Commit Graph

1457 Commits (6cb93f2af2116a3f2aa959f2aa94be7a02f62c36)

Author SHA1 Message Date
Jon Hart 377017a2d5 Include module name in advanced options output 2015-10-30 11:54:44 -07:00
Jon Hart 0091a05fa6 Add 'advanced' and 'options' commands to mirror 'info' 2015-10-30 11:54:40 -07:00
Jon Hart 6bfa6095c6 Add 'show info'; just calls 'info' 2015-10-30 11:54:35 -07:00
wchen-r7 4e20b8f369 Fix #5875, Add report_vuln for Msf::Exploit::CheckCode::Vulnerable
Msf::Exploit::CheckCode::Vulnerable requires the module to be
explicit, as in actually triggering the bug and get a vulnerable
response, therefore it should be appropriate to use report_vuln
to report it.

Other vuln check codes (such as Appears, or Detected, etc) will
not call report_vuln, because it's not explicit enough.
2015-10-29 13:22:59 -05:00
William Vu 8670224ea0 Prefer do/end 2015-10-09 11:26:33 -05:00
William Vu 2f50374bf9 Add SRVHOST tab completion
A trivial update to @jlee-r7's code.
2015-10-08 14:01:21 -05:00
jvazquez-r7 c967b60bf8
Land #5948, @bcook-r7's fix shell_to_meterpreter from powershell 2015-10-02 15:59:43 -05:00
William Vu eb751822d8 Remove dead option in db_export 2015-10-01 10:58:15 -05:00
Brent Cook 4cbe35e1b2 specifically use shell or powershell 2015-09-23 22:08:32 -05:00
Brent Cook 66b453edd6 ensure the database cache is always updated, present accurate reporting on search 2015-09-22 12:56:26 -05:00
Brent Cook 4aae9b8272 support upgrading a powershell session to meterpreter 2015-09-08 15:37:42 +02:00
HD Moore 2b03487e1f Fix the module cache rebuild logic 2015-09-01 12:38:20 -05:00
HD Moore d84caeca72 Ignore cached modules outside of load path, only load cache once on startup 2015-09-01 12:31:05 -05:00
Jon Hart 3f7c8e03e2
Update workspace command to support deleting all workspaces 2015-08-28 10:23:41 -07:00
jvazquez-r7 83ca4e984f
Land #5772, @wchen-r7's fixes #5753, support Origin for the creds command 2015-08-21 16:07:45 -05:00
wchen-r7 717b1bdd6a Fix bugs: Empty -O, empty origins 2015-08-21 15:46:18 -05:00
William Vu 0bb01c8b6b Fix nil bug with an empty database.yml
Use an empty hash instead of false.
2015-08-17 14:45:11 -05:00
wchen-r7 75d59be87d Resolve #5753, Support Origin for the creds command
Resolve #5753. Add an Origin column and allow the user to search
by origin.
2015-07-24 14:04:23 -05:00
wchen-r7 73fd4bd853 Allow the notes command to save notes as a file
The -o option can save notes as a file.
2015-07-16 00:28:15 -05:00
Brent Cook 8349a274ea use and include git hash of Framework as part of the version
Because we do not always update the version number, multiple releases have
shown version string, which is not useful for helping debug issues, or for
knowing what features are enabled.

This adds the git hash or reads from a file a copy of the git hash (useful for
doing packaged builds without git) so that it is clear the origin of a
particular metasploit-framework version.
2015-07-10 18:03:37 -05:00
Mo Sadek 25bdf7a50a
Land #5427, check payload compatability for set payload fix 2015-07-06 12:56:21 -05:00
Joshua Smith 5be94c12b6
Land #5602, adds irb -e to core 2015-07-02 16:21:20 -05:00
Joshua Smith 434cffa258 clean up so idiomatic ruby details 2015-07-02 16:16:57 -05:00
Mo Sadek dde853b0a0 Fixed "linee" to "line" 2015-06-29 11:27:50 -05:00
Mo Sadek e5836fbdac Removed session -d from core.rb
Ticket #4423
2015-06-29 10:57:50 -05:00
Spencer McIntyre f6f21724a3 Support expressions for the irb command 2015-06-24 20:52:17 -04:00
HD Moore bd36908383 Fix #5500 by checking for session.respond_to?(:response_timeout) 2015-06-06 17:07:03 -05:00
William Vu f761d411c4 Adjust line clearing to cover only the text 2015-06-06 15:58:23 -05:00
HD Moore fe09d9888e Small rework of the spinners, clear the line when done 2015-06-06 14:30:42 -05:00
William Vu a53a68cfc2 Refactor db_nmap and fix the save option 2015-06-04 18:40:19 -05:00
wchen-r7 b33ace2f44 Put is_payload_compatible? in exploit.rb 2015-05-29 15:07:59 -05:00
wchen-r7 583fccdbc8 Resolve #5404, Check payload compatibility when using set payload
Resolve #5404. This patch will check payload compatibility when
you are using set payload in msfconsole.
2015-05-27 18:28:08 -05:00
root ee1a366e2b Use select with ActiveRecord::Associations::CollectionProxy for subset selection 2015-05-21 11:04:03 +05:00
Brent Cook 9549d572cc
Land #5280, update to Ruby on Rails 4.0
This upgrades a number of other gems as a side-effect.
2015-05-12 16:48:49 -05:00
Meatballs 98d531e053
Check if session responds to response_timeout 2015-05-09 11:21:45 +01:00
benpturner 22d2275ecb || session.type == 'powershell' 2015-05-05 09:31:43 +01:00
benpturner 658958d8e7 Allow sessions -c command on powershell 2015-05-04 22:07:22 +01:00
darkbushido 0b608e139a
Merge branch 'upstream' into staging/rails-4.0 2015-05-01 11:26:24 -05:00
William Vu b41aa0e617 Fix NoMethodError for rhost
Can't rely on it to be defined (kinda like peer).
2015-04-29 15:14:41 -05:00
Matt Buck 8163c3cdda Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	plugins/nessus.rb
2015-04-28 15:33:46 -05:00
HD Moore c3f18aa899 Complete the #4989 revert 2015-04-27 16:26:34 -05:00
Matt Buck 6a4d63ca4f Drop explicit IPAddr to String coercion
MSP-12611
2015-04-27 10:48:13 -05:00
root 40107577a0 Case insensitive plugin unload 2015-04-22 11:04:46 +05:00
jvazquez-r7 57df5c4f4f
Solve conflics 2015-04-20 23:38:34 -05:00
jvazquez-r7 831e65261d
Add lengths specs 2015-04-20 17:37:41 -05:00
jvazquez-r7 329e28c47c
Keep the old value if value can't be loaded from file 2015-04-20 16:29:11 -05:00
jvazquez-r7 c629d8593a
Solve my own concerning about race conditions, just in case... 2015-04-20 16:19:29 -05:00
jvazquez-r7 1b85cd2853
Use single quotes 2015-04-20 15:53:58 -05:00
Matt Buck e82fb5f836
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	lib/msf/ui/console/command_dispatcher/db.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-04-15 14:04:35 -05:00
Matt Buck 9f15824e2a
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
2015-04-10 15:35:27 -05:00
William Vu 6fbdb51246 Clean up vulns -R and a few others 2015-04-09 16:52:23 -05:00
sekritskwurl 0d6fb3dd6b vulns command with -R --rhosts 2015-04-09 17:01:18 -04:00
rwhitcroft 8cbc98fc47 fix #5074 - missing thread join 2015-04-06 16:21:07 -04:00
Matt Buck 5e2d6c27c3
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	db/schema.rb
	lib/msf/core/db_manager/session.rb
	metasploit-framework-db.gemspec
2015-04-06 11:27:00 -05:00
William Vu 6c2585cd79 Don't recreate saved workspace 2015-04-03 16:44:36 -05:00
Fernando Arias 6455862484 Merge branch 'staging/rails-4.0' of github.com:rapid7/metasploit-framework into staging/rails-4.0
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
2015-04-03 13:56:38 -05:00
William Vu c55e200416 Add workspace saving to msfconsole's save command 2015-04-01 17:31:43 -05:00
Tod Beardsley 34d637c7b8
Needs more ponies 2015-03-31 13:59:37 -05:00
Matt Buck c26dfa263d
Ensure IP addresses are explicitly converted to strings
MSP-12113
2015-03-24 16:26:00 -05:00
James Lee 65c00dffac
Tab complete non-loopback interfaces' addresses 2015-03-24 12:10:58 -05:00
RageLtMan 548a710745 Replace db_nmap string concat with an Array
16eab48012 introduced changes to
cmd_db_nmap which pass a new arguments variable to Open3 with a
list of args excluding save.

This approach created a problem wherein the address of the target
had to be passed in first and arguments could get mangled.

Reintroduce an array format, exploding when passing to Open3.
Ensure output file options are appended to the arguments being
passed to Open3, instead of the args variable.

Error example:
db_nmap -F 192.168.0.1
[*] Nmap: 'nmap: unrecognized option '- 192.168.0.1 ''
2015-03-24 04:36:58 -04:00
William Vu 809bc52dfc
Land #4982, tagging for msfconsole 2015-03-23 15:28:50 -05:00
HD Moore dbe3fe38fd Sanity check file: arguments for size and move into msfconsole 2015-03-23 14:57:44 -05:00
sinn3r 0e1b9f90b4 Small details 2015-03-23 14:40:20 -05:00
William Vu 2f83a53884
Add missing fix for #4921 2015-03-23 00:26:18 -05:00
William Vu 8165ae35d0 Remove extraneous semicolon 2015-03-23 00:26:03 -05:00
William Vu e176b21bcd
Land #4921, db_nmap help and tab completion 2015-03-23 00:22:46 -05:00
sinn3r 23685694ad The tags column should be a virtual column 2015-03-22 21:04:37 -05:00
sinn3r 182018786b This is probably the proper way to delete tags 2015-03-22 20:55:20 -05:00
sinn3r ffe48e1ec8 Don't need order to delete 2015-03-22 20:43:11 -05:00
sinn3r ef62fc3df7 Allow the delete mode for tags 2015-03-22 20:08:23 -05:00
sinn3r b2cc3c4954 I found more bugs and fixed them 2015-03-22 18:21:57 -05:00
sinn3r 708eb42984 I fix bugs for tagging 2015-03-22 18:13:40 -05:00
nstarke dac5b078f0 Minor fixes for format and style
This commit contains a few minor tweaks
for style and format.  Some whitespace removed,
an erroneous 'return' removed, and using single
quotes for consistency.  Updated as per request.
2015-03-22 22:51:21 +00:00
nstarke 16eab48012 Adding help and tab functions for db_nmap
These functions address certain problems
listed in GitHub issue #4353, but do not
address all issues in that ticket.  Most
notably, this commit adds basic tab
completion for db_nmap.
2015-03-22 22:45:56 +00:00
sinn3r 863cbcbddb Add real tagging for the hosts command 2015-03-22 15:34:37 -05:00
William Vu 259e95ed21 Add load_resource exception for msfconsole.rc
This prevents msfconsole from erroring on a nonexistent msfconsole.rc.
2015-03-20 16:50:27 -05:00
William Vu 4d00114428 Add parens around print_error 2015-03-20 13:53:14 -05:00
sinn3r 2c5c94288d Fix #4966, tell the user the resource script path is invalid
Fix #4966
2015-03-20 13:38:12 -05:00
William Vu 38dbd1889e Fix report_note to use :data
:note doesn't do what we want.
2015-03-19 21:33:17 -05:00
William Vu 83ce967d75 Clean up hash syntax as per style guide 2015-03-19 21:23:28 -05:00
sinn3r f38ad13094 Resolve #4891, new arguments for the hosts command
Resolve #4891
2015-03-19 17:00:41 -05:00
William Vu 3c7b061e05 Use single quotes
But I like double quotes. :(
2015-03-10 14:03:13 -05:00
William Vu 72e7691300 Change print_status to print_error
And drop db_disconnect note to another line.
2015-03-10 13:31:35 -05:00
William Vu e81f2e366c Refactor db_{status,connect} a bit
Also allow for db_connect help.
2015-03-10 12:35:58 -05:00
nstarke ee8318d5c4 Adding db_disconnect qualifying statement 2015-03-10 11:58:04 +00:00
nstarke 187a0445f3 Issue #4868 - Adding warning message to db_connect when already connected 2015-03-10 00:02:34 +00:00
William Vu 260c603ffb Fix msfconsole -L
s/rb-readline/rb-readline-r7/

Should have been in #4816 (#4128).
2015-02-26 15:14:38 -06:00
William Vu 7b32b8b58c
Land #4810, support for job renaming in msfconsole 2015-02-24 08:51:06 -06:00
William Vu 285c138f80 Add tab completion for rename_job 2015-02-24 04:25:36 -06:00
William Vu 500b6229be Clean up whitespace 2015-02-24 04:13:59 -06:00
sinn3r e9b6a023de Fix a typo 2015-02-23 21:45:02 -06:00
sinn3r b8cb93d712 Fix #3790, document the creds -d feature
Fix #3790
2015-02-20 21:38:26 -06:00
sinn3r b5f8ae85cf Fix #3827, Add support to rename a job
Fix #3827
2015-02-20 21:13:45 -06:00
Christian Catalan 8740fd9015 Convert #find_all_by_X to #where 2015-01-31 21:07:50 -06:00
Brent Cook cf891efc14
Land #4674, @wvu-r7 teaches msfconsole to read stdin as - 2015-01-30 18:25:09 -06:00
William Vu fdf88b9563
Land #4639, incorrect use of #class fixes
case uses === internally. :)
2015-01-30 16:57:59 -06:00
William Vu 8f54e4d611
Implement "-" for msfconsole -r from stdin
More predictable than /dev/stdin, which is usually a symlink to
/proc/self/fd/0 or /dev/fd/0, but the feature is not guaranteed to be
present.

This isn't *terribly* useful, but it can be. -x is recommended, but it
doesn't allow for ERB directives. This is mostly for hax.
2015-01-29 19:26:56 -06:00
William Vu 6ecb36df52
Land #4653, get/set/unset description improvement 2015-01-29 13:28:06 -06:00
sinn3r f0742a38e2 The get command too 2015-01-28 12:59:51 -06:00