infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,010 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2320 Commits (3c683fcf990c7c7a6c3cabcbde8fc0c723804664)

Author SHA1 Message Date
Stephen Haywood efda420e5f Updates to enum_artifacts 2012-01-26 19:35:39 -05:00
Tod Beardsley 33c53b1f3f Updates vm checking 2012-01-26 13:02:39 -06:00
David Maloney 31f6c4dfff http_fingerprint now reports website isntead of just a service 
fixes #6277
 2012-01-26 11:05:06 -06:00
Maciej Kotowicz 87e7b10b2d `advance` linux x64 payloads 2012-01-26 01:09:35 +01:00
Maciej Kotowicz fe2caf2fe4 `advance` linux x64 payloads 2012-01-26 00:51:06 +01:00
Tod Beardsley 31dea3844e Reintroduces chao-mu's OptRegexp 
Revert "Revert "Merge pull request #101 from chao-mu/master""

[See #101]

This reverts commit c5ce575543.
 2012-01-23 14:21:19 -06:00
scriptjunkie 9d7591467f Fix "failed to generate" error when passing a preferred encoder to "payload.generate" method using RPC from, for example, the GUI on Windows. 
framework.encoders[reqs['Encoder']] returns nil when, for example, reqs['Encoder'] is in UTF-8 encoding and the corresponding key of the framework.encoders hash in US-ASCII encoding.
 2012-01-20 21:06:53 -06:00
sinn3r 955b02e227 Allow 'port' option in module searching (idea originally from Brandon Perry's blog) 2012-01-18 11:19:37 -06:00
Tod Beardsley c5ce575543 Revert "Merge pull request #101 from chao-mu/master" 
Reverting the OptRegexp commit from chao-mu. Before committing to
master, this option type needs to be tested on the various mainstream
UI's (Metasploit Pro, msfgui, and Armitage) to see if they behave
as reasonably as msfconsole. Each UI tends to handle option setting,
passing, and display in their own special way.

This should make it back in by Wednesday, assuming all goes well.

[See #101]

This reverts commit 84db5a21fc, reversing
changes made to 24aaf85a1b.
 2012-01-17 15:33:47 -06:00
Tod Beardsley 84db5a21fc Merge pull request #101 from chao-mu/master 
Created Regexp option type
 2012-01-14 07:25:50 -08:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners 
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
 2012-01-13 13:49:21 -06:00
chao-mu b6b49ad672 Merge remote branch 'upstream/master' 2012-01-12 19:40:24 -05:00
sinn3r 02bd1f3407 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-01-12 17:06:14 -06:00
Stephen Haywood 8d19bca2a9 Added remote digest methods 2012-01-12 12:47:29 -05:00
Tod Beardsley 5f121fe181 Workaround postgresql.fingerprint dlog message 
Came up as a concern, this special-cases notes of
"postgresql.fingerprint". Not thrilled with this fix, though.
 2012-01-11 13:17:21 -06:00
David Maloney ed0dbad243 Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one. 
Fixes #6066
 2012-01-10 12:32:47 -08:00
chao-mu b23b7b8a88 Adds support for a regular expression based Option (RegexpOpt). Also introduced a method to OptBase called display_value which returns the value to be displayed to the user. 2012-01-10 09:22:14 -05:00
James Lee 753ddb27c5 Make all the EXE options OptPath 2012-01-10 03:36:47 -07:00
James Lee 1eb4900102 Make EXE::Custom an OptPath so it can be tab'd 2012-01-10 03:25:13 -07:00
Tod Beardsley 9e78eff968 Merge pull request #96 from chao-mu/master 
Updates to Railgun

[Fixes #6128] among other things.
 2012-01-09 06:43:02 -08:00
Tod Beardsley badf62d8e0 Add back in ssh_key_matches?() 2012-01-08 22:45:00 -06:00
Tod Beardsley a1668f2b23 Adds SSHKey gem and some other ssh goodies 
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.

Squashed commit of the following:

commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 22:23:32 2012 -0600

    Updates ssh credentials to easily find common keys

    Instead of making the modules do all the work of cross-checking keys,
    this introduces a few new methods to the Cred model to make this more
    universal.

    Also includes the long-overdue workspace() method for credentials.

    So far, nothing actually implements it, but it's nice that it's there
    now.

commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 20:10:40 2012 -0600

    Adding back cross-checking for privkeys.

    Needs to test to see if anything depends on order, but should
    be okay to mark up the privkey proof with this as well.

commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 16:49:56 2012 -0600

    Add SSHKey gem, convert PEM pubkeys to SSH pubkeys

commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 13:51:55 2012 -0600

    Store pubkeys as loot for reuse.

    Yanked cross checking for now, will drop back in before pushing.

commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 02:10:12 2012 -0600

    Fixes up a couple typos in ssh_identify_pubkeys

commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 7 17:18:33 2012 -0600

    Updates to ssh_identify_pubkeys and friends

    Switches reporting to cred-based rather than note-based, accurately deal
    with DSA keys, adds disable_agent option to other ssh modules, and
    reports successful ssh_login attempts pubkey fingerprints as well.

    This last thing Leads to some double accounting of creds, so I'm not
    super-thrilled, but it sure makes searching for ssh_pubkey types a lot
    easier.... maybe a better solution is to just have a special method for
    the cred model, though.
 2012-01-08 22:28:37 -06:00
chao-mu f7a9518944 In railgun mixin, "error_lookup" has been renamed "lookup_error" and now accepts a filtering regular expression. ::BUILTIN_DLLS instead of .builtin_dlls 2012-01-08 17:18:34 -05:00
chao-mu bd52f228a0 Merge remote branch 'upstream/master' 2012-01-06 20:27:53 -05:00
David Maloney 54bca49ef9 Slightly better fix to the digest request header issue 2012-01-05 12:25:32 -08:00
David Maloney e61b4ed65c Fixed issue with send_digest_request_cgi not keeping user supplied headers. 2012-01-05 12:02:21 -08:00
chao-mu 3772f56260 Am making use of platform_util.rb's platform symbols for standardization across railgun. Ideally only platform_util.rb will need to know what platform strings look like and how they are represented in the railgun world. Corrected railgun.rb mixin's pointer_size function. 2012-01-04 22:28:20 -05:00
chao-mu 6db2da1f76 module Rex 
module Post
module Meterpreter
module Extensions
module Stdapi
module Railgun
module Type
module PlatformUtil

	X86_64 = :x86_64
	X86_32 = :x86_32

	def self.parse_client_platform(meterp_client_platform)
		meterp_client_platform =~ /win64/ ? X86_64 : X86_32
	end

end # PlatformUtil
end # Type
end # Railgun
end # Stdapi
end # Extensions
end # Meterpreter
end # Post
end # Rex
 2012-01-04 22:11:09 -05:00
chao-mu d46379dda2 Merge remote branch 'upstream/master' 2012-01-04 19:32:06 -05:00
Tod Beardsley 164c80d496 Adding a comment doc to the shadowcopy lib. 
Citing Tim Tomes and Mark Baggett
 2012-01-04 12:03:13 -06:00
chao-mu b9b5b1e66f Merge remote branch 'upstream/master' 2012-01-02 20:07:50 -05:00
David Maloney dd0b07b2cc Adds mixin and post modules to manipulate Volume shadowcopy Service(VSS) 2011-12-30 15:03:04 -08:00
andurin 898df592be Fix2 rpc exception handling 
HD suggested a small tweak to use error_code OR res.code for the raise
 2011-12-30 07:05:26 +01:00
andurin 7b4de2380f Small fix: RPC client exception handling 
IMHO rpc client should transform the error code from Msf::RPC::Exception
into it's own Msf::RPC::ServerException and should not take the msgpack
response code.

In deep:
I ran into a '401 invalid auth token' after a token timeout (300s).
RPC Daemon raised a 401 - invalid auth token as expected but rpc client
transformed it to a '200 - invalid auth token' using the successful http
transaction to transport the exception.
 2011-12-30 05:44:26 +01:00
Tod Beardsley 78da15ed15 Always check for the current workspace when calling Report#myworkspace(). 
Fixes #6175
 2011-12-29 13:48:05 -06:00
chao-mu ebe461cce7 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2011-12-28 20:14:01 -05:00
David Maloney 3bb2b5b7fd Fixed typo in validation routine 2011-12-28 09:40:36 -08:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present 
Fixes #6171
 2011-12-28 08:47:22 -08:00
chao-mu 5560c6b17e Moved and adapted code relating to looking up constant names by constant value 2011-12-28 00:40:08 -05:00
chao-mu ffcf5af9b0 Merge remote branch 'upstream/master' 2011-12-27 22:06:51 -05:00
David Maloney 9b995bc0a5 Adds boundary validation to the framework 
enforces boudnary checking on netbios probes
 2011-12-27 11:33:52 -08:00
chao-mu 1604162ba3 A place to add railgun convenience code for use in modules 2011-12-24 15:59:46 -05:00
HD Moore cb94b92e9c What in nine hells was this. 2011-12-13 16:04:25 -06:00
HD Moore f38a794b1c Convert ` to ' 2011-12-13 16:02:23 -06:00
HD Moore cfa128a2c8 Show the actual module name in the stack trace (instead of eval) 2011-12-13 09:47:37 -06:00
HD Moore 1d244c4b27 Return the URL in the correct format from the model 2011-12-11 13:50:21 -06:00
HD Moore 17cc89ebad Add IPv6 specific HTTP(S) handlers and payloads (simplifies 
options/usage)
 2011-12-11 13:26:48 -06:00
HD Moore 8e01312d0f Formatting 2011-12-10 13:27:47 -06:00
HD Moore e33ca5a7ba Small typo fix 2011-12-10 13:26:47 -06:00
HD Moore e46745b761 Add support for link-local scopes 2011-12-10 13:24:58 -06:00
HD Moore 9c887eb457 Fix displayed host name for IPv6 targets 2011-12-10 13:24:58 -06:00
HD Moore e3f121929c Accept IPv6 addresses in the return if getaddress 2011-12-10 13:24:58 -06:00
David Maloney d939e33f1e Allows for Loot and Tasks to be imported from an MSF ZIP. 
This should bring any loots and tasks along with
everything else when doing an improt from an MSF ZIP file.
 2011-12-05 22:30:34 -05:00
HD Moore 18e9b99e72 Fix permission (octal not decimal) 2011-12-05 16:49:16 -06:00
HD Moore 4748bf70cd Use octal mode, duh 2011-12-05 13:07:36 -06:00
HD Moore 89caed444b Add a helper method for modules to indicate IPv6 compatibility 2011-12-05 13:07:36 -06:00
HD Moore 5362e0cd24 Accept IPv6 addresses into the database routines, start flushing out 
incompatibilities.
 2011-12-05 13:07:36 -06:00
HD Moore 4829968107 Purge the old RPC API 2011-12-05 13:07:25 -06:00
HD Moore f673b02308 Remove references to address6 2011-12-05 13:07:25 -06:00
HD Moore 27974c4c27 Merge branch 'master' of github.com:rapid7/metasploit-framework into fastlib 
Conflicts:
	modules/auxiliary/scanner/http/axis_login.rb
	modules/exploits/multi/http/axis2_deployer.rb
	modules/post/multi/gather/thunderbird_creds.rb
	modules/post/windows/gather/credentials/imvu.rb
	msfopcode
 2011-12-03 14:07:09 -06:00
David Maloney 1db9177583 Revert "Merge pull request #22 from scriptjunkie/multithread" 
This reverts commit 4f76f3bbb8, reversing
changes made to e72dad4e81.
 2011-12-02 13:35:43 -05:00
HD Moore 424901b4b6 Change the encapsulation method to allow multiple methods without 
conflict
 2011-12-02 02:02:55 -06:00
HD Moore 4f76f3bbb8 Merge pull request #22 from scriptjunkie/multithread 
RPC multithreading
 2011-12-01 23:43:32 -08:00
HD Moore 591ef73f7d Merge in updated module_manager that loads all .fastlibs 2011-11-28 22:24:27 -06:00
Tod Beardsley ac33e55df5 Allow hyphens for fnames and ltypes for fileformat exploits 2011-11-28 19:16:30 -06:00
Tod Beardsley 44a47f9913 Fixing up OWA bruteforce module to conform with the usual print_status 
messages.
 2011-11-28 13:31:54 -06:00
David Maloney d8cd16eb65 Typo in report_auth_info 
that caused snmp creds to fail reporting.
fixes #6015
 2011-11-26 17:57:46 -08:00
HD Moore f714591b92 Purge the new version code, it triggers a stack and is a massive performance hit 2011-11-23 23:05:51 -06:00
Tod Beardsley 8ab41013d1 Updating the version information to check the SVN metadata first. 2011-11-23 23:05:51 -06:00
HD Moore 4285651455 Purge the new version code, it triggers a stack and is a massive performance hit 2011-11-23 14:32:38 -06:00
Tod Beardsley 94edf3a8ec Updating the version information to check the SVN metadata first. 2011-11-22 18:33:44 -06:00
David Maloney c4db49cccc Fixes issues with telnet bruteforcing where prompts were not 
being recognized properly.
 2011-11-22 00:06:58 -06:00
David Maloney 7d626e3ad1 Fixes issues with telnet bruteforcing where prompts were not 
being recognized properly.
 2011-11-21 14:07:30 -08:00
HD Moore 7059e20315 Add support for .fastlib module archives to the module manager 2011-11-21 15:58:19 -06:00
James Lee bf105f48cb massive removal of spaces at EOL and some bad tabs 2011-11-20 12:32:06 +11:00
James Lee e7a545c483 spaces at EOL in core stuff 2011-11-20 12:10:08 +11:00
James Lee 79c2264263 more spaces at EOL and bad tabs 2011-11-20 12:05:14 +11:00
James Lee aeeed02eee more spaces at EOL 2011-11-20 12:01:19 +11:00
James Lee 441c5a22ab more spaces at EOL 2011-11-20 12:00:07 +11:00
James Lee 4ac21afcbc more spaces at EOL 2011-11-20 11:59:28 +11:00
Tod Beardsley 55367fad4f Merge pull request #25 from rapid7/post_module_sudo 
Post module sudo
 2011-11-18 06:30:40 -08:00
Tod Beardsley d8b77564ef Tidying up, fixing csh echo behavior 2011-11-17 16:29:02 -06:00
Tod Beardsley 9878517f80 Cleanup and light refactoring, deal with slowpoke linux telnet cmd_exec() 2011-11-17 13:19:13 -06:00
scriptjunkie c4eb32d2ff Add an optional multithreading to stream server, and enable multithreading (one thread per client) to the RPC server. 2011-11-17 08:07:34 -08:00
Tod Beardsley 93a133d5de Always try both export and setenv. Fixups to allow for correct reading from echoy nix shells. Fixes is_root? to not treat an empty string as 0 2011-11-16 16:48:19 -06:00
Wesley Cate b923d952b3 module.execute() now returns a 'uuid' element which can be cross-referenced with the 'exploit_uuid' element returned in each entry in session.list. 
this was hdm's preferred solution.
 2011-11-15 18:36:45 -05:00
David Maloney 6306f8888a Fix to the username normalisation routine to deal with creds that 
have no username (i.e. VNC)
 2011-11-15 08:52:18 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive. 
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
 2011-11-14 22:50:52 -08:00
James Lee 16f0d6cbee Fix a misplaced comma in a comment 2011-11-14 16:06:45 +11:00
James Lee 8ac4479b13 Use railgun for deleting services. 
The registry method will make Windows to delete it on reboot, but this
causes it to happen right away.
 2011-11-13 21:05:40 -07:00
HD Moore 7757a2df63 Make sure we wait at least half a second for a 401 reply 2011-11-13 12:54:48 -06:00
HD Moore 69fb9aa5b1 Make brute forcing of the XMLRPC/MSGPACKRPC services less rewarding through random delays. 2011-11-13 12:45:48 -06:00
James Lee 69cd56ed42 Merge branch 'master' of github-r7:rapid7/metasploit-framework 2011-11-12 15:15:38 -07:00
James Lee f7ff350ebb doesn't work without backslashes 2011-11-12 15:15:09 -07:00
James Lee 07e170f4e4 Add a server argument to the service management methods. Allows 
creating/starting/stopping services on another machine using the current
session's token for authentication.
 2011-11-12 14:40:15 -07:00
HD Moore f4e42420ad Small change to abstract the actual source read 2011-11-12 14:48:11 -06:00
David Maloney 4eb80b5ee4 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-11 17:20:47 -08:00
David Maloney e3f6756e18 Quick fix to import to prevent services from being imported without a port. 2011-11-11 17:19:26 -08:00
James Lee 03f51793c2 Store john.pot in the user's config directory instead of in an 
arch-specific dir under data/
 2011-11-11 11:09:42 -07:00
David Maloney e82c3ad486 Fixes #5426 2011-11-10 18:59:30 -08:00
HD Moore 80652126b0 This change automatically sets +x permissions for cpuinfo and jtr if the install did not set them. 
git-svn-id: file:///home/svn/framework3/trunk@14202 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 16:44:07 +00:00
HD Moore c504d295b2 Rescue EOFErrors by default as well (handle corner cases across a swath of modules) 
git-svn-id: file:///home/svn/framework3/trunk@14200 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 06:10:10 +00:00
Matt Weeks fdf13e5e0e Fixes #5927 
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 21:45:17 +00:00
Matt Weeks 4629c0867b Address #5887 and #5888 for RPC DB and msfgui 
git-svn-id: file:///home/svn/framework3/trunk@14167 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-05 18:12:10 +00:00
HD Moore d7199d243d This tweak allows a hash of options to be passed to console.create() and for this to bubble up to the WebConsole driver initialization 
git-svn-id: file:///home/svn/framework3/trunk@14161 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-04 20:38:12 +00:00
HD Moore a4de179793 Bump versioning 
git-svn-id: file:///home/svn/framework3/trunk@14121 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-30 05:09:20 +00:00
HD Moore e4695b21ec Correct the use of auth.logout and make some other items more consistent 
git-svn-id: file:///home/svn/framework3/trunk@14105 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-28 22:47:26 +00:00
Carlos Perez 0fb9aad89e Typo 
git-svn-id: file:///home/svn/framework3/trunk@14096 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-28 13:34:05 +00:00
Tod Beardsley 4b4ef45e33 Fixes #3538, adds store_local, changes the dest directory of all fileformat exploits, allows "save" to be passed to db_nmap to save scan results. 
git-svn-id: file:///home/svn/framework3/trunk@14091 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 17:01:51 +00:00
HD Moore 993a56421e Version bumpwq 
git-svn-id: file:///home/svn/framework3/trunk@14072 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-26 09:12:44 +00:00
Tod Beardsley e014401977 See #3472, deleting some extraneous commenting about a TODO that WASDONE. 
git-svn-id: file:///home/svn/framework3/trunk@14059 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 03:08:17 +00:00
Tod Beardsley 3d2e734ac1 Fixes #3472 with Jaime Filson's patch, with some extra pizzaz for reporting notes against the service, and reporting some notes as vulns as well. 
See #5837 as well.



git-svn-id: file:///home/svn/framework3/trunk@14058 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 03:07:15 +00:00
James Lee b016d8944e whitespace at eol 
git-svn-id: file:///home/svn/framework3/trunk@14056 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 00:13:32 +00:00
James Lee 07b402f29b more whitespace, in HttpClient 
git-svn-id: file:///home/svn/framework3/trunk@14044 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 04:58:59 +00:00
HD Moore fadeada83c Bump this to 4.1.0-release (incoming!) 
git-svn-id: file:///home/svn/framework3/trunk@13988 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 08:09:08 +00:00
HD Moore ef3c8aa70c Trailing slash is required after all 
git-svn-id: file:///home/svn/framework3/trunk@13986 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 07:17:13 +00:00
HD Moore 8a0eddc795 Handle closed_at in a consistent way as it applies to UTC (closes #5572) 
git-svn-id: file:///home/svn/framework3/trunk@13955 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 19:03:59 +00:00
HD Moore 6d06ac3be1 Fixes #5405 by applying thelightcosine's patch 
git-svn-id: file:///home/svn/framework3/trunk@13954 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 18:59:27 +00:00
HD Moore 729cfe713c Applies a patch from Kieth Faber that fixes #5080 
git-svn-id: file:///home/svn/framework3/trunk@13951 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:58:18 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:53:53 +00:00
HD Moore 62740172e4 Officially remove support for the buggy/non-functional MySQL backend 
git-svn-id: file:///home/svn/framework3/trunk@13948 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:42:04 +00:00
James Lee 5c9ddb293d add a few comments to reduce the sanity-blasting-ness 
git-svn-id: file:///home/svn/framework3/trunk@13942 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 00:17:13 +00:00
James Lee b615055c89 Fix a bug where we weren't actually trying to get the correct case for lm/ntlm hashes 
git-svn-id: file:///home/svn/framework3/trunk@13927 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 04:35:06 +00:00
HD Moore 3c73c3c2f8 Pile of small bug fixes for the FTP server and mixin 
git-svn-id: file:///home/svn/framework3/trunk@13924 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-14 23:07:09 +00:00
Tod Beardsley 550746e7c2 Adding a fingerprint for Metasploit. Turnabout is fair play and all. 
git-svn-id: file:///home/svn/framework3/trunk@13918 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-14 01:32:46 +00:00
HD Moore 0ff7f17cba Cosmetic module and service name fixes 
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-14 00:52:15 +00:00
HD Moore d0ab01d332 Bump the revision to match 
git-svn-id: file:///home/svn/framework3/trunk@13916 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 23:41:52 +00:00
Carlos Perez f6d1fcd591 Add Cisco as a platform 
git-svn-id: file:///home/svn/framework3/trunk@13914 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 22:41:48 +00:00
Tod Beardsley d9ea38d553 I blame bannedit for all his unless unless talk lately. 
git-svn-id: file:///home/svn/framework3/trunk@13893 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 21:34:03 +00:00
Tod Beardsley 153a73c75f Fixes #5684 by backing off of post module setup if we don't have enough of a meterpreter session to work with yet. 
git-svn-id: file:///home/svn/framework3/trunk@13892 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 21:25:56 +00:00
Chao Mu 9575bb3780 Fixes #5639. added vprint_debug to module.rb alongside the other vprint_ methods. It calls print_debug when datastore['verbose'] 
git-svn-id: file:///home/svn/framework3/trunk@13840 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 05:34:30 +00:00
HD Moore 292aae8ab5 This small patch causes any input to RangeWalker that contains a host name to expand to all A records returned for that name. This allows RHOSTS to be set to a dns name that returns multiple addresses and for all addresses corresponding to the name to be tested. 
git-svn-id: file:///home/svn/framework3/trunk@13837 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 01:07:51 +00:00
HD Moore 77c86a2406 Fix a couple cosmetic warnings 
git-svn-id: file:///home/svn/framework3/trunk@13818 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-05 15:31:56 +00:00
Tod Beardsley f3663520f8 Deal with Windows 7 nexpose fingerprints a little better. 
git-svn-id: file:///home/svn/framework3/trunk@13807 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-30 20:46:20 +00:00
Tod Beardsley b79f4324f9 Quick model for my new table 
git-svn-id: file:///home/svn/framework3/trunk@13806 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-30 15:49:01 +00:00
HD Moore 616913c4c1 Handle situations where the user set LHOST to 0.0.0.0 in the handler by defaulting LHOST to our locally visible IP for the specific client. Solves some integration issues where 0.0.0.0 was accidentally used 
git-svn-id: file:///home/svn/framework3/trunk@13782 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 17:04:24 +00:00
James Lee 7163710bcf fix a typo and some whitespace, fixes #5480. Thanks Kurt! 
git-svn-id: file:///home/svn/framework3/trunk@13764 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 17:17:20 +00:00
James Lee c0ddf56ec0 hmf, missed this one, too. see #5288 
git-svn-id: file:///home/svn/framework3/trunk@13743 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 21:31:21 +00:00
James Lee c10e56dcc4 aaaaand commit the correct file. see #3745 and r13739 
git-svn-id: file:///home/svn/framework3/trunk@13740 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 20:33:58 +00:00
Matt Weeks acae5dcdc8 Killing puts. 
Die, puts, die!!



git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-11 02:42:39 +00:00
Matt Weeks 94d77fbb4f Fix MsgPack-related string encoding incompatibility. 
git-svn-id: file:///home/svn/framework3/trunk@13713 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-10 19:33:34 +00:00
HD Moore a63f1cb830 Make the comment honest 
git-svn-id: file:///home/svn/framework3/trunk@13708 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-08 05:30:37 +00:00
James Lee cc24962bc8 whitespace cleanup 
git-svn-id: file:///home/svn/framework3/trunk@13703 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-07 19:32:16 +00:00
HD Moore adb5ad7cc9 Be more pedantic about it 
git-svn-id: file:///home/svn/framework3/trunk@13696 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-05 17:43:09 +00:00
HD Moore 0d6c889844 Let store_loot indicate the service as well (requires service object) 
git-svn-id: file:///home/svn/framework3/trunk@13695 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-05 17:41:39 +00:00
HD Moore 5cd80b54f3 Correct this regex 
git-svn-id: file:///home/svn/framework3/trunk@13679 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 14:55:38 +00:00
David Rude 60b14d3cdb Adds the opts arg to http server mixin for heaplib 
git-svn-id: file:///home/svn/framework3/trunk@13676 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 09:08:59 +00:00
Mario Ceballos a7d95fad73 typo.. was working on some java sploit and found it. 
git-svn-id: file:///home/svn/framework3/trunk@13667 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-30 22:23:00 +00:00
HD Moore 1c401908f1 Prefix the module name if it was not provided. Fixes #5309 by making this work either way 
git-svn-id: file:///home/svn/framework3/trunk@13647 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-28 20:27:47 +00:00
amaloteaux 1dbc0e988e more simple 
git-svn-id: file:///home/svn/framework3/trunk@13637 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 20:49:12 +00:00
amaloteaux a1bace0cb9 make exploit::capture compatible with pcaprub under Windows 
git-svn-id: file:///home/svn/framework3/trunk@13625 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-24 20:40:48 +00:00
Matt Weeks 562a624127 Fix issues with undefined or incorrect variables, and update encoding opts. 
git-svn-id: file:///home/svn/framework3/trunk@13621 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-24 20:25:28 +00:00
Matt Weeks 32eb5d05ba Fix RPC typos. 
def_ prefixes and remove calls to nonexistant clean_nils function. Msgpack libs should not require clean_nils.



git-svn-id: file:///home/svn/framework3/trunk@13615 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-24 01:01:48 +00:00
Matt Weeks c8a0039b98 Fix this error: 
error
error_class
NoMethodError
error_string
undefined method `state=' for #<Msf::RPC::Service:0x000000094ddd58>
error_backtrace
lib/msf/core/rpc/v10/service.rb:76:in `stop'1
lib/msf/core/rpc/v10/rpc_core.rb:14:in `rpc_stop'9
lib/msf/core/rpc/v10/service.rb:149:in `block in process')
lib/ruby/1.9.1/timeout.rb:57:in `timeout'0
lib/msf/core/rpc/v10/service.rb:149:in `process'6
lib/msf/core/rpc/v10/service.rb:89:in `on_request_uri'6
lib/msf/core/rpc/v10/service.rb:70:in `block in start'/
lib/rex/proto/http/handler/proc.rb:37:in `call'5
lib/rex/proto/http/handler/proc.rb:37:in `on_request'6
lib/rex/proto/http/server.rb:354:in `dispatch_request'4
lib/rex/proto/http/server.rb:288:in `on_client_data'4
lib/rex/proto/http/server.rb:148:in `block in start'(
lib/rex/io/stream_server.rb:47:in `call'2
lib/rex/io/stream_server.rb:47:in `on_client_data'=
lib/rex/io/stream_server.rb:191:in `block in monitor_clients')
lib/rex/io/stream_server.rb:189:in `each'4
lib/rex/io/stream_server.rb:189:in `monitor_clients'2
lib/rex/io/stream_server.rb:72:in `block in start'&
lib/rex/thread_factory.rb:21:in `call'0
lib/rex/thread_factory.rb:21:in `block in spawn'+
lib/msf/core/thread_manager.rb:64:in `call'5
lib/msf/core/thread_manager.rb:64:in `block in spawn'
error_message
undefined method `state=' for #<Msf::RPC::Service:0x000000094ddd58>



git-svn-id: file:///home/svn/framework3/trunk@13614 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-23 23:20:20 +00:00
HD Moore 425a032a31 Remove the routes check here as its not actually used 
git-svn-id: file:///home/svn/framework3/trunk@13613 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-23 19:37:58 +00:00
HD Moore 50638068a2 Woops - this should check for a Msf::DBManager::Session, not Msf::Session, thanks! Closes #5302 
git-svn-id: file:///home/svn/framework3/trunk@13612 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-23 03:35:59 +00:00
HD Moore deb0441c90 Stop throwing a stack trace 
git-svn-id: file:///home/svn/framework3/trunk@13611 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-22 14:12:44 +00:00
HD Moore 7e474fe29a Fix this up so that it works for this function as well 
git-svn-id: file:///home/svn/framework3/trunk@13610 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-22 14:00:01 +00:00
HD Moore c1baf51bad Handle session object detection better, kind_of? doesnt work when the session has been extended via mixins 
git-svn-id: file:///home/svn/framework3/trunk@13609 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-22 05:17:57 +00:00
amaloteaux 981e47de06 db_export can now export netntlmv1 and netntlmv2 hashes 
git-svn-id: file:///home/svn/framework3/trunk@13607 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-22 00:29:32 +00:00
HD Moore d6b349e3c3 Don't use globals. 
git-svn-id: file:///home/svn/framework3/trunk@13601 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 20:43:07 +00:00
HD Moore df93ddfb11 Remove global reference 
git-svn-id: file:///home/svn/framework3/trunk@13600 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 20:39:57 +00:00
Matt Weeks 31d1628dde Some payload fixes 
git-svn-id: file:///home/svn/framework3/trunk@13596 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 02:18:20 +00:00
James Lee 0e8e17a565 add shell/non-native support for is_admin? and is_system?, fixes #5235 
git-svn-id: file:///home/svn/framework3/trunk@13539 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-12 00:01:55 +00:00
David Rude f971a84f3e Add VSploit PII mixin 
git-svn-id: file:///home/svn/framework3/trunk@13537 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 23:44:18 +00:00
James Lee 925016535f fix typo 
git-svn-id: file:///home/svn/framework3/trunk@13531 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 21:24:55 +00:00
James Lee f34b96b454 cleanup some rdoc 
git-svn-id: file:///home/svn/framework3/trunk@13525 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 16:02:06 +00:00
James Lee 065dd433a9 clean up the rdoc a bit. 
git-svn-id: file:///home/svn/framework3/trunk@13517 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 22:30:38 +00:00
James Lee 46f81fe04a back to development. Hello, 4.0.1-dev 
git-svn-id: file:///home/svn/framework3/trunk@13502 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-09 23:05:15 +00:00
Carlos Perez 071db161d3 Add support for AAA none privileged accounts. 
git-svn-id: file:///home/svn/framework3/trunk@13495 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-06 12:36:39 +00:00
HD Moore 842bfdebe8 Lets just leave this here (insurance against my laptop melting down between now and tomorrow morning). Nothing to see here, move along ;) 
git-svn-id: file:///home/svn/framework3/trunk@13483 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-03 22:58:55 +00:00
HD Moore d631e109e1 Truncate field names if necessary for specific fields hit by importers 
git-svn-id: file:///home/svn/framework3/trunk@13469 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-02 01:07:52 +00:00
HD Moore 3c33128186 Ensure that a :ua_string is always present in report_client() 
git-svn-id: file:///home/svn/framework3/trunk@13461 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-31 21:02:39 +00:00
James Lee 65a3c08406 hello, 4.0.0-release 
git-svn-id: file:///home/svn/framework3/trunk@13460 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-31 20:26:41 +00:00
HD Moore 7fa5795115 Cleanup session files. Wait a little longer for the session to receive the shutdown command 
git-svn-id: file:///home/svn/framework3/trunk@13458 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-31 19:46:36 +00:00
HD Moore 61228c046d Gracefully handle Windows 2000 
git-svn-id: file:///home/svn/framework3/trunk@13449 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-31 18:27:13 +00:00
HD Moore 89a41e86da Sanitize host fields for low bytes 
git-svn-id: file:///home/svn/framework3/trunk@13441 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-31 03:34:51 +00:00
HD Moore e916e06b6e Closes #5142 by merging (with some small changes) 
git-svn-id: file:///home/svn/framework3/trunk@13433 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 21:07:22 +00:00
HD Moore b885b8ea74 Fixes import of binary data. This may not be a problem for valid imports, but at the least this avoids a stack trace 
git-svn-id: file:///home/svn/framework3/trunk@13428 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 18:31:12 +00:00
James Lee e02addd36a preparing for release. this is release candidate 1 
git-svn-id: file:///home/svn/framework3/trunk@13426 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 17:14:28 +00:00
Carlos Perez 6865c10662 Patch railgun entries for services 
git-svn-id: file:///home/svn/framework3/trunk@13417 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 03:26:22 +00:00
HD Moore 7f758e42e8 Fix up SSL behavior (correctly, this time). Update the msfrpc tools to support the new MessagePack code, fix various defaults in the plugin. Fixes #5116 
git-svn-id: file:///home/svn/framework3/trunk@13416 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-29 23:58:05 +00:00
HD Moore 5ab9e95dda Merge some smarter/faster finder methods over from Pro 
git-svn-id: file:///home/svn/framework3/trunk@13405 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-29 04:55:15 +00:00
James Lee d50577066f remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious 
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-28 22:57:47 +00:00
HD Moore 9f8cbc4145 First pass at an import, still missing a few items to call this done 
git-svn-id: file:///home/svn/framework3/trunk@13390 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-28 21:17:30 +00:00
James Lee e87fb830ec add an rpc call to grab the host's directory separator, see #4892 
git-svn-id: file:///home/svn/framework3/trunk@13385 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 23:49:29 +00:00
Tod Beardsley b22ca615c7 Fixes #5038, missed a couple mentions of Racket. Excised now for sure. 
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 17:44:36 +00:00
HD Moore 46183783aa Fix a typo in the previous commit 
git-svn-id: file:///home/svn/framework3/trunk@13363 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 13:38:22 +00:00
HD Moore 9b076df69f Encode non-ASCII bits in usernames/hashes for now 
git-svn-id: file:///home/svn/framework3/trunk@13362 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 13:25:55 +00:00
Tod Beardsley c54e18d757 Fixes #5038. Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen! 
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-26 01:29:21 +00:00
Tod Beardsley b965d4b6c8 Avoid a problem with phantom services on port 0 
git-svn-id: file:///home/svn/framework3/trunk@13334 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-25 13:24:41 +00:00
Matt Weeks 425358d286 If replacing payload, don't try to handle payload. 
git-svn-id: file:///home/svn/framework3/trunk@13319 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 14:04:40 +00:00
Matt Weeks 46f225b83b Because true is a boolean and 'True' is a string. 
git-svn-id: file:///home/svn/framework3/trunk@13318 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 13:47:41 +00:00
HD Moore a8b56479f4 Fix a typo 
git-svn-id: file:///home/svn/framework3/trunk@13317 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 07:30:53 +00:00
HD Moore 5b8111a27a Switch to the production defaults 
git-svn-id: file:///home/svn/framework3/trunk@13316 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 07:05:22 +00:00
HD Moore bad5ed63c0 Sub not GSub 
git-svn-id: file:///home/svn/framework3/trunk@13315 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 07:04:06 +00:00
HD Moore f2426b6f33 Scrub out the install path in the backtrace 
git-svn-id: file:///home/svn/framework3/trunk@13314 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 07:03:27 +00:00
HD Moore 05867ef6d0 Fix up this to use the right parameters and arguments to HTTP::Client 
git-svn-id: file:///home/svn/framework3/trunk@13313 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 06:55:39 +00:00
HD Moore 2920389aa2 This adds the ability to authenticate against the db user backend as well 
git-svn-id: file:///home/svn/framework3/trunk@13309 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 04:38:42 +00:00
Matt Weeks bb3f572efd Proper read. 
git-svn-id: file:///home/svn/framework3/trunk@13305 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-23 01:40:25 +00:00