Commit Graph

7051 Commits (52371be52af753d271103ffe0cba313d1e2b7a30)

Author SHA1 Message Date
James Lee 947925e3a3 Use a proper main signature with arguments
Allows us to `unlink(argv[0])`
2013-10-09 17:22:01 -05:00
Spencer McIntyre 6c382c8eb7 Return nil on error, and move the module to post/multi. 2013-10-09 16:52:53 -04:00
Tod Beardsley 9d34a8c894
Land #2465, deal with missing cpuinfo bins
[FixRM #8456]

Thanks @ZeroChaos!
2013-10-09 13:03:48 -05:00
Tod Beardsley 356263df56
Litter some more rescue nil's in there
I hate them but they were there when I got there.

A more sane way to deal with this should happen someday.
2013-10-09 12:17:13 -05:00
Tod Beardsley f95da649f8
Deal with missing bins, too.
This could be way more DRY. At least there's a YARD-ish comment.

This fixes up https://github.com/rapid7/metasploit-framework/pull/2465
to be a more complete solution.

[SeeRM #8465]
2013-10-09 12:13:44 -05:00
OJ 47801c17b3 MSF started to the extended API with window enum
Decided to kick off a new extended API extension with mubix and
kernelsmith to include some more advanced enumeration stuff. The goal of
this extension is to take stuff that wouldn't be part of the std api but
is rather useful for enumeration of a target once meterpreter has been
established.

This commit kicks things off with enumeration of top level windows on the
current desktop.
2013-10-09 22:25:43 +10:00
Markus Wulftange e895a17722 Add 'no quotes' option for CmdStagerPrintf
Exploit developers can use the ':noquotes => true' option to avoid
single quotes surrounding the octal escapes argument.
2013-10-08 21:04:28 +02:00
jvazquez-r7 2593c06e7c
Land #2412, @mwulftange's printf cmd stager 2013-10-08 09:08:29 -05:00
Markus Wulftange 6f7d513f6e Another clean up and simplification of CmdStagerPrintf 2013-10-08 07:22:09 +02:00
Tod Beardsley ff6dec5eee
Promote joev to a first class citizen
[See #2476]
2013-10-07 12:40:43 -05:00
Markus Wulftange 836ff24998 Clean and fix CmdStagerPrintf
Clean up of the CmdStagerPrintf as discussed in mwulftange#1
2013-10-05 10:39:55 +02:00
sinn3r 77cbb7cd19 Update function documentation 2013-10-04 15:18:27 -05:00
ZeroChaos 5f4e4de267 fix for bug 8456
On systems without bundled johntheripper (either by removing the bundled version or by no compatible version shipped) the system john is used.  In this case, all of the checking for compatible bundled jtr makes no sense and as such we can shortcut out of this to not only reduce the size of msf (for embedded) but also to speed execution (saving multiple calls to some random bundled binary cpuinfo*.bin).

This patch makes it very easy to simply remove cpuinfo and msf will not try to run it when missing and default to running john from the path.
2013-10-04 15:58:47 -04:00
James Lee 541833e2cc Convert llmnr_response to use Net::DNS
* Allows responding to AAAA requests in addition to the existing A
  support
* Prevents problems when recvfrom returns a mapped address like
  "::ffff:192.0.2.1"

Also:

* Fix a few typos
* capture: Don't shadow a method name (arp) with a local variable
* capture: Handle the case where our UDP send hits an ENETUNREACH
2013-10-04 12:35:30 -05:00
sinn3r 29d1c75d1c Update RopDb mixin to allow dynamic payload size for neg
This adds a new key to allow a "safe" integer value to NEG. "Safe"
means the value does not have any null bytes after the NEG instruction,
which is typically used to calculate the payload size.
2013-10-03 23:09:23 -05:00
OJ 21afa9defe Meterpreter railgun multi call fix
Modifications accommodate changes in the multi-call railgun code that
were made to Meterpreter.

This also includes a fix for Redmine 8269, so the Windows constants
now work correctly with the multi-calls.
2013-10-04 12:04:18 +10:00
Meatballs c460f943f7
Merge branch 'master' into data_dir
Conflicts:
	modules/exploits/windows/local/always_install_elevated.rb
	plugins/sounds.rb
	scripts/meterpreter/powerdump.rb
	scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
James Lee b822a41004 Axe errant tabs and unused vars 2013-10-02 13:47:39 -05:00
jvazquez-r7 758fd02619 Windows 7 SP1 and newer fail when forcing IPv6 sockets 2013-10-02 09:45:51 -05:00
OJ 82162ef486 Add error message support to railgun
This code was lost in the transition when the meterpreter source was
removed from the metasploit-framework source. I'm pulling this in by
request of @dmaloney-r7 who originally requested this code be inculded
as part of https://github.com/rapid7/metasploit-framework/pull/740

I added an extra bit of code to free up memory that is allocated by the
call to FormatMessage and forced the ASCII-version (FormatMessageA) of
the call.

This PR is the MSF side of https://github.com/rapid7/meterpreter/pull/26
2013-10-01 17:23:08 +10:00
Meatballs 29a7059eb4
Update AlwaysInstallElevated to use a generated MSI file
Fixes bugs with MSI::UAC option, invalid logic and typo...
2013-09-29 17:09:03 +01:00
Tod Beardsley 2fb770f73e
Land #1569, MSI payloads
The bins are signed by Meatballs, everything looks good here, so
landing. Thanks for your patience on these!
2013-09-27 16:29:27 -05:00
Tod Beardsley 7cc2ad55a6
Land #1770, unattend.xml snarfing modules 2013-09-27 16:04:38 -05:00
Tod Beardsley 63d638888d Get rid of interior tabs 2013-09-27 16:04:03 -05:00
Tod Beardsley d869b1bb70 Unless, unless everywhere. 2013-09-27 15:55:57 -05:00
Meatballs 8aeb134581
Retab... 2013-09-27 20:40:16 +01:00
OJ 58cd2c796e Add a bind port setting to reverse listeners
This adds a `ReverseListenerBindPort` advanced setting to the reverse listeners whic
allows for the local bind port to be separated from the `LHOST` setting used in the
payload. This means that listeners can bind to different ports in cases where the
attacker isn't able to listen on the same port that the victim can call out on, but
there are NATs/portforwards/whatever in place that allow the connection to happen.
2013-09-28 05:38:39 +10:00
Meatballs 6ca01adf1d
Merge branch 'master' into msi_payload
Conflicts:
	lib/msf/util/exe.rb
2013-09-27 20:37:40 +01:00
Meatballs 34c443f346
Forgot msi-nouac 2013-09-27 20:36:00 +01:00
Meatballs 8a9843cca6
Merge upstream/master 2013-09-27 20:02:23 +01:00
Tab Assassin c94e8a616f Retabbed to catch new bad tabs 2013-09-27 13:34:13 -05:00
Meatballs 8b800cf5de Merge and resolve conflicts 2013-09-27 18:19:23 +01:00
Tod Beardsley 869c10af04
Land #2396, aspx-exe shellcode generator
Looks good to me, specs are all happy (also added a #to_h spec)
2013-09-27 11:42:16 -05:00
Joshua J. Drake d04c47d2b7 Remove comment since it was addressed in 4500d09c2f 2013-09-26 19:47:54 -05:00
Meatballs 3d812742f1 Merge upstream master 2013-09-26 21:27:44 +01:00
Meatballs 7ba846ca24 Find and replace 2013-09-26 20:34:48 +01:00
Meatballs a25833e4d7 Fix %TEMP% path 2013-09-26 19:22:36 +01:00
Tod Beardsley 8696b5d2dc
Fix bug on missing hosts for SunRPC Portmap
Also cleans up and normalizes the print messages to follow the
conventions of "host:port - proto - message"

[FixRM #8409], reported by Chris F.
2013-09-26 09:42:38 -05:00
Tod Beardsley 701410f608
Land #2414, portfwd teardown and recreate
[FixRM #8240]
2013-09-25 17:40:47 -05:00
Tod Beardsley 1a515093cb Idiomatic Ruby
Assuming this gets accepted, this should [FixRM #8240]. Take a look, and
if you're good with it, I'll land on master. Everything seems to work
out on this end.
2013-09-25 17:26:00 -05:00
jvazquez-r7 9cc446ae2a Get cookies with empty values 2013-09-25 14:31:34 -05:00
jvazquez-r7 58d4096e0f Resolv conflicts on #2267 2013-09-25 13:06:14 -05:00
joev 99e46d2cdb Merge branch 'master' into cve-2013-4660_js_yaml_code_exec
Conflicts:
	modules/exploits/multi/handler.rb
2013-09-25 00:32:56 -05:00
FireFart 617f6d53fe user_id starts at 1 2013-09-24 23:41:02 +02:00
FireFart 7a2762f4a7 more regexes 2013-09-24 20:20:06 +02:00
FireFart dc8f94bac1 Added wordpress version detection 2013-09-24 08:59:56 +02:00
OJ 0038bb90b1 Remove unncessary counter var 2013-09-24 13:35:29 +10:00
OJ b91e344815 Add code to recreate the forwards after migration
* Feels like a bit of a hack job, but it works.
2013-09-24 13:27:58 +10:00
James Lee 487f68f4d2 Get rid of callcc
[SeeRM 8407]
2013-09-23 19:36:26 -05:00
FireFart e1aefe07e1 clarify documentation 2013-09-24 00:08:33 +02:00
FireFart 7c4708b1df -) Fix get_cookies to return multiple cookies. Before it only returned the first cookie
-) Bugfix
2013-09-23 23:59:45 +02:00
Tod Beardsley 8db1a389eb
Land #2304 fix post module require order
Incidentally resolve conflict on current_user_psexec to account for the
new powershell require.
2013-09-23 16:52:23 -05:00
FireFart bfe88fa089 added wordpress login checks for 2.0 and 2.5 2013-09-23 23:32:31 +02:00
Tod Beardsley e885ab45b6
Land #1734 Metasploit side for ip resolv 2013-09-23 16:18:40 -05:00
Markus Wulftange 10252ca6f4 Just Rex::Text.to_octal is probably better 2013-09-23 23:03:38 +02:00
Markus Wulftange 9353929945 Add CmdStagerPrintf 2013-09-23 22:02:29 +02:00
Meatballs 695fdf836c Generate NonUAC MSIs 2013-09-21 13:13:18 +01:00
Meatballs 85ea9ca05a Merge branch 'master' of github.com:rapid7/metasploit-framework into msi_payload 2013-09-21 12:49:38 +01:00
Joe Vennix a08d195308 Add Node.js as a platform.
* Fix some whitespace issues in platform.rb
2013-09-20 18:14:01 -05:00
sinn3r b6c7116890 Land #1778 - Mimikatz Fix for table.print and x86 warning 2013-09-20 16:13:53 -05:00
jvazquez-r7 87f75e1065 Complete CmdStagerEcho code doc 2013-09-20 13:24:53 -05:00
Meatballs 7d1c5c732a Correct powershell 2013-09-20 18:36:24 +01:00
Meatballs 3dd75db584 Address feedback 2013-09-20 17:20:42 +01:00
Meatballs a00f3d8b8e initial 2013-09-20 13:40:28 +01:00
Tod Beardsley e9e1b28ba8
Land #2371, echo -e cmd stager 2013-09-19 14:47:39 -05:00
Meatballs 11bdf5d332 New pull 2013-09-19 19:57:38 +01:00
Meatballs 72155f8e9e Comment update 2013-09-19 19:46:05 +01:00
OJ 598e85a8d9 Fix for dangling port forwards
Code tears down the port forwards prior to migrating so that we don't end up with dangling connections that don't work.
2013-09-19 19:27:54 +10:00
Tod Beardsley f4e2e0ac11 Clear report_data on each host report 2013-09-18 17:11:22 -05:00
James Lee 8fe9132159
Land #2358, deprecate funny names 2013-09-18 14:55:33 -05:00
James Lee 595820382e Fix lying documentation 2013-09-17 20:58:29 -05:00
jvazquez-r7 dd7010d272 Fix @todb-r7 feedback 2013-09-17 20:54:19 -05:00
James Lee a0d113d754 Fix a bug that deleted too many hosts
When running a command that takes host ranges as arguments (e.g.,
`hosts`, `services`), the arguments get parsed by
Rex::Socket::RangeWalker. If RangeWalker was unable to parse, it would
return nil, which in this context means "all hosts." If the user is
searching, they get all hosts instead of the ones they were interested
in -- this is annoying, but not too big a deal. Unfortunately, the same
logic applied when *deleting* hosts, with `hosts -d ...`, causing all
hosts to be deleted when giving it an invalid range.
2013-09-17 20:51:41 -05:00
James Lee 150f0f644e Merge branch 'rapid7' into bug/osx-mods-load-order
Conflicts:
	modules/post/windows/gather/enum_dirperms.rb
2013-09-17 18:21:13 -05:00
Tod Beardsley dae8847c4d
Land #2374, more complete 32/64 migrate fix
[FixRM #8395]
2013-09-17 14:52:04 -05:00
James Lee c77d49a640 Merge branch 'rapid7' into cleanup/remove-id-tags
Conflicts:
	lib/msf/core/payload/osx/bundleinject.rb
	lib/msf/core/payload/windows/dllinject.rb
	lib/msf/core/payload/windows/exec.rb
	lib/msf/core/payload/windows/loadlibrary.rb
	lib/msf/core/payload/windows/reflectivedllinject.rb
	lib/msf/core/payload/windows/x64/reflectivedllinject.rb
	scripts/meterpreter/netenum.rb
2013-09-17 10:55:02 -05:00
James Lee 97d3a20f82 Remove more $Revision tags 2013-09-17 10:46:37 -05:00
James Lee 21055f6856 Add x86 to meterpreter's binary suffix
This makes x86 more consistent with x64.

Also replaces a bunch of instances of:
  File.join(Msf::Config.install_root, 'data', ...)
with the simpler
  File.join(Msf::Config.data_directory, ...)

[See rapid7/meterpreter#19]
2013-09-16 21:52:04 -05:00
Joe Vennix d954d64f69 Add NODEJS arch constants. 2013-09-16 21:33:44 -05:00
Joe Vennix 217449a836 Ensures termination of inner while loop and cleans up #map.
* Tested working against ubuntu target using the sshexec test script.
2013-09-16 20:42:20 -05:00
jvazquez-r7 edec022957 Use shellwords, as recommended by @jvennix-r7 2013-09-16 16:35:45 -05:00
James Lee d6954e9ce7 Fix migrate from 32- to 64-bit processes
In some cases, it was possible to end up in a situation where the x64
reflective library hadn't been loaded by the time a user typed migrate.
If the target process was 64-bit, msfconsole would error out with a
NoMethodError and much sadness would ensue.

[See #2356]
2013-09-16 16:04:50 -05:00
jvazquez-r7 a8198bc948 Add documentatio to the mixin 2013-09-16 11:55:30 -05:00
jvazquez-r7 a5049df320 Add echo CmdStager 2013-09-16 11:35:05 -05:00
sinn3r 4be0601c73 Land #2352 - Expand path to database config 2013-09-16 01:51:51 -05:00
Tod Beardsley 53a7e74813
Land #2360
All the specs pass, and it's difficult to repo many of these cases to
see if bugs are actually here, but it's a good idea to enforce binary
regexs.
2013-09-13 14:43:53 -05:00
HD Moore 72dff03426 FixRM #8396 change all lib use of regex to 8-bit pattern 2013-09-12 16:58:49 -05:00
James Lee 6cc5965123
Land #2278, exe injection refactor 2013-09-12 16:37:58 -05:00
Tod Beardsley 76f27ecde8 Require the deprecation mixin in all modules
Because rememberin to require it, and hoping against a race is not how we
roll any more.
2013-09-12 15:49:33 -05:00
David Maloney 34e5f69fbf fix merge conflict 2013-09-12 13:56:08 -05:00
David Maloney e80cda4ace Merge branch 'master' into spike/exe_generation 2013-09-12 12:36:10 -05:00
James Lee 30c2efe3b2 Add require for eventlog
Even though nothing uses it except an old script
2013-09-11 16:21:10 -05:00
Till Maas 763b111c9b cmd_db_connect: Expand path to database config
Do not only check whether the expanded path for the database config file
exists, but also use it.
2013-09-11 11:23:26 +02:00
Markus Wulftange 80243c6e4d Disable default sorting on MSSQL results
When printing output using the `mssql_print_reply`, the output gets
sorted by default by the first column. This can distort the output,
especially when the row order is crucial like in case of executing
external commands with `mssql_xpcmdshell`.

This patch disables sorting by initializing Rex::Ui::Text::Table
with SortIndex = -1.
2013-09-09 20:14:48 +02:00
David Maloney 5773a009f5 Merge branch 'spike/exe_generation' of github.com:/dmaloney-r7/metasploit-framework into spike/exe_generation 2013-09-09 12:17:36 -05:00
David Maloney d6e4e46d86 better validation of buffer register 2013-09-09 12:16:15 -05:00
jvazquez-r7 eb745af12f Land #1054, @Meatballs1 exploit for IPsec Keying and more 2013-09-05 16:53:20 -05:00
Tab Assassin 8bc83f4922 Retab changes for PR #1420 2013-09-05 16:21:26 -05:00
Tab Assassin d6a7ce5328 Merge for retab 2013-09-05 16:21:13 -05:00
Tab Assassin 2bd1fb451b Retab changes for PR #1569 2013-09-05 16:16:05 -05:00
Tab Assassin 48cf2af685 Merge for retab 2013-09-05 16:16:00 -05:00
Tab Assassin 3c1df47314 Retab changes for PR #1681 2013-09-05 16:10:40 -05:00
Tab Assassin a231e85293 Merge for retab 2013-09-05 16:10:28 -05:00
James Lee adfb31e30a Land #2316, don't modify datastore in authbrute 2013-09-05 16:04:15 -05:00
jvazquez-r7 368a78a963 Undo post setup change 2013-09-05 15:00:58 -05:00
Tab Assassin 2e9096d427 Retab changes for PR #1734 2013-09-05 14:59:41 -05:00
Tab Assassin 322ed35bb4 Merge for retab 2013-09-05 14:59:34 -05:00
Tab Assassin 2846a5d680 Retab changes for PR #1770 2013-09-05 14:57:40 -05:00
Tab Assassin 269c1a26cb Merge for retab 2013-09-05 14:57:32 -05:00
Tab Assassin 701513a212 Retab changes for PR #1778 2013-09-05 14:56:35 -05:00
Tab Assassin 3788bab8e5 Merge for retab 2013-09-05 14:56:30 -05:00
Tab Assassin 26b8364dcb Retab changes for PR #1789 2013-09-05 14:44:21 -05:00
Tab Assassin 789be1fe3e Merge for retab 2013-09-05 14:44:14 -05:00
Meatballs d4043a6646 Spaces and change to filedropper 2013-09-05 20:41:37 +01:00
Meatballs c5daf939d1 Stabs tabassassin 2013-09-05 20:36:52 +01:00
Tab Assassin 81479a6ade Retab changes for PR #2093 2013-09-05 14:31:10 -05:00
Tab Assassin 8a76b3390d Merge for retab 2013-09-05 14:31:05 -05:00
Tab Assassin daed98931e Retab changes for PR #2158 2013-09-05 14:19:55 -05:00
Tab Assassin 27fd54092a Merge for retab 2013-09-05 14:19:49 -05:00
James Lee 41f6ab3073 Land #2294, fix post setup
Conflicts:
	lib/msf/core/post.rb
2013-09-05 14:11:32 -05:00
Tab Assassin f5a4c05dbc Retab changes for PR #2267 2013-09-05 14:11:03 -05:00
Tab Assassin 4703a10b64 Merge for retab 2013-09-05 14:10:58 -05:00
Tab Assassin 0d884ebbab Retab changes for PR #2278 2013-09-05 14:08:14 -05:00
Tab Assassin 63612a64e9 Merge for retab 2013-09-05 14:08:09 -05:00
Tab Assassin d0360733d7 Retab changes for PR #2282 2013-09-05 14:05:34 -05:00
Tab Assassin 49dface180 Merge for retab 2013-09-05 14:05:28 -05:00
Tab Assassin 845bf7146b Retab changes for PR #2304 2013-09-05 13:41:25 -05:00
Tab Assassin adf9ff356c Merge for retab 2013-09-05 13:41:23 -05:00
Tab Assassin abb52a086c Retab changes for PR #2316 2013-09-05 13:33:59 -05:00
Tab Assassin 8665de0261 Merge for retab 2013-09-05 13:33:49 -05:00
Tab Assassin d0a3ea6156 Retab changes for PR #2320 2013-09-05 13:27:47 -05:00
Tab Assassin bff7d0e6ae Merge for retab 2013-09-05 13:27:09 -05:00
Tab Assassin 896bb129cd Retab changes for PR #2325 2013-09-05 13:24:09 -05:00
Tab Assassin 5ff25d8b96 Merge for retab 2013-09-05 13:23:25 -05:00
James Lee b913fcf1a7 Add a proper PrependFork for linux
Also fixes a typo bug for AppendExit
2013-09-04 00:15:07 -05:00
Meatballs 1471a4fcef Fixes an error in file_dropper where @dropped_files is nil
causing an exception to be raised and on_new_session to fail.

I have moved super to the top of the chain so it always gets
called regardless.
2013-09-03 23:45:41 +01:00
Meatballs c687f23b81 Better error handling 2013-09-03 22:57:27 +01:00
Meatballs a8e77c56bd Updates 2013-09-03 22:46:20 +01:00
Meatballs ac0c493cf9 Merge branch 'master' of github.com:rapid7/metasploit-framework into local_win_priv_keyring 2013-09-03 21:33:11 +01:00
Meatballs 4c9e6a865a Default to exe-small 2013-09-03 00:01:20 +01:00
jvazquez-r7 560d384633 Do first modification to Auxiliary::Login and Auxiliary::AuthBrute 2013-08-31 23:38:04 -05:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
Spencer McIntyre ee4ba04d7d Initial commit of the python meterpreter. 2013-08-30 13:14:32 -05:00
Meatballs 1ea3d91f48 Lands #2244 Python Meterpreter
[Closes #2244]
2013-08-30 14:33:35 +01:00
Meatballs 53c3f6b2db Deconflict 2013-08-30 10:52:42 +01:00
James Lee 37f8d7a536 And one more. 2013-08-29 23:52:00 -05:00
James Lee 49bfc84ea6 Bah, missed changes after refactor
Thanks, travis-ci!
2013-08-29 23:39:29 -05:00
James Lee 63adde2429 Fix load order in posts, hopefully forever 2013-08-29 13:37:50 -05:00
James Lee eba6762977 Land #2270, Util::EXE refactor
With a minor rebase to fix a commit message

[Closes #2270]

Conflicts:
	spec/support/shared/contexts/msf/util/exe.rb
2013-08-28 21:49:59 -05:00
shellster ee9b1ef8e0 Greatly shortened to_mem_old.ps1.template by using [Math]::max.
Added necessary end of line conversion in lib/msf/util/exe.rb so
that Powershell will parse multiline strings.
2013-08-28 21:39:42 -05:00
jvazquez-r7 ab58e2db41 Ensure PostMixin setup is called 2013-08-27 18:03:30 -05:00
sinn3r a91b38cbf4 Land #2276 - osx webcam and record_mic post modules 2013-08-27 12:28:14 -05:00
lsanchez-r7 007b3de06d Merge pull request #2271 from bturner-r7/bug/db-leaks
Land #2271, Fix database connection leaks
2013-08-26 14:39:11 -07:00
David Maloney 5a424ab4df Allow user supplied buffer register
let the user pick, otherwise default to edx
2013-08-26 13:15:12 -05:00
Meatballs 3b9ded5a8e BypassUAC now checks if the process is LowIntegrityLevel
and fails if so. Some small improvements made to Post::Priv
and BypassUAC module.
2013-08-26 13:54:55 +01:00
Christian Mehlmauer 7afa789547 fix indentation 2013-08-26 11:37:40 +02:00
David Maloney 383c9ed7f8 set edx as a BufferRegister
polymorphic encoders can now always use EDX
as a BufferRegister, making it harder to catch
the decoder stub.
2013-08-25 14:18:32 -05:00
Meatballs 96c093dce0 Fix Exploit::Exe 2013-08-25 19:56:29 +01:00
Meatballs 66ee15f461 Merge and deconflict 2013-08-25 19:14:15 +01:00
David Maloney f5e9089dd5 remove dupe comment 2013-08-25 12:46:47 -05:00
David Maloney a50fa2deec style fixups 2013-08-25 12:37:30 -05:00
David Maloney 5e5f5acf19 plug in 64bit injector
64 bit exe generation only had subsitution method
add the x64 injector in there too.
2013-08-25 12:19:57 -05:00
Meatballs 526e504531 More fix 2013-08-25 12:21:37 +01:00
Christian Mehlmauer 45ad043102 moderated comments are now also working (even for unauthenticated users) 2013-08-25 11:02:15 +02:00
Christian Mehlmauer 035258389f use feed first before trying to bruteforce 2013-08-25 10:16:43 +02:00
Meatballs d45d37bc38 Really fix... 2013-08-25 00:18:50 +01:00
Meatballs 83da0b3a57 Correct fname 2013-08-25 00:17:26 +01:00
Meatballs 19e47d5e82 Really fix war 2013-08-25 00:06:31 +01:00
David Maloney 4c57af051a Revert "'remove unused framework references"
This reverts commit 98a09b9f5c.
2013-08-24 17:52:57 -05:00
David Maloney 98a09b9f5c 'remove unused framework references
passing around framework references that are never used
removing these whever possible
2013-08-24 16:59:29 -05:00
David Maloney bd5f184e2b Dry up the exe subsitution stuff
6 different methods were doing essentially
the same exact thing. DRY it up a bit
2013-08-24 16:50:45 -05:00
David Maloney d38117a521 replace old inject method
replacing jsut the win32 inject method this time
with out new injector method.
2013-08-24 16:30:47 -05:00
David Maloney 8f47aa6dcb Basic Injector class
create a class for injecting payloads
into an exe template as a new section
2013-08-24 16:11:00 -05:00
Christian Mehlmauer 5f7ccf1cbe naming..again 2013-08-24 18:58:00 +02:00
Christian Mehlmauer 9af1341179 consistent naming 2013-08-24 18:51:07 +02:00
Christian Mehlmauer 7cd150b850 another module 2013-08-24 18:42:22 +02:00
Meatballs b4b59aa065 Add guards against empty payloads 2013-08-24 11:59:59 +01:00
Meatballs 9786f84a6e Service exes 2013-08-24 03:45:07 +01:00
Meatballs 9ea17ef1e1 Merge upstream 2013-08-24 03:34:02 +01:00
Meatballs 3fae6c51c8 Initial exe-service 2013-08-24 03:28:47 +01:00
Meatballs f50ede1993 Remove redundant methods 2013-08-23 23:28:13 +01:00
Meatballs 4c4fe0b110 Fix x64 exe droppers 2013-08-23 23:21:31 +01:00
Joe Vennix 2d3f599498 Moves ruby_dl helpers to proper place in repo.
* Adds fail_with methods and moves timeouts to constants.
2013-08-23 17:17:19 -05:00
Christian Mehlmauer c40252e0b3 bugfixing 2013-08-24 00:04:16 +02:00
Joe Vennix 87d8e16001 Use defined? instead of version float check. 2013-08-23 16:59:36 -05:00
Christian Mehlmauer e9eb6b2427 simplification 2013-08-23 22:29:31 +02:00
Christian Mehlmauer 576ae50b73 more feedback implemented 2013-08-23 22:22:56 +02:00
Joe Vennix 2a68e4484b Oops. Don't write the ruby payload to /Users/joe/Desktop, thats not good. 2013-08-23 15:15:37 -05:00
Christian Mehlmauer 84fecc35da more feedback implemented 2013-08-23 22:14:58 +02:00
Joe Vennix 7ebe6635ea Finish fixing ruby 1.8.7 regressions. Works on 10.8 and 10.7. 2013-08-23 15:06:48 -05:00
Christian Mehlmauer de3fc1fa6c first feedback implemented 2013-08-23 21:59:36 +02:00
Meatballs 09ceeb5de2 Fix war generation 2013-08-23 20:06:57 +01:00
Meatballs cf5ddfeebf Some war fixes 2013-08-23 18:59:48 +01:00
Meatballs dfc606fe56 Slightly saner filenames 2013-08-23 18:06:48 +01:00
Meatballs 41b1b30438 vba transform 2013-08-23 18:00:19 +01:00
Meatballs 4d21b06f4f Aspx uses transform 2013-08-23 17:22:33 +01:00
Meatballs 1cb1afa50a Fix aspx 2013-08-23 17:09:51 +01:00
Meatballs dd13a7e48f Working .asp 2013-08-23 16:55:07 +01:00
Meatballs 7370fc3f4e vbs transform 2013-08-23 16:26:03 +01:00
Meatballs 5040347521 Fix psh and add powershell transform 2013-08-23 15:59:19 +01:00
Meatballs 418505adc9 Fix psh-net 2013-08-23 15:21:26 +01:00
Meatballs 12b5dbedae Initialize the hash_sub 2013-08-23 14:58:14 +01:00
Meatballs cfd6c66ffd Fix VBS 2013-08-23 14:35:19 +01:00
Meatballs 23a067aab7 Refactor reading of script files and substitution 2013-08-23 13:51:10 +01:00
Christian Mehlmauer 556f17c47e Move modules 2013-08-22 17:33:35 +02:00
Christian Mehlmauer b6b7da7b6f comments 2013-08-22 15:47:10 +02:00
Christian Mehlmauer 4a29277251 renamed files 2013-08-22 11:18:30 +02:00
Brandon Turner cd45c77080 Fix a few database leaks
All database access should be wrapped in with_connection blocks.

To avoid breaking git blame with a bunch of whitespace, I outdented
the with_connection blocks as seems to be common in db.rb.

[Story #55586616]
2013-08-21 18:53:17 -05:00
shellster a6e5e9c61d Updated using limhof-r7 advice 2013-08-21 16:43:10 -07:00
shellster 86a83391fd Merge remote-tracking branch 'upstream/master' 2013-08-21 16:16:20 -07:00
Christian Mehlmauer 959553583f -) revert last commit
-) split into seperate modules
2013-08-22 00:45:22 +02:00
Brandon Turner c0700673e7 Fix SessionManager database leak
All database access should be wrapped in with_connection blocks.

Much of this commit is whitespace.  It may help to view it with
--ignore-all-space or the w=0 parameter on GitHub.

[Story #55586616]
2013-08-21 17:34:25 -05:00
Christian Mehlmauer 009d8796f6 wordpress is now a module, not a mixin 2013-08-22 00:05:58 +02:00
Christian Mehlmauer 0a2bf9e9e7 implement @limhoff-r7 feedback 2013-08-21 21:10:00 +02:00
Christian Mehlmauer 2e9a579a08 implement @limhoff-r7 feedback 2013-08-21 21:05:52 +02:00
Christian Mehlmauer ffdd057f10 -) Documentation
-) Added Wordpress checks
2013-08-21 14:27:11 +02:00
Christian Mehlmauer 655e2dcf6c more methods 2013-08-21 13:13:41 +02:00
Christian Mehlmauer 68a51f4055 msftidy 2013-08-21 12:50:26 +02:00
Christian Mehlmauer 11ef8d077c -) added wordpress mixin
-) fixed typo in web mixin
2013-08-21 12:45:15 +02:00
Shelby Spencer 97933c4954 Moving meterpreter scripts out of exe.rb into a templates folder. 2013-08-20 16:49:48 -07:00
sinn3r f148eb4715 Land #2255 - Fix fail_with() 2013-08-20 01:28:21 -05:00
jvazquez-r7 491ea81acf Fix calls to fail_with from mixins 2013-08-19 16:42:52 -05:00
jvazquez-r7 7e37130837 Patch for [SeeRM #8315] 2013-08-19 16:34:02 -05:00
Spencer McIntyre e276b57ee7 Merge remote-tracking branch 'upstream/master' into python-meterpreter-dev 2013-08-19 08:37:12 -04:00
Nicholas Davis 559dfb5a7e Fix for bug #8297
Fixed getting the policy_hash_list which can fail if elements are null
[SeeRM #89297]
2013-08-18 14:49:44 -07:00
Tod Beardsley 1eb3c323ed Land #2175, force string encoding for RPC
Metasploit takes great pains to ensure that all strings are encoded as
plain old US-ASCII. This PR enforces this conversion over RPC as well.

[FixRM #7888]
2013-08-16 16:09:24 -05:00
Tod Beardsley 7937fbcc49 More idiomatic ruby with symbols and spaces 2013-08-16 15:59:04 -05:00
HD Moore bec15ebf7c Remove Failure (moved to parent class) 2013-08-15 13:31:21 -05:00
HD Moore 4706f8b54c Add fail_with() stub and move Failure from Exploit 2013-08-15 13:30:47 -05:00
Tod Beardsley 0ef4b4c982 Land #2222, remove Version from module info 2013-08-15 11:56:21 -05:00
James Lee ed00b8c19e Ensure checksum* methods return a Fixnum
Fixes a bug in reverse_http* stagers where requests for the root URI
(i.e., "/") cause a NoMethodError on nil returned by checksum8.

[See #2216]
2013-08-14 14:09:37 -05:00
sinn3r bd6a45fffa Get rid of version() use 2013-08-14 11:00:09 -05:00
sinn3r 83aec3b231 Remove module version display
Since modules no longer use the 'Version' key, there's no point to
collect and show them. It's all 0 anyway.

[See RM 8278]
2013-08-14 02:26:39 -05:00
sinn3r 92d57ef37d Fix merge conflict
Conflicts:
	msfvenom
2013-08-13 00:00:16 -05:00
James Lee 3827b14103 Land #1726, ssl verify mode
Conflicts:
	lib/rex/socket/parameters.rb
Fix doc strings
2013-08-12 17:57:10 -05:00
jvennix-r7 8278808a37 Merge pull request #2204 from todb-r7/bug/undo-optstring-validator
Revert "OptString specs and better validation"
2013-08-09 13:42:46 -07:00
Tod Beardsley 02f460287b Revert "OptString specs and better validation"
This reverts commit d66779ba4c.

Specifically, this commit was causing trouble when a datastore was
getting an Integer. For some reason (as yet undiscovered), the option
normalizer wasn't trying to Integer#to_s such arguments.

This kind of thing is going to happen a lot. For now, I'd rather just
end up with the ducktype, and attack the normalizer in a seperate fix.
2013-08-09 15:30:42 -05:00
sinn3r 4558aca7ca Land #2136 - Removed requirement for note.data to be present 2013-08-09 15:29:25 -05:00
Meatballs 08c32c250f File versions 2013-08-08 19:42:14 +01:00
James Lee ab976ddf8f Fix genarate command in msfconsole
Thanks @Meatballs1 for spotting
2013-08-06 14:46:53 -05:00
Spencer McIntyre 2d69174c5b Initial commit of the python meterpreter. 2013-08-05 23:38:49 -04:00
allfro 9180dd59fe Patch for string encoding issues with `msgpack`
Fixes an issue that causes exploits to fail if the PAYLOAD option is the last option to get marshalled in an MSFRPC dictionary. The patch adjusts the string's encoding to match the internal default encoding used by Ruby. Hence, making `fetch()` succeed.
2013-07-30 13:38:44 -04:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7 05be76ecb7 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-29 16:41:22 -05:00
jvazquez-r7 593363c5f9 Land #2154, @wchen-r7's msfcli optimizations and refactoring 2013-07-29 16:38:32 -05:00
jvazquez-r7 455569aee8 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-29 12:10:12 -05:00
jvazquez-r7 0851974408 Land #2162, @Meatballs1's exploit for ms13-005 2013-07-29 11:43:31 -05:00
Meatballs 9ad99ed4ca I am a git genius 2013-07-29 17:01:57 +01:00
Meatballs 0329caec5f Revert "Fixup psh datastore"
This reverts commit aa64f5cd58.
2013-07-29 17:00:28 +01:00
Meatballs aa64f5cd58 Fixup psh datastore 2013-07-28 21:53:11 +01:00
sinn3r a0decf502f Refactor msfcli 2013-07-28 12:40:50 -05:00
Meatballs 234e49d982 Add type technique 2013-07-26 23:33:16 +01:00
Meatballs b99ad41a64 Add api constants and tidy 2013-07-26 01:48:39 +01:00
jvazquez-r7 4a0b33241f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-25 18:41:50 -05:00
sinn3r 7b7603a5e7 Land #2104 - reverse_https_proxy 2013-07-25 17:26:56 -05:00
Meatballs 0235e6803d Initial working 2013-07-25 23:24:11 +01:00
jvazquez-r7 33f6f7e8fc Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-25 17:03:45 -05:00
William Vu 27a540e12f Land #1215, creds reuse for AuthBrute modules 2013-07-25 16:54:44 -05:00
William Vu dac9ac4a1d Land #2159, spool command nil dereference fix 2013-07-25 15:38:35 -05:00
James Lee a5ca516435 Fix nil deref in spool command
Occurs when no module is currently `use`d
2013-07-25 14:51:39 -05:00
Meatballs 1d2d4b5345 Add some null checks 2013-07-25 18:35:11 +01:00
jvazquez-r7 2b3dcaf678 Land #2157, @wvu and @averagesecurityguy patch for OpenVAS XML Reports importing 2013-07-25 12:04:38 -05:00
William Vu 97680304d6 Use index, since it can apparently do regex 2013-07-25 12:00:33 -05:00
jvazquez-r7 5014919198 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-25 09:02:20 -05:00
sinn3r 56367ef69c Update documentation 2013-07-24 19:04:47 -05:00
sinn3r 0fd2c385fb Update documentation 2013-07-24 19:02:10 -05:00
sinn3r e266d1bd0a Add comment about opts 2013-07-24 19:00:58 -05:00
sinn3r a71d7eb372 Update archive.rb to handle whitelist 2013-07-24 18:59:43 -05:00
sinn3r 9ae550c883 Do if [].empty?. Avoid msfcli running as a job 2013-07-24 18:35:06 -05:00
sinn3r ed51d284fa Change name, change how data is passed, fix rspec 2013-07-24 17:15:56 -05:00
jvazquez-r7 214f337f58 Fix indentation 2013-07-24 16:55:01 -05:00
Meatballs c221360cc1 Retab 2013-07-24 22:16:41 +01:00
sinn3r e120ecfba9 msfcli is designed to load only one module (auxiliary or exploit),
so we shouldn't have to load all of them to run this utility. The
overall goal of this PR is to narrow down what modules
(exploit/aux + payload + encoder + nop) you possibly need in order
to shave off loading time. By doing this, on my box this is 5-6
seconds faster than the original one.

I actually tried to avoid making too many changes in the library
(such as Module Manager), because we don't have test cases for them,
and we can't really afford to risk breaking it. I also developed
a test script to actually be able to test msfcli.
2013-07-24 14:40:46 -05:00
jvazquez-r7 e9a4f6d5da Merge branch 'dll_fix' of https://github.com/Meatballs1/metasploit-framework 2013-07-24 14:00:52 -05:00
Meatballs fee5fabb91 Revert x64 corruption changes 2013-07-24 19:59:04 +01:00
Meatballs 44cae75af1 Cleanup 2013-07-24 19:52:59 +01:00
Meatballs edc297756b Tabs 2013-07-24 19:14:11 +01:00
Meatballs 4b84b49674 Fix payload corruption 2013-07-24 19:08:02 +01:00
jvazquez-r7 47c21dfe85 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-24 11:42:11 -05:00
Tod Beardsley 00630376c3 Revert the default call to firefox
This reverts commit 0928a370f3.

No, no, you guys are right in the comments for #2148. The call to
system is inside the else, but the tabbing made my eyes cross.
Sorry about that. Someday soon, @tabassassin will save us all from these
kinds of screw ups in mental parsing.
2013-07-23 16:13:02 -05:00
William Vu d493346691 Land #2137, fixes and specs for Opt containers 2013-07-23 15:58:09 -05:00
jvazquez-r7 b0c17fdebc Land #2002, @jlee-r7's patch for better handling uri resources 2013-07-23 15:49:21 -05:00
David Maloney 621568bf8f Another Error Type needs caught
Different systems throw a different error
Need to rescue that error too
2013-07-23 15:47:42 -05:00
William Vu 86ab942435 Land #2146, Unix and Windows path normalization 2013-07-23 15:23:41 -05:00
Tod Beardsley 0928a370f3 Adding back default firefox
the default is triggered only outside the case statement, which itself
is totally bizarre. I can't tell if anyone is relying on this behavior
right now, but it's too premature to just remove it out at this point.
2013-07-23 14:43:30 -05:00
Tod Beardsley 53c3fd2ce7 Update comment docs on Rex::Compat.open_browser 2013-07-23 14:38:04 -05:00
ZeroChaos ce5742461a update open_browser functionality
open_browser didn't support xdg-open or firefox-bin.  xdg-open was made the default as it is the most likely to succeed afaik.

the fallback to firefox was removed because since we check for the existence of firefox is makes no sense to try to run it after we failed to find it.  This will silently fail if no supported browser is found due to suggestions from the msf team:

< Zero_Chaos> more importantly, it would be great if someone told me how to spit out a message to the user
< Zero_Chaos> because I have no clue :-)
<@egypt> Zero_Chaos: it's in rex, so the answer is "don't"
2013-07-23 14:58:16 -04:00
Tod Beardsley bb16683415 Land #2087, @egypt's random ID generator 2013-07-23 13:52:08 -05:00
sinn3r 958a4edd73 Keep the trailing slash if the user wishes 2013-07-22 20:46:18 -05:00
sinn3r 359009583f Drop support for UNC path parsing in normalize_win_path
Not really a good idea to try to parse UNC format. Confuses the
purpose of the function.
2013-07-22 20:20:45 -05:00
sinn3r 4b3fce9349 Add functions to normalize Winodws & Unix paths
The purpose of these functions is to be able to join file/dir paths
safely without trailing slashes, basically for the same reason as
normalize_uri.  Some modules are really buggy when merging paths,
so instead of letting them do it, it's better to use these functions.
2013-07-22 19:26:04 -05:00
jvazquez-r7 99a345f8d1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-22 13:54:26 -05:00
jvazquez-r7 77e8250349 Add support for CWE 2013-07-22 12:13:56 -05:00
jvazquez-r7 15b0e39617 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-21 13:47:40 -05:00
David Maloney 943dde5c6c OptRegexp specs 2013-07-20 18:44:55 -05:00
David Maloney d66779ba4c OptString specs and better validation 2013-07-20 17:49:03 -05:00
David Maloney d6f2b28708 More opt specs 2013-07-20 17:37:39 -05:00
sinn3r 757cf18bb4 Land #2135 - Update FF detection 2013-07-20 13:10:14 -05:00
Samuel Huckins 832db57171 Removed requirement for note.data to be present. It wasn't required in
the model or in specs, but was in db.rb, resulting in an error during
certain import scenarios.
2013-07-20 10:27:12 -05:00
Joe Vennix 92ae90b828 Whitespace fixes. 2013-07-19 17:27:27 -05:00
Joe Vennix 2e838d7be3 Fix minor bugs discovered when testing. 2013-07-19 17:18:39 -05:00
Joe Vennix 7e2fc147f1 Add updated versions of firefox. 2013-07-18 16:35:57 -05:00
David Maloney ec82644bd3 mo fixes mo specs
SEERM #7536
SEERM #7537
2013-07-18 15:00:57 -05:00
jvazquez-r7 1a5e0e10a5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-18 13:53:57 -05:00
sinn3r 9d92b38dc7 Land #2121 - add specs for module search filter 2013-07-18 13:50:26 -05:00
Joe Vennix 67d8c1170b Remove unnecessary whitespace. 2013-07-18 13:43:30 -05:00
David Maloney 57dd525714 More optaddressrange specs and fixes
SEERM #7536
2013-07-18 13:03:32 -05:00
Joe Vennix f4b0ab8184 Adds 141 passing specs to Msf::Module#search_filter.
* tests exclusion functionality, type: matching, port: matching, app: matching,
   platform: matching, author: matching, text: matching, name: matching, and
   path: matching.
[RM #4790]
2013-07-18 12:47:08 -05:00
David Maloney 22e4db04e0 opening specs and fixes for OptAddressRange 2013-07-18 12:44:48 -05:00
David Maloney 27e2469d8e Specs and code changes for OptAddress
handles wierness around Optaddress.
Still need to address isues in optaddressRange

FIXRM #7537
2013-07-17 20:21:24 -05:00
jvazquez-r7 58229ff8b7 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-17 20:18:48 -05:00
sinn3r 7f7cb4f59a Land #2114 - Fix object detection for '5716599'
[FixRM 7252]
2013-07-17 18:23:17 -05:00
Tod Beardsley 72df070b80 Bump version to 4.8.0-dev, -rls is so fleeting 2013-07-17 16:43:24 -05:00
Tod Beardsley 8d1a760b1f Bump version to -rls 2013-07-17 16:42:37 -05:00
James Lee 9d56e58e84 Rely on object detection for '5716599'
[SeeRM #7252]
2013-07-17 15:47:25 -05:00
jvazquez-r7 458ac5f289 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-17 15:02:33 -05:00
jvazquez-r7 11f8b351c0 Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework 2013-07-17 11:44:42 -05:00
William Vu 54af2929f5 Land #2109, kill stray character 2013-07-16 11:11:06 -05:00
Joe Vennix 34e732eabd Kill stray character in whitespace gutter. 2013-07-16 10:14:41 -05:00
Alexandre Maloteaux a5d526d710 remove metsrv.dll 2013-07-15 17:16:21 +01:00
Alexandre Maloteaux e28dd42992 add http authentification and socks 2013-07-15 15:36:58 +01:00
William Vu fdd577598a Land #2095, go_pro fix for Kali 2013-07-15 04:27:56 -05:00
Alexandre Maloteaux f48c70d468 enable tor and small fix 2013-07-13 17:59:49 +01:00
James Lee 94f8b1d177 Land #2073, psexec_psh 2013-07-12 16:14:17 -05:00
James Lee 91b748a701 Make it clear where we failed
Even when VERBOSE=false
2013-07-12 15:57:30 -05:00
corelanc0d3r e8983a21c5 New meterpreter payload reverse_https_proxy 2013-07-12 16:45:16 -04:00
William Vu e8294b4f02 Add tentative fixes 2013-07-12 07:12:07 -05:00
James Lee 1ac1d322f2 Dup before modifying
Because `remove_resource` modifies @my_resources, we can't call it while
iterating over the actual @my_resources. The following snippet
illustrates why:

```
>> a = [1,2,3,4]; a.each {|elem| a.delete(elem); puts elem }
1
3
=> [2, 4]
```

[See #2002]
2013-07-12 00:57:10 -05:00
James Lee 38e837dc28 Remove inaccurate comment 2013-07-11 22:48:35 -05:00
g0tmi1k a4d96d37f3 Updated regex 2013-07-11 21:16:02 +01:00
g0tmi1k ff62a85501 command_dispatcher/core.rb - Made msftidy happy 2013-07-11 10:52:25 +01:00
g0tmi1k b2fe31e30f go_pro - fix start with kali linux 2013-07-11 10:42:26 +01:00
RageLtMan 9445cb74bf fix copypasta 2013-07-10 21:03:49 -04:00
RageLtMan f7cf783e25 Allow selection (and ordering) of column names
Build the creds table with only the columns we select,
in the order selected.

Example:

creds -s ssh -u root -S pubk -c port,user,proof

Credentials
===========

port  user  proof
----  ----  -----
22    root  KEY=30:...
22    root  KEY=37:...
22    root  KEY=30:...
22    root  KEY=37:...
22    root  KEY=a6:...
22    root  KEY=30:...
22    root  KEY=37:...
22    root  KEY=a6:...
22    root  KEY=30:...
22    root  KEY=37:...
22    root  KEY=a6:...
22    root  KEY=30:...
22    root  KEY=37:...
22    root  KEY=a6:...
22    root  KEY=30:...
22    root  KEY=37:...
22    root  KEY=30:...
22    root  KEY=37:...
22    root  KEY=a6:...
22    root  KEY=30:...
22    root  KEY=37:...
2013-07-10 20:46:34 -04:00
RageLtMan 987d6a671f Allow passing MaxChar to Rex::Ui::Text::Table cols
Passing MaxChar allows setting the maximum number of characters
printed within a specific column during the row_to_s method.
This does not affect CSV output nor truncate the actual data.
Meant for tidying up long console ouput.

Example: cleaned up cmd_creds to show proof and not maul tables
with unix session data.
2013-07-10 20:00:40 -04:00
William Vu f267c11bc4 Add regex fix 2013-07-10 15:43:16 -05:00
James Lee 85affe4d47 Land #2089, smb last_filename can be nil 2013-07-10 14:18:00 -05:00
Tod Beardsley 56ffa4ae2f Fixes for network_interface PR #2085
Implementing the suggestions from @limhoff-r7.

See #2085

FixRM #8023
FixRM #7943
2013-07-10 13:25:06 -05:00
Tod Beardsley 8ade33552c Land #2085, use the new network_interface gem. 2013-07-10 13:15:01 -05:00
James Lee 4cc179a24c Store inverted hash for better lookups
Also clarifies comment about infinite loops
2013-07-10 12:38:42 -05:00
sinn3r 71974a8535 to_addr_hex_dump is never used and is too similar to to_hex_dump
Not so much value in to_addr_hex_dump, as Meatballs1 suggested, we
should remove this.
2013-07-10 11:09:47 -05:00
sinn3r add294d999 Fix potential nil in last_filename
Replacing #2060.  It is possible to get a nil in last_filename if
the sub! function doesn't find any 0x00s to replace, so instead
it's best to use sub(), which should at least return the original
filename.  To make sure we don't hit any other unknown conditions
that may result in nil last_filename, it's also convert with to_s
to make sure it's always a string.
2013-07-09 12:50:19 -05:00
James Lee afa6a36df3 Make first char's character class configurable 2013-07-09 02:50:28 -05:00
James Lee 273046d8f0 Add a class for generating random identifiers
Will be useful for all kinds of things, but brought about in discussions
specifically for Util::EXE in #2037.
2013-07-09 02:06:44 -05:00
lsanchez-r7 4541a9e49e now with passing msftidy 2013-07-08 17:44:50 -05:00
lsanchez-r7 5c93fb2849 arp_sweep is once again working
modified the capture mixin to use NetworkInteface instead of
pcaprub for interfaces and addresses

FIXRM #8023,#7943
2013-07-08 17:24:28 -05:00
James Lee 00c7581099 Fix constant names and 'exe-only'
That'll teach me to commit before the specs finish.

Really [FixRM #8149]
2013-07-06 12:39:15 -05:00
James Lee 1b504197be Check equality instead of regex
Thanks, @Meatballs1 for finding the cause of this bug!

[FixRM #8149]
2013-07-06 12:29:37 -05:00
Meatballs 2bfe8b3b29 msftidy 2013-07-05 22:35:22 +01:00
Meatballs 0ce3fe2e7c Added service status checks to Post::Windows::Services
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
2013-07-05 22:25:04 +01:00
jvazquez-r7 0e2380c115 Fix method documentation 2013-07-05 11:19:53 -05:00
jvazquez-r7 bcf6d11442 Land #2049, @wchen-r7's had_pid? method work 2013-07-05 11:19:11 -05:00
Meatballs 1a0bdf335e Retab lib 2013-07-04 12:09:46 +01:00
Meatballs a76ee6c2ec Add flexibility to lib 2013-07-04 11:03:48 +01:00
Meatballs 1368c1c27f Move options to lib 2013-07-04 10:25:08 +01:00
Meatballs 03de8c1c3d Pull in exploit/powershell 2013-07-04 09:54:40 +01:00
James Lee e330916744 Pull out common stuff in Util::EXE/MsfVenom tests 2013-07-03 12:25:15 -05:00
g0tmi1k 38b83ba335 ui/banner~Made msftidy happy 2013-07-03 00:29:42 +01:00
William Vu 67f30a6828 Land #1739, resolve workspace rename issues 2013-07-02 16:09:59 -05:00
sinn3r 0f37bbe78e Add has_pid? function
[SeeRM:#8123] - Add commonly used function has_pid?. Related to
redmine issue 8123.
2013-07-02 14:33:15 -05:00
William Vu 28a4a05991 Land #2046, base argument for to_hex_dump 2013-07-02 12:11:05 -05:00
sinn3r 98c214d2fb Allow 0 base address, and dynamic left column length 2013-07-02 11:40:23 -05:00
jvazquez-r7 2ceb404f7d Land #2047, @hmoore-r7 ipmi related work 2013-07-02 11:13:25 -05:00
sinn3r 9eb32ea9af Allow "base" argument for to_hex_dump
[SeeRM:#8121] - For debugging purposes, it's useful to be able to
specify a base.
2013-07-01 23:56:51 -05:00
jvazquez-r7 2751470c71 Add @jlee-r7's feedback to sapni proxies support 2013-07-01 21:37:53 -05:00
jvazquez-r7 9c4d869ed8 Land #1018, @nmonkee's support for sap router proxies 2013-07-01 21:36:02 -05:00
James Lee 1466609c86 Add more supported formats to exe generation
- Already supported, just added calls to the the right methods in
  the .to_executable_fmt method:
  - Linux armle, mipsle, and mipsbe
  - Mac arm, ppc

- makes the two (!?) copies of block_api for windows match more closely
  with the source used elsewhere. This is still needs to be refactored
  to get rid of the duplication.

- Get rid of some of the logic in msfvenom duplicated from Util::EXE
2013-07-01 17:36:58 -05:00
HD Moore 8e4dd29a4c Add cipher zero scanner 2013-06-30 02:35:37 -05:00
jvazquez-r7 a5c3f4ca9b Modify ruby code according to comments 2013-06-29 08:54:00 -05:00
sinn3r e3989ad30c Extra comments, no thanks 2013-06-28 15:44:06 -05:00
sinn3r f4c805f5d6 Yarrrrrrrrd 2013-06-28 15:42:56 -05:00
sinn3r 6e1fa05757 Fix a handle leak & change thread creation flag 2013-06-28 13:23:08 -05:00
sinn3r 554d738f26 Update documentation
Fix broken English
2013-06-28 13:03:05 -05:00
sinn3r b7430cb569 Add Msf::Post::Windows::Process
The purpose of Msf::Post::Windows::Process is have all the common
functions you might need to do something to a process, for example:
injecting something to a process and then run it.
2013-06-28 12:55:06 -05:00
David Maloney ea13ac48ec "fix" indentation to make egypt happy 2013-06-27 17:16:13 -05:00
David Maloney 89faba288d damnit brandon turner 2013-06-27 17:12:37 -05:00
David Maloney 867be1257a slight rearrangement 2013-06-27 17:09:20 -05:00
David Maloney e3fde02eec conditional wrapping
as per egypt's catch
2013-06-27 17:07:16 -05:00
David Maloney 70433820a9 fixes FD leak in RPC client
FD leak due to sockets not getting closed
on the rpc client
FIXRM #8107
2013-06-27 16:57:02 -05:00
Josh d7eda343e9 fix typo in comment
change runing to running
2013-06-27 03:12:49 -05:00
HD Moore 4fb6fa67f2 Fix require for constants, trim useless fields from banner 2013-06-26 09:59:40 -05:00
HD Moore 84117e28a8 Remove stale constants.rb require 2013-06-26 09:52:15 -05:00
James Lee 31ad7b50a9 Fix write_file on FreeBSD
[SeeRM #8083]
2013-06-25 17:19:00 -05:00
James Lee b3b94c7a73 Break packet classes into their own files
This makes the file structure match the class structure and makes the
source tree easier to grok.
2013-06-24 19:24:09 -05:00
HD Moore 1801a5a270 Better HP iLO compatibility (retry on session ID error) 2013-06-24 14:23:53 -05:00
Daniele Martini c0fda81eb0 Removed options DB_ADD_ALL. Added options DB_ALL_PASS and DB_ALL_USERS
to add already known user and passwords to the lists.
2013-06-23 18:20:41 +02:00
HD Moore c869112407 Cleanup, reporting, and automatic cracking 2013-06-23 01:35:31 -05:00
HD Moore 5656e0cb7a Initial commit of IPMI library, scanner, & cracker 2013-06-22 23:38:28 -05:00
James Lee 3c42fe594e No need to have rescue around a print 2013-06-21 15:55:43 -05:00
James Lee 2c12a43e77 Add a method for dealing with hardcoded URIs 2013-06-21 15:48:02 -05:00
James Lee 39d011780e Move deletion into #remove_resource
Doing it here means that modules manually calling remove_resource won't
screw up the cleanup
2013-06-21 15:34:54 -05:00
James Lee e8a92eb196 Keep better track of resources
[See #1623]
[SeeRM #7692]
2013-06-21 14:51:47 -05:00
Meatballs 6c62463f83 Add ipv6 resolution and remove nix 2013-06-20 22:17:31 +01:00
James Lee 81b4efcdb8 Fix requires for PhpEXE
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
jvazquez-r7 1aff778a79 Fix unpack 2013-06-18 09:06:44 -05:00
jvazquez-r7 8ae8f25d56 Land #1961, @wvu-r7's normalization of command_dispatcher/db.rb 2013-06-18 08:57:32 -05:00
jvazquez-r7 3f665ba5a0 Skip also max-age from cookies 2013-06-17 14:04:08 -05:00
HD Moore 819080a147 Enable rhost/rport option overrides in HttpClient 2013-06-17 11:45:01 -05:00
Meatballs 1637651bbb Revert multilang test 2013-06-15 17:48:32 +01:00
Meatballs 62e335dab2 Resolve conflict 2013-06-15 17:40:37 +01:00