Commit Graph

46271 Commits (5ae9b0185d04fde0d7cfb2210ad3e272cdde1a2c)

Author SHA1 Message Date
James Barnett 8d09f23b91
Fixes around workspace messaging 2018-04-20 11:25:24 -05:00
bwatters-r7 37a844bef0
Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit
Merge branch 'land-9247' into upstream-master
2018-04-20 11:24:47 -05:00
James Barnett f4a949e649
Fix bug creating sessions when connected to remote data service 2018-04-19 16:19:39 -05:00
Metasploit 30276eb11c
Weekly dependency update 2018-04-19 10:05:14 -07:00
James Barnett 7e971721f0
Adjust messaging when renaming workspaces 2018-04-19 11:52:30 -05:00
James Barnett 31be847213
Add workspace when reporting vuln_attempt 2018-04-19 11:09:13 -05:00
Wei Chen 69995b7f80 Change --encryptor to --encrypt and fix a typo 2018-04-19 10:41:23 -05:00
William Vu fcfe927b7a Add PHP dropper functionality and targets 2018-04-19 05:11:21 -05:00
William Vu 62aca93d8b Cache version detection and print only once
Oops. This is the problem with overloading methods.
2018-04-19 04:59:07 -05:00
William Vu 33bde31eec Fix target encoder not being passed to payload
Datastore functionality has been preserved as an override.
2018-04-19 02:25:18 -05:00
William Vu 2670d06f99 Add in-memory PHP execution using assert() 2018-04-19 02:18:56 -05:00
William Vu 7a2cc991ff Refactor once more with feeling
Nested conditionals are the devil. Printing should be consistent now.
2018-04-18 23:59:14 -05:00
William Vu 3d116d721d Add version detection and automatic targeting
I also refactored error handling. Should be cleaner now.
2018-04-18 21:40:22 -05:00
William Vu 86ffbc753e Refactor clean URL handling and remove dead code 2018-04-18 19:56:42 -05:00
James Barnett aa40ef1789
Grab session_dto workspace from host 2018-04-18 17:38:42 -05:00
James Barnett 348eb293d0
Handle case when renaming nonexistant workspace 2018-04-18 13:02:31 -05:00
James Barnett 81d00fa5b7
Fix edge cases in workspace update 2018-04-18 12:56:38 -05:00
sinn3r 01b50b7ad3
Land #9887, remove rex-text version lock
remove rex-text version lock
2018-04-18 11:07:08 -05:00
Wei Chen 3611a1dfe4 Update rex-text version 2018-04-18 10:40:11 -05:00
Jeffrey Martin 2a922f7186
remove rex-text version lock 2018-04-18 10:38:01 -05:00
James Barnett d4a2703ff1
Dont stop host parsing if id tag found
Also make clarify 'bl' variable name.
2018-04-18 10:12:12 -05:00
Brent Cook 00d0beb188 use deep copy 2018-04-18 02:34:48 -10:00
Brent Cook 09e86bfbd0 define merge and merge! on datastore to also merge aliases 2018-04-18 02:27:57 -10:00
Brendan Coles c9fd5a7d2d Add yama_installed?, yama_enabled? and selinux_enforcing? 2018-04-18 07:22:20 +00:00
Tim W 1547a47026
Land #9784, add osx high sierra APFS password disclosure post module 2018-04-18 14:27:22 +08:00
Tim W 72cd97d3e4 minor documentation and comment tweaks 2018-04-18 14:22:32 +08:00
Wei Chen 78a02462d9 Pass Travis attempt N 2018-04-17 21:48:17 -05:00
Wei Chen b2dfe86fd8 Pass travis 2018-04-17 21:39:21 -05:00
Brent Cook a5588ec174 use same datastore retry option for x86 and x64 linux stagers 2018-04-17 15:57:54 -10:00
Wei Chen 4dd9d32d62 Fix rspec 2018-04-17 20:32:29 -05:00
Wei Chen 9127b70e6e Update gemfile 2018-04-17 20:14:32 -05:00
Wei Chen ff9c55207e Move crypto methods to Rex::Crypto namespace 2018-04-17 20:12:26 -05:00
William Vu 1900aa2708 Refactor module and address review comments 2018-04-17 19:05:45 -05:00
James Barnett 77558cd2d7
Remove unused code 2018-04-17 14:28:28 -05:00
Carter Brainerd 3da48dbb10
Fix bug caused by last commit 2018-04-17 13:38:38 -04:00
Carter Brainerd 7bfaae0919
Update system.rb
Fix get_listening_ports bug
2018-04-17 13:35:25 -04:00
James Barnett 82798424b2
Support getting a workspace via id
Also implements a helper method to sanitize sinatra injected
params since it was causing issues downstream. Updated each
use of sinatra params to use this helper method.
2018-04-17 12:35:22 -05:00
Carter Brainerd 85b09a162a
Add some efficiency improvements 2018-04-17 12:09:46 -04:00
James Barnett b569498250
Address more code review comments 2018-04-17 10:52:56 -05:00
James Barnett a8a95a03a3
Implement remote workspace delete 2018-04-17 10:19:40 -05:00
Carter Brainerd d91ef7c9dc
Add strip to protected_* methods 2018-04-17 11:04:08 -04:00
James Barnett f27490dc61
Address PR suggestions and add comments 2018-04-16 16:45:23 -05:00
James Barnett 68ad91763a Merge branch 'rapid7/master' into MS-3062_workspaces 2018-04-16 15:33:59 -05:00
James Barnett 2ef451c349
Land #9873, add notes functionality to remote datastore
This PR enables create, update, and delete functionality for the notes
command and data model when using a remote data service.
2018-04-16 15:03:27 -05:00
Matthew Kienow e283f109a7
Remove commented out code 2018-04-16 14:14:46 -04:00
Matthew Kienow 74cb9c38b2
Change source for host address value in output 2018-04-16 14:09:19 -04:00
Brendan Coles f3ee870d72 Remove selinux_enforcing? method 2018-04-16 12:16:00 +00:00
Brendan Coles 5bc24d048c Remove kaslr_enabled? method 2018-04-16 11:51:15 +00:00
Brendan Coles a1a4c636fb strip 2018-04-16 10:22:41 +00:00
Auxilus 4de9f84dd4
fix no method error for Failure::Unknown 2018-04-16 13:51:32 +05:30