Commit Graph

220 Commits (56bff4f748e652e6e53b7c4491c8bf40b622ba1e)

Author SHA1 Message Date
James Barnett ecbbf1d940
Pass workspace when using db_nmap 2018-03-30 15:27:32 -05:00
loftwing 51c1cddb5c Removed requirement for a host to have ports 2017-09-27 12:43:50 -05:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Brent Cook 0eaffde4b3 fix rex arguments parser to handle adjacent flags, update accordingly 2017-06-22 09:54:03 -05:00
Pearce Barry c4f1130619
Acunetix XML import improvements.
This patch updates the MSF db_import functionality  w.r.t. importing Acunetix XML files to do the following:

 - import web vulnerabilities identified by Acunetix
 - import all services for each scanned host
  - does not pull in the specifc program/version name of each service, as that's pretty loosely formatted in the Acunetix XML
2017-04-26 12:16:20 -05:00
William Vu 94a0b4b06c Stop special-casing masscan 2017-04-04 00:33:13 -05:00
William Vu 7de2aa1a63 Update Nmap parser to handle masscan
masscan is missing <status>, meaning hosts aren't treated as alive.

Thanks to @jhart-r7 and @jlmurray for working on this previously.
2017-04-03 02:26:14 -05:00
Tim ef53e6a593 fix execute and kill cmd usage/help 2017-03-22 16:29:47 +08:00
Brent Cook a1be63e449 fix warnings in rex argument parser 2017-03-16 03:57:49 -05:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
David Maloney 7857c58655 remove all the left voer cruft
remove all the files that got xfered out to the gems

MS-1715
2016-09-07 11:38:28 -05:00
David Maloney eb73a6914d
replace old rex::ui::text::table refs
everywhere we called the class we have now rewritten it
to use the new namespace

MS-1875
2016-08-10 13:30:09 -05:00
Rich Whitcroft b1efd4e749 fix VAR=VAL loading from config 2016-07-23 00:26:18 -04:00
Brendan 3ed6632f88 Let's actually delete the line.... 2016-07-15 08:47:29 -07:00
Brendan db2850b51c Changed the Burp import to import vulns with blank references 2016-07-14 13:03:24 -07:00
Adam Cammack 08f1e68487
Fix Acunetix import with a blacklist
If a host is blacklisted, we won't create the service for it. If we
don't create the service, we don't want to create entries for the web
pages.

MS-1517
2016-06-03 19:40:29 -05:00
thao doan 5e36a3128c Fix #5197, Fixed yard doc errors
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
Brian Patterson 11d6740e7f
Modify syntax in burp_issue_nokogiri.rb to conform to code style guidelines 2016-04-12 17:33:20 -05:00
Brian Patterson e5ee5b903b Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MS-247/OpenVas-default-workspace 2016-04-05 09:36:27 -05:00
Brian Patterson 2a7e3fb600
Fix an error in the OpenVas and Burp Issue importers where the vuln and host info would import into the default workspace instead of the current workspace 2016-04-04 17:35:31 -05:00
Brian Patterson 8f0d664a38
Modify the open_vas importer to support both results.xml and reports.xml open_vas exports and modify the nessus importer to import what it can when it can't find a properly formatted port number 2016-03-30 17:44:26 -05:00
Adam Cammack 6f85c82dc0
Fix Nexpose import to truncate long vuln names
A warning is emitted since there is a potential for data loss, but since
we reference vulns by their ID, the data-integrity risk is small.
Initially triggered by some Nexpose data, this should probably be
properly fixed by removing the length bound on the field.

MS-1184
2016-03-11 11:02:55 -06:00
William Vu 3e0f8d67c9 Use #strip to more correctly simulate #blank?
See f900d9cf26.
2016-03-07 13:14:37 -06:00
Brent Cook 289f43bb80
Land #4848, remove some reliance on rails libraries from rex 2016-03-07 07:38:30 -06:00
Brian Patterson 4dcbd7c1ae
Add a nokogiri xml stream parser for Burp issue xml and rename original burp parser to burp session parser so both are supported. 2016-02-04 10:30:56 -06:00
William Vu 1828b7fda6
Land #6512, Acunetix importer missing scheme fix 2016-01-29 13:17:44 -06:00
Brent Cook b6bc862c1b
Land #6267, fix Rex::Parser::Ini#each_group 2016-01-29 11:19:40 -06:00
Adam Cammack e542a6c8cf
Fix importing with Acunetix
Add a default scheme of `http://` to URIs without a scheme. Also update
some documentation.
2016-01-28 16:37:14 -06:00
BAZIN-HSC 070a156925 -Recovrey +Recovery 2015-11-27 13:58:19 +01:00
Jon Hart 07767cd803
Fix #6265 2015-11-20 15:17:15 -08:00
BAZIN-HSC 5592e4e4ea seek_relative suppression (use seek instead) 2015-11-20 18:30:51 +01:00
BAZIN-HSC f49d6905a6 Fix comments by @jhart-r7 2015-11-20 18:30:50 +01:00
BAZIN-HSC c8847182d7 Add module to dump Bitlocker master key (FVEK) 2015-11-20 18:30:48 +01:00
Brent Cook d551f421f8
Land #5799, refactor WinSCP module and library code to be more useful and flexible 2015-10-01 14:35:10 -05:00
HD Moore 0cc6b53d59
Land #5905, support newer OpenVAS formats. 2015-09-21 10:30:25 -05:00
Manuel Mancera e97056a367 When the port state is open|filtered should be unknown, no open 2015-09-07 22:52:03 +02:00
Meatballs 2cd6b1c2df
Update parser, fix UseMasterPassword bug 2015-09-01 22:05:47 +01:00
jvazquez-r7 fba751a986
Disable early returns 2015-08-31 12:13:42 -05:00
jvazquez-r7 80f21b50c9
Fix #4227 by improving parsing of nested elements 2015-08-31 11:47:43 -05:00
Meatballs deb6f5638e
Update WinSCP Gather
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
William Vu 1a66786d1b Fix Nmap XML parser for tunnel attribute 2015-04-20 17:04:19 -05:00
Samuel Huckins 13fc498523
Land #4948, fixes several AppScan import issues 2015-03-29 23:33:01 -05:00
David Maloney 60966f3d2a
handle a blank response body
sometimes the response body itself can be blank
so we need to handle that properly.

MSP-9972
2015-03-23 16:03:30 -05:00
OJ 9c9d333a1b Create verify ssl mixin, adjust some formatting 2015-03-23 13:21:08 +10:00
oj@buffered.io fd4ad9bd2e Rework changes on top of HD's PR
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
2015-03-20 13:06:57 +10:00
David Maloney 4293af01b1
make sure we strip leading whitespace
in the aforementiond record_request_and_response method
we need to still make sure to strip leading whitespace
from the front of our data before saving it

MSP-9972
2015-03-18 11:23:45 -05:00
David Maloney dacaa9e82b
simplify request-response parsing in apsscan
the record_request_and_response method for the
nokogiri appscan parser was way overcomplicated
it was trying to do way too much trickiness
when the data could be very simply split and consumed

MSP-9972
2015-03-18 11:19:00 -05:00
David Maloney 3269817b29
remove bad truthiness checks
truthy checks were used here, but you'll get
an empty hash which will be treated as true causing
the test to be invalid and allowing for errors further in the method

MSP-9972
2015-03-18 10:52:24 -05:00
HD Moore 11593800b6 Move X509 PEM parsing into Rex::Parser::X509Certificate 2015-03-14 15:52:23 -05:00
HD Moore 7252ba284a Tweak memory usage from 64Mb to 4Mb 2015-03-11 23:58:13 -05:00