Andrey
92b62d010f
Update md5_lookup.rb
...
:)
2016-06-02 18:49:22 +03:00
Brent Cook
10dcc44e2d
Land #6446 , Speedup pattern_create/offset options parsing
2016-05-14 09:50:19 -05:00
Brent Cook
680709c5f2
move requires into run
2016-05-14 09:50:02 -05:00
Brent Cook
dd0d68a2b4
speed up options parsing (only require framework when running)
2016-05-14 09:47:08 -05:00
Brent Cook
057c25e188
Land #6446 , Cleanup pattern_create/pattern_offset and document options
2016-05-13 22:09:35 -05:00
Brent Cook
7cfc4d4523
fix odd indentation and style issues
2016-05-13 22:06:18 -05:00
Brent Cook
901b793406
fix some minor indent and style issues
2016-05-13 21:51:54 -05:00
Brent Cook
7b83b06ad5
whitespace and remove useless comments
2016-05-13 21:45:41 -05:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
Brent Cook
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
x90" * 365
c3e618ad37
Update pattern_create.rb
2016-04-14 15:54:30 -04:00
x90" * 365
2a1831f4f2
Update pattern_offset.rb
2016-04-14 15:29:57 -04:00
x90" * 365
7f112c9c7d
Update pattern_create.rb
2016-04-14 15:11:36 -04:00
x90" * 365
f9304fcc00
Update pattern_offset.rb
2016-04-14 15:11:02 -04:00
x90" * 365
a71d40d25b
Update pattern_offset.rb
...
Test
2016-04-14 12:59:36 -04:00
wchen-r7
bc48ebd43b
Use patch_finder for msu_finder
2016-03-29 23:21:01 -05:00
Spencer McIntyre
631e24c02b
Update the msftidy warning for module class names
2016-03-16 13:31:24 -04:00
Brent Cook
558f810165
Land #6667 , add a dev script for finding Metasploit release notes for modules
2016-03-13 14:03:54 -05:00
wchen-r7
69de3adf7a
Fix a typo in the file name
2016-03-11 13:50:13 -06:00
wchen-r7
1546bf32ed
Add a dev script to find Metasploit release notes
...
This script allows you to find the release notes of a:
* Pull request number for a bug fix, or a notable change.
* A module name (preferably just use the short name)
2016-03-11 13:44:38 -06:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
Brent Cook
659af68b16
Land #6388 , update msftidy check for new preferred Metasploit module base class
2016-03-06 17:12:20 -06:00
Brent Cook
cc436fe438
update to new preferred base class for modules
2016-03-06 17:11:51 -06:00
Brent Cook
e1db3ef369
Land #6388 , Update msftidy to error when module super class is incorrect
2016-03-06 16:53:11 -06:00
William Vu
55724eb777
Set the exit status correctly
2016-03-02 09:39:23 -06:00
William Vu
538ee1ec36
Print a helpful message on LoadError
2016-03-02 09:39:23 -06:00
William Vu
92d4929b3d
Land #6543 , msu_finder link update
2016-02-09 17:06:23 -06:00
Brent Cook
bb556e5b87
Land #6529 , added a file PR history exploration tool
2016-02-09 17:01:58 -06:00
Brent Cook
7fe61dce70
added support for GITHUB_OAUTH_TOKEN
2016-02-09 17:01:19 -06:00
wchen-r7
aaf1d2c312
Update downloadable link pattern for msu_finder
2016-02-07 12:26:37 -06:00
ghettoeinstein
af3f6c4655
Update msu_finder.rb
...
Corrected spelling of "script"
2016-02-06 09:27:05 -08:00
wchen-r7
d5296d6150
Add documentation
2016-02-03 22:06:10 -06:00
wchen-r7
c82c147f31
Correct usage example
2016-02-03 21:53:22 -06:00
wchen-r7
8c8f4a39e8
Change to file_pull_requests.rb
2016-02-03 21:50:17 -06:00
wchen-r7
23fdadd31f
chmod +x
2016-02-03 16:57:50 -06:00
wchen-r7
3ff2c98f99
Add tool module_pull_requests
...
This tool allows you to find all the rapid7/metasploit-framework
pull requests associated with a particular Metasploit module.
2016-02-03 16:53:03 -06:00
wchen-r7
4bd2be5dfa
Add preserved_identifiers support
2016-01-28 14:36:42 -06:00
x90" * 365
7f726b1b66
Updated Requires
...
rex/text and msfevn
2016-01-07 00:55:45 -05:00
x90" * 365
e7dc3aa99c
Added Argument Error Handling
2016-01-06 22:34:58 -05:00
x90" * 365
7e70cb6fe8
Re-write pattern_create layout and options
...
Updated pattern_create.rb to be more consistent other tools and modules in Metasploit. Provided a usage example for undocumented custom set feature that allows removal of bad characters.
Usage: ./pattern_create.rb [options]
Example: ./pattern_create.rb -l 50 -s ABC,def,123
Ad1Ad2Ad3Ae1Ae2Ae3Af1Af2Af3Bd1Bd2Bd3Be1Be2Be3Bf1Bf
Specific options:
-l, --length <length> The length of the pattern
-s, --sets <ABC,def,123> Custom Pattern Sets
-h, --help Show this message
2016-01-06 22:15:56 -05:00
x90" * 365
cedb4b7340
Update egghunter.rb msfenv requirements
...
On Stock Kali 2.0 (after apt-get upgrade), the following command errors ./egghunter.rb --list-formats. Adding the require 'msfenv' to the file alleviates the issue.
root@kali:/usr/share/metasploit-framework/tools/exploit# ./egghunter.rb --list-formats
/usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require': cannot load such file -- rkelly (LoadError)
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/metasploit-framework/lib/rex/proto/http/response.rb:5:in `<top (required)>'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/metasploit-framework/lib/rex/proto/http.rb:4:in `<top (required)>'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/metasploit-framework/lib/rex/proto.rb:2:in `<top (required)>'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/metasploit-framework/lib/rex.rb:79:in `<top (required)>'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/metasploit-framework/lib/msf/core.rb:17:in `<top (required)>'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/metasploit-framework/lib/msf/base.rb:17:in `<top (required)>'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from ./egghunter.rb:9:in `<main>'
2016-01-04 17:21:21 -05:00
Jon Hart
140637ef43
Refactor msftidy to allow easier stdout/stderr testing
2015-12-24 10:54:13 -08:00
Jon Hart
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
Jon Hart
6b0ae754bd
Anchor all regexen
2015-12-23 08:33:47 -08:00
Jon Hart
26fa916cc9
Update msftidy to error when module super class is incorrect
...
Fixes #6365
2015-12-22 13:38:31 -08:00
wchen-r7
467267b3be
Fix #6260 , add timeout and verbose option
...
Fix #6260
2015-11-19 11:30:16 -06:00
Jon Hart
f34bf544d3
Update msftidy to flag authors with unbalanced angle brackets
2015-11-06 13:23:14 -08:00
William Vu
a53df44c55
Move msftidy back to tools/dev
...
This is where it belongs.
2015-11-05 13:56:28 -06:00
wchen-r7
e0801b39ba
Fix undef method has_key for module_references.rb tool
...
I made a typo. Should be has_key?, not has_key
2015-10-26 23:12:01 -05:00
Brent Cook
9d51abe4b5
fix msftidy link
2015-10-07 16:52:21 -05:00
wchen-r7
10dc637658
Fix typo
2015-10-06 16:16:58 -05:00
wchen-r7
97f07f1312
Fix base path
2015-10-06 10:30:52 -05:00
wchen-r7
540af3e5ae
Move tools
2015-10-05 22:49:54 -05:00
jvazquez-r7
5a7ac8c29a
Land #6030 , @wchen-r7's Microsoft Patch Finder
2015-10-02 13:33:27 -05:00
wchen-r7
c4bba0269c
Change print_debug
2015-10-02 12:48:12 -05:00
wchen-r7
f97cd97fa5
Update documentation
2015-10-02 12:45:17 -05:00
wchen-r7
e226526dee
Update help
2015-10-02 12:37:01 -05:00
jvazquez-r7
69f3d88ea6
Ensure uniq on #find_msb_numbers
2015-10-02 11:38:36 -05:00
jvazquez-r7
b107213a6e
Update documentation / TODO
2015-10-02 11:37:43 -05:00
jvazquez-r7
507f778056
Do some code reorganization with @wchen-r7
2015-10-02 11:35:06 -05:00
Brent Cook
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
wchen-r7
418374b4b2
Regex -q
2015-10-01 10:21:31 -05:00
wchen-r7
dc3f1c84ed
Update help
2015-10-01 01:01:02 -05:00
wchen-r7
0d7d6376c2
Follow the Google API limit
2015-10-01 00:54:15 -05:00
wchen-r7
4c1678ef5c
I don't need i
2015-09-30 23:01:23 -05:00
wchen-r7
e2098822eb
Update msu_finder and rspec
2015-09-30 23:00:46 -05:00
wchen-r7
bc1be7f213
some progress with rspec
2015-09-29 17:20:30 -05:00
wchen-r7
8f1999e227
Add dev tool MSFT MSU finder (msu_finder.rb)
...
You can use this tool to find MSFT patches. Please see -h for more
information.
2015-09-28 18:44:31 -05:00
wchen-r7
939999f43c
Check \
2015-09-16 13:43:11 -05:00
wchen-r7
eb018f3d29
No 7zip
2015-09-12 03:07:15 -05:00
wchen-r7
5480886927
Do absolute path
2015-09-09 22:00:35 -05:00
wchen-r7
ab1d61d80b
Add MSU extractor
...
If you do patch test/analysis/diffing, you might find this tool
handy. This tool will automatically extract all the *.msu files,
and then you can search for the patched files you're looking for
quickly.
The workflow would be something like this:
1. You download the patches from:
http://mybulletins.technet.microsoft.com/BulletinPages/Dashboard
2. You put all the *.msu files in one directory.
3. Run this tool: extract_msu.bat [path to *.msu files]
4. The tool should extract the updates. After it's done, you can
use Windows to search for the file(s) you're looking for.
2015-09-09 21:34:07 -05:00
HD Moore
1aa7c596ce
Land #5967 , add PACKETSTORM reference types.
2015-09-01 23:25:26 -05:00
HD Moore
77f56c563b
Land #5867 , add PACKETSTORM reference types
2015-09-01 23:25:01 -05:00
HD Moore
cd65478d29
Land #5826 , swap ExitFunction -> EXITFUNC
2015-09-01 13:58:12 -05:00
wchen-r7
eb47973533
Check debug.keystore
2015-08-24 15:08:45 -05:00
wchen-r7
8825db5c98
Add MSF APK installer
...
You can use this script to install your msf apk to your android
emulator.
2015-08-22 21:53:04 -05:00
Roberto Soares
495ca55a7b
Added PacketStorm (PKT) for verification by msftidy
2015-08-20 00:41:55 -03:00
Roberto Soares
496e47a094
Added PacketStorm (PKT) in module_reference tool
2015-08-20 00:39:11 -03:00
Brent Cook
5dd015150c
Land #5748 , refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter
2015-08-16 10:58:17 -05:00
Brent Cook
422bba87d3
style fixes, moved google_geolocate to google/geolocate
2015-08-15 19:49:32 -05:00
Brent Cook
3aab9aa74c
move BSSID checker to tools, fixup rubocop warnings, add OS X example
2015-08-14 17:13:11 -05:00
Brent Cook
6b1e911041
Instantiate payload modules so parameter validation occurs
...
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
2015-08-14 11:35:39 -05:00
Christian Mehlmauer
80a22412d9
use EXITFUNC instead of ExitFunction
2015-08-13 21:22:32 +02:00
Meatballs
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
Roberto Soares
77f96769da
Update msftidy.
2015-07-30 01:33:48 -03:00
Roberto Soares
a687e71832
Added check for the WPVDB in msftidy.
2015-07-30 01:22:48 -03:00
wchen-r7
f59c99e2ff
Remove msfcli, please use msfconsole -x instead
...
msfcli is no longer supported, please use msfconsole.
Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
Tod Beardsley
ae73cd3c6c
Add a bash script to import dev keys
...
This merely makes it easy and fun to import all developer keys used over
the past year to your local GPG keychain. This will make the task of
reviewing merge commits for signedness much easier, especially if you
use a nicelog alias such as this one:
https://github.com/todb-r7/junkdrawer/blob/master/dotfiles/git-repos/gitconfig#L40
This does not handle automating checking for signatures as part of
Travis-CI -- for that, see PR #5337 , a work in progress.
2015-05-13 10:29:55 -05:00
jvazquez-r7
46b678e9d2
Add msftidy check for datastore option DEBUG usage
2015-04-21 12:22:24 -05:00
jvazquez-r7
ab94f15a60
Take care of modules using the 'DEBUG' option
2015-04-21 12:13:40 -05:00
jvazquez-r7
292087c849
Add check for modules registering a DEBUG option
2015-04-21 11:56:41 -05:00
jvazquez-r7
88ed8406d1
Add check for (v)print_debug to msftidy
2015-04-21 11:27:22 -05:00
William Vu
832487cad7
Consolidate on one check and fix false positives
2015-04-16 18:01:28 -05:00
Christian Mehlmauer
40f6b086c2
fix regex
2015-04-16 21:51:31 +02:00
Christian Mehlmauer
0815791fee
fix regex
2015-04-16 21:48:16 +02:00
Christian Mehlmauer
af277195f5
check for valid values
2015-04-16 21:43:47 +02:00
Christian Mehlmauer
4469fcd9e8
add fail_with error
2015-04-16 20:04:08 +02:00
Tod Beardsley
72b9647b31
Land #5057 , CVE fixups
2015-04-03 16:36:11 -05:00
sinn3r
a333632a69
Add standalone tool for jsobfu
2015-04-03 11:30:23 -05:00
William Vu
df0398f958
Update msftidy for the new CVE format
...
https://cve.mitre.org/cve/identifiers/syntaxchange.html
2015-03-31 22:15:33 -05:00
William Vu
376bf13f1e
Land #5000 , tools/dev/add_pr_fetch.rb
2015-03-24 17:10:49 -05:00
William Vu
aa1a3580b8
chmod +x tools/dev/set_binary_encoding.rb
...
Missed in #4875 .
2015-03-24 17:10:31 -05:00
William Vu
d3773aed55
Rename add-pr-remote.rb to add_pr_fetch.rb
2015-03-24 17:05:43 -05:00
Tod Beardsley
3dec83c1df
Utility for adding PR fetch refs
2015-03-24 10:20:34 -05:00
sinn3r
1910a6c6c5
Correct filename for missing-payload-tests.rb
...
missing-payload-tests.rb is not the correct file format we follow,
it should be missing_payload_tests.rb
2015-03-24 00:50:09 -05:00
Christian Mehlmauer
71c544c3c5
added newline at end of file
2015-03-24 06:19:27 +01:00
sinn3r
315948e403
Extra newline
2015-03-21 13:49:50 -05:00
sinn3r
848dc07020
var name needs a default
2015-03-21 12:20:29 -05:00
sinn3r
f45e8f49eb
Custom var name
2015-03-21 12:18:02 -05:00
sinn3r
2be5ae3bab
Fix bugs
2015-03-21 12:14:00 -05:00
sinn3r
0ff114bcd6
use #!/usr/bin/env ruby
2015-03-20 23:48:13 -05:00
sinn3r
e09f9ca0bc
Provide an example
2015-03-20 20:55:30 -05:00
sinn3r
96bcdd211c
Finished rspec
2015-03-20 20:53:04 -05:00
sinn3r
487ddfc09c
no need for Interrupt
2015-03-20 16:39:00 -05:00
sinn3r
582bfdad64
explain arch
2015-03-20 16:37:42 -05:00
sinn3r
9ecfd36d9e
comments
2015-03-20 16:34:58 -05:00
sinn3r
79a6f1cd09
fix option bug
2015-03-20 16:33:19 -05:00
sinn3r
6da216f3a4
More options
2015-03-20 16:30:29 -05:00
sinn3r
af8f645d1c
This starts to work
2015-03-20 16:15:43 -05:00
sinn3r
fe267fb5a6
Here's a starting point
2015-03-20 14:15:14 -05:00
Brent Cook
db56fcb1b8
update tools/missing-payload-tests to give correct advice
...
The template spec for new payloads needed updating to match the new cached
payload size spec.
2015-03-16 18:10:10 -05:00
William Vu
cd992d5ea6
Land #4875 , rm some old and crufty tools
2015-03-10 00:02:04 -05:00
William Vu
ab70223107
Remove note about resplat.rb in msftidy
2015-03-10 00:00:29 -05:00
HD Moore
99e2b05597
Move the cache update logic into a utility class
2015-03-09 15:29:58 -05:00
HD Moore
8c635243d3
Fix whitespace in the regex, implements Msf::Payload.dynamic_size?
2015-03-09 13:15:06 -05:00
HD Moore
2e49791bef
This implements payload size caching, speeding up framework loads
2015-03-07 20:44:19 -06:00
Tod Beardsley
0353602829
Add back set_binary_encoding.rb
...
[See #4875 ]
2015-03-05 12:05:05 -06:00
Tod Beardsley
4ad9638682
Remove some old and crufty /tools
...
It's possible someone still wants the Webscarab stand-alone importer,
but I cannot imagine that after years of bitrot that is even viable in
its current state.
The rest of them are all older development tools that are no longer
needed (normal vim/rubymine auto-formatting will do the trick).
2015-03-04 16:46:40 -06:00
sinn3r
0597d2defb
Land #4560 , Massive Java RMI update
2015-02-17 10:07:07 -06:00
William Vu
c73892b721
Nuke datastore modification check from orbit
2015-02-11 12:46:40 -06:00
jvazquez-r7
1f4fdb5d18
Update from master
2015-02-10 10:47:17 -06:00
William Vu
c8a687db7f
Fix false positive in cookie check
2015-02-09 17:23:59 -06:00
William Vu
4ed3ffa0ed
Fix false positive in snake case check
2015-02-09 16:30:19 -06:00
William Vu
e62f44cc1a
Fix false negative in comment check
...
Adds anchor to regex.
2015-02-09 14:58:02 -06:00
jvazquez-r7
2c7777f831
Land #4601 , @wchen-r7's tool to lookup md5 hashes
2015-01-30 19:04:34 -06:00
jvazquez-r7
4316c379eb
Use unless instead of if not
2015-01-30 19:01:49 -06:00
Tod Beardsley
6269974bab
Drop psuedo-legalese, just give practical warning
2015-01-26 13:15:23 -06:00
sinn3r
6c2e8a16ce
Change warning
2015-01-23 22:50:39 -06:00
sinn3r
2d9b1dbc22
Fix typos
2015-01-23 22:31:37 -06:00
sinn3r
ff0af805e3
Add a warning before use
2015-01-23 22:26:41 -06:00
jvazquez-r7
37bf66b994
Install instaget with Rex::Java::Serialization
2015-01-22 16:54:49 -06:00
jvazquez-r7
5c413a8102
Add support to print objects, arrays and classes details
2015-01-22 14:50:12 -06:00
Tod Beardsley
1d6524b4d9
Revert #4593 , msftidy extraneous comma check
...
Fixes #4626 by ignoring the problem identified.
This reverts commit 7c3378b2e6
, reversing
changes made to cb0257bec7
.
2015-01-22 14:28:27 -06:00
William Vu
cf7555447c
Land #4621 , msftidy whitelist constant
...
Now I'm happy... almost.
2015-01-21 14:03:39 -06:00
William Vu
bbe9fc208e
Update formatting (80 columns)
...
Piped to fmt -78 to account for the indent.
2015-01-21 14:01:44 -06:00
Tod Beardsley
264adf14d1
Add 'tnftp' software to the title whitelist
2015-01-21 11:52:39 -06:00
Tod Beardsley
efebaae251
Make the title whitelist a constant
2015-01-21 11:50:50 -06:00
William Vu
7c3378b2e6
Land #4593 , msftidy extraneous comma check
2015-01-18 00:46:39 -06:00
sinn3r
bff66ade60
Actually, not necessary. Already checked.
2015-01-17 02:28:56 -06:00