Commit Graph

18545 Commits (72b3ea2be0fd8b37478b9a0f17125443514f17b5)

Author SHA1 Message Date
Luke Imhoff 2b70ec2e08 Payload compatible cache_in_memory
[#47720609]

Msf::PayloadSet#add_module does NOT return an annotated module class as
Msf::ModuleSet#add_module does because a payload module is defined as a
ruby Module instead of a ruby Class.   Since add_module doesn't always
return an annotated_class, the logic in
Msf::ModuleManager#on_module_load needed to change to NOT use
annotated_class and create #add_module as return [void].  Thus, it is
necessary to pass in all the metasploit module metadata to
Msf::ModuleManager#cache_in_memory instead of assuming they can be
derived from the (payload) Module or (other) Class.
2013-05-22 16:06:02 -05:00
David Maloney 69dd7f5c58 Update Mdm and Add Task stuff to report
make report_* methods aware of Tasks

[Story #49167601]
2013-05-22 14:59:43 -05:00
sinn3r 23fe3146dc Extra print_status I don't want 2013-05-22 14:38:30 -05:00
jvazquez-r7 bfcd86022d Add code cleanup for nginx_chunked_size. 2013-05-22 14:37:42 -05:00
sinn3r 0e6576747a Fix target selection probs, and swf path 2013-05-22 14:34:00 -05:00
jvazquez-r7 7cc126c4c2 Land #1860, nginx exploit module from the community 2013-05-22 14:23:59 -05:00
LinuxGeek247 81b690ae4b Initial check in of nginx module 2013-05-22 13:52:00 -04:00
xard4s 314b0698ee address feedback 2013-05-22 13:44:25 -04:00
Luke Imhoff 57576de85f Update in-memory cache to fix file_changed?
[#47720609]

Msf::ModuleManager#module_info_by_path was not being updated when a
module was loaded, so if a load_module was called again, say during
start up of prosvc, the module would reload even though there was no
change in the file because file_changed? couldn't find an entry for the
module's path in module_info_by_path.
2013-05-22 12:28:42 -05:00
sinn3r ecb9d1d7fa Landing #1848 - AdobeCollabSync Buffer Overflow on Adobe Reader X 2013-05-22 12:24:42 -05:00
sinn3r e2aad8930d Landing #1853 - Remove ID tags 2013-05-22 12:12:55 -05:00
sinn3r 8483528ae0 Restore generic.rb to the correct state 2013-05-22 12:11:06 -05:00
sinn3r 1cf485fad1 Restore tcp.rb to its current state 2013-05-22 12:06:36 -05:00
sinn3r 162ecd7b45 Landing #1851 - Alias 'run' to 'exploit' 2013-05-22 11:56:04 -05:00
John Sherwood d028f52dbd Fix broken ms12-020 vulnerability detection
The previous version of the script had an off-by-one error that prevented
proper detection of the vulnerability.  Changes made in this revision
include:

 - Correction of the off-by-one error
 - Use of match instead of == to check for valid RDP connection
 - Change of the channel requests to use IDs actually provided by
   the responses from the server
2013-05-22 00:08:25 -04:00
Joe Vennix aae4768563 Fix whitespace issues from msftidy. 2013-05-21 14:31:36 -05:00
Joe Vennix eaeb10742a Add some comments and clean some things up. 2013-05-21 14:01:14 -05:00
Joe Vennix 978aafcb16 Add DEBUG option, pass args to .encoded_exe(). 2013-05-21 14:01:14 -05:00
Joe Vennix ee8a97419c Add some debug print calls to investigate Auto platform selection. 2013-05-21 14:01:13 -05:00
Joe Vennix 60fdf48535 Use renegerate_payload(cli, ...). 2013-05-21 14:01:13 -05:00
ringt 54eeb8f000 Adding new version...old version does not work in windows, doesnt fingerprint, and a few other minor things 2013-05-21 13:13:21 -05:00
dmaloney-r7 ee28a3a8d7 Update http_login.rb
add parens around conditional to make bikeshed prettier
2013-05-21 11:28:23 -05:00
Luke Imhoff eede80509f Reuse appropriate terminology in docs
[#47720609]

Fix some docs and variable names to make it clearer when methods are
expecting module instance and module classes.  Change some 'name'
variables to 'reference_name' since that's the proper terminology.
2013-05-21 08:19:47 -05:00
jvazquez-r7 53cb493bc9 Fix @jlee-r7's feedback 2013-05-20 18:44:21 -05:00
dcbz a53ab4cff9 Moved dupandexecve.rb to shell.rb due to pull request coments. 2013-05-20 17:05:57 -05:00
James Lee f4498c3916 Remove $Id tags
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
Luke Imhoff a70d63ebad Spec Msf::ModuleManager#on_module_load
[#47720609]
2013-05-20 14:52:37 -05:00
Brandon Turner 882c550173 Merge pull request #1852 from limhoff-r7/bug/migrations
[Delivers #50179803]
2013-05-20 12:41:47 -07:00
Luke Imhoff 89bd5b4791 Reset column information after running migrations
[#50179803]
[SeeRM #7967]
[SeeRM #7870]

Because metasploit-framework runs migrations with the same process and
with the same connection as it later accesses the database, the column
information can become cached prematurely and be incorrect by the end of
the migrations.  Fix the bad cache by automatically resetting the column
information for all model classes after the migrations have run.
2013-05-20 13:08:07 -05:00
Luke Imhoff 398dcfa8cb Merge branch 'master' into bug/migrations 2013-05-20 12:49:33 -05:00
Luke Imhoff 0e435d378c Move Msf::DBManager#migrate(d) to module
[#50179803]

Move Msf::DBManager#migrate and the migrated attribute to
Msf::DBManager::Migration module to lower complexity of db_manager.rb
and in preparation for more migration related code on this branch.
2013-05-20 12:45:17 -05:00
James Lee 604da8442f Land #1845, multiple migrations with same version 2013-05-20 11:31:29 -05:00
James Lee 5e65976089 Alias 'run' to 'exploit'
Allows console users to use the 'run' command for exploits as well as
auxiliary and post, in the same way that 'exploit' works for all three.
Saves some typing and makes it do the right thing so users don't have to
remember what kind of module they're using.
2013-05-20 11:20:12 -05:00
jvazquez-r7 94bc3bf8eb Fix msftidy warning 2013-05-20 10:35:59 -05:00
jvazquez-r7 395aac90c2 Do minor cleanup for linksys_wrt160nv2_apply_exec 2013-05-20 10:34:39 -05:00
jvazquez-r7 08b2c9db1e Land #1801, @m-1-k-3's linksys wrt160n exploit 2013-05-20 10:33:44 -05:00
m-1-k-3 1a904ccf7d tftp download 2013-05-19 20:37:46 +02:00
jvazquez-r7 dfa19cb46d Do minor cleanup for dlink_dir615_up_exec 2013-05-19 12:43:01 -05:00
jvazquez-r7 348705ad46 Land #1800, @m-1-k-3's exploit for DLINK DIR615 2013-05-19 12:42:02 -05:00
agix e48cfcae8e delete a debug puts 2013-05-19 19:21:10 +02:00
agix e844247163 Little change in exe-only to work with x64 arch. 2013-05-19 19:01:03 +02:00
m-1-k-3 f3a2859bed removed user,pass in request 2013-05-19 18:50:12 +02:00
m-1-k-3 aee5b02f65 tftp download check 2013-05-19 18:45:01 +02:00
m-1-k-3 4816925f83 feeback included 2013-05-19 16:19:45 +02:00
agix b92ae7779e change author name 2013-05-19 16:16:25 +02:00
jvazquez-r7 85ceaa1a62 Add module for CVE-2013-2730 2013-05-18 12:44:24 -05:00
John Sherwood b22c5a0120 Add sorting functionality to cmd_notes
- Added sorting to cmd_notes
- Added make_sortable function so that sorts work happily even
  when the disparate notes don't have content of the same types
  in the fields the sort is requested over.
2013-05-17 23:02:38 -04:00
dcbz 9c0814505a Added reverse stager. 2013-05-17 21:52:10 -05:00
dcbz 14d5111b37 Added a sample stage + updated bind stager. 2013-05-17 21:03:03 -05:00
Luke Imhoff 1df08cfa49 Add specs to prevent dupe migrations_paths regression
[#50099107]

Add specs to verify that the duplicate migrations_paths protection
works.
2013-05-17 15:15:57 -05:00