16f143c2ed
Extract Msf::DBManager::Import::Nikto
...
MSP-11124
2014-10-15 12:51:16 -05:00
e64a14c748
Extract Msf::DBManager::Import::Nexpose::Simple
...
MSP-11124
2014-10-15 12:40:04 -05:00
c4d1a4c7dc
Revert #4022 , as the solution is incomplete
...
Revert "Land 4022, datastore should default TLS1 vs SSL3"
This reverts commit 4c8662c6c10937f32ff9
2014-10-15 12:32:08 -05:00
2b861f91e9
Extract Msf::DBManager::Import::Nexpose::Raw
...
MSP-11124
2014-10-15 11:59:03 -05:00
c371eab26a
Extract Msf::DBManager::Import::Netsparker
...
MSP-11124
2014-10-15 11:46:38 -05:00
a73b0e2283
Move requires for nessus parses to appropriate module
...
MSP-11124
2014-10-15 11:42:00 -05:00
b43035145d
Move nessus helper function to closest module
...
MSP-11124
2014-10-15 11:39:23 -05:00
aae6dc9066
Extract Msf::DBManager::Import::Nessus::XML::V*
...
MSP-11124
Extract different versions of Nessus XML format.
2014-10-15 11:34:37 -05:00
a0494b2eeb
Extract Msf::DBManager::Import::Nessus::XML
...
MSP-11124
2014-10-15 11:27:23 -05:00
0c861848bc
Extract Msf::DBManager::Import::Nessus::NBE
...
MSP-11124
2014-10-15 11:21:26 -05:00
d0d0c478aa
Extract Msf::DBManager::Import::MetasploitFramework::Credential
...
MSP-11124
2014-10-15 11:12:13 -05:00
46a2c47dfe
Extract Msf::DBManager::Import::MetasploitFramework::Zip
...
MSP-11124
2014-10-15 10:59:41 -05:00
1754b23ffb
Datastore options should default to TLS1, not SSL3
...
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)
Squashed commit of the following:
commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:19:04 2014 -0500
Whoops missed one
commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:16:59 2014 -0500
Other datastore options also want TLS1 as default
commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:12:06 2014 -0500
TCP datastore opts default to TLS1
Old encryption is old. See also: POODLE
2014-10-15 10:28:53 -05:00
65885c8cc8
MsfXml -> MetasploitFramework::XML
...
MSP-11124
2014-10-15 10:25:42 -05:00
ac9a593b43
import_msf_file -> Msf::DBManager::Import::MsfXml
...
MSP-11124
2014-10-15 10:02:42 -05:00
d870188377
Extract Msf::DBManager::Import::MBSA
...
MSP-11124
2014-10-15 09:54:03 -05:00
f29408680f
Extract Msf::DBManager::Import::Libpcap
...
MSP-11124
2014-10-15 09:48:23 -05:00
44968400e9
Extract Msf::DBManager::Import::IPList
...
MSP-11124
2014-10-15 09:42:11 -05:00
e5236e9b56
Extract Msf::DBManager::Import::FusionVM
...
MSP-11124
2014-10-15 09:36:29 -05:00
2e85dc910a
Extracts Msf::DBManager::Import::Foundstone
...
MSP-11124
2014-10-15 09:27:53 -05:00
68a1ebd2fb
Extract Msf::DBManager::Import::CI
...
MSP-11124
2014-10-15 09:23:08 -05:00
8d628c221b
Extract Msf::DBManager::Import::Burp
...
MSP-11124
2014-10-15 09:16:57 -05:00
f42307a6ff
Extract Msf::DBManager::Import::Appscan
...
MSP-11124
2014-10-15 09:12:38 -05:00
dcac8a45ee
Extract Msf::DBManager::Import::Amap
...
MSP-11124
2014-10-15 09:06:03 -05:00
07f2d4dafe
Further improvements to NAT-PMP. Faster, more useful, less not useful
2014-10-15 06:39:38 -07:00
6cf62765de
Default to TLSv1 for RPC connections
2014-10-15 01:20:43 -05:00
5434996969
Move TcpServer into its own file
2014-10-14 18:43:40 -05:00
a00d039796
Move require for IP360 XML parser
...
MSP-11124
2014-10-14 16:18:47 -05:00
599bcc33a9
Extract Msf::DBManager::Import::IP360::V3
...
MSP-11124
2014-10-14 16:16:47 -05:00
81c18c96ee
Extract Msf::DBManager::Import::IP260::ASPL
...
MSP-11124
2014-10-14 15:58:43 -05:00
6c0f549abb
Extract Msf::DBManager::Import::Acunetix
...
MSP-11124
2014-10-14 15:40:29 -05:00
0c10b5a859
Extract #handle_qualys to Msf::DBManager::Import::Qualys
...
MSP-11124
2014-10-14 15:32:22 -05:00
11bcac8a4e
Extract Msf::DBManager::Import::Qualys::Scan
...
MSP-11124
2014-10-14 15:19:55 -05:00
70d1eefaa9
Update reverse_tcp.rb
...
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:
>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
2014-10-14 11:24:59 +01:00
1f49f767dc
Extract Msf::DBManager::Import::Qualys::Asset
...
MSP-11124
2014-10-13 16:06:15 -05:00
a7d1577494
ImportMsfXml -> Import::MsfXml
...
MSP-11124
2014-10-13 15:46:13 -05:00
87825d40b1
Fix migration.rb loading
...
MSP-11124
2014-10-13 15:39:15 -05:00
b8ea44235b
Remove nesting in Msf::DBManager::ImportMsfXml
...
MSP-11124
Don't use nested modules to prevent Msf::DBManager::ImportMsfXml from
being the declaring location for Msf::DBManager.
2014-10-13 15:37:16 -05:00
ef04261686
Fix indentation in Msf::DBManager
...
MSP-11124
2014-10-13 15:26:19 -05:00
c6ea3a3880
Distribute requires to where they are needed
...
MSP-11124
Push requires down to the Msf::DBManager mixins that actually need them.
2014-10-13 15:24:56 -05:00
4371254dd2
Reorder remaining code in Msf::DBManager
...
MSP-11124
2014-10-13 15:13:28 -05:00
2dd925c18c
Move add_rails_engine_migration_paths to Msf::DBManager::Migration
...
MSP-11124
2014-10-13 15:01:14 -05:00
1dfaba1884
Remove nesting in Msf::DBManager::Migration
...
MSP-11124
To prevent migration.rb as counting as the definer of `Msf::DBManager`.
2014-10-13 14:56:08 -05:00
bc4d2ff152
Extract Msf::DBManager::Adapter
...
MSP-11124
Extract methods related to setting up the adapter/driver(s).
2014-10-13 14:49:26 -05:00
930b020211
Extract Msf::DBManager::Connection
...
MSP-11124
Extract methods that connect, disconnect and show status of connection
to database.
2014-10-13 12:07:13 -05:00
f472411c8c
Extract Msf::DBManager::Web
...
MSP-11124
Extract `Mdm::Web*` methods.
2014-10-13 11:59:39 -05:00
5067e43ac1
Extract Msf::DBManager::VulnAttempt
...
MSP-11124
Extract `Mdm::VulnAttempt` methods.
2014-10-13 11:32:15 -05:00
e7e12ec6a5
Extract Msf::DBManager::Route
...
MSP-11124
Extract `Mdm::Route` methods.
2014-10-13 11:23:37 -05:00
8011187aa9
Extract Msf::DBManager::SessionEvent
...
MSP-11124
Extract `Mdm::SessionEvent` methods.
2014-10-13 11:13:39 -05:00
1f86712d63
Extract Msf::DBManager::HostTag
...
MSP-11124
Extract `Mdm::HostTag` method.
2014-10-13 11:00:36 -05:00
1811d4e58f
Extract Msf::DBManager::Session
...
MSP-11124
Extract methods related to `Mdm::Session`s.
2014-10-13 10:50:11 -05:00
f16b3f05b4
Extract Msf::DBManager::HostDetail
...
MSP-11124
Extract method related to `Mdm::HostDetail`s.
2014-10-13 10:15:14 -05:00
87ee06b792
Extract Msf::DBManager::Ref
...
MSP-11124
Extract methods related to `Mdm::Ref`s.
2014-10-13 10:06:37 -05:00
5668a2820e
Move #report_artifact to Msf::DBManager::Report
...
MSP-11124
2014-10-13 10:00:19 -05:00
43c9909636
Extract Msf::DBManager::VulnDetail
...
MSP-11124
Extract methods related to `Mdm::VulnDetail`s.
2014-10-13 09:54:38 -05:00
f42f8e106a
Extract Msf::DBManager::ExploitAttempt
...
MSP-11124
Extract methods that create `Mdm::ExploitAttempt`s.
2014-10-13 09:41:32 -05:00
e0f76a7517
Extract Msf::DBManager::Task
...
MSP-11124
Extract methods related to `Mdm::Task`s.
2014-10-13 09:28:48 -05:00
90b50339c3
Extract Msf::DBManager::Report
...
MSP-11124
Extract methods related to the obsolete `Mdm::Report`. These methods
should be deleted, but since this branch is just for moves, I won't
delete them now.
2014-10-13 09:19:39 -05:00
9632c83cde
Extract Msf::DBManager::Event
...
MSP-11124
Extract methods related to `Mdm::Event`s.
2014-10-13 09:05:10 -05:00
89d588272e
Extract Msf::DBManager::Client
...
MSP-11124
Extract methods related to `Mdm::Client`s.
2014-10-13 08:27:09 -05:00
08aee23966
Extract Msf::DBManager::Vuln
...
MSP-11124
Extract all methods related to `Mdm::Vuln`s from `Msf::DBManager`.
2014-10-09 15:47:34 -05:00
2fa02f5c44
Extract Msf::DBManager::Note
...
Extract all methods related to `Mdm::Note`s.
2014-10-09 15:29:07 -05:00
0bc71ecd24
Extract Msf::DBManager::Loot
...
MSP-11124
2014-10-09 15:15:40 -05:00
cb9bdd96c7
Extract Msf::DBManager::Import
...
MSP-11124
Extract all methods dealing with imports.
2014-10-09 14:51:24 -05:00
d18dcf5961
Extract Msf::DBManager::ExploitedHost
...
MSP-11124
Extract methods related to `Mdm::ExploitedHost`s.
2014-10-09 12:54:04 -05:00
ceba04d556
Extract Msf::DBManager::Cred
...
MSP-11124
Extract methods related to `Mdm::Cred`s.
2014-10-09 11:41:04 -05:00
0284edf430
Extract Msf::DBManager::Service
...
MSP-11124
Extract methods related to `Mdm::Service`s.
2014-10-09 11:31:29 -05:00
0cfac32290
Extract Msf::DBManager::Host
...
MSP-11124
Extract methods related to `Mdm::Host`s.
2014-10-09 11:11:36 -05:00
bb26f4f303
Extract Msf::DBManager::Wmap
...
MSP-11124
Extract methods that are commented as related to WMAP.
2014-10-09 10:13:34 -05:00
b0147c994a
Extract Msf::DBManager::IPAddress
...
MSP-11124
Extract the IP address validation methods to
`Msf::DBManager::IPAddress`.
2014-10-09 09:35:19 -05:00
3a96ae9be9
Move #match_values to Msf::DBManager::ModuleCache
...
MSP-11124
`#match_values` is only used in `#search_modules`, so `#match_values`
should be grouped with `#search_modules` in
`Msf::DBManager::ModuleCache`.
2014-10-09 09:18:03 -05:00
d4a94366a6
Extract Msf::DBManager::ModuleCache
...
MSP-11124
Extract methods related to the module cache state and maintenance to
`Msf::DBManager::ModuleCache`.
2014-10-09 08:53:41 -05:00
ee0de997d5
Extract Msf::DBManager::Workspace
...
MSP-11124
Gather together all workspace related methods into
`Msf::DBManager::Workspace` and include it in `Msf::DBManager`.
2014-10-08 15:46:35 -05:00
a64036f6cf
Move Msf::DBManager#sync to Msf::DBManager::Sink
...
MSP-11124
The comment on `#sync` says it's related to `sink`, so move it into its
Module.
2014-10-08 15:38:56 -05:00
a054259ee5
Extract Msf::DBManager::Sink
...
MSP-11124
Extract attributes and methods associated with the deprecated sink.
2014-10-08 15:26:28 -05:00
f30309fe81
Land #3919 , @wchen-r7's Fixes #3914 , Inconsistent unicode names
2014-10-08 14:46:14 -05:00
15f9461279
Merge db.rb into db_manager.rb
...
MSP-11124
The class name is DBManager, so the correct file name is db_manager.rb
2014-10-08 14:27:22 -05:00
cffc74d571
Extract Msf::DBImportError
...
MSP-11124
2014-10-08 14:14:35 -05:00
7a5ce19735
Fix code style
...
MSP-11124
Fix comment style and order methods.
2014-10-08 14:07:05 -05:00
6824515949
Fix indentation and whitespace in Msf::DatabaseEvent
...
MSP-11124
2014-10-08 14:04:21 -05:00
2206a86387
Extract Msf::DatabaseEvent
...
MSP-11124
Extract `Msf::DatabaseEvent` from `lib/msf/core/db.rb` into a more
conventional `lib/msf/core/database_event.rb`.
2014-10-08 14:01:58 -05:00
dbc199ad77
space after commas
2014-10-08 13:56:59 -05:00
6b3d70ce00
Fix code style in Msf::ServiceState
...
MSP-11124
2014-10-08 13:52:42 -05:00
46156fbbc6
Fix indentation in Msf::ServiceState
...
MSP-11124
2014-10-08 13:50:26 -05:00
57d9dc306c
Extract Msf::ServiceState
...
MSP-11124
Extract Msf::ServiceState from `lib/msf/core/db.rb` and put it into
`lib/msf/core/service_state.rb`.
2014-10-08 13:45:15 -05:00
0708ac1361
Fix comment style in Msf::HostState
...
MSP-11124
2014-10-08 11:47:04 -05:00
5ecd194a0d
Fix indent in Msf::HostState
...
MSP-11124
2014-10-08 11:43:28 -05:00
6e6780da86
Split Msf::HostState into own file
...
MSP-11124
2014-10-08 11:37:59 -05:00
0ec855cd07
Add debug log for ARCH_CMD encoder results
2014-10-06 22:34:09 -05:00
260e829a59
Fix PayloadGenerator to have platform into account, so msfvenom works as expected
2014-10-06 19:20:59 -05:00
0089810026
Merge to update
2014-10-06 19:09:31 -05:00
212762e1d6
Delete RequiredCmd for unix cmd encoders, favor EncoderType
2014-10-06 18:42:21 -05:00
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
f7e709dcb3
Land #3941 , new WPVDB reference
2014-10-03 10:17:02 -05:00
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
6d7870a4ac
Land #3934 - New :vuln_test option to BES
2014-10-02 16:31:50 -05:00
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
6571213f1c
Remove un-truthy doc string.
2014-10-01 23:41:02 -05:00
5a8eca8946
Adds a :vuln_test option to BES, just like in BAP.
...
I needed this to run a custom JS check for the Android
webview vuln when the exploit is served straight
through BES. The check already existed when using BAP,
so I tried to preserve that syntax, and also added a
:vuln_test_error as an optional error message.
This commit also does some mild refactoring of un-
useful behavior in BES.
2014-10-01 23:34:31 -05:00
b1b8cba4c5
Rescue an IOError on channel double-close.
...
This was causing output from python meterpreter
commands run on OSX to be discarded when the error
was raised, making cmd_exec not-so-useful.
2014-10-01 22:35:41 -05:00
5cb016c1b1
Use Match constant in BES as well
2014-10-01 16:17:13 -05:00
a75d47aad9
Use yardoc for new methods
...
Also substitute '&&' for 'and', and fix some whitespace
2014-10-01 16:02:33 -05:00
1e2d860ae1
Fix #3914 - Inconsistent unicode names
2014-09-30 12:19:27 -05:00
9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits
2014-09-29 11:15:14 -05:00
8fa666b75d
Verbose messages on why a connection is closed
2014-09-28 17:41:21 -07:00
d5959d6bd6
Land #2585 , Refactor Bypassuac with Runas Mixin
2014-09-28 09:24:22 +01:00
a31b4ecad9
Merge branch 'review_3893' into test_land_3893
2014-09-26 08:41:43 -05:00
86f85a356d
Add DHCP server module for CVE-2014-6271
2014-09-26 01:24:42 -05:00
bdac82bc7c
Fix lib/msf/core/exploit/dhcp.rb
2014-09-25 22:18:26 -03:00
2b02174999
Yank Android->jsobfu integration. Not really needed currently.
2014-09-25 16:00:37 -05:00
b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu.
2014-09-24 16:05:00 -05:00
5d234c0e01
Pass #send in this so jsobfu is not confused.
2014-09-24 15:07:14 -05:00
650b65250f
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
2014-09-22 11:51:10 -07:00
4e9f1282de
Land #3834 , @jabra-'s updates to UDPscanner to support spoofing
2014-09-22 11:49:53 -07:00
e86b18cdd4
Add sanity check for NUM_REQUESTS
2014-09-22 11:48:39 -07:00
f61afe2598
Merge branch 'master' into bug/MSP-11368/boot-profiling
...
MSP-11368
2014-09-22 10:00:07 -05:00
ebacb26e51
Land #3838 , msfvenom badchar fix
2014-09-22 03:08:57 -05:00
d9e6f2896f
Add the JSObfu mixin to a lot of places.
2014-09-21 23:45:59 -05:00
e1cfc74c32
Move jsobfu to a mixin
2014-09-21 00:39:04 -05:00
cd037466a6
upate doc
2014-09-20 23:40:47 -05:00
9191af6241
Update js_obfuscate
2014-09-20 23:38:35 -05:00
a9420befa4
Default to 0
2014-09-20 21:39:20 -05:00
046045c608
Chagne option description
2014-09-20 21:38:57 -05:00
fd5aee02d7
Update js_obfuscate
2014-09-20 21:36:17 -05:00
7bab825224
Last changes
2014-09-20 18:39:09 -05:00
135bed254d
Update BrowserExploitServer for JSObfu
2014-09-20 17:59:36 -05:00
d9a713b415
Decode the badchars string correctly.
2014-09-20 17:48:03 -05:00
cd8b1318e0
send data based on input not @probe
2014-09-20 15:18:58 -04:00
3fb00ece9e
refactored the code based on PR feedback
2014-09-20 14:10:00 -04:00
5884cbc196
Optimize skip logic in #update_all_module_details
...
MSP-11368
Use `Hash<String, Set<String>>` instead of `Array<(String, String)>` so
that `include?` call is faster because (1) it's only search through
reference names of the same module_type and (2) `Set#include?` is faster
than `Array#include?`. This change is a 8.20% average reduction in boot
time compare to b863978028b5c3c87790https://docs.google.com/spreadsheets/d/1TnZIUFIR1S5nCnkeM-7XR3AVSbyCl39x2mItJKJCOqg/edit?usp=sharing
and data at
https://drive.google.com/folderview?id=0Bx1hRHfpRW92VEFvQ2FaN3RoWWs&usp=drive_web
2014-09-19 15:34:10 -05:00
8b5a146067
Wrap Array#include? usage
...
MSP-11368
Wrap skipped.include? call to confirm it is the culprit for
Array#include? inside of with_connection in profile.
2014-09-19 14:38:12 -05:00
c216cf8c53
added spoofing capabilities to udp_scanner
2014-09-19 10:29:05 -04:00
b863978028
Remove fastlib
...
MSP-11368
MSP-11143
Remove fastlib as it slows down the code loading process. From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10). The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10). This means an average 35.67%
reduction in boot time.
2014-09-18 15:24:21 -05:00
29eb3ebf86
Fix up the StageEncodingFallback logic and error handling
2014-09-15 21:56:35 -05:00
9cbc7e46a3
Fix suggested stuff
...
https://github.com/hmoore-r7/metasploit-framework/pull/2
2014-09-15 09:47:06 +02:00
c71428be50
Choose fallback if stage encoding fail
2014-09-13 13:56:54 +02:00
7485d9172a
Rescue only NoEncodersSucceededError to pass the tests
2014-09-12 13:30:03 +02:00
28e61edef4
Unblock when invalid encoder is selected and allow multiple encoder
2014-09-12 12:48:09 +02:00
37e6173d1f
Make Metasploit::Concern a first-class dep.
...
Also adds a Concern hook to HttpServer, so Pro can more
easily change its behavior.
2014-09-11 13:28:45 -05:00
71228b48a0
Update 3 more encoders to be StageEncoder compatible
...
This could probably use some DRY love via a mixin
2014-09-10 20:21:35 -05:00
65287e41cd
Land #3773 - Fix windows cmd redirection in firefox payloads
2014-09-10 13:25:42 -05:00
1bb6573570
Fix windows cmd redirection in ff payloads.
2014-09-10 00:47:05 -05:00
0a6ce1f305
Land #3727 - SolarWinds Storage Manager exploit AND Msf::Payload::JSP
2014-09-09 17:21:03 -05:00
6c0dae953d
Stage encoding is now SaveRegister aware
2014-09-09 14:21:51 -05:00
ef748fdef7
check if database is connected first
...
wooops
2014-09-08 12:54:19 -05:00
09e6c2f51f
Merge branch 'master' into feature/MSP-11162/db-all-creds
2014-09-08 12:52:25 -05:00
ae5a8f449c
Land #3691 , gdbserver hax
2014-09-08 11:48:39 -05:00
5c1d95812c
Add verify_checksum and use it
...
Also fixed a YARD typo.
2014-09-08 02:19:21 -05:00
ce0e7b59f5
Remove WVE and BPS reference identifiers
...
Reasons why they should be gone:
WVE:
* wirelessve.org is down.
* Not a single module uses WVE as a reference
BPS:
* "BreakingPoint" no longer exists
* The URL takes you to a login page to ixia. And there is no point
of referencing something people can't see.
* Not a single module uses BPS as a reference.
2014-09-05 13:28:10 -05:00
b6e04599a7
Fix read_ack to read only the ACK
...
It was reading the response, too. Also removed an extraneous send_ack.
2014-09-05 12:30:59 -05:00
Luke Imhoff
Tod Beardsley
Jon Hart
HD Moore
James Lee
Pedro Laguna
jvazquez-r7
William Vu
Christian Mehlmauer
sinn3r
Joe Vennix
Meatballs
Ramon de C Valle
Josh Abraham
agix
David Maloney