Commit Graph

569 Commits (2abfa1f241e3cdeb5ebc28bb324e0c346416ed12)

Author SHA1 Message Date
Brent Cook be23da1c1f Merge branch 'upstream-master' into land-6120-python-stageless 2015-10-30 17:26:26 -05:00
Samuel Huckins f064fec0f1
Bumped version to 4.11.5
MSP-13377
2015-10-30 09:37:00 -05:00
Spencer McIntyre 810665847b Add stageless python meterpreter to the payloads spec 2015-10-22 08:40:50 -04:00
William Vu bd96e0ded2 Improve get_hash for Framework version 2015-10-15 16:22:45 -05:00
jvazquez-r7 3dd7fdfd95
Land #6055, @wvu-r7's -q option for msfd
* Fixes #5770
2015-10-08 14:10:27 -05:00
William Vu 77fae28cd4 Add -q option to msfd to disable banner 2015-10-07 01:57:58 -05:00
jvazquez-r7 50249bd640
Update Metasploit::Framework::Tcp::Client to have SSLVerifyMode and SSLCipher into account 2015-09-28 13:57:08 -05:00
jvazquez-r7 1e4e5c5bae
Update ACPP login scanner to have into account advanced options 2015-09-28 13:50:20 -05:00
jvazquez-r7 3529cdad7b
Add attributes 2015-09-28 13:30:10 -05:00
Jon Hart 0bb9324c8d
Pass HTTP::version_random_valid and HTTP::version_random_invalid
Fixes #5871
2015-08-20 10:05:42 -07:00
Brent Cook 0b6a52e162
bump metasploit-framework gemspec version to match pro 2015-08-04 14:25:44 -05:00
Brent Cook e53419a911 use password_prompt? not @password_prompt 2015-07-27 19:21:59 -05:00
Brent Cook 8349a274ea use and include git hash of Framework as part of the version
Because we do not always update the version number, multiple releases have
shown version string, which is not useful for helping debug issues, or for
knowing what features are enabled.

This adds the git hash or reads from a file a copy of the git hash (useful for
doing packaged builds without git) so that it is clear the origin of a
particular metasploit-framework version.
2015-07-10 18:03:37 -05:00
Samuel Huckins 174c90ccde
Updating version to match current
* This will be changed to the most recent git hash for next round,
at least making accurate for now.
2015-07-06 10:28:34 -05:00
wchen-r7 b4656f43a4 Fix #5616, Save username before stop_on_success breaks the task
Fix #5616
2015-06-26 18:04:18 -05:00
wchen-r7 da779b1101 Fix login for 9.1 2015-06-26 13:52:44 -05:00
wchen-r7 8e4fa80728 This looks good so far 2015-06-24 19:30:02 -05:00
wchen-r7 d59c418df6 Fix #5591
Fix #5591
2015-06-23 19:10:14 -05:00
wchen-r7 1af12fd11f Glassfish version 9 2015-06-23 19:09:14 -05:00
Brent Cook e696d2f3dc Merge branch 'master' into land-5348-ntds 2015-06-22 17:18:13 -05:00
Brent Cook 732192aeaf move ntds from priv to extapi 2015-06-22 09:04:08 -05:00
wchen-r7 0b0cc3631b
Land #5569, Correct service name for mssql for scanner detection 2015-06-19 15:33:05 -05:00
wchen-r7 bd097e3264
Land #5497, Refactor LoginScanner::SNMP to be fast and less buggy 2015-06-19 14:57:36 -05:00
Greg Mikeska d672ac1601
Correct service name for mssql for scanner detection 2015-06-19 13:54:31 -05:00
Brent Cook 7f27fd0cf2 adjust for user name size changes 2015-06-18 11:17:08 -05:00
HD Moore 7c91aee7a8 Dont use a "connected" to keep compat with BSD 2015-06-09 20:33:46 -05:00
David Maloney 2a474c8375
Merge branch 'master' into feature/MSP-12358/ntds-dump-module 2015-06-08 11:42:03 -05:00
HD Moore fe09d9888e Small rework of the spinners, clear the line when done 2015-06-06 14:30:42 -05:00
HD Moore cec20ec5d9 Handle a rare corner case 2015-06-06 11:46:19 -05:00
HD Moore 6b05302059 Fixes #5459, refactors LoginScanner::SNMP 2015-06-06 00:50:55 -05:00
David Maloney 5d68a8167b
handle unicode changes
changed everything to utf-8 , so several sizes
on the ruby side needed to be changed to account for this

MSP-12358
2015-06-02 12:46:21 -05:00
Samuel Huckins 4890882beb Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2015-05-21 15:03:17 -05:00
Samuel Huckins e2c6742c1b Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2015-05-18 13:44:01 -05:00
David Maloney 7376d4d94e
account for public only credentials in #to_s
SNMP in particular will only have a public, so we need
to account for this so we don't output poorly formed text
with a trailing ':' char

5266
2015-05-18 13:42:15 -05:00
jvazquez-r7 d05cae5faf
Land #5329, @wchen-r7's add configurable options to jenkins_login 2015-05-15 11:38:21 -05:00
David Maloney ac04b8d1e7
a little bit of cleanup
constantise some of the magic numbers in
the NTDS Account class

MSP-12358
2015-05-15 10:47:31 -05:00
David Maloney 724b7c6f16
save the ntlm hases as creds
the last step is now complete. the current and historical
hashes are all saved to the database for cracking and/or
replay

MSP-12358
2015-05-14 13:52:11 -05:00
David Maloney 6e813f6abd
Merge branch 'master' into feature/MSP-12357/meterp-ntds 2015-05-14 10:30:48 -05:00
Samuel Huckins 9fafb645dd
Updating Rails version comment 2015-05-13 09:37:32 -05:00
Brent Cook 9549d572cc
Land #5280, update to Ruby on Rails 4.0
This upgrades a number of other gems as a side-effect.
2015-05-12 16:48:49 -05:00
David Maloney f3effe5fbb
some minor cleanup
cleanup based on feedback from Kronicdeth

MSP-12357
2015-05-11 11:17:58 -05:00
wchen-r7 1cc44cfc31 An alternative for normalize_uri
normalize_uri doesn't seem to work very well in our case, so
we do our own thing here.
2015-05-11 10:42:26 -05:00
wchen-r7 10982f0a1a Login url should normalize too 2015-05-11 10:18:09 -05:00
wchen-r7 d8cc2c19d3 Fix #5315, User configurable options for jenkins_login
Fix #5315. This patch allows the user to configure the HTTP method
for the login, as well as the URL.
2015-05-11 10:15:49 -05:00
William Vu 508574970c
Land #5307, Brocade login scanner resurrection 2015-05-07 22:43:39 -05:00
William Vu 8d3737d13c Fix some stylistic issues 2015-05-07 22:43:23 -05:00
William Vu 669df591f2 Pull default connection_timeout into constant 2015-05-06 13:18:00 -05:00
William Vu d4aed08260 Fix typo 2015-05-06 13:17:58 -05:00
William Vu 0939bbc710 Set default retries/version for SNMP LoginScanner
Set in snmp_login but missed in the LoginScanner.

MSP-12668
2015-05-06 13:17:40 -05:00
Brent Cook 93c785560b remove brocade_telnet scanner, extend telnet
Rather than duplicate the entire telnet scanner, add a pre-login hook that a
module can use to extend the behavior on connect. This also adds a local
pass-through print_error method like http has.
2015-05-05 21:19:46 -05:00