3eabf41a67
Adds a Nokogiri parser for Nexpose vuln imports.
...
git-svn-id: file:///home/svn/framework3/trunk@12737 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 20:29:47 +00:00
812bae9df9
add support for signing applets (or any other jar) with openssl. this removes the need for a dependency on RJB
...
git-svn-id: file:///home/svn/framework3/trunk@12718 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 16:45:20 +00:00
c5c679cdb7
Remove all calls to framework.db.sync and make this method a no-op now that the task manager is no longer used.
...
git-svn-id: file:///home/svn/framework3/trunk@12708 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 00:30:03 +00:00
81e1b41840
Fixes #4578 . If the user has Nokogiri of a reasonable version installed, use that to parse Nmap-created XML documents. Otherwise, fall back to the existing REXML parser.
...
git-svn-id: file:///home/svn/framework3/trunk@12702 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 19:40:50 +00:00
1f72859874
set the session info when there is no database. fixes regression introduced by r12523
...
git-svn-id: file:///home/svn/framework3/trunk@12690 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 16:01:24 +00:00
4b2a37015c
Make the HTTP Server header configurable
...
git-svn-id: file:///home/svn/framework3/trunk@12687 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 23:01:30 +00:00
7d320fc961
Bump the max read size and fix the agent option
...
git-svn-id: file:///home/svn/framework3/trunk@12686 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 22:55:16 +00:00
a8c474d7d6
Add the versioned (1.0) RPC backend
...
git-svn-id: file:///home/svn/framework3/trunk@12679 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 03:50:14 +00:00
0d984cdd81
Added calls to write and append to files in binary format for post modules and scripts.
...
git-svn-id: file:///home/svn/framework3/trunk@12677 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-21 16:24:34 +00:00
56b4a092d6
Added Linux x64 payloads. Modified exe.rb to support elf x64 payloads.
...
git-svn-id: file:///home/svn/framework3/trunk@12676 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 23:51:19 +00:00
d1e2f274f9
add ability to use arbitrary certs with SSL server sockets.
...
git-svn-id: file:///home/svn/framework3/trunk@12675 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 23:12:35 +00:00
9003622af3
fix a typo in the dtd url, thanks tebo for noticing
...
git-svn-id: file:///home/svn/framework3/trunk@12674 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 16:52:51 +00:00
edd3041c9e
Fixes #4561 - ensures that the declared interface is preferred over LHOST, and makes it possible to specify a device to capture_sendto().
...
Also makes should_arp?() logic a little easier to follow using an if instead of an unless.
git-svn-id: file:///home/svn/framework3/trunk@12673 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 15:27:13 +00:00
520aa7d01c
Fixes #4558 . Since the arp spoofer is the only module that actually uses lookupaddrs, don't require every other pcaprub module to check for it.
...
git-svn-id: file:///home/svn/framework3/trunk@12672 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 14:26:24 +00:00
25d7c5a6df
make the constant match what os normalization is doing
...
git-svn-id: file:///home/svn/framework3/trunk@12664 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 16:54:33 +00:00
76ebc59f29
Somehow missed this performance checkin for the 2000 ips check.
...
git-svn-id: file:///home/svn/framework3/trunk@12661 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 12:57:14 +00:00
23ee4b3aa8
Display additional version info in about box.
...
git-svn-id: file:///home/svn/framework3/trunk@12658 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 21:43:52 +00:00
60dcac616e
Renames some nessus-imported vulnerabilities to drop the NSS identifier and just stick with the plugin name (if available). Also drops junk NSS-0 vulnerabilities.
...
git-svn-id: file:///home/svn/framework3/trunk@12653 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 22:18:43 +00:00
3d5cf03af6
move help into its own method for a couple more commands
...
git-svn-id: file:///home/svn/framework3/trunk@12651 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 20:43:04 +00:00
5091a0fbfa
un-revert another piece of r12600's overzealousness. see r12574
...
git-svn-id: file:///home/svn/framework3/trunk@12647 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 17:16:47 +00:00
d43d542316
re-add elf template support which was inadvertantly reverted in r12600, see #4384
...
git-svn-id: file:///home/svn/framework3/trunk@12646 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 17:10:55 +00:00
0441b0c68c
Typo that broke scripts in users home folder
...
git-svn-id: file:///home/svn/framework3/trunk@12645 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 17:03:06 +00:00
9bbee65ebb
Back to regularly scheduled development
...
git-svn-id: file:///home/svn/framework3/trunk@12644 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 14:03:05 +00:00
68ca98b225
Add the missing debug accessor
...
git-svn-id: file:///home/svn/framework3/trunk@12627 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 02:12:59 +00:00
e0ffab0e6c
Move all db.import* calls to the same db.import backend call (as they should have been). Fix method casing to be ruby standard
...
git-svn-id: file:///home/svn/framework3/trunk@12625 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 00:51:26 +00:00
9d765d4d25
Change protected for private, add debug flag to MessagePack (with debug.methods call)
...
git-svn-id: file:///home/svn/framework3/trunk@12624 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-15 23:51:53 +00:00
056cde292f
Deprecate the exploited_host table. Vulns that indicate a successful exploit without opening a session should set the :exploited_at timestamp.
...
git-svn-id: file:///home/svn/framework3/trunk@12623 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-15 22:19:00 +00:00
26fe5f2c9f
Detailed logging when something goes wonky
...
git-svn-id: file:///home/svn/framework3/trunk@12622 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-15 19:25:09 +00:00
a6da350581
Treat timestamps as integers in all RPC calls. This fixes a inconsistency between methods (string vs DateTime object) and standardizing on Unix time stamps results in wider RPC transport support
...
git-svn-id: file:///home/svn/framework3/trunk@12621 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-15 18:24:52 +00:00
80f71b441e
This adds a basic RPC server that operates over HTTP and uses MessagePack. The client/server wrappers are still being finalized. MessagePack libraries are avavailable for all major languages ( http://msgpack.org/ ) and this implementation is ridiculous fast and binary safe, relative to XMLRPC.
...
git-svn-id: file:///home/svn/framework3/trunk@12616 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-14 18:38:44 +00:00
03549f0b15
Nessus imported vulns should reference themselves as a NSS- identifier.
...
git-svn-id: file:///home/svn/framework3/trunk@12610 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-13 17:00:03 +00:00
369a2e898e
mark version for minor release
...
git-svn-id: file:///home/svn/framework3/trunk@12608 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-13 16:14:05 +00:00
c7439f5ba1
Remove the leftover autoloads
...
git-svn-id: file:///home/svn/framework3/trunk@12603 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 20:20:08 +00:00
1904e446b2
Change this back to cooincide with autoload revert
...
git-svn-id: file:///home/svn/framework3/trunk@12602 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 20:11:43 +00:00
ecb726fb2c
Rolling two changes through again (stomped on by the autoload revert)
...
git-svn-id: file:///home/svn/framework3/trunk@12601 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 20:08:33 +00:00
9ce47c01bd
Reverting the autoload changes until we can upgrade to a new ActiveSupport library or find a workaround
...
git-svn-id: file:///home/svn/framework3/trunk@12600 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 20:03:55 +00:00
95d802754b
Rework to avoid a warning
...
git-svn-id: file:///home/svn/framework3/trunk@12598 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 19:26:11 +00:00
fd4e6db85d
Fixes 4373, Migrates lib/msf to use autoload instead of require (first try)
...
git-svn-id: file:///home/svn/framework3/trunk@12596 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 19:07:35 +00:00
664bbf7c3c
Remove the requires now that autoload has been fixed
...
git-svn-id: file:///home/svn/framework3/trunk@12593 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 15:09:27 +00:00
78a2558142
Apply patch from chao-mu, fixes #4414
...
git-svn-id: file:///home/svn/framework3/trunk@12591 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 14:59:44 +00:00
c9566da399
Add missing requires and autoload to make browser exploits work again.
...
git-svn-id: file:///home/svn/framework3/trunk@12590 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 05:23:32 +00:00
06779bc8c0
remove unnecessary requires for stuff in rex. autoload and a high-level require 'rex' in lib/msf/core.rb should take care of everything. see #4371 , #4373 , r12587, and r12554.
...
git-svn-id: file:///home/svn/framework3/trunk@12588 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 00:53:33 +00:00
3e6d526eca
Fixes #4391 . Sorry! Ruby incompatability on method defs where if you set one option, you need to set them all (doesn't affect current 1.9 Rubies).
...
git-svn-id: file:///home/svn/framework3/trunk@12580 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 21:27:17 +00:00
69d09113b5
use Metasm to parse elf templates and set appropriate header flags for marking .text as rwx, fixes #4384
...
git-svn-id: file:///home/svn/framework3/trunk@12579 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 21:06:19 +00:00
50b26cb2d6
Adds another Qualys formatted XML importer for ASSET_DATA_REPORT files.
...
git-svn-id: file:///home/svn/framework3/trunk@12575 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 19:10:02 +00:00
cdeb44747f
huh? missing something important heh
...
git-svn-id: file:///home/svn/framework3/trunk@12574 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 18:33:38 +00:00
cb72073cd8
pcaprub: add a respond_to? in the capture mixin to ensure latest version
...
git-svn-id: file:///home/svn/framework3/trunk@12565 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-08 04:43:24 +00:00
5d8db916d7
pcap_replay: small fix on th delay
...
git-svn-id: file:///home/svn/framework3/trunk@12563 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-08 01:44:09 +00:00
490471e129
Include necessary require.
...
git-svn-id: file:///home/svn/framework3/trunk@12558 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-07 02:16:09 +00:00
cd4c38333d
See #4371 , Fixes logging error with LogLevel set in config
...
git-svn-id: file:///home/svn/framework3/trunk@12556 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 19:10:02 +00:00
47ef020c61
back to development. 3.8 here we come
...
git-svn-id: file:///home/svn/framework3/trunk@12541 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 23:12:43 +00:00
27c1e757e1
add post count to the banner
...
git-svn-id: file:///home/svn/framework3/trunk@12537 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 08:50:38 +00:00
decf71c4af
Exceptions trying to determine DB status should simply return false
...
git-svn-id: file:///home/svn/framework3/trunk@12536 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 02:44:14 +00:00
9c712f1481
cosmetic
...
git-svn-id: file:///home/svn/framework3/trunk@12534 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 18:25:55 +00:00
09f861736a
Lets try this without breaking msfpayload
...
git-svn-id: file:///home/svn/framework3/trunk@12533 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 15:07:27 +00:00
4c84181c44
This adds a migrated flag to the framework.db object, to prevent a race condition between session_manager startup and db availability while the schema loads. This also makes the session_manager code try again (up to a max count) when it encounters an exception
...
git-svn-id: file:///home/svn/framework3/trunk@12529 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 07:09:34 +00:00
93b0c5beb3
Check for the database first
...
git-svn-id: file:///home/svn/framework3/trunk@12523 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 04:49:18 +00:00
73ba020547
release!
...
git-svn-id: file:///home/svn/framework3/trunk@12521 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 04:40:41 +00:00
2192532a0c
don't read from the rsock as that's already taken care of by monitor_rsock in StreamAbstraction. fixes EVERYTHING. also fixes #4321
...
git-svn-id: file:///home/svn/framework3/trunk@12520 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 04:12:41 +00:00
1c86441f12
This removes the abortive_close code for stream sockets, it was leading to inconsistencies in how dead sessions were cleaned up
...
git-svn-id: file:///home/svn/framework3/trunk@12519 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 03:59:02 +00:00
fdc19b5e4a
Add the second required argument to write()
...
git-svn-id: file:///home/svn/framework3/trunk@12518 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 03:09:20 +00:00
23c355ba2c
Just use :mac not :host_mac
...
git-svn-id: file:///home/svn/framework3/trunk@12517 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 03:03:38 +00:00
b93e134195
Use shell_write vs ring.put
...
git-svn-id: file:///home/svn/framework3/trunk@12516 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 23:07:02 +00:00
d98f8dfd89
Make it clear that all Rex::IO::Stream implementations must accept a second parameter called opts for the read, write, and put methods
...
git-svn-id: file:///home/svn/framework3/trunk@12515 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 21:39:09 +00:00
8fd84e3c3d
fix cmd/unix/reverse by adding proper read() and write() methods to TcpReverseDoubleSessionChannel
...
git-svn-id: file:///home/svn/framework3/trunk@12514 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 20:42:53 +00:00
259bf9695a
don't kill a session when the user ctrl-C's during a command run by sessions -c or a script/postmod
...
git-svn-id: file:///home/svn/framework3/trunk@12513 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 20:40:19 +00:00
e81d3440b8
don't try to store session events for sessions without a db_record. fixes #4301
...
git-svn-id: file:///home/svn/framework3/trunk@12505 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 06:45:21 +00:00
732a1f3993
Skip empty vulnerability names
...
git-svn-id: file:///home/svn/framework3/trunk@12503 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 05:20:07 +00:00
e9372d0e51
add another require
...
git-svn-id: file:///home/svn/framework3/trunk@12501 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 03:40:34 +00:00
ed86305675
add a require
...
git-svn-id: file:///home/svn/framework3/trunk@12500 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 03:40:03 +00:00
91658ac45e
remove crufty require
...
git-svn-id: file:///home/svn/framework3/trunk@12497 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 01:35:21 +00:00
178ae10e22
make sure telnet sessions use crlf for write() as well as put()
...
git-svn-id: file:///home/svn/framework3/trunk@12494 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-01 23:56:57 +00:00
2c3e85af05
Major cleanups to the session manager, serialized processing of incoming connections, concurrent processing (up to a max scheduler thread count) of meterpreter initialization/scripts. This is to avoid a potential deadlock in openssl and ensure consistent, reliable session staging. This commit also fixes a bug that would mark database sessions as closed too early.
...
git-svn-id: file:///home/svn/framework3/trunk@12485 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 18:51:50 +00:00
22537ffbde
A few more tweaks to non-blocking ssl mode
...
git-svn-id: file:///home/svn/framework3/trunk@12482 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 10:24:52 +00:00
6bdf2a4e2b
Proactively wrap each() in other Hash based classes to avoid situations that trigger modification during enumeration
...
git-svn-id: file:///home/svn/framework3/trunk@12479 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 04:59:27 +00:00
23d0c7d7d0
This overrides the framework.sessions.each method to use a temporary list instead of the native hash method. This avoids a rare race condition where a thread is enumerating sessions while another thread tries to register one.
...
git-svn-id: file:///home/svn/framework3/trunk@12478 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 04:50:06 +00:00
dfb8a9e24b
Catching more nils in db_import.
...
git-svn-id: file:///home/svn/framework3/trunk@12477 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 04:33:52 +00:00
321e5bd292
Qualify the exception namespace
...
git-svn-id: file:///home/svn/framework3/trunk@12475 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 03:33:45 +00:00
94be33e8ee
A little cleaner method for determining the nature of imported zip files.
...
git-svn-id: file:///home/svn/framework3/trunk@12472 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 01:49:55 +00:00
d942442bcd
Officially remove sqlite3 support (its been deprecated for approximately a year). SQLite3 has not been usable for a long time due to thread concurrency and stability issues. This is the final nail in the coffin now that the DB backend has gone through an overhaul.
...
git-svn-id: file:///home/svn/framework3/trunk@12469 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 17:22:53 +00:00
743a401a47
Add the ability to reset the last read pointer from the ringer buffer
...
git-svn-id: file:///home/svn/framework3/trunk@12467 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 16:02:24 +00:00
882c4b52f8
Monkey patch xmlrpc to handle 64-bit integers (meterpreter file sizes) and deal with nil more gracefully.
...
git-svn-id: file:///home/svn/framework3/trunk@12466 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 06:10:41 +00:00
4053764f21
In the event an import file isn't an msf_zip, pcapfile, and doesn't have a newline, bail.
...
git-svn-id: file:///home/svn/framework3/trunk@12465 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 04:16:42 +00:00
07e02ce44a
When reporting a session from an import, :routes should always end up an an array.
...
git-svn-id: file:///home/svn/framework3/trunk@12464 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 04:10:46 +00:00
1693a21b06
Fixes nessus_v2 imports to indicate a service name correctly.
...
git-svn-id: file:///home/svn/framework3/trunk@12463 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-28 18:52:35 +00:00
0a638aebfc
make modules' class.inspect useful. this has bugged me for *years*
...
git-svn-id: file:///home/svn/framework3/trunk@12462 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-28 16:50:57 +00:00
859fd9216f
report module_run and script_run session events
...
git-svn-id: file:///home/svn/framework3/trunk@12448 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 21:57:01 +00:00
f04782904e
move @@reload_opts to the correct class, fixes 'help reload' from a non-exploit module context
...
git-svn-id: file:///home/svn/framework3/trunk@12447 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 21:53:45 +00:00
f72c94b514
default last_seen to sane values so we don't orphan all sessions right away. =/
...
git-svn-id: file:///home/svn/framework3/trunk@12446 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 21:29:47 +00:00
956dcfa6d2
deal with the odd 'No Service Pack' by normalizing to 'Service Pack 0', fixes odd 2003 detection
...
git-svn-id: file:///home/svn/framework3/trunk@12444 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 19:31:56 +00:00
81391d6ebf
fix a stupid bug where retina, nessus, and qualys os fingerpritns would not be saved; improve fingerprints for 2003, 2008
...
git-svn-id: file:///home/svn/framework3/trunk@12443 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 19:13:35 +00:00
2031c0d288
Importing Nexpose reports should retain test keys (which are usually some kind of proof or expanded details about a vulnerability).
...
git-svn-id: file:///home/svn/framework3/trunk@12442 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 17:31:26 +00:00
8cf4733535
change the close_reason to be more accurate now that the close isn't happening at startup
...
git-svn-id: file:///home/svn/framework3/trunk@12441 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 16:19:59 +00:00
1d8dca6268
Merge the stale session reaper code into the session manager
...
git-svn-id: file:///home/svn/framework3/trunk@12437 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 05:10:14 +00:00
cc0904b27e
Unbreak trunk for now, this code needs to be fixed, its throwing errors. Fixes #4218
...
git-svn-id: file:///home/svn/framework3/trunk@12436 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 02:22:05 +00:00
905044b03b
Sources credentials gained from exploits by a session ID directly, rather than going through the ExploitedHost table.
...
git-svn-id: file:///home/svn/framework3/trunk@12435 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 21:01:24 +00:00
80fe4c22e3
don't bomb out when there are no stale sessions
...
git-svn-id: file:///home/svn/framework3/trunk@12433 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 17:18:29 +00:00
b61d83a0ae
add a last-seen column to the sessions table so we can cull dead sessions on startup
...
git-svn-id: file:///home/svn/framework3/trunk@12432 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 16:11:02 +00:00
bfe3c58d8b
Correct the logic around Host object parameters
...
git-svn-id: file:///home/svn/framework3/trunk@12421 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 02:41:29 +00:00
eacf1d3c8c
Lets not break the trunk after all
...
git-svn-id: file:///home/svn/framework3/trunk@12420 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 02:32:43 +00:00
25971ff2ac
Pass a host object into the nse parser from a host object cache.
...
git-svn-id: file:///home/svn/framework3/trunk@12416 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 00:54:43 +00:00
5918e6c0ac
Allow report_auth_info() to accept a Host object instead of an address like all the other methods.
...
git-svn-id: file:///home/svn/framework3/trunk@12415 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 00:48:05 +00:00
b0d81f4385
This mega-patch solves a few outstanding issues:
...
1) The database queue is no longer used, all threads have their own connection. This officially breaks sqlite3 support, even though sqlite3 was pretty broken to being with.
2) The report_* calls prefer a Host object in the :host parameter instead of :address. This lets it skip a lookup on the host table
3) The importers now pass in the Host object, significantly speeding up large imports
4) The host record is no longer updated by every change to a child object, this was too much of a bottleneck.
TL;DR: Database stuff is faster
git-svn-id: file:///home/svn/framework3/trunk@12409 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 20:16:55 +00:00
53809926c1
the database *is* available at startup if there is a ~/.msf3/database.yml or if msfconsole was started with -y. There's a check for the db anyway, so this shouldn't ever bomb out
...
git-svn-id: file:///home/svn/framework3/trunk@12407 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 19:49:44 +00:00
4c0c282cf8
Fix a stack trace when one of these is nil
...
git-svn-id: file:///home/svn/framework3/trunk@12406 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 19:27:50 +00:00
5fc0f4eaf1
Fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@12405 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 19:07:41 +00:00
537e312c13
set RHOSTS directly when we have a short list
...
git-svn-id: file:///home/svn/framework3/trunk@12404 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 18:31:55 +00:00
91bb4b0130
auxiliary: add a basic pcap replay module
...
git-svn-id: file:///home/svn/framework3/trunk@12403 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 18:25:19 +00:00
96ee780967
merge the_listener's patch for adding ability to set RHOSTS from db_services. extends it by adding the same support in db_hosts and db_notes, see #308
...
git-svn-id: file:///home/svn/framework3/trunk@12401 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 05:08:08 +00:00
1be4b0831b
add support for dumping services as a csv file like hosts. merges partial patch from the_listener, thanks! fixes #3120
...
git-svn-id: file:///home/svn/framework3/trunk@12400 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 02:22:21 +00:00
1a4d4340bf
Make Ruby 1.8.7 happy
...
git-svn-id: file:///home/svn/framework3/trunk@12382 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 20:06:45 +00:00
545025dbea
Add a warning when the imported vulnerability data is missing the service protocol/port (looks like just one vendor today has this problem).
...
git-svn-id: file:///home/svn/framework3/trunk@12381 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 18:33:27 +00:00
41cc038eca
Undoing r12379 in anticipation of a different version.
...
git-svn-id: file:///home/svn/framework3/trunk@12380 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 18:29:04 +00:00
93a07df541
Add a :warning handler for db_import.
...
git-svn-id: file:///home/svn/framework3/trunk@12379 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 18:22:18 +00:00
07fb337ad9
Fix the actual thread cap
...
git-svn-id: file:///home/svn/framework3/trunk@12378 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 17:56:38 +00:00
86bca6438f
add a routes table; delete each comm's routes when flushing
...
git-svn-id: file:///home/svn/framework3/trunk@12377 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 17:49:27 +00:00
b164ac6539
Actually store the title for Nexpose imports.
...
git-svn-id: file:///home/svn/framework3/trunk@12374 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 23:00:19 +00:00
b94d09cdf1
Try a little harder to make this module more reliable through TCP proxies
...
git-svn-id: file:///home/svn/framework3/trunk@12359 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 20:53:21 +00:00
d2d66f3285
This patch changes how VNC sessions are handled, making them a now-unique type that is not registered in the normal sense. This works around a corner case due to recent session work.
...
git-svn-id: file:///home/svn/framework3/trunk@12358 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 20:07:53 +00:00
8b5d004997
Adding an nmap version checker so NSE modules can tell if it's okay to run or not.
...
git-svn-id: file:///home/svn/framework3/trunk@12357 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 19:52:13 +00:00
debc16bea5
vnc sessions don't have an arch
...
git-svn-id: file:///home/svn/framework3/trunk@12352 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 16:53:58 +00:00
99d5affbc7
put session_* events back in until we can sort out some issues with the change
...
git-svn-id: file:///home/svn/framework3/trunk@12351 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 16:29:15 +00:00
069eb808f1
store closed_at in utc to avoid discrepancies with opened_at
...
git-svn-id: file:///home/svn/framework3/trunk@12348 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 15:59:25 +00:00
5effb0ca04
use Table#to_csv to generate csv a file that isn't broken when data contains commas
...
git-svn-id: file:///home/svn/framework3/trunk@12343 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-17 01:07:53 +00:00
ff07d00b51
Simpler interrupt handling in RPC consoles.
...
git-svn-id: file:///home/svn/framework3/trunk@12339 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 23:03:30 +00:00
05f0f3739f
add help for several db commands
...
git-svn-id: file:///home/svn/framework3/trunk@12338 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 22:49:31 +00:00
b53545e875
Seach post modules by default too.
...
git-svn-id: file:///home/svn/framework3/trunk@12336 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 18:03:13 +00:00
9c1b4ddca5
add a load command. this will later deprecate the use command under meterpreter for 3.7 release
...
git-svn-id: file:///home/svn/framework3/trunk@12334 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 13:59:57 +00:00
a0cbbdfab0
Support 'jar' format when generating payloads.
...
git-svn-id: file:///home/svn/framework3/trunk@12331 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 02:11:12 +00:00
f386a2c587
Adding an additional sessions mapping to workspaces.
...
git-svn-id: file:///home/svn/framework3/trunk@12327 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-15 20:36:10 +00:00
175cae5047
Add associations between Host, Session & SessionEvent model objects.
...
git-svn-id: file:///home/svn/framework3/trunk@12325 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-15 18:54:27 +00:00
d63fe9a7ba
Adding a column for local_id to the sessions table in order to better handle database-mediated session operations.
...
git-svn-id: file:///home/svn/framework3/trunk@12321 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 23:14:36 +00:00
93ee866669
Prevent new sessions from being opened several hours in the past so that we don't accidentally create spatiotemporal paradoxes and erase ourselves from history.
...
git-svn-id: file:///home/svn/framework3/trunk@12319 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 21:53:03 +00:00
96af5e2af6
store session info in the db
...
git-svn-id: file:///home/svn/framework3/trunk@12317 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 18:28:44 +00:00
d6edeebcef
actually log errors from reporting the session fingerprint. would have helped greatly in tracking down #4128
...
git-svn-id: file:///home/svn/framework3/trunk@12313 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-13 23:03:00 +00:00
c5c7ca3657
loglevel max is actually 5
...
git-svn-id: file:///home/svn/framework3/trunk@12312 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-13 21:22:38 +00:00
f8be06bd88
See #4129 . This patches up shell_read and shell_write to use the new ring buffer mechanisms with no significant API changes. Still need to run through a test on Armitage to ensure it's all still flowing smoothly, should be done within the hour.
...
git-svn-id: file:///home/svn/framework3/trunk@12310 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-13 17:02:45 +00:00
361922c634
don't use in-place gsub, it breaks on 1.9.2 since the string was a hash key at one point and apparently gets frozen, fixes #4128
...
git-svn-id: file:///home/svn/framework3/trunk@12308 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-13 01:48:37 +00:00
05e47166a3
push the check for msf up to the main meterpreter command dispatcher and fire events for file upload/download.
...
git-svn-id: file:///home/svn/framework3/trunk@12307 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-12 20:39:46 +00:00
9831dd5ca6
take linux sysinfo into account for os fingerprints
...
git-svn-id: file:///home/svn/framework3/trunk@12303 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 23:15:05 +00:00
b2eb5a4908
store the service pack from nexpose (previously not returned from the xml parser, see r12298); store hostname and more version info from nmap; see #4099
...
git-svn-id: file:///home/svn/framework3/trunk@12300 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 22:29:53 +00:00
e9e8026832
Fixed author name in modules for myself.
...
git-svn-id: file:///home/svn/framework3/trunk@12292 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 02:25:36 +00:00
a82c47789d
silly debug print, see #4099
...
git-svn-id: file:///home/svn/framework3/trunk@12290 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 01:41:35 +00:00
d5d9d56081
Create a dedicated db table to track sessions & session events.
...
* Add new db tables for session & session_events
* Migrate existing session data from events db table
* Modify session report methods to log to the new tables
git-svn-id: file:///home/svn/framework3/trunk@12273 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 21:59:32 +00:00
875858e78e
See #4089 , fix method definitions
...
git-svn-id: file:///home/svn/framework3/trunk@12267 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 13:19:43 +00:00
1a7cc50530
Fixes #4089 , Pass DECODERSTUB advopt when calling generate_stager too
...
git-svn-id: file:///home/svn/framework3/trunk@12266 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 13:17:03 +00:00
f3717302cd
Fixes #4073 by applying a patch from Francois Ropert for parsing DMVPN keys from Cisco configuration files
...
git-svn-id: file:///home/svn/framework3/trunk@12248 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-05 15:45:01 +00:00
b91c81a182
Fixes #4074 -- corrects the affected regexes.
...
git-svn-id: file:///home/svn/framework3/trunk@12238 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-04 22:19:59 +00:00
3e0982a792
enable ntlmv2 by default for smb, mssql and http
...
git-svn-id: file:///home/svn/framework3/trunk@12227 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-03 21:06:50 +00:00
f9680c854b
reworj http ntlm authentificaion and correct some bug
...
git-svn-id: file:///home/svn/framework3/trunk@12225 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-03 20:38:27 +00:00
b38a187631
mssql login : enable ntlmv2 authentification
...
git-svn-id: file:///home/svn/framework3/trunk@12223 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-03 17:02:23 +00:00
16eac54a39
and now back to your regular scheduled msfconsole
...
git-svn-id: file:///home/svn/framework3/trunk@12220 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-02 15:51:48 +00:00
0c9dbbf9f3
a few more cosmetic changes
...
git-svn-id: file:///home/svn/framework3/trunk@12201 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 06:48:36 +00:00
a305d3bd27
deprecate windows. What day is it today?
...
git-svn-id: file:///home/svn/framework3/trunk@12200 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 06:35:25 +00:00
fea84dccda
Text alignment
...
git-svn-id: file:///home/svn/framework3/trunk@12199 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 06:03:42 +00:00
f97790ec8b
Cosmetic change
...
git-svn-id: file:///home/svn/framework3/trunk@12198 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 06:01:25 +00:00
ae1d3b78bc
add host.imported notes for import types other than nmap, see r9277; don't double-report hosts for nessus and ip360 imports
...
git-svn-id: file:///home/svn/framework3/trunk@12197 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 01:01:11 +00:00
e1499657c9
Overhaul the nexpose vuln importer to be a little more friendly to all the XML data we can gather about vulns, beyond just their ID and references.
...
git-svn-id: file:///home/svn/framework3/trunk@12182 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 22:22:58 +00:00
e0e8d986e7
Fix up psexec by adding a reqwuire for the wbemexec mixin
...
git-svn-id: file:///home/svn/framework3/trunk@12180 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 16:35:26 +00:00
19a4a2d88a
move some code from lib/rex/proto/smb/client to lib/rex/proto/ntlm/util and add a mini mixin for ntlm
...
git-svn-id: file:///home/svn/framework3/trunk@12162 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-27 20:14:56 +00:00
08df8179cc
mssql login : enable windows authentification and add an encrypion check through tds prelogin mechanism
...
see issue #402 for some comment on the implementation and the todo's
git-svn-id: file:///home/svn/framework3/trunk@12154 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-27 00:24:19 +00:00
695bd76a30
typo fix
...
git-svn-id: file:///home/svn/framework3/trunk@12134 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 18:28:27 +00:00
9895d01d51
Moving lib_mysqludf_sys*.dll to a more obvious subdirectory of the exploit binaries.
...
git-svn-id: file:///home/svn/framework3/trunk@12128 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 17:48:19 +00:00
ad5073d6b1
only close the session when we get socket-related exceptions, fixes #4005
...
git-svn-id: file:///home/svn/framework3/trunk@12118 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 22:21:59 +00:00
ec5e61966d
oops revert the unwanted early commit on mssql
...
git-svn-id: file:///home/svn/framework3/trunk@12114 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 20:53:57 +00:00
2b4acb3b6c
Misplaced (and redundant) functon in the postgres library, removed.
...
git-svn-id: file:///home/svn/framework3/trunk@12113 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 20:52:07 +00:00
46cf938475
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@12112 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 20:47:49 +00:00
b1178686cf
Fixes #3988 . Adds a command execution module for PostgreSQL by uploading a UDF library and adding sys_exec() as a temporary function. Requires the target to be Windows, uses Bernardo Damele A. G.'s binaries.
...
Also fixes a typo in the arguments to handler which clears up a heretofore mysterious exception (see exploit.rb).
git-svn-id: file:///home/svn/framework3/trunk@12111 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 19:36:07 +00:00
8bb95f02c5
load the config after adding any module paths so we can start msfconsole using a module from a non-default path
...
git-svn-id: file:///home/svn/framework3/trunk@12105 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:19:55 +00:00
ac75160741
Add sinn3r and bannedit to authors
...
git-svn-id: file:///home/svn/framework3/trunk@12084 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:28:19 +00:00
02165304c2
Adding an additional error code for postgresql, new as of version 9.
...
git-svn-id: file:///home/svn/framework3/trunk@12071 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-22 17:43:36 +00:00
3ed59574e1
Another postgresql fingerprint, now when auths are enabled.
...
git-svn-id: file:///home/svn/framework3/trunk@12070 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-22 17:39:19 +00:00
8bca6d4d54
Adding a quickie fingerprint for PostgreSQL on windows (9.0.3)
...
git-svn-id: file:///home/svn/framework3/trunk@12069 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-22 17:26:57 +00:00
3395ee226e
Associate the replicant exploit instance with the replicant payload, otherwise the wrong exploit instance will be used by the payload handler. Fixes #4004 .
...
git-svn-id: file:///home/svn/framework3/trunk@12065 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-22 03:19:56 +00:00
46dfafa81f
Fixes #3987 . Don't raise on the attr set, raise when the command actually wants to get run.
...
git-svn-id: file:///home/svn/framework3/trunk@12063 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-21 20:52:08 +00:00
cf04b2f387
fix a stack trace if nmap is not installed
...
git-svn-id: file:///home/svn/framework3/trunk@12062 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-21 20:11:12 +00:00
e72a4e36bd
add 'show actions' for post mods, oversight from r12008. see #3965
...
git-svn-id: file:///home/svn/framework3/trunk@12058 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-21 17:07:11 +00:00
3d59be3586
This patch adds a 'reload_all' command to msfconsole. This will flush and reload all modules from all module paths
...
git-svn-id: file:///home/svn/framework3/trunk@12040 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-20 22:22:07 +00:00
2e267bdca3
This patch removes the unimplemented "persist" command. This has been sitting in half-done state for too many years and its time to go.
...
git-svn-id: file:///home/svn/framework3/trunk@12039 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-20 21:41:09 +00:00
e094c7e941
Fix typo in db_creds
...
git-svn-id: file:///home/svn/framework3/trunk@12011 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 22:13:10 +00:00
f2057f54a8
De-dup'ed get_link_filter() in the crawler module. Added some comment
...
docs on crawler_process_page(). Nothing exciting.
git-svn-id: file:///home/svn/framework3/trunk@12010 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 21:21:21 +00:00
ded3ff9c75
add support for actions in post modules. fixes #3965~
...
git-svn-id: file:///home/svn/framework3/trunk@12008 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 05:39:30 +00:00
c4bd210eae
Fixes #3959 .
...
git-svn-id: file:///home/svn/framework3/trunk@12006 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 04:12:51 +00:00
91a48cd04b
Fix error with undefined variable 'name' when clearing default workspace
...
git-svn-id: file:///home/svn/framework3/trunk@12005 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 04:10:22 +00:00
6cd1699c42
Enable command passthru in "web" console, since it's awfully convenient and no longer provides any security since msfweb was removed.
...
(console access already provides the ability to execute OS commands)
git-svn-id: file:///home/svn/framework3/trunk@12004 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 00:17:45 +00:00
e49ab08e21
Add support to scripts for Meterpreter Accounts Mixin and add new method is_system? for checking if sessions is running as SYSTEM, uses SID so as at to ensure compatibility with multiple language versions of windows.
...
git-svn-id: file:///home/svn/framework3/trunk@11997 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 22:44:36 +00:00
f4ceb83e40
send spn avp by default ; it wont hurt at all
...
git-svn-id: file:///home/svn/framework3/trunk@11992 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 20:01:28 +00:00
91c50f7683
use self.rhost instead of datastore['RHOST']
...
git-svn-id: file:///home/svn/framework3/trunk@11973 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 00:34:07 +00:00
b7a0a305ee
allow psexec to success when SPN validation level is required on windows seven / 2008r2 servers
...
git-svn-id: file:///home/svn/framework3/trunk@11971 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 00:12:07 +00:00
ecb89c785b
Actually use the API for appending command line arguments for nmap.
...
git-svn-id: file:///home/svn/framework3/trunk@11970 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 21:59:35 +00:00
292f357f7a
Moving requires from oracle_login to nmap. Duh.
...
git-svn-id: file:///home/svn/framework3/trunk@11966 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 20:46:03 +00:00
9e15c487b5
Adding pid info for nmap.
...
git-svn-id: file:///home/svn/framework3/trunk@11964 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 18:31:17 +00:00
fa3c038f1d
Check for nulls/nils when retrieving client list
...
git-svn-id: file:///home/svn/framework3/trunk@11963 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 16:52:01 +00:00
f3ddb869be
Clean these too.
...
git-svn-id: file:///home/svn/framework3/trunk@11962 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 01:53:45 +00:00
7d12151ec6
add support for http digest authentication. fixes #2504 , thanks oliver kleinecke for the patch!
...
git-svn-id: file:///home/svn/framework3/trunk@11961 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 22:37:16 +00:00
6e0e23f5ba
Fixups on the Oracle/Nmap stuff. Adding back in the Scanner module, since it has some handy process mgmt functions.
...
git-svn-id: file:///home/svn/framework3/trunk@11960 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 22:13:57 +00:00
e073a3a01c
Fixes #3941 . This should deal with the path problems I ran into on Windows. otherwise, works like a champ, so resolving.
...
git-svn-id: file:///home/svn/framework3/trunk@11951 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 03:31:40 +00:00
b68396351a
See #3941 . This is a first attempt at supporting driving nmap via a metasploit module. It's a somewhat hefty checkin that includes the Nmap auxiliary mixin as well as an oracle login bruteforce module that uses it.
...
This definitely needs to be tested on Win32 before it can be called f i x e d, due to the differences between the nmap binaries and the way files are created and used.
Also, the oracle_login scanner could use another once-over for error handling -- don't rely on that yet.
Once this all works the way I expect, I'll document the procedure more thoroghly so people can take advantage.
git-svn-id: file:///home/svn/framework3/trunk@11948 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-13 22:52:50 +00:00
98a6b7db4c
Missing space between hosts and services in db_notes
...
git-svn-id: file:///home/svn/framework3/trunk@11919 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-09 22:11:29 +00:00
fc8c0681de
remove an option present twice
...
git-svn-id: file:///home/svn/framework3/trunk@11905 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-09 00:42:12 +00:00
e71e609ab0
Rework this option as well
...
git-svn-id: file:///home/svn/framework3/trunk@11903 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 23:46:44 +00:00
c2aede0a59
Revert an overzealous search/replace
...
git-svn-id: file:///home/svn/framework3/trunk@11902 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 23:31:06 +00:00
5c2abe4dd7
This patch reworks some of the new SMB names to match the standard option format
...
git-svn-id: file:///home/svn/framework3/trunk@11901 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 23:29:34 +00:00
42531e097f
Fixes #3916 . Adds a module for mysql delivery of a payload via a UDF, using Bernardo's quite excellent UDF libraries.
...
git-svn-id: file:///home/svn/framework3/trunk@11899 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 22:42:26 +00:00
5f6995e8d3
enable ntlmv2 and signing for smb client stack (pth implementation is coming), fixes #11678 and #152
...
git-svn-id: file:///home/svn/framework3/trunk@11893 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 19:57:53 +00:00
d535e74f47
Bump trunk to 3.7.0-dev to start on the next release
...
git-svn-id: file:///home/svn/framework3/trunk@11890 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 04:09:45 +00:00
31970fb09a
Release time, mark this as 3.6.0
...
git-svn-id: file:///home/svn/framework3/trunk@11889 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 02:46:51 +00:00
c92ab3f6b5
only dup if we've got something to dup. fixes #3896
...
git-svn-id: file:///home/svn/framework3/trunk@11880 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-05 20:15:36 +00:00
3b5c467c47
Fix db_hosts when -c is passed
...
git-svn-id: file:///home/svn/framework3/trunk@11862 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-02 17:12:10 +00:00
6904ce8c7b
3.6.0-beta\!
...
git-svn-id: file:///home/svn/framework3/trunk@11852 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-01 06:15:15 +00:00
4a41e4e352
Fixes #3742 by sanitizing utf-8 characters for the username and system name in session.info.
...
Tested with German Win2k3EE and a session created with exploit/windows/mssql/mssql_payload.
git-svn-id: file:///home/svn/framework3/trunk@11848 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-28 21:39:25 +00:00
e7dbf28626
This patch adds a register_parent() method to the module class, making it easy to propogate things like ParentUUID, Workspace, and Owner down. The multi/handler post modules were updated to use this new api. This fixes an issue where the session generated by a post module would be registered to the wrong workspace.
...
git-svn-id: file:///home/svn/framework3/trunk@11846 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-28 04:24:35 +00:00
f912d2e0c2
Add db_loot (basic)
...
git-svn-id: file:///home/svn/framework3/trunk@11843 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-27 16:30:17 +00:00
30c14fe45c
Remove a duplicate host column from db_services
...
git-svn-id: file:///home/svn/framework3/trunk@11842 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-27 15:58:08 +00:00
d7eecc9d67
make sure registry is there before including it, fixes #3806 , fixes #3726
...
git-svn-id: file:///home/svn/framework3/trunk@11840 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 23:52:28 +00:00
424adcd74d
Remove the near-worthless loot report message
...
git-svn-id: file:///home/svn/framework3/trunk@11839 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 18:07:48 +00:00
c204f38e84
Remove the near-worthless loot report message
...
git-svn-id: file:///home/svn/framework3/trunk@11838 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 18:07:25 +00:00
1f3000dc41
Cleaner default output for db_hosts and db_services
...
git-svn-id: file:///home/svn/framework3/trunk@11837 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 17:42:03 +00:00
9bc2a2cd3a
Store keystrokes as loot
...
git-svn-id: file:///home/svn/framework3/trunk@11835 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 04:54:45 +00:00
fa16dcb098
Add the ability to enumerate compatible post modules for a given session id
...
git-svn-id: file:///home/svn/framework3/trunk@11832 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 03:50:12 +00:00
941c0f446f
Change the CustomPrintPrefix to apply to lines (before the status/timestamp)
...
git-svn-id: file:///home/svn/framework3/trunk@11829 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 02:35:38 +00:00
880ffeb1f7
This updates the (C) for 2011, adds a CustomPrintPrefix option to set a unique prefix for a module and cleans up some post modules
...
git-svn-id: file:///home/svn/framework3/trunk@11828 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-26 02:02:34 +00:00
52d8e59b43
work around what i can only assume is a bizarre ruby bug where session_has_registry_ext?() never gets called and is assumed false, but session_has_registry_ext() works fine.
...
git-svn-id: file:///home/svn/framework3/trunk@11822 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-24 21:33:32 +00:00
57966c66d8
This allows for blank usernames in the normal case, as well as a domain/<blank> sort of construct for smb logins.
...
git-svn-id: file:///home/svn/framework3/trunk@11820 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-24 20:42:14 +00:00
21ed434f24
better test for registry extension
...
git-svn-id: file:///home/svn/framework3/trunk@11819 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-24 19:36:22 +00:00
4721fd4539
unbreak scripts that use is_uac_enabled?()
...
git-svn-id: file:///home/svn/framework3/trunk@11818 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-24 18:14:40 +00:00
db619828f2
add a session_compatible? method to post modules, include platform in compatibility checks.
...
git-svn-id: file:///home/svn/framework3/trunk@11802 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-23 04:40:21 +00:00
fb98f96984
fix a pasto and simplify the return value
...
git-svn-id: file:///home/svn/framework3/trunk@11801 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-23 04:28:11 +00:00
f647088fba
give the timeout a default value. fixes everything that uses shell_command_token_* with one arg
...
git-svn-id: file:///home/svn/framework3/trunk@11800 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-23 01:33:39 +00:00
7e2fb81cb5
Initial set of OSX Shell Post modules for general basic enumeration and for dumping hashes (SHA, LM and NTLM) for OSX 10.4 and above
...
git-svn-id: file:///home/svn/framework3/trunk@11792 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-22 14:00:47 +00:00
1cbadda8c0
add 2008 to the list of versions on which UAC is enabled
...
git-svn-id: file:///home/svn/framework3/trunk@11787 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-21 20:26:14 +00:00
b97ccd5d88
don't error out and die if a post module doesn't have a SessionTypes
...
git-svn-id: file:///home/svn/framework3/trunk@11786 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-21 20:00:21 +00:00
50614260f1
remove superfluous stuff from the test module, fix an ArgumentError in the mixin. see r11783 and r11784
...
git-svn-id: file:///home/svn/framework3/trunk@11785 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-21 19:22:19 +00:00
e71cd9b524
add shell support for registry methdos, thanks kernelsmith!
...
git-svn-id: file:///home/svn/framework3/trunk@11784 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-21 19:13:11 +00:00
160c683f18
Add WbemExec mixin, modify MS10-061 to use MOF technique
...
git-svn-id: file:///home/svn/framework3/trunk@11766 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-17 19:22:11 +00:00
a8de0591b2
vhost should be used when it's available
...
git-svn-id: file:///home/svn/framework3/trunk@11761 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-17 02:16:20 +00:00
974d9ad6c2
clean up comments
...
git-svn-id: file:///home/svn/framework3/trunk@11759 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-16 22:34:43 +00:00
e94d39af2c
un-ghetto meterpreter output logging
...
git-svn-id: file:///home/svn/framework3/trunk@11750 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-15 05:45:01 +00:00
21b1945cd4
add a commandline switch for loading plugins at startup
...
git-svn-id: file:///home/svn/framework3/trunk@11748 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-13 22:19:43 +00:00
d26e955e69
Test unique forms wmap
...
git-svn-id: file:///home/svn/framework3/trunk@11747 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-13 04:36:00 +00:00
f6b5974feb
add help for use command
...
git-svn-id: file:///home/svn/framework3/trunk@11744 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-11 23:42:46 +00:00
2efa01e8bd
Deal with importing and exporting tags.
...
git-svn-id: file:///home/svn/framework3/trunk@11737 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-10 00:17:20 +00:00
f876b7fb4b
back to dev
...
git-svn-id: file:///home/svn/framework3/trunk@11735 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-09 16:04:53 +00:00
eba4b05237
Make sure registry functions are always present (errors when rerunning post modules)
...
git-svn-id: file:///home/svn/framework3/trunk@11732 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-09 02:41:22 +00:00
749e9215bc
Adding smcintyre's patch for allowing for AuthBrute to automatically generate a password the same as a username. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@11731 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-09 01:46:27 +00:00
742e9bca94
Adding the model that goes with r11726.
...
git-svn-id: file:///home/svn/framework3/trunk@11728 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 20:46:02 +00:00
25554992d0
beta -> release!
...
git-svn-id: file:///home/svn/framework3/trunk@11727 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 18:55:01 +00:00
14e6809b2b
migrations for tags
...
git-svn-id: file:///home/svn/framework3/trunk@11726 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 18:53:55 +00:00
070f48e16a
Work around some weirdness between report_website and report_host not accepting hostnames as :host by forcing :host to be the address
...
git-svn-id: file:///home/svn/framework3/trunk@11723 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 17:32:37 +00:00
b05fd2c9a3
fix a stack trace when trying to loadpath a non-existant directory
...
git-svn-id: file:///home/svn/framework3/trunk@11714 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-04 20:53:08 +00:00
Tod Beardsley
James Lee
HD Moore
Carlos Perez
Wei Chen
Matt Weeks
Joshua Drake
amaloteaux
Mike Smith
Jonathan Cran
Patrick Webster
David Rude