0e568674d7
Add comments on parse functions
...
MS-255
2016-04-28 13:17:01 -05:00
0759848ad5
Use Nokogiri Reader in zip import
...
MS-255
2016-04-28 13:17:01 -05:00
83ff60c111
Force encoding on import xml
...
MS-255
2016-04-28 13:17:01 -05:00
e4fcaefc8c
Unpack and pack an unsigned integer per 8 bytes
...
MS-255
2016-04-28 13:17:01 -05:00
e6a8d69b0b
Force encoding of XML import
...
MS-255
2016-04-28 13:17:00 -05:00
f1d8e1d693
Parse web_data in xml import
...
MS-255
2016-04-28 13:17:00 -05:00
802dfabbe3
Converts XML importer to use Nokogiri Reader
...
MS-255
2016-04-28 13:17:00 -05:00
47d52a250e
Fix #6806 and #6820 - Fix send_request_cgi! redirection
...
This patch fixes two problems:
1. 6820 - If the HTTP server returns a relative path
(example: /test), there is no host to extract, therefore the HOST
header in the HTTP request ends up being empty. When the web
server sees this, it might return an HTTP 400 Bad Request, and
the redirection fails.
2. 6806 - If the HTTP server returns a relative path that begins
with a dot, send_request_cgi! will literally send that in the
GET request. Since that isn't a valid GET request path format,
the redirection fails.
Fix #6806
Fix #6820
2016-04-25 14:30:46 -05:00
f28d280199
Land #6814 , move stdapi to exist?
2016-04-24 13:41:11 -04:00
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
45961f75d4
Fix the payload size updater for MetasploitModule
2016-04-23 11:38:42 -04:00
c1a64b1f6f
fix: issues/6803 - info command references bug
2016-04-22 15:14:35 +08:00
98f89ca23a
Land #6794 , Fixed yard doc errors
2016-04-21 13:16:45 -05:00
6cb93f2af2
Make yard doc ignore @probe
2016-04-21 13:15:58 -05:00
5e36a3128c
Fix #5197 , Fixed yard doc errors
...
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
6b3326eab2
Land #6707 , support for LURI handler
2016-04-20 16:26:07 -05:00
3b280d45a4
fix some yardoc issues
2016-04-18 21:00:21 +02:00
fd603102db
Land #6765 , Fixed SQL error in lib/msf/core/exploit/postgres
2016-04-18 10:44:20 -07:00
4c0a53a809
replace 'and' with '&&'
2016-04-18 08:26:02 -05:00
555352b210
Force lurl string duplication to avoid stageless issues
...
I have NO idea why this is even a problem. Mutating state is the spawn of satan.
2016-04-18 08:25:19 -05:00
a74a7dde55
More fixies for LURI in Python, and native too
2016-04-18 08:25:19 -05:00
b95267997d
Fix LURI support for stageless, transport add/change and code tidies
2016-04-18 08:24:41 -05:00
63e478c826
fix sessions -l bug
2016-04-18 08:21:50 -05:00
a45d0aed53
show LURI in new connection log message
2016-04-18 08:21:50 -05:00
7eda08aa2e
windows/x64 support
2016-04-18 08:16:35 -05:00
1e16804c63
size considerations for LURI, stageless
2016-04-18 08:16:35 -05:00
7e708e3159
sessions LURI display
2016-04-18 08:13:10 -05:00
d2d36ca043
java handler, better default, jobs -v
2016-04-18 08:13:10 -05:00
b122dffe3d
initial LURI commit. windows, python functional
2016-04-18 08:13:10 -05:00
d3a832b31d
Land #6776 , Fix #6775 update regex for Win 10 UAC
2016-04-13 17:03:45 -04:00
3898d11aa7
Add Windows 10 entry to the version check regex
2016-04-13 08:23:01 +10:00
feb1394630
Land #6752 , compact table for advanced options
2016-04-09 21:25:43 -05:00
93cb91a515
Remove an extra nil check
2016-04-08 21:18:24 -05:00
6b4dd8787b
Fix #6764 , nil SQL error in lib/msf/core/exploit/postgres
...
Fix #6764
2016-04-08 15:20:04 -05:00
ae46b5a688
Bring #6417 up to date with upstream-master
2016-04-08 13:41:40 -05:00
2563634dce
Fix inverted logic introduced by #6734
...
MS-385
2016-04-06 22:03:31 -05:00
8cc1d2ec89
Make advanced and evasion options readable
2016-04-05 15:05:58 -05:00
4d5695f7fc
Land #6743 , reimplement HD's session interrupt handler
...
MS-385
2016-04-05 11:16:32 -05:00
cde89b90cd
Land #6744 , Deprecation on host eager load
...
Lands SemperVictus' pr for fixing a deprecation warning
on eager loading the hosts table
2016-04-05 09:19:16 -05:00
3bcac49c21
Fix: badchars.present? is false for whitespace
...
badchars.present? is false in the case of badchars containing only whitespace.
Instead check for is not empty and is not nil.
2016-04-05 10:09:56 +10:00
5e8ed09b66
Merge branch 'task/MS-1354/OpenVAS-Nessus-Importer' of https://github.com/bpatterson-r7/metasploit-framework into bpatterson-r7-task/MS-1354/OpenVAS-Nessus-Importer
2016-04-04 17:07:05 -05:00
992df12fa7
Address ActiveRecord deprecation warning
...
AR will start to complain about eager loading in command_dispatcher
/db.rb:519 because it references hosts as string without explicitly
stating that the table is being referenced.
Add a call .references in the AR call chain after the where clause
to silence this abysmal warning.
2016-04-02 00:22:26 -04:00
64b94dfe3b
reimplement HD's session interrupt handler
...
reimplement HD's work on a session interrupt handler
so that if an exploit fails the handler does not continue
waiting for a session that will never come
MS-385
2016-04-01 14:43:16 -05:00
618f379488
Update auxiliary/scanner/redis/redis_server and mixin
2016-03-31 17:14:49 -05:00
2e7d07ff53
Fix PASSWORD datastore option
2016-03-31 17:12:00 -05:00
8f0d664a38
Modify the open_vas importer to support both results.xml and reports.xml open_vas exports and modify the nessus importer to import what it can when it can't find a properly formatted port number
2016-03-30 17:44:26 -05:00
a808c9fe63
Bring some sanity to the datastore
...
Before, the datastore would store options case-sensitive, but would
access them case-insensitive, resulting is a number of string compares.
This commit stores options in their downcase form to reduce
update/lookup time. This adds up to reducing msfconsole boot time by
about 10% and rspec time by about 45 sec. (!) on my box.
One tricky part of this conversion is that there are several places (in
pro and framework) where we export or otherwise access the datastore as
a plain hash (case-sensitive). I believe I have caught all the ways we
access the datastore that are case-sensitive and substituted the
original key capitalization in those cases.
2016-03-30 15:17:55 -05:00
a2a522be07
Land #6716 , Add a rescue to catch method missing for stage_payload
2016-03-30 13:08:52 -05:00
280aeb0b59
Land #6727 , Show handler URI so we know which job's responding
2016-03-30 12:22:18 -05:00
ead6e6b6b6
Use a print_prefix instead
2016-03-30 11:50:45 -05:00
0a239742f5
Show handler URI so we know which job's responding
2016-03-30 11:35:04 -05:00
797acd625d
Land #6714 , Kill defanged mode
2016-03-30 10:54:56 -05:00
587f1ee7b3
Land #6708 , module documentation for msfconsole
2016-03-29 11:30:55 -07:00
e25525b4a7
avoid validating file-based datastore options on assignment
...
file:/ strings are special with some datastore options, causing them to read a
file rather than emitting the exact string. This causes a couple of problems.
1. the valid? check needs to be special on assignment, since normalization
really means normalizing the path, not playing with the value as we would do
for other types
2. there are races or simply out-of-order assignments when running commands
like 'services -p 80 -R', where the datastore option is assigned before the
file is actually written.
This is the 'easy' fix of disabling assignment validation (which we didn't have
before anyway) for types that can expect a file:/ prefix.
2016-03-28 23:03:17 -05:00
6523600952
Add a rescue to catch method missing for stage_payload
...
This allows us to provide a friendlier message to users when they are
using a stageless listener with a staged payload.
2016-03-29 09:46:09 +10:00
f1857d6350
Kill defanged mode
2016-03-28 09:02:07 -05:00
18604c3d44
Land #6705 , Rectify MSF_CFGROOT_CONFIG comment
2016-03-24 18:21:05 -05:00
57984706b8
Resolve merge conflict with Gemfile
2016-03-24 18:13:31 -05:00
7f002128ad
Rectify MSF_CFGROOT_CONFIG comment
...
Also remove reference to feature request that does not seem to be
available anymore.
2016-03-23 22:23:30 +01:00
0c19d89655
add more space for deprecation message
2016-03-23 11:39:42 -05:00
866c4718b0
Fix OptPort validation
...
Allow a port value of 0 and don't reject empty values if the option is
not required.
2016-03-22 23:01:18 -05:00
ec3a0a108d
Change OptPort to inherit from OptInt
...
Fixes the normalize and validate methods.
2016-03-22 19:25:51 -05:00
22df7c0071
Fix datastore to validate options w/o a default
...
Options without a default were not pulled into the `@options` hash and
therefore were not used to validate options on assignment.
I am not entirely sure how this fix works, since it would seem that
non-override options would not get pulled in if an option was first set
in the global datastore. However, a previous value does not get
overridden and new values are validated. Anything further is merely
speculation on my part.
2016-03-22 19:12:53 -05:00
5c163960ed
Fix datastore to not freeze options on the default
2016-03-22 19:07:58 -05:00
67b9d053ec
Land #6679 , remove unreachable sanity checks
2016-03-18 11:25:51 -05:00
9219efa512
remove unreachable ruby 1.x check
2016-03-18 11:16:44 -05:00
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
1790f039c3
Land #6684 , remove obsolete warn_about_rubies
2016-03-17 08:26:57 -05:00
59a55dec5b
Land #6676 , new Postgres fingerprints
2016-03-16 16:32:10 -05:00
32fe9ae55d
Remove dead version check in db_manager.rb
...
The check appears to have been orphaned in the db_manager refactor, but
I can't track down the exact commit.
2016-03-16 15:24:55 -05:00
79c36c4f53
RPORT should be an OptPort
2016-03-16 14:13:19 -05:00
c21bad78e8
Fix some more String defaults
2016-03-16 14:13:18 -05:00
a878926f31
Remove unused datastore option
2016-03-16 14:13:17 -05:00
44e1fefa2e
when normalizing a string type, ensure we have a string first
2016-03-16 06:44:36 -05:00
5a72f2df16
remove subversion support
2016-03-15 22:00:32 -05:00
63263773d1
simplify sanity checks for Ruby 1.x
2016-03-15 21:55:25 -05:00
3b6a3374ae
prefer explicit defaults to implicit
2016-03-15 20:58:14 -05:00
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
3cbc5684e1
iadd some preuath fps for postgres 9.4
...
the preauth fingerprinting for postgres is somewhat
unmaintainable, but due to a specific customer request
i have added these two FPs for 9.4.1-5
MS-1102
2016-03-15 14:50:07 -05:00
654590911b
Enforce integrity of datastore options on assignment
2016-03-15 14:00:32 -05:00
42689df6b3
Fix a stack trace with ``set PAYLOAD`` in ``msf>`` context
2016-03-13 14:56:54 -05:00
4f09246c78
reenable module loader warnings
2016-03-13 20:04:05 +01:00
dabe5c8465
Land #6655 , use MetasploitModule as module class name
2016-03-13 13:48:31 -05:00
15ba85bac2
fix missed deprecations
...
missed some deprecation warnings
2016-03-09 13:29:35 -06:00
88697a5d3f
Merge branch 'master' into staging/rails-upgrade
2016-03-08 15:22:04 -06:00
f831d58c1c
Support tables
2016-03-08 12:19:27 -06:00
698f425821
Auto <hr>
2016-03-08 11:25:15 -06:00
b91ee232ff
Change HTML parsing
2016-03-08 10:25:29 -06:00
58b8c35146
Escape HTML for KB and update rspec
2016-03-08 10:10:10 -06:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
c2f99b559c
Add documentation for auxiliary/scanner/http/tomcat_enum
...
Also fix a typo in normalizer
2016-03-07 15:39:15 -06:00
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
5a0bec81cb
disable warnings for now, to be reenabled when the module base class is updated
2016-03-06 17:19:05 -06:00
a2c3b05416
Land #6405 , prefer default module base class of simply 'Metasploit'
2016-03-06 17:10:55 -06:00
85acfabfca
remove various library workarounds for the datastore not preserving types
2016-03-05 23:10:57 -06:00
694f7f0a65
stop turning all default options into strings
...
we need to adjust vprint* functions, since they now fallthrough to the
'framework.datastore' checks because the false case actually triggers.
2016-03-05 23:09:14 -06:00
c811ed8d60
Correct name: PAYLOAD_DEMO_TEMPLATE
2016-03-05 00:42:36 -06:00
934f8de9b7
Update the conditions of is_remote_exploit?
2016-03-03 00:53:00 -06:00
11964c5c1a
Add remote exploit demo and web_delivery doc
2016-03-02 19:52:11 -06:00
5f510df2ab
Resolve merge conflict with upstream's Gemfile.lock
2016-03-01 22:06:17 -06:00
f27d24fd60
Add module documentation for psexec
2016-03-01 18:52:47 -06:00
30043bc519
Changed .all to .load in workspace.rb in order to eager load the relation and fix the 4.0 rails deprecation
2016-03-01 11:48:55 -06:00
c5a9d59455
Land #6612 , one final missing change
2016-02-29 15:08:42 -06:00
cb0493e5bb
Recreate Msf::Exploit::Remote::Fortinet
...
To match the path, even though it's kinda lame including it just for the
monkeypatch.
2016-02-29 15:04:02 -06:00
300fdc87bb
Move Fortinet backdoor to module and library
2016-02-29 12:06:33 -06:00
2950996cb8
Land #6612 , Add aux module for Fortinet backdoor
2016-02-29 12:02:49 -06:00
53d703355f
Move Fortinet backdoor to module and library
2016-02-29 11:57:42 -06:00
a87cf02b50
Land #6524 , fix reverse_http to try binding to LHOST first
2016-02-25 20:25:02 -06:00
cbc5b296e4
implement engines method locally instead of adding refinement
2016-02-25 11:05:17 -06:00
58ad2175b8
Raise when no network connection
2016-02-24 18:57:40 -06:00
d7ba37d2e6
Msf::Exploit::Remote::HttpServer print_* fix
...
Exploit::Remote::HttpServer and every descendant utilizes the
print_prefix method which checks whether the module which mixes in
these modules is aggressive. This is done in a proc context most
of the time since its a callback on the underlying Rex HTTP server.
When modules do not define :aggressive? the resulting exceptions
are quietly swallowed, and requestors get an empty response as the
client object dies off.
Add check for response to :aggressive? in :print_prefix to address
this issue.
2016-02-21 20:20:22 -05:00
3e22de116f
Changes to fix peer and style as recommended by jhart-r7.
2016-02-20 13:53:32 -08:00
24530e2734
Scrollable list, tab name change, print_status
2016-02-19 20:46:39 -06:00
9ba82453f8
Land #6584 , cidr notation addition for route command
2016-02-19 12:20:00 -06:00
b409b2237d
update to use the common bind_addresses method
2016-02-18 18:17:56 -06:00
4c716a268d
Set some flags
2016-02-18 16:11:34 -06:00
1e58b1574a
Land #6502 , add -x flag for showing extended sessions info
2016-02-18 15:37:41 -06:00
d316609fef
put extra columns under the -x flag
2016-02-18 15:36:43 -06:00
3beaeceb0e
Special-case bap2
2016-02-18 15:19:39 -06:00
e5ad6fa781
Support "knowledge base"
2016-02-18 15:02:24 -06:00
02834d4251
Add API documentation
2016-02-18 11:44:14 -06:00
68703e1955
Break down DocumenGenerator, fix a bug when opening local md
2016-02-18 10:25:40 -06:00
b5ae4c0322
remove the sleep
2016-02-18 08:33:44 -06:00
a5f3bddfc8
Support RPC API
2016-02-18 00:39:12 -06:00
089d6985b6
Add more demo templates
2016-02-18 00:17:32 -06:00
1bfe1ad140
More demos
2016-02-17 19:04:06 -06:00
76f2c917ee
Allow no GITHUB_OAUTH_TOKEN, and gsub for demo
2016-02-17 15:38:30 -06:00
0b095cf08a
Remove unwanted variable
2016-02-17 15:25:31 -06:00
8b267efa2d
No need to gsub the first 12 spaces anymore
2016-02-17 14:29:33 -06:00
714106174e
Do external erb template
2016-02-17 14:27:29 -06:00
d5c005d948
HTML-escape some fields
2016-02-17 13:56:03 -06:00
5339bb50d8
Support targets
2016-02-17 13:48:24 -06:00
28e6d8ef9e
Allow CIDR notation for the route command
2016-02-17 09:44:32 -06:00
08dff6541d
rm junk code
2016-02-16 23:29:08 -06:00
509a1e8de1
Add manual for demo purposes
2016-02-16 23:18:29 -06:00
b0cfb4aacf
Add info -d to show module documentation in .md
2016-02-16 22:44:03 -06:00
35e0a433ea
Make error output more useful
2016-02-16 14:45:00 -06:00
aff118a3a5
don't send a response on invalid UUID
2016-02-16 09:19:45 -06:00
95484c81fd
Land #6526 , fix browser exploit server spec
2016-02-15 16:23:04 -06:00
1f58ad15ac
Browser::Exploit::Server needs to have vprint*
2016-02-15 16:21:24 -06:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
4db2840af9
Land #6385 , add .apk template support for msfvenom
2016-02-15 14:27:08 -06:00
2386cb1344
Land #6527 , add support for importing Burp suite vuln exports
2016-02-10 13:19:21 -06:00
d5c3fcae04
Land #6511 , Bump Jsobfu version to support preserved_identifiers
2016-02-05 15:57:53 -06:00
4dcbd7c1ae
Add a nokogiri xml stream parser for Burp issue xml and rename original burp parser to burp session parser so both are supported.
2016-02-04 10:30:56 -06:00
869bf884c6
OptPath with no value is valid
2016-02-03 14:53:47 -08:00
df9d46eec2
Normalization for OptPath
2016-02-03 14:37:29 -08:00
53d4e31844
Allow OptPath to valid symbolic paths that need expansion
2016-02-03 14:12:03 -08:00
d55e68e76b
Fix bug in js_obfuscate
2016-02-02 11:25:39 -06:00
dmohanty-r7
wchen-r7
Adam Cammack
Brent Cook
join-us
thao doan
Louis Sato
Christian Mehlmauer
OJ
Rory McNamara
Spencer McIntyre
William Vu
James Lee
David Maloney
Justin Steven
greg.mikeska@rapid7.com
RageLtMan
Brian Patterson
Brendan Watters
Till Maas
HD Moore
Gregory Mikeska
Micheal
Jon Hart