Commit Graph

9661 Commits (3b21de390661675fc6d47dbce293e37bd128e56c)

Author SHA1 Message Date
Spencer McIntyre 698ca2639b Do not delete files that do not exist in rm_f 2014-12-17 09:18:06 -05:00
jvazquez-r7 662160ef61 Refactor mixin 2014-12-16 23:48:53 -06:00
jvazquez-r7 594b9bcfc2 Add support for AuthorizationData 2014-12-16 23:21:13 -06:00
HD Moore 9de4137aa7 Patch UA/Proxy settings during migration, lands #3632 2014-12-16 22:21:48 -06:00
Sean Verity 370f6003e3 Refactors metsrv patching in reverse_hop_htt.rb 2014-12-17 11:57:17 -05:00
Sean Verity 1930eb1bf8 Refactors metsrv patching in reverse_http.rb 2014-12-17 10:04:43 -05:00
jvazquez-r7 2649d482fe Add support for KRB_AP_REQ 2014-12-16 18:39:42 -06:00
jvazquez-r7 0f55a98450 Add support for Authenticator encoding 2014-12-16 17:45:54 -06:00
jvazquez-r7 dde45a7f53 Add support for Checksum encoding 2014-12-16 17:05:35 -06:00
jvazquez-r7 a93cbac7bf Support ticket encoding 2014-12-16 16:04:13 -06:00
jvazquez-r7 ce6b53b44c Fix attribute description 2014-12-16 11:39:04 -06:00
jvazquez-r7 a5f8b4319f Add support to encode PAC-TYPE 2014-12-16 11:31:27 -06:00
jvazquez-r7 1721641138 Add support for PAC-LOGON-INFO 2014-12-16 09:32:47 -06:00
sinn3r c2bc79c53c Resolves #4275 - Configurable variable name as an option
Resolves #4275
2014-12-15 23:59:34 -06:00
Sean Verity 52b3025351 Reworked to avoid extending String class on blob per hdm's rec. 2014-12-15 21:40:41 -05:00
jvazquez-r7 c1114c180a Add support for PAC-CLIENT-INFO 2014-12-15 17:32:51 -06:00
jvazquez-r7 64a0162e3f Add support for PAC-SERVER-CHECKSUM 2014-12-15 17:16:43 -06:00
jvazquez-r7 482c883d36 Add the parent class for pac elements 2014-12-15 17:13:52 -06:00
jvazquez-r7 2c7139b936 Add support for PAC-PRIVSRV-CHECKSUM 2014-12-15 17:13:22 -06:00
Samuel Huckins 4c994d84e0
Updating version to 4.11 for Flood release 2014-12-15 14:42:09 -06:00
jvazquez-r7 147ff13080 Add support to decode the encryption part of as responses 2014-12-15 11:47:08 -06:00
jvazquez-r7 643279b54b Add support to decode the encryption part of as responses 2014-12-15 11:46:11 -06:00
Brent Cook c24fdb81b5
Land #4389, Meatballs1's fix for enum_ad_* post module regressions
Fixes #4387 by adjusting for the new return type from ADSI queries.
2014-12-15 10:45:12 -06:00
jvazquez-r7 d81cdd6cbb Add KdcResponse spec first draft 2014-12-14 21:20:54 -06:00
jvazquez-r7 c3a2bcf956 Make KdcResponse decoding better 2014-12-14 21:01:09 -06:00
jvazquez-r7 442adb080f Add first support to decode tickets 2014-12-14 20:51:26 -06:00
jvazquez-r7 35742873c7 Delete references to deleted namespaces 2014-12-14 19:23:21 -06:00
jvazquez-r7 78c76092dd Delete namespaces from model classes 2014-12-14 19:18:30 -06:00
jvazquez-r7 13ae624738 Delete namespaces 2014-12-14 19:15:57 -06:00
jvazquez-r7 2d0cb5acd8 Move elements to model dir 2014-12-14 19:11:21 -06:00
jvazquez-r7 328e9f62e8 Add first draft for Kerberos responses 2014-12-14 19:09:41 -06:00
jvazquez-r7 483c273e17 Add support to decode responses on the Rex client 2014-12-14 17:54:17 -06:00
jvazquez-r7 883bfd1f46 Add support to retrieve e-data 2014-12-14 17:23:37 -06:00
jvazquez-r7 7067f2ea83 Modify Rex::Proto::Kerberos::Client to read responses 2014-12-14 16:32:25 -06:00
jvazquez-r7 c5dc065fde Add support for decoding KrbError 2014-12-14 16:26:18 -06:00
jvazquez-r7 704781d0ce Modify exception message 2014-12-14 12:11:09 -06:00
jvazquez-r7 8435328af7 Fix create_tcp_connection 2014-12-14 00:54:26 -06:00
jvazquez-r7 0abf5d147e Add some documentation 2014-12-14 00:51:44 -06:00
HD Moore e2617c7095
Return the workspace id in responses, lands #4142 2014-12-13 18:04:58 -06:00
HD Moore 00590f9f26
Adds Java serialization support, lands #4327 2014-12-13 17:47:53 -06:00
HD Moore 6ea5ed1a82
Shrinks windows payloads, lands #4391 2014-12-13 17:41:50 -06:00
HD Moore f67a32ef9c
Add missing commits from #3770, lands #4393 2014-12-13 17:36:26 -06:00
HD Moore 19adfca8ce Updated stubs from source 2014-12-13 12:55:41 -06:00
Meatballs 5d18de2ebf
Fix legacy railgun LDAP implementation 2014-12-13 18:26:26 +00:00
HD Moore 92490ab5e8 Singles updated from the source 2014-12-13 12:22:07 -06:00
HD Moore 4681416a0f Update block_api with @schierlm's changes 2014-12-13 12:06:38 -06:00
jvazquez-r7 bde8c380c2 Make mixin run 2014-12-13 02:46:00 -06:00
HD Moore f676b72767
Add Kademlia scanner, lands #4210 2014-12-12 16:40:58 -06:00
Tod Beardsley 9545b6e4d6
Land #4343, os_flavor reduction 2014-12-12 14:49:15 -06:00
Tod Beardsley ac004d2770
Fix bruteforce validators to accept nil
bruteforce_speed isn't always required, because the speed checker
already handles nil (and presumes the user wants the fastest possible).

See also MSP-11842
2014-12-12 13:57:37 -06:00
Tod Beardsley 177cade6a5 Merge branch 'land-4274-ssl' into temp 2014-12-12 13:25:54 -06:00
sinn3r 985245e8a1 Document method
Fix #4366 (support dynamic_base templates)
2014-12-12 01:22:32 -06:00
jvazquez-r7 78eb3325bc Add initial Rex Client and mixin 2014-12-12 01:20:14 -06:00
sinn3r b8e58d0f04 Support 32 and 64-bit for exe-only, and fix -k 2014-12-12 01:13:09 -06:00
Brent Cook fef9c67b0e
Land #3175, OJ's TLV group refactoring 2014-12-11 22:12:35 -06:00
Brent Cook 8140ed4a45 Merge branch 'upstream-master' into land-3175 2014-12-11 22:03:03 -06:00
sinn3r d311059e75 Fix DYNAMIC_BASE templates 2014-12-11 20:44:03 -06:00
James Lee 0c1d02c940
Fix event handlers on ruby 2
Fixes #4219
2014-12-11 20:08:45 -06:00
jvazquez-r7 20836c1789 Refactor crypto usage 2014-12-11 18:18:37 -06:00
jvazquez-r7 0b2fd7ffec Update PreAuthEncTimeStamp#encrypt documentation 2014-12-11 17:08:04 -06:00
jvazquez-r7 424ce6ad53 Add constant with CRYPTO_MSG_TYPE 2014-12-11 17:03:46 -06:00
jvazquez-r7 38a0506f2d Refactor Crypto 2014-12-11 17:00:46 -06:00
jvazquez-r7 35f02e6796 Add support to encode KdcRequest 2014-12-11 15:51:54 -06:00
dmaloney-r7 47c38ed04e Merge pull request #4364 from todb-r7/bug/bruteforce-speed-3904
Modules should respect bruteforce_speed again
2014-12-11 13:19:42 -06:00
jvazquez-r7 d96206b813 Support KdcRequest#encode 2014-12-11 12:44:17 -06:00
Tod Beardsley 4eaf64afef
Don't lie about stop_on_success
This absolutely needs to be honored too, though.

See #4365.
2014-12-11 12:37:13 -06:00
jvazquez-r7 3f12c5c9c5 Redo decode_asn1 2014-12-11 12:34:47 -06:00
jvazquez-r7 8d6e41fae3 Add documentation for KdcRequest 2014-12-11 12:27:26 -06:00
jvazquez-r7 162d2d39b5 Add support for KdcRequestBody decoding 2014-12-11 12:19:26 -06:00
Tod Beardsley edf541fabe
Fix some double spacing 2014-12-11 09:39:15 -06:00
jvazquez-r7 39ffc0c58a Add support for PreAuthData#encode 2014-12-10 19:48:44 -06:00
jvazquez-r7 b89dee03c6 Add PreAuthEncTimeStamp#encode support 2014-12-10 19:30:21 -06:00
jvazquez-r7 3accdb705b Add support for PreAuthPacRequest#encode 2014-12-10 19:18:19 -06:00
jvazquez-r7 96c1370334 Add EncryptedData#encode support 2014-12-10 19:12:24 -06:00
jvazquez-r7 543ec35a01 Refactor PrincipalName#encode 2014-12-10 18:57:23 -06:00
jvazquez-r7 5d2ff5982e Add support for PreAuthEncTimeStamp decoding/decrypting 2014-12-10 18:33:46 -06:00
Tod Beardsley 0eea9a02a1
Land #3144, psexec refactoring 2014-12-10 17:30:39 -06:00
sinn3r 9202c4f2a1 No mercy for os_flavor 2014-12-10 11:46:21 -06:00
jvazquez-r7 785ff60d8e Add inital support for PreAuthEncTimeStamp 2014-12-10 11:25:48 -06:00
jvazquez-r7 8ec403af89 Add support for PA-PAC-REQUEST 2014-12-10 10:51:37 -06:00
jvazquez-r7 6ebfbe7271 Prefix coding 2014-12-10 09:54:57 -06:00
jvazquez-r7 11acba3324 Prefix coding 2014-12-10 09:52:23 -06:00
jvazquez-r7 6653502e68 Support pa_data parsing on kdc_request 2014-12-10 09:47:31 -06:00
jvazquez-r7 cc909ba402 Add documentation for PreAuthData 2014-12-09 19:57:16 -06:00
jvazquez-r7 18819ad6b9 Prefix Rex 2014-12-09 19:37:42 -06:00
jvazquez-r7 0a6e42968b Add inital support for padata 2014-12-09 19:28:40 -06:00
jvazquez-r7 e62628f1cc Make specs pass 2014-12-09 18:52:42 -06:00
jvazquez-r7 2557780e7c Add initial support to decode kdc requests 2014-12-09 18:48:08 -06:00
jvazquez-r7 bed1e06d13 Mark EncryptedData encode as unsupported atm 2014-12-09 17:06:51 -06:00
jvazquez-r7 82549315ff Mark KdcRequestBody encode as unsupported atm 2014-12-09 17:05:20 -06:00
jvazquez-r7 b84840a596 Add support to decode TGS_REQ body 2014-12-09 16:51:34 -06:00
jvazquez-r7 f236438290 Add initial support for EncryptedData 2014-12-09 16:40:44 -06:00
jvazquez-r7 2725235bc1 Add require for EncryptedData 2014-12-09 16:28:37 -06:00
jvazquez-r7 c5865c6fec Add initial design draft 2014-12-09 15:53:29 -06:00
Tod Beardsley 09617f990b Implement BRUTEFORCE_SPEED respect (telnet)
This implements just for telnet, but assuming this strategy is kosher,
it's not too painful to add for the rest of the LoginScanner using the
old defaults used by `AuthBrute`.

See #3904, @dmaloney-r7 or @jlee-r7
2014-12-09 15:40:43 -06:00
Spencer McIntyre d74a8f6c41 Include the datastore options for the encoder too 2014-12-09 16:32:41 -05:00
sinn3r a584a5982f Clarify about how BES uses os_flavor
We don't. We don't use os_flavor anymore because it is no longer
implemented. We get the information from os_name instead.
2014-12-09 12:21:59 -06:00
sinn3r c670bb72df
Land #4337 - Fix prompt coloring on Windows 2014-12-09 11:53:35 -06:00
Spencer McIntyre 42710cc32e Error messages for the python meterpreter 2014-12-09 11:03:57 -06:00
Luke Imhoff 5f730277cf
Fix prompt coloring on Windows
MSP-11669

Set output stream for RbReadline (rl_outstream) to the
Rex::Ui::Text::Output::Stdio, which will use translate the ANSI color
escapes to set_color calls in Windows.
2014-12-08 14:31:00 -06:00
Luke Imhoff 8c0610cb7a
Merge branch 'master' into feature/MSP-11671/test-optimization
MSP-11671

Conflicts:
	.travis.yml
2014-12-08 08:46:22 -06:00
jvazquez-r7 564da4446e Add print friendly to_s 2014-12-07 17:52:09 -06:00
jvazquez-r7 19effa7eb9 Fix feedback's review 2014-12-06 21:47:55 -06:00
jvazquez-r7 21742b6469 Test #3729 2014-12-06 21:20:52 -06:00
jvazquez-r7 2c290e2004 Use classes short name 2014-12-05 20:16:50 -06:00
jvazquez-r7 8f403f3eea Update documentation 2014-12-05 20:11:45 -06:00
jvazquez-r7 03740df931 Support serialization 2014-12-05 19:55:52 -06:00
jvazquez-r7 785006b684 Use references 2014-12-05 19:12:05 -06:00
jvazquez-r7 ae608b1311 Add references to stream when possible 2014-12-05 17:35:38 -06:00
jvazquez-r7 13d8058fe5 Fill stream attribute 2014-12-05 17:14:37 -06:00
Jon Hart 39790a95a0
Land #4313, @wchen-r7's fix for #4304 2014-12-05 15:08:35 -08:00
jvazquez-r7 ca164cd99f Support the stream attribute 2014-12-05 16:52:59 -06:00
jvazquez-r7 90e2bbbff5 Refactor Contents 2014-12-05 16:05:35 -06:00
Jon Hart da92e4705c
Land #4319, @wchen-r7's fix for #4307 2014-12-05 12:08:39 -08:00
Tod Beardsley 0431720a07
Land #4294, msfconsole speedups on module load
Related to #4257 and #4195 vaguely, and possibly even #4147.
2014-12-05 13:45:11 -06:00
jvazquez-r7 2241653cb6 Delete self.stream initialization 2014-12-05 12:44:04 -06:00
jvazquez-r7 f5a19b9b41 Add support to decode TC_REFERENCE 2014-12-05 12:42:27 -06:00
sinn3r abf199f924 Remove junk code 2014-12-05 11:01:34 -06:00
jvazquez-r7 1653101da4 Add support for Arrays of Objects 2014-12-04 20:31:38 -06:00
jvazquez-r7 8e5dc27546 Support Objects with super classes 2014-12-04 19:19:42 -06:00
jvazquez-r7 4b8bdad44b Refactor contents serialization 2014-12-04 18:28:25 -06:00
sinn3r cfc1acfcae Fix #4307 - Check action for nil
Auxiiary modules already do this, but looks like we forgot to do the
same for post modules.

I also changed the error to allow "reason" in order to be more
informative about what the user should do.

Fix #4307
2014-12-04 17:07:59 -06:00
Jon Hart 743e9fca9d
Correctly set default SECRET 2014-12-04 14:06:22 -08:00
Jon Hart 1e423f415e
Add missing opt , 2014-12-04 14:05:17 -08:00
Jon Hart 7f425fc3ab
Configurable fix for #4305
Rename UDP_SECRET to just SECRET, as it is used for more than just UDP

Rename and properly document GATEWAY option

Introduce an option to configure what UDP port will be probed
2014-12-04 13:17:34 -08:00
Meatballs 186d8bd359
Fix starts_with? 2014-12-04 20:16:56 +00:00
Jon Hart f22d7191cd Test fix for #4305 2014-12-04 10:59:57 -08:00
sinn3r 9cc04e59eb Fix #4304 - Blank password is tried when it shouldn't happen
Fix #4304
2014-12-04 12:59:51 -06:00
jvazquez-r7 08f69da41a Undo to_s methods 2014-12-04 12:48:05 -06:00
jvazquez-r7 b80f6c34c0 Add tool to deserialize streams from files 2014-12-04 12:47:02 -06:00
Jon Hart d8b1401545
Test fix for #4306 2014-12-03 19:54:31 -08:00
jvazquez-r7 08fe467452 Add Stream specs 2014-12-03 19:31:46 -06:00
jvazquez-r7 2c8f66bba2 Add support for Reset 2014-12-03 18:50:56 -06:00
jvazquez-r7 fb246ac943 Add support for (de)serialization of contents 2014-12-03 18:50:31 -06:00
jvazquez-r7 3e8b8390dd Add support for Java Streams 2014-12-03 17:59:00 -06:00
jvazquez-r7 6cb6252914 Add YARD documentation for NewObject 2014-12-03 17:34:12 -06:00
jvazquez-r7 d0fcbf2cdb Add support for simple Objects really 2014-12-03 17:22:23 -06:00
jvazquez-r7 2b91d5013e Add support for simple Objects 2014-12-03 17:21:11 -06:00
James Lee 8f2e444aca
Land #4281, ::Queue workarounds for 2.1.x
Conflicts:
	lib/msf/core/handler/reverse_tcp.rb
2014-12-03 15:48:20 -06:00
jvazquez-r7 fbea369043 Check nils before encoding 2014-12-03 15:06:28 -06:00
jvazquez-r7 0560cc2fe9 Fix typos 2014-12-03 14:59:38 -06:00
jvazquez-r7 268157d42f Add support for Java Enums 2014-12-03 14:50:03 -06:00
jvazquez-r7 f0139d6aad Fix some docu typos 2014-12-03 14:34:17 -06:00
jvazquez-r7 0cd51553ed Raise error on unsupported ClassDesc 2014-12-03 14:00:10 -06:00
jvazquez-r7 6deb88af6b Add support for arrays 2014-12-03 13:55:12 -06:00
jvazquez-r7 b9023e8fcc Split ClassDescription into ClassDesc and NewClassDesc 2014-12-03 00:38:27 -06:00
jvazquez-r7 db45f4c620 Delete ClassDescription 2014-12-02 23:56:55 -06:00
jvazquez-r7 1f535a41ca Move types to the Serialization module 2014-12-02 20:02:42 -06:00
jvazquez-r7 2c070c450b Add support for ClassDescription 2014-12-02 17:31:53 -06:00
sinn3r f6f0050f56 Fix #3886 - Backtrace for #check when session is invalid
If the user supplies an invalid session (as in not on the session
list), it will cause a backtrace, because the setup method from
Msf::PostMixin isn't actually called.

We have thought about implementing this in a new OptSession instead.
But you can't use or even pass framework to option_container.rb, so
this is NOT possible.

The original PR was #3956.
2014-12-02 17:22:46 -06:00
jvazquez-r7 e9e584e107 Raise exceptions when unserialization isn't possible 2014-12-02 15:31:31 -06:00
Fernando Arias fb439258b9
Land #4298, arbitrary Ruby extension for replicant
MSP-11673

* Adds Msf::Module#register_extensions
* Extensions are arbitrary Ruby modules
* Allows overriding of psuedo callbacks
2014-12-02 14:59:37 -06:00
Luke Imhoff f696a5ab0e
msfconsole --defer-module-loads
MSP-11671

Add command line option --defer-module-loads to msfconsole.  It will
stop `Msf::Ui::Console::Driver` from calling
`framework.modules.init_module_paths` AND
`framework.modules.refresh_cache_from_database`.  This flag is only
meant to speed up msfconsole boot when modules do not need to accessed,
such as during cucumber testing of command help or command line options.
2014-12-02 14:41:32 -06:00
Trevor Rosen 2a033861dc
Just use constants directly
MSP-11673
2014-12-02 13:12:53 -06:00
Trevor Rosen 784e138b14
Extend replicants via arbitrary Ruby code
MSP-11673

* Implements a #register_extensions method on Msf::Module
* Any registered Ruby modules will extend the cloned module returned by #replicant
2014-12-02 12:18:30 -06:00
Luke Imhoff 35ff82c9d8
Merge branch 'bug/MSP-11672/double-init-module-paths' into feature/MSP-11671/msfconsole-defer-module-loads
MSP-11671
2014-12-02 11:57:47 -06:00
HD Moore fc96d011ab
Python reverse_http stager, lands #4225 2014-12-02 11:47:31 -06:00
jvazquez-r7 622a18bc22 Add support for annotations 2014-12-02 11:42:41 -06:00
Luke Imhoff 9272fe90ae
Merge branch 'master' into bug/MSP-11672/double-init-module-paths
MSP-11672
2014-12-02 11:23:51 -06:00
jvazquez-r7 a68540cfa2 Add support for Data Block Long 2014-12-02 10:49:15 -06:00
jvazquez-r7 9c5d7e66d4 Add block data support 2014-12-02 10:46:29 -06:00
Luke Imhoff 90c6764426
init_module_paths once in msfconsole
MSP-11672

Pass `'DeferModuleLoads' => false` to `Msf::Simple::Framework.create` so
that `framework.modules.init_module_paths` is only called once (directly
in `Msf::Ui::Console::Driver#initialize`) instead of twice (in
`Msf::Simple::Framework.create` and `Msf::Ui::Console::Driver#initialize).
2014-12-02 10:28:23 -06:00
Luke Imhoff 653c71e029
Fail if init_module_paths called more than once
MSP-11672

Calling init_module_paths takes 6 seconds on my machine even when there are no
files to that are changed just because it takes that long to walk the
directories and gather the mtime for each file.  Therefore, calling it
more than once should be avoided.  Also, there is no reason to call it
twice as to add paths later, `modules.add_module_paths` should be used.
2014-12-02 10:17:09 -06:00
jvazquez-r7 8923b87def Don't redefine the static decode method 2014-12-02 09:02:24 -06:00
William Vu bd3d63a155
Land #4270, Msf::Author cleanup and improvements 2014-12-02 01:26:42 -06:00
jvazquez-r7 ef2bf5b935 Add support for long-utf 2014-12-01 19:50:33 -06:00
jvazquez-r7 705cd4c308 Add initial requiring file 2014-12-01 19:08:16 -06:00
jvazquez-r7 5f11c70d7f Add initial support for Java serialization 2014-12-01 19:07:45 -06:00
Luke Imhoff 7e2b197f02
Document Msf::Simple::Framework.create
MSP-11671
2014-12-01 15:38:48 -06:00
Luke Imhoff 57cabb4f10
Document Msf::Simple::Framework.simplify
MSP-11671
2014-12-01 15:36:38 -06:00
William Vu 394d132d33
Land #2756, tincd post-auth BOF exploit 2014-12-01 12:13:37 -06:00
sinn3r c681654c10
Land #4252 - Rework meterpreter SSL & pass datastore to handle_connection() 2014-11-30 20:15:53 -06:00
HD Moore f139795663 Rework queue handling and error reporting, close #4249 2014-11-28 14:56:02 -06:00
HD Moore 335d1ef287 Only cache auto-generated certificates 2014-11-26 21:23:08 -06:00
Joe Vennix 2bd7a67413
Restructure parts of Author, fix some doc bugs. 2014-11-26 13:54:23 -06:00
William Vu a34e721353
Check for load errors in reload_all 2014-11-25 13:13:40 -06:00
Jon Hart c0dab54925
Add minor missing doc 2014-11-25 07:37:49 -08:00
Jon Hart bedf7ed44b
Doc cleanup 2014-11-24 14:34:20 -08:00
Jon Hart 0ed356f71c
Move Kademlia stuff to a more OO model, etc, per reviews
All of the work is done in rex.  The msf mixin just prevents the
desire to call rex directly from the module
2014-11-24 14:03:43 -08:00
HD Moore 4dc1183ff5 Protecting it once seems like enough (typo) 2014-11-22 17:42:07 -06:00
HD Moore 8becf417a7 Qualify ::File to prevent a stacktrace 2014-11-22 17:16:13 -06:00
HD Moore 673e21cfaf Rework meterpreter SSL & pass datastore to handle_connection()
This allows HandlerSSLCert to be used to pass a SSL certificate into the Meterpreter handler. The datastore has to be passed into handle_connection() for this to work, as SSL needs to be initialized on Session.new. This still doesn't pass the datastore into Meterpreter directly, but allows the Session::Meterpreter code to extract and pass down the :ssl_cert option if it was specified. This also fixes SSL certificate caching by expiring the cached cert from the class variables if the configuration has changed. A final change is to create a new SSL SessionID for each connection versus reusing the SSL context, which is incorrect and may lead to problems in the future (if not already).
2014-11-22 15:35:00 -06:00
HD Moore 823b4e259a Make it clear SSLVersion is not advertised since it isn't used 2014-11-22 14:25:09 -06:00
HD Moore 842a7a38d8 Change SSLCert to HandlerSSLCert to avoid conflicts with modules 2014-11-22 14:23:56 -06:00
HD Moore 9ed8c59459 Bring options over from reverse_tcp (bind address, etc).
Also includes the SSLCert => HandlerSSLCert change
2014-11-22 14:22:54 -06:00
HD Moore ba9c763f7e Auto-generated SSL certs now match "snakeoil" defaults
This change emulates the auto-generated snakeoil certificate from Ubuntu 14.04. The main changes including moving to 2048-bit RSA, SHA256, a single name CN for subject/issuer, and the removal of most certificate extensions.
2014-11-21 18:25:04 -06:00
jvazquez-r7 90ae9a3ff8
Land #4173, @wchen-r7's fix for SMB find_first
* Fixes #4119, SMB find_first("\\*") does not return accurate results
* It missed initialization of sid
2014-11-21 09:51:57 -06:00
sinn3r f2add929d7
Land #4239 - Support SSL intermediate certs 2014-11-21 02:09:40 -06:00
Jon Hart e255db9429
Partial commit 2014-11-20 13:49:36 -08:00
Jon Hart 5d2c02f402 Initial commit of more OO version of Rex/Aux Kademlia support 2014-11-20 13:28:01 -08:00
Jon Hart 94e5ba13a4 YARD and spec cleanup 2014-11-20 13:28:01 -08:00
Jon Hart df36ac910d Mostly complete Kademlia PING / BOOTSTRAP scanner 2014-11-20 13:28:01 -08:00
Jon Hart f5aa3ecb57 Add proper peer decoding 2014-11-20 13:28:01 -08:00
Jon Hart ab49d01a1b Add beginnings of Kademlia gather module and protocol support 2014-11-20 13:28:00 -08:00
HD Moore 2f92a83092 Change to example.com as the default domain 2014-11-20 14:53:36 -06:00
HD Moore d530046164 Bugfix. Chrome is a liar (chain certs properly) 2014-11-19 16:08:03 -06:00
HD Moore 0d091f1c03 Support SSL intermediate certs, closes #4238
Note that this does not apply to reverse_tcp meterpreter clients yet, as
they do not allow certificates to be supplied. I abstracted out the SSL
certificate generation and parsing methods so that we can address this
next.
2014-11-19 15:56:49 -06:00
Meatballs 7004c501f8
Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2
Conflicts:
	modules/exploits/windows/smb/psexec.rb
2014-11-19 14:40:50 +00:00
jvazquez-r7 dff6af0747 Restore timeout 2014-11-18 12:17:10 -08:00
jvazquez-r7 4844447d17 Use 20 seconds as default timeout
* Because it's the default timeout on Rex::Proto::SunRPC::Client
2014-11-18 12:17:10 -08:00
jvazquez-r7 694561dd0f Dont shadow methods with local variables, just in case... 2014-11-18 12:17:10 -08:00
Jon Hart bfde6047d5 Introduce a user-controlled timeout for SunRPC stuff 2014-11-18 12:17:10 -08:00
Jon Hart a9f9a8b116 Introduce new ::Rex::Proto::SunRPC::RPCError, making run_host cleaner 2014-11-18 12:17:10 -08:00
Trevor Rosen d04441f638
Merge branch 'landing/4207' into upstream-master
Land #4207

* Ensure that `rake spec` doesn't create too many threads
2014-11-18 09:23:20 -06:00
Luke Imhoff 8249ef62c9
Merge branch 'master' into chore/MSP-11614/remove-msf-db-manager-sink
MSP-11614

Conflicts:
	spec/lib/msf/core/task_manager_spec.rb
2014-11-18 08:54:14 -06:00
Trevor Rosen fff36f5968
Merge branch 'landing/4189' into upstream-master
Land #4189

* Detect leaked threads during spec runs
* Manage threads before/after spec runs
2014-11-18 08:33:38 -06:00
jvazquez-r7 7daedac399
Land #3972 @jhart-r7's post gather module for remmina Remmina
* Gather credentials managed with Remmina
2014-11-17 16:44:41 -06:00
Tod Beardsley 286827c6e5
Land #4186, Samsung KNOX exploit. Ty @jvennix-r7! 2014-11-17 13:29:39 -06:00
Spencer McIntyre 2b36c1bb43 Fix pymeterp bugs from testing in osx and python3 2014-11-17 14:04:30 -05:00
jvazquez-r7 cc8b37d619 Make directory mandatory 2014-11-17 12:15:33 -06:00
jvazquez-r7 15b7435c34 Make it YARD compliant documentation 2014-11-17 12:03:37 -06:00
Jon Hart cd32f00ebc
Add dir doc 2014-11-17 09:15:08 -08:00
Jon Hart 98db8b5ad9
When not a meterpreter session, split dir/ls output to match meterpreter entries output 2014-11-17 09:10:03 -08:00
Jon Hart 5f1a1f8ed3 Use dir for Windows only, ls for the rest 2014-11-17 09:01:14 -08:00
Jon Hart 6519b0e2cb Add dir and ls to Msf::Post::File 2014-11-17 09:01:14 -08:00
floyd 9243cfdbb7 Minor fixes to ruby style things 2014-11-17 17:12:17 +01:00
floyd 91aa5fa3cf Some simple ruby convention changes that hopefully make ruby people happy 2014-11-17 16:48:52 +01:00
floyd 3c1ce5072c Replaced camel case states with snail_case 2014-11-17 16:37:04 +01:00
Luke Imhoff 33b42389f0
Merge branch 'feature/MSP-11147/thread-leak-detection' into feature/MSP-11605/lazy-thread-creation
MSP-11605
2014-11-17 09:35:47 -06:00
Luke Imhoff e3869ee1ae
Include Thread status when printing leaked threads
MSP-11147

Sometime travis-ci is showing leaked threads even when
'Msf::Framework#threads cleaner' is being used, so I'm adding the
`Thread#status` to the data printed about the Thread to see if the
sometimes leaked threads have an odd status.  There's still a chance
that there will be a race-condition between when I call Thread.list and
I ask for each Thread's status that the VM could finish aborting a
Thread so that status I print isn't the same as the one that caused the
Thread to be returned in Thread.list.
2014-11-17 09:30:46 -06:00
Luke Imhoff ba836f2383
Only calculate thread UUIDs if they are needed
MSP-11147

Only calculate thread UUIDs if the thread count exceeds
EXPECTED_THREAD_COUNT_AROUND_SUITE.
2014-11-17 09:17:44 -06:00
Luke Imhoff 024b449b55
Merge branch 'master' into feature/MSP-11605/lazy-thread-creation
MSP-11605
2014-11-17 08:50:33 -06:00
Joe Vennix 2a24151fa8
Remove BAP target, payload is flaky. Add warning. 2014-11-17 02:02:37 -06:00
Joe Vennix 105a28d8fd
Run the tests again. 2014-11-16 23:42:40 -06:00
Joe Vennix a7aeac5df3
Fix APK signing on osx. 2014-11-16 23:29:54 -06:00
Spencer McIntyre 0bf93acf6b Pymeterp http proxy and user agent support 2014-11-16 14:29:20 -05:00
Joe Vennix 7a62b71839
Some URL fixes from @jduck and exploit ideas from Andre Moulu.
The exploit works with the URLs fixed, installs the APK, but hangs at the Installing...
screen and never actually launches. We tried opening the APK in a setTimeout() intent
URI, but the previously launched intent seemed unresponsive. Andre had the bright
idea of re-opening the previously launched intent with invalid args, crashing it and
allow us to launch the payload.
2014-11-15 21:33:16 -06:00
William Vu a521d469ed
Land #4194, Quake protocol support 2014-11-15 17:44:19 -06:00
Spencer McIntyre e562883ba9 Escape inserted vars and fix core_loadlib 2014-11-15 15:06:18 -05:00
sinn3r d207345778
Land #4200 - report_note handling incorrect protocol names 2014-11-15 13:16:58 -06:00
Luke Imhoff ceb7a63a5c
Merge branch 'master' into feature/MSP-11147/thread-leak-detection
MSP-11147
2014-11-14 18:20:55 -06:00
Spencer McIntyre 7c14e818f6 Patch pymeterp http settings 2014-11-14 17:12:23 -05:00
William Vu 0477c5f8fe
Land #4191, merge_check_key update for Ruby 2.1.4 2014-11-14 15:33:47 -06:00
Trevor Rosen 3b558624f3
Merge branch 'landing/4129' into upstream-master
Landing #4129

* Detect leaked constants in spec runs
2014-11-14 12:55:56 -06:00
Luke Imhoff 43511e648a
Merge branch 'chore/MSP-11614/remove-msf-db-manager-sink' into feature/MSP-11605/lazy-thread-creation
MSP-11605

Conflicts:
	spec/lib/msf/core/task_manager_spec.rb
2014-11-14 11:59:12 -06:00
Luke Imhoff 14fa1dba0b
Merge branch 'master' into feature/MSP-11605/lazy-thread-creation
MSP-11605
2014-11-14 11:58:16 -06:00
Luke Imhoff 5e6400a506
Remove Msf::TaskManager
MSP-11614

`Msf::TaskManager` was only used for `Msf::DBManager#sink`, which was
removed because it was unused, so `Msf::TaskManager` can also be
removed.
2014-11-14 11:15:05 -06:00
Luke Imhoff 55a8f6f339
Remove Msf::DBManager::Sink
MSP-11614

`Msf::DBManager::Sink` contains code for a `sink` that is a meant to
serialize database events, but it's unneeded because all database events
go directly through ActiveRecord, which handles threading.
2014-11-14 10:51:51 -06:00
Spencer McIntyre 6b2387b7fc Prepare for a reverse_http stager 2014-11-14 11:15:22 -05:00
Jon Hart 57aef9a6f5
Land #4177, @hmoore-r7's fix for #4169 2014-11-13 18:29:57 -08:00
Matt Buck 651beb9acb
Land #4192, enable specifying mode for Rex output file 2014-11-13 14:57:48 -06:00
Julio Auto 812aa9bc1a Reduce number of calls to to_s and downcase 2014-11-13 14:56:17 -06:00
Julio Auto e72d9bd21f Fix report_note handling incorrect protocol names 2014-11-13 14:30:43 -06:00
Luke Imhoff eb3ff769a9
Msf::Framework#threads?
MSP-11605

`Msf::Framework#threads?` returns whether `Msf::Framework#threads` was
ever initialized.  If `Msf::Framework#threads?` is true, then threads
need to be cleaned up, while if it is false then no threads need to be
cleaned up from the current framework.
2014-11-13 14:21:35 -06:00
Luke Imhoff d9a25005a6
Wrap Msf::Framework#threads in Metasploit::Framework::ThreadFactoryProvider
MSP-11605

`Rex::ThreadFactory.provider` needs to be set in
`Msf::Framework#initialize`, but setting it directly to
`Msf::Framework#threads` eliminates the laziness of
`Msf::Framework#threads`.  In order keep `framework.threads` lazy,
`framework` is wrapped in a
`Metasploit::Framework::ThreadFactoryProvider`, which responds to
`spawn`, which is needed by `Rex::ThreadFactory`, by calling
`framework.threads.spawn`, which lazily initialized `framework.threads`
when the first thread needs to be spawned.
2014-11-13 14:08:26 -06:00
Luke Imhoff 0bc27334c1
Thread-safe lazy Msf::Framework#db
MSP-11605

Switch `Msf:Framework#db` from being set in `#initialize` to a custom
method that uses `||=` to lazily initialize the `Msf::DBManager` inside
a `synchronize` block to make it thread safe.
2014-11-13 13:38:53 -06:00
Luke Imhoff 92adaa816f
Store Msf::Framework#initialize options
MSP-11605

Store options `Hash` passed to `Msf::Framework#new` in `#options` so
that lazily initialized children, such as DBManager, have access to
those options.
2014-11-13 13:23:17 -06:00
Luke Imhoff bc181f0294
Thread-safe lazy Msf::Framework#sessions
MSP-11605

Switch `Msf::Framework#sessions` from being set in `#initialize` to a
custom method that uses `||=` to lazily initialize the
`Msf::SessionManager` inside a `synchronize` block to make it thread
safe.
2014-11-13 13:17:57 -06:00
Trevor Rosen 0959ef3d13
Fixes lack of support for MetasploitV5 tag
#4184

* Appears to have been overlooked somehow in the pre-BlackHat crunch
* V5 will not support credentials
* We are implementing full-workspace zip import/export for credentials
2014-11-13 13:01:55 -06:00
Luke Imhoff 216c3d01de
Thread-safe lazy Msf::Framework#threads
MSP-11605

Switch Msf::Framework#threads to a custom method that uses `||=` to
lazily initialize the `Msf::ThreadManager` inside a `synchronize` block
to make it thread safe.
2014-11-13 11:12:43 -06:00
Luke Imhoff 8fc683d75d
Use MonitorMixing in Msf::Framework
MSP-11605

To get access to `#synchronize` for thread-safe lazy initialization.
2014-11-13 11:11:34 -06:00
Luke Imhoff b17b263cc7
Ignore debugger threads
MSP-11147

When using the debugger, it adds a thread that should be allowed and not
go towards the count.
2014-11-13 09:49:08 -06:00
Luke Imhoff 535f69b56d
Append to RUBYOPT for debugger compatibility
MSP-11147

When using Rubymine's debugger, the tests would run and say there were
no tests and no break points would be hit.  It was determined that this
was due the Rubymine's debugger injecting itself into RUBYOPTS and only
working if it's first in RUBYOPT, which means that
'metasploit:framework:spec:threads:suite' must inject '-Ilib
-rmetasploit/framework/spec/threads/logger' at the end of RUBOPT instead
of the beginning.
2014-11-13 09:19:07 -06:00
Jon Hart ebf6fe4e56
Minor style cleanup 2014-11-12 16:44:43 -08:00
Trevor Rosen f658efe144
Add the ability to specify mode in Rex output file
* Because sometimes you might want to append
* Preserves original hardcoded 'wb' as default
* http://pubs.opengroup.org/onlinepubs/009695399/functions/fopen.html
2014-11-12 16:08:03 -06:00
Jon Hart 07a1653e57
Add gather module for Quake servers 2014-11-12 13:32:56 -08:00
sinn3r 846dbc7432 Fix #4163 - Update merge_check_key to keep up with 2.1.4 change
The merge_check_key method (found in Msf::Module::ModuleInfo)) uses
respond_to? to check is our object includes a merge_info_description
method before merging descriptions. The respond_to? method in 2.1.4
by default no longer checks private and protected methods, and this
is breaking our merge_check_key method.

Fix #4163
2014-11-12 13:46:14 -06:00
Luke Imhoff 69043d51e0
Merge branch 'master' into feature/MSP-11147/thread-leak-detection
MSP-11147
2014-11-12 12:34:25 -06:00
Luke Imhoff ad4ee3cffd Merge branch 'master' of rapid7.github.com:/rapid7/metasploit-framework 2014-11-12 11:10:48 -06:00
Luke Imhoff 1fd8fe57df
Merge staging/great-backport to master
Conflicts:
	spec/lib/msf/core/module_spec.rb
2014-11-12 11:08:18 -06:00
sinn3r ac4b2bee4d
Land #4181 - Fix nil URIPORT in get_uri (HttpServer) 2014-11-12 10:54:16 -06:00
Jon Hart e658640014
Show uniq error count 2014-11-12 07:38:07 -08:00
Jon Hart b05198c05a
Clean up failure messaging when bad CHOST 2014-11-12 07:32:06 -08:00
William Vu 89a8d27602
Fix port 0 bug in URIPORT 2014-11-11 15:57:41 -06:00
Tod Beardsley 7e05f88399
Reapply PR #4113 (removed via #4175) 2014-11-11 15:06:43 -06:00
HD Moore 6b4eb9a8e2 Differentiate failed binds from connects, closes #4169
This change adds two new Rex exceptions and changes the local comm to raise the right one depending on the circumstances. The problem with the existing model is
that failed binds and failed connections both raised the same exception. This change is backwards compatible with modules that rescue Rex::AddressInUse in additi
on to Rex::ConnectionError. There were two corner cases that rescued Rex::AddressInUse specifically:

1. The 'r'-services mixin and modules caught the old exception when handling bind errors. These have been updated to use BindFailed
2. The meterpreter client had a catch for the old exception when the socket reports a bad destination (usually a network connection dropped). This has been updat
ed to use InvalidDestination as that was the intention prior to this change.

Since AddressInUse was part of ConnectionError, modules and mixins which caught both in the same rescue have been updated to just catch ConnectionError.
2014-11-11 14:59:41 -06:00
Tod Beardsley 017a44c0ae
Revert errored merge of deea30d
Revert "Merge branch 'master' of https://github.com/farias-r7/metasploit-framework into upstream-master"

This reverts commit deea30ddb4, reversing
changes made to 14514d7b8b.
2014-11-11 14:38:47 -06:00
HD Moore dbd5937dc7 Limit threads to 1 when CPORT is set, closes #4170
This issue also applies to TCP scanner modules.
2014-11-11 13:21:09 -06:00
sinn3r 719db5d2b1 Fix #4119 - SMB lost search ID (sid) in find_first method
This will fix issue #4119. A bug in the find_first method in rex
SMB.

When the SMB client requests a TRANS2_FIND_FIRST2 for retriving
information about what items a directory has, the server returns
a response that contains an SID - a search identifier for the
transaction. If the SMB client wants more data, it must send a
TRANS2_FIND_NEXT2 request with the same SID. And then the server
will continue sending more until it runs out.

The root cause of this bug is that after the TRANS2_FIND_FIRST2
request is sent, our SMB's find_first method forgets the SID at
the end of the loop (out of scope).
2014-11-11 12:35:07 -06:00
HD Moore 96ba6da697
Add the UDP scanner template, lands #4113.
There is some additional work to do regarding CHOST/CPORT, but this is not tied to the udp template changes.
2014-11-11 11:59:30 -06:00
jvazquez-r7 0a68171bab
Land #4166, @wchen-r7's fix for undefined method `rank'
* Fixes #4047
* undefined method `rank' due to an invalid encoder name
2014-11-10 15:00:17 -06:00
jvazquez-r7 86ff5f93eb
Land #4158, Fix for null dereference on Exploit::Remote::HttpServer#remove_resource 2014-11-10 14:14:48 -06:00
jvazquez-r7 4e96833408 Check service before using it 2014-11-10 14:14:20 -06:00
jvazquez-r7 1064049729 Revert "Fix buggy calls to stop_service"
This reverts commit 613f5309bb.
2014-11-10 14:05:57 -06:00
sinn3r 0b51741779 Fix #4047 - undefined method `rank' due to an invalid encoder name
Fix #4047 caused by an invalid encoder name. Also added elog() to
avoid shutting everything up in msfvenom
2014-11-10 13:25:53 -06:00
Trevor Rosen 8511dc4131
Merge branch 'landing/4135' into upstream-master
Land #4135

* Improve Bundle management:
* Option to install w/out DB group
* Option to install w/out pcap support
2014-11-10 09:26:42 -06:00
floyd 9d848c8c3b Adding tincd post-auth stack buffer overflow exploit module for several OS
Minor changes to comments

Updated URLs

Added Fedora ROP, cleaned up

Fixing URLs again, typos

Added support for Archlinux (new target)

Added support for OpenSuse (new target)

Tincd is now a separate file, uses the TCP mixin/REX sockets.

Started ARM exploiting

Style changes, improvements according to egyp7's comments

Style changes according to sane rubocop messages

RSA key length other than 256 supported. Different key lengths for client/server supported.

Drop location for binary can be customized

Refactoring: Replaced pop_inbuffer with slice

Refactoring: fail_with is called, renamed method to send_recv to match other protocol classes,
using rand_text_alpha instead of hardcoded \x90,

Fixed fail command usage

Version exploiting ARM with ASLR brute force

Cleaned up version with nicer program flow

More elegant solution for data too large for modulus

Minor changes in comments only (comment about firewalld)

Correct usage of the TCP mixin

Fixes module option so that the path to drop the binary on the server is not validated against the local filesystem

Added comments

Minor edits

Space removal at EOL according to msftidy
2014-11-10 12:03:17 +01:00
Joshua Smith 1844b3956d
Land #4063 allow session lists
Note: the parsing for cmd_sessions  needs to be revamped and DRYd up in
a separate PR.
2014-11-09 22:40:53 -06:00
Joshua Smith 03a988b5dc
Land #4150, adds getsid command
Fixes #3787
2014-11-09 22:10:22 -06:00
OJ eb830cb361 Idiomaticise the rubies 2014-11-10 07:44:36 +10:00
sinn3r 8f3b1e71b3 Fix #4156 - NoMethodError undefined method `stop'
This will fix #4156. It also fixes NoMethodError payload_exe
when I was trying to fix the undef 'stop' one
2014-11-09 14:07:02 -06:00
sinn3r cd0dbc0e24 Missed another 2014-11-09 14:06:39 -06:00
Julio Auto 613f5309bb Fix buggy calls to stop_service 2014-11-09 02:15:30 -06:00
sinn3r e54442af36 Fix #4089 - undefined method `downcase' for nil:NilClass 2014-11-07 02:45:22 -06:00
Joshua Smith 7b25e3be75
Land #4139, Visual Mining NetCharts
landed after some touch up
2014-11-06 22:52:41 -06:00
Joshua Smith 709ff1bbdb touch up lib/rex/mime/message.rb 2014-11-06 22:48:34 -06:00
OJ 08e707225c Add support for the getsid command
There has been Meterpreter work done as well to support this. But this
commit allows for a new 'getsid' command which tells you the sid of the
current process/thread. This can be used for things like determining
whether the current process is running as system. It could also be used
for golden ticket creation, among other things.
2014-11-07 10:38:22 +10:00
jvazquez-r7 64fe2dd7d6
Land #4143, @kernelsmith's get_custom_exe fix
* Initializes the exe variable
* Fixes #4131
2014-11-06 14:39:57 -06:00
Luke Imhoff 8416985c9d
Give Threads UUIDs for spec run so caller can be correlated
Have 'metasploit/framework/spec/threads/suite/logger' generate a UUID
for each Thread.  This UUID is printed on the "BEGIN Thread.new caller"
line and is assigned as a thread-local variable,
'metasploit/framework/spec/threads/logger/uuid'.  In `after(:suite)`,
the log can be parsed to map the caller back to each UUID and then only
the UUID of the still existing threads is used to look up the caller and
print their stacktraces.  This means only leaked threads callers will be
printed.
2014-11-06 14:05:35 -06:00
Joshua Smith b199820d23 init exe as nil instead of '' 2014-11-06 13:31:37 -06:00
jvazquez-r7 6e51d84371
Land #4138, @wchen-r7's reference cheking for module_reference.rb
* Fixes #4039
2014-11-06 10:51:29 -06:00
Tom Sellers 9295d9077e Remove debugging output 2014-11-06 09:27:44 -06:00
Luke Imhoff 8f635a1d76
Remove empty define_task
MSP-11147
2014-11-06 09:11:31 -06:00
Luke Imhoff 8855e0731c
Fix multiline string indentation
MSP-11147
2014-11-06 09:11:12 -06:00
Luke Imhoff 8d06189a19
Tell use to run with `rake spec` to see Thread.new caller
MSP-11147

If the log isn't available, tell the user to rerun with `rake spec`
instead of printing nothing after the `:\n`, which looks incomplete.
2014-11-06 09:10:04 -06:00
Luke Imhoff c1f1222783
Check that threads/suite.log exists before reading
MSP-11147

Even with leaked threads, there may be no log if the suite is run
without `rake spec`, such as when `rspec` is used directly to run a
subset of specs.
2014-11-06 09:07:11 -06:00
Tom Sellers 8bf6a34d6c Fix empty session ID and cleanup
- Fixed handling of empty session IDs for those commands that required them
- Added help text for ranges with examples
2014-11-06 07:18:55 -06:00
Joshua Smith 265c178c52 fixes #4131, EXE::Custom NameError 2014-11-05 22:10:54 -06:00
Matias P. Brutti ddb62c84b3 Removing add_host since it is not necessary :(
- Ups I did not needed this. I can get away with report_host and
report_client.
2014-11-05 18:03:23 -08:00
Matias P. Brutti b5e6465916 Adding db.add_host() and workspace
- Adding add_host() Although Report host exists, this is a
straightforward method to metasploit-credential::creation::add_host()
- Add workspace.id to the responses of db.current_workspace and
db.workspace and  db.get_workspace
2014-11-05 14:23:27 -08:00
jvazquez-r7 c833888c32 Just randomize 2014-11-05 15:53:06 -06:00
Luke Imhoff d66c98b34d
Remove prior log/metasploit/framework/spec/threads/suite.log
MSP-11147
2014-11-05 15:51:43 -06:00
Luke Imhoff d4d710cc3a
Merge branch 'feature/MSP-11130/metasploit-framework-spec-constants' into feature/MSP-11147/thread-leak-detection
MSP-11147

Merge to get framework instance cleanup, which should clean up a lot of
thread leaks too.

Conflicts:
	Rakefile
	lib/metasploit/framework/spec.rb
	spec/spec_helper.rb
2014-11-05 15:47:59 -06:00
Luke Imhoff 097aa330e1
Log caller for each Thread.new for `rake spec`
MSP-11147
2014-11-05 15:34:35 -06:00
Luke Imhoff 96990fdc02
Fail before suite if more than 1 thread exists
MSP-11147

Detect thread leaks in a `before(:suite)` configured by
`Metasploit::Framework::Spec::Threads::Suite.configure!` and fail if any
leaks are found.
2014-11-05 14:38:43 -06:00
jvazquez-r7 7ba705f23a Add some randomized variables to JSP Payloads
Because the JASPER engine with Tomcat has been found
complaining about the out variable.
2014-11-05 12:16:33 -06:00
jvazquez-r7 741f99f118 Delete starting empty line
When header is empty it shouldn't add an starting empty
new line
2014-11-05 11:42:42 -06:00
sinn3r f34ad57199 Check module references 2014-11-05 09:57:13 -06:00
Luke Imhoff 3093ba8394
Explicitly require 'metasploit/credential' and 'metasploit_data_models'
By putting the db group into the metasploit-framework-db.gemspec,
bundler no longer automatically required 'metasploit/credential' and
'metasploit_data_models' because gems, such as metasploit-framework-db,
are expected to explictly require their dependencies.
2014-11-05 09:25:50 -06:00
Tom Sellers 2bec646393 rolling back a change 2014-11-05 06:49:06 -06:00
Tom Sellers 8aa6fca760 Minor fixes and status update
Minor tweaks after the PR from @kernelsmith

Remaining items:

1. Handle empty session IDs correctly, for example 'sessions -d' or 'sessions -k'
2. Find a method of explaining the range options in the help text
3. Retest all changed code areas
4. Edit PR Summary to reflect changes to the scope
2014-11-05 06:46:55 -06:00
Joshua Smith 78a4ee686b modernizes & DRYs session/job ranges 2014-11-04 23:33:31 -06:00
Tod Beardsley f8593ca1b5
Land #4109, tnftp savefile exploit from @wvu-r7 2014-11-04 15:44:13 -06:00
Luke Imhoff 9f573e2d8d
Revert "Add .log extension to metasploit/framework/spec/constants/suite log"
MSP-11130

This reverts commit 4f986c4a48.

Extension wasn't there because it was a directory name and a log file
name.
2014-11-04 14:03:54 -06:00
Luke Imhoff dee02fc85b
Automatically clear previous log/metasploit/framework/spec/constants/each.log
MSP-11130

Have a task, 'metasploit:framework:spec:constants:each:clean' run before
`rake spec` that removes the previous
`log/metasploit/framework/spec/constants/each.log` so that the user doesn't
have to manually remove the load when removing
`Metasploit::Framework::Spec::Constants::Each.configure!` from
`spec/spec_helper.rb`.
2014-11-04 13:58:13 -06:00
Luke Imhoff 313d86982c
Log Spec::Constants::Each error instead of flag.
MSP-11130

Instead of writing `1` to the file and then printing a verbose message
in the spec task action, log the verbose message and just print the log
in the spec task action, so other tools can just look at the log when
not using `rake spec`.

NOTE: Failing specs due to unnecessary
`Metasploit::Framework::Spec::Constants::Each.configure!`
2014-11-04 13:36:52 -06:00
Luke Imhoff 1d09fa677e
log/remove-cleaner -> log/metasploit/framework/spec/constants/each.log
MSP-11130

Rename log file to match naming scheme for
Metasploit::Framework::Spec::Constants::Suite.
2014-11-04 13:21:47 -06:00
Luke Imhoff 4f986c4a48
Add .log extension to metasploit/framework/spec/constants/suite log
MSP-11130
2014-11-04 13:20:10 -06:00
Jon Hart b0e388f4c3
Land #3516, @midnitesnake's snmp_enumusers fix for Solaris, OS X 2014-11-04 08:23:16 -08:00
Luke Imhoff 7cb0954a6e
Add manual removal of `log/remove-cleaner` to Each removal
MSP-11130

When removing `Metasploit::Framework::Spec::Constants::Each.configure`
from spec/spec_helper.rb,
`Metasploit::Framework::Spec::Constants::Each.define_task` will see the
`log/remove-cleaner` from the last run unless it is manually removed.
2014-11-04 10:10:28 -06:00
Luke Imhoff b0f1b2a1f7
Merge branch 'master' into feature/MSP-11130/metasploit-framework-spec-constants
MSP-11130

Conflicts:
	Rakefile
2014-11-04 10:10:12 -06:00
agix 333d420c94 Fix refactoring bug from 23 october in util/exe
23 October, {} instead of #{} totally break windows service generation
f19b093529 (diff-0f5729034d8b0b321e738f2fc047854fL578)
2014-11-04 11:59:36 +01:00
jvazquez-r7 41800163dd Fix recursive call to find_by_sid 2014-11-03 14:25:29 -06:00
Tod Beardsley 0199e4d658
Land #3770, resolve random stager bugs 2014-11-03 14:15:14 -06:00
Tod Beardsley 0b39c2ed85
Land #4084, prep for Ruby 2.1 2014-11-03 13:43:50 -06:00
HD Moore 8aecd5e4a5 Address the two open comments from @jlee-r7 2014-11-03 12:33:11 -06:00
Jon Hart 8f197d4918 Move to build_probe 2014-11-03 08:41:51 -08:00
Jon Hart 05dd3fa4ba rport, not datastore['RPORT'] 2014-11-03 08:26:11 -08:00
Tom Sellers 0b8b0499f3 - Added range support to sessions -c and sessions -s
- Added check for un-detach-able sessions
- Added back the check for session.interactive? when detaching sessions
- Collapse build_jobs_array and build_sessions_array to build_range_array
- Added check for empty or invalid parameters to detach and kill [session | job]
- Reworked session id sanity check around line 1660
- RuboCop/Style guide change: Array.new -> []
- Misc RuboCop/Style guide spacing changes
2014-10-31 15:02:17 -05:00
Jon Hart c921611821 Move default probe and result store to UDPScanner, since most need it 2014-10-31 12:02:21 -07:00
Jon Hart 1f6658639f More sane % printing for aux scanner 2014-10-31 10:25:01 -07:00
Jon Hart f16720bb55 Trailing , 2014-10-31 09:39:34 -07:00
Jon Hart f66c43475b More sane % printing for aux scanner 2014-10-31 09:39:21 -07:00
Jon Hart 77cd6dbc8b Usability improvements to UDPScanner
* Add RPORT as a regular option, define rport
* Add CPORT as an advanced option, define cport
* Change CHOST to an advanced option
* Use a more sane THREADS value since hosts are scanned in batches
2014-10-31 09:20:14 -07:00
HD Moore 9b61ae5f63 This is halloween.
THISISHALLOWEEN=1 ./msfconsole
2014-10-30 23:35:12 -05:00
William Vu e3ed7905f1
Add tnftp_savefile exploit
Also add URI{HOST,PORT} and {,v}print_good to HttpServer.
2014-10-30 20:38:16 -05:00
Luke Imhoff 325c01e45d
Log constants leaked before and after suite
MSP-11130

Some constants can be leaked before suite if module are loaded during
spec loading, such as if a framework instance in made in the context
body of a spec instead of in a before callback.
2014-10-30 14:04:07 -05:00
Luke Imhoff ae0a98785f
Print when Metasploit::Framework::Spec::Constants::Each before(:each) cleans
MSP-11130

Print to stderr the full description of the example when
`Metasploit::Framework::Spec::Constants.configure!`'s `before(:each)`
cleans constants as it may clean constants that are leaked from the
class level at parse time.
2014-10-30 12:34:55 -05:00
Luke Imhoff c8e4745d6d
Fail `rake spec` if leak tracking unnecessary
MSP-11130

Fail `rake spec` if
`Metasploit::Framework::Spec::Constants::Each.configure!`'s
`before(:each)` does not clean all leaked constants and if should be
removed so that it does not interefore with future specs.
2014-10-30 09:37:17 -05:00
James Lee 667f1ca876
Move readline choice into a method 2014-10-29 22:33:23 -05:00
James Lee 7b77bbedaa
Better explanations 2014-10-29 22:32:56 -05:00
James Lee 867329d4b3 Fix readline by mucking with load path 2014-10-29 22:14:49 -05:00
Luke Imhoff c2bd75b587
Clean up leaked constants
MSP-11130
2014-10-29 15:50:47 -05:00
Luke Imhoff 892aeaf727
Metasploit::Framework::Spec::Constants cleaner
MSP-11130

Shared context will calls `Metasploit::Framework::Spec::Constants.clean
after each example.
2014-10-29 11:31:17 -05:00
Luke Imhoff 0d4b22ce7a
Detect constant leaks in individual examples
MSP-11130

`Metasploit::Framework::Spec::Constants::Each.configure!` will set up an
`after(:each)` callback that will fail the example if there are leaked
constants.  Leaked constants are cleaned up to prevent misattribution.
2014-10-28 15:50:24 -05:00
Meatballs 4f61710c9a
Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2 2014-10-28 20:26:44 +00:00
Luke Imhoff f9b1f2a424
Extract Metasploit::Framework::Spec::Constants::Suite
MSP-11130

`Metasploit::Framework::Spec::Constants::Suite` extracts out
`LOG_PATHNAME`, `configure!`, and `define_task` as those piece are
specific to handling constant leaks for the entire suite.  This is in
preparation for `Metasploit::Framework::Spec::Constants::Each`.
2014-10-28 15:07:32 -05:00
Luke Imhoff 3ec9cf54c9
Filter non-loaded-module constants from leaked constants
MSP-11130

Constants from library Modules or Classes should not be reported as
leaked since they have been required and should be persistent between
spec runs.
2014-10-28 14:05:27 -05:00
Luke Imhoff 1a1f3335b8
Extract Metasploit::Framework::Spec::Constants.full_name
MSP-11130

Extract method to convert child constant names to module full names so
it can be reused 'Metasploit::Framework::Spec::Constants tracker' shared
context.
2014-10-28 13:53:48 -05:00
Luke Imhoff a0a9c2140b
Log leaked constants and fail rake spec on leak
MSP-11130

Instead of printing the leaked constants to stderr, log them to
`log/leaked-constants.log`.  In task action for spec, read
`log/leaked-constants.log`.  If it exists, print each leaked constants
(and it appropriate it's module full name) and then exit with 1.  If the
file does not exist, do nothing.
2014-10-28 11:21:35 -05:00
Joe Vennix c6bbc5bccf
Merge branch 'landing-4055' into upstream-master 2014-10-28 11:18:20 -05:00
William Vu 4251ad199e
Change killing back to stopping
Got a little excited with the copypasta, I guess.
2014-10-28 05:49:30 -05:00
William Vu 5547890002
Add support for sessions -d ranges 2014-10-28 03:07:46 -05:00
William Vu 36c85b7150
Add support for jobs -k ranges 2014-10-28 03:01:53 -05:00
sinn3r e31c9f579d
Land #3987 - Buffalo Linkstation NAS Login Scanner 2014-10-28 01:45:57 -05:00
Tod Beardsley d8cf45ef67
Allow FTP server exploits pick a PASV port
This makes it somewhat easier to use FTP server exploit modules in
somewhat more restrictive networks, where you might only have a few
inbound ports to choose from.
2014-10-27 22:21:54 -05:00
Tod Beardsley 7d34452448
TCP and TCPServer should use TLS1 by default 2014-10-27 15:55:50 -05:00
William Vu 1508be6254
Fix whitespace in lib/msf/ui/banner.rb for #4073 2014-10-27 14:49:44 -05:00
William Vu 7f66d18cfd
Clean up whitespace a bit 2014-10-27 14:49:27 -05:00
William Vu 626cd55b5e
Land #4073, improved banner selection 2014-10-27 14:20:10 -05:00
Luke Imhoff c84febea5f
tools/missing-payload-tests.rb
MSP-11145

**NOTE: Failing specs**

Add a tool for reading `log/untested-payload.log` and
`framework.payloads` to determine `context`s to add
`spec/modules/payloads_spec.rb` to test the untested payloads.
2014-10-27 13:03:31 -05:00
Jon Hart b8c9ef96ca
Land #4003, @nstarke's Login Scanner for WD MyBook Live NAS 2014-10-27 09:57:43 -07:00
Jon Hart 765b5e686c
Use configured method and URI rather than duplicated values 2014-10-27 09:56:39 -07:00
Luke Imhoff 605f48e58d
Detect leaked constants under Msf::Modules
MSP-11130

Detect constants leaked under Msf::Modules after the suite completes.
2014-10-27 11:13:43 -05:00
scriptjunkie aba25cb28c Make RPC creds work again 2014-10-26 15:50:40 -05:00
Tom Sellers 13b6f1cf48 Syntax changes 2014-10-25 09:39:15 -05:00
nstarke 44f7db4798 Refactoring Success Case
I have refactored the code so that it will work with
non-root accounts.
2014-10-25 13:31:36 +00:00
Joe Vennix 136c2c4377
Use the SNMP fix from master. 2014-10-24 13:01:06 -05:00
Spencer McIntyre c1a61e3b4e Support an MSFLOGO env var and logo enumeration 2014-10-24 13:07:28 -04:00
Joshua Smith a9e52437f0 fixes inverted EICAR corruption logic 2014-10-24 10:27:13 -05:00
Spencer McIntyre 82f41d56a6 Add [user_]logos_directory to Msf::Config 2014-10-24 10:52:05 -04:00
Joshua Smith 3b8067e9a2 fixes refactor error in msf/util/exe 2014-10-23 22:15:19 -05:00
Joshua Smith 34f29f218c really resolve merge conflicts 2014-10-23 21:51:33 -05:00
Joshua Smith bf63d85e5c fixes merge conflicts msfpayload & exe 2014-10-23 21:43:46 -05:00
sinn3r 7cb4320a76
Land #3561 - unix cmd generic_sh encoder 2014-10-23 15:48:00 -05:00
Luke Imhoff 48d6880f1d
Add docs for untested payload testing
MSP-11145

Add docs to rake task, shared examples, and share contexts for how to
use all 3 together.
2014-10-23 11:17:05 -05:00
Luke Imhoff f827a1c761
Extract untested-payloads.log checker spec task action
MSP-11145

Extract the spec task action which errored out if
`log/untested-payloads.log` exists to
`Metasploit::Framework::Spec::UntestedPayloads.define_task`.
2014-10-23 10:24:33 -05:00
Tom Sellers 2a6a8245cf Allow killing multiple specific sessions 2014-10-23 05:56:26 -05:00
Joshua Smith f19b093529 cleans & DRYs exploit/exe & util/exe & msfpayload 2014-10-23 01:10:38 -05:00
Jon Hart 83df08aaa7 Properly encode body and catch invalid configs 2014-10-22 22:43:06 -07:00
sinn3r 42cd288bc0
Land #4057 - Bring back TCP::max_send_size and TCP::send_delay options
Fix #3967
2014-10-22 16:23:15 -05:00
James Lee a5a84886ee
Make sure vnc closes the socket 2014-10-22 15:53:05 -05:00
Tim Wright 7f7f257426
fix session.shell_upgrade after #3401 2014-10-22 21:22:10 +01:00
Tim Wright 22fc6496ac Merge branch 'pr/3401' into landing-3401 2014-10-22 19:23:01 +01:00
Jon Hart ce8a9941ea Cleanup. Sanity check in setup. vprint 2014-10-22 10:36:24 -07:00
Jon Hart 7b33ff1363
Land #3767, @jvazquez-r7's specs for Rex::Encoder::XDR 2014-10-22 09:22:53 -07:00
James Lee 46acf08e2d Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions 2014-10-22 09:09:34 -05:00
nstarke ee3dd3a2ac More Fixes for WD MyBook Live Scanner
Fixes include removing deregistered options
from credentials collection object and adding proof
 when there is no response
2014-10-22 03:06:21 +00:00
James Lee e1a7e902d6
Re-enable tcp evasions for more LoginScanners
Untested since I don't have targets for these.
2014-10-21 18:58:28 -05:00
sinn3r 79d393c5aa Resolve merge conflicts
Conflicts:
	lib/msf/core/exploit/smb.rb
	lib/msf/core/exploit/tcp.rb
	modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
James Lee 83b1d270cd
Fix ftp and mssql 2014-10-21 11:09:39 -05:00
James Lee 8b2dcac730
Fix telnet 2014-10-21 11:08:41 -05:00
James Lee 2fcb1004fb
Move tcp options to Tcp::Client out of RexSocket 2014-10-21 09:59:26 -05:00
James Lee e76ee294a1
Restore tcp evasions to telnet 2014-10-21 09:44:55 -05:00
Luke Imhoff 9dfbbbde7d
Add missing require
MSP-11145
2014-10-21 09:39:31 -05:00
James Lee cb9a77c06b
Fix NoMethodError when unable to connect
Derp.
2014-10-21 08:58:45 -05:00
James Lee 6f3b26f5e9
Remove tcp evasions from Http
Can't use 'em anyway
2014-10-21 08:27:29 -05:00
nstarke 82b74d5f3c Fixes to MyBook Live Module
This commit contains three fixes as requested on PR
#4003.  Those include:

+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
2014-10-21 00:50:40 +00:00
nstarke 70b13819d9 Adding Login Scanner for MyBook Live
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
2014-10-21 00:50:40 +00:00
OJ 52cbbe3677 Add some documentation to the ADSI functions 2014-10-21 10:34:47 +10:00
OJ 8329a15cb0
Merge branch 'upstream/master' into group_tlv_refactors 2014-10-21 09:54:55 +10:00
Jon Hart 82de2eb1f3
Fix Rex::Encoder::XDR.decode_int! to properly handle short data 2014-10-20 11:30:13 -07:00
Tod Beardsley 85f48a3fb2
Land #3738, SMBServer file descriptor updates 2014-10-20 12:40:43 -05:00
HD Moore 935a23296d
Updates to NAT-PMP, lands #4041 2014-10-20 11:26:26 -05:00
James Lee 3051b6c5ba
Clean up exceptions
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
2014-10-20 10:27:02 -05:00
James Lee b7d69bec83
Restore proxies to ssh scanners 2014-10-20 10:19:06 -05:00
James Lee 6498ed0dc8
Report the actual host that failed to connect
Instead of the eventual target where our proxy chain will connect. In
the usual case (no Proxies set), this will be the same output as before.
When proxies are given, the user will see that the first proxy
connection is actually what failed.
2014-10-17 17:37:04 -05:00
William Vu ce40c1152a
Land #4014, msfconsole spinnerz 2014-10-17 16:25:31 -05:00
Luke Imhoff 080ea3e56a
Merge branch 'staging/great-backport' into feature/MSP-11126/msf-module-reorg
MSP-11126
2014-10-17 14:28:13 -05:00
Luke Imhoff 06fbbf7001
Fully-qualified Msf::NormalRanking in Msf::Module::Ranking
MSP-11126

Needed due to loss of `Msf` lexical scope.
2014-10-17 13:58:57 -05:00
Luke Imhoff 43354774e1
Fully qualified Msf::RankingName in Msf::Module::Ranking
MSP-11126

To compensate for loss of `Msf` lexical scope.
2014-10-17 13:43:51 -05:00
Luke Imhoff ae45c1b9d3
Msf::Module::Rank -> Msf::Module::Ranking
MSP-11126

So that mixin module won't appear as Rank constant that Msf::Module
subclasses are supposed to define.
2014-10-17 13:39:53 -05:00
Tod Beardsley a431bff13f
@wvu-r7 is a skilled negotiator. s/stdout/stderr/ 2014-10-17 13:13:44 -05:00
Luke Imhoff a6a2886faa
Fully-qualify Msf::OptionContainer references
MSP-11126
2014-10-17 13:09:27 -05:00
Luke Imhoff 112b5988f2
Add missing autoload to fix loading on travis-ci
MSP-11126

`Msf::Module::Failure` fails to load on travis-ci probably due to a load
order difference, so add `:Failure` to autoloads in `Msf::Module`.
2014-10-17 13:05:59 -05:00
Luke Imhoff 0c00c7cc50
Fully-qualifiy Msf::MODULE_TYPES constants
MSP-11126

Fully-qualify `Msf::MODULE_TYPES`, `Msf::MODULE_ANY`,
Msf::MODULE_ENCODER`, `Msf::MODULE_EXPLOIT`, `Msf::MODULE_NOP`,
`Msf::MODULE_AUX`, `Msf::MODULE_PAYLOAD`, `Msf::MODULE_POST` so that
their usage isn't dependent on nested lexical scoping.
2014-10-17 12:43:40 -05:00
Tod Beardsley 5978bd5e62
Control the startup msg with -q, too 2014-10-17 12:41:58 -05:00
Tod Beardsley a45b21b6bf
-q will quiet the animation, too 2014-10-17 12:32:28 -05:00
Luke Imhoff 200d64040d
Fully-qualify Msf::ServiceState
MSP-11152

Replace unqualified `ServiceState` with `Msf::ServiceState`.
2014-10-17 11:58:11 -05:00
Luke Imhoff 172afd180a
Extract Msf::Module::Privileged
MSP-11126
2014-10-17 11:45:03 -05:00
Luke Imhoff cbae9be5b5
Extract Msf::Module::UUID
MSP-11126
2014-10-17 11:31:56 -05:00
Luke Imhoff a59e635913
Extract Msf::Module::Author
MSP-11126
2014-10-17 11:17:12 -05:00
Luke Imhoff 9f32cbd476
Use :: to force top-level constant resolution
MSP-11152

When `Msf::DBManager::Import::MetasploitFramework` is included in
`Msf::DBManager::Import`, it's child namespace of
`Msf::DBManager::Import::MetasploitFramework::Zip becomes resolvable as
`Zip` in `Msf::DBManager::Import` methods, so need to use `::Zip` to
cause `Zip` to be resolved from rubyzip gem.
2014-10-17 10:15:59 -05:00
Luke Imhoff 13923a8ca5
Fully-qualify Msf::DBImportError
MSP-11152

Constant was unqualified in some of the reorganized Msf::DBManager code
because that code was take advantage of the old nested lexical scope
that included `Msf`.
2014-10-17 09:29:01 -05:00
Luke Imhoff e822920298
Msf::Module::Author -> Msf::Author
MSP-11126

`Msf::Module::Author` was already aliased to `Msf::Author`.  This just
moved `Msf::Module::Author` to that alias to free up
`Msf::Module::Author` so it can be used for a concern for
`Msf::Module`'s author methods.
2014-10-17 08:59:54 -05:00
Luke Imhoff b5039c3817
Extract Msf::Module::Network
MSP-11126
2014-10-16 15:51:59 -05:00
Luke Imhoff 2e538bd72d
Extract Msf::Module::Search
MSP-11126
2014-10-16 15:27:54 -05:00
Luke Imhoff 7743fdb2f9
Extract Msf::Module::FullName
MSP-11126
2014-10-16 15:24:59 -05:00
Jon Hart 8fdae8fbfb Move protocol and lifetime to mixin, use correct map_target if CHOST 2014-10-16 13:24:17 -07:00
Luke Imhoff 0e53548c82
Extract Msf::Target
MSP-11126
2014-10-16 15:13:18 -05:00
Luke Imhoff e5cc456be7
Extract Msf::Platform
MSP-11126
2014-10-16 15:11:59 -05:00
Luke Imhoff 27c006a8f9
Extract Msf::SiteReference
MSP-11126
2014-10-16 15:09:55 -05:00
Luke Imhoff 9981271e2a
extract Msf::Reference
MSP-11126
2014-10-16 15:03:21 -05:00
Luke Imhoff c8730ca55b
Extract Msf::Author
MSP-11126
2014-10-16 14:59:15 -05:00
Luke Imhoff fe5ffa9cec
Standardize on autoload over require
MSP-11126

Standardize on autoload to prevent trying to use colliding names for
included Module with Modules/Classes just under the namespace.
2014-10-16 14:58:08 -05:00
Luke Imhoff d5c7a50e86
Extract Msf::Module::Rank
MSP-11126
2014-10-16 14:39:33 -05:00
Luke Imhoff e6f442697b
Extract Msf::Module::Type
MSP-11126
2014-10-16 14:23:21 -05:00
Luke Imhoff e418f98d45
arch -> Msf::Module::Arch
MSP-11126
2014-10-16 13:21:11 -05:00
Luke Imhoff 44b2e5e35c
Extract Msf::Module::Arch
MSP-11126
2014-10-16 13:14:56 -05:00
Luke Imhoff 31c93e9dbc
Extract Msf::Module::ModuleInfo
MSP-11126
2014-10-16 13:01:42 -05:00
Trevor Rosen c503e8a3d8
Merge branch 'landing/4026' into upstream-master
Land #4026

* db.rb (DBManager) now in multiple files
* Cucumber coverage for DB-related msfconsole commands
2014-10-16 11:52:57 -05:00
Luke Imhoff f9caa4d25e
Extract Msf::Module::Options
MSP-11126

Methods for registering, derigsterings, and validating options.
2014-10-16 11:14:42 -05:00
Luke Imhoff c50cb2eb8a
Extract Msf::Module::UI::*::Verbose and shared examples
MSP-11126
2014-10-16 10:05:45 -05:00
Luke Imhoff a9a6f0c5f9
Extract Msf::Module::UI::Line
MSP-11126
2014-10-16 09:50:07 -05:00
Luke Imhoff bc2bd99698
Extract Msf::Module::UI::Message
MSP-11126
2014-10-16 09:39:30 -05:00
Luke Imhoff f5d09f735e
Extract Msf::Module::Compatibility
MSP-11126
2014-10-16 09:14:57 -05:00
Luke Imhoff 85169d5e8d
Extract Msf::Module::DataStore
MSP-11126
2014-10-16 09:03:23 -05:00
Luke Imhoff f068d669d6
Extract Msf::Module::ModuleStore
MSP-11126
2014-10-16 09:03:07 -05:00
Luke Imhoff 370daaed5e
Extract Msf::Module::Failure
MSP-11126

Move `Msf::Module::Failure` to a file of its own.
2014-10-16 09:02:55 -05:00
James Lee 41a57b7ba5
Re-enable proxies for HTTP-based login scanners 2014-10-15 17:00:44 -05:00