infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,519 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

5209 Commits (4bd9b0c94a35c58f33f39398b97b2689deff5442)

Author SHA1 Message Date
HD Moore 4bd9b0c94a Quick typo fix 2012-06-25 00:41:45 -05:00
HD Moore f7dca272b6 IE 10/Win8 detection support 2012-06-25 00:36:49 -05:00
sinn3r 4d2e74e2ad Need to account for the fact the server may timeout during operation 
See the following issue for more info:
http://dev.metasploit.com/redmine/issues/4866
 2012-06-24 20:17:51 -05:00
Tod Beardsley dfe0e10dc6 Adding kernelsmith's -a datastore opt 
Works well enough on its own. Note that you cannot mix -g and -a since
set doesn't actually parse out dash options in a OptParse sort of way.

That said, setg -a seems to work well. This mixing options business
will need to be addressed soon, but that day is not today.

[Closes #514]
 2012-06-22 16:01:38 -05:00
kernelsmith 1bcf241ec0 adds the -a (append) option to the console 'set' command 
if RHOST is currently 192.168.20.1
set -a RHOST 5
appends 5 to RHOST making it 192.168.20.15
 2012-06-22 01:23:54 -05:00
Joe Vennix 328f927829 Updated MDM, specifically the error message on tag name validation. 2012-06-20 13:50:50 -05:00
Joe Vennix f7f9c23a23 Revert "MDM update." 
This reverts commit 1b8d9446c9.
 2012-06-20 13:27:49 -05:00
Joe Vennix 1b8d9446c9 MDM update. 2012-06-20 13:12:47 -05:00
sinn3r 5a5166c90b Merge branch 'gather-ssh-cleanup' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-gather-ssh-cleanup 2012-06-20 12:07:23 -05:00
James Lee 60eedc46dd Remove nils before sorting 
Fixes a stack trace when one of the directory tests returns nil
 2012-06-20 10:44:36 -06:00
Samuel Huckins 68496d364a MDM update for report model validation 2012-06-18 08:57:32 -05:00
sinn3r 931f24b380 Merge branch 'php_apache_request_headers_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-php_apache_request_headers_bof 2012-06-16 14:56:45 -05:00
David Maloney 122b34c703 fix missing bock transitions 
the block objects weren't being transitioned over from the class
methods properly, so the callback blocks were never getting processed.
 2012-06-15 14:25:47 -05:00
jvazquez-r7 091b3bbbd9 Added module plus encoder for CVE-2012-2329 2012-06-15 00:29:52 +02:00
HD Moore e2c1657eb4 Adds a block callback to work with the replicant 
module instance prior to it being launched.
 2012-06-14 16:21:06 -05:00
Tod Beardsley bffb3571c2 Adding URL ref for db_autopwn deprecation message 2012-06-14 09:53:59 -05:00
James Lee 2683bb0ba7 Add deprecation warnings for old commands 
This should hopefully cut down a bit on support requests from people
asking about old commands  they read about in _Metasploit: The
Penetration Tester's Guide_
 2012-06-14 09:44:38 -05:00
HD Moore 9351e3ab25 MDM update to support fusion import 2012-06-13 14:02:40 -07:00
David Maloney 08cbd87541 Default mime-types to octet-stream 2012-06-13 14:48:58 -05:00
Jeff Jarmoc e820d23f73 Cleanup whitespace 2012-06-12 15:32:50 -05:00
Tod Beardsley 3756a5031f Adding carrierwave to metasploit's gemcache. 2012-06-12 14:47:50 -05:00
Michael Schierl 34ecc7fd18 Adding @schierlm 's AES encryption for Java 
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.

Squashed commit of the following:

commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date:   Wed Apr 4 00:45:24 2012 +0200

    Do not break other architectures
    even when using `setg AESPassword`

commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:50:42 2012 +0200

    binaries

commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:49:10 2012 +0200

    Add AES support to Java stager

    This is compatible to the AES mode of the JavaPayload project.

    I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
    is not the supposed way, but it works :-)
 2012-06-11 16:13:25 -05:00
David Maloney fc0dc23752 Some handling around empty elements 2012-06-10 17:04:47 -05:00
David Maloney a20c85a655 Remove binding.pry call 2012-06-10 17:01:31 -05:00
David Maloney f9999a3033 Add FusiuonVM Importer 
This adds a nokogiri stream parser for XML reports from
Critical Watch's FusionVM.
 2012-06-10 16:38:28 -05:00
James Lee 1be9ce8649 Fixes command parsing in Post::Common 
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
 2012-06-07 22:24:59 -06:00
James Lee a2751e3ccd Rdoc fixes 2012-06-06 17:04:54 -06:00
Joe Vennix a20cec75cc Rollback activerecord to 3.2.2 to prevent asset inclusion issues. 2012-06-06 11:08:39 -05:00
James Lee fc7293baae Arguments have to be joined with a space 
Fixes cmd_exec() calls with more than one argument
 2012-06-04 18:12:45 -06:00
David Maloney 7be365c299 Ignores SMTP Auth when no creds provided 
Do not try to auth if the suer provided no creds
 2012-06-04 16:41:36 -05:00
HD Moore f633281870 Straighten out the login error path for nexpose API calls 2012-06-04 15:21:04 -05:00
Samuel Huckins 2e15ecfbd7 MDM Update 2012-06-01 11:01:08 -05:00
sinn3r 9d6fc93ed3 Merge branch 'rubinius-gethostbyname' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-rubinius-gethostbyname 2012-06-01 00:39:52 -05:00
Samuel Huckins 35543d691d Now only loading MetasploitDataModels when not already loaded and 
contained objects not in namespace
[Story #30430877]
 2012-05-31 18:11:42 -05:00
James Lee fb1bf0b356 Work around a bug in rubinius 2012-05-31 16:48:34 -06:00
Joe Vennix daf5ae8e4b Updating to Rails 3.2.4. 
Among other fixes, this addresses the Rails security advisory
from 5/31/2012:

http://groups.google.com/group/rubyonrails-security/browse_thread/thread/7546a238e1962f59
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/f1203e3376acec0f

Thanks Joe and Trevor!

Squashed commit of the following:

commit d7031cebcc8a0f42f6980729c84b0ea6d24e0a9b
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:57:29 2012 -0500

    Update activerecord in gemcache to support rails 3.2.4. [#30507689]

commit c7369f6d6631647907a5d67ac163020a5ab5d6dc
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:53:01 2012 -0500

    Bump rails version.
 2012-05-31 17:09:59 -05:00
HD Moore 03b65c6a48 Handle cases where a user-agent was set via headers 2012-05-31 14:59:25 -05:00
James Lee fd67f7c37c Add cd and pwd to Post::File API 
Also changes working dir to /tmp (or %TMP% on Windows) when testing file
stuff.
 2012-05-30 13:52:48 -06:00
Brandon Perry e889d93924 missed @state[:bid] 2012-05-28 14:12:09 -05:00
Brandon Perry a3a308f74d fix tabs 2012-05-28 13:56:18 -05:00
Brandon Perry 820d5d2ec7 be a bit more defensive, check to make sur ethe data we think is there is there 2012-05-28 13:53:30 -05:00
James Lee 7c85a2796a Whitespace cleanup 2012-05-24 17:10:26 -06:00
James Lee 5bf973871c Space at EOF cleanup 2012-05-24 16:28:20 -06:00
James Lee e88501789c Make sure state is initialized 
Fixes a stack trace when the xml has osmatch before osclass. Thanks Sean
Carolan for the report!
 2012-05-24 10:43:30 -06:00
Tod Beardsley 0ecffd22b1 Make domain option requirement more clear 2012-05-24 10:11:08 -05:00
James Lee 22601180f3 Save the pilfered file as loot 2012-05-23 18:07:13 -06:00
James Lee dc08bc337b Default to ethernet if the server doesn't specify 
Still need to recompile sniffer, but this will fix the immediate problem
of stack traces and failing to save the pcap.
 2012-05-23 10:06:30 -06:00
James Lee e97994fdde Make sure matches is set 
Fixes a nil issue introduced by 17943c7
 2012-05-22 12:49:54 -06:00
James Lee 0c1d736fbc Hrm, out-of-order commits 
Looks like my cherry-pick'ing fu hosed the previous commits and somehow
left two copies of dump_references.
 2012-05-22 10:44:16 -06:00
James Lee 3bd0276ab3 Add references to info output for post modules 
[Fixes #6902] [Closes #409]

Squashed commit of the following:

commit e29bf83196e39853d12b58d77db1ffdb26fbb6eb
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 22 10:01:12 2012 -0600

    Add references to info output for post modules

commit e0147f0f05375d812ecfd55f9c2cb4bffabc1887
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 22 10:05:32 2012 -0600

    Put references after description for consistency
 2012-05-22 11:25:23 -05:00