infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,580 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

4301 Commits (4bff8f2cdccc16577e0200756f7d6cfa43905aac)

Author SHA1 Message Date
Spencer McIntyre 2d69174c5b Initial commit of the python meterpreter. 2013-08-05 23:38:49 -04:00
allfro 9180dd59fe Patch for string encoding issues with `msgpack` 
Fixes an issue that causes exploits to fail if the PAYLOAD option is the last option to get marshalled in an MSFRPC dictionary. The patch adjusts the string's encoding to match the internal default encoding used by Ruby. Hence, making `fetch()` succeed.
 2013-07-30 13:38:44 -04:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff 
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
 2013-07-29 21:47:52 -05:00
jvazquez-r7 05be76ecb7 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-29 16:41:22 -05:00
jvazquez-r7 593363c5f9 Land #2154, @wchen-r7's msfcli optimizations and refactoring 2013-07-29 16:38:32 -05:00
sinn3r a0decf502f Refactor msfcli 2013-07-28 12:40:50 -05:00
jvazquez-r7 4a0b33241f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-25 18:41:50 -05:00
sinn3r 7b7603a5e7 Land #2104 - reverse_https_proxy 2013-07-25 17:26:56 -05:00
jvazquez-r7 33f6f7e8fc Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-25 17:03:45 -05:00
William Vu 27a540e12f Land #1215, creds reuse for AuthBrute modules 2013-07-25 16:54:44 -05:00
William Vu dac9ac4a1d Land #2159, spool command nil dereference fix 2013-07-25 15:38:35 -05:00
James Lee a5ca516435 Fix nil deref in spool command 
Occurs when no module is currently `use`d
 2013-07-25 14:51:39 -05:00
jvazquez-r7 2b3dcaf678 Land #2157, @wvu and @averagesecurityguy patch for OpenVAS XML Reports importing 2013-07-25 12:04:38 -05:00
William Vu 97680304d6 Use index, since it can apparently do regex 2013-07-25 12:00:33 -05:00
jvazquez-r7 5014919198 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-25 09:02:20 -05:00
sinn3r 56367ef69c Update documentation 2013-07-24 19:04:47 -05:00
sinn3r 0fd2c385fb Update documentation 2013-07-24 19:02:10 -05:00
sinn3r e266d1bd0a Add comment about opts 2013-07-24 19:00:58 -05:00
sinn3r a71d7eb372 Update archive.rb to handle whitelist 2013-07-24 18:59:43 -05:00
sinn3r 9ae550c883 Do if [].empty?. Avoid msfcli running as a job 2013-07-24 18:35:06 -05:00
sinn3r ed51d284fa Change name, change how data is passed, fix rspec 2013-07-24 17:15:56 -05:00
jvazquez-r7 214f337f58 Fix indentation 2013-07-24 16:55:01 -05:00
Meatballs c221360cc1 Retab 2013-07-24 22:16:41 +01:00
sinn3r e120ecfba9 msfcli is designed to load only one module (auxiliary or exploit), 
so we shouldn't have to load all of them to run this utility. The
overall goal of this PR is to narrow down what modules
(exploit/aux + payload + encoder + nop) you possibly need in order
to shave off loading time. By doing this, on my box this is 5-6
seconds faster than the original one.

I actually tried to avoid making too many changes in the library
(such as Module Manager), because we don't have test cases for them,
and we can't really afford to risk breaking it. I also developed
a test script to actually be able to test msfcli.
 2013-07-24 14:40:46 -05:00
jvazquez-r7 e9a4f6d5da Merge branch 'dll_fix' of https://github.com/Meatballs1/metasploit-framework 2013-07-24 14:00:52 -05:00
Meatballs fee5fabb91 Revert x64 corruption changes 2013-07-24 19:59:04 +01:00
Meatballs 44cae75af1 Cleanup 2013-07-24 19:52:59 +01:00
Meatballs edc297756b Tabs 2013-07-24 19:14:11 +01:00
Meatballs 4b84b49674 Fix payload corruption 2013-07-24 19:08:02 +01:00
jvazquez-r7 47c21dfe85 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-24 11:42:11 -05:00
William Vu d493346691 Land #2137, fixes and specs for Opt containers 2013-07-23 15:58:09 -05:00
jvazquez-r7 b0c17fdebc Land #2002, @jlee-r7's patch for better handling uri resources 2013-07-23 15:49:21 -05:00
jvazquez-r7 99a345f8d1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-22 13:54:26 -05:00
jvazquez-r7 77e8250349 Add support for CWE 2013-07-22 12:13:56 -05:00
David Maloney 943dde5c6c OptRegexp specs 2013-07-20 18:44:55 -05:00
David Maloney d66779ba4c OptString specs and better validation 2013-07-20 17:49:03 -05:00
David Maloney d6f2b28708 More opt specs 2013-07-20 17:37:39 -05:00
Samuel Huckins 832db57171 Removed requirement for note.data to be present. It wasn't required in 
the model or in specs, but was in db.rb, resulting in an error during
certain import scenarios.
 2013-07-20 10:27:12 -05:00
David Maloney ec82644bd3 mo fixes mo specs 
SEERM #7536
SEERM #7537
 2013-07-18 15:00:57 -05:00
jvazquez-r7 1a5e0e10a5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-18 13:53:57 -05:00
sinn3r 9d92b38dc7 Land #2121 - add specs for module search filter 2013-07-18 13:50:26 -05:00
Joe Vennix 67d8c1170b Remove unnecessary whitespace. 2013-07-18 13:43:30 -05:00
David Maloney 57dd525714 More optaddressrange specs and fixes 
SEERM #7536
 2013-07-18 13:03:32 -05:00
Joe Vennix f4b0ab8184 Adds 141 passing specs to Msf::Module#search_filter. 
* tests exclusion functionality, type: matching, port: matching, app: matching,
   platform: matching, author: matching, text: matching, name: matching, and
   path: matching.
[RM #4790]
 2013-07-18 12:47:08 -05:00
David Maloney 22e4db04e0 opening specs and fixes for OptAddressRange 2013-07-18 12:44:48 -05:00
David Maloney 27e2469d8e Specs and code changes for OptAddress 
handles wierness around Optaddress.
Still need to address isues in optaddressRange

FIXRM #7537
 2013-07-17 20:21:24 -05:00
jvazquez-r7 58229ff8b7 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-17 20:18:48 -05:00
Tod Beardsley 72df070b80 Bump version to 4.8.0-dev, -rls is so fleeting 2013-07-17 16:43:24 -05:00
Tod Beardsley 8d1a760b1f Bump version to -rls 2013-07-17 16:42:37 -05:00
jvazquez-r7 11f8b351c0 Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework 2013-07-17 11:44:42 -05:00
Alexandre Maloteaux a5d526d710 remove metsrv.dll 2013-07-15 17:16:21 +01:00
Alexandre Maloteaux e28dd42992 add http authentification and socks 2013-07-15 15:36:58 +01:00
William Vu fdd577598a Land #2095, go_pro fix for Kali 2013-07-15 04:27:56 -05:00
Alexandre Maloteaux f48c70d468 enable tor and small fix 2013-07-13 17:59:49 +01:00
James Lee 94f8b1d177 Land #2073, psexec_psh 2013-07-12 16:14:17 -05:00
James Lee 91b748a701 Make it clear where we failed 
Even when VERBOSE=false
 2013-07-12 15:57:30 -05:00
corelanc0d3r e8983a21c5 New meterpreter payload reverse_https_proxy 2013-07-12 16:45:16 -04:00
William Vu e8294b4f02 Add tentative fixes 2013-07-12 07:12:07 -05:00
James Lee 1ac1d322f2 Dup before modifying 
Because `remove_resource` modifies @my_resources, we can't call it while
iterating over the actual @my_resources. The following snippet
illustrates why:

```
>> a = [1,2,3,4]; a.each {|elem| a.delete(elem); puts elem }
1
3
=> [2, 4]
```

[See #2002]
 2013-07-12 00:57:10 -05:00
James Lee 38e837dc28 Remove inaccurate comment 2013-07-11 22:48:35 -05:00
g0tmi1k a4d96d37f3 Updated regex 2013-07-11 21:16:02 +01:00
g0tmi1k ff62a85501 command_dispatcher/core.rb - Made msftidy happy 2013-07-11 10:52:25 +01:00
g0tmi1k b2fe31e30f go_pro - fix start with kali linux 2013-07-11 10:42:26 +01:00
William Vu f267c11bc4 Add regex fix 2013-07-10 15:43:16 -05:00
Tod Beardsley 56ffa4ae2f Fixes for network_interface PR #2085 
Implementing the suggestions from @limhoff-r7.

See #2085

FixRM #8023
FixRM #7943
 2013-07-10 13:25:06 -05:00
lsanchez-r7 4541a9e49e now with passing msftidy 2013-07-08 17:44:50 -05:00
lsanchez-r7 5c93fb2849 arp_sweep is once again working 
modified the capture mixin to use NetworkInteface instead of
pcaprub for interfaces and addresses

FIXRM #8023,#7943
 2013-07-08 17:24:28 -05:00
James Lee 00c7581099 Fix constant names and 'exe-only' 
That'll teach me to commit before the specs finish.

Really [FixRM #8149]
 2013-07-06 12:39:15 -05:00
James Lee 1b504197be Check equality instead of regex 
Thanks, @Meatballs1 for finding the cause of this bug!

[FixRM #8149]
 2013-07-06 12:29:37 -05:00
Meatballs 2bfe8b3b29 msftidy 2013-07-05 22:35:22 +01:00
Meatballs 0ce3fe2e7c Added service status checks to Post::Windows::Services 
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
 2013-07-05 22:25:04 +01:00
jvazquez-r7 0e2380c115 Fix method documentation 2013-07-05 11:19:53 -05:00
jvazquez-r7 bcf6d11442 Land #2049, @wchen-r7's had_pid? method work 2013-07-05 11:19:11 -05:00
Meatballs 1a0bdf335e Retab lib 2013-07-04 12:09:46 +01:00
Meatballs a76ee6c2ec Add flexibility to lib 2013-07-04 11:03:48 +01:00
Meatballs 1368c1c27f Move options to lib 2013-07-04 10:25:08 +01:00
Meatballs 03de8c1c3d Pull in exploit/powershell 2013-07-04 09:54:40 +01:00
James Lee e330916744 Pull out common stuff in Util::EXE/MsfVenom tests 2013-07-03 12:25:15 -05:00
g0tmi1k 38b83ba335 ui/banner~Made msftidy happy 2013-07-03 00:29:42 +01:00
William Vu 67f30a6828 Land #1739, resolve workspace rename issues 2013-07-02 16:09:59 -05:00
sinn3r 0f37bbe78e Add has_pid? function 
[SeeRM:#8123] - Add commonly used function has_pid?. Related to
redmine issue 8123.
 2013-07-02 14:33:15 -05:00
James Lee 1466609c86 Add more supported formats to exe generation 
- Already supported, just added calls to the the right methods in
  the .to_executable_fmt method:
  - Linux armle, mipsle, and mipsbe
  - Mac arm, ppc

- makes the two (!?) copies of block_api for windows match more closely
  with the source used elsewhere. This is still needs to be refactored
  to get rid of the duplication.

- Get rid of some of the logic in msfvenom duplicated from Util::EXE
 2013-07-01 17:36:58 -05:00
jvazquez-r7 a5c3f4ca9b Modify ruby code according to comments 2013-06-29 08:54:00 -05:00
sinn3r e3989ad30c Extra comments, no thanks 2013-06-28 15:44:06 -05:00
sinn3r f4c805f5d6 Yarrrrrrrrd 2013-06-28 15:42:56 -05:00
sinn3r 6e1fa05757 Fix a handle leak & change thread creation flag 2013-06-28 13:23:08 -05:00
sinn3r 554d738f26 Update documentation 
Fix broken English
 2013-06-28 13:03:05 -05:00
sinn3r b7430cb569 Add Msf::Post::Windows::Process 
The purpose of Msf::Post::Windows::Process is have all the common
functions you might need to do something to a process, for example:
injecting something to a process and then run it.
 2013-06-28 12:55:06 -05:00
David Maloney ea13ac48ec "fix" indentation to make egypt happy 2013-06-27 17:16:13 -05:00
David Maloney 89faba288d damnit brandon turner 2013-06-27 17:12:37 -05:00
David Maloney 867be1257a slight rearrangement 2013-06-27 17:09:20 -05:00
David Maloney e3fde02eec conditional wrapping 
as per egypt's catch
 2013-06-27 17:07:16 -05:00
David Maloney 70433820a9 fixes FD leak in RPC client 
FD leak due to sockets not getting closed
on the rpc client
FIXRM #8107
 2013-06-27 16:57:02 -05:00
Josh d7eda343e9 fix typo in comment 
change runing to running
 2013-06-27 03:12:49 -05:00
James Lee 31ad7b50a9 Fix write_file on FreeBSD 
[SeeRM #8083]
 2013-06-25 17:19:00 -05:00
Daniele Martini c0fda81eb0 Removed options DB_ADD_ALL. Added options DB_ALL_PASS and DB_ALL_USERS 
to add already known user and passwords to the lists.
 2013-06-23 18:20:41 +02:00
James Lee 3c42fe594e No need to have rescue around a print 2013-06-21 15:55:43 -05:00
James Lee 2c12a43e77 Add a method for dealing with hardcoded URIs 2013-06-21 15:48:02 -05:00
James Lee 39d011780e Move deletion into #remove_resource 
Doing it here means that modules manually calling remove_resource won't
screw up the cleanup
 2013-06-21 15:34:54 -05:00
James Lee e8a92eb196 Keep better track of resources 
[See #1623]
[SeeRM #7692]
 2013-06-21 14:51:47 -05:00
James Lee 81b4efcdb8 Fix requires for PhpEXE 
And incidentally fix some msftidy complaints
 2013-06-19 16:27:59 -05:00
jvazquez-r7 8ae8f25d56 Land #1961, @wvu-r7's normalization of command_dispatcher/db.rb 2013-06-18 08:57:32 -05:00
HD Moore 819080a147 Enable rhost/rport option overrides in HttpClient 2013-06-17 11:45:01 -05:00
William Vu 53077d4c1a Add a newline before the delete message 2013-06-14 19:58:19 -05:00
William Vu cfd05bc68f Normalize comments 2013-06-14 17:32:33 -05:00
William Vu 0a9a8a57e3 Remove double newlines 2013-06-14 17:20:26 -05:00
William Vu bb02cc8509 Normalize the syntax and output of db.rb 2013-06-14 17:11:47 -05:00
Tod Beardsley d341b825d0 Rename dirbust option to conform to style 2013-06-14 12:58:08 -05:00
Tod Beardsley 2971e50d06 Land #1949, make dirbusting optional for crawler 2013-06-14 11:54:28 -05:00
Brandon Perry 0f06e9b08c Merge branch 'master' of https://github.com/rapid7/metasploit-framework into csharp_payload 2013-06-12 17:27:55 -05:00
Tasos Laskos b509ac8504 Crawler mixin: Dirbusting opt moved to advanced 2013-06-13 00:04:31 +03:00
Tasos Laskos b474cda4aa Crawler/Anemone: Dirbusting now optional 
[FIXRM #8030]

Anemone updated to make dirbusting optional (on by default) and the Crawler core
module updated to provide an option to do so.
 2013-06-13 00:00:09 +03:00
Brandon Perry d0e1e4df0a This commit adds support for C# byte arrays for the assembly payloads. 2013-06-11 19:27:06 -05:00
Tod Beardsley 6a5d1d06b2 Make the conditional correct for print_prefix 
Fixes a bug introduced on #1936.
 2013-06-11 16:16:17 -05:00
Tod Beardsley f775a0bb01 Handle single quotes for OpenVAS import 2013-06-10 19:45:50 -04:00
Tod Beardsley 9a08090b0f Inch toward making modules more testable 2013-06-10 16:02:19 -05:00
Tod Beardsley d4e9431633 Add Gemfile entry for PacketFu 2013-06-10 14:18:05 -05:00
Tod Beardsley 31faf65271 Land #1929, spool ui fix from @jsherwood0 2013-06-10 12:30:50 -05:00
John Sherwood 7ac5b6de53 Fix prompt and color issue with cmd_spool 
Changing spool setting caused problems with prompt and color. This
fix makes the following changes:

- Saves the color setting and re-applies it to the new output console
- Sets the prompt in the same way that cmd_use does
 2013-06-09 13:35:35 -04:00
David Maloney 6aa7c74fdd make anemone also rspect domain 2013-06-07 14:24:14 -05:00
David Maloney 78b2a0a2ac add domain support to web spider 2013-06-07 12:41:20 -05:00
sinn3r 8e2de6d14f Updates js_property_spray documentation 
After many tests, it turns out address 0x0c0d2020 is the most
consistent location acorss various IE versions.  For dev purposes,
it's rather important to have this documented somewhere.

Thanks to corelanc0d3r for the data.
 2013-06-07 00:28:22 -05:00
sinn3r 9466022194 Land #1847 - Add sorting functionality to notes command 2013-06-05 12:17:54 -05:00
sinn3r 026c658260 Comply with the case-sensitive rule 2013-06-05 12:16:38 -05:00
David Maloney 2e26256217 was missing a nil check 2013-06-04 14:21:07 -05:00
David Maloney c4475538e7 Report on TaskSession associations 
add TaskSession objects so when we report
on a session, we know what Task created it, if there
was a task
 2013-06-04 13:42:36 -05:00
sinn3r 90117c322c Landing #1874 - Post API cleanup 2013-05-31 16:15:23 -05:00
Luke Imhoff cc60c95243 Rescue Errno::ENONENT when using File.mtime for memory cache 
[#47720609]
 2013-05-30 13:16:43 -05:00
Luke Imhoff 541d287e70 Merge branch 'master' into bug/module-load-cache-update 2013-05-30 12:59:50 -05:00
lsanchez-r7 8b488c3c6b Merge pull request #1866 from dmaloney-r7/bug/mdm_session_port 
Add session_port to the mdm object

SEERM #7281
 2013-05-30 10:05:48 -07:00
James Lee 12f0448bb4 Use a LIKE test instead of equality 
Fixes the ability to search for CVE (as well as other reference types)
with a non-exact match

[SeeRM #7989]
 2013-05-29 16:27:33 -05:00
sinn3r 63694a6c87 Landing #1875 - Also remove *.ts.rb files 2013-05-28 17:29:02 -05:00
Tod Beardsley 14c4dbcf8c Also remove *.ts.rb files 
On the heels of #1862, this gets rid of the "test suites" that bound
together all the old unit tests.
 2013-05-28 17:05:44 -05:00
James Lee f3ff5b5205 Factorize and remove includes 
Speeds up compilation and removes dependency on bionic source
 2013-05-28 15:46:06 -05:00
James Lee 0466cce7b1 Move PostMixin to its own file 
Also replaces dead code in lib/msf/core/exploit/local.rb with what was
actually being used for the Exploit::Local class that lived in
lib/msf/core/exploit.rb.
 2013-05-28 15:46:06 -05:00
sinn3r 8cb1bdefb7 Landing #1849 - 32 and 64bit compatible to_winpe_only() function 2013-05-28 15:24:43 -05:00
Samuel Huckins e20385dd9e Merge pull request #1864 from dmaloney-r7/feature/task_associations/cred_service_host 
Passes specs and functional tests
 2013-05-28 12:11:57 -07:00
James Lee 9843dc4cb4 Land #1708, android meterpreter 
Conflicts:
	data/meterpreter/ext_server_stdapi.jar
 2013-05-28 12:19:45 -05:00
David Maloney 849d974463 Add session_port to the mdm object 
Mdm::Session was not being passed the session_port
FIXRM #7281
 2013-05-24 17:46:03 -05:00
Luke Imhoff 4ba571346e Spec Msf::Simple::Framework#init_module_paths 
[#47720609]
 2013-05-24 12:33:42 -05:00
Luke Imhoff c22178752e Merge branch 'master' into bug/module-load-cache-update 2013-05-24 11:06:16 -05:00
sinn3r e169ccab4f Landing #1862 - Remove inline unit tests 2013-05-23 22:19:29 -05:00
Luke Imhoff 1a487e476d Merge branch 'master' into bug/module-load-cache-update 2013-05-23 14:23:14 -05:00
David Maloney 0f21861921 Add task handling to imports 
allow imports to carry along task info

[Story #49167601]
 2013-05-23 13:33:19 -05:00
Tod Beardsley 05916c079e Inline unit tests are so last decade 
Aside from codebase-wide changes, nearly all of these tests haven't been
touched since before 2010, and there is no effort to maintain this style
of testing. We've moved on to (correctly) seperating out our tests from
our codebase.
 2013-05-23 12:41:14 -05:00
Tod Beardsley a852304ba3 DRY: Move check things to the common module level 
While it makes lots of sense to bring check to all modules, of course
some modules will not be able to actually use it. Namely modules like
nop and payload modules. If you're feeling creative, you could probably
come up with semantically similar checks for those, too.
 2013-05-23 11:42:41 -05:00
Tod Beardsley 7436fdad72 First, copy-pasta and add a test 2013-05-23 11:26:53 -05:00
David Maloney d8074c0bf4 Use create not new 
Was calling .new instead of .create
[Story #49167601]
 2013-05-22 18:29:22 -05:00
Luke Imhoff 2b70ec2e08 Payload compatible cache_in_memory 
[#47720609]

Msf::PayloadSet#add_module does NOT return an annotated module class as
Msf::ModuleSet#add_module does because a payload module is defined as a
ruby Module instead of a ruby Class.   Since add_module doesn't always
return an annotated_class, the logic in
Msf::ModuleManager#on_module_load needed to change to NOT use
annotated_class and create #add_module as return [void].  Thus, it is
necessary to pass in all the metasploit module metadata to
Msf::ModuleManager#cache_in_memory instead of assuming they can be
derived from the (payload) Module or (other) Class.
 2013-05-22 16:06:02 -05:00
David Maloney 69dd7f5c58 Update Mdm and Add Task stuff to report 
make report_* methods aware of Tasks

[Story #49167601]
 2013-05-22 14:59:43 -05:00