Commit Graph

1690 Commits (4a479d17a90917925959258933e146ce81eaf885)

Author SHA1 Message Date
jvazquez-r7 ae56bc0b37 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-26 11:21:16 +01:00
jvazquez-r7 e78635fc0f fix segment virtual address 2013-03-26 10:50:29 +01:00
Josh ee199f64cb Merge pull request #1664 from scriptjunkie/msfguiKaliConnect
MSFGUI service autoconnect, DB fixes
2013-03-25 21:58:28 -07:00
scriptjunkie 1b6398d4fd Service autoconnect, DB fixes
First check if database is connected before trying to connect.
Autologin in Kali with new token login.
2013-03-25 20:44:48 -05:00
jvazquez-r7 4fff624632 added initial support for ELF misple 2013-03-26 01:08:31 +01:00
Brandon Turner 83d1f8d499 Compile John the Ripper against libssl 1.0.0
We use OpenSSL 1.0.0 in installed environments.  Previously, John the
Ripper was compiled against 0.9.8 which prevented it from running.  This
recompiles the same version (jtr 1.7.8 jumbo 2) against OpenSSL 1.0.0.

[FIXRM #7834]
2013-03-25 17:12:51 -05:00
sinn3r 5504c58b11 Add dlink pass for #1648 2013-03-25 13:25:19 -05:00
jvazquez-r7 393d5d8bf5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:09:42 +01:00
jvazquez-r7 660d3d5388 Merge branch 'linksys-traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys-traversal 2013-03-25 17:31:11 +01:00
jvazquez-r7 2d5a0d6916 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 17:08:23 +01:00
Josh dfcce010c1 Merge pull request #1650 from scriptjunkie/msfguiKaliConnect
Kali fixes, changes only affect msfgui
2013-03-24 19:34:22 -07:00
scriptjunkie 438d348fda Kali fixes
Check the new database config location.
Don't crash on sporadic JRE style error.
2013-03-24 21:00:38 -05:00
m-1-k-3 36d1746c0d linksys traversal module - initial commit 2013-03-23 17:01:02 +01:00
jvazquez-r7 80d218b284 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-19 19:55:51 +01:00
jvazquez-r7 27778e6ea9 fix comma typo 2013-03-19 19:20:39 +01:00
sinn3r be9d4ec393 New pt for virtualprotect, and readjust size to 0x401 2013-03-19 09:25:06 -05:00
sinn3r ea4c88bc2c Java Rop null-byte free
Our new heap spray routine does not like double nulls, so we need
to adjust our ROP.
2013-03-18 23:42:17 -05:00
jvazquez-r7 2d99b949a2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-13 09:36:35 +01:00
scriptjunkie 16fad29cb0 Update creds schema. 2013-03-12 23:07:40 -05:00
jvazquez-r7 74b58185cd up to date 2013-03-12 16:48:11 +01:00
Meatballs f37d9c2834 Initial commit 2013-03-09 17:24:03 +00:00
sinn3r e1859ae4b6 Merge branch 'rsmudge-armitage' 2013-03-06 19:31:44 -06:00
sinn3r a30b61e4aa Merge branch 'rsmudge-armitage' 2013-03-06 16:39:00 -06:00
Raphael Mudge 4ab8315db0 Armitage 03.06.13
Apparently, my last update came from the future. This modification
to that future update fixes an oversight preventing Armitage from
connecting to its collaboration server because it would report the
wrong application.
2013-03-04 23:11:20 -05:00
Raphael Mudge 59d2f05c94 Armitage 04.06.13
This update to Armitage improves its responsiveness when connected
to a team server over a high latency network. This update also adds
a publish/query/subscribe API to Cortana.
2013-03-04 18:32:45 -05:00
Luke Imhoff 239e1934b8 Use migrations from metasploit_data_models
[#44034071]

metasploit_data_models version 0.5.0 copied the migrations from
metasploit-framework/data/sql/migrate to
metasploit_data_models/db/migrate so that specs could be written the Mdm
models in metasploit_data_models.  As part of the specs, :null => false
columns that should be :null => true were discovered, so a new migration
was added, but to metasploit_data_models/db/migrate, so it could be
tested.  Instead of replicating migrations back and forth, I'm removing
the migrations completely from metasploit-framework and changing the
default migration path in Msf::DbManager#migration_paths to
MetasploitDataModels.root.join('db', 'migrate').
2013-03-01 09:03:45 -06:00
Tod Beardsley dd9002fcab Merges ChrisJohnRiley's new password
Lands https://github.com/rapid7/metasploit-framework/pull/1521

Closes #1521

(Forgive the oververbose commit message, experimenting with various
syntax hilighters)
2013-02-25 08:39:27 -06:00
Chris John Riley 28fd92a013 Added new default password foe TMSADM
Based on: http://blog.ptsecurity.com/2013/02/sap-unknown-default-password-for-tmsadm.html
2013-02-25 09:00:57 +01:00
jvazquez-r7 d7b89a2228 added security level bypass 2013-02-20 17:50:47 +01:00
jvazquez-r7 d88ad80116 Added first version of cve-2013-0431 2013-02-20 16:39:53 +01:00
sinn3r bc03247386 Merge branch 'sap_url_update' of github.com:ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_url_update 2013-02-19 15:08:26 -06:00
jvazquez-r7 9af43bc05c newline to sap_default.txt 2013-02-18 15:58:29 +01:00
jvazquez-r7 a91bbf5f69 Merge branch 'sap_default_user_additions' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_default_user_additions 2013-02-18 15:57:26 +01:00
jvazquez-r7 c8778587f5 rename the xml template for s4u 2013-02-18 15:25:03 +01:00
jvazquez-r7 be0feecf8f Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence 2013-02-18 15:22:37 +01:00
Chris John Riley 6519444112 Addition defaults 2013-02-15 13:35:25 +01:00
Chris John Riley 5df03f790b Remove end of line spaces and rerun uniq 2013-02-15 13:31:35 +01:00
Chris John Riley fb7d0159c3 Further URLs 2013-02-15 13:26:44 +01:00
Chris John Riley 21366dd4df Updated SAP URL list to include further known URLs 2013-02-15 13:20:23 +01:00
sinn3r 398e6cb202 Merge branch 'rsmudge-armitage' 2013-02-13 10:38:30 -06:00
Raphael Mudge 596b62b831 Armitage 02.12.13 - Distributed Operations
This update adds the ability to manage multiple team server instances
through one Armitage client. This update also adds nickname completion
to the event log. Several bug fixes are included too.
2013-02-11 21:20:03 -05:00
jvazquez-r7 41564fd51d Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb 2013-02-11 15:05:27 +01:00
smilingraccoon 3a499b1a6d added s4u_persistence.rb 2013-02-10 14:22:36 -05:00
scriptjunkie 447f78cb24 Handle nonstandard ports when starting new msfrpcd. 2013-02-04 17:24:41 -06:00
SphaZ 24de0d2274 Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT 2013-02-04 13:37:09 +01:00
Tod Beardsley 293f9da5cf Merge branch 'bug/pro-only-models'
Updates to use MDM 0.4.0 (was using 0.3.0)
2013-01-31 16:14:51 -06:00
jvazquez-r7 d0ecb617c3 Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner 2013-01-25 21:47:05 +01:00
f8lerror bf2b01f8ef Delete a file and strip space 2013-01-24 09:30:04 -05:00
f8lerror 6e94c04a52 Code Corrections and Enhancements 2013-01-23 20:26:23 -05:00
sinn3r e376bb6fab Merge branch 'rsmudge-armitage' 2013-01-22 22:52:35 -06:00
Raphael Mudge 8c86c49d43 Armitage 01.23.13
This update to Armitage adds the ability to assign labels to hosts
and create dynamic workspaces based on these labs. This update also
adds helpers to configure USERNAME/PASSWORD options and EXE::Custom
and EXE::Template. Several bugs were fixed as well.
2013-01-22 22:48:16 -05:00
jvazquez-r7 807bd6e88a Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl 2013-01-22 15:33:39 +01:00
jvazquez-r7 78279a0397 Added new module for cve-2012-5076 2013-01-17 21:27:47 +01:00
jvazquez-r7 d0b9808fc7 Added module for CVE-2012-5088 2013-01-17 21:14:49 +01:00
f8lerror 0b61d28e0e added Joomla scanner and url wordlist 2013-01-17 11:36:59 -05:00
jvazquez-r7 51f3f59d2f cve and references available 2013-01-11 00:54:53 +01:00
Luke Imhoff f8e1ccc27e Remove cred_files migration
[#41837027]

Mdm::CredFile is only used in Pro, so for metasploit_data_models 0.4.0,
Mdm::CredFiles has been moved to Pro, so the migration has been moved to
Pro too.
2013-01-10 17:50:00 -06:00
jvazquez-r7 876d889d82 added exploit for j7u10 0day 2013-01-10 20:30:43 +01:00
Sam Gaudet 7d1716b79f Turnkey Linux default password 2013-01-08 22:47:53 -05:00
Raphael Mudge 5348127fd2 Metasploit 4.5 Installer Environment Tweak
Armitage on Windows requires the user to specify their MSF
install folder. This tweak checks for an MSF 4.5 environment
and updates the specified folder to make everything work.

Like magic.
2013-01-04 13:08:47 -05:00
Raphael Mudge a79f2fa8d1 Armitage Updates and Bug Fixes
This is Armitage release 01.04.13. This update fixes several bugs
and improves the user experience launching *_login modules from
Armitage. This update adds a Windows 8 icon and includes a fix to
better work with the Metasploit 1.45 installer's environment.
2013-01-04 12:05:09 -05:00
jvazquez-r7 133ad04452 Cleanup of #1062 2012-12-07 11:55:48 +01:00
HD Moore 5e44987271 Really fix this by resetting schema cache 2012-12-06 06:33:46 -08:00
HD Moore a5b3be6dfa Fix a conflicting rename that breaks ActiveRecord 2012-12-06 06:14:49 -08:00
HD Moore 087b2c39ae Whitespace cleanup only 2012-12-06 06:13:53 -08:00
jvazquez-r7 b7f304f0db added build exec_payload.msi 2012-11-28 21:51:01 +01:00
Tod Beardsley 8d6289d8d6 Merge remote branch 'rsmudge/armitage' 2012-11-26 10:52:06 -06:00
Raphael Mudge a2615102c9 Armitage 11.26.12 - several usability enhancements and bug fixes. 2012-11-25 20:51:32 -05:00
sinn3r e6208a7993 Merge branch 'guiOptions' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-guiOptions 2012-11-19 10:09:54 -06:00
jvazquez-r7 24fe043960 Merge branch 'samba' of https://github.com/mephos/metasploit-framework into mephos-samba 2012-11-19 14:13:15 +01:00
jvazquez-r7 eddea29568 Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login 2012-11-18 21:36:54 +01:00
scriptjunkie 39dee758e6 Remember last options used for each module, and fill them in by default. 2012-11-17 10:08:45 -06:00
Tasos Laskos 8a9f0a0890 Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-14 18:10:41 +02:00
jvazquez-r7 5076198ba2 fixing bperry comments 2012-11-11 20:18:19 +01:00
jvazquez-r7 8619c5291b Added module for CVE-2012-5076 2012-11-11 17:05:51 +01:00
Tasos Laskos 7032ef0f6f Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-09 00:21:38 +02:00
nmonkee f521e70bee wordlists to accompany sap_soap_rfc_brute_login.rb 2012-11-07 10:46:36 +00:00
David Maloney c30ada5eac Adds temp vbs mod and tweaked decoder stub 2012-11-04 12:49:15 -06:00
Tasos Laskos 385d225305 Updated support for Web modules and analysis techniques (committing to new clean branch due to corruption) 2012-11-01 21:14:38 +02:00
m m f7481b160c add centos5 target 2012-10-31 18:21:41 +01:00
m m f819ec8e75 typo 2012-10-30 17:19:23 +01:00
m m 3855ba88b1 add meterpreter/command support to samba exploit using ROP 2012-10-29 17:33:00 +01:00
Raphael Mudge eee6248795 Armitage 10.16.12 - a lot of bug fixes. 2012-10-15 19:19:31 -04:00
jvazquez-r7 b4485fdb2b added chm templates 2012-10-10 19:21:47 +02:00
sinn3r 858fd9ff43 Merge branch 'ropdb' of https://github.com/wchen-r7/metasploit-framework 2012-10-03 15:21:11 -05:00
sinn3r ba1b65742e Separate XML for various DLLs. 2012-10-02 11:27:10 -05:00
sinn3r f2c7731b39 Add RopDb mixin 2012-10-01 17:09:01 -05:00
Cristiano Maruti 75f5e24178 Dell iDrac login aux scanner 2012-09-27 01:33:11 -05:00
scriptjunkie 10e1574d8a Bugfix with dragging tabbed panes when right-clicked.
Also don't displaly annoying null pointer error when no connection.
2012-09-22 16:32:18 -05:00
James Lee ac2ec99fb7 Add bin for mephos' netstat fixes
[Closes #777]
2012-09-12 16:57:17 -05:00
James Lee 46dfeec402 Adds meterpreter bins all compiled with the same VS
Not sure exactly what was causing the breakage, but using bins compiled
with the same version of Visual Studio seems to have fixed the issue.

[FixRM #7233]
2012-09-11 14:16:21 -05:00
sinn3r c4fb285288 Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-09-05 13:48:09 -05:00
Raphael Mudge e8b3f0193b Armitage 09.05.12 - this release detects several user errors on startup (incorrect permissions, whitespace in the host/port/user/pass parameters, etc.). This release also cleans up the token stealing dialog. 2012-09-05 01:54:28 -04:00
h0ng10 2b6aa6bbdb Added Exploit for deployfilerepository via JMX 2012-09-03 13:50:16 -04:00
James Lee 44801c217d Linux bins for #609 2012-08-29 14:09:37 -05:00
James Lee 5a5ca66bff Merge branch 'mephos-arp-linux' into rapid7 2012-08-29 11:19:04 -05:00
Patrick Webster be63aad0d1 Added Windows wordlist. 2012-08-29 10:51:09 +10:00
James Lee 049494752c Bins for #609, adds netstat and arp cmds 2012-08-28 18:21:57 -05:00
jvazquez-r7 363c0913ae changed dir names according to CVE 2012-08-28 16:33:01 +02:00
jvazquez-r7 52ca1083c2 Added java_jre17_exec 2012-08-27 11:25:04 +02:00
sinn3r f715527423 Improve CVE-2012-1535 2012-08-21 19:58:21 -05:00
Tod Beardsley f46545db58 Merge pull request #700 from rsmudge/armitage
Armitage 08.16.12
2012-08-18 05:55:26 -07:00
Raphael Mudge a6e50497f0 Armitage 08.16.12 - several little fixes and updates. Nothing to write home to mom about. 2012-08-17 16:25:22 -04:00
sinn3r 13df1480c8 Add exploit for CVE-2012-1535 2012-08-17 12:16:54 -05:00
jcran 0a6e0b2415 raspberry pi username / password 2012-08-15 01:55:40 -05:00
James Lee ce94bc2628 Add posix bins for previous commits
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
  p = client.sys.process.execute("id", "-u", "Channelized"=>true)
  p.channel.read

[SeeRM #7005][See #681]
2012-08-09 18:35:01 -06:00
HD Moore fac4ba270c Merge pull request #662 from rsmudge/armitage
Armitage 08.02.12 - adds Cortana scripting technology.
2012-08-02 14:31:11 -07:00
Raphael Mudge 32ee1263f9 Armitage 08.02.12 - adds Cortana scripting technology. 2012-08-02 13:24:15 -04:00
HD Moore c4fa86da93 Add missing 64-bit sniffer DLL 2012-08-02 11:33:11 -05:00
m m 5531fd18a0 Really limit packet count and data in linux sniffer
Squashed commit of the following:

commit 57795ff9c33a53167fca85845b96b82b5c92315f
Author: James Lee <egypt@metasploit.com>
Date:   Wed Aug 1 14:13:20 2012 -0600

    Add recompiled sniffer bin for linux

commit 0e11fdb06fcb9771a11eb631e6f10ec7a2d315f3
Author: m m <gaspmat@gmail.com>
Date:   Thu Jul 12 15:08:10 2012 +0200

    really limit packet count and data in linux sniffer

[Closes #605]
2012-08-01 14:16:00 -06:00
James Lee e200f43183 Squashed commit of the following:
commit 1de16b41c8808df2919706eaa8cc89ae44d9b591
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:55:32 2012 +0200

    typo

commit a396b55018175f3eb2a83baecb1ec601cc99eef4
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:51:32 2012 +0200

    various posix meterpreter bugfixes

[Closes #584]
[FIXRM #7042]
2012-07-19 15:56:47 -06:00
m m 6605e2910c Squashed commit of the following:
commit f0a1d2ad004e5c77cc4d5dcc71935aa530f1729f
Author: m m <gaspmat@gmail.com>
Date:   Tue Jul 17 11:56:43 2012 +0200

    linux meterpreter : correct netmask computation

[Closes #613]
2012-07-19 14:22:39 -06:00
HD Moore 430351fe79 Better handle of module cache when db_connect is run manually 2012-07-10 23:56:48 -05:00
LittleLightLittleFire e9ac90f7b0 added CVE-2012-1723 2012-07-10 12:20:37 +10:00
jcran 8d3ad94f3a enhanced tftp.txt bruteforce list 2012-07-05 22:54:22 -04:00
sinn3r 6dee4781df Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-07-05 18:47:07 -05:00
Raphael Mudge 6c53dffa50 Armitage 07.05.12
This release fixes a few small bugs.
2012-07-05 18:19:59 -04:00
HD Moore c31f70cfb6 Switch to METERPRETER_UA as intended 2012-07-02 00:02:47 -05:00
HD Moore 27bdf78a5a Add support for user-agent control 2012-06-30 23:00:08 -05:00
Tod Beardsley 414214eb9d Permissions. 2012-06-28 11:42:37 -05:00
jvazquez-r7 6ec990ed85 Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass 2012-06-27 23:09:26 +02:00
h0ng10 428ae21928 Changed readme.html file (was from the statistics plugin) 2012-06-26 12:03:52 -04:00
h0ng10 6cc8390da9 Module rewrite, included Java support, direct upload, plugin deletion 2012-06-26 11:56:44 -04:00
HD Moore 85faf53c5d Compromise on MDM counter cache initialization 2012-06-25 13:52:48 -07:00
HD Moore 13b4cb7e88 Revert "Remove reset_column_information (breaks badly)"
This reverts commit 02e124a330.
2012-06-25 13:52:48 -07:00
HD Moore fce5ff00ca Revert "Remove column reset - triggers issue with existing columns"
This reverts commit f479fae6aa.
2012-06-25 13:52:47 -07:00
HD Moore f479fae6aa Remove column reset - triggers issue with existing columns 2012-06-25 10:20:48 -07:00
HD Moore 02e124a330 Remove reset_column_information (breaks badly) 2012-06-25 10:08:38 -07:00
HD Moore 4c0877954e Rename migrations to avoid collisions during merge 2012-06-25 02:22:35 -05:00
HD Moore 3a40dac7d1 Merge branch 'master' into feature/vuln-info 2012-06-25 00:37:01 -05:00
HD Moore 6a91626d94 Permissions 2012-06-25 00:36:39 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
HD Moore 75f1484d63 Respin of binaries to remove debug output 2012-06-24 13:40:27 -05:00
HD Moore 6e61878393 Respin of meterpreter bins (add Win 8 to sysinfo, fix a few bugs) 2012-06-24 13:27:10 -05:00
h0ng10 65197e79e2 added Exploit for CVE-2008-6508 (Openfire Auth bypass) 2012-06-24 07:35:38 -04:00
sinn3r 54309c3c3d Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-06-24 02:25:38 -05:00
Raphael Mudge 322e0766a1 Armitage 06.23.12 2012-06-23 13:03:55 -04:00
jvazquez-r7 b891e868f5 Added actionscript and swf needed 2012-06-23 08:36:35 +02:00
sinn3r d7d314862f Need the trigger to actually make it work, duh! 2012-06-22 23:16:12 -05:00
Tod Beardsley 572fb4cb0c Permissions fix 2012-06-21 15:39:17 -05:00
HD Moore f7ecc98923 Merge branch 'master' into feature/vuln-info 2012-06-20 13:34:53 -05:00
sinn3r 79fc053a2e Merge branch 'module-CVE-2011-2110' of https://github.com/mrmee/metasploit-framework into mrmee-module-CVE-2011-2110 2012-06-19 22:05:07 -05:00
Steven Seeley fcf42d3e7b added adobe flashplayer array indexing exploit (CVE-2011-2110) 2012-06-20 12:52:37 +10:00
HD Moore d5768080bf Add a fail_message to attempts and fix bugs 2012-06-19 00:48:39 -05:00
HD Moore ffdcea6a0a Permissions, ignore 2012-06-18 18:12:51 -05:00
HD Moore e8ad66b799 Exploit attempt tracking is mostly complete 2012-06-17 23:00:21 -05:00
HD Moore 8709473e72 Add fullname to modules, load mixins, fix platform 2012-06-17 11:57:33 -05:00
HD Moore b4b1a4168e Add missing module_detail_id's and references 2012-06-17 01:44:32 -05:00
HD Moore e4fffc36de Move to one to many instead of m2m for module_detail tracking 2012-06-17 01:21:38 -05:00
HD Moore 03b29fff68 Merge up the latest, does not automaticlly load
the module tree into the database right now.
2012-06-14 04:35:43 -05:00
HD Moore a6070f8584 Tweak schema (type gets mangled by AR), add caching routine 2012-06-14 03:27:36 -05:00
HD Moore 1401ec0b19 Keep ID columns for record mgmt 2012-06-14 01:50:08 -05:00
HD Moore 80db388354 Fix up the schema relationships 2012-06-14 00:23:23 -05:00
HD Moore 2aa9de7f63 Fix the boolean definition 2012-06-13 22:16:59 -05:00
HD Moore 1bdd8dc533 Fix the constant 2012-06-13 22:15:58 -05:00
HD Moore d48a99146f Add the migration for new module_details tables 2012-06-13 22:07:56 -05:00
HD Moore 5922ec1f7a Permissions 2012-06-12 15:20:25 -05:00
HD Moore 7a449bffe2 Permissions 2012-06-12 15:19:41 -05:00
HD Moore 6290bba71b Merge branch 'master' into feature/vuln-info 2012-06-12 12:41:41 -05:00
HD Moore 21ea539648 Permissions 2012-06-12 11:50:28 -05:00
Michael Schierl 34ecc7fd18 Adding @schierlm 's AES encryption for Java
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.

Squashed commit of the following:

commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date:   Wed Apr 4 00:45:24 2012 +0200

    Do not break other architectures
    even when using `setg AESPassword`

commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:50:42 2012 +0200

    binaries

commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:49:10 2012 +0200

    Add AES support to Java stager

    This is compatible to the AES mode of the JavaPayload project.

    I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
    is not the supposed way, but it works :-)
2012-06-11 16:13:25 -05:00
HD Moore d975d1a236 Add counter caches for host_details, vuln_details, vuln_attempts 2012-06-10 17:15:53 -05:00
HD Moore beefea6fb9 Merge branch 'master' into feature/vuln-info 2012-06-10 12:54:58 -05:00
HD Moore 9dcb3059f8 MDM update 2012-06-10 03:46:58 -05:00
HD Moore 7c8cb2d79e Add vuln_attempts, track exploit attempts when a matching vuln exists.
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
2012-06-10 03:15:48 -05:00
sinn3r 4743c9fb33 Add MS12-005 (CVE-2012-0013) exploit 2012-06-10 01:08:28 -05:00
HD Moore 55bdbb6ec9 Merge branch 'master' into feature/vuln-info 2012-06-09 01:37:11 -05:00
HD Moore e840f7e9ee Add additional host detail columns and parsers 2012-06-09 00:43:03 -05:00
James Lee 1be9ce8649 Fixes command parsing in Post::Common
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
2012-06-07 22:24:59 -06:00
Raphael Mudge 68dd0cd497 Armitage 06.07.12 - improved collaboration performance and fixed two bugs. 2012-06-07 13:16:16 -04:00
HD Moore 49b3c9b0e8 More cleanup related to vuln schema 2012-06-07 04:42:16 -05:00
HD Moore 42c3bedfad Merge MDM, add migrations, tweak report_vuln 2012-06-07 00:40:26 -05:00
HD Moore e8af6882eb Permissions 2012-06-06 20:05:29 -05:00
jvazquez-r7 93741770e2 Added module for CVE-2011-3400 2012-06-05 18:21:55 +02:00
Joe Vennix 315d68b6f5 Add fix for counter_cache migration to keep from throwing readonly column error. 2012-06-01 13:31:00 -05:00
Joe Vennix c5c1e71b32 Add migrations for counter_cache columns to framework. 2012-06-01 12:07:08 -05:00
Raphael Mudge b5f1554caf Adding rsmudge's Armitage update
Squashed commit of the following:

commit 60be1b2d1d66134c54c82857a569bbf3a005baf8
Author: Raphael Mudge <rsmudge@gmail.com>
Date:   Wed May 30 19:43:07 2012 -0400

    Armitage 05.30.12
    A small collection of bug fixes.
2012-05-30 19:20:14 -05:00
jvazquez-r7 287d68f304 added module for CVE-2008-0320 2012-05-23 17:14:11 +02:00
sinn3r 3f1a72932e Merge pull request #401 from rsmudge/armitage
Armitage 05.21.12
2012-05-20 20:01:12 -07:00
Raphael Mudge c14a3e655e Armitage 05.21.12
This release improves collaboration performance and fixes a few Windows specific issues.
2012-05-20 22:54:25 -04:00
syndrowm fec2ec37f8 Squashed commit of the following:
commit fa9b2841cfcb7c833da5454f108f15ad229e6b75
Author: syndrowm <syndrowm@gmail.com>
Date:   Mon Apr 2 17:00:59 2012 -0600

    header files needed to generate solaris and bsd elf executables

commit f03fb2ff97823f3c177f3e1678aec26d92dd16ab
Author: syndrowm <syndrowm@gmail.com>
Date:   Mon Apr 2 16:59:46 2012 -0600

    add functions to allow generating elf executables for bsd and solaris

[Closes #292]
2012-05-18 10:21:34 -06:00
jvazquez-r7 14d8ba00af Added batik svg java module 2012-05-17 16:48:38 +02:00
sinn3r a88af1dd36 Merge pull request #391 from rsmudge/armitage
add color to armitage's presentation of the Metasploit console
2012-05-16 21:57:43 -07:00
jlee-r7 fe7928c18d Merge pull request #390 from jlee-r7/consolidate-250-254-375
Consolidate #250, #254, #375
2012-05-16 17:07:33 -07:00
James Lee aee9c8292c Undo mode change from last commit
>_<
2012-05-16 16:14:56 -06:00
James Lee f60429ea57 Linux binaries for consolidation
This includes ps support, sniffer enhancements and the new loadlib API
changes.

[See #250][See #254][See #375]
2012-05-16 16:13:39 -06:00
James Lee 709f860e8d Undo mode change from previous commit 2012-05-16 16:09:10 -06:00
James Lee 62f6ed97a7 Windows binaries for new loadlib API 2012-05-16 16:07:55 -06:00
Raphael Mudge 74e4812946 add color to armitage's presentation of the Metasploit console 2012-05-16 04:23:21 -04:00
James Lee 42719ab34b Squashed commit of the following:
commit 6a3ad1d887df9d277e4878de94f8700ed8e404f9
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 16:22:49 2012 -0600

    Add register_command calls for md5 and sha1

commit dbd52c5a1edfe1818a580d4d46aac0a9ca038e9c
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 16:22:09 2012 -0600

    Read the file instead of downloading it

commit 55b84ad8e2a8532b3f8520ccb1162169b8e9c056
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 15:27:11 2012 -0600

    Re-compile linux meterp to support the loadlib api

commit d112e84e490aa30aa9533fb0bdb33a9713ce01a5
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:50:25 2012 -0600

    Re-compile java meterp to support the loadlib api

commit c137187b346b708487245a849b95343223e4e7b0
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:44:10 2012 -0600

    Don't try to get interfaces if this session doesn't implement it

commit 88bba1e6c360c5725c4174623f56bcb6d8b54228
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:38:17 2012 -0600

    Remove debugging load

commit 02954cbf93e2a13da967780cb703103b3f83ecf4
Merge: d9ef256 88b35a3
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 12:06:53 2012 -0600

    Merge branch 'rapid7' into feature/4905

    Conflicts:
    	data/meterpreter/ext_server_stdapi.php
    	modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb

commit d9ef2569b88ae8bce67f13316f6eff76311fd846
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 2 18:06:06 2012 -0600

    PHP doesn't support rev2self

commit bf13ea0ff25541da07b8c099218e5ad7ea6ae8ba
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 18:21:59 2012 -0600

    Add php support for returning new extension commands

commit 7e35f2d671d3797fc3fab12e54015387f44b0b33
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 16:03:26 2012 -0600

    Reset CVE-2012-0507 back to master

    Purges commits unrelated to this branch.

commit 86a77b3cd017e1e3a3f23d9fba3b9ed173761f80
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 15:59:35 2012 -0600

    Revert "Make building the jar for cve-2012-0507 a bit easier"

    This reverts commit 27ef76522ad10436ec785728445ed2cc0657f85f.

    Conflicts:

    	external/source/exploits/CVE-2012-0507/Makefile
    	external/source/exploits/CVE-2012-0507/src/msf/x/PayloadX.java

commit 8c259fb779f736be16fe972215ddff1dd32fd0f3
Merge: fe2c273 1c03c2b
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 15:35:44 2012 -0600

    Merge branch 'rapid7' into feature/4905

    Conflicts:
    	data/meterpreter/ext_server_stdapi.jar
    	data/meterpreter/meterpreter.jar
    	external/source/meterpreter/java/src/meterpreter/com/metasploit/meterpreter/Meterpreter.java
    	modules/auxiliary/server/browser_autopwn.rb

commit fe2c273a6d840c67040d6c9e337f908204337e18
Merge: 8caff47 4e955e5
Author: James Lee <egypt@metasploit.com>
Date:   Fri Apr 6 10:19:53 2012 -0600

    Merge branch 'rapid7' into feature/4905

commit 8caff47d97469f1a5459c04461fd1098487ea514
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 17:51:18 2012 -0600

    Fix requires to find the test library

commit 51c33574cee3c47f0b2900c388d3d1213dd0a90d
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 17:48:35 2012 -0600

    Fix a load order problem with solaris post mods

commit 81b658362e5e6bdd215d18b53d14429d163aff72
Merge: adad2cf 6ef4257
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 15:43:19 2012 -0600

    Merge branch 'master' into feature/4905

commit 6ef42579471c6fde4bba71d0d4ce2c6c3e836180
Merge: 70ab8c0 5852455
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 15:16:56 2012 -0600

    Merge branch 'rapid7'

    Conflicts:
    	lib/rex/exploitation/javascriptosdetect.rb

commit adad2cf04c501c2a787e5475b62abd31871c06a0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 20:20:21 2012 -0600

    Deal with null data/jar

    Not sure why "" turns into null sometimes, but it was breaking shells;
    this fixes it.

commit 4f8a437b490e2b2774f9efd23b4891eaf007cf16
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:10:59 2012 -0600

    Prev commit moved these to src/a

commit 27ef76522ad10436ec785728445ed2cc0657f85f
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:08:32 2012 -0600

    Make building the jar for cve-2012-0507 a bit easier

    Mostly stolen from cve-2008-5353

commit db3dbad0a5ff20b05758be073c3502138ff095c2
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 14:52:23 2012 -0600

    Fix incorrect option name

commit 776976af31795bdf1b405e208a2d4b78a6b6c2cf
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:36:20 2012 -0600

    Add bap support to java_rhino

commit a611ab16e06bd324d6616d0bd69f2c09d671bca0
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:35:16 2012 -0600

    Put next_exploit on the window object so it's always in scope

    Solves some issues with Chrome not running more than one exploit

commit 5114d35de7c2f234ac7fe4288b344d4f2bb9731f
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 14:31:53 2012 -0600

    Pull common stuff up out of the body

commit 748309465a029593e2fe2fd445149745367513f4
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:04:03 2012 -0600

    Fix indentation level

commit 954d485e3b8ffea9a7451bd495c1956a098e0eda
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:02:42 2012 -0600

    Abstract out copy-pasted methods

    Need to do the same thing for OSX, but it's a different implementation.

commit cba8d7c911fb184f6358948022fd4a0e010878d0
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 18:04:50 2012 -0600

    Linux doesn't implement (drop|steal)_token

commit 1cfda3a7b045c08ecfae1ad688e0124e76bd0c8f
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 17:57:37 2012 -0600

    Add availability checks for net, sys, ui, and webcam

commit 4bdf39a8bf4b5aab293fc47cb8282d0346db0811
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 16:45:59 2012 -0600

    add requirement checking for fs and core commands

commit 42e35971c9f7348b57293b2b94a42dd0260ac7e4
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 21 17:20:59 2012 -0600

    Add a to_octal method that converts e.g. "A" to \0101

commit c3b9415a0a9e2b55b1effbaf2396e11f88301aaa
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 21 17:20:07 2012 -0600

    Don't use "echo -n"

    It's not portable

commit b0f3ceccfaedbeaf67fbbe76f1a0a9aec7b44548
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 20 17:01:10 2012 -0600

    Return a list of new commands after core_loadlib, java version

    Thanks mihi for the patch and the awesome responsiveness!

commit d65303e1b6458bd4b95138dc0d61e5354c4e8d3a
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 20 13:21:06 2012 -0600

    Make sure we have a response before doing stuff with it

commit 721001ead474a17d1a16de543f78b548879f5e7e
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 21:25:31 2012 -0600

    Add missing rmdir and mkdir protocol commands to PHP

    Now passes all the stdapi tests that it can
    	[*] Session type is meterpreter and platform is php/php
    	[+] should return a user id
    	[+] should return a sysinfo Hash
    	[-] FAILED: should return network interfaces
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
    	[-] FAILED: should have an interface that matches session_host
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
    	[-] FAILED: should return network routes
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_routes: Operation failed: 1
    	[+] should return the proper directory separator
    	[+] should return the current working directory
    	[+] should list files in the current directory
    	[+] should stat a directory
    	[+] should create and remove a dir
    	[+] should change directories
    	[+] should create and remove files
    	[+] should upload a file
    	[-] Passed: 10; Failed: 3

commit 024e99167a025f4678a707e1ee809a1524007d4d
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:26:00 2012 -0600

    Use a proper TLV type instead of a generic one

commit 1836d915cbe0bfd2f536a667e74d8d6a6ccee72a
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:24:25 2012 -0600

    Fix a counting error that caused segfaults (Linux)

commit 1e419d3fc392e435ae0af703561ce10bd5a45eb0
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:06:02 2012 -0600

    Return a list of new commands after core_loadlib

    Gets Windows back in sync with Linux

commit 3d3959f720de68e2f36ebfabe8196e01f98fe904
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 14:50:55 2012 -0600

    Refactor extensionList -> extension_commands

    It's not the same as extension_list.

commit a7acb638af803732fc5f3975e0c0632f427e0deb
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sun Mar 18 00:07:27 2012 -0500

    Massive whitespace cleanup

commit ef8b9fd5cea7db43860a5b88d7397ba84393ecd5
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 16:00:20 2012 -0500

    Add back enum_protections with some new changes

commit d778eec36953bb9bf4985e967ad2c119a1acd79b
Author: ohdae <bindshell@live.com>
Date:   Sat Mar 17 13:28:31 2012 -0400

    Added fix for enum_protections

commit 64611819d43bf13ab2d68f4353513c39e5a64fe0
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 03:14:26 2012 -0500

    A bunch of fixes

commit bb1a0205d73e75a61a8fbf5ff6440dd09f9780f9
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:28:05 2012 -0500

    The comments in get_chatlogs need an update

commit 666477e42a734f3120dcc4282b01b5ab5819384a
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:25:41 2012 -0500

    Correct license format

commit 3c8eecbcd7b952abaca0b1ce14dca41e1d4cabb7
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:22:03 2012 -0500

    Add enum_adium.rb post module

commit d290cf4fef1309df9a1af748e7c6c259a6788576
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 16:54:36 2012 -0300

    Changed store_note to store_loot. Fixed local/remote file retrieval

commit ccb830b594ea0f0a8ce7c29b24f2f137ecfd5c4c
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 11:29:07 2012 -0600

    Fall back to MIB method if we can't get netmasks

    Misses IPv6 addresses, but at least doesn't break everything.

    [Fixes #6525]

commit a9a30232dd5fcc0854c10b4d58df8511a23f3091
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Fri Mar 16 11:49:31 2012 -0500

    This module is not ready, yanked.

commit 6bb34f7fd0785d31902f1edc938a6b05b91a1495
Author: Gregory Man <man.gregory@gmail.com>
Date:   Fri Mar 16 18:09:08 2012 +0200

    sockso_traversal 1.8 compatibility fix

commit e76965ce565a8ae634dc0d3c743542f1a6d977d7
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 09:17:35 2012 -0400

    fix

commit 61ce7b587de54363f7071bc19df5a29eb29e9aa7
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 09:14:48 2012 -0400

    saves each config to loot instead of notes

commit f4713974fa82d8b13017cb0817b5fd36696194d9
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 03:46:10 2012 -0600

    Check for a 0 prefix length

    If the OnLinkPrefixLength is 0, something is wrong, try the value in the
    prefix linked list.  Appears to fix v4 addresses on XP but not 2k3.

    [See #6525]

commit cde7fcc012e04880f2faa28226a1fc5834a2e3d5
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 01:46:41 2012 -0600

    Return network prefixes when available

    Solves #6525 on Vista+.  Win2k still works using the old MIB method
    (which doesn't support ipv6).  Win2k3 and XP are still busted for
    unknown reasons.

commit 98bd9a7bd09149f524ebbe1501ec916bf99b078d
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 22:59:42 2012 -0400

    Enumerate important and interesting configuration files

commit 9336df2ac28ee2df10a0e66e7006df3d23493492
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Thu Mar 15 19:06:48 2012 -0500

    More Virtualisation SSL fixes

commit f24c378281ee6c85f687d4823f09ef5848812daf
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Thu Mar 15 18:15:29 2012 -0500

    Default SSL to true for esx_fingerprint module

commit d6e14c42120df0fd16b79709ac5723d0e2818810
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 15:56:24 2012 -0500

    Fix typo

commit b24dcfe43e625740ec8a1465f33be02f7ec40162
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 15:55:54 2012 -0500

    Add sockso dir traversal

commit 033052c1e075fcf43e9c17e5ee4a5006247cb375
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 15 14:31:25 2012 -0600

    Fix syntax error in 1.8, thanks Jun Koi for the patch

commit 4529efaeaa22e52c9c7c1528c68efb60af8af729
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 14:27:40 2012 -0500

    enum_protections is now find_apps

commit 49e823802bd8f2cb1940545e74db04f3788352d1
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 14:22:23 2012 -0500

    File rename, as well as design and cosmetic changes

commit ccf6b011145cf9db444f7e2d3fb3ec61738e88cb
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 15:29:52 2012 -0300

    added report_note, removed store_loot function, cleaned up info/author

commit 27d571932e51afbac0c0fcd95c52f038786a9a28
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 12:18:29 2012 -0300

    fixed output newline issue

commit 5a828e35d1629dc68825fe7d9322d1316888f8d7
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:05:35 2012 -0300

    fixed save line

commit 805c2ee9871c076a8c0ac62b028a7942af70b6a5
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:02:07 2012 -0300

    removed unneeded comments

commit 5861e1512f2949c0d7848d9ebed8241277462085
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:00:55 2012 -0300

    fixed output issue

commit 593a3648111f1db1f56a410250539261c2a7cd9f
Author: ohdae <bindshell@live.com>
Date:   Wed Mar 14 18:26:53 2012 -0300

    removed unneeded dependency

commit 05053e6e74b0ac99bbd4005c40ecc3b1196fd13f
Author: ohdae <bindshell@live.com>
Date:   Wed Mar 14 13:30:16 2012 -0400

    locates installed 3rd part av, fws, etc

commit 5bf512d0e9d2b412c4107228db178a7078111443
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Wed Mar 14 16:50:54 2012 -0500

    Add OSVDB-79863 NetDecision Directory Traversal

commit 18715d0367f4ef01b5998d732043cbe224e1787e
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 23:03:01 2012 -0600

    Store the retrieved commands on the session

commit b752cb8b31fd8dcd221fb6caa483f6202bf5a4fd
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 22:45:16 2012 -0600

    Retrieve the list of new commands

    The client side doesn't do anything with them yet

commit 69ce8ef42d4089a0b26644bd4d6bebf57c4cfd50
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 22:41:16 2012 -0600

    Return a list of the new commands in response to core_loadlib

    Linux

commit 354c754aa4cce63ffebb4567f3bbfd621ffef46c
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 15:13:45 2012 -0600

    Whitespace at EOL

commit 4afcb4cb9da1921ede29b03b149433cc65d680da
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 14:30:09 2012 -0600

    Create instance methods that return extensions

    Before this change, meterpreter sessions would not #respond_to? their
    extensions despite having a pseudo-accessor for them:
    ```
    >> client.respond_to? :sys
    => false
    >> client.sys
    => #<Rex::Post::Meterpreter::ObjectAliases:0x0000000e263488 @aliases={"config"=>#<Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Config:0x0000000e268dc8 @client=#<Session:meterpreter 192.168.99.1:55882 (192.168.99.1) "uid=1000, gid=1000, euid=1000, egid=1000, suid=1000, sgid=1000 @ wpad">>, "process"=>#<Class:0x0000000e268d20>, "registry"=>#<Class:0x0000000e266da0>, "eventlog"=>#<Class:0x0000000e2654e8>, "power"=>#<Class:0x0000000e263c30>}>

    ```

    After:
    ```
    >> client.respond_to? :sys
    => true
    ```

commit 70ab8c018f67d15929b6f41322540837ab7b37c5
Merge: a8a3938 5f2bace
Author: James Lee <egypt@metasploit.com>
Date:   Tue Apr 3 11:46:25 2012 -0600

    Merge branch 'master' into bap-refactor

    Conflicts:
    	external/source/exploits/CVE-2012-0507/Help.java
    	external/source/exploits/CVE-2012-0507/Makefile
    	external/source/exploits/CVE-2012-0507/msf/x/Help.java
    	external/source/exploits/CVE-2012-0507/src/a/Exploit.java
    	external/source/exploits/CVE-2012-0507/src/a/Help.java

commit a8a393891588a8b5c18e3c2173f1cd9c2480b2d0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 20:20:21 2012 -0600

    Deal with null data/jar

    Not sure why "" turns into null sometimes, but it was breaking shells;
    this fixes it.

commit 5e5eb39d3ccb62a9fc006be8241cfb97723caa06
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:10:59 2012 -0600

    Prev commit moved these to src/a

commit 5074eadbea426fc4f83d6d165a01e640ef42b4de
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:08:32 2012 -0600

    Make building the jar for cve-2012-0507 a bit easier

    Mostly stolen from cve-2008-5353

commit bdb3fbe7fd19aa76b4069edca5a78c53fec668c0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 14:52:23 2012 -0600

    Fix incorrect option name

commit 78824ef60084510d3befe0ded6eed314d55eeb12
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 13:24:33 2012 -0600

    Add the detected browser version to the DOM

    Doing it this way lets modules grab the info a bit more easily.

commit 9813ccb8d6b14e0e728b8a13bacf59dd31b9c4b9
Merge: 0faa3f6 b5fc8e4
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 13:19:05 2012 -0600

    Merge branch 'master' into bap-refactor

commit 0faa3f65240c3a2b3ab0e72f4aeb2e9f50ed54ee
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:36:20 2012 -0600

    Add bap support to java_rhino

commit 66ca27f994e3b11c9c8adae85642820768158860
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:35:16 2012 -0600

    Put next_exploit on the window object so it's always in scope

    Solves some issues with Chrome not running more than one exploit

commit 7fc2ca1a0690c7a973307772aed42ab3514e1761
Merge: 325d306 e48c47e
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:10:54 2012 -0600

    Merge branch 'master' into bap-refactor

commit 325d3060599bc79674e93dd5f55a4e60061e9bdb
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 14:31:53 2012 -0600

    Pull common stuff up out of the body

commit 4f2b3260bf7f14f4d763625792adb0c3cfd1ed7c
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:04:03 2012 -0600

    Fix indentation level

commit 9b905c53b4d46beb86da8168a1c2c5b2da340f6d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:02:42 2012 -0600

    Abstract out copy-pasted methods

    Need to do the same thing for OSX, but it's a different implementation.
2012-05-15 17:00:02 -06:00
Tod Beardsley 64270ea7c2 Adding default user/pass for CCTV module
User/pass combos that come from manuals and independant research.
2012-05-15 08:14:28 -05:00
sinn3r 2e8b11ca78 Merge pull request #383 from rsmudge/armitage
Armitage 05.14.12
2012-05-13 16:15:59 -07:00
Raphael Mudge c7b9b711f1 Armitage 05.14.12
This release SSL-enables the red team collaboration architecture, adds several keyboard
shortcuts and it improves the workflow for viewing downloaded files/loots.
2012-05-13 13:56:10 -04:00
James Lee 7a05f3eab4 Mark failed logins as inactive 2012-05-08 16:51:22 -06:00
James Lee 318b14af4c Fix improper reporting and stack traces when we missed a banner
Also makes sure we delete the session if we got a 221 response, even if
we haven't seen a login yet.
2012-05-08 16:40:56 -06:00
James Lee 1eec1cebb5 Fix improper reporting
:proto is always tcp, udp, etc., name is the higher layer name
2012-05-08 16:39:32 -06:00
James Lee 536fa39ae8 Keep the client and the server on tracked tcp sessions 2012-05-08 16:38:12 -06:00
James Lee 88b35a32e5 Make permissions consistent 2012-05-08 13:50:43 -06:00
James Lee 421630ef85 Binaries with fixed timestamps
[See #304]
2012-05-08 13:49:35 -06:00
Alexandre Maloteaux 452cead1e9 Merge psnuffle ntlmv2 support from Alex Malateaux
Testing this with smbclient requires setting "client ntlmv2 auth = yes"
in /etc/samba/smb.conf

Squashed commit of the following:

commit 7acc32f5f00914fed355a080ca237543448f80ca
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:52:49 2012 +0100

    psnuffle : move protocol filtering in load function

commit 9c9ae9711c760b4f072271b7e5993f9bf8366671
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:50:48 2012 +0100

    psnuffle : add hash exctratiopn from smbv2 session

[Closes #327]
2012-05-08 13:41:42 -06:00
sinn3r 122a3b7848 Merge pull request #366 from rsmudge/armitage
give source code a correct home.
2012-05-07 13:53:07 -07:00
HD Moore 6bd0e6ef80 Merge pull request #365 from rsmudge/armitage
include armitage source in MSF tree.
2012-05-07 08:38:30 -07:00
HD Moore 8ac11e6054 Merge pull request #364 from jlee-r7/php-meterp-improvements
Php meterp improvements
2012-05-07 00:46:17 -07:00
HD Moore 1cf0e555c8 Merge pull request #363 from rsmudge/armitage
Armitage 05.07.12
2012-05-07 00:44:44 -07:00
James Lee 7ef965da45 Add md5 and sha1 support to php meterp 2012-05-07 01:01:08 -06:00
James Lee af6589b725 Add mkdir and rmdir support for PHP
I swear I've written this code before, i wonder where git hid it.
2012-05-07 00:41:05 -06:00
Raphael Mudge 24a9cd92a6 give source code a correct home. 2012-05-06 01:52:16 -04:00
Raphael Mudge 2012057098 include armitage source in MSF tree. 2012-05-05 15:48:08 -04:00
Raphael Mudge 5b688124a2 Armitage 05.07.12
This release overhauls Armitage's collaboration architecture and
introduces several requested improvements:

1. Users may now resize the description field in the module launch dialog
2. Users may now change where Armitage saves its logs to
3. Added Ctrl+D keyboard shortcut to quickly close the active tab.
2012-05-05 14:20:41 -04:00
HD Moore f6005ba06e Permission change, ignore 2012-04-23 13:42:18 -05:00
Tod Beardsley d33cd386a8 Merge pull request #340 from rsmudge/armitage
fix a compatability issue with latest msf changes.
2012-04-19 17:50:43 -07:00
sinn3r 9a00823828 Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch' 2012-04-19 18:08:22 -05:00
Tod Beardsley 8edf3fc8bd Service info shouldn't be blanked if it exists.
Check service.info at the end of reporting a service instead of the
beginning. This will preserve an existing service info in the event
we're re-reporting a service.

[See #6701]
2012-04-19 09:47:41 -05:00
Raphael Mudge db02a8f582 fix a compatability issue with latest msf changes. 2012-04-17 01:04:12 -04:00
Tod Beardsley 5366e58e72 Merge pull request #336 from rsmudge/armitage
Armitage 04.16.12 - a few small improvements.
2012-04-16 13:31:02 -07:00
James Lee a957a68d65 Rebuild meterpreter.jar after changes from #303
Basically just to make sure I didn't hose it in my confusion with git's
conflict resolution.
2012-04-16 13:16:38 -06:00
James Lee 15913dd92c Squashed commit of the following:
commit 97755336f2227a7db668b61e548d2956dddaccb8
Author: Michael Schierl <schierlm@gmx.de>
Date:   Thu Apr 5 22:33:40 2012 +0200

    make sure PayloadTrustManager gets dropped when using Spawn > 0

commit 0d096043e23af5d46a20b7f2c30c5d926ff66f8d
Author: Michael Schierl <schierlm@gmx.de>
Date:   Wed Apr 4 22:15:23 2012 +0200

    Fix connection hangs when using java/meterpreter/reverse_https with recent Java versions

    Reason is that Java thinks the SSL certificate presented by Metasploit is untrusted;
    therefore add a hack similar to the one in the metasploit.Payload class to trust all
    certificates here.

[Closes #303]
2012-04-16 13:15:33 -06:00
Michael Schierl eedd7be453 Squashed commit of the following:
commit 9afece529a33739a088c9c4d10b76dd52f23b99e
Author: Michael Schierl <schierlm@gmx.de>
Date:   Thu Apr 12 17:58:12 2012 +0200

    fix cat ... command by making stdapi_fs_stat return a sensible result

[Closes #330]
2012-04-16 12:24:54 -06:00
Tod Beardsley 7caf3a0159 Lift a migration from Pro -- workspace_members
Should have landed here initially anyway.
2012-04-16 12:45:05 -05:00
Tod Beardsley 4bcbdc54c9 Cutting over rails3 to master.
This switches the Metasploit Framework to a Rails 3 backend. If you run
into new problems (especially around Active Record or your postgresql
gem) you should try first updating your Ruby installation to 1.9.3 and
use a more recent 'pg' gem.

If that fails, we'd love to see your bug report (just drop all the
detail you can into an issue on GitHub). In the meantime, you can
checkout the rails2 branch, which was branched from master immediately
before this cutover.

Squashed commit of the following:

commit 5802ec851580341c6717dfea529027c12678d35f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:12 2012 -0500

    Enable MSF_BUNDLE_GEMS mode by default (set to N/F/0 to disable)

commit 8102f98dce9eb0c73c4374e40dce09af7b51d060
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:03 2012 -0500

    Add a method to expand win32 file paths

commit bda6479d154cf75572dd5de8b66bfde661a55de9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:53:44 2012 -0500

    Fix 1.8.x compatibility

commit 101ce4eb17bfdf755ef8c0a5198174668b6cd6fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:40:59 2012 -0500

    Use verbose instead of stringio

commit 5db467ffb593488285576d183b1662093e454b3e
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:30:06 2012 -0500

    Hide the iconv warning, were stuck with it due to EBCDIC support

commit 63b9cb20eb6a61daf4effb4c8d2761c16ff0c4e0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:29:58 2012 -0500

    Dont use GEM_HOME by default

commit ca49271c22c314a4465fff934334df18c704cbc0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:23:34 2012 -0500

    Move Gemfile to root (there be dragons, lets find them) and catch failed bundler loads

commit 34af04076a068e9f60c5526045ddbba5fca359fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:18:29 2012 -0500

    Fallback to bundler when not running inside of a installer env

commit ed1066a4f3f12fae7d4afc03eb1ab70ffe2f9cf3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 16:26:55 2012 -0500

    Remove a mess of gems that were not actually required

commit 21290a73926809e9049a59359449168f740d13d2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:59:10 2012 -0500

    Hack around a gem() call that is well-intentioned but an obstacle in this case

commit 8e414a8bfab9641c81088d22f73033be5b37a700
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 15:06:08 2012 -0500

    Ruby, come on. Ducktype this. Please.

    Use interpolated strings to get the to_s behavior you don't get with
    just plussing.

commit 0fa92c58750f8f84edbecfaab72cd2da5062743f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:05:42 2012 -0500

    Add new eventmachine/thin gems

commit 819d5e7d45e0a16741d3852df3ed110b4d7abc44
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:01:18 2012 -0500

    Purge (reimport in a second)

commit ea6f3f6c434537ca15b6c6674e31081e27ce7f86
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:54:42 2012 -0500

    Cleanup uncessary .so files (ext vs lib)

commit d219330a3cc563e9da9f01fade016c9ed8cda21c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:53:02 2012 -0500

    PG gems built against the older installation environment

commit d6e590cfa331ae7b25313ff1471c6148a6b36f3b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:06:35 2012 -0500

    Rename to include the version

commit a893de222b97ce1222a55324f1811b0262aae2d0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:56:47 2012 -0500

    Detect older installation environments and load the arch-lib directories into the search path

commit 6444bba0a421921e2ebe2df2323277a586f9736f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:49:25 2012 -0500

    Merge in windows gems

commit 95efbcfde220917bc7ee08e6083d7b383240d185
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 13:49:33 2012 -0500

    Report_vuln shouldn't use :include in finder

    find_or_create_by doesn't take :include as a param.

commit c5f99eb87f0874ef7d32fa42828841c9a714b787
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:44:09 2012 -0500

    One more msised Mdm namespace issue

commit 2184e2bbc3dd9b0993e8f21d2811a65a0c694d68
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:33:41 2012 -0500

    Fixes some mroe Mdm namespace confusion
    Fixes #6626

commit 10cee17f391f398bb2be3409137ff7348c7a66ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:40:44 2012 -0500

    Add robots gem (required by webscan)

commit 327e674c83850101364c9cca8f8d16da1de3dfb5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:39:05 2012 -0500

    Fix missing error checks

commit a5a24641866e47e611d7636a3f19ba3b3ed10ac5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 01:15:37 2012 -0500

    Reorder requires and add a method for injecting a new migration path

commit 250a5fa5ae8cb05807af022aa4168907772c15f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:56:09 2012 -0500

    Remove missing constant (use string) and add gemcache cleaner

commit 37ad6063fce0a41dddedb857fa49aa2c4834a508
Merge: d47ee82 4be0361
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 00:40:16 2012 -0500

    Merge branch 'master-clone' into rails3-clone

commit d47ee82ad7e66de53dd3d3a65649cc37299a2479
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:30:03 2012 -0500

    cleanup leftovers from gems

commit 6d883b5aa8a3a7ddbcde5bfd4521d57c5b30d3c2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:25:47 2012 -0500

    MDM update with purged DBSave module

commit 71e4f2d81f6da221b76150562a16c730888f5925
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:37 2012 -0500

    Add new mdm

commit 651cd5adac8211d65e0c8079371d8264e549533a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:13 2012 -0500

    Update mdm

commit 0191a8bd0acec30ddb2a9e9c291111a12378537f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 22:30:40 2012 -0500

    This fixes numerous cases of missed Mdm:: prefixes on db objects

commit a2a9bb3f2148622c135663dead80b3367b6f7695
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:30:18 2012 -0500

    Add eventmachine

commit 301ddeb12b906ed3c508613ca894347bedc3b499
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:18:12 2012 -0500

    A nicer error for folks who need to upgrade pg

commit fa6bde1e67b12e2d3d9978f59bbc98e0c1a1a707
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:54:55 2012 -0500

    Remove bundler requirements

commit 2e3ab9ed211303f1116e602b9a450141b71e56a4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:35:38 2012 -0500

    Pull in eventmachine with actual .so's this time

commit 901fb33ff6b754ce2c2cfd51e3b0b669f6ec600b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:19:12 2012 -0500

    Update deps, still need to add eventmachine

commit 6b0e17068e8caa0601f3ef81e8dbdb672758fcbe
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 13:07:06 2012 -0500

    Handle older installer environments and only allow binary gems when the
    environment specifically asks for it

commit b98eb7873a6342834840424699caa414a5cb172a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 04:05:13 2012 -0500

    Bump version to -testing

commit 6ac508c4ba3fdc278aaf8cfe2c58d01de3395431
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:25:09 2012 -0500

    Remove msf3 subdir

commit a27dac5067635a95b4cbb773df1985f2a2dc2c5a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:24:39 2012 -0500

    Remove the old busted external

commit 5fb5a0fc642b6c301934c319db854cc3145427a1
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:03:10 2012 -0500

    Add the gemcache loader

commit 09e2d89dfd09b9ac0c123fcc4e19816c86725627
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:02:23 2012 -0500

    Purge gemfile/bundler configure in exchange for new gemcache setup

commit 3cc0264e1cfb027b515d7f24b95a74b023bd905c
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Apr 12 14:11:45 2012 -0500

    Mode change on modicon_ladder.apx

commit c18b3d56efd639e461137acdc76b4b283fe978d4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Thu Apr 12 01:38:56 2012 -0500

    The go faster button

commit ca2a67d51d6d4c7c3ca2e745f8b018279aef668a
Merge: 674ee09 b8129f9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 15:50:33 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Picking up Packetfu upstream changes, all pretty minor

commit 674ee097ab8a6bc9608bf377479ccd0b87e7302b
Merge: e9513e5 a26e844
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 13:57:26 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Conflicts:
    	lib/msf/core/handler/reverse_http.rb
    	lib/msf/core/handler/reverse_https.rb
    	modules/auxiliary/scanner/discovery/udp_probe.rb
    	modules/auxiliary/scanner/discovery/udp_sweep.rb

    Resolved conflicts with the reverse_http handlers and the udp probe /
    scanners byt favoring the more recent changes (which happened to be the
    intent anyway). The reverse_http and reverse_https changes were mine so
    I know what the intent was, and @dmaloney-r7 changed udp_probe and
    udp_sweep to use pcAnywhere_stat instead of merely pcAnywhere, so the
    intent is clear there as well.

commit e9513e54f984fdb100c13b44a1724246779ccb76
Author: David Maloney <dmaloney@melodie.gateway.2wire.net>
Date:   Fri Apr 6 18:21:46 2012 -0500

    Some fixes to how services get reported to prevent issues with the web interface

commit adeb44e9aaf1a329a0e587d2b26e678398730422
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Apr 2 15:39:46 2012 -0500

    Some corrections to pcAnywhere discovery modules to distinguish between the two services

commit b13900176484fea8f5217a2ef925ae2ad9b7af47
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Mar 31 12:03:21 2012 -0500

    Enable additional migration-path parameters, use a temporary directory to bring the database online

commit 526b4c56883f461417f71269404faef38639917c
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Mar 28 23:24:56 2012 -0500

    A bunch of Mdsm fixes for .kind_of? calls, to make sure we ponit to the right place

commit 2cf3143370af808637d164ce59400605300f922c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 16:22:09 2012 -0500

    Check for ruby 2.0 as well as 1.9 for encoding override

commit 4d0f51b76d89f00f7acbce6b1f00dc6e4c4545ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:36:04 2012 -0500

    Remove debug statement

commit f5d2335e7745aa1a354f4d6c8fc9d0b3876c472a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:01:55 2012 -0500

    Be explicit about the Mdm namespace

commit bc8be225606d6ea38dd2a85ab4310c1c181a94ee
Author: hdm <hdm@hypo.(none)>
Date:   Mon Mar 26 11:49:51 2012 -0500

    Precalculate some uri strings in case the 1000-round generation fails

commit 4254f419723349ffb93e4aebdaeabbd7d66bf8c0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Sat Mar 24 14:03:44 2012 -0500

    Removed some non-namespaced calls to Host

commit c8190e1bb8ad365fb0d7a1c4a9173e6c739be85c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:37:00 2012 -0500

    Purge the rvmrc, this is causing major headaches

commit 76df18588917b7150a3bedf2569710a80bab51f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:31:52 2012 -0500

    Switch .rvmrc to the shipping 1.9.3 version

commit 7124971d0032b268f4ddf89aca125f15e284f345
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Mar 12 16:56:40 2012 -0500

    Adds mixin for looking up Mime Types by extension

commit b7ca8353164c43db6bacb2f3f16afa1269f66e43
Merge: a0b0c75 6b9a219
Author: Matt Buck <techpeace@gmail.com>
Date:   Tue Mar 6 19:38:53 2012 -0600

    Merge from develop.

commit a0b0c7528d2b8fabb76b2246a15004bc89239cf0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Mar 6 11:08:59 2012 -0600

    Somehow migration file is new?

commit 84d2b3cb1ad6290413c3ea3222ddf9932270b105
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Feb 29 16:38:55 2012 -0600

    Added ability to specify headers to redirects in http server

commit e50d27cda83872c616722adb03dc1a6a5e685405
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Feb 4 04:44:50 2012 -0600

    Tweak the event dispatcher to enable customer events without a category
    and trigger http request events from the main exploit mixin.
    Experimental

commit 0e4fd2040df49df2e6cb0e8d2c6240a03d108033
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Thu Feb 2 22:09:05 2012 -0600

    Change Msm -> Mdm in migrations. This is what was preventing migrations from finishing on first boot.

commit c94a2961d04eee84adfd42bb01ed7a3e3846b83a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:48:48 2012 -0600

    Changed Gemfile to use new gem name

commit 245c2063f06b4fddbfc607d243796669ef236136
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:47:42 2012 -0600

    Did find/replace for final namespace of Mdm

commit 6ed9bf8430b555dcbe62daeddb2f33bd400ab5bc
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 24 10:47:44 2012 -0600

    Fix a bunch of namespace issues

commit 2fe08d9e4226c27e78d07a00178c58f528cbc72e
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:37 2012 -0600

    Update Msm contstants in migrations for initial DB builds.

commit 4cc6b8fb0440c6258bf70de77a9153468fea4ea5
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:25 2012 -0600

    Update Gemfile.lock.

commit 1cc655b678f0a054a9a783da119237fe3f67faa4
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Thu Jan 19 11:48:29 2012 -0600

    Errant Workspaces needed namespace

commit 607a78285582c530a68985add33ccf4d899c467a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 15:44:02 2012 -0600

    Refactored all models to use the new namespace

    * Every model using DBManager::* namespace is now Msm namespace
    * Almost all of this in msf/base/core
    * Some in modules

commit a690cd959b3560fa2284975ca7ecca10c228fb05
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 13:41:44 2012 -0600

    Move bundler setup

commit dae115cc8f7619ca7a827123079cb67fb4d9354b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 15:51:07 2012 -0600

    Moved ActiveSupport dep to gem

commit d32f8edb6e7f82079b775ffbc2b9a405d1f32b3b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 14:40:05 2012 -0600

    Removed model require file

commit d0c74cff8c44771e566ec63b03eda10d03b25c42
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 16:06:10 2012 -0600

    Update some more finds

commit 4eb79ea6b58b74c309ab1f1bb0bd35fe9041de46
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 14:21:15 2012 -0600

    Yet another dumb commit

commit a75febcb593d52fdfe930306b4275829759d81d1
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Thu Dec 29 19:20:51 2011 -0600

    Fixing deletion

commit dc139ff2fdfc4e7cdee3901dfb863e70913d6b92
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Wed Dec 7 17:06:45 2011 -0600

    Fixed erroneous commit

commit 531c1e611cf4d23aeb9c48350dabf7630d662d25
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Mon Nov 21 16:11:35 2011 -0600

    Remove AR patch stuff; attempting to debug non-connection between MSF and Pro

commit 458611224189c7aa27e500aabd373d85dc2dc5c0
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Fri Nov 18 16:17:27 2011 -0600

    Drop ActiveRecord/ActiveSupport in preparation for upgrade
2012-04-15 23:35:38 -05:00
Raphael Mudge 6986391f33 Armitage 04.16.12 - a few small improvements. 2012-04-15 15:14:26 -04:00
Tod Beardsley 18d83ee6c1 Permissions fix for modicon_ladder.apx 2012-04-12 14:26:27 -05:00
0a2940 654701f1b2 new file: data/exploits/CVE-2008-5499.swf
new file:   external/source/exploits/CVE-2008-5499/Exploit.as
	new file:   modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 20:58:22 +01:00
Tod Beardsley 14d9953634 Adding DigitalBond SCADA modules 2012-04-05 12:35:48 -05:00
andurin 175d6650a9 Added new pass for tomcat
Have seen this in the wild as a example users.xml
2012-04-05 11:18:41 +02:00
Michael Schierl 1d56ffe225 Update javapayload and java meterpreter
* Add support for hashing commands (stdapi_fs_md5 and sha1)
* Replace MTU detection with the Proper Java Way

Squashed commit of the following:

commit 0207b6e2e0c0eb55c7c5f04bd3008f674f6239ad
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 22:02:15 2012 +0100

    add support for stdapi_fs_{md5|sha1} commands

commit a187e7bc79f8d89e66df8d3a3f892c6dce10307b
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 20:32:03 2012 +0100

    update binaries

commit 0fc553bdac76cc8997fc581141483a3efbdefdfc
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 20:29:48 2012 +0100

    Add support to Java Meterpreter for multiple addresses on same interface

    For more information, see https://dev.metasploit.com/redmine/issues/6476

    Tested with Java 1.4, 1.5, 1.6, 1.7.

commit fc6dba99fe0b13bf8837ed7a699c5dbad35100e6
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:55:15 2012 +0100

    Fix Eclipse warnings

commit 4168d025507c1ecfbc50164cfc7f25f3f222b0ab
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:29:37 2012 +0100

    Update pretty-printing of unsupported command TLVs

    This adds the TLVs added by commit fbc8e25aaa to the pretty-printer.

commit 4a9335abdabb1b8a7741c5ec67852d7c5d552d6b
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:17:25 2012 +0100

    Un-ghetto Java Meterpreter MTU determination

    This splits the change from commit 14dfcce63a into a 1.6-specific and a 1.4-specific implementation (the latter being empty).

    Tested with Java 1.4, 1.5, 1.6, 1.7.

commit 968edd210ed68ba4974f051e280d90f0151df222
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:52:46 2012 +0100

    update .gitignore to ignore IDE generated files in JavaPayload projects

commit 86111625bee318411cf43da7706d37ce5d7045c5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:49:58 2012 +0100

    synchronize stages with upstream JavaPayload

commit 2360f2e6eb8703ae762868678ac952203be35d93
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:39:58 2012 +0100

    remove unused stages

[Closes #270]
2012-04-04 09:56:07 -06:00
Tod Beardsley ab269ac4ec Permissions fix for exploit jar file 2012-04-02 09:27:35 -05:00
James Lee 025d905c01 Compiled jar with -target 1.2 so it works on older JVMs 2012-03-30 17:05:20 -06:00
sinn3r e018c6604f Modify CVE-2012-0507 2012-03-30 02:06:56 -05:00
Tod Beardsley bec8d40a6c File permissions fix 2012-03-29 16:24:31 -05:00
Tod Beardsley f069a32223 Merge pull request #288 from wchen-r7/cve_2012_0507
Adding sinn3r and juan's exploit for CVE-2012-0507. Blog post coming soon.
2012-03-29 08:46:49 -07:00
sinn3r 791ebdb679 Add CVE-2012-0507 (Java) 2012-03-29 10:31:14 -05:00
Tod Beardsley 434e487800 Merge pull request #287 from rsmudge/armitage
startup bug fix for armitage
2012-03-29 05:00:03 -07:00
Raphael Mudge 28483711e7 initialize a console before connecting to db (forces msf to setup the database for user) 2012-03-29 01:00:03 -04:00
sinn3r ddc954acd1 Merge pull request #284 from rsmudge/armitage
Armitage 03.28.12. Mostly performance improvements.
2012-03-27 23:40:12 -07:00
Raphael Mudge f1d66b941e Armitage 03.28.12. Mostly performance improvements. 2012-03-27 20:01:37 -04:00
Tod Beardsley 348d0b6278 Merge pull request #263 from rsmudge/armitage
Armitage 03.22.12
2012-03-22 08:18:28 -07:00
Raphael Mudge b176e660a0 last minute change to how I highlight pivots. 2012-03-22 10:22:59 -04:00
sinn3r 434b56824b Merge pull request #261 from rsmudge/armitage
Armitage 03.22.12
2012-03-22 00:21:15 -07:00
Raphael Mudge 38b379ef88 Armitage 03.22.12
This release tweaks the payload selection logic, improves the built-in nmap profiles, and adds DNS enumeration to the Hosts menu.
2012-03-21 23:42:55 -04:00
James Lee 4ed55dc958 Fall back to MIB method if we can't get netmasks
Misses IPv6 addresses, but at least doesn't break everything.

[Fixes #6525]
2012-03-16 11:30:25 -06:00
James Lee ba1ed93ee2 Check for a 0 prefix length
If the OnLinkPrefixLength is 0, something is wrong, try the value in the
prefix linked list.  Appears to fix v4 addresses on XP but not 2k3.

[See #6525]
2012-03-16 03:46:10 -06:00
James Lee 9aaf6af072 Return network prefixes when available
Solves #6525 on Vista+.  Win2k still works using the old MIB method
(which doesn't support ipv6).  Win2k3 and XP are still busted for
unknown reasons.
2012-03-16 01:50:26 -06:00
James Lee 6036691517 Adjust snaplen to grab the whole packet in case mtu > 1514
Fixes an issue where pcap_dispatch would return -1 and pcap_geterror
said "corrupted frame on kernel ring mac"

[Fixes #6527]
2012-03-14 12:36:36 -06:00
James Lee 43f5ffabf6 Add Linux bins for new sniffer_release command et al.
[See #214]
2012-03-14 11:07:31 -06:00
David Maloney 5a69c896fc Fixes #6465
Properly imports vulnerability titles from Qualys Scan Reports
2012-03-13 16:45:55 -05:00
James Lee 6a6dd06103 Merge branch 'feature/6476-list-all-ifaces'
Conflicts:
	modules/auxiliary/scanner/afp/afp_server_info.rb
2012-03-13 13:55:45 -06:00
James Lee 89e3fee5a8 Revert "Squashed commit of the following:"
This reverts commit dd9ac8a6c0.
2012-03-13 13:38:35 -06:00
James Lee dd9ac8a6c0 Squashed commit of the following:
commit 8b4750d0dcbac0686f9403acdf5cab50c918212f
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 13 13:14:43 2012 -0600

    Add bins for listing all addresses

    [Fixes #6476]

commit 213dd92ebc9b706a45725e6515c7939d2edace0e
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 13 02:08:34 2012 -0600

    Accept multiple addresses and netmasks

    [See #6476]

commit 2e8bd3c3ecfb319bf9456485d2420bb5829b60cc
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 13 01:55:57 2012 -0600

    Make inspecting meterpreter packets a little less painful

    Not sure why I originally thought there was no way to access extensions'
    constants before.  A simple `require` makes it all happy.

commit da367907cf579bd3aefaffbc84d2f96a41b85f00
Author: James Lee <egypt@metasploit.com>
Date:   Sun Mar 11 22:08:44 2012 -0600

    Fix up Linux after changes for Windows

commit ec9f04378b0155f69df95d4a94e62d33ce61977c
Author: James Lee <egypt@metasploit.com>
Date:   Sun Mar 11 21:56:11 2012 -0600

    Grab IPv6 addresses on Windows when possible

    Tries to GetProcAddress of GetAdaptersAddresses and falls back to the
    old GetIpAddrTable() function when it isn't available. This should work
    on XPSP1 and newer, albeit without netmasks on versions before Vista.
    Still trying to figure that one out.

commit 1052ebdcf86114fbc03d1a37ab5d4c6a78e82daa
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 6 15:34:09 2012 -0700

    Wrap Windows-specifc headers in ifdef

commit f23f20587b3117c38a77e7e5a93d542411e9504f
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 6 14:36:34 2012 -0700

    Handle multiple addrs on one iface on the ruby side

commit d7207d075ac6462875d9da531cf20c175629a416
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 5 21:57:39 2012 -0700

    Adds IPv6 addrs to win32 get_interfaces response

commit 11ae7e8a45bd56d25841ea8724377e0fb6789d72
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 5 09:07:28 2012 -0700

    Don't distinguish between 4 and 6.

    The client can figure it out from the length.

commit 2c7490bdf3e4079f30857ee323d2ce23ab1bd9a5
Author: James Lee <egypt@metasploit.com>
Date:   Sun Mar 4 04:25:26 2012 -0700

    Append to the list instead of assigning to it

    All addresses are being sent to the client now.  Just need a way to
    parse them out correctly on the other side and meterpreter will be able
    to list all addresses on all interfaces on Linux.  Next step is to
    allocate the proper number of TLVs to avoid good ol' stack smashes on
    systems with lots of addresses and then make sure we clean all the
    memory leaks.

    [See #6476]

commit 73bba037ad968b922341c02459017afcc8407a76
Author: James Lee <egypt@metasploit.com>
Date:   Sun Mar 4 03:12:28 2012 -0700

    Lay the groundwork for returning all addresses

    This commit only sends the last interface in the list, but it is looping
    through all of them as evidenced by the log, just need to make sure
    we're not overwriting as we go.

    [See #6476]
2012-03-13 13:19:18 -06:00
James Lee d09a80594c Add bins for listing all addresses
[Fixes #6476]
2012-03-13 13:14:43 -06:00
HD Moore c8c73b076d Permisssions (ignore) 2012-03-08 16:16:13 -06:00
HD Moore 3e6cbe9486 Add source code to the player 2012-03-08 15:23:10 -06:00
HD Moore b0db18674c Test out new player code 2012-03-08 15:05:12 -06:00
sinn3r c63bc27c4b Merge pull request #223 from rsmudge/armitage
Armitage 03.08.12
2012-03-07 22:45:52 -08:00
Raphael Mudge f07be8b7de Armitage 03.08.12
-----------------
Added support for meterpreter's session_host value (allows armitage to associate session w/
a host, even if it's behind a NAT). Armitage also chooses an IPv6 payload when attacking an
IPv6 host.
2012-03-07 20:43:07 -05:00
sinn3r f2eab70c3f Add swf file for CVE-2012-0754 2012-03-07 19:23:11 -06:00
Raphael Mudge e564282ddc fix armitage pivoting/arp scan tools to work with updated meterpreter route output 2012-03-01 18:35:05 -05:00
James Lee 9f05562a18 Don't distinguish between IPv4 and IPv6 routes
It's easier to deal with one Array of all routes regardless of INET
family than having get_routes() return a two-element Array of Arrays.
Also fixes a bug in each_route() which was expecting get_routes() to
return a single Array of all routes. Thanks to valsmith for reporting.
2012-03-02 18:26:57 -07:00
James Lee 368cb13728 And the updated bin 2012-03-02 13:19:00 -07:00
Efrain Torres 9c6fec3c33 First step on module cleaning. 2012-03-02 10:18:32 -06:00
sinn3r 323e58d944 Merge pull request #213 from rsmudge/armitage
Armitage 03.02.12
2012-03-01 16:32:39 -08:00
James Lee be65f421f7 New Java meterpreter bins for adding MTU 2012-02-29 20:31:56 -07:00
sinn3r 4290c2e569 Merge pull request #206 from rsmudge/armitage
Armitage 02.29.12
2012-02-28 22:17:13 -08:00
James Lee 624e19fd8b Merge session-host-rework branch back to master
Squashed commit of the following:

commit 2f4e8df33c5b4baa8d6fd67b400778a3f93482aa
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:31:03 2012 -0700

    Clean up some rdoc comments

    This adds categories for the various interfaces that meterpreter and
    shell sessions implement so they are grouped logically in the docs.

commit 9d31bc1b35845f7279148412f49bda56a39c9d9d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 13:00:25 2012 -0700

    Combine the docs into one output dir

    There's really no need to separate the API sections into their own
    directory.  Combining them makes it much easier to read.

commit eadd7fc136a9e7e4d9652d55dfb86e6f318332e0
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:27:22 2012 -0700

    Keep the order of iface attributes the same accross rubies

    1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
    end up with ~random order for the display with the previous technique.
    Switch to an Array instead of a Hash so it's always the same.

commit 6f66dd40f39959711f9bacbda99717253a375d21
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:23:35 2012 -0700

    Fix a few more compiler warnings

commit f39cb536a80c5000a5b9ca1fec5902300ae4b440
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:17:39 2012 -0700

    Fix a type-safety warning

commit 1e52785f38146515409da3724f858b9603d19454
Author: James Lee <egypt@metasploit.com>
Date:   Mon Feb 27 15:21:36 2012 -0700

    LHOST should be OptAddress, not OptAddressRange

commit acef978aa4233c7bd0b00ef63646eb4da5457f67
Author: James Lee <egypt@metasploit.com>
Date:   Sun Feb 26 17:45:59 2012 -0700

    Fix a couple of warnings and a typo

commit 29d87f88790aa1b3e5db6df650ecfb3fb93c675b
Author: HD Moore <hdm@digitaloffense.net>
Date:   Mon Feb 27 11:54:29 2012 -0600

    Fix ctype vs content_type typo

commit 83b5400356c47dd1973e6be3aa343084dfd09c73
Author: Gregory Man <man.gregory@gmail.com>
Date:   Sun Feb 26 15:38:33 2012 +0200

    Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x

commit 49c2c80b347820d02348d694cc71f1b3028b4365
Author: Steve Tornio <swtornio@gmail.com>
Date:   Sun Feb 26 07:13:13 2012 -0600

    add osvdb ref

commit e18e1fe97b89c3a2b8c22bc6c18726853d2c2bee
Author: Matt Andreko <mandreko@gmail.com>
Date:   Sat Feb 25 18:02:56 2012 -0500

    Added aspx target to msfvenom.  This in turn added it to msfencode as well.
    Ref: https://github.com/rapid7/metasploit-framework/pull/188
    Tested on winxp with IIS in .net 1.1 and 2.0 modes

commit e6aa5072112d79bbf8a4d2289cf8d301db3932f5
Author: Joshua J. Drake <github.jdrake@qoop.org>
Date:   Sat Feb 25 13:00:48 2012 -0600

    Fixes #6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver

commit b3371e8bfeea4d84f9d0cba100352b57d7e9e78b
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 17:07:42 2012 -0700

    Simplify logic for whether an inner iface has the same address

commit 5417419f35a40d1c08ca11ca40744722692d3b0d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:58:16 2012 -0700

    Whitespace

commit 9036875c2918439ae23e11ee7b958e30ccc29545
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:53:45 2012 -0700

    Set session info before worrying about address

    get_interfaces can take a while on Linux, grab uid and hostname earlier
    so we can give the user an idea of what they popped as soon as possible.

commit f34b51c6291031ab25b5bfb1ac6307a516ab0ee9
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:48:42 2012 -0700

    Clean up rdoc

commit e61a0663454400ec66f59a80d18b0baff4cb8cd9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:54:45 2012 -0600

    Ensure the architecture is only the first word (not the full WOW64
    message in some cases)

commit 4c701610976a92298c1182eecc9291a1b301e43b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:49:17 2012 -0600

    More paranoia code, just in case RHOST is set to whitespace

commit c5ff89fe3dc9061e0fa9f761e6530f6571989d28
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:47:01 2012 -0600

    A few more small bug fixes to handle cases with an empty string target
    host resulting in a bad address

commit 462d0188a1298f29ac83b10349aec6737efc5b19
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 03:55:10 2012 -0600

    Fix up the logic (reversed by accident)

commit 2b2b0adaec2448423dbd3ec54d90a5721965e2df
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 23:29:52 2012 -0600

    Automatically parse system information and populate the db, identify and
    report NAT when detected, show the real session_host in the sessions -l
    listing

commit 547a4ab4c62dc3248f847dd5d305ad3b74157348
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:16:03 2012 -0600

    Fix typo introduced

commit 27a7b7961e61894bdecd55310a8f45d0917c5a5c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:11:38 2012 -0600

    More session.session_host tweaks

commit e447302a1a9915795e89b5e29c89ff2ab9b6209b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:08:20 2012 -0600

    Additional tunnel_peer changes

commit 93369fcffaf8c6b00d992526b4083acfce036bb3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:06:21 2012 -0600

    Additional changes to session.session_host

commit c3552f66d158685909e2c8b51dfead7c240c4f40
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:00:19 2012 -0600

    Merge changes into the new branch
2012-02-28 18:29:39 -07:00
Raphael Mudge 4adbb88078 Armitage 02.29.12
--------
This update adds an icon for VMWare ESX/ESXi systems, improves the token stealing UX, and improves the file
browser's responsiveness.
2012-02-28 20:19:17 -05:00
sinn3r debbba9623 Add OSVDB-55938: D-Link DAP1353 Default Password for SSH admin 2012-02-26 01:20:16 -06:00
sinn3r 91f56b0fd5 Add default password for CVE-2009-3710 2012-02-26 01:18:08 -06:00
James Lee eccd62717e Binaries for new netlink code
Includes a Windows dll to add support for route metrics.
2012-02-24 16:42:13 -07:00
David Maloney d3fad51f3a Fix my screwup in winscp for servicename 2012-02-21 20:31:52 -06:00
Tod Beardsley b65d448a15 Merge pull request #189 from rsmudge/armitage
Armitage 02.21.12
2012-02-21 09:11:35 -08:00
Raphael Mudge de71a77085 Armitage 02.24.12
--------
This release fixes the parsing of meterpreter's ps output. Added cut/copy/paste
menus to the module launcher dialog (when editing values).
2012-02-21 11:50:23 -05:00
HD Moore 0023b46009 permission tweak 2012-02-18 14:39:52 -06:00
sinn3r bb5e4a1600 Modules don't need to register VERBOSE, because it's already there 2012-02-17 21:07:44 -06:00
juan e69037959f Added CVE-2010-0842 2012-02-15 23:32:31 +01:00
sinn3r 3c26ea63d5 Merge pull request #176 from rsmudge/armitage
Armitage 02.14.12 - Several bug fixes and stability improvements.
2012-02-13 20:52:46 -08:00
James Lee e17937ab35 And a bin with less redundantly verbose verbosity 2012-02-13 18:41:51 -07:00
Raphael Mudge 3a5de30d9e Armitage 02.14.12 - Several bug fixes and stability improvements. 2012-02-13 20:10:50 -05:00
James Lee 555b981b26 Smaller, non-debug versions of all linux bins
This is a significant size savings on the extensions, not so big a deal
on the main stage since that was already stripped.
2012-02-10 15:57:01 -07:00
Patroklos Argyroudis 5f35ac8e01 Adjusted the function pointer to the right offset 2012-02-06 16:39:10 +02:00
Patroklos Argyroudis 2bf1ebe9d7 Mac OS X x64 Mach-o binary template 2012-02-06 16:15:36 +02:00
James Lee e045accfc3 Refactor interface listing
[See #6328]
2012-02-02 00:14:38 -07:00
James Lee a8e3d7b413 New bin after fix from #6322
[See #6322]
2012-01-31 17:33:32 -07:00
James Lee fae4f5d132 Move IPv6 handling into connect()
This allows portfwd and friends to work through the session.
2012-01-31 02:46:57 -07:00
HD Moore 0b8987f2af Merge results initialization fix 2012-01-31 01:29:44 -06:00
HD Moore ec5fd723ba Merge in additional IPv6 support for PHP payloads 2012-01-31 01:11:55 -06:00
HD Moore 3ed8643dbc Permission changes 2012-01-31 00:33:21 -06:00
sinn3r df57529b9c Add CMS400 wordlist (for feature #6301) 2012-01-30 10:40:23 -06:00
scriptjunkie fd9aab4de1 Get output format list in msfgui dynamically from RPC. 2012-01-28 23:38:46 -05:00
James Lee e48da7b7db Merge branch 'stat-struct-fixes'
Conflicts:
	data/meterpreter/ext_server_stdapi.lso
2012-01-27 19:07:27 -07:00
James Lee 2182026352 Bin for stat fixes 2012-01-27 18:58:26 -07:00
James Lee 4fb3f1649c New bins, hopefully all the compile flags are happy
See #6268
2012-01-27 18:10:47 -07:00
sinn3r 3f4dbd9df6 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-01-27 01:58:42 -06:00
Stephen Haywood efda420e5f Updates to enum_artifacts 2012-01-26 19:35:39 -05:00
Tod Beardsley 33c53b1f3f Updates vm checking 2012-01-26 13:02:39 -06:00
James Lee bddeb9912b New (hopefully) i386-compat bins for linux meterp
Another stab at getting compatibility for older processors

See #6268
2012-01-25 17:59:32 -07:00
James Lee 54429ca5a7 Add stripped, non-debug versions of bins
Makes for much smaller extensions, although the main stage is still pretty
hefty.
2012-01-23 16:45:18 -07:00
James Lee 53eb850c51 Adds i386 bins for linux meterpreter
See #6268
2012-01-23 15:24:21 -07:00
David Maloney 06b1bffcea Addresses an issue with udp sweep module that recorded services
from non-specified hosts when they respond to broadcast probes.
2012-01-20 15:34:15 -06:00
sinn3r ab0c73ef3f Merge pull request #115 from rsmudge/armitage
Armitage 01.19.12
2012-01-19 08:01:17 -08:00
Raphael Mudge 335bbcf33c Armitage 01.19.12
This release exports more data and fixes several bugs.
2012-01-18 17:23:41 -05:00
Stephen Haywood 6ad2eda24c Windows artifacts module 2012-01-12 17:26:35 -06:00
Stephen Haywood 2e60d2e01a Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-01-06 17:46:42 -05:00
Stephen Haywood 72072c4ef3 Added enum_artifacts 2012-01-06 17:43:50 -05:00
David Maloney ba86e8a04f Added PROPFIND support to http_login
This allows http_login to test against WebDAV.
Also added XAMPP default usernames and passwords to default wordlists
2012-01-05 12:10:53 -08:00
Tod Beardsley e28ccc33c7 Merge pull request #92 from rsmudge/armitage
Armitage 1.5.12
2012-01-05 11:05:35 -08:00
Raphael Mudge 46964a6be7 Armitage 1.5.12 - Performance and bandwidth optimizations in the team server, improved Java meterpreter interface, and
greatly overhauled Armitage's data export capability. Now users may select to export all data or any workspace.
2012-01-05 04:55:58 -05:00
sinn3r c122ec34bc Add default SSH credential for Op5 system CenOS VM image 2012-01-03 15:13:35 -06:00
sinn3r 23f2a189d7 Merge pull request #89 from rsmudge/armitage
Armitage 12.30.11
2011-12-30 08:21:04 -08:00
Raphael Mudge 3fae5ada9f Armitage 12.30.11 - This release improves performance for Armitage's collaboration mode, rewrites the MSF Scans feature,
and adds a drag'n'drop feature to launch a module against a particular host.
2011-12-30 03:14:43 -05:00
scriptjunkie 1e811aed02 Adds scriptjunkie's multilingual admin fie for pxexploit
Also removes duplicated code between external/source/exploits/pxesploit
and external/source/pxesploit.

[Closes #63]

Squashed commit of the following:

commit 325f52527233ded1bf6506c366ec8cb9efdc2610
Author: scriptjunkie <scriptjunkie@scriptjunkie.us>
Date:   Fri Dec 16 12:14:18 2011 -0600

    Jetzt auf Deutsch! y español! 中國人!
    [update pxexploit to resolve administrators' group name rather than assume the English 'Administrators']
    Also remove duplicate/old pxexploit source code from the tree.
2011-12-23 12:24:45 -06:00
scriptjunkie 5bad92e021 Gui Bugfixen: Msgpack-error-fixen, Unneccessary-error-message-removen, popup-showen, und lock-contention-reducen.
Viel besser!
2011-12-16 09:52:12 -06:00
HD Moore 1ea3075a9b Merge pull request #52 from rsmudge/armitage
Armitage 12.12.11
2011-12-11 20:37:31 -08:00
Raphael Mudge fbe54c8d80 Armitage 12.12.11 - this release fixes several bugs, polishes a few features, and adds
better troubleshooting information to aid users.
2011-12-11 20:20:01 -05:00
scriptjunkie e34555dc22 Remove XML RPC option for msfgui. 2011-12-11 14:44:12 -06:00
HD Moore e46745b761 Add support for link-local scopes 2011-12-10 13:24:58 -06:00
David Maloney d939e33f1e Allows for Loot and Tasks to be imported from an MSF ZIP.
This should bring any loots and tasks along with
everything else when doing an improt from an MSF ZIP file.
2011-12-05 22:30:34 -05:00
HD Moore 72d96c43c2 Migrate wmap tables to inet() column types 2011-12-05 13:07:36 -06:00
HD Moore 3888a3c610 Fix up the inet migration to cast properly 2011-12-05 13:07:25 -06:00
HD Moore 9aee30fd0a Convert host.address to inet(), remove address6 2011-12-05 13:07:25 -06:00
sinn3r c5302e13ac Slight changes 2011-12-01 03:02:08 -06:00
sinn3r f64f0eefda Add class file for CVE-2011-3544 2011-11-29 18:06:20 -06:00
Tod Beardsley 50c19ffaa2 Merge pull request #29 from rsmudge/armitage
Armitage 11.22.11
2011-11-23 08:16:22 -08:00
root b6800b1510 Armitage 11.22.11 - improved dynamic workspace features, more payload generation options 2011-11-22 20:04:53 -05:00
David Maloney 30d1451159 Consolidation of the Axis2 Deployer Exploits
Fixes #5276
2011-11-22 08:47:53 -08:00
sinn3r 3185b3471b Add template for CVE-2010-0822 2011-11-21 11:36:27 -06:00
root 114d83b307 Armitage 11.17.11 - bug fixes, better workspace management, etc. 2011-11-18 13:58:58 -05:00
Tod Beardsley 8fe435c091 Undeleting cpuinfo.ia64.bin 2011-11-17 08:47:49 -06:00
Dillon 66621632f0 added linux shell functionality to meterpreter's shell command. 2011-11-17 08:26:57 -06:00
scriptjunkie 8d58ea227f Add UAC bypass to default pxesploit attack. 2011-11-16 08:16:22 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive.
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
Raphael Mudge 82424a4682 Armitage 11.13.11
This release removes dependence on db_autopwn, moves to msgpack, and
talks directly to the postgresql database. Key logging, file download
management, and the workspace features were overhauled too.
2011-11-13 20:00:14 -05:00
scriptjunkie 8358edac2e Add badchars field to msfgui payload popup, so badchars can be added (in hex form) 2011-11-11 14:05:58 -06:00
HD Moore 96766edfd0 Permission changes (to sync) 2011-11-10 19:48:32 -06:00
Matt Weeks ce5b999e5e Change of case on error message and convert db time field to date.
git-svn-id: file:///home/svn/framework3/trunk@14199 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 03:48:50 +00:00
Matt Weeks fb6e828a30 Only poll for sessions/jobs once a connection comes in.
git-svn-id: file:///home/svn/framework3/trunk@14198 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 03:13:29 +00:00
Matt Weeks 2dd0417941 Fix progress bar on initial start.
git-svn-id: file:///home/svn/framework3/trunk@14195 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 21:28:39 +00:00
HD Moore aecd022587 Roll back to an older version of the sniffer extension, remove the 64-bit extension until the linking problems are resolved
git-svn-id: file:///home/svn/framework3/trunk@14194 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 21:17:20 +00:00
Matt Weeks 0b4996a38c Put tables into an array.
git-svn-id: file:///home/svn/framework3/trunk@14178 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 01:54:24 +00:00
Matt Weeks b1bb0ae729 Backward-compatible for recent DB changes.
git-svn-id: file:///home/svn/framework3/trunk@14177 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 00:17:09 +00:00
Wei Chen aeaea65896 Add template file for ms11-021
git-svn-id: file:///home/svn/framework3/trunk@14168 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:04:54 +00:00
Matt Weeks 4629c0867b Address #5887 and #5888 for RPC DB and msfgui
git-svn-id: file:///home/svn/framework3/trunk@14167 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 18:12:10 +00:00
Matt Weeks 11c5801895 Clean up error opening Events table and reading new database credentials.
git-svn-id: file:///home/svn/framework3/trunk@14123 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-30 22:24:29 +00:00
Wei Chen e03be02298 paths for module sap_icm_urlscan
git-svn-id: file:///home/svn/framework3/trunk@14025 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 08:41:14 +00:00
Matt Weeks cf9ad43683 Specify MsgPack API Version.
git-svn-id: file:///home/svn/framework3/trunk@14019 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 22:21:36 +00:00
Raphael Mudge a5cc833d74 added a menu item to dump hashes uses lsass (hashdump ) or registry (smart_hashdump) methods.
git-svn-id: file:///home/svn/framework3/trunk@13980 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 17:46:02 +00:00
Raphael Mudge 7c0a643eb3 don't block on rev2self; added dialog to list/steal tokens.
git-svn-id: file:///home/svn/framework3/trunk@13922 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 03:49:23 +00:00
Raphael Mudge 41c46c5e46 reworked options Armitage passes to use VNC through meterpreter
git-svn-id: file:///home/svn/framework3/trunk@13911 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 07:42:04 +00:00
Raphael Mudge a62256c1c4 added support for payload_inject post module (pretty sweet stuff)
git-svn-id: file:///home/svn/framework3/trunk@13910 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 03:57:26 +00:00
Raphael Mudge 67453af31f Armitage 10.12.11 - adds the ability to take screenshots of tabs, moves from hashdump to smart_hashdump
git-svn-id: file:///home/svn/framework3/trunk@13901 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 23:42:00 +00:00
Tod Beardsley 76815d9ca8 Adding a migration to allow for report names.
git-svn-id: file:///home/svn/framework3/trunk@13873 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 18:19:23 +00:00
Tod Beardsley ec557d4176 Adding a (probably very temporary) table for module reporting maintence. Don't count on it being there for long.
git-svn-id: file:///home/svn/framework3/trunk@13805 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-29 21:11:52 +00:00
Matt Weeks a82adb14f9 Allow boolean options of true and True as well as 0 and 1.
git-svn-id: file:///home/svn/framework3/trunk@13796 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-26 19:16:02 +00:00
Raphael Mudge d079cf8ca5 improved performance of "launch exploit in its own tab" option
git-svn-id: file:///home/svn/framework3/trunk@13794 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-26 14:27:45 +00:00
Raphael Mudge d29019b9fc Armitage 09.26.11 -- rearrange tabs through drag and drop, export data from metasploit, and zoom out or in on screenshots/webcam snapshots. The show_all_commands option is on by default now too.
git-svn-id: file:///home/svn/framework3/trunk@13793 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-26 04:23:36 +00:00
Matt Weeks ab4026cfb5 And do the same for pivoted PXE attacks.
git-svn-id: file:///home/svn/framework3/trunk@13780 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 16:16:47 +00:00
HD Moore 2d45218d2a Expand this to text
git-svn-id: file:///home/svn/framework3/trunk@13771 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 06:18:09 +00:00
Matt Weeks 7a3be4fe38 Allow hidden windows to resurrect properly after restart.
git-svn-id: file:///home/svn/framework3/trunk@13770 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 03:04:34 +00:00
Matt Weeks b3f29cbddf Fix MsgRPC over SSL support.
git-svn-id: file:///home/svn/framework3/trunk@13754 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 23:02:31 +00:00
Matt Weeks 10bf0fbe84 Whoops. Reset would be reset, not stop.
git-svn-id: file:///home/svn/framework3/trunk@13752 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 20:26:09 +00:00
Matt Weeks 9ada448a16 Replace references to tabbedPane since that may not exist.
git-svn-id: file:///home/svn/framework3/trunk@13746 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 15:09:04 +00:00
James Lee c6c133673f add reverse_https support for java meterpreter, fixes #5288; thanks mihi!
git-svn-id: file:///home/svn/framework3/trunk@13741 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 21:10:11 +00:00
Matt Weeks 0293417c29 Whoops - make status bar visible again.
git-svn-id: file:///home/svn/framework3/trunk@13732 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-15 00:29:11 +00:00
Matt Weeks 5847de9435 Whoops fix pane splitting.
And minor scroll speed improvement on payload popup.



git-svn-id: file:///home/svn/framework3/trunk@13720 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 00:49:41 +00:00
Matt Weeks ea2a1be834 Save and restore splitpane layout
fix issues with splitpane layout - focus locking with multiple panes & splitting panes that can't be split


git-svn-id: file:///home/svn/framework3/trunk@13719 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 20:59:28 +00:00
Matt Weeks adcc9fcbbb Fix issue with URI decoding.
git-svn-id: file:///home/svn/framework3/trunk@13717 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 03:47:01 +00:00
Matt Weeks 35a6f26654 Add pane-splitting.
git-svn-id: file:///home/svn/framework3/trunk@13714 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 00:21:01 +00:00
Raphael Mudge f3311fa4ef Armitage 09.08.11: This release fixes several bugs, adds an option to get more feedback when launching exploits, and highlights messages posted to the event log when its inactive. It's also possible to open tabs in their own windows and to instruct Armitage to attempt all known credentials to login to a service.
git-svn-id: file:///home/svn/framework3/trunk@13707 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-08 05:02:28 +00:00
Matt Weeks 135e4c25e3 Start msfrpcd in root of metasploit tree to avoid path issues.
git-svn-id: file:///home/svn/framework3/trunk@13693 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-04 21:55:08 +00:00
Mario Ceballos 2f2421badc initial coverage of the pnsize bug (fileformat)
git-svn-id: file:///home/svn/framework3/trunk@13691 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 21:17:58 +00:00
David Rude 0b72c931b6 Adds the nsepa.ocx ActiveX control for CVE-2011-2882
git-svn-id: file:///home/svn/framework3/trunk@13668 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:23:27 +00:00
David Rude 3e30fb3d90 Add wordlist for tomcat module
git-svn-id: file:///home/svn/framework3/trunk@13655 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 03:14:04 +00:00
Matt Weeks a57769f336 Address a few remaining MsgPack/XML differences,
remove Msg warning.



git-svn-id: file:///home/svn/framework3/trunk@13649 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-28 21:09:03 +00:00
Matt Weeks b3d169b590 Standardize locking and tabbing for GUI.
git-svn-id: file:///home/svn/framework3/trunk@13648 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-28 20:29:06 +00:00
Matt Weeks 6853221762 Fixes #5313 by adding logging support to pivoted PXE attacks, and displaying results as the module runs.
git-svn-id: file:///home/svn/framework3/trunk@13646 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-27 15:46:49 +00:00
Matt Weeks 06c3dabe31 Fixes #5312 for pivoted PXE attacks.
git-svn-id: file:///home/svn/framework3/trunk@13634 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 02:07:35 +00:00
Matt Weeks 53e43fa847 whoops. Use these, not the dhcpserv.cpp/h
git-svn-id: file:///home/svn/framework3/trunk@13633 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 01:41:57 +00:00
Matt Weeks ce9db06589 Add localboot config for PXE.
git-svn-id: file:///home/svn/framework3/trunk@13628 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 21:26:41 +00:00
Matt Weeks 4ec69f3dfd Fix more encoding issues with msgpack RPC, especially with payload generation/encoding.
git-svn-id: file:///home/svn/framework3/trunk@13623 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 20:31:18 +00:00
Matt Weeks 161b4eacb5 Fix some base64 encoding issues with MsgPack.
Use "busy" indicator in console.



git-svn-id: file:///home/svn/framework3/trunk@13617 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 03:05:09 +00:00
Matt Weeks 7a933bdf2c MessagePack support for GUI. Woohoo! Still backend errors though; see #5309
git-svn-id: file:///home/svn/framework3/trunk@13616 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 01:06:53 +00:00
Matt Weeks 31d1628dde Some payload fixes
git-svn-id: file:///home/svn/framework3/trunk@13596 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 02:18:20 +00:00
James Lee 851bc8d7b8 add a single shell payload for java, partially reverts r13213
git-svn-id: file:///home/svn/framework3/trunk@13588 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:31:19 +00:00
HD Moore 25100584eb Related to r13582 (binaries)
git-svn-id: file:///home/svn/framework3/trunk@13583 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:10:13 +00:00
HD Moore fba3506918 Rework indexes to avoid a postgres issue
git-svn-id: file:///home/svn/framework3/trunk@13552 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 20:26:45 +00:00
Wei Chen 5559eec7c9 Add trigger file for MS10-026
git-svn-id: file:///home/svn/framework3/trunk@13545 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:01:59 +00:00
Wei Chen 7190888266 Add custom .Net control for exploit ms10-026
git-svn-id: file:///home/svn/framework3/trunk@13544 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:01:00 +00:00
Matt Weeks f12742a05f Better cleanup for PXE attacks.
git-svn-id: file:///home/svn/framework3/trunk@13518 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 02:57:02 +00:00
Matt Weeks b2733c04db More PXE dust for extra magic!
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-05 17:10:27 +00:00
HD Moore 8a7681b987 Missing dependencies for JTR on Win32
git-svn-id: file:///home/svn/framework3/trunk@13459 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-31 20:13:45 +00:00
Raphael Mudge 3544226ae1 fixed hashdump in Armitage (wasn't reporting all dumped credentials to creds db)
git-svn-id: file:///home/svn/framework3/trunk@13457 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-31 19:27:27 +00:00
Matt Weeks f866b3ecdf Use different check to see if SSL will work.
git-svn-id: file:///home/svn/framework3/trunk@13440 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-31 00:56:40 +00:00
HD Moore b8da8e755f Add additional indexes to the schema
git-svn-id: file:///home/svn/framework3/trunk@13437 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 22:59:40 +00:00
Matt Weeks 630fb999f8 Don't display or load events table by default. Also, only reload visible windows on refresh.
git-svn-id: file:///home/svn/framework3/trunk@13436 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:51:07 +00:00
Raphael Mudge e80f1951ba oops, typo in function to view loot locally.
git-svn-id: file:///home/svn/framework3/trunk@13432 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:02:08 +00:00
Raphael Mudge c5de25781f removed a restriction preventing users from clearing default workspace. Also modified module launcher to automatically escapes paths on Windows.
git-svn-id: file:///home/svn/framework3/trunk@13431 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 19:47:20 +00:00
Matt Weeks 8447141a0c Include check for crypto algorithm support.
git-svn-id: file:///home/svn/framework3/trunk@13430 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 19:38:35 +00:00
Matt Weeks b4a58989c4 Give choice of rpcd to connect to when last remembered connection is still running.
git-svn-id: file:///home/svn/framework3/trunk@13424 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 15:22:27 +00:00
Raphael Mudge ddc2696974 improved Armitage UI responsiveness and reliability through several changes.
git-svn-id: file:///home/svn/framework3/trunk@13418 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 06:07:25 +00:00
Jonathan Cran d4e85c1dfa sample lab configuration
git-svn-id: file:///home/svn/framework3/trunk@13409 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 18:21:45 +00:00
Raphael Mudge d83606af6e let's try that again, small bug fix to restore client-side attack menus.
git-svn-id: file:///home/svn/framework3/trunk@13388 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 15:05:21 +00:00
Raphael Mudge c361f45980 Armitage 07.28.11 - Users may now configure payloads for client-side exploits through module launcher. Added a payload helper. Fixed several bugs.
git-svn-id: file:///home/svn/framework3/trunk@13387 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 14:48:56 +00:00
Tod Beardsley 2c73f47046 Widen the cred ptype column.
git-svn-id: file:///home/svn/framework3/trunk@13384 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 22:05:56 +00:00
amaloteaux b9bb5c454d psnuffle : add a smb protocol decoder
git-svn-id: file:///home/svn/framework3/trunk@13375 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 18:06:28 +00:00
James Lee b412dac37f sniffer works, see #2418
git-svn-id: file:///home/svn/framework3/trunk@13360 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 06:29:49 +00:00
James Lee 3fe4c2524c add linux bins to go with r13346
git-svn-id: file:///home/svn/framework3/trunk@13349 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 21:17:00 +00:00
HD Moore 0b331ac7b7 Commit new bins
git-svn-id: file:///home/svn/framework3/trunk@13347 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 20:54:51 +00:00
James Lee 0f95070f3f add a request type for grabbing the host's directory separator, fixes #4892
git-svn-id: file:///home/svn/framework3/trunk@13346 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 20:51:33 +00:00
Tod Beardsley c54e18d757 Fixes #5038. Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
Raphael Mudge 5653e865aa update to call db.creds the correct way.
git-svn-id: file:///home/svn/framework3/trunk@13310 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-23 04:58:30 +00:00
Matt Weeks 9ebbe84a4a Update to version 4.
Add first-run detection that farms out database initialization to msfconsole.
Autostart RPC if no other option is selected.
Check for RPC death in startup.
More lenient socket timeouts.



git-svn-id: file:///home/svn/framework3/trunk@13301 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-23 00:05:38 +00:00
Raphael Mudge fc3ef02698 Armitage now calls db.loots and db.creds rather than parsing output of creds and loots commands directly.
git-svn-id: file:///home/svn/framework3/trunk@13288 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 21:44:00 +00:00
Raphael Mudge 7c16ed5efb Armitage 07.19.11 - you may now run a post-module against multiple sessions at once. Shift+click on a tab to close all tabs with the same name. This release also further improves the logging feature.
git-svn-id: file:///home/svn/framework3/trunk@13236 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 20:36:12 +00:00
James Lee 3c261c346f add support for java/meterpreter/reverse_http. assuming i didn't miss any files, fixes #4946, thanks mihi!
git-svn-id: file:///home/svn/framework3/trunk@13213 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 23:15:06 +00:00
HD Moore 16840ebfa5 Add profiles table
git-svn-id: file:///home/svn/framework3/trunk@13202 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 21:39:21 +00:00
James Lee 1d25a6d7d1 add an exploit for java's rmid and rmiregistry code-execution-by-design and supporting source. fixes #4378, thanks mihi!
git-svn-id: file:///home/svn/framework3/trunk@13185 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 20:42:31 +00:00
James Lee f8a307f873 use append mode for stderr when creating processes with proc_open in windows, see http://us2.php.net/manual/en/function.proc-open.php#97012 . also, if windows doesn't give us a valid path to cmd.exe from the COMSPEC env var, just use cmd.exe and hope it's in the path
git-svn-id: file:///home/svn/framework3/trunk@13176 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 20:34:05 +00:00
Matt Weeks 8f79fd1e5f Add "crack passwords" option.
git-svn-id: file:///home/svn/framework3/trunk@13169 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 03:06:07 +00:00
Matt Weeks fdf6660a55 Properly filter error messages which have changed,
escape options passed through command line,
run database reload in separate thread,
and make connecting to the database even more automagical.



git-svn-id: file:///home/svn/framework3/trunk@13168 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 02:39:16 +00:00
Matt Weeks 338a13baac Fix minor error.
git-svn-id: file:///home/svn/framework3/trunk@13167 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 02:36:42 +00:00
Raphael Mudge 83f8017bb0 Armitage 07.12.11 - Added post-module recommendations for a session and "crack passwords" button in credentials tab. Fixed a race condition causing file browser updates to fail occasionally. Enhanced the loot viewer.
git-svn-id: file:///home/svn/framework3/trunk@13159 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-13 01:36:23 +00:00
HD Moore 7737cb22d9 Make sure KoreLogic is attributed
git-svn-id: file:///home/svn/framework3/trunk@13150 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-11 01:15:40 +00:00
HD Moore 90ced404b3 Updates to the jtr code, supports ruby 1.8.7 now, fixes #4908
git-svn-id: file:///home/svn/framework3/trunk@13149 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-11 01:07:46 +00:00
HD Moore a4ea859a4f Check in a snapshot of jtr
git-svn-id: file:///home/svn/framework3/trunk@13135 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-09 02:11:54 +00:00
Wei Chen 83cb04c0d6 Add x64 elf default template
git-svn-id: file:///home/svn/framework3/trunk@13128 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-08 19:22:13 +00:00
HD Moore 84dee0f06c Add a quick little cpuinfo tool
git-svn-id: file:///home/svn/framework3/trunk@13120 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 20:31:15 +00:00
James Lee f01d29e4a5 add support for absolute paths, fixes #4874
git-svn-id: file:///home/svn/framework3/trunk@13108 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-06 21:35:51 +00:00
Raphael Mudge 3fd8320501 Armitage 070211 - added logging, fixed several bugs, usability improvements.
git-svn-id: file:///home/svn/framework3/trunk@13091 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-02 22:59:52 +00:00
HD Moore ec6ef32002 Merge in the binaries
git-svn-id: file:///home/svn/framework3/trunk@13090 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-02 04:04:22 +00:00
James Lee 9e4b36d7ac keep channels around until all their data has been read, fixes #4818, and see #4688
git-svn-id: file:///home/svn/framework3/trunk@13077 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-30 10:28:04 +00:00
HD Moore 17145d07b6 Add some new tables
git-svn-id: file:///home/svn/framework3/trunk@13074 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-30 06:49:04 +00:00
James Lee 68185cb48d fix a deadlock when trying to kill spawned processes
git-svn-id: file:///home/svn/framework3/trunk@13073 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-30 05:44:27 +00:00
HD Moore b7a0ac7989 Posix style (bins)
git-svn-id: file:///home/svn/framework3/trunk@13062 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-29 06:31:14 +00:00
HD Moore 92bb531af5 New bins, new functions, more info soon
git-svn-id: file:///home/svn/framework3/trunk@13059 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-29 06:12:03 +00:00
HD Moore 9220506ba2 Merge in recent meterpreter work. These are not the commits you are looking for (more info on what all this is later this week).
git-svn-id: file:///home/svn/framework3/trunk@13053 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-28 21:26:43 +00:00
James Lee 606b8e68b6 add svn repo cert fingerprints. hopefully fixes some update problems on installations before this change went into the installers (3.7.2)
git-svn-id: file:///home/svn/framework3/trunk@13043 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 20:30:44 +00:00
HD Moore 0d0f3804bb Merge in the macro column
git-svn-id: file:///home/svn/framework3/trunk@13027 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 18:18:24 +00:00
HD Moore e4eb2a4af0 Add a new table for managing background listeners
git-svn-id: file:///home/svn/framework3/trunk@13024 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 06:57:47 +00:00
Matt Weeks 234bbda9eb And compiled.
git-svn-id: file:///home/svn/framework3/trunk@13022 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 03:53:55 +00:00
HD Moore 25a2d846e2 Add the settings column
git-svn-id: file:///home/svn/framework3/trunk@13011 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 07:04:20 +00:00
HD Moore fbe525873a Add the new macro table
git-svn-id: file:///home/svn/framework3/trunk@12929 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 19:04:05 +00:00
HD Moore db413592e9 This commit adds support for the -r (remote machine name) parameter to the reg command and extends the api to support a remote machine name. Closes #1894
git-svn-id: file:///home/svn/framework3/trunk@12924 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 00:01:29 +00:00
HD Moore 6dd65e56f2 All changes look good, merging
git-svn-id: file:///home/svn/framework3/trunk@12921 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 23:17:42 +00:00
HD Moore 36d4de74f8 Fresh meterpreter binaries, including a 64-bit version of the sniffer extension
git-svn-id: file:///home/svn/framework3/trunk@12915 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 22:41:08 +00:00
Matt Weeks 2ea3e5ee0f Fix issues with showing popups on exit, and make it clear why start/connect fails on bad creds.
git-svn-id: file:///home/svn/framework3/trunk@12914 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 22:25:14 +00:00
Tod Beardsley 3fde9c6f1f Reworking how imported crendentials work.
git-svn-id: file:///home/svn/framework3/trunk@12908 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 02:40:02 +00:00
James Lee d1b971c5f2 no need for a static sig anymore
git-svn-id: file:///home/svn/framework3/trunk@12835 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 00:13:44 +00:00
Matt Weeks d4e9e303c6 rejigger session list columns.
git-svn-id: file:///home/svn/framework3/trunk@12789 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 23:09:44 +00:00
Jonathan Cran 1e35034d36 updated lab yml
git-svn-id: file:///home/svn/framework3/trunk@12778 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 01:14:01 +00:00
HD Moore cab5d26181 Add the database table for api keys
git-svn-id: file:///home/svn/framework3/trunk@12755 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-28 03:41:37 +00:00
HD Moore 96e6e22795 Add the task_id to the reports table
git-svn-id: file:///home/svn/framework3/trunk@12751 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 23:57:56 +00:00