ea3b46988
Remove to_s inside #{} 2014-01-23 14:21:48 -06:00
sinn3r 31c0f45b27 Add routine to check bad check codes 2014-01-22 15:26:16 -06:00
William Vu 3a943c719e Implement a whitelist for suspect capitalization 2014-01-21 09:26:16 -06:00
Tod Beardsley 62c7839b4c
Land #2850, fix msftidy to respect \x22 and \x27 2014-01-16 16:26:34 -06:00
joev 1197426b40
Land PR #2881, @jvazquez-r7's mips stagers. 2014-01-15 12:46:41 -06:00
jvazquez-r7 a8806887e9 Add support for MIPS reverse shell staged payloads 2014-01-14 12:25:11 -06:00
Ethan Robish 28655d4788 Fixed bug that caused runtime error in module_rank.rb 2014-01-13 19:03:23 -06:00
sinn3r dcf90b7cc7 Change options. And change "checksum" to "hash" 2014-01-13 09:57:28 -06:00
sinn3r 231c757804 Strictly just -q for the quick option 2014-01-13 09:12:16 -06:00
sinn3r ffc9f652cc Fix VirusTotalUtility module scope 2014-01-12 16:12:25 -06:00
sinn3r 02d5931739 Add method scan_by_checksum for virustotal.rb
Allows the user to scan files based on checksusm (without actually
uploading them to VT)
2014-01-12 15:45:16 -06:00
sinn3r 3b095f325f Change default key to Metasploit 2014-01-10 17:34:55 -06:00
sinn3r 807d8c12c7 Have a default API key
Modules now should have a default API key. See the following for
details:
http://blog.virustotal.com/2012/12/public-api-request-rate-limits-and-tool.html
2014-01-10 01:26:42 -06:00
sinn3r 4ba2a53e4a Correct a typo
They caught me. Thanks HD.
2014-01-09 16:40:29 -06:00
William Vu e7026c10ef Update msftidy to check for double quotes 2014-01-08 20:32:30 -06:00
sinn3r 9ddef2fbc9 Update rpsec and the script 2014-01-08 13:22:38 -06:00
sinn3r 60138aba67 Use $stdout 2014-01-08 02:34:27 -06:00
sinn3r 44f89f839d Update documentation 2014-01-07 19:11:08 -06:00
sinn3r 4f7cf0994a Adds a timeout to wait_report method
In case it takes too long to get a report, the method will give up
checking after one hour. The user can still manually check the report
from the analysis link given earlier.
2014-01-07 19:03:42 -06:00
sinn3r 481ec7b9ec Add VirusTotal Scanner Utility
[SeeRM #8733] This a tool that uses VirusTotal's public API to submit
a malware sample for analysis. As an offensive tool developer, this
would provide a convenient way to check and see how AVs react to
something we write.
2014-01-07 18:29:26 -06:00
sinn3r 709a7bfb99
Land #2754 - Created standalone module for cpassword AES decrypt 2013-12-19 12:13:21 -06:00
sinn3r 3c64650a47 +x permission 2013-12-19 12:12:37 -06:00
sinn3r 284b3507ce Convert gpp_standalone.rb into a standalone script in tools 2013-12-19 12:10:00 -06:00
Tod Beardsley 63d1a78cd2
Remove capturing parens and debug hexes. 2013-11-20 17:53:25 -06:00
Tod Beardsley 637ce058f5
Write a nonstupid regex (2-pass test) 2013-11-20 17:47:19 -06:00
Tod Beardsley 0ec9881a22
Fix stdout/stderr check to avoid ruby payloads
[SeeRM #8498]

This knocks out all the non-datastore editing ERROR messages, so we've
got that going for us. Which is nice.
2013-11-20 17:39:35 -06:00
Tod Beardsley 5ef6c5bb44
Land #2668, avoid tidying nonfiles. 2013-11-20 16:57:57 -06:00
William Vu b75f5a8f45 Avoid crashing when msftidy'ing missing files 2013-11-20 16:36:07 -06:00
William Vu 6c7a98ef47 Be more exact about shebang checking 2013-11-20 15:26:35 -06:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
William Vu 2572d8daad Add #! check to msftidy 2013-11-08 16:11:48 -06:00
William Vu bcc9c760c4 Add +x check to msftidy 2013-11-05 11:50:28 -06:00
sinn3r 079c82d11d
Land #2565 - Show full path in msftidy 2013-10-22 16:05:56 -05:00
William Vu 33c3167362 Show full path instead of just the basename
Since @todb-r7 and I hate having to use find. :/
2013-10-22 14:54:54 -05:00
William Vu 36a7d02001 Update msftidy to check new ZDI reference 2013-10-21 15:31:37 -05:00
Tod Beardsley 07ab53ab39
Merge from master to clear conflict
Conflicts:
	modules/exploits/windows/brightstor/tape_engine_8A.rb
	modules/exploits/windows/fileformat/a-pdf_wav_to_mp3.rb
2013-10-17 13:29:24 -05:00
Tod Beardsley 3e31235a14
Minor Ruby changes to resplat.rb 2013-10-16 16:37:15 -05:00
Tod Beardsley 3fc1a75a6b
Simplify msftidy with Find.find and add fixed()
Also, enforce binary encoding like the other Metasploit tools.

This opens the door to fixing files that have things that could be fixed
programmatically.

    [SeeRM #8497]
2013-10-16 10:40:42 -05:00
Tod Beardsley 2f2b93cf61
Avoid resplatting resplat.rb 2013-10-15 14:59:56 -05:00
Tod Beardsley 5d86ab4ab8
Catch mis-formatted bracket comments. 2013-10-15 14:52:12 -05:00
Tod Beardsley 40106b3f22
Sometimes splats point at a /framework/ URL 2013-10-15 14:12:49 -05:00
Tod Beardsley 01fbbf16de
Add another line to the resplat regex. 2013-10-15 14:06:53 -05:00
Tod Beardsley 81d145ad81
At least offer a solution with msftidy
I would go ahead and fix it for the user, but due to #8497, I can't
yet.
2013-10-15 13:53:38 -05:00
Tod Beardsley e9e6fb7e26
Add msftidy check. 2013-10-15 13:35:52 -05:00
Tod Beardsley 56d4ba8ab8
Add a re-splatting tool for updating comments. 2013-10-15 13:13:00 -05:00
Tod Beardsley 36d058b28c
Warn for tabbed indentation 2013-10-01 12:22:46 -05:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
Tab Assassin 0ecba377f5 Avoid retabbing things in .git/ 2013-09-30 13:45:34 -05:00
sinn3r c3976e8315 Land #2364 - Update retab util 2013-09-19 22:24:45 -05:00
James Lee 8fe9132159
Land #2358, deprecate funny names 2013-09-18 14:55:33 -05:00
Tod Beardsley 9ee629e2b3 Short circut file checking if it's .rb
Makes things a little faster.
2013-09-13 10:51:50 -05:00
Tod Beardsley 75021bb75b Make retab.rb smarter about ruby file types
Instead of just relying on a filename of *.rb, use the file utility to
determine file type.

For systems that lack lack 'which' and 'file', fall back to filename
matching.

This is useful for retabbing things like 'msfconsole' that don't have a
.rb extension.
2013-09-13 10:25:26 -05:00
Tod Beardsley 5dc3c3c424 Realign retab.rb 2013-09-13 10:15:05 -05:00
Tod Beardsley 32d2f7ffce Hard tabs for now 2013-09-12 16:15:50 -05:00
Tod Beardsley 52843c6a67 Revert whitespace change to msf_tidy.rb
Causing merge conflicts, I'll re-tab it after this PR lands.

This reverts commit 1178da46c6.
2013-09-12 16:14:42 -05:00
Tod Beardsley 1178da46c6 Normalize indentation or @wchen-r7 will be cross 2013-09-12 16:10:43 -05:00
Tod Beardsley cf27b0b457 Add msftidy check for snake_case.rb filenames 2013-09-12 16:06:17 -05:00
sinn3r 8715eb36a8 Land #2300 - chk datastore mods 2013-09-12 15:09:09 -05:00
Tod Beardsley f3ab6d1830 Retab should optionally keep local backups
Local backups are generally not needed since you can just git checkout
old versions anyway before committing. It was nice to have during dev
but generally shouldn't be done now.
2013-09-03 11:54:31 -05:00
Christian Mehlmauer 40e7f45db4 another regex fix 2013-08-30 16:10:16 +02:00
Christian Mehlmauer 921ec615c7 Bugfix 2013-08-29 21:35:15 +02:00
Christian Mehlmauer 1839af4b89 check for modified datastore 2013-08-29 07:31:17 +02:00
Tod Beardsley ef224b175d Allow for tabs or spaces as indentation
This signals a move to allowing for normal Ruby indentation (2 space
soft tabs). This change will check files for indentation of spaces or of
tabs, since we don't want to fail out all modules quite yet.

For more, see
https://github.com/rapid7/metasploit-framework/wiki/Indentation-Standards
where all details of the conversion plan will be documented in order to
minimize the amount of whitespace conflict we are sure to encounter over
this conversion.
2013-08-07 11:45:46 -05:00
Tod Beardsley 914ec856f0 Add a retab utility
Usage: tools/dev/retab.rb directory

will retab with 2-width spaces rather than tabs for indentation.

This utility should be used by the @tabassassin account when it's
unleashed on the Metasploit code base in order to make git blame a
little easier to spot. (diffs should use -b or -w to avoid seeing
@tabassassin's changes)
2013-08-07 11:34:49 -05:00
lsanchez-r7 2bb11693f2 fixing some copy 2013-07-08 18:16:15 -05:00
lsanchez-r7 250472474c updating the list_interfaces.rb to use the gem 2013-07-08 17:59:41 -05:00
lsanchez-r7 94db2dc83f updating list_interfaces for windows, this should work? 2013-07-08 17:52:24 -05:00
lsanchez-r7 4541a9e49e now with passing msftidy 2013-07-08 17:44:50 -05:00
jvazquez-r7 2ceb404f7d Land #2047, @hmoore-r7 ipmi related work 2013-07-02 11:13:25 -05:00
Tod Beardsley 04c2a7367d Uncapitalized function names are rarely improper. 2013-07-01 15:37:22 -05:00
HD Moore 759a43abe5 Allow for null passwords 2013-06-29 23:20:50 -05:00
HD Moore 1e21f0e2aa Updated output formats, top 1000 passwords 2013-06-29 22:01:25 -05:00
HD Moore 5656e0cb7a Initial commit of IPMI library, scanner, & cracker 2013-06-22 23:38:28 -05:00
h0ng10 4e42ffd51e msftidy cleanup 2013-04-12 21:39:11 +02:00
h0ng10 f6da02d907 Check for VERBOSE Option 2013-04-12 21:34:15 +02:00
Brandon Turner 06537e0ab1 Remove the gemcache loader and tools 2013-04-03 16:24:56 -05:00
Trevor Rosen 5af14c4153 Merge pull request #1380 from todb-r7/feature/mailmap_and_commit_count
Godspeed, friends.
2013-03-21 09:57:46 -07:00
Tod Beardsley fd20eba35e Expanding the title and desc for external_ip
Also allowing the capitalization on "via" to be small.
2013-03-20 14:42:12 -05:00
Tod Beardsley 9fe0a01652 Merge branch 'master' into feature/mailmap_and_commit_count 2013-02-15 16:52:11 -06:00
Tod Beardsley d5b0482127 Note linking strat in comment docs 2013-02-06 14:19:18 -06:00
Tod Beardsley 734bd614e1 Adds a pre-commit hook that fires off msftidy
If people use this, it'll cut down quite a bit on trivial module errors.
2013-02-06 11:13:30 -06:00
sinn3r 45db43d2b3 Merge branch 'msftidy/no-twitter-handles' of github.com:todb-r7/metasploit-framework into todb-r7-msftidy/no-twitter-handles 2013-02-04 14:21:40 -06:00
Tod Beardsley e8def29b4f Dropping all twitter handles
Also adds "pbot" as an accepted lowercase word. This will come up pretty
routinley for functions and stuff.
2013-02-01 16:33:52 -06:00
Tod Beardsley 7b6d1f4fdd Actually test alternate rubies. 2013-02-01 13:36:15 -06:00
Tod Beardsley 55b512087a Deal with dates that fall off the end. 2013-01-29 13:03:22 -06:00
Tod Beardsley 40fd695e6e Adds a few metrics-based tools and a mailmap
This merge adds four new tools:

  * .mailmap : allows for easier identification of committers
  * tools/module_count.rb : Spits out a current count of modules
  * tools/module_commits.rb: Spits out who commited to a module
  * tools/committer_counts.rb : Spits out commiters by commit counts

This was part of a long-running feature branch, which is why it's now
bundled up in one big squash merge.

Squashed commit of the following:

commit de201ff6a5b304d0fedec56d9f1930abf1a10d9e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Jan 24 14:48:24 2013 -0600

    Rename from scorecard to merely a count

commit 8028cf838b0b560831602e3163e92d0751a4c0a9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Jan 24 14:36:42 2013 -0600

    Some final comment docs

commit a69fd7883837849664bc8777d119ac760de4a43d
Merge: e288f13 3faf4b3
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Jan 24 13:21:14 2013 -0600

    Merge branch 'master' into committer-scorecard

    I think these conflicts came from a move or a rename or something.

    Conflicts:
    	external/source/exploits/cve-2012-5076_2/Makefile
    	external/source/exploits/cve-2012-5088/Makefile
    	modules/exploits/multi/browser/java_jre17_method_handle.rb
    	modules/exploits/multi/http/jenkins_script_console.rb

commit e288f13d7f7bca7aa4ceddd555b88d971a9f65a2
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Jan 16 14:06:23 2013 -0600

    Add FireFart's mail alias

commit 1b1792e84febf015a79c3beb3d2473953da56935
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jan 18 22:41:44 2013 -0600

    Fix grammar on description for webcam

commit 276388fac541f0eebb9a18a980c5b474f438d117
Author: Robin Wood <robin@digininja.org>
Date:   Tue Jan 22 15:42:23 2013 +0000

    added extra checking for strict databases

commit a40ea3d73e52ab822cb89052ef7575f7ac52abb6
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Tue Jan 22 12:07:16 2013 +0100

    fix data added to table

commit 738d2fad5fccfbff23967ce219ad6bd4af90bbea
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Jan 22 00:27:03 2013 -0600

    Fix a stack overflow in bidirectional pipe

commit aeec5a816b2f09f517930cdff074ea4b42ed5088
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Mon Jan 21 12:26:35 2013 +0100

    Cleanup for mysql_file_enum.rb

commit 13f68f089b4f3dd7c58bb4d5cb5767ff3df12852
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Mon Jan 21 00:30:43 2013 -0600

    Updates the progress function

    Because the previous one was wrong.

commit d971fe0bb5f34667b6a621043838f7472e7255cd
Author: Robin Wood <robin@digininja.org>
Date:   Sun Jan 20 21:32:02 2013 +0000

    Brute force directory and file names with MySQL

commit a96ca2e96a3a34e302a6759ba48706c60b9724cd
Author: Robin Wood <robin@digininja.org>
Date:   Sun Jan 20 00:13:42 2013 +0000

    added a warning and using optpath

commit aa98d85abbc30166ce7d69a446bf78cddff92e0a
Author: Robin Wood <robin@digininja.org>
Date:   Sun Jan 20 00:12:38 2013 +0000

    added a warning and using optpath

commit 6dd5bb8532d0f68d44ca80099780428e0a3ad872
Author: Robin Wood <robin@digininja.org>
Date:   Sun Jan 20 00:02:07 2013 +0000

    stopped using fixed table name

commit 520aeb93119a77b4eb8d1187cac4084690d45613
Author: Robin Wood <robin@digininja.org>
Date:   Sat Jan 19 23:41:38 2013 +0000

    Fixed msftidy stuff

commit cec6a06c56444f12dc8b8985c2505b2d259d5077
Author: Robin Wood <robin@digininja.org>
Date:   Sat Jan 19 22:48:00 2013 +0000

    File/dir brute forcer using MySQL

commit 3cc0f3feaed87df11ab3695342af304d3b13d056
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Sun Jan 20 19:54:24 2013 +0100

    finally it doesn't use FileDropper atm

commit 2670d5ca8fbe2b26b2073445537bf0bfacd079dd
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Sun Jan 20 17:38:37 2013 +0100

    references and date updated

commit 1230d5267b3a8b33cfd64f6efb613986d6d13b31
Author: bcoles <bcoles@gmail.com>
Date:   Mon Jan 21 02:12:42 2013 +1030

    update php_charts_exec metadata

commit cf37c594e55b0130640f5aaea240b3aa936b7c8d
Author: bcoles <bcoles@gmail.com>
Date:   Mon Jan 21 02:10:48 2013 +1030

    move and update php_charts_exec metadata

commit 1e86429fa16a2f5d5003fbe6e69a74cac5efd767
Author: bcoles <bcoles@gmail.com>
Date:   Sun Jan 20 23:51:17 2013 +1030

    Add PHP-Charts v1.0 PHP Code Execution Exploit

commit fe60ee6dffc60a53b28bcfd08b5aada8bc8d4000
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Sun Jan 20 13:42:02 2013 +0100

    linux stager plus little cleanup

commit 5900248f585e7a5e10d93a0672aa8d330d5581ee
Author: Spencer McIntyre <zeroSteiner@gmail.com>
Date:   Sat Jan 19 19:10:56 2013 -0500

    use target_uri and normalize_uri as well as fix a cookie problem

commit a7ce0a500fe1ae4c71652191ee97ba1757cf65e0
Author: Spencer McIntyre <zeroSteiner@gmail.com>
Date:   Fri Jan 18 14:56:52 2013 -0500

    add module to execute commands via Jenkins Script Console

commit 33b8aa49f4dbbfbcc275b5cc0dfc43db9fec08f8
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Fri Jan 18 18:42:27 2013 +0100

    title updated

commit 63fe457fadf66ac27eac6210a26880c1f816d0ce
Author: Charles Smith <charles.smith@n2netsec.com>
Date:   Thu Jan 17 16:52:02 2013 -0500

    Fixed loot formatting so data is under the proper column

    The credentials table was defined with the columns "User", "Password", "Host", "Port", and "SSL".  Credentials were not added in that order, however. They were added in the order "host, port, user, password, ssl" in this line:

    credentials << [cred['host'], cred['port'], cred['user'], cred['password'], cred['ssl']]

    I changed the order the columns were defined to fix this.

    The permissions table had a similar issue. The "FileWrite" column was missing, so I added it. I also moved the "Home" column to after the "AutoCreate" column. Now the line:

    permissions << [perm['host'], perm['user'], perm['dir'], perm['fileread'], perm['filewrite'], perm['filedelete'], perm['fileappend'],perm['dircreate'], perm['dirdelete'], perm['dirlist'], perm['dirsubdirs'], perm['autocreate']]

    works correctly.

commit b948559b5ae0090c9ecb704bfba2da219577d4f4
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Thu Jan 17 21:45:13 2013 +0100

    cleanup

commit 199ab00a9c46295776b3f9c47d941721d5777a65
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Thu Jan 17 21:39:41 2013 +0100

    cleanup

commit 8d5504475dbce315581e87f395c9453bbe624d2e
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Thu Jan 17 21:27:47 2013 +0100

    Added new module for cve-2012-5076

commit 31ae18f392dea9fcfc4e1e6e1ec627aed2513d09
Author: jvazquez-r7 <juan.vazquez@metasploit.com>
Date:   Thu Jan 17 21:14:49 2013 +0100

    Added module for CVE-2012-5088

commit 6ac99f3db8f464767d15aaf60a2a5796b4ae8b30
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 19 09:08:31 2013 -0600

    Add a quick comment doc

commit 0c18f1c7cb53a77b4338e6014b76ea74749b41f9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 19 09:06:34 2013 -0600

    Adds a per-module commit counter.

commit 44fa22832bb2e229f5a96a62658d7c4b0b88b966
Merge: fa288ff 9f42abd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 19 08:30:37 2013 -0600

    Merge remote-tracking branch 'origin/master' into committer-scorecard

commit fa288ff007c1ead48ca011cda2488164d5103715
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jan 18 14:05:47 2013 -0600

    Make module_count execable

commit 6c1625ed709f505ec9e8be89820f9d6827a52567
Author: Tod Beardsley <todb@metasploit.com>
Date:   Tue Jan 8 09:56:48 2013 -0600

    Wrote a quick module counter, by type

commit af07ddc8184b85ecd43fb9e2cb2c607d54fb0c1b
Merge: 2ee5df8 2c3ccb5
Author: Tod Beardsley <todb@metasploit.com>
Date:   Tue Jan 8 09:35:28 2013 -0600

    Merge remote-tracking branch 'origin/master' into committer-scorecard

commit 2ee5df810313290a753344b83a9b9e591c30ef05
Merge: 501c678 b50e040
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jan 4 10:24:27 2013 -0600

    Merge remote-tracking branch 'origin/master' into committer-scorecard

commit 501c678b2ca6f67639d7d7425469d380ba6534cf
Merge: 8001401 c2586d0
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Dec 27 15:42:25 2012 -0600

    Merge branch 'master' into committer-scorecard

commit 800140176686c8aa4e41629b259a1bcb8b7c9e0c
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Dec 27 11:13:04 2012 -0600

    Adding shuckins and cjr to the mailmap

commit ab2db49c17b78616dc9199d62928e65d624e9e12
Merge: 8b6ecb3 daf5465
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Dec 27 10:29:19 2012 -0600

    Merge remote branch 'origin/master' into committer-scorecard

commit 8b6ecb34bd2a1719bc51ab136cb9de1a8cd5c782
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Dec 17 21:58:37 2012 -0600

    Comment docs on .mailmap

commit 8e245a086c2e91a80be31accdb6349837cba3dff
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Dec 17 21:56:06 2012 -0600

    Another alias for h0ng10

commit aff6169602791a048cff2e41bac5cbb565abd341
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Dec 17 17:02:35 2012 -0600

    A more useful committer score card

    Now with aliases for anyone who hit the top 20 list of the last year,
    six months, and twelve weeks.

    Still needs some optparsey niceities, but it's good enough for an
    intial push to GitHub.

commit bd4e00ee019cedfed2eb8af6b52786f5184193ca
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Dec 17 15:22:33 2012 -0600

    Initial commit of a git commit scorecard
2013-01-24 14:56:28 -06:00
sinn3r bf013ba65f Add more words to ignore 2013-01-10 01:54:19 -06:00
sinn3r acdce4c876 Correct unicode probs 2013-01-04 14:09:37 -06:00
sinn3r 28f09618c8 Merge branch 'lm2ntcrack_fix' of git://github.com/mubix/metasploit-framework into mubix-lm2ntcrack_fix 2012-12-21 18:20:14 -06:00
sinn3r 3dc051c296 Remove return 2012-12-14 11:07:41 -06:00
sinn3r 4011c8dba7 Ignore refs commented out 2012-12-14 10:17:10 -06:00
sinn3r 3297db7bf7 Add function check_ref_identifiers 2012-12-13 17:13:53 -06:00
sinn3r ab26995910 Add more words to ignore 2012-12-13 13:21:34 -06:00
sinn3r 9a2cb7eddf Improve title casing check
Sometimes the first letter of a word shouldn't be capitalized.
If you do, it may actually be technically incorrect.  For example:
a function name, a filename, or even a software name like freeFTPd.
We should ignore scenarios like those.
2012-12-13 13:07:23 -06:00
sinn3r d90d41d706 Allow version or build numbers 2012-12-13 12:47:36 -06:00
sinn3r 438c18472e damn it, typo 2012-12-13 12:44:15 -06:00
sinn3r d8b78868c9 Change case checking code 2012-12-13 12:43:12 -06:00
sinn3r cdb47bfcfc Forgot to uncomment back 2012-12-13 12:31:03 -06:00
sinn3r 6f747f16a0 Add another word to ignore 2012-12-13 12:26:32 -06:00
sinn3r 0c84cd0d01 Ignore function names 2012-12-13 12:22:52 -06:00
sinn3r a049327f21 Ignore certain words 2012-12-13 12:21:22 -06:00
sinn3r 051fe4ddd4 Make exceptions for check_title_format
It's not always possible or technically correct to uppercase every
word.  For example, sometimes a module may contain a filename or
function name.  We should allow these conditions to pass.
2012-12-13 12:11:27 -06:00
sinn3r 014269cd25 Small changes 2012-12-12 15:47:04 -06:00
sinn3r ee1aaac61f Look for SVN keywords that no longer use. 2012-12-12 14:27:08 -06:00
sinn3r 86f41c4e6a Forgot to remove some code 2012-12-12 11:57:28 -06:00
sinn3r 37efe53ac8 I hope this works better 2012-12-12 11:41:36 -06:00
sinn3r a8084d6412 Add badchars check for module title and author names 2012-12-11 16:17:29 -06:00
Rob Fuller 6c55e6018d add fix provided by Kurt G in #7351 2012-12-04 16:38:22 -05:00
HD Moore bcd64b5870 Some examples of use 2012-11-20 10:30:27 -08:00
HD Moore b55b764e40 Comment the support formats 2012-11-20 10:26:28 -08:00
HD Moore 6b8b487506 Handle the raw byte case as well 2012-11-20 08:54:52 -08:00
HD Moore 7d2d64198b Treat non-8byte values as hex 2012-11-19 23:55:12 -06:00
HD Moore 5274a1331a Handle non-hex input properly 2012-11-19 22:13:21 -06:00
HD Moore c682bb6bb1 Try harder for non-exact matches 2012-11-19 19:42:54 -06:00
Tod Beardsley bd0352de19 Delete comment 2012-10-29 08:33:01 -05:00
Tod Beardsley ac90d21725 Msftidy checks for file loads 2012-10-29 08:27:22 -05:00
sinn3r a11d16ea30 More strict on check_disclosure_date 2012-10-14 19:06:36 -05:00
sinn3r 2b9c04318f No more check_executable, check extname instead.
When File.executable?() is used, it checks if the file is an
executable AND that exe permission is set. Well, we don't really
have to set the permission we can still load/use the module. So
really, all we care is the module must be a ".rb" to make sure
it loads at startup.  So that's what we need to check.
2012-10-12 14:37:42 -05:00
sinn3r 2bbbbee381 Make the check_executable warning easier to understand. 2012-10-12 09:33:18 -05:00
sinn3r dc71771dda Change some texts
Changes include:
* Make invalid ranking an error, because it may affect module
  search in msfconsole, or the metasploit site.
* Make invalid disclosure format an error, same concern as above.
* Plus other changes
2012-10-12 09:11:34 -05:00
sinn3r a5cdf5df90 Fix check_executable 2012-10-12 03:16:50 -05:00
sinn3r b89c4d1b7c Rank checking should only run against exploit modules 2012-10-12 03:01:48 -05:00
sinn3r 82189d9f8c Make msftidy's code more manageable, and more helpful output 2012-10-12 02:55:16 -05:00
sinn3r 02617a6f3a Merge branch 'feature/redmine-7224-shellcode-cleanup' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/redmine-7224-shellcode-cleanup 2012-10-04 00:43:34 -05:00
TADA Tadashi 794ddda705 fix TypeError
module_reference.rb encounts error "`+': can't convert Fixnum into String (TypeError)"
2012-09-24 11:21:47 +09:00
Tod Beardsley 25475ffc93 Msftidy fixes.
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
2012-09-18 11:25:00 -05:00
James Lee f38ac954b8 Update linux stagers for NX compatibility
- Adds a call to mprotect(2) to the reverse and bind stagers

- Adds accurate source for some other linux shellcode, including some
  comments to make it more maintainable

- Adds tools/module_payload.rb for listing all payloads for each exploit
  in a greppable format. Makes it easy to find out if a payload change
  causes a payload to no longer be compatible with a given exploit.

- Missing from this commit is source for reverse_ipv6_tcp
2012-09-12 18:44:00 -05:00
HD Moore d7d2669f6c Chmod this to be executable 2012-09-06 00:50:17 -05:00
HD Moore b791f662c6 Add a standalone psexec (based on Rex) for ref. 2012-09-06 00:50:03 -05:00
HD Moore 1627720166 Skip module loads/db connect for existing framework sessions 2012-06-29 01:03:13 -05:00
Alexander Klink 8c06e0d46e Squashed commit of the following:
commit 5c82f0acade617d8314858170752c498eac4b4fb
Author: Alexander Klink <git@alech.de>
Date:   Thu Apr 19 20:57:21 2012 +0200

    pdf2xdp.rb script to convert PDF file to XDP format

    XDP is an equivalent format for PDF, but is pretty useful in evading AV
    software.

    See
    https://www.metasploit.com/redmine/issues/3679
    http://shiftordie.de/blog/2011/02/09/evading-avs-using-the-xml-data-package-xdp-format/

[Closes #345]
2012-04-19 18:27:18 -06:00
Tod Beardsley 4bcbdc54c9 Cutting over rails3 to master.
This switches the Metasploit Framework to a Rails 3 backend. If you run
into new problems (especially around Active Record or your postgresql
gem) you should try first updating your Ruby installation to 1.9.3 and
use a more recent 'pg' gem.

If that fails, we'd love to see your bug report (just drop all the
detail you can into an issue on GitHub). In the meantime, you can
checkout the rails2 branch, which was branched from master immediately
before this cutover.

Squashed commit of the following:

commit 5802ec851580341c6717dfea529027c12678d35f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:12 2012 -0500

    Enable MSF_BUNDLE_GEMS mode by default (set to N/F/0 to disable)

commit 8102f98dce9eb0c73c4374e40dce09af7b51d060
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:03 2012 -0500

    Add a method to expand win32 file paths

commit bda6479d154cf75572dd5de8b66bfde661a55de9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:53:44 2012 -0500

    Fix 1.8.x compatibility

commit 101ce4eb17bfdf755ef8c0a5198174668b6cd6fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:40:59 2012 -0500

    Use verbose instead of stringio

commit 5db467ffb593488285576d183b1662093e454b3e
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:30:06 2012 -0500

    Hide the iconv warning, were stuck with it due to EBCDIC support

commit 63b9cb20eb6a61daf4effb4c8d2761c16ff0c4e0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:29:58 2012 -0500

    Dont use GEM_HOME by default

commit ca49271c22c314a4465fff934334df18c704cbc0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:23:34 2012 -0500

    Move Gemfile to root (there be dragons, lets find them) and catch failed bundler loads

commit 34af04076a068e9f60c5526045ddbba5fca359fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:18:29 2012 -0500

    Fallback to bundler when not running inside of a installer env

commit ed1066a4f3f12fae7d4afc03eb1ab70ffe2f9cf3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 16:26:55 2012 -0500

    Remove a mess of gems that were not actually required

commit 21290a73926809e9049a59359449168f740d13d2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:59:10 2012 -0500

    Hack around a gem() call that is well-intentioned but an obstacle in this case

commit 8e414a8bfab9641c81088d22f73033be5b37a700
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 15:06:08 2012 -0500

    Ruby, come on. Ducktype this. Please.

    Use interpolated strings to get the to_s behavior you don't get with
    just plussing.

commit 0fa92c58750f8f84edbecfaab72cd2da5062743f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:05:42 2012 -0500

    Add new eventmachine/thin gems

commit 819d5e7d45e0a16741d3852df3ed110b4d7abc44
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:01:18 2012 -0500

    Purge (reimport in a second)

commit ea6f3f6c434537ca15b6c6674e31081e27ce7f86
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:54:42 2012 -0500

    Cleanup uncessary .so files (ext vs lib)

commit d219330a3cc563e9da9f01fade016c9ed8cda21c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:53:02 2012 -0500

    PG gems built against the older installation environment

commit d6e590cfa331ae7b25313ff1471c6148a6b36f3b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:06:35 2012 -0500

    Rename to include the version

commit a893de222b97ce1222a55324f1811b0262aae2d0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:56:47 2012 -0500

    Detect older installation environments and load the arch-lib directories into the search path

commit 6444bba0a421921e2ebe2df2323277a586f9736f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:49:25 2012 -0500

    Merge in windows gems

commit 95efbcfde220917bc7ee08e6083d7b383240d185
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 13:49:33 2012 -0500

    Report_vuln shouldn't use :include in finder

    find_or_create_by doesn't take :include as a param.

commit c5f99eb87f0874ef7d32fa42828841c9a714b787
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:44:09 2012 -0500

    One more msised Mdm namespace issue

commit 2184e2bbc3dd9b0993e8f21d2811a65a0c694d68
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:33:41 2012 -0500

    Fixes some mroe Mdm namespace confusion
    Fixes #6626

commit 10cee17f391f398bb2be3409137ff7348c7a66ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:40:44 2012 -0500

    Add robots gem (required by webscan)

commit 327e674c83850101364c9cca8f8d16da1de3dfb5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:39:05 2012 -0500

    Fix missing error checks

commit a5a24641866e47e611d7636a3f19ba3b3ed10ac5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 01:15:37 2012 -0500

    Reorder requires and add a method for injecting a new migration path

commit 250a5fa5ae8cb05807af022aa4168907772c15f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:56:09 2012 -0500

    Remove missing constant (use string) and add gemcache cleaner

commit 37ad6063fce0a41dddedb857fa49aa2c4834a508
Merge: d47ee82 4be0361
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 00:40:16 2012 -0500

    Merge branch 'master-clone' into rails3-clone

commit d47ee82ad7e66de53dd3d3a65649cc37299a2479
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:30:03 2012 -0500

    cleanup leftovers from gems

commit 6d883b5aa8a3a7ddbcde5bfd4521d57c5b30d3c2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:25:47 2012 -0500

    MDM update with purged DBSave module

commit 71e4f2d81f6da221b76150562a16c730888f5925
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:37 2012 -0500

    Add new mdm

commit 651cd5adac8211d65e0c8079371d8264e549533a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:13 2012 -0500

    Update mdm

commit 0191a8bd0acec30ddb2a9e9c291111a12378537f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 22:30:40 2012 -0500

    This fixes numerous cases of missed Mdm:: prefixes on db objects

commit a2a9bb3f2148622c135663dead80b3367b6f7695
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:30:18 2012 -0500

    Add eventmachine

commit 301ddeb12b906ed3c508613ca894347bedc3b499
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:18:12 2012 -0500

    A nicer error for folks who need to upgrade pg

commit fa6bde1e67b12e2d3d9978f59bbc98e0c1a1a707
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:54:55 2012 -0500

    Remove bundler requirements

commit 2e3ab9ed211303f1116e602b9a450141b71e56a4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:35:38 2012 -0500

    Pull in eventmachine with actual .so's this time

commit 901fb33ff6b754ce2c2cfd51e3b0b669f6ec600b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:19:12 2012 -0500

    Update deps, still need to add eventmachine

commit 6b0e17068e8caa0601f3ef81e8dbdb672758fcbe
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 13:07:06 2012 -0500

    Handle older installer environments and only allow binary gems when the
    environment specifically asks for it

commit b98eb7873a6342834840424699caa414a5cb172a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 04:05:13 2012 -0500

    Bump version to -testing

commit 6ac508c4ba3fdc278aaf8cfe2c58d01de3395431
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:25:09 2012 -0500

    Remove msf3 subdir

commit a27dac5067635a95b4cbb773df1985f2a2dc2c5a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:24:39 2012 -0500

    Remove the old busted external

commit 5fb5a0fc642b6c301934c319db854cc3145427a1
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:03:10 2012 -0500

    Add the gemcache loader

commit 09e2d89dfd09b9ac0c123fcc4e19816c86725627
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:02:23 2012 -0500

    Purge gemfile/bundler configure in exchange for new gemcache setup

commit 3cc0264e1cfb027b515d7f24b95a74b023bd905c
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Apr 12 14:11:45 2012 -0500

    Mode change on modicon_ladder.apx

commit c18b3d56efd639e461137acdc76b4b283fe978d4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Thu Apr 12 01:38:56 2012 -0500

    The go faster button

commit ca2a67d51d6d4c7c3ca2e745f8b018279aef668a
Merge: 674ee09 b8129f9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 15:50:33 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Picking up Packetfu upstream changes, all pretty minor

commit 674ee097ab8a6bc9608bf377479ccd0b87e7302b
Merge: e9513e5 a26e844
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 13:57:26 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Conflicts:
    	lib/msf/core/handler/reverse_http.rb
    	lib/msf/core/handler/reverse_https.rb
    	modules/auxiliary/scanner/discovery/udp_probe.rb
    	modules/auxiliary/scanner/discovery/udp_sweep.rb

    Resolved conflicts with the reverse_http handlers and the udp probe /
    scanners byt favoring the more recent changes (which happened to be the
    intent anyway). The reverse_http and reverse_https changes were mine so
    I know what the intent was, and @dmaloney-r7 changed udp_probe and
    udp_sweep to use pcAnywhere_stat instead of merely pcAnywhere, so the
    intent is clear there as well.

commit e9513e54f984fdb100c13b44a1724246779ccb76
Author: David Maloney <dmaloney@melodie.gateway.2wire.net>
Date:   Fri Apr 6 18:21:46 2012 -0500

    Some fixes to how services get reported to prevent issues with the web interface

commit adeb44e9aaf1a329a0e587d2b26e678398730422
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Apr 2 15:39:46 2012 -0500

    Some corrections to pcAnywhere discovery modules to distinguish between the two services

commit b13900176484fea8f5217a2ef925ae2ad9b7af47
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Mar 31 12:03:21 2012 -0500

    Enable additional migration-path parameters, use a temporary directory to bring the database online

commit 526b4c56883f461417f71269404faef38639917c
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Mar 28 23:24:56 2012 -0500

    A bunch of Mdsm fixes for .kind_of? calls, to make sure we ponit to the right place

commit 2cf3143370af808637d164ce59400605300f922c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 16:22:09 2012 -0500

    Check for ruby 2.0 as well as 1.9 for encoding override

commit 4d0f51b76d89f00f7acbce6b1f00dc6e4c4545ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:36:04 2012 -0500

    Remove debug statement

commit f5d2335e7745aa1a354f4d6c8fc9d0b3876c472a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:01:55 2012 -0500

    Be explicit about the Mdm namespace

commit bc8be225606d6ea38dd2a85ab4310c1c181a94ee
Author: hdm <hdm@hypo.(none)>
Date:   Mon Mar 26 11:49:51 2012 -0500

    Precalculate some uri strings in case the 1000-round generation fails

commit 4254f419723349ffb93e4aebdaeabbd7d66bf8c0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Sat Mar 24 14:03:44 2012 -0500

    Removed some non-namespaced calls to Host

commit c8190e1bb8ad365fb0d7a1c4a9173e6c739be85c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:37:00 2012 -0500

    Purge the rvmrc, this is causing major headaches

commit 76df18588917b7150a3bedf2569710a80bab51f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:31:52 2012 -0500

    Switch .rvmrc to the shipping 1.9.3 version

commit 7124971d0032b268f4ddf89aca125f15e284f345
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Mar 12 16:56:40 2012 -0500

    Adds mixin for looking up Mime Types by extension

commit b7ca8353164c43db6bacb2f3f16afa1269f66e43
Merge: a0b0c75 6b9a219
Author: Matt Buck <techpeace@gmail.com>
Date:   Tue Mar 6 19:38:53 2012 -0600

    Merge from develop.

commit a0b0c7528d2b8fabb76b2246a15004bc89239cf0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Mar 6 11:08:59 2012 -0600

    Somehow migration file is new?

commit 84d2b3cb1ad6290413c3ea3222ddf9932270b105
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Feb 29 16:38:55 2012 -0600

    Added ability to specify headers to redirects in http server

commit e50d27cda83872c616722adb03dc1a6a5e685405
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Feb 4 04:44:50 2012 -0600

    Tweak the event dispatcher to enable customer events without a category
    and trigger http request events from the main exploit mixin.
    Experimental

commit 0e4fd2040df49df2e6cb0e8d2c6240a03d108033
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Thu Feb 2 22:09:05 2012 -0600

    Change Msm -> Mdm in migrations. This is what was preventing migrations from finishing on first boot.

commit c94a2961d04eee84adfd42bb01ed7a3e3846b83a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:48:48 2012 -0600

    Changed Gemfile to use new gem name

commit 245c2063f06b4fddbfc607d243796669ef236136
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:47:42 2012 -0600

    Did find/replace for final namespace of Mdm

commit 6ed9bf8430b555dcbe62daeddb2f33bd400ab5bc
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 24 10:47:44 2012 -0600

    Fix a bunch of namespace issues

commit 2fe08d9e4226c27e78d07a00178c58f528cbc72e
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:37 2012 -0600

    Update Msm contstants in migrations for initial DB builds.

commit 4cc6b8fb0440c6258bf70de77a9153468fea4ea5
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:25 2012 -0600

    Update Gemfile.lock.

commit 1cc655b678f0a054a9a783da119237fe3f67faa4
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Thu Jan 19 11:48:29 2012 -0600

    Errant Workspaces needed namespace

commit 607a78285582c530a68985add33ccf4d899c467a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 15:44:02 2012 -0600

    Refactored all models to use the new namespace

    * Every model using DBManager::* namespace is now Msm namespace
    * Almost all of this in msf/base/core
    * Some in modules

commit a690cd959b3560fa2284975ca7ecca10c228fb05
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 13:41:44 2012 -0600

    Move bundler setup

commit dae115cc8f7619ca7a827123079cb67fb4d9354b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 15:51:07 2012 -0600

    Moved ActiveSupport dep to gem

commit d32f8edb6e7f82079b775ffbc2b9a405d1f32b3b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 14:40:05 2012 -0600

    Removed model require file

commit d0c74cff8c44771e566ec63b03eda10d03b25c42
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 16:06:10 2012 -0600

    Update some more finds

commit 4eb79ea6b58b74c309ab1f1bb0bd35fe9041de46
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 14:21:15 2012 -0600

    Yet another dumb commit

commit a75febcb593d52fdfe930306b4275829759d81d1
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Thu Dec 29 19:20:51 2011 -0600

    Fixing deletion

commit dc139ff2fdfc4e7cdee3901dfb863e70913d6b92
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Wed Dec 7 17:06:45 2011 -0600

    Fixed erroneous commit

commit 531c1e611cf4d23aeb9c48350dabf7630d662d25
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Mon Nov 21 16:11:35 2011 -0600

    Remove AR patch stuff; attempting to debug non-connection between MSF and Pro

commit 458611224189c7aa27e500aabd373d85dc2dc5c0
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Fri Nov 18 16:17:27 2011 -0600

    Drop ActiveRecord/ActiveSupport in preparation for upgrade
2012-04-15 23:35:38 -05:00
Brandon Perry 4a3d2a18de hard tabs 2012-04-02 21:42:51 -05:00
Brandon Perry a4d9e59934 silly registry typos 2012-04-02 21:33:01 -05:00
Tod Beardsley 90f3e755f5 Commenting out poor naming style checks
Too noisy when run against all the exploits -- it's a good idea but it's
too falsey at the moment to be useful.
2012-03-15 17:00:44 -05:00
Tod Beardsley 9144c33345 MSFTidy check for capitalization in modules
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
sinn3r 28dbaee5ab Do a strip() before regex check 2012-02-21 11:46:52 -06:00
sinn3r 1d71aec916 Fix DisclosureDate regex, and avoid checking Rank naming style 2012-02-21 01:04:05 -06:00
sinn3r ce356402d0 Avoid checking var naming style if it's a JavaScript variable 2012-02-18 17:58:36 -06:00
sinn3r ea5594316f Add feature to check function/variable naming style 2012-02-18 17:29:14 -06:00
sinn3r 4e32bfce22 Add a check for poorly designed arg list 2012-02-13 21:03:13 -06:00
sinn3r 2d35cf4b66 "stack overflow" in exploits most likely means "stack bof". In aux modules, it's "stack exhaustion" 2012-02-05 17:48:05 -06:00
sinn3r caee1bba28 Only flag bad term 'stack overflow' if it's an exploit module. 2012-02-05 16:07:55 -06:00
sinn3r 4027f6180c Better disclosure format check 2012-02-05 15:39:36 -06:00
HD Moore f630d67480 Update include paths to use absolute, support fastlib, etc 2012-02-04 00:38:21 -06:00
matugm f89853d3bc Squashed commit of the following:
commit 69bb41a8176fb814485225e0c3b0e1c44342e652
Author: matugm <matugm@gmail.com>
Date:   Tue Jan 31 11:30:52 2012 +0100

    indentation

commit 175d230a06dc58e2123f092d39f33063efdce83d
Author: matugm <matugm@gmail.com>
Date:   Tue Jan 31 11:13:02 2012 +0100

    Changed way of finding hive names so that it works with xp hives
2012-02-03 17:01:35 -06:00
Jonathan Cran a6d59bd823 special case handler 2012-01-31 20:49:08 -06:00
sinn3r 9e705d7393 Indent level again round 2 2012-01-30 10:55:12 -06:00
sinn3r 9c4dc5ceee Tabs suck at aligning chars. 2012-01-30 10:48:04 -06:00
sinn3r fa6c3f3194 Merge branch 'patch-1' of https://github.com/matugm/metasploit-framework 2012-01-30 10:44:03 -06:00
matugm ba572a2ba2 fixed indentation 2012-01-30 11:15:08 +01:00
Jonathan Cran 4d61a12076 add a note so we can alert 2012-01-30 01:52:49 -06:00
matugm ffcf728a37 Change large elsifs for case and add default case for invalid commands. 2012-01-29 10:45:55 +01:00
Brandon Perry d34a9f38a5 Adding bperry's various and sundry regex fixes
[Closes #109]

Squashed commit of the following:

commit 692568d02fbfd547ef2d05ad9887427fc53f8abb
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Mon Jan 16 12:34:35 2012 -0600

    small get_everything fix

commit 5b29a310601b6658ffb74a4922b52bc5b3f864fb
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Mon Jan 16 12:31:31 2012 -0600

    regex fixes

commit a565ade7f4fe42fb5d070d04ac1ba4e65c98d8b8
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Sun Jan 15 16:39:29 2012 -0600

    registry.rb in lib/rex

commit 3609313ea357884480750948a9b0cc6514dcfcc2
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Sun Jan 15 16:32:06 2012 -0600

    boot key fixed

commit e591ed1815b01b3e535b517c73470ad9984fe8c7
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Sun Jan 15 15:53:21 2012 -0600

    fixes

commit 3598f3482eea2845baead71310d6192e105b6074
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Sat Jan 14 13:47:29 2012 -0600

    stuff

commit 8a8d0dfda603d3697b54bd852f131795259f9c28
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Fri Jan 13 22:57:30 2012 -0600

    reg fixes

commit fcfb51bb64b2d8ee6a28722bbf1998be47145b90
Merge: 2c7cfde 24aaf85
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Fri Jan 13 21:54:45 2012 -0600

    Merge remote-tracking branch 'upstream/master'

commit 2c7cfdef41d9cdcce563c4d623c1c3585170d1fe
Author: Brandon Perry <bperry.volatile@gmail.com>
Date:   Tue Jan 10 19:16:37 2012 -0600

    typo
2012-01-16 17:54:33 -06:00
Brandon Perry 0236a6994f registry stuff 2012-01-10 18:45:24 -06:00
Tod Beardsley 7e25f9a6cc Death to unicode
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
Tod Beardsley 7de12fbf02 Adds a (slow) check for checking old rubies
This is mainly to avoid checking in modules that break Ruby 1.8.
Currently not terribly configurable, and since it's slow to
test ruby syntaces against different ruby versions, it's off
by default. Enable by setting an environment variable of
MSF_CHECK_OLD_RUBIES to any value.
2011-12-12 15:12:01 -06:00
HD Moore 318093d406 Make the fastlib code +x 2011-12-03 14:10:14 -06:00
HD Moore 27974c4c27 Merge branch 'master' of github.com:rapid7/metasploit-framework into fastlib
Conflicts:
	modules/auxiliary/scanner/http/axis_login.rb
	modules/exploits/multi/http/axis2_deployer.rb
	modules/post/multi/gather/thunderbird_creds.rb
	modules/post/windows/gather/credentials/imvu.rb
	msfopcode
2011-12-03 14:07:09 -06:00
Tod Beardsley f503bd9488 Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append. 2011-11-28 17:52:34 -06:00
HD Moore 0ffe916e41 Add a shell script to archive up the fastlib 2011-11-23 23:05:52 -06:00
Tod Beardsley 1a57794245 Updating msftidy to not care about SVN specific properties. 2011-11-23 23:05:51 -06:00
Tod Beardsley e598a40aca Updating msftidy to not care about SVN specific properties. 2011-11-22 18:33:44 -06:00
James Lee 9cbd759eab better regex for spaces at EOL 2011-11-20 11:34:31 +11:00
HD Moore 30a86c9378 Merge patch to fix #5271 2011-11-10 20:01:50 -06:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Joshua Drake 5caaedca7a enhance msftidy a bit
git-svn-id: file:///home/svn/framework3/trunk@14033 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:07 +00:00
Tod Beardsley 75bcb7cc5c Altering the alert for long line length to only alert on truly stupendously long lines. Otherwise, simply long names and normal registry keys will trip it, which is annoying.
git-svn-id: file:///home/svn/framework3/trunk@13953 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 15:53:19 +00:00
James Lee 785d3da63b get rid of some false positives for writing stdio
git-svn-id: file:///home/svn/framework3/trunk@13749 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 01:57:51 +00:00
amaloteaux b6e39fdb31 add a small tool that will display network interfaces informations , this is usefull only on windows to set up the INTERFACE option
git-svn-id: file:///home/svn/framework3/trunk@13627 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 20:53:15 +00:00
James Lee 613f7be6a7 keywords
git-svn-id: file:///home/svn/framework3/trunk@13464 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 06:12:55 +00:00
HD Moore ca93b23c29 ChangeLog generator with Redmine formatting
git-svn-id: file:///home/svn/framework3/trunk@13463 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 03:34:45 +00:00
Tod Beardsley 9dd3c5fbf5 Fixes #5081, removes racket and bitstruct
git-svn-id: file:///home/svn/framework3/trunk@13374 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 18:04:32 +00:00
Joshua Drake 3ca98e6f44 fix badchars tool
git-svn-id: file:///home/svn/framework3/trunk@13100 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-05 16:22:39 +00:00
James Lee 6aac03c6ce cleanup some copypasta in tools/module_*
git-svn-id: file:///home/svn/framework3/trunk@12882 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-07 01:25:12 +00:00
James Lee 8f6bc28fdb add some options to module_disclodate.rb from David Maloney (see #4341) with a few improvements
git-svn-id: file:///home/svn/framework3/trunk@12881 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-07 00:25:38 +00:00
James Lee b4c4cc19c2 add some options to most module_* tools, fixes #4341, thanks David Maloney!
git-svn-id: file:///home/svn/framework3/trunk@12880 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-07 00:20:21 +00:00
James Lee 96b568d65b add a tool for list all modules by rank, fixes #4333, fixes #4334, thanks David Maloney!
git-svn-id: file:///home/svn/framework3/trunk@12876 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 22:47:55 +00:00
James Lee 93b7d2571b take a regular expression argument to match against module names. allows for cool things like 'module_disclodate.rb browser.*ms' for filtering
git-svn-id: file:///home/svn/framework3/trunk@12654 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 22:22:00 +00:00
Joshua Drake 946bb351e0 remove crufty comment
git-svn-id: file:///home/svn/framework3/trunk@12490 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-01 22:07:14 +00:00
Joshua Drake b10963bd69 allow downcased arch names
git-svn-id: file:///home/svn/framework3/trunk@12254 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-06 19:06:28 +00:00
amaloteaux 3c7bf5bf45 tool/metasm-shell : add option to select different architectures
git-svn-id: file:///home/svn/framework3/trunk@12253 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-06 18:57:40 +00:00
amaloteaux 5f6995e8d3 enable ntlmv2 and signing for smb client stack (pth implementation is coming), fixes #11678 and #152
git-svn-id: file:///home/svn/framework3/trunk@11893 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 19:57:53 +00:00
Joshua Drake 7dea60c6a4 Now showing which lines are too long!
git-svn-id: file:///home/svn/framework3/trunk@11874 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-04 04:21:16 +00:00