Brian Patterson
4dcbd7c1ae
Add a nokogiri xml stream parser for Burp issue xml and rename original burp parser to burp session parser so both are supported.
2016-02-04 10:30:56 -06:00
William Vu
1828b7fda6
Land #6512 , Acunetix importer missing scheme fix
2016-01-29 13:17:44 -06:00
Brent Cook
b6bc862c1b
Land #6267 , fix Rex::Parser::Ini#each_group
2016-01-29 11:19:40 -06:00
Adam Cammack
e542a6c8cf
Fix importing with Acunetix
...
Add a default scheme of `http://` to URIs without a scheme. Also update
some documentation.
2016-01-28 16:37:14 -06:00
BAZIN-HSC
070a156925
-Recovrey +Recovery
2015-11-27 13:58:19 +01:00
Jon Hart
07767cd803
Fix #6265
2015-11-20 15:17:15 -08:00
BAZIN-HSC
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
BAZIN-HSC
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
BAZIN-HSC
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
Brent Cook
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
HD Moore
0cc6b53d59
Land #5905 , support newer OpenVAS formats.
2015-09-21 10:30:25 -05:00
Manuel Mancera
e97056a367
When the port state is open|filtered should be unknown, no open
2015-09-07 22:52:03 +02:00
Meatballs
2cd6b1c2df
Update parser, fix UseMasterPassword bug
2015-09-01 22:05:47 +01:00
jvazquez-r7
fba751a986
Disable early returns
2015-08-31 12:13:42 -05:00
jvazquez-r7
80f21b50c9
Fix #4227 by improving parsing of nested elements
2015-08-31 11:47:43 -05:00
Meatballs
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
William Vu
1a66786d1b
Fix Nmap XML parser for tunnel attribute
2015-04-20 17:04:19 -05:00
Samuel Huckins
13fc498523
Land #4948 , fixes several AppScan import issues
2015-03-29 23:33:01 -05:00
David Maloney
60966f3d2a
handle a blank response body
...
sometimes the response body itself can be blank
so we need to handle that properly.
MSP-9972
2015-03-23 16:03:30 -05:00
OJ
9c9d333a1b
Create verify ssl mixin, adjust some formatting
2015-03-23 13:21:08 +10:00
oj@buffered.io
fd4ad9bd2e
Rework changes on top of HD's PR
...
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
2015-03-20 13:06:57 +10:00
David Maloney
4293af01b1
make sure we strip leading whitespace
...
in the aforementiond record_request_and_response method
we need to still make sure to strip leading whitespace
from the front of our data before saving it
MSP-9972
2015-03-18 11:23:45 -05:00
David Maloney
dacaa9e82b
simplify request-response parsing in apsscan
...
the record_request_and_response method for the
nokogiri appscan parser was way overcomplicated
it was trying to do way too much trickiness
when the data could be very simply split and consumed
MSP-9972
2015-03-18 11:19:00 -05:00
David Maloney
3269817b29
remove bad truthiness checks
...
truthy checks were used here, but you'll get
an empty hash which will be treated as true causing
the test to be invalid and allowing for errors further in the method
MSP-9972
2015-03-18 10:52:24 -05:00
HD Moore
11593800b6
Move X509 PEM parsing into Rex::Parser::X509Certificate
2015-03-14 15:52:23 -05:00
HD Moore
7252ba284a
Tweak memory usage from 64Mb to 4Mb
2015-03-11 23:58:13 -05:00
Bazin Danil
3aa68c30b0
=> not => !
2015-02-26 21:31:01 +01:00
Bazin Danil
a427e417a3
-consomation +consumption
2015-02-26 21:23:09 +01:00
BAZIN-HSC
d8132f86ff
ajust buffer size
2015-02-22 08:51:16 +01:00
BAZIN-HSC
0d53dc1d13
use a buffer to avoid memory use on victims machine
...
use a buffer to avoid memory use on victims machine
use attacker memory to store files
avoid bugs on large files
2015-02-20 20:02:09 +01:00
BAZIN-HSC
fe75a31a59
NTFS parser optimisation
...
NTFS Parser does not gather automaticaly non resident attribute
that were not necessary
Railgun is called 17 times instead of 32 on an examples on ntds.dit
2015-02-20 13:11:53 +01:00
Bazin Danil
8cefe637df
bug with testing Win2k8 correction
2015-02-08 17:28:33 +01:00
Meatballs
358ab2590e
Small tidyup
2015-02-07 11:35:47 +00:00
Bazin Danil
970c5d115a
spellcheck
2015-02-05 22:08:39 +01:00
Bazin Danil
fbb85c0391
using string concatenation for performence
2015-01-31 05:13:44 +01:00
Bazin Danil
d9c64397fd
shorter the line, using more variables
2015-01-31 04:32:32 +01:00
Bazin Danil
0fce908045
add constant class
2015-01-31 04:19:27 +01:00
Bazin Danil
f4ec6bdc78
- use non-native pack/unpack directives
...
- coding: binary
- use constant for data_attribute
2015-01-31 03:59:23 +01:00
Bazin Danil
68b735dbda
Add a NTFS parser and a post module to dump files
...
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00
nstarke
55a746eeb7
Changing code to catch everything extraneous
2015-01-17 15:46:26 +00:00
nstarke
9baae6e494
Potential Fix For OpenVAS DB Import Issue
2015-01-13 02:46:13 +00:00
sinn3r
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
HD Moore
5e123e024d
Add 'coding: binary' to all msf/rex library files
...
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
HD Moore
6d92d701d7
Merge feature/recog into post-electro master for this PR
2014-08-16 01:19:08 -05:00
Meatballs
4ef3de84f3
get some more test cases
2014-08-01 14:34:17 +01:00
Meatballs
92669cd4d6
Use parser
2014-05-20 22:26:13 +01:00
Meatballs
0a2b79ccd1
Tidyup parser
2014-05-20 22:04:59 +01:00
Meatballs
09af023a71
Merge in parser
2014-05-20 21:56:35 +01:00
HD Moore
231138da1b
Fix a typo in the nexpose raw importer
2014-04-03 07:12:45 -07:00