d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
0cc6b53d59
Land #5905 , support newer OpenVAS formats.
2015-09-21 10:30:25 -05:00
e97056a367
When the port state is open|filtered should be unknown, no open
2015-09-07 22:52:03 +02:00
2cd6b1c2df
Update parser, fix UseMasterPassword bug
2015-09-01 22:05:47 +01:00
fba751a986
Disable early returns
2015-08-31 12:13:42 -05:00
80f21b50c9
Fix #4227 by improving parsing of nested elements
2015-08-31 11:47:43 -05:00
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
1a66786d1b
Fix Nmap XML parser for tunnel attribute
2015-04-20 17:04:19 -05:00
13fc498523
Land #4948 , fixes several AppScan import issues
2015-03-29 23:33:01 -05:00
60966f3d2a
handle a blank response body
...
sometimes the response body itself can be blank
so we need to handle that properly.
MSP-9972
2015-03-23 16:03:30 -05:00
9c9d333a1b
Create verify ssl mixin, adjust some formatting
2015-03-23 13:21:08 +10:00
fd4ad9bd2e
Rework changes on top of HD's PR
...
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
2015-03-20 13:06:57 +10:00
4293af01b1
make sure we strip leading whitespace
...
in the aforementiond record_request_and_response method
we need to still make sure to strip leading whitespace
from the front of our data before saving it
MSP-9972
2015-03-18 11:23:45 -05:00
dacaa9e82b
simplify request-response parsing in apsscan
...
the record_request_and_response method for the
nokogiri appscan parser was way overcomplicated
it was trying to do way too much trickiness
when the data could be very simply split and consumed
MSP-9972
2015-03-18 11:19:00 -05:00
3269817b29
remove bad truthiness checks
...
truthy checks were used here, but you'll get
an empty hash which will be treated as true causing
the test to be invalid and allowing for errors further in the method
MSP-9972
2015-03-18 10:52:24 -05:00
11593800b6
Move X509 PEM parsing into Rex::Parser::X509Certificate
2015-03-14 15:52:23 -05:00
7252ba284a
Tweak memory usage from 64Mb to 4Mb
2015-03-11 23:58:13 -05:00
3aa68c30b0
=> not => !
2015-02-26 21:31:01 +01:00
a427e417a3
-consomation +consumption
2015-02-26 21:23:09 +01:00
d8132f86ff
ajust buffer size
2015-02-22 08:51:16 +01:00
0d53dc1d13
use a buffer to avoid memory use on victims machine
...
use a buffer to avoid memory use on victims machine
use attacker memory to store files
avoid bugs on large files
2015-02-20 20:02:09 +01:00
fe75a31a59
NTFS parser optimisation
...
NTFS Parser does not gather automaticaly non resident attribute
that were not necessary
Railgun is called 17 times instead of 32 on an examples on ntds.dit
2015-02-20 13:11:53 +01:00
8cefe637df
bug with testing Win2k8 correction
2015-02-08 17:28:33 +01:00
358ab2590e
Small tidyup
2015-02-07 11:35:47 +00:00
970c5d115a
spellcheck
2015-02-05 22:08:39 +01:00
fbb85c0391
using string concatenation for performence
2015-01-31 05:13:44 +01:00
d9c64397fd
shorter the line, using more variables
2015-01-31 04:32:32 +01:00
0fce908045
add constant class
2015-01-31 04:19:27 +01:00
f4ec6bdc78
- use non-native pack/unpack directives
...
- coding: binary
- use constant for data_attribute
2015-01-31 03:59:23 +01:00
68b735dbda
Add a NTFS parser and a post module to dump files
...
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00
55a746eeb7
Changing code to catch everything extraneous
2015-01-17 15:46:26 +00:00
9baae6e494
Potential Fix For OpenVAS DB Import Issue
2015-01-13 02:46:13 +00:00
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
5e123e024d
Add 'coding: binary' to all msf/rex library files
...
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
6d92d701d7
Merge feature/recog into post-electro master for this PR
2014-08-16 01:19:08 -05:00
4ef3de84f3
get some more test cases
2014-08-01 14:34:17 +01:00
92669cd4d6
Use parser
2014-05-20 22:26:13 +01:00
0a2b79ccd1
Tidyup parser
2014-05-20 22:04:59 +01:00
09af023a71
Merge in parser
2014-05-20 21:56:35 +01:00
231138da1b
Fix a typo in the nexpose raw importer
2014-04-03 07:12:45 -07:00
26482f9ebd
reset head~2 and removed shebang from unattend.rb
2013-11-09 15:05:56 -05:00
f6675f3120
Reordered case statements
2013-10-18 13:21:28 -05:00
93ff9ec501
Create methods for start_element for readability
2013-10-18 12:20:43 -05:00
ff69e9fd05
Move product info code to a better location
2013-10-18 12:07:34 -05:00
e6cccedad0
Append vuln info to vuln description
2013-10-18 11:31:54 -05:00
12151650e4
Add product info to hosts and services :)
2013-10-17 16:18:27 -05:00
06c7943f54
Import hostnames without breaking everything
2013-10-17 15:31:48 -05:00
920e406526
Import CVE refs and db.emit all the things
2013-10-17 14:29:54 -05:00
ad8af02021
Add my wonderfully simplistic Outpost24 parser
2013-10-15 16:34:46 -05:00
Brent Cook
HD Moore
Manuel Mancera
Meatballs
jvazquez-r7
William Vu
Samuel Huckins
David Maloney
OJ
Bazin Danil
BAZIN-HSC
nstarke
sinn3r
James Lee
Jonathan
Tod Beardsley