David Maloney
6eb334c925
a little more coverage
2013-03-05 00:01:09 -06:00
David Maloney
d909c00036
better spec coverage
2013-03-04 23:43:18 -06:00
David Maloney
3bb1b2b368
attempt to deal with specs
2013-03-04 19:25:20 -06:00
David Maloney
c121a4e9dc
Some more minor touchups
2013-03-04 18:42:08 -06:00
David Maloney
8b6b2fbce9
bad error handling fixed
2013-03-04 18:33:03 -06:00
David Maloney
dc7c02e9e8
still trying to get around this sslv2 thing
2013-03-04 18:18:01 -06:00
David Maloney
246977e0cf
Address openssl sslv2 issues
...
Debian/Ubuntu ship openssl without sslv2 compiled in.
we now check for this ahead of time
2013-03-04 17:39:28 -06:00
David Maloney
12201c519a
make sure we close sockets
2013-03-04 16:34:29 -06:00
David Maloney
13ad5cf150
Merge branch 'master' into feature/ssl/add_cipher_support
2013-03-04 15:07:32 -06:00
David Maloney
6dcca7df78
Remove duplicated header issues
...
Headers were getting duped back into client config, causing invalid
requests to be sent out
2013-03-04 11:24:26 -06:00
David Maloney
6d811ce4b9
empty passwords should be allowed
2013-03-04 09:09:11 -06:00
David Maloney
4212c36566
Fix up basic auth madness
2013-03-01 11:59:02 -06:00
David Maloney
902948e5d3
cleanup options
2013-03-01 11:01:00 -06:00
James Lee
5a79fcd11e
Ensure we build only one Authorization header
...
Also fixes an issue where Host headers were generated with nil by
preferring the vhost from Client instead of the default nil from
ClientRequest.
2013-02-28 13:47:30 -06:00
James Lee
425c245771
Axe set_cgi in favor of set_uri
...
They were identical except for a couple of extra bugs in set_cgi.
Also changes ```split("/")``` to ```split("/", -1)```, which behaves
correctly when the input has a seperator at the beginning or end.
2013-02-27 19:13:05 -06:00
James Lee
b0745b090a
Msf HTTP uses this directly, can't axe it
2013-02-27 17:54:31 -06:00
James Lee
4edd46216f
Refactor config -> opts
...
Puts all the evasion stuff in the same place as regular HTTP options to
make it easier to deal with.
2013-02-27 17:29:26 -06:00
James Lee
d5ae54cbb6
More accurate docs
2013-02-27 16:27:37 -06:00
James Lee
d3b3587660
Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2
2013-02-27 14:01:57 -06:00
sinn3r
4085fa73c5
Merge branch 'stephenfewer-master'
2013-02-27 11:13:10 -06:00
James Lee
7a7dd8975f
Hmm, turns out something actually used that
...
Despite comments to the contrary
2013-02-26 18:16:54 -06:00
James Lee
29df20996e
Move most of the configuration into ClientRequest
...
Also fixes in-place modification of the query string which resulted in
duplication of the GET parameters when calling #to_s more than once.
2013-02-26 17:38:09 -06:00
David Maloney
f16cec552a
increase timeout with new checks
2013-02-26 14:27:04 -06:00
David Maloney
2ec2489f52
Test for general ssl before testing ciphers
2013-02-26 14:26:14 -06:00
James Lee
579c11bc69
Set reasonable defaults for more things
...
All current tests are passing now
2013-02-26 14:25:46 -06:00
James Lee
d7de3b75a4
Format Authorization header like others
...
Also sorts the set_*_header methods
2013-02-26 14:18:20 -06:00
James Lee
c206ac4998
Set some reasonable defaults
...
Fixes a number of nil deref issues
2013-02-26 14:15:51 -06:00
David Maloney
1cb2717fe7
fix weak and strong cipher enumerators
2013-02-26 14:13:17 -06:00
James Lee
d463460da7
Default cgi to true when not given
2013-02-26 13:33:54 -06:00
James Lee
764bbbb8e5
Whitespace
2013-02-26 13:33:19 -06:00
James Lee
5e0161d3f7
Reflect new ClientRequst in docs
2013-02-26 13:31:24 -06:00
David Maloney
1869cb5f8d
fix timeout
...
20 seconds is way too long for jsut opening a socket
2013-02-26 13:20:16 -06:00
James Lee
5ac20e1b02
Merge branch 'feature/http/authv2' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-feature/http/authv2
...
Conflicts:
lib/rex/proto/http/client.rb
2013-02-26 12:08:00 -06:00
David Maloney
c104fa6d97
Add spec and a few fixes for set_uri
2013-02-26 11:01:16 -06:00
David Maloney
d9627151c0
Add socket context option
...
Add the option for a socket context so pivoting will work
2013-02-25 15:01:42 -06:00
James Lee
1ce86b7adb
Whitespace
2013-02-25 14:29:10 -06:00
James Lee
e41922853e
Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2
2013-02-25 14:15:22 -06:00
HD Moore
8e8fecd208
Prefer String#encode over Iconv for Ruby 2.0 compat
2013-02-24 13:10:16 -06:00
James Lee
fc07bf16e7
Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2
2013-02-22 15:41:49 -06:00
David Maloney
d15e202f19
Add some YARD docs
2013-02-20 18:47:20 -06:00
David Maloney
8d2233bbdd
first minor cleanup
2013-02-20 15:33:24 -06:00
David Maloney
accd620843
Clean up pry
2013-02-19 23:50:30 -06:00
David Maloney
b2563dd6c2
trying to clean up the mess from the revert
2013-02-19 21:25:37 -06:00
David Maloney
dac1147473
merge client config into opts
2013-02-19 19:41:42 -06:00
David Maloney
de4234f0ad
Some more YARD docs
2013-02-19 18:48:03 -06:00
David Maloney
a4905e43a2
Fix the way creds are passed + YARD
...
some ayrddocs on send_auth plus fix the wierd way i was passing creds
around
2013-02-19 18:40:39 -06:00
David Maloney
0662677a72
First minor cleanup sweep
2013-02-19 17:19:16 -06:00
James Lee
867ab2f269
Whitespace
2013-02-18 19:01:03 -06:00
corelanc0d3r
0d4a6c6a04
support for searchforward option in egghunter
2013-02-18 12:45:49 +01:00
David Maloney
d23ca8f599
Merge branch 'master' into feature/http/authv2
...
Conflicts:
lib/rex/proto/http/client.rb
2013-02-17 22:58:23 -06:00
David Maloney
87d9af585e
fix request_raw
2013-02-17 21:35:19 -06:00
David Maloney
dd26b08197
first run at Clientrequest object
...
need a reliable object class for request_raw and request_cgi so that we
can manipulate requests in a safe and sane manner. It is not a eprfect
solution, but should fix what we need for the auth work.
2013-02-17 19:25:27 -06:00
James Lee
a902480576
Break out subclasses into their own files
2013-02-17 06:57:35 -06:00
Tod Beardsley
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
David Maloney
adfd26eb2d
Cleanup to_s output
2013-02-11 17:08:14 -06:00
jvazquez-r7
d4d41f36d4
Merge branch 'bug/basic_auth' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-bug/basic_auth
2013-02-11 21:16:35 +01:00
David Maloney
f90fdcd5eb
Missed nil check
2013-02-11 13:14:05 -06:00
David Maloney
0ccf7dd58a
trust any manualy set basic auth header
...
for now we will assume the module author knows what they are doing.
2013-02-11 13:06:26 -06:00
sinn3r
6e9232bf72
Merge branch 'addr_hex_dump' of github.com:Meatballs1/metasploit-framework into Meatballs1-addr_hex_dump
2013-02-11 11:31:54 -06:00
David Maloney
84534caae1
Fix expliciti basic_auth for http
2013-02-11 10:32:44 -06:00
David Maloney
0f9b16d07f
Scanner class finished, result needs more work
...
the result class needs a nice clean to_s method to print easily readable
output. mostly working now. a few more tweaks needed.
2013-02-09 19:06:17 -06:00
Meatballs
acdd952eb2
Initial commit
2013-02-09 21:50:12 +00:00
David Maloney
c25d4b4863
Test Cipher method underway
...
Trying to get a clever test plan under way to actually test the network
side of this. Not quite working yet
2013-02-09 01:07:56 -06:00
David Maloney
ebb0f166ca
Accept propper formats for SSL version
...
we were only accepting sloppy string values and not accepting input of
the actual symbols that OpenSSL expects in the first place. Allow the
user to enter it right themselves to be compat with OpenSSL
2013-02-09 00:40:58 -06:00
David Maloney
38d0a244fd
Beginings of the actual scanner
...
configuration and configuration validation in place with tests.
2013-02-09 00:03:58 -06:00
Meatballs
595cace025
Fixup wldap32 mistakes
2013-02-08 22:25:07 +00:00
Meatballs
a980419285
msftidy
2013-02-08 21:02:37 +00:00
Meatballs
a6fea39583
Change to wldap to allow cdecl
2013-02-08 21:01:22 +00:00
Meatballs
a9bf09aa06
Add calling conv to railgun
2013-02-08 19:26:33 +00:00
David Maloney
3295157f78
More support for various checks
2013-02-08 13:25:49 -06:00
James Lee
5b3b0a8b6d
Merge branch 'dmaloney-r7-http/auth_methods' into rapid7
2013-02-08 12:45:35 -06:00
David Maloney
dfc7ce9381
fix stupid datat structure
...
also supports a boolean value for whether the cipher is weak or not
2013-02-08 11:33:36 -06:00
James Lee
071df7241b
Merge branch 'rapid7' into sonicwall_gms
...
Conflicts:
modules/exploits/multi/http/sonicwall_gms_upload.rb
Adds a loop around triggering the WAR payload, which was causing some
unreliability with the Java target.
2013-02-07 21:53:49 -06:00
James Lee
bf28be7cff
Fix some comments that yard parsed incorrectly
2013-02-07 18:36:04 -06:00
David Maloney
5c9f946927
empty shells for the scanner and its specs
2013-02-07 16:16:41 -06:00
David Maloney
096360261e
De-dup cipher results
2013-02-07 16:09:47 -06:00
David Maloney
4e87bf4ab3
Add enumeration and support options
...
i lied, there's more. Adds two enumerators and methods to check for
specific ssl version support as well as a quick method to tell if the
server supports ssl at all.
2013-02-07 15:51:07 -06:00
David Maloney
10e017ae73
finish up the SSLScan::Result class
...
finishes up result class for SSLScan , compelte with tests
2013-02-07 14:56:26 -06:00
David Maloney
7036365e04
Start adding sslscan results object
...
Building out the result object for the SSlScan
2013-02-07 12:42:18 -06:00
James Lee
a15889305a
Return a Request object
...
Still changes the return type, but now at least .to_s will give you the
right thing and at least a Request object is a logical thing to return.
2013-02-06 18:56:06 -06:00
David Maloney
ebd03ccceb
Allow user to set ssl cipher
...
Rex::Socket::Tcp now allows the user to specify a cipher or ciphers to
try and use for the ssl connection in addition to the version.
2013-02-06 16:57:47 -06:00
David Maloney
888bb80ab6
more comments
2013-02-05 11:55:12 -06:00
David Maloney
16b4fb1faa
Added some comment documentation
2013-02-05 10:36:51 -06:00
David Maloney
463a45ccaf
if we don't support the auth return original res
...
make sure we return the original 401 if we don't support the auth.
2013-02-05 09:57:33 -06:00
David Maloney
af6b0615fb
fix pipelining
...
winrm is unforgiving of pipelining from non ntlm requests into the
challenge response cycle. we must clear our initial tcp session before
starting ntlm auth for winrm
2013-02-04 16:42:24 -06:00
David Maloney
9b84e5b3c4
Fix raw requests to work as well as cgi
2013-02-04 13:59:58 -06:00
David Maloney
9497e38ef7
Fix http login scanner
...
Fix the http_login scanner to use new buitin auth
2013-02-04 12:31:19 -06:00
David Maloney
8d817dcbb5
fix iis digest support mistake
...
Digest auth working automatically
2013-02-01 15:49:18 -06:00
David Maloney
6c12fa26bc
oodles of small fixes
...
Basic, NTLM and Negotiate auth all working transparently
Have to test digest auth still
2013-02-01 15:12:11 -06:00
David Maloney
61969d575b
remove mixin require, more datastore clenaup
2013-02-01 15:12:11 -06:00
David Maloney
efe0947286
Start fixing datastore options
2013-02-01 15:12:11 -06:00
David Maloney
ef1fc58e5e
Remove mixin, start moving into Rex
...
move auth awareness into rex itself
2013-02-01 15:12:11 -06:00
jvazquez-r7
1e1cbd7445
Merge branch 'wldap32_railgun' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-wldap32_railgun
2013-01-30 21:01:31 +01:00
sinn3r
fc833ea8df
Catch exceptions and return value
2013-01-28 10:30:59 -06:00
rogueclown
169f91159e
added 'from' PID to meterpreter migrate message
2013-01-27 21:18:49 -06:00
Rob Fuller
27aae87c18
Stop aggravating default show screenshot
...
A better fix would have it detect default browsers
as being text only like lynx. But this has got to
go one way or another. Loosing shell because I forgot
to do -v false is wall punch worthy
2013-01-24 22:06:51 -05:00
HD Moore
d6ed6cd5e4
Fix a stack overflow in bidirectional pipe
2013-01-22 00:27:03 -06:00
Meatballs1
567185ec65
Better cleanup and address comments
2013-01-20 00:19:17 +00:00
Meatballs1
4ee80e76bd
msftidy wldap32
2013-01-19 23:15:20 +00:00
Tod Beardsley
9f42abdb95
Whitespace fixup
2013-01-18 15:44:52 -06:00
Tod Beardsley
0c3e7ee3e0
Merge remote-tracking branch 'Meatballs1/reboot_force2'
2013-01-18 15:01:51 -06:00
Tod Beardsley
bfd58e9570
Add a comment doc for future parser writers
2013-01-18 14:59:41 -06:00
Tod Beardsley
ef97b20cb7
Merge branch 'wds_unattend'
2013-01-18 14:42:00 -06:00
James Lee
4fd4af1f43
Fix typo that breaks record_mic command
2013-01-16 16:30:38 -06:00
kernelsmith
3210c5382e
undo vestiges of attempt to add tab_complete nesting
...
return code to original state before I started editing
2013-01-16 00:49:54 -06:00
kernelsmith
3c44769bd8
attempt to add nested tab completion
2013-01-14 14:15:13 -06:00
sinn3r
90b0a7035b
Recover the prompt again
2013-01-13 13:24:48 -06:00
Spencer McIntyre
b178ce1895
allow the mixin to auto detect an available decoder binary
2013-01-12 17:31:11 -05:00
sinn3r
2f2a5c1d47
[FixRM: #2100 ] Rescue TerminateLineInput in irb
...
In irb, when you hit ^c, you will get an ugly backtrace. This
fix handles that exception.
2013-01-12 01:43:40 -06:00
sinn3r
4546d147d0
Merge branch 'master' of github.com:stephenfewer/metasploit-framework into stephenfewer-master
2013-01-11 01:43:45 -06:00
James Lee
19ff7f93ae
Merge remote-tracking branch 'wchen-r7/encoder_fixes' into rapid7
2013-01-10 17:41:08 -06:00
James Lee
0f346dde9e
Some whitespace and ruby -c fixes
2013-01-10 17:29:54 -06:00
James Lee
ab64c428ab
Merge remote-tracking branch 'kernelsmith/RM7676-migrate-h' into rapid7
2013-01-10 17:24:11 -06:00
James Lee
d4854606f2
Cosmetic fixes
...
[FixRM #7223 ][See #1283 ]
2013-01-10 17:18:25 -06:00
sinn3r
192279544b
BufferRegister should be validated.
...
If BufferRegister is in lower-case, then gen_decoder_prefix will
return nil. When the return value is nil, other functions like
gen_decoder() will backtrace due to a "undefined method "+" for nil"
error. Therefore, this input should NOT be case-sensitive.
Also, if for some reason the user supplies an invalid BufferRegister,
the function should be aware of that and warn the user about the
bad input.
2013-01-10 17:14:38 -06:00
James Lee
afb12983ab
Merge branch 'rapid7' into kernelsmith-msfconsole-suspend
2013-01-10 16:40:27 -06:00
kernelsmith
e8c239dc81
changed TODO to @todo per egypt
2013-01-10 16:35:01 -06:00
kernelsmith
b3266823ba
Addressed egypt's comments
...
-changed the suspend/resume loop logic to reduce code duplication.
-fixed up some print_*'s to remove embedded \n's
-changed formatting on some error messages
-switched comment to a TODO:
-change host_processes.select (blah} to use .find instead
-adjusted code due to remvoal of the pids.dup, resulting in arr_pids
disappearing
2013-01-10 15:40:54 -06:00
kernelsmith
b11f941387
cleaned up at validate_pids conversion, fixed YARD doc
...
in validate_pids no longer need dup as conversion to ints was cleaned
up to use map. Which also improved readability and allowed adding uniq
and compact, thanks egypt.
YARD doc on cmd_suspend was incorrectly organized
2013-01-10 14:59:02 -06:00
Stephen Fewer
8e6e1bc164
open up the bloxor encoder.
2013-01-10 17:39:40 +00:00
Spencer McIntyre
4c87b1ba36
escape ticks and spaces in paths
2013-01-10 09:15:24 -05:00
kernelsmith
92e8def889
adds suspend to meterp and adds full pid validation
...
This fully fixes RM7223 and adds the suspend command to the meterpreter
interface.
Suspend allows you to suspend and resume running processes on the
targethost. It was originally written as a post module (and the dll
version will be submitted as such later), but egypt suggested I add it
to meterpreter
2013-01-09 23:25:32 -06:00
HD Moore
4c1e501ed0
Exploit for CVE-2013-0156 and new ruby-platform modules
2013-01-09 23:10:13 -06:00
kernelsmith
4728a59189
fixes RM7676 migrate -h doesn't produce help
...
also adds YARD doc to cmd_migrate in collusion with egypt.
low threat change, but still tested on Win7-32 sp0, ruby 1.9.3-p125,
Framework Version: 4.6.0-dev just for kicks
2013-01-09 16:28:04 -06:00
kernelsmith
3b8914c270
skeleton & YARD doc for cmd_suspend added
...
functionality untested atm.
cmd_suspend_help also added
2013-01-09 15:34:04 -06:00
Spencer McIntyre
1a98393ffa
fix for OSX and remove unnecessary lines
2013-01-09 10:10:56 -05:00
sinn3r
be36c4ebef
Some machines are sensitive about this.
2013-01-07 22:32:43 -06:00
sinn3r
1d3c1ec7fc
Merge branch 'master' of github.com:CharlieEriksen/metasploit-framework into CharlieEriksen-master
2013-01-07 19:03:35 -06:00
James Lee
a0e6c7043b
Add actual cdata handler
...
Netsparker puts requests, responses, and info for vulns inside a cdata
(which makes sense because it's usually html snippets). This commit
handles that so report_web_vuln will actually be somewhat useful. Note
that the request is ignored by report_web_vuln despite there being a
place for it in the WebVuln model.
[SeeRM #7665 ]
2013-01-07 17:16:48 -06:00
James Lee
8bfca52941
Clear state for new vulns
...
[FixRM #7665 ]
2013-01-07 16:27:40 -06:00
James Lee
3f9c459545
Fix ArgumentError when importing netsparker xml
2013-01-07 12:21:08 -06:00
Charlie Eriksen
25cadf8b87
Adding exploit for CVE 2012-4915
...
Initial commit.
Major functionality working. A bit of polish is still needed in a few
spots to handle exceptions and such.
2013-01-05 14:21:02 +00:00
Meatballs1
04714893c8
Add force option to reboot command
2013-01-04 09:20:56 +00:00
Spencer McIntyre
3c039327c0
include the new mixin
2013-01-02 13:41:57 -05:00
Spencer McIntyre
7aed6e44e1
Initial commit of the Bourne shell command stager, nothing uses it yet.
2013-01-02 13:28:08 -05:00
Meatballs1
0b3143ff45
Fix railgun EOL
2012-12-30 16:32:15 +00:00
Tod Beardsley
8cd7c2783e
Indentation fixes
2012-12-28 14:36:06 -06:00
Tod Beardsley
7a0a230e92
Put the coding: binary magic comment back
2012-12-28 14:16:56 -06:00
Tod Beardsley
4002759fcf
Bring some sanity to the Array#packs
2012-12-28 14:16:08 -06:00
sinn3r
e05b55f32d
Add new functions
2012-12-28 03:48:35 -06:00
sinn3r
0344c568fd
Merge branch 'smb_fixes' of git://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-smb_fixes
2012-12-18 11:38:14 -06:00
Meatballs1
378038afab
Merge remote-tracking branch 'upstream/master' into wldap32_railgun
2012-12-17 17:23:43 +00:00
Meatballs1
6a92bd609a
Tidying and refactoring
2012-12-17 15:29:04 +00:00
Meatballs1
b5fd3463d7
Initial working AD_LDAP lookup
2012-12-17 14:07:35 +00:00
Rob Fuller
b3118afcbb
Correct Railgun WriteProcessMemory var type
...
This is described here:
https://dev.metasploit.com/redmine/issues/7237
After change operates as expected.
2012-12-15 23:11:52 -05:00
Meatballs1
3127808f76
Revert/remove unnecessary files
2012-12-13 11:02:54 +00:00
Meatballs1
e60d10bd3d
Repackage as single module pull
2012-12-13 09:40:36 +00:00
kernelsmith
11fec0bc07
adds rudimentary validity checking to pids for meterp kill
...
addresses redmine https://dev.metasploit.com/redmine/issues/7223 , but
may not be a truly encompassing solution. 'good bandaid' as egypt put
it
2012-12-05 13:17:33 -06:00
Alexandre Maloteaux
c0c3dff4e6
Several fixes for smb, mainly win 8 compatibility
2012-11-28 22:49:40 +01:00
nmonkee
937e49378c
Syntax fix
...
Doh, missed one.
2012-11-22 09:57:08 +00:00
nmonkee
79c0507077
Fix syntax errors
2012-11-22 09:43:16 +00:00
nmonkee
088d20c5a9
Made requested changes
2012-11-22 09:28:50 +00:00
Meatballs1
e057467329
Initial attempt
2012-11-18 21:24:49 +00:00
Tasos Laskos
c659b37c94
Updated indentation to use tabs
2012-11-16 23:11:48 +02:00
nmonkee
f04dc587b6
made requested changes
2012-11-15 00:13:06 +00:00
Tasos Laskos
7032ef0f6f
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-09 00:21:38 +02:00
nmonkee
bdbf6ea9bb
SAP NI Proxy Support (SAProuter) - see http://labs.mwrinfosecurity.com/blog/2012/09/13/sap-smashing-internet-windows
2012-11-06 21:16:32 +00:00
HD Moore
0d6acad1a0
Updates for PR #981 (cleanup)
2012-11-02 15:47:52 -05:00
HD Moore
0bf5f63d67
Merge branch 'master' into feature/addp-modules
2012-11-02 15:41:03 -05:00
HD Moore
52f0bca9be
Merge branch 'master' into feature/addp-modules
2012-11-02 15:40:36 -05:00
Tasos Laskos
33502b52b0
Rex::Text.refine: removed redundant Array operations
2012-11-02 16:10:42 +02:00
Tasos Laskos
385d225305
Updated support for Web modules and analysis techniques (committing to new clean branch due to corruption)
2012-11-01 21:14:38 +02:00
jvazquez-r7
c27a4d5de2
Merge branch 'master' into bug/handle-100-continue
2012-10-31 18:56:33 +01:00
James Lee
d0650dfb25
Put a bandaid over getsockname
...
Depending on how a socket was created, #getsockname will return either a
struct sockaddr as a String (the default ruby Socket behavior) or an
Array (the extend'd Rex::Socket::Tcp behavior). Avoid the ambiguity when
generating SSL certificates for meterpreter handlers by always picking a
random hostname.
This is by no means a proper fix for the underlying problem of
Socket#getsockname having ambiguous behavior before and after being
extended with Rex::Socket::Tcp. It does, however, solve the immediate
problem of not being able to create tunneled meterpreter sessions over
http(s) sessions.
[SeeRM #7350 ]
2012-10-29 22:45:46 -05:00
HD Moore
6ec392c4cf
Add Rex::Text.sha1 and Rex::Text.sha1_raw
2012-10-28 23:49:21 -05:00
HD Moore
adc9532ec7
Reset this back to master's copy, fixes this pull
2012-10-28 23:13:32 -05:00
HD Moore
3a42eb3f73
New modules and library for the ADDP protocol
2012-10-28 23:04:18 -05:00
HD Moore
43fe219a05
This improves handling of 100-continue responses
2012-10-28 22:57:18 -05:00
James Lee
dafb56f6b6
Merge branch 'dmaloney-r7-findpids' into rapid7
...
[Closes #950 ]
2012-10-22 15:52:07 -05:00
James Lee
651f9b9c8f
Use opts.usage instead of a Table
2012-10-22 15:16:55 -05:00
James Lee
ffa4373242
Merge branch 'rapid7' into wchen-r7-print_warning
...
[Closes #899 ]
2012-10-19 13:49:32 -05:00
Meatballs
e1a4ec2fcc
Fix to SMB Client when using find_first on a directory with exactly 20 files.
2012-10-17 21:58:20 +01:00
James Lee
45a60b6bdd
Clarify why we need to sleep.
...
[Closes #911 ][FixRM #7344 ]
2012-10-15 17:54:18 -05:00
Raphael Mudge
f4b151f63d
Detect and mitigate CPU starvation condition [SeeRM #7344 ]
2012-10-15 17:54:18 -05:00
sinn3r
d36f642edc
Add print_warning()
2012-10-12 21:48:15 -05:00
Tod Beardsley
95fef5d607
Merge remote branch 'dalton/master'
2012-10-08 08:28:23 -05:00
Rob Fuller
b984d33996
add RunAs ask module
2012-10-06 00:51:44 -04:00
James Lee
9d4427270e
Merge branch 'rapid7' into bug/active_support/dependencies-compatibility
...
[Closes #843 ]
2012-10-04 17:18:07 -05:00
Luke Imhoff
df9db42c32
Fix module reloading
...
[#36737359 ]
The merging of reload_module and the various load_module methods
resulted in the module loading from disk, but because the Hash entry in
the module manager was not deleted before on_module_load was called, the
newly reloaded module was logged as an ambiguous module name instead of
a reload. In order to report the reload errors correctly, I determined
that module_load_error_by_reference_name should really be
module_load_error_by_path. I eliminated faild in favor of this new name
since failed was just calling the attribute and the attribute's name is
clearer about the format of the data.
Tested by run rexploit and then exiting over and over with
ms08_067_netapi. When I messed up the file so it couldn't load, by
adding `inclde Exploit` (note mispelling of `include`), it reported the
error to msfconsole. When I removed the bad line and added a puts
"RELOADING <n>", where I kept incrementing n and saving the file, the
new number appeared during each rexploit.
2012-10-04 16:32:12 -05:00
sinn3r
2a88aab209
set mode
2012-10-02 15:46:16 -05:00
sinn3r
6d815bce4e
Haters gon hate, Windows' gotta be Windows.
2012-10-02 15:27:13 -05:00
sinn3r
8d6e858604
What open()? This open()!
2012-10-02 15:20:38 -05:00
sinn3r
e141a84f6b
Not having a newline at the end of the file is a crime
2012-10-02 15:19:12 -05:00
sinn3r
ba1b65742e
Separate XML for various DLLs.
2012-10-02 11:27:10 -05:00
sinn3r
f2c7731b39
Add RopDb mixin
2012-10-01 17:09:01 -05:00
David Maloney
4511dead88
Fix up the ps help
2012-09-21 13:45:09 -05:00
David Maloney
5738d808ba
Add a bunch of extra filter options
2012-09-21 13:27:16 -05:00
David Maloney
14c94e4f03
rolled changes into existing ps command
...
Some users requested this be added to the ps
command via a -S opt instead of creating a new command.
This limits the search to only one search parameter at a time
but with the ability to pass RegEx I think that's fine
2012-09-19 08:28:36 -05:00
David Maloney
4dbe7767ca
Merge branch 'master' into findpids
2012-09-19 07:55:54 -05:00
sinn3r
1828857a63
Change conditions
...
When 'encod_params' is set to true explicitly, or does not have a
value, we make sure it's true. Otherwise, false.
2012-09-15 18:08:29 -05:00
sinn3r
0967d1bfc4
Allow modules to disable URI encoding for GET/POST variables
...
Often in HTTP modules, people are forced to to use 'data' instead
of 'vars_get' or 'vars_post', because the parameters (especially
the names) are URI-encoded, and the application actually may not
recognize the names/values. The new 'encode_params' option allows
that feature to be disabled. However, to make sure we're not
changing existing HTTP modules' behaviors, 'encode_params' is
still true by default (which is the original behavior we've always
been using).
2012-09-15 17:40:42 -05:00
David Maloney
71e57a6067
Moved help text into cmd_findpids_help
2012-09-12 08:26:31 -05:00
Adam Dalton
0b0af0a4f5
updating sleep to allow nil arguments
2012-09-11 11:20:03 -04:00
Tod Beardsley
cf98f52036
Should resuce nil as well
2012-09-10 09:33:45 -05:00
RageLtMan
1facfcf6d9
remove commented old method
2012-09-10 09:33:45 -05:00
RageLtMan
ef0f4d0acc
Fix Meterpreter edit command file removal
...
fs.rb was originally attempting to call the "close" method on a
string holding the temporary path to the file being editted.
Replaced with ::File.delete(temp_path).
2012-09-10 09:33:45 -05:00
David Maloney
228a150379
Built in regex support to findpids
2012-09-06 11:54:28 -05:00
David Maloney
f906aa3884
Adds a new findpids command to meterpreter
...
findpids calls client.sys.process.get_processes like ps
but then filters out any processes that do not match
one of the process names supplied as arguments to the command.
`findpids explorer.exe notepad.exe` will return all processes
named explorer.exe or notepad.exe Allows for quick searching for
the pid you want. ideal for migration
2012-09-06 11:33:57 -05:00
Tod Beardsley
dc77b435a7
Remove trailing commas
...
Tend to cause problems in Ruby 1.8 anyway.
2012-08-31 11:00:37 -05:00
Tod Beardsley
ce51761193
Fixes uictl's disappearance
...
utctl shouldn't check for stdapi_ui_disable_mouse or disable_keyboard
since neither exist.
Removed the check, tested both enable and disable on mouse and keyboard,
uictl seems to work as advertised now.
[FIXRM #7217 ]
2012-08-31 10:53:01 -05:00
James Lee
e7dc8e5ac2
Add a File.open method for meterpreter
...
Same semantics as Ruby stdlib File.open - if you give it a block, yields
a new File object and closes it after the block, otherwise same as
File.new.
[FixRM #6481 ]
2012-08-29 16:19:03 -05:00
James Lee
bbded154d9
Fix tab-completion on meterpreter run
...
[FixRM #7143 ]
2012-08-29 14:55:12 -05:00
m m
c1ca9fea79
netstat and arp commands in win32/posix meterpreter
2012-08-28 17:02:37 -05:00
Tod Beardsley
f6ca31d5db
Merge branch 'rage-alex-oui'
2012-08-22 10:47:51 -05:00
Tod Beardsley
b457289e01
Merge remote branch 'webstersprodigy/module-http-ntlmrelay'
2012-08-21 15:28:50 -05:00
RageLtMan
1d5af3d825
Alex' patch to Rex::Oui
2012-08-06 21:34:36 -04:00
Chris Lennert
4050633c18
Squashed commit of the following:
...
commit 665f3f5b993dfa48db817f6138ac356919af37fc
Author: Chris Lennert <calennert@gmail.com>
Date: Wed Aug 1 19:44:14 2012 -0500
Two corrections to NetGetJoinInformation args
[Closes #661 ]
2012-08-03 13:58:42 -06:00
HD Moore
c25ebabce0
Fix up incompatibility with MaxDataSize (thanks @mubix)
2012-07-23 13:40:41 -05:00
webstersprodigy
d56ccc69b9
Forgot to git add client.rb
2012-07-22 20:13:57 -04:00
Rob Fuller
70017511f5
Implement proto/smb/client find_next for find_files
...
Squashed commit of the following:
commit b5370b24d48a0b79d13cff465ef1fe53738754d0
Author: Rob Fuller <jd.mubix@gmail.com>
Date: Sat Jul 21 01:52:31 2012 -0400
add some documentation for smb client
commit 92438f515ef272337ce02b6deebb35f62a50f0a3
Author: Rob Fuller <jd.mubix@gmail.com>
Date: Fri Jul 20 03:09:27 2012 -0400
adds find_next to find_files
[Closes #627 ]
2012-07-21 00:03:19 -06:00
Rob Fuller
df7af9df40
Fix an errant bitwise-and used as bool
...
Squashed commit of the following:
commit 748ab76d71422e5909dc29403fd24ceb025504b5
Author: Rob Fuller <jd.mubix@gmail.com>
Date: Fri Jul 20 02:50:50 2012 -0400
fixes dir/file check
[Closes #626 ]
2012-07-20 16:29:53 -06:00
HD Moore
9d16a1a472
Fix some SMB operations that dont like this value
2012-07-20 16:25:00 -05:00
James Lee
e200f43183
Squashed commit of the following:
...
commit 1de16b41c8808df2919706eaa8cc89ae44d9b591
Author: m m <gaspmat@gmail.com>
Date: Mon Jul 9 21:55:32 2012 +0200
typo
commit a396b55018175f3eb2a83baecb1ec601cc99eef4
Author: m m <gaspmat@gmail.com>
Date: Mon Jul 9 21:51:32 2012 +0200
various posix meterpreter bugfixes
[Closes #584 ]
[FIXRM #7042 ]
2012-07-19 15:56:47 -06:00
James Lee
5110aad0f3
Add better docs on some File methods
2012-07-17 17:32:27 -06:00
James Lee
c9ccb02aae
Clean up rdoc
2012-07-17 17:32:27 -06:00
James Lee
62fe00866d
Add comments about what the block is for
2012-07-17 16:09:17 -06:00
James Lee
a1cfb32f93
Fix a typo that breaks post param padding
...
Corner case and doesn't really *break* things, just means you end up
with one big param instead of multiple due to missing ampersands.
2012-07-17 12:29:28 -06:00
sinn3r
fbe0cb7471
Merge branch 'post_win_gather_creds_gpp_pass' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_win_gather_creds_gpp_pass
2012-07-17 08:28:19 -05:00
HD Moore
975d8004d3
Remove protected operator, not useful
2012-07-11 02:08:56 -05:00
webstersprodigy
f50843e0b7
Adding http_ntlmrelay module
2012-07-09 22:56:24 -04:00
sinn3r
b817070545
Merge branch 'mac_oui' of https://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-mac_oui
2012-07-09 20:14:25 -05:00
Alexandre Maloteaux
e509c72574
better handle company name
2012-07-10 00:24:30 +01:00
Alexandre Maloteaux
e949b8c2c8
mac_oui
2012-07-09 23:46:57 +01:00
HD Moore
c8c3c0e3e4
Correct an issue with HTTP response header parsing
2012-07-09 10:22:12 -07:00
HD Moore
a8266bd831
Fix up odd reference normalization cases
2012-07-08 11:25:32 -05:00
Meatballs1
bd2368d6ab
Added specific details for each policy type to output table, modified REX:Ui:Table to prevent sorting when SortIndex == -1
2012-07-02 11:47:44 +01:00
HD Moore
eb762b3653
Back out encoding change of empty string, done by comment
2012-06-29 01:07:58 -05:00
HD Moore
d656e3185f
Mark all libraries as defaulting to 8-bit strings
2012-06-29 00:18:28 -05:00
HD Moore
c45b1037f1
Make sure entries are 8-bit
2012-06-28 23:31:26 -05:00
HD Moore
a393f8d62d
Apply the console ID if specified
2012-06-25 01:37:38 -05:00
HD Moore
19c18a3e4e
Record the device_id correctly in the nexpose raw import
2012-06-25 01:23:16 -05:00
HD Moore
38cc6571de
Merge branch 'master' into feature/vuln-info
2012-06-25 01:03:52 -05:00
HD Moore
aa0c6d7036
Better IE 9/10 coverage
2012-06-25 01:03:34 -05:00
HD Moore
faf5adadd9
Merge branch 'master' into feature/vuln-info
2012-06-25 00:42:02 -05:00
HD Moore
4bd9b0c94a
Quick typo fix
2012-06-25 00:41:45 -05:00
HD Moore
f7dca272b6
IE 10/Win8 detection support
2012-06-25 00:36:49 -05:00
HD Moore
1989f0ab46
IE 10/Win8 detection support
2012-06-25 00:36:04 -05:00
HD Moore
a8f7ea901a
Fix cache counters for vuln_attempts, tweak nexpose
2012-06-17 21:55:11 -05:00
HD Moore
a892fce320
Indent only subsequent list items
2012-06-17 20:55:19 -05:00
HD Moore
9ceba4421a
Bullet formatting rendered poorly, remove these and keep indents
2012-06-17 20:49:22 -05:00
HD Moore
39a77024e2
Parse solutions/descriptions into a slightly less ugly format
2012-06-17 19:27:25 -05:00
HD Moore
be9b7a88fb
Complicate the matching process in the name of memory
...
and loading speed. Use optional match_details param
to find matching vuln instances.
2012-06-17 00:07:00 -05:00
HD Moore
7d9d6f11e5
Comitting a copy of the "old" mode of loading,
...
still hoping to avoid having to do this due to
memory bloat and slowness.
2012-06-16 22:42:31 -05:00
HD Moore
8177783681
Merge branch 'master' into feature/vuln-info
2012-06-14 16:21:51 -05:00
Tod Beardsley
bffb3571c2
Adding URL ref for db_autopwn deprecation message
2012-06-14 09:53:59 -05:00
James Lee
2683bb0ba7
Add deprecation warnings for old commands
...
This should hopefully cut down a bit on support requests from people
asking about old commands they read about in _Metasploit: The
Penetration Tester's Guide_
2012-06-14 09:44:38 -05:00
HD Moore
de45630092
Merge branch 'master' into feature/vuln-info
2012-06-12 15:36:16 -05:00
Jeff Jarmoc
e820d23f73
Cleanup whitespace
2012-06-12 15:32:50 -05:00
HD Moore
6290bba71b
Merge branch 'master' into feature/vuln-info
2012-06-12 12:41:41 -05:00
David Maloney
fc0dc23752
Some handling around empty elements
2012-06-10 17:04:47 -05:00