Commit Graph

153 Commits (6e6780da86dae2137b9bed2a55fa50c7a8e4f715)

Author SHA1 Message Date
jvazquez-r7 0c44cc5ae4 Allow Exploits to provide Encoder Compat options 2014-02-21 15:49:39 -06:00
Meatballs 56359aa99f
Merge changes from other dev machine 2014-02-07 21:22:44 +00:00
jvazquez-r7 80e7ae144b Use the platform when selecting the payload 2014-02-04 14:34:11 -06:00
Meatballs 0a3cb3377f
AppendEncoder 2014-02-04 15:41:10 +00:00
sinn3r 6ffb750633 Change Unsupported message
Auxiliary modules can use check, too. Not just exploits.
2014-01-26 01:14:11 -06:00
sinn3r ea47da5682 Add wiki link "How to write a check() method" to documentation 2014-01-20 20:10:50 -06:00
sinn3r e48b8ae14c Use a better term 2014-01-19 16:01:38 -06:00
sinn3r afd0e71457 Use the term "exploit" is a little more correctly
So Metasploit uses the term "exploit" to describe something, a module
or an action, that results popping a shell. A check normally doesn't
pop a shell, so avoid that language.
2014-01-17 13:50:23 -06:00
sinn3r 363c53e14e Clearify when to use a specific CheckCode
An example of the biggest confusion module developers face is not
actually knowing the difference between Detected vs Appears vs
Vulnerable. For example: a module might flag something as a
vulnerable by simply doing a banner check, but this is often
unreliable because either 1) that banner can be fooled, or 2)
the patch does not actually update the banner. More reasons may
apply. Just because the banner LOOKS vulnearble doesn't mean it is.
2014-01-17 13:35:17 -06:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
HD Moore bec15ebf7c Remove Failure (moved to parent class) 2013-08-15 13:31:21 -05:00
James Lee f3ff5b5205 Factorize and remove includes
Speeds up compilation and removes dependency on bionic source
2013-05-28 15:46:06 -05:00
James Lee 0466cce7b1 Move PostMixin to its own file
Also replaces dead code in lib/msf/core/exploit/local.rb with what was
actually being used for the Exploit::Local class that lived in
lib/msf/core/exploit.rb.
2013-05-28 15:46:06 -05:00
Tod Beardsley a852304ba3 DRY: Move check things to the common module level
While it makes lots of sense to bring check to all modules, of course
some modules will not be able to actually use it. Namely modules like
nop and payload modules. If you're feeling creative, you could probably
come up with semantically similar checks for those, too.
2013-05-23 11:42:41 -05:00
James Lee db676f1a88 Whitespace at EOL 2013-03-07 18:20:08 -06:00
James Lee 32aa2c6d9c Make asm spacing easier to read
Also adds a #prepends callback to Payload::Windows to make it a little
clearer what's happening.
2013-01-22 13:25:27 -06:00
scriptjunkie 66d5f39057 Ensure prepend_migrate? always functions correctly. 2013-01-18 18:04:09 -06:00
scriptjunkie 0b32111a9f Revert "Revert "Merge branch 'migrator' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-migrator""
This reverts commit 2436ac3a58.
2013-01-18 16:34:38 -06:00
James Lee 6d6b4bfa92 Merge remote branch 'rapid7/master' into omg-post-exploits 2012-07-08 17:32:39 -06:00
HD Moore d656e3185f Mark all libraries as defaulting to 8-bit strings 2012-06-29 00:18:28 -05:00
HD Moore 83bf78c63b New failure_reason messages 2012-06-19 13:31:39 -05:00
HD Moore d5768080bf Add a fail_message to attempts and fix bugs 2012-06-19 00:48:39 -05:00
James Lee 5717f52246 Make the Exploit::Local class useful
This commit is the main infrastructure needed to run exploits in a local
context, gluing the Exploit and Post module classes together.
2012-06-12 23:58:19 -06:00
HD Moore 7c8cb2d79e Add vuln_attempts, track exploit attempts when a matching vuln exists.
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
2012-06-10 03:15:48 -05:00
HD Moore e6968c202a A couple bug fixes to enable cmd_interact and a new module for the VSFTPD backdoor
git-svn-id: file:///home/svn/framework3/trunk@13093 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 20:09:32 +00:00
HD Moore 7f3e2d182d Fix Axis2 to inherit from the correct class, prevent a stack trace when a non-Remote exploit has the cleanup method called.
git-svn-id: file:///home/svn/framework3/trunk@12928 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 18:32:27 +00:00
HD Moore 9ce47c01bd Reverting the autoload changes until we can upgrade to a new ActiveSupport library or find a workaround
git-svn-id: file:///home/svn/framework3/trunk@12600 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 20:03:55 +00:00
Joshua Drake fd4e6db85d Fixes 4373, Migrates lib/msf to use autoload instead of require (first try)
git-svn-id: file:///home/svn/framework3/trunk@12596 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 19:07:35 +00:00
HD Moore 1c86441f12 This removes the abortive_close code for stream sockets, it was leading to inconsistencies in how dead sessions were cleaned up
git-svn-id: file:///home/svn/framework3/trunk@12519 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 03:59:02 +00:00
Tod Beardsley b1178686cf Fixes #3988. Adds a command execution module for PostgreSQL by uploading a UDF library and adding sys_exec() as a temporary function. Requires the target to be Windows, uses Bernardo Damele A. G.'s binaries.
Also fixes a typo in the arguments to handler which clears up a heretofore mysterious exception (see exploit.rb).



git-svn-id: file:///home/svn/framework3/trunk@12111 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 19:36:07 +00:00
James Lee 326dc42bca add EncodedPayload#encoded_exe, encoded_jar, and encoded_war. simplifies exploits that need java and native payloads. see #406 and #3009
git-svn-id: file:///home/svn/framework3/trunk@10999 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 23:01:35 +00:00
Tod Beardsley 865b711b5c Fixes #2974. Adds an "Unknown" level to Exploit::CheckCode, fixes the URI check for exploit/unix/webapp/php_include (which was relying on Unknown).
git-svn-id: file:///home/svn/framework3/trunk@10694 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-15 12:24:17 +00:00
Joshua Drake 2f384cde82 add alias for calling Msf::Exploit regenerate_payload explicitly -- fixes #2312
git-svn-id: file:///home/svn/framework3/trunk@9950 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-03 15:14:34 +00:00
HD Moore 42da9e899a Improvements to the cleanup process, close sockets properly for exploits and auxiliary
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 16:26:24 +00:00
HD Moore 6383ef6cfd Typo
git-svn-id: file:///home/svn/framework3/trunk@8844 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-17 18:41:09 +00:00
Joshua Drake 070d6e20cd fix bug from natron
"show info" was displaying the default target as index 0 when it was really 4

git-svn-id: file:///home/svn/framework3/trunk@8461 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 02:11:52 +00:00
James Lee 53662ed46e save events to the database. fixes 618
git-svn-id: file:///home/svn/framework3/trunk@8126 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 00:32:48 +00:00
HD Moore f76a9a43e6 Switch compat payloads to normal vs ranked
git-svn-id: file:///home/svn/framework3/trunk@7877 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 13:14:01 +00:00
HD Moore e2cc45e4d4 Use the not-so-explicit platform
git-svn-id: file:///home/svn/framework3/trunk@7843 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-13 19:46:44 +00:00
HD Moore 89da53d570 Updates to encode_shellcode_stub
git-svn-id: file:///home/svn/framework3/trunk@7842 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-13 19:43:17 +00:00
HD Moore 40fb409343 Adds encode_shellcode_stub() to the exploit class, this allows arbitrary shellecode bits to be easily encoded
git-svn-id: file:///home/svn/framework3/trunk@7841 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-13 19:31:17 +00:00
HD Moore 3cf4329335 Updates the autopwn matching algorithm to use multiple ports and service names
git-svn-id: file:///home/svn/framework3/trunk@7298 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-28 18:04:50 +00:00
HD Moore 1acf372dce Roll Lorcon2 into the metasploit tree, still testing the modules. See #378
git-svn-id: file:///home/svn/framework3/trunk@7228 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-23 04:32:26 +00:00
kris efe44ba6b5 bleh.. a bit of tabs vs spaces
git-svn-id: file:///home/svn/framework3/trunk@7171 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-16 18:27:18 +00:00
HD Moore eaf5368f98 Allow the DisablePayloadHandler option to be set, this prevents the default payload handler from being called. Fixes #307
git-svn-id: file:///home/svn/framework3/trunk@7056 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-24 20:36:30 +00:00
HD Moore 0885a7262e Merge the DECT code from DK, clean some things up
git-svn-id: file:///home/svn/framework3/trunk@7032 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-12 15:40:33 +00:00
HD Moore 474ba8860f Merges in Colin's PDF infection code from Black Hat / Defcon
git-svn-id: file:///home/svn/framework3/trunk@6966 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-19 14:44:43 +00:00
James Lee 739207bf4a merge browser_autopwn back into trunk. This changes the database schema slightly, so make sure to db_destroy and db_create before using the database features.
git-svn-id: file:///home/svn/framework3/trunk@6873 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-22 20:14:35 +00:00
James Lee 529ded22ae reverting last commit; somebody didn't cross their fingers
git-svn-id: file:///home/svn/framework3/trunk@6847 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-19 20:48:47 +00:00
James Lee c3dc1ecb55 reintegrate browser_autopwn into trunk; cross your fingers and hope this works
git-svn-id: file:///home/svn/framework3/trunk@6846 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-19 17:27:36 +00:00