infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,477 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

3509 Commits (696b66578e6f05025517ab91ba749b9ea8bf68cd)

Author SHA1 Message Date
Luke Imhoff 555a9f2559 Refactor Msf::ModuleManager 
[Fixes #36737359]

Refactor Msf::ModuleManager into concerns so its easier to understand and
duplicate code can be made DRY.  The refactoring also ensures that when
loading from directories, Fastlibs, or reloading, the wrapper module will
always be named so that activesupport/dependencies will function.
 2012-10-01 13:09:30 -05:00
Luke Imhoff 8a2dc0a09f Give ruby Modules that wrap Metasploit modules a name 
[#36737359]

active_support/dependencies cannot resolve missing constants in Metasploit
modules because the wrapper module is anonymous.  In order to make the
wrapper module non-anonymous, the module must be assigned to a constant.
Since we don't want modules colliding, the wrapper module needs a unique
name, so use the module lookup name to derive the proper nested module names
to namespace the wrapper module.  All derived modules are nested under
Msf::Modules.  The name derivation handles invalid characters for constant
names such as digits as the first character or non-alphanumeric character.
The invalid constant name characters are converted to their hex value and
prefixed with X, so '-' in a name become 'X2d'.
 2012-09-27 12:52:09 -05:00
Tod Beardsley b1ce969c95 Merge remote branch 'kernelsmith/msfconsole-s' 2012-09-20 14:31:55 -05:00
Tod Beardsley cf8edf8570 Touchups to msfconsole command parsing 
Move from -s to -x and use a semicolon.
 2012-09-20 13:40:01 -05:00
kernelsmith 56d5c13755 adds -s <string> Execute the specified string as console commands to msfconsole 
for convenience when you don't need/want a full resource file, you just
want to run something quick
example usage:
# say you have a saved config ready to go on load
./msfconsole -s 'exploit -j'
# you can run multiple commands too
./msfconsole -s 'set ConsoleLogging true\nshow options'
 2012-09-20 12:23:48 -05:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
sinn3r c6c59b6df6 Merge branch 'jlee-r7-bug/redmine-7226-rhost-dns' 2012-09-13 11:04:51 -05:00
sinn3r 1f58458073 Merge branch 'udev_netlink' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-udev_netlink 2012-09-13 10:37:52 -05:00
HD Moore 221eb88313 Make filename easy to override 2012-09-10 15:59:01 -05:00
James Lee bbeb6cc97a Add a privilege escalation exploit for udev < 1.4.1 
Also includes a new ```rm_f``` method for Post::File for deleting remote
files in a platform-independent way.
 2012-09-10 12:32:14 -05:00
James Lee ac0415eae0 Normalize hosts when doing a framework.db.get_host 
Ensures that the host is an address (not a host name).

[FixRM #7226]
 2012-09-06 17:23:21 -05:00
David Maloney a07f521969 Minor fix to broken interpolation 2012-09-06 11:31:10 -05:00
sinn3r 2cb2b281d6 Fix NoMethodError for nil:NilClass bug 
The 'unless' statement expects there's always a value for USERNAME
and PASSWORD. We might as well just set '' as the default value
to avoid the NoMethodError mistake.  Related to bug #7140.
 2012-09-06 01:09:40 -05:00
sinn3r 5f9e310e85 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-09-05 13:47:25 -05:00
Stephen Haywood 8f142c74e5 Adding documentation to the methods in the post exploitation library. Will eventually generate an rdoc file and a post exploitation How To. 2012-09-04 22:21:47 -04:00
sinn3r af211d9455 Change how it looks a little 2012-09-01 12:51:52 -05:00
eddiezab c13d24c0db Update lib/msf/ui/console/framework_event_manager.rb 
Includes the session host IP when displaying closed sessions. Useful for users who have large numbers of sessions open.
 2012-08-31 21:24:45 -03:00
Tod Beardsley d4cccda8e1 Add in missing require 
Reverse_https handler needs to specifically require reverse_http in
order to ensure that the Msf::Handler::ReverseHttp mixin is available at
run time.
 2012-08-25 15:43:32 -04:00
Stephen Haywood b6d64b770a Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00
Tod Beardsley a93c7836bd Fixes load order with reverse http 
This was originally intended to fix #664.

SEERM #7141 also.
 2012-08-23 12:16:47 -05:00
Tod Beardsley ac0198690c Revert "Egypt's code is broken. Revert to old code until he fixes it agai" 
This reverts commit 10cf466a99.
 2012-08-23 12:01:49 -05:00
Tod Beardsley e7b11575a5 Revert "Reapplying commit d266dc60" 
This reverts commit d612d2a040.
 2012-08-23 12:01:24 -05:00
James Lee aac56fc29b Fix load order issue 
[See #664][SeeRM #7141]
 2012-08-23 10:54:23 -05:00
Tod Beardsley d612d2a040 Reapplying commit d266dc60 
Somewhere along the way, commit d266dc6031
was dropped. Reimplementing.
 2012-08-22 16:20:27 -05:00
sinn3r 10cf466a99 Egypt's code is broken. Revert to old code until he fixes it agai 
See pull request:
https://github.com/rapid7/metasploit-framework/pull/664n
 2012-08-21 20:33:24 -05:00
sinn3r 5e89c546c5 Merge branch 'reverse-http-redmine-7141' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-reverse-http-redmine-7141 2012-08-21 14:33:42 -05:00
Tod Beardsley 1485f74670 Out of 4.4.0, and into 4.5.0-dev 2012-08-07 09:53:01 -05:00
Tod Beardsley 58ce6fbac4 Adding author info for juan 2012-08-06 08:55:54 -05:00
James Lee 66c5d8b617 Refactor reverse_*http(s) handlers 
De-dups a whole bunch of copy pasted code. Should be a bit easier to
maintain now.
 2012-08-03 13:27:40 -06:00
James Lee bf9d59003c Always start a session when CONN comes in 
Also gets rid of the conn_ids array, which was never pruned (and
without some extra gymnastics in meterpreter/client.rb *can't* be) when
handler URLs were removed.
 2012-08-02 18:58:58 -06:00
sinn3r 832f47d467 Merge branch 'master' into jtr_seeding 2012-08-01 15:04:31 -05:00
David Maloney fa2b0c26bb Fixes password seeding for JtR modules 2012-08-01 14:15:51 -05:00
James Lee 46312d9035 Add a comment describing function prototype 2012-08-01 00:28:18 -06:00
James Lee 99aa78a371 Tab complete LHOST based on RHOST if it is set 2012-07-20 23:10:22 -06:00
James Lee c1cf71c4e9 Remove debugging load() 2012-07-18 11:02:21 -06:00
sinn3r f4547527a8 Merge branch 'omg-post-exploits' of https://github.com/jlee-r7/metasploit-framework 2012-07-17 17:43:40 -05:00
James Lee 6b0196eccc Add a require for File in Common 2012-07-17 15:48:06 -06:00
HD Moore c887e0aaff Re-add AFP changes due to mangled merge 2012-07-17 00:42:49 -05:00
HD Moore b6d05c77ca No, really. Bump 2012-07-17 00:36:19 -05:00
HD Moore f62e0b1cca AFP fixes and JTR typo fix 2012-07-16 21:45:45 -05:00
HD Moore 7e50f91d59 Bump 2012-07-16 21:02:40 -05:00
HD Moore bc2edeace2 Cleanup AFP module output 2012-07-16 21:02:40 -05:00
James Lee efe478f847 Merge branch 'master' into omg-post-exploits 2012-07-16 09:20:23 -06:00
James Lee 7091d1c65b Add an exploit for sock_sendpage 
Unfortunately, adds a dep on bionic for runtime compilation.

Gets ring0, sets the (res)uid to 0 and jumps to the payload.  Still some
payload issues because linux stagers don't mprotect(2) the buffer they
read(2) into.  Single payloads work fine, though.

Also cleans up and improves local exploits' ability to compile C.

[SEERM #3038]
 2012-07-15 20:29:48 -06:00
HD Moore 4509c11916 Fingerprint dd-wrt even when auth is required 2012-07-15 21:21:13 -05:00
HD Moore f111ae097e Bail early if the user did not configure an injection parameter 2012-07-15 21:14:39 -05:00
HD Moore 0230ef60f6 Cosmetic 2012-07-15 15:46:54 -05:00
HD Moore d6c6a3d0c5 Correct an issue with payload recalc during iteration 2012-07-15 15:45:25 -05:00
HD Moore 2254086dbe Replace event handler with a straightforward filter 2012-07-11 03:00:44 -05:00