Commit Graph

502 Commits (63c6a6dbe2e1d5ab912841c99bdfb90ab6c456c6)

Author SHA1 Message Date
wchen-r7 8f1999e227 Add dev tool MSFT MSU finder (msu_finder.rb)
You can use this tool to find MSFT patches. Please see -h for more
information.
2015-09-28 18:44:31 -05:00
wchen-r7 939999f43c Check \ 2015-09-16 13:43:11 -05:00
wchen-r7 eb018f3d29 No 7zip 2015-09-12 03:07:15 -05:00
wchen-r7 5480886927 Do absolute path 2015-09-09 22:00:35 -05:00
wchen-r7 ab1d61d80b Add MSU extractor
If you do patch test/analysis/diffing, you might find this tool
handy. This tool will automatically extract all the *.msu files,
and then you can search for the patched files you're looking for
quickly.

The workflow would be something like this:

1. You download the patches from:
   http://mybulletins.technet.microsoft.com/BulletinPages/Dashboard

2. You put all the *.msu files in one directory.

3. Run this tool: extract_msu.bat [path to *.msu files]

4. The tool should extract the updates. After it's done, you can
   use Windows to search for the file(s) you're looking for.
2015-09-09 21:34:07 -05:00
HD Moore 1aa7c596ce
Land #5967, add PACKETSTORM reference types. 2015-09-01 23:25:26 -05:00
HD Moore 77f56c563b Land #5867, add PACKETSTORM reference types 2015-09-01 23:25:01 -05:00
HD Moore cd65478d29
Land #5826, swap ExitFunction -> EXITFUNC 2015-09-01 13:58:12 -05:00
wchen-r7 eb47973533 Check debug.keystore 2015-08-24 15:08:45 -05:00
wchen-r7 8825db5c98 Add MSF APK installer
You can use this script to install your msf apk to your android
emulator.
2015-08-22 21:53:04 -05:00
Roberto Soares 495ca55a7b Added PacketStorm (PKT) for verification by msftidy 2015-08-20 00:41:55 -03:00
Roberto Soares 496e47a094 Added PacketStorm (PKT) in module_reference tool 2015-08-20 00:39:11 -03:00
Brent Cook 5dd015150c
Land #5748, refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter 2015-08-16 10:58:17 -05:00
Brent Cook 422bba87d3 style fixes, moved google_geolocate to google/geolocate 2015-08-15 19:49:32 -05:00
Brent Cook 3aab9aa74c move BSSID checker to tools, fixup rubocop warnings, add OS X example 2015-08-14 17:13:11 -05:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
2015-08-14 11:35:39 -05:00
Christian Mehlmauer 80a22412d9 use EXITFUNC instead of ExitFunction 2015-08-13 21:22:32 +02:00
Meatballs deb6f5638e
Update WinSCP Gather
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
Roberto Soares 77f96769da Update msftidy. 2015-07-30 01:33:48 -03:00
Roberto Soares a687e71832 Added check for the WPVDB in msftidy. 2015-07-30 01:22:48 -03:00
wchen-r7 f59c99e2ff Remove msfcli, please use msfconsole -x instead
msfcli is no longer supported, please use msfconsole.

Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
Tod Beardsley ae73cd3c6c
Add a bash script to import dev keys
This merely makes it easy and fun to import all developer keys used over
the past year to your local GPG keychain. This will make the task of
reviewing merge commits for signedness much easier, especially if you
use a nicelog alias such as this one:

https://github.com/todb-r7/junkdrawer/blob/master/dotfiles/git-repos/gitconfig#L40

This does not handle automating checking for signatures as part of
Travis-CI -- for that, see PR #5337, a work in progress.
2015-05-13 10:29:55 -05:00
jvazquez-r7 46b678e9d2
Add msftidy check for datastore option DEBUG usage 2015-04-21 12:22:24 -05:00
jvazquez-r7 ab94f15a60
Take care of modules using the 'DEBUG' option 2015-04-21 12:13:40 -05:00
jvazquez-r7 292087c849
Add check for modules registering a DEBUG option 2015-04-21 11:56:41 -05:00
jvazquez-r7 88ed8406d1
Add check for (v)print_debug to msftidy 2015-04-21 11:27:22 -05:00
William Vu 832487cad7 Consolidate on one check and fix false positives 2015-04-16 18:01:28 -05:00
Christian Mehlmauer 40f6b086c2
fix regex 2015-04-16 21:51:31 +02:00
Christian Mehlmauer 0815791fee
fix regex 2015-04-16 21:48:16 +02:00
Christian Mehlmauer af277195f5
check for valid values 2015-04-16 21:43:47 +02:00
Christian Mehlmauer 4469fcd9e8
add fail_with error 2015-04-16 20:04:08 +02:00
Tod Beardsley 72b9647b31
Land #5057, CVE fixups 2015-04-03 16:36:11 -05:00
sinn3r a333632a69 Add standalone tool for jsobfu 2015-04-03 11:30:23 -05:00
William Vu df0398f958 Update msftidy for the new CVE format
https://cve.mitre.org/cve/identifiers/syntaxchange.html
2015-03-31 22:15:33 -05:00
William Vu 376bf13f1e
Land #5000, tools/dev/add_pr_fetch.rb 2015-03-24 17:10:49 -05:00
William Vu aa1a3580b8 chmod +x tools/dev/set_binary_encoding.rb
Missed in #4875.
2015-03-24 17:10:31 -05:00
William Vu d3773aed55 Rename add-pr-remote.rb to add_pr_fetch.rb 2015-03-24 17:05:43 -05:00
Tod Beardsley 3dec83c1df
Utility for adding PR fetch refs 2015-03-24 10:20:34 -05:00
sinn3r 1910a6c6c5 Correct filename for missing-payload-tests.rb
missing-payload-tests.rb is not the correct file format we follow,
it should be missing_payload_tests.rb
2015-03-24 00:50:09 -05:00
Christian Mehlmauer 71c544c3c5
added newline at end of file 2015-03-24 06:19:27 +01:00
sinn3r 315948e403 Extra newline 2015-03-21 13:49:50 -05:00
sinn3r 848dc07020 var name needs a default 2015-03-21 12:20:29 -05:00
sinn3r f45e8f49eb Custom var name 2015-03-21 12:18:02 -05:00
sinn3r 2be5ae3bab Fix bugs 2015-03-21 12:14:00 -05:00
sinn3r 0ff114bcd6 use #!/usr/bin/env ruby 2015-03-20 23:48:13 -05:00
sinn3r e09f9ca0bc Provide an example 2015-03-20 20:55:30 -05:00
sinn3r 96bcdd211c Finished rspec 2015-03-20 20:53:04 -05:00
sinn3r 487ddfc09c no need for Interrupt 2015-03-20 16:39:00 -05:00
sinn3r 582bfdad64 explain arch 2015-03-20 16:37:42 -05:00
sinn3r 9ecfd36d9e comments 2015-03-20 16:34:58 -05:00
sinn3r 79a6f1cd09 fix option bug 2015-03-20 16:33:19 -05:00
sinn3r 6da216f3a4 More options 2015-03-20 16:30:29 -05:00
sinn3r af8f645d1c This starts to work 2015-03-20 16:15:43 -05:00
sinn3r fe267fb5a6 Here's a starting point 2015-03-20 14:15:14 -05:00
Brent Cook db56fcb1b8 update tools/missing-payload-tests to give correct advice
The template spec for new payloads needed updating to match the new cached
payload size spec.
2015-03-16 18:10:10 -05:00
William Vu cd992d5ea6
Land #4875, rm some old and crufty tools 2015-03-10 00:02:04 -05:00
William Vu ab70223107 Remove note about resplat.rb in msftidy 2015-03-10 00:00:29 -05:00
HD Moore 99e2b05597 Move the cache update logic into a utility class 2015-03-09 15:29:58 -05:00
HD Moore 8c635243d3 Fix whitespace in the regex, implements Msf::Payload.dynamic_size? 2015-03-09 13:15:06 -05:00
HD Moore 2e49791bef This implements payload size caching, speeding up framework loads 2015-03-07 20:44:19 -06:00
Tod Beardsley 0353602829
Add back set_binary_encoding.rb
[See #4875]
2015-03-05 12:05:05 -06:00
Tod Beardsley 4ad9638682
Remove some old and crufty /tools
It's possible someone still wants the Webscarab stand-alone importer,
but I cannot imagine that after years of bitrot that is even viable in
its current state.

The rest of them are all older development tools that are no longer
needed (normal vim/rubymine auto-formatting will do the trick).
2015-03-04 16:46:40 -06:00
sinn3r 0597d2defb
Land #4560, Massive Java RMI update 2015-02-17 10:07:07 -06:00
William Vu c73892b721 Nuke datastore modification check from orbit 2015-02-11 12:46:40 -06:00
jvazquez-r7 1f4fdb5d18
Update from master 2015-02-10 10:47:17 -06:00
William Vu c8a687db7f
Fix false positive in cookie check 2015-02-09 17:23:59 -06:00
William Vu 4ed3ffa0ed
Fix false positive in snake case check 2015-02-09 16:30:19 -06:00
William Vu e62f44cc1a
Fix false negative in comment check
Adds anchor to regex.
2015-02-09 14:58:02 -06:00
jvazquez-r7 2c7777f831
Land #4601, @wchen-r7's tool to lookup md5 hashes 2015-01-30 19:04:34 -06:00
jvazquez-r7 4316c379eb Use unless instead of if not 2015-01-30 19:01:49 -06:00
Tod Beardsley 6269974bab
Drop psuedo-legalese, just give practical warning 2015-01-26 13:15:23 -06:00
sinn3r 6c2e8a16ce Change warning 2015-01-23 22:50:39 -06:00
sinn3r 2d9b1dbc22 Fix typos 2015-01-23 22:31:37 -06:00
sinn3r ff0af805e3 Add a warning before use 2015-01-23 22:26:41 -06:00
jvazquez-r7 37bf66b994 Install instaget with Rex::Java::Serialization 2015-01-22 16:54:49 -06:00
jvazquez-r7 5c413a8102 Add support to print objects, arrays and classes details 2015-01-22 14:50:12 -06:00
Tod Beardsley 1d6524b4d9
Revert #4593, msftidy extraneous comma check
Fixes #4626 by ignoring the problem identified.

This reverts commit 7c3378b2e6, reversing
changes made to cb0257bec7.
2015-01-22 14:28:27 -06:00
William Vu cf7555447c
Land #4621, msftidy whitelist constant
Now I'm happy... almost.
2015-01-21 14:03:39 -06:00
William Vu bbe9fc208e
Update formatting (80 columns)
Piped to fmt -78 to account for the indent.
2015-01-21 14:01:44 -06:00
Tod Beardsley 264adf14d1
Add 'tnftp' software to the title whitelist 2015-01-21 11:52:39 -06:00
Tod Beardsley efebaae251
Make the title whitelist a constant 2015-01-21 11:50:50 -06:00
William Vu 7c3378b2e6
Land #4593, msftidy extraneous comma check 2015-01-18 00:46:39 -06:00
sinn3r bff66ade60 Actually, not necessary. Already checked. 2015-01-17 02:28:56 -06:00
sinn3r 45b33bb82f Handle should be checked 2015-01-17 02:27:14 -06:00
sinn3r 3d93bc06e8 rspec progress 2015-01-16 18:25:54 -06:00
Christian Mehlmauer 596e956660
some changed 2015-01-16 17:53:06 +01:00
sinn3r 64b6c4a0b5 I think unless is preferred 2015-01-16 01:33:09 -06:00
sinn3r 058ef1f167 Uh, what? 2015-01-16 01:15:58 -06:00
sinn3r 05458ec81f I should be done with md5_lookup.rb now 2015-01-16 01:13:37 -06:00
sinn3r 87ab27e9d2 Ugh, typo -_- 2015-01-15 21:52:15 -06:00
sinn3r 7b2458c491 Filter out whitespace 2015-01-15 21:51:58 -06:00
sinn3r 36f8fda0b1 Leave contact info 2015-01-15 21:04:12 -06:00
sinn3r 95895a5969 Small update 2015-01-15 21:00:52 -06:00
sinn3r 754d303f66 Some more doc 2015-01-15 20:59:47 -06:00
sinn3r 1d79a9de20 This is the working version 2015-01-15 20:51:27 -06:00
Christian Mehlmauer 3237dd8591
add comma check to msftidy 2015-01-16 00:13:55 +01:00
sinn3r 6ae66315bd Block based is safer 2015-01-15 16:05:35 -06:00
sinn3r 35c808d70f Progress 2015-01-15 15:13:03 -06:00
sinn3r c3bb02081b I should be done w/ arg parsing now 2015-01-15 12:18:50 -06:00
sinn3r fd850d6af6 Argument parsing 2015-01-15 12:03:52 -06:00