Commit Graph

461 Commits (70011922a3f41707816ed8fdf76d1e320e2a5ec0)

Author SHA1 Message Date
Brent Cook 54dfcee665
Land #7055, add netgear_soap_password_extractor docs 2016-07-04 23:59:10 -05:00
h00die 844c13dc17 added new vuln device to netgear list, plus docs 2016-07-01 18:32:30 -04:00
Brendan 70a79bb0e8
Land #7014, Nagios remote root shell exploit 2016-07-01 08:17:38 -07:00
William Vu d42d9f8557 Add module docs to appease the Thao god 2016-07-01 01:17:27 -05:00
Tod Beardsley afbeb2b668
Land #7023, fixes for swagger exploit
Thanks @sdavis-r7!

See #7015 as well.
2016-06-30 10:54:34 -04:00
wchen-r7 70a7415185 Change description 2016-06-28 11:24:38 -05:00
Scott Lee Davis c2b4e22b46 updated with discovered changes from k kali & documentation update changes requested. 2016-06-27 01:53:20 -04:00
wchen-r7 1e7202cf9b Add module documentation for auxiliary/admin/netbios/netbios_spoof 2016-06-25 12:20:08 -05:00
h00die 1c20122648 fedora compatibility, added naming options 2016-06-25 08:43:55 -04:00
Scott Davis 5e1b7d8c0f even more clean up. 2016-06-23 14:59:11 -07:00
Scott Davis 63d8787101 added back (new) usage examples for nodejs,java,ruby,php. 2016-06-23 14:56:46 -07:00
Tod Beardsley ff741fbc35
Rename for docs 2016-06-23 14:53:49 -05:00
Tod Beardsley 92522138c5
Remove the RC files 2016-06-23 14:52:23 -05:00
Scott Lee Davis fbd0bc4308 updated as per @egypt & @todb-r7 recommendations. 2016-06-23 11:41:54 -04:00
Scott Davis 47e4321424 CVE-2016-5641 2016-06-23 06:09:37 -07:00
h00die a3b08418b9 fixed markdown 2016-06-22 20:32:51 -04:00
h00die f3b0fc320d fix up markdown 2016-06-22 20:27:52 -04:00
h00die 35e3fb3e2f fixed markdown 2016-06-22 20:15:29 -04:00
h00die bc293e2a8b fixed bad markup 2016-06-22 20:10:25 -04:00
h00die 18a3bf5f62 service persistence 2016-06-22 19:22:18 -04:00
wchen-r7 048741660c
Land #6980, Add ClamAV Remote Command Transmitter 2016-06-22 15:50:45 -05:00
wchen-r7 a1b1b31f98 Update clamav_control.md 2016-06-22 15:49:23 -05:00
wchen-r7 f5e6eccce2 Add clamav_control.md doc 2016-06-22 15:43:31 -05:00
wchen-r7 de5152401a
Land #6992, Add tiki calendar exec exploit 2016-06-22 11:18:14 -05:00
wchen-r7 8697d3d6fb Update tiki_calendar_exec module and documentation 2016-06-22 11:17:45 -05:00
h00die 9cb57d78d7 updated check and docs that 14.2 may not be vuln 2016-06-21 16:48:09 -04:00
h00die 4b8f572976 cron persistence 2016-06-20 21:45:04 -04:00
h00die c4a58fbc6c doc variable name change 2016-06-19 22:47:17 -04:00
h00die 6905a29b10 sshkey persistence 2016-06-19 22:40:03 -04:00
h00die 6fe7698b13 follow redirect automatically 2016-06-19 20:24:54 -04:00
h00die ddfd015310 functionalized calendar call, updated docs 2016-06-19 08:53:22 -04:00
h00die 1db10eec39 slight documentation update 2016-06-18 13:27:46 -04:00
h00die 3feff7533b tiki calendar 2016-06-18 13:11:11 -04:00
Brendan Watters 9ea0b8f944
Land #6934, Adds exploit for op5 configuration command execution 2016-06-16 14:36:10 -05:00
h00die cfb034fa95 fixes all previously identified issues 2016-06-15 20:58:04 -04:00
wchen-r7 1d27538545 Missing a word 2016-06-14 14:15:28 -05:00
wchen-r7 a7c778b852 Update magento_unserialize.md 2016-06-14 11:15:25 -05:00
h00die bd6eecf7b0 centreon useralias first add 2016-06-11 20:57:18 -04:00
wchen-r7 7143095b4b
Land #6947, add auxiliary/scanner/jenkins/jenkins_udp_broadcast_enum 2016-06-09 14:21:55 -05:00
wchen-r7 312342b0fd Add module documentation for jenkins_udp_broadcast_enum 2016-06-09 14:20:48 -05:00
wchen-r7 7cdadca79b
Land #6945, Add struts_dmi_rest_exec exploit 2016-06-08 23:16:46 -05:00
wchen-r7 dff60d96c8 Add mod doc for struts_dmi_rest_exec and update struts_dmi_exec.md 2016-06-08 23:15:44 -05:00
wchen-r7 036ba8057a Add module doc for symantec_brightmail_ldapcreds 2016-06-07 19:39:55 -05:00
Brendan Watters c4aa99fdac
Land #6925, ipfire proxy exec 2016-06-07 10:24:59 -05:00
Brendan Watters 7e84c808b2 Merge remote-tracking branch 'upstream/pr/6924' into dev 2016-06-07 09:24:25 -05:00
wchen-r7 b59d10d9c4
Land #6929, Add HP Data Protector Encrypted Comms exploit 2016-06-06 22:45:53 -05:00
wchen-r7 d8d6ab3ae8 Add hp_dataprotector_encrypted_comms.md 2016-06-06 22:45:17 -05:00
Brent Cook 09e721c4eb
See #6885, merge tiny whitespace fix 2016-06-03 08:00:24 -05:00
Brent Cook d5c2a8e3c8 whitespace 2016-06-03 07:59:48 -05:00
Brent Cook d371fd0798
Land #6885, add aux control module for PhoenixContact PLCs 2016-06-03 07:50:39 -05:00
Brent Cook ba9a693435 condense a little more 2016-06-03 07:50:13 -05:00
Brent Cook 064d6b3f51 wording and formatting updates 2016-06-03 07:42:54 -05:00
wchen-r7 1dad9bf7fa Correct module doc path for magento_unserialize.md 2016-06-02 17:12:39 -05:00
wchen-r7 184802d7d1 Add documentation for magento_unserialize 2016-06-02 17:10:26 -05:00
h00die 68d647edf1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5 2016-06-01 18:05:18 -04:00
h00die 52d5028548 op5 config exec 2016-06-01 15:07:31 -04:00
h00die 3163af603d md fix 2016-05-30 10:25:49 -04:00
h00die 057947d7e8 ipfire proxy exec 2016-05-30 10:24:17 -04:00
h00die 9b5e3010ef doc/module cleanup 2016-05-30 06:33:48 -04:00
h00die df55f9a57c first add of ipfire shellshock 2016-05-29 20:40:12 -04:00
Tijl Deneut 2c4b387eb2 Update phoenix_command.md 2016-05-28 15:35:00 +02:00
Tijl Deneut 2afcda9d49 Did some more rubocopy work and
added module documentation
2016-05-28 15:32:18 +02:00
Brent Cook 928a706135
Land #6890, Allwinner CPU kernel module local privilege escalation 2016-05-23 22:00:52 -05:00
Brent Cook 2f8562fba4 added documentation and minor style tweaks 2016-05-23 21:59:44 -05:00
Brent Cook cf0176e68b
Land #6867, Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection 2016-05-16 19:00:10 -05:00
Brent Cook 21d74a64fe
Land #6874, Improve exploit for CVE-2016-0854 2016-05-14 11:08:17 -05:00
Brent Cook 2e3e4f0069
Land #6296, Added a multi-platform post module to generate TCP & UDP egress traffic 2016-05-14 00:03:00 -05:00
Brent Cook 3542d907f7 simplify description, move the bulk of documentation to documentation/ 2016-05-14 00:01:51 -05:00
wchen-r7 9114e01ed9 update doc 2016-05-13 23:31:38 -05:00
Brent Cook d398419971
Land #6832, Check LHOST value before running shell_to_meterpreter, add docs 2016-05-13 22:50:22 -05:00
Brent Cook a940481f62
Land #6834, Authorized FTP JCL exploit for z/OS 2016-05-13 21:29:45 -05:00
wchen-r7 3b5db26ff5 Fix #6872, change upload action for CVE-2016-0854 exploit
This patch includes the following changes:

* Instead of the uploadFile action, this patch uses uploadImageCommon
  to be able to support both Advantech WebAccess builds: 2014 and
  2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
  different builds of Advantech WebAccess 8.0s, and 8.1.

Fix #6872
2016-05-13 19:47:18 -05:00
Bigendian Smalls 2d5cf6cfe4 Authorized FTP JCL exploit for z/OS
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
2016-05-12 14:46:31 -05:00
wchen-r7 756673fcd7 Fix another typo 2016-05-12 00:13:53 -05:00
wchen-r7 9d128cfd9f Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection 2016-05-11 22:27:18 -05:00
thao doan 08416c600f Grammatical and style fixes for priv_migrate 2016-05-04 11:14:29 -07:00
thao doan d617ca59f3 Land #6844, Add documentation for struts_dmi_exec 2016-05-02 14:31:34 -07:00
wchen-r7 027855def4 Add module documentation for struts_dmi_exec 2016-05-02 15:43:34 -05:00
Josh Hale 3aca699d09 Add priv_migrate.md 2016-04-30 19:02:45 -05:00
wchen-r7 2f66442f1d Fix #5191, bad LHOST format causes shell_to_meterpreter to backtrace
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.

Fix #5191
2016-04-28 23:03:54 -05:00
Josh Hale ffdd3b1c92 Finish up autoroute.md 2016-04-17 18:23:30 -05:00
Josh Hale fb7194c125 Work on autoroute.md 2016-04-17 00:04:42 -05:00
wchen-r7 880697d00a Add documentation for make_csv_orgchart 2016-04-07 17:17:57 -05:00
wchen-r7 c072028f0e Add documentation for post/windows/gather/ad_to_sqlite 2016-04-07 16:43:55 -05:00
wchen-r7 76c6f8c19d Move module_doc_template 2016-03-24 17:07:19 -05:00
tdoan-r7 925cc3b56f Adding docs for Lester https://issues.corp.rapid7.com/browse/MS-1193 2016-03-24 16:51:02 -05:00
tdoan-r7 0852973b18 Minor edits for the following:
https://issues.corp.rapid7.com/browse/MS-1197
https://issues.corp.rapid7.com/browse/MS-1198
https://issues.corp.rapid7.com/browse/MS-1199
https://issues.corp.rapid7.com/browse/MS-1200
https://issues.corp.rapid7.com/browse/MS-1201
2016-03-24 12:13:03 -05:00
tdoan-r7 7e5fced46b MS-1196 Minor edits to the kb for the web_delivery module 2016-03-22 12:26:55 -05:00
tdoan-r7 4c42a74d48 MS-1195 minor grammatical edits to psexec kb 2016-03-21 14:18:16 -05:00
wchen-r7 12b456e452 Add module documentation for android/meterpreter/reverse_tcp 2016-03-08 16:55:04 -06:00
wchen-r7 f831d58c1c Support tables 2016-03-08 12:19:27 -06:00
wchen-r7 698f425821 Auto <hr> 2016-03-08 11:25:15 -06:00
wchen-r7 ee63464b8c Update doc 2016-03-07 15:41:54 -06:00
wchen-r7 26b64a0702 Add correct doc for tomcat_mgr_login 2016-03-07 15:41:03 -06:00
wchen-r7 d859194e4e Update doc 2016-03-07 12:29:32 -06:00
wchen-r7 1bfbbe918c Add documentation for post/windows/gather/hashdump 2016-03-07 12:17:21 -06:00
wchen-r7 03eb568af7 Add --- to make sections to stand out more 2016-03-05 15:17:19 -06:00
wchen-r7 b82b1b0a47 Update windows/meterpreter/reverse_tcp doc 2016-03-05 15:14:05 -06:00
wchen-r7 1b39d5f593 Add work in progress: windows/meterpreter/reverse_tcp.md 2016-03-05 00:43:08 -06:00
wchen-r7 f4866fd5f0 Update template and web_delivery doc 2016-03-03 01:27:14 -06:00
wchen-r7 11964c5c1a Add remote exploit demo and web_delivery doc 2016-03-02 19:52:11 -06:00
wchen-r7 eede7c9193 Link to WbemExec writeup 2016-03-02 11:05:33 -06:00
wchen-r7 e615e1072e Update information about SMBv1 2016-03-02 10:51:45 -06:00
wchen-r7 c8e1396cb4 Add documentation for smb_login 2016-03-01 22:03:16 -06:00
wchen-r7 d4c433e29f Update psexec.md 2016-03-01 19:29:25 -06:00
wchen-r7 876a5b55f9 Update psexec.md 2016-03-01 19:06:40 -06:00
wchen-r7 f27d24fd60 Add module documentation for psexec 2016-03-01 18:52:47 -06:00
wchen-r7 99d593e9a0 missing an of 2016-03-01 15:11:29 -06:00
wchen-r7 552f2a148b Add documentation for ms08_067_netapi 2016-03-01 15:09:30 -06:00
wchen-r7 fd8e3e719d real demo 2016-02-26 14:43:53 -06:00
wchen-r7 250ce6fb17 lets be clear 2016-02-26 14:30:12 -06:00
wchen-r7 4c58b67e37 Update browser_autopwn2.md 2016-02-24 19:09:35 -06:00
wchen-r7 3125c99e45 Remove this fake doc 2016-02-24 15:17:18 -06:00
wchen-r7 3f3b76bc86 Add example md for BAP2 2016-02-18 15:39:38 -06:00
wchen-r7 509a1e8de1 Add manual for demo purposes 2016-02-16 23:18:29 -06:00
Tod Beardsley 1a4f2eb8e4
Restore the hallowed developer's guide
See #4286, @tdoan-r7 and @wchen-r7's comments on why that should stay
(for now).
2014-12-03 16:50:18 -06:00
Tod Beardsley 4c880629c3
Squashed commit of the following:
commit 7f659547b3b5d8de34a1e4b136b5e899ae7878da
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Dec 1 07:54:53 2014 -0600

    Add a pointer to true and correct docs

    See #4000. Seems kind of pointless to ship all these bytes when we host
    everything on GitHub and provide tools to generate docs yourself.

commit 01668c8529454ffb0438aadef62eafb5045503ce
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Dec 1 07:39:11 2014 -0600

    Remove old documentation

    The last significant commit in this directory was a844b5c3 , which
    touched a sample browser module. Before that, changes were either
    ranging across the codebase, or surgical removal of out of date
    documentation.

    This all is looking to me like fairly useless historical artifacts.

    See #4000 for more discussion.
2014-12-01 11:57:43 -06:00
HD Moore 3b5eb42b55 Switch to Msf::OperatingSystems::Match::WINDOWS 2014-09-29 15:50:25 -05:00
HD Moore a844b5c30a Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
HD Moore 7e227581a7 Rework OS fingerprinting to match Recog changes
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.

This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
2014-04-01 08:14:58 -07:00
Samuel Huckins cc4c958d58 Merge remote-tracking branch 'metasploit-framework/master' into masked-cred-format-update 2014-03-19 15:47:46 -05:00
Tod Beardsley 520d1e69c4
Rapid7 Comma Inc
After some more discussion with Rapid7's legal fellow.
2014-03-13 09:46:20 -05:00
Tod Beardsley 9d4ceaa3a0
Let's try to be consistent about Rapid7 Inc.
According to

http://www.sec.gov/Archives/edgar/data/1560327/000156032712000001/0001560327-12-000001.txt

Rapid7 is actually "Rapid7 Inc" not "Rapid7, LLC" any more.

This does not address the few copyright/license statements around
"Metasploit LLC," whatever that is.
2014-03-12 11:20:17 -05:00
Samuel Huckins 104e3eb291 Removing old report API example
* This should be in Pro code since reporting over the API is Pro
only. Also this version is now mad out of date.
2014-01-03 10:00:06 -06:00
Tod Beardsley 718111429b
Convert gendocs.sh to use rake yard 2013-12-18 15:53:09 -06:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
sinn3r 6871ff0fde Add post module sample 2013-07-08 12:20:11 -05:00
sinn3r c9e26ad8ed Add resource script example 2013-07-08 12:13:33 -05:00
sinn3r fb1fe2aba3 Add a template for IE browser exploits 2013-07-08 12:10:15 -05:00
sinn3r ff07d329a8 Update samples 2013-07-08 11:23:18 -05:00
Luke Imhoff 7ca33c12bd Update Gemfile to metasploit_data_models 0.6.1
[#45771305]

MetasploitDataModels 0.6.1 adds a re-usable yard.rake so that all
Metasploit project don't have to define their own.  It also adds guards
so that the YARD tasks aren't defined (and don't cause errors) if YARD
is not available.

This also adds support for making the Rakefile work with `bundle install
--without development test` so it still functions in the bundle building
environment for Pro.
2013-03-07 14:22:35 -06:00
James Lee 3888c5212f Change file header comment to new format 2012-10-08 21:30:42 -05:00
James Lee 03e2cda9e1 Make sample modules conform to modern mod format
Wow, these are old.
2012-10-08 21:23:38 -05:00
tdoan-r7 db0ab45333 updated release number to 4.3
<test commit>
2012-07-06 10:21:00 -05:00
tdoan-r7 153521d558 replaced old msf user docs with latest 2012-07-05 17:42:55 -05:00
tdoan-r7 b44632f51d Revert "replaced old msf docs with latest"
This reverts commit 0485fcc7aa.
2012-07-05 17:41:30 -05:00
tdoan-r7 0485fcc7aa replaced old msf docs with latest 2012-07-05 17:33:13 -05:00
Thao Doan 4055a2250e updated msf user guide
replaced old 3.4 version
2012-06-13 22:06:00 -05:00
Tod Beardsley 4bcbdc54c9 Cutting over rails3 to master.
This switches the Metasploit Framework to a Rails 3 backend. If you run
into new problems (especially around Active Record or your postgresql
gem) you should try first updating your Ruby installation to 1.9.3 and
use a more recent 'pg' gem.

If that fails, we'd love to see your bug report (just drop all the
detail you can into an issue on GitHub). In the meantime, you can
checkout the rails2 branch, which was branched from master immediately
before this cutover.

Squashed commit of the following:

commit 5802ec851580341c6717dfea529027c12678d35f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:12 2012 -0500

    Enable MSF_BUNDLE_GEMS mode by default (set to N/F/0 to disable)

commit 8102f98dce9eb0c73c4374e40dce09af7b51d060
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:03 2012 -0500

    Add a method to expand win32 file paths

commit bda6479d154cf75572dd5de8b66bfde661a55de9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:53:44 2012 -0500

    Fix 1.8.x compatibility

commit 101ce4eb17bfdf755ef8c0a5198174668b6cd6fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:40:59 2012 -0500

    Use verbose instead of stringio

commit 5db467ffb593488285576d183b1662093e454b3e
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:30:06 2012 -0500

    Hide the iconv warning, were stuck with it due to EBCDIC support

commit 63b9cb20eb6a61daf4effb4c8d2761c16ff0c4e0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:29:58 2012 -0500

    Dont use GEM_HOME by default

commit ca49271c22c314a4465fff934334df18c704cbc0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:23:34 2012 -0500

    Move Gemfile to root (there be dragons, lets find them) and catch failed bundler loads

commit 34af04076a068e9f60c5526045ddbba5fca359fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:18:29 2012 -0500

    Fallback to bundler when not running inside of a installer env

commit ed1066a4f3f12fae7d4afc03eb1ab70ffe2f9cf3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 16:26:55 2012 -0500

    Remove a mess of gems that were not actually required

commit 21290a73926809e9049a59359449168f740d13d2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:59:10 2012 -0500

    Hack around a gem() call that is well-intentioned but an obstacle in this case

commit 8e414a8bfab9641c81088d22f73033be5b37a700
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 15:06:08 2012 -0500

    Ruby, come on. Ducktype this. Please.

    Use interpolated strings to get the to_s behavior you don't get with
    just plussing.

commit 0fa92c58750f8f84edbecfaab72cd2da5062743f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:05:42 2012 -0500

    Add new eventmachine/thin gems

commit 819d5e7d45e0a16741d3852df3ed110b4d7abc44
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:01:18 2012 -0500

    Purge (reimport in a second)

commit ea6f3f6c434537ca15b6c6674e31081e27ce7f86
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:54:42 2012 -0500

    Cleanup uncessary .so files (ext vs lib)

commit d219330a3cc563e9da9f01fade016c9ed8cda21c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:53:02 2012 -0500

    PG gems built against the older installation environment

commit d6e590cfa331ae7b25313ff1471c6148a6b36f3b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:06:35 2012 -0500

    Rename to include the version

commit a893de222b97ce1222a55324f1811b0262aae2d0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:56:47 2012 -0500

    Detect older installation environments and load the arch-lib directories into the search path

commit 6444bba0a421921e2ebe2df2323277a586f9736f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:49:25 2012 -0500

    Merge in windows gems

commit 95efbcfde220917bc7ee08e6083d7b383240d185
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 13:49:33 2012 -0500

    Report_vuln shouldn't use :include in finder

    find_or_create_by doesn't take :include as a param.

commit c5f99eb87f0874ef7d32fa42828841c9a714b787
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:44:09 2012 -0500

    One more msised Mdm namespace issue

commit 2184e2bbc3dd9b0993e8f21d2811a65a0c694d68
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:33:41 2012 -0500

    Fixes some mroe Mdm namespace confusion
    Fixes #6626

commit 10cee17f391f398bb2be3409137ff7348c7a66ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:40:44 2012 -0500

    Add robots gem (required by webscan)

commit 327e674c83850101364c9cca8f8d16da1de3dfb5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:39:05 2012 -0500

    Fix missing error checks

commit a5a24641866e47e611d7636a3f19ba3b3ed10ac5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 01:15:37 2012 -0500

    Reorder requires and add a method for injecting a new migration path

commit 250a5fa5ae8cb05807af022aa4168907772c15f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:56:09 2012 -0500

    Remove missing constant (use string) and add gemcache cleaner

commit 37ad6063fce0a41dddedb857fa49aa2c4834a508
Merge: d47ee82 4be0361
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 00:40:16 2012 -0500

    Merge branch 'master-clone' into rails3-clone

commit d47ee82ad7e66de53dd3d3a65649cc37299a2479
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:30:03 2012 -0500

    cleanup leftovers from gems

commit 6d883b5aa8a3a7ddbcde5bfd4521d57c5b30d3c2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:25:47 2012 -0500

    MDM update with purged DBSave module

commit 71e4f2d81f6da221b76150562a16c730888f5925
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:37 2012 -0500

    Add new mdm

commit 651cd5adac8211d65e0c8079371d8264e549533a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:13 2012 -0500

    Update mdm

commit 0191a8bd0acec30ddb2a9e9c291111a12378537f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 22:30:40 2012 -0500

    This fixes numerous cases of missed Mdm:: prefixes on db objects

commit a2a9bb3f2148622c135663dead80b3367b6f7695
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:30:18 2012 -0500

    Add eventmachine

commit 301ddeb12b906ed3c508613ca894347bedc3b499
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:18:12 2012 -0500

    A nicer error for folks who need to upgrade pg

commit fa6bde1e67b12e2d3d9978f59bbc98e0c1a1a707
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:54:55 2012 -0500

    Remove bundler requirements

commit 2e3ab9ed211303f1116e602b9a450141b71e56a4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:35:38 2012 -0500

    Pull in eventmachine with actual .so's this time

commit 901fb33ff6b754ce2c2cfd51e3b0b669f6ec600b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:19:12 2012 -0500

    Update deps, still need to add eventmachine

commit 6b0e17068e8caa0601f3ef81e8dbdb672758fcbe
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 13:07:06 2012 -0500

    Handle older installer environments and only allow binary gems when the
    environment specifically asks for it

commit b98eb7873a6342834840424699caa414a5cb172a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 04:05:13 2012 -0500

    Bump version to -testing

commit 6ac508c4ba3fdc278aaf8cfe2c58d01de3395431
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:25:09 2012 -0500

    Remove msf3 subdir

commit a27dac5067635a95b4cbb773df1985f2a2dc2c5a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:24:39 2012 -0500

    Remove the old busted external

commit 5fb5a0fc642b6c301934c319db854cc3145427a1
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:03:10 2012 -0500

    Add the gemcache loader

commit 09e2d89dfd09b9ac0c123fcc4e19816c86725627
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:02:23 2012 -0500

    Purge gemfile/bundler configure in exchange for new gemcache setup

commit 3cc0264e1cfb027b515d7f24b95a74b023bd905c
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Apr 12 14:11:45 2012 -0500

    Mode change on modicon_ladder.apx

commit c18b3d56efd639e461137acdc76b4b283fe978d4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Thu Apr 12 01:38:56 2012 -0500

    The go faster button

commit ca2a67d51d6d4c7c3ca2e745f8b018279aef668a
Merge: 674ee09 b8129f9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 15:50:33 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Picking up Packetfu upstream changes, all pretty minor

commit 674ee097ab8a6bc9608bf377479ccd0b87e7302b
Merge: e9513e5 a26e844
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 13:57:26 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Conflicts:
    	lib/msf/core/handler/reverse_http.rb
    	lib/msf/core/handler/reverse_https.rb
    	modules/auxiliary/scanner/discovery/udp_probe.rb
    	modules/auxiliary/scanner/discovery/udp_sweep.rb

    Resolved conflicts with the reverse_http handlers and the udp probe /
    scanners byt favoring the more recent changes (which happened to be the
    intent anyway). The reverse_http and reverse_https changes were mine so
    I know what the intent was, and @dmaloney-r7 changed udp_probe and
    udp_sweep to use pcAnywhere_stat instead of merely pcAnywhere, so the
    intent is clear there as well.

commit e9513e54f984fdb100c13b44a1724246779ccb76
Author: David Maloney <dmaloney@melodie.gateway.2wire.net>
Date:   Fri Apr 6 18:21:46 2012 -0500

    Some fixes to how services get reported to prevent issues with the web interface

commit adeb44e9aaf1a329a0e587d2b26e678398730422
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Apr 2 15:39:46 2012 -0500

    Some corrections to pcAnywhere discovery modules to distinguish between the two services

commit b13900176484fea8f5217a2ef925ae2ad9b7af47
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Mar 31 12:03:21 2012 -0500

    Enable additional migration-path parameters, use a temporary directory to bring the database online

commit 526b4c56883f461417f71269404faef38639917c
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Mar 28 23:24:56 2012 -0500

    A bunch of Mdsm fixes for .kind_of? calls, to make sure we ponit to the right place

commit 2cf3143370af808637d164ce59400605300f922c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 16:22:09 2012 -0500

    Check for ruby 2.0 as well as 1.9 for encoding override

commit 4d0f51b76d89f00f7acbce6b1f00dc6e4c4545ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:36:04 2012 -0500

    Remove debug statement

commit f5d2335e7745aa1a354f4d6c8fc9d0b3876c472a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:01:55 2012 -0500

    Be explicit about the Mdm namespace

commit bc8be225606d6ea38dd2a85ab4310c1c181a94ee
Author: hdm <hdm@hypo.(none)>
Date:   Mon Mar 26 11:49:51 2012 -0500

    Precalculate some uri strings in case the 1000-round generation fails

commit 4254f419723349ffb93e4aebdaeabbd7d66bf8c0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Sat Mar 24 14:03:44 2012 -0500

    Removed some non-namespaced calls to Host

commit c8190e1bb8ad365fb0d7a1c4a9173e6c739be85c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:37:00 2012 -0500

    Purge the rvmrc, this is causing major headaches

commit 76df18588917b7150a3bedf2569710a80bab51f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:31:52 2012 -0500

    Switch .rvmrc to the shipping 1.9.3 version

commit 7124971d0032b268f4ddf89aca125f15e284f345
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Mar 12 16:56:40 2012 -0500

    Adds mixin for looking up Mime Types by extension

commit b7ca8353164c43db6bacb2f3f16afa1269f66e43
Merge: a0b0c75 6b9a219
Author: Matt Buck <techpeace@gmail.com>
Date:   Tue Mar 6 19:38:53 2012 -0600

    Merge from develop.

commit a0b0c7528d2b8fabb76b2246a15004bc89239cf0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Mar 6 11:08:59 2012 -0600

    Somehow migration file is new?

commit 84d2b3cb1ad6290413c3ea3222ddf9932270b105
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Feb 29 16:38:55 2012 -0600

    Added ability to specify headers to redirects in http server

commit e50d27cda83872c616722adb03dc1a6a5e685405
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Feb 4 04:44:50 2012 -0600

    Tweak the event dispatcher to enable customer events without a category
    and trigger http request events from the main exploit mixin.
    Experimental

commit 0e4fd2040df49df2e6cb0e8d2c6240a03d108033
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Thu Feb 2 22:09:05 2012 -0600

    Change Msm -> Mdm in migrations. This is what was preventing migrations from finishing on first boot.

commit c94a2961d04eee84adfd42bb01ed7a3e3846b83a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:48:48 2012 -0600

    Changed Gemfile to use new gem name

commit 245c2063f06b4fddbfc607d243796669ef236136
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:47:42 2012 -0600

    Did find/replace for final namespace of Mdm

commit 6ed9bf8430b555dcbe62daeddb2f33bd400ab5bc
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 24 10:47:44 2012 -0600

    Fix a bunch of namespace issues

commit 2fe08d9e4226c27e78d07a00178c58f528cbc72e
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:37 2012 -0600

    Update Msm contstants in migrations for initial DB builds.

commit 4cc6b8fb0440c6258bf70de77a9153468fea4ea5
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:25 2012 -0600

    Update Gemfile.lock.

commit 1cc655b678f0a054a9a783da119237fe3f67faa4
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Thu Jan 19 11:48:29 2012 -0600

    Errant Workspaces needed namespace

commit 607a78285582c530a68985add33ccf4d899c467a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 15:44:02 2012 -0600

    Refactored all models to use the new namespace

    * Every model using DBManager::* namespace is now Msm namespace
    * Almost all of this in msf/base/core
    * Some in modules

commit a690cd959b3560fa2284975ca7ecca10c228fb05
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 13:41:44 2012 -0600

    Move bundler setup

commit dae115cc8f7619ca7a827123079cb67fb4d9354b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 15:51:07 2012 -0600

    Moved ActiveSupport dep to gem

commit d32f8edb6e7f82079b775ffbc2b9a405d1f32b3b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 14:40:05 2012 -0600

    Removed model require file

commit d0c74cff8c44771e566ec63b03eda10d03b25c42
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 16:06:10 2012 -0600

    Update some more finds

commit 4eb79ea6b58b74c309ab1f1bb0bd35fe9041de46
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 14:21:15 2012 -0600

    Yet another dumb commit

commit a75febcb593d52fdfe930306b4275829759d81d1
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Thu Dec 29 19:20:51 2011 -0600

    Fixing deletion

commit dc139ff2fdfc4e7cdee3901dfb863e70913d6b92
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Wed Dec 7 17:06:45 2011 -0600

    Fixed erroneous commit

commit 531c1e611cf4d23aeb9c48350dabf7630d662d25
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Mon Nov 21 16:11:35 2011 -0600

    Remove AR patch stuff; attempting to debug non-connection between MSF and Pro

commit 458611224189c7aa27e500aabd373d85dc2dc5c0
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Fri Nov 18 16:17:27 2011 -0600

    Drop ActiveRecord/ActiveSupport in preparation for upgrade
2012-04-15 23:35:38 -05:00
Efrain Torres 8909ad12ba Add the db_import command to the wmap documentation. 2012-03-02 10:18:32 -06:00
Efrain Torres 627a4bcb72 Adding new wmap_vulns command to documentation and minor fixes 2012-03-02 10:18:32 -06:00
Efrain Torres 237038dca4 Adjust documentation. 2012-03-02 10:18:32 -06:00
Efrain Torres a780dc0c14 Wmap 1.5 documentation 2012-03-02 10:18:31 -06:00
James Lee 624e19fd8b Merge session-host-rework branch back to master
Squashed commit of the following:

commit 2f4e8df33c5b4baa8d6fd67b400778a3f93482aa
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:31:03 2012 -0700

    Clean up some rdoc comments

    This adds categories for the various interfaces that meterpreter and
    shell sessions implement so they are grouped logically in the docs.

commit 9d31bc1b35845f7279148412f49bda56a39c9d9d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 13:00:25 2012 -0700

    Combine the docs into one output dir

    There's really no need to separate the API sections into their own
    directory.  Combining them makes it much easier to read.

commit eadd7fc136a9e7e4d9652d55dfb86e6f318332e0
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:27:22 2012 -0700

    Keep the order of iface attributes the same accross rubies

    1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
    end up with ~random order for the display with the previous technique.
    Switch to an Array instead of a Hash so it's always the same.

commit 6f66dd40f39959711f9bacbda99717253a375d21
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:23:35 2012 -0700

    Fix a few more compiler warnings

commit f39cb536a80c5000a5b9ca1fec5902300ae4b440
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:17:39 2012 -0700

    Fix a type-safety warning

commit 1e52785f38146515409da3724f858b9603d19454
Author: James Lee <egypt@metasploit.com>
Date:   Mon Feb 27 15:21:36 2012 -0700

    LHOST should be OptAddress, not OptAddressRange

commit acef978aa4233c7bd0b00ef63646eb4da5457f67
Author: James Lee <egypt@metasploit.com>
Date:   Sun Feb 26 17:45:59 2012 -0700

    Fix a couple of warnings and a typo

commit 29d87f88790aa1b3e5db6df650ecfb3fb93c675b
Author: HD Moore <hdm@digitaloffense.net>
Date:   Mon Feb 27 11:54:29 2012 -0600

    Fix ctype vs content_type typo

commit 83b5400356c47dd1973e6be3aa343084dfd09c73
Author: Gregory Man <man.gregory@gmail.com>
Date:   Sun Feb 26 15:38:33 2012 +0200

    Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x

commit 49c2c80b347820d02348d694cc71f1b3028b4365
Author: Steve Tornio <swtornio@gmail.com>
Date:   Sun Feb 26 07:13:13 2012 -0600

    add osvdb ref

commit e18e1fe97b89c3a2b8c22bc6c18726853d2c2bee
Author: Matt Andreko <mandreko@gmail.com>
Date:   Sat Feb 25 18:02:56 2012 -0500

    Added aspx target to msfvenom.  This in turn added it to msfencode as well.
    Ref: https://github.com/rapid7/metasploit-framework/pull/188
    Tested on winxp with IIS in .net 1.1 and 2.0 modes

commit e6aa5072112d79bbf8a4d2289cf8d301db3932f5
Author: Joshua J. Drake <github.jdrake@qoop.org>
Date:   Sat Feb 25 13:00:48 2012 -0600

    Fixes #6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver

commit b3371e8bfeea4d84f9d0cba100352b57d7e9e78b
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 17:07:42 2012 -0700

    Simplify logic for whether an inner iface has the same address

commit 5417419f35a40d1c08ca11ca40744722692d3b0d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:58:16 2012 -0700

    Whitespace

commit 9036875c2918439ae23e11ee7b958e30ccc29545
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:53:45 2012 -0700

    Set session info before worrying about address

    get_interfaces can take a while on Linux, grab uid and hostname earlier
    so we can give the user an idea of what they popped as soon as possible.

commit f34b51c6291031ab25b5bfb1ac6307a516ab0ee9
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:48:42 2012 -0700

    Clean up rdoc

commit e61a0663454400ec66f59a80d18b0baff4cb8cd9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:54:45 2012 -0600

    Ensure the architecture is only the first word (not the full WOW64
    message in some cases)

commit 4c701610976a92298c1182eecc9291a1b301e43b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:49:17 2012 -0600

    More paranoia code, just in case RHOST is set to whitespace

commit c5ff89fe3dc9061e0fa9f761e6530f6571989d28
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:47:01 2012 -0600

    A few more small bug fixes to handle cases with an empty string target
    host resulting in a bad address

commit 462d0188a1298f29ac83b10349aec6737efc5b19
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 03:55:10 2012 -0600

    Fix up the logic (reversed by accident)

commit 2b2b0adaec2448423dbd3ec54d90a5721965e2df
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 23:29:52 2012 -0600

    Automatically parse system information and populate the db, identify and
    report NAT when detected, show the real session_host in the sessions -l
    listing

commit 547a4ab4c62dc3248f847dd5d305ad3b74157348
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:16:03 2012 -0600

    Fix typo introduced

commit 27a7b7961e61894bdecd55310a8f45d0917c5a5c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:11:38 2012 -0600

    More session.session_host tweaks

commit e447302a1a9915795e89b5e29c89ff2ab9b6209b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:08:20 2012 -0600

    Additional tunnel_peer changes

commit 93369fcffaf8c6b00d992526b4083acfce036bb3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:06:21 2012 -0600

    Additional changes to session.session_host

commit c3552f66d158685909e2c8b51dfead7c240c4f40
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:00:19 2012 -0600

    Merge changes into the new branch
2012-02-28 18:29:39 -07:00
James Lee 48222b35bc Combine the docs into one output dir
There's really no need to separate the API sections into their own
directory.  Combining them makes it much easier to read.
2012-02-28 13:00:25 -07:00
HD Moore d4fabf8872 Fix boolean option handling
git-svn-id: file:///home/svn/framework3/trunk@13976 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:19:35 +00:00
Jonathan Cran aa89c07fa8 fixup for the exploit sample
git-svn-id: file:///home/svn/framework3/trunk@13923 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 18:52:01 +00:00
Jonathan Cran 497ed707c4 bug, this shouldn't ask for a path
git-svn-id: file:///home/svn/framework3/trunk@13912 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 15:36:28 +00:00
Jonathan Cran 950fb81cf5 This should be a numeric option
git-svn-id: file:///home/svn/framework3/trunk@13882 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 22:07:14 +00:00
Jonathan Cran 9def293067 ensure the sample's help prints when --help is passed
git-svn-id: file:///home/svn/framework3/trunk@13872 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 16:26:08 +00:00