infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,947 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

592 Commits (74baffd463e643c66a5ba1391be2b11f5e1677fa)

Author SHA1 Message Date
Jonathan Claudius ee7ecb349d Fix description 2015-01-26 23:10:08 -05:00
Jonathan Claudius 106170eddc Add multi to name 2015-01-26 23:08:43 -05:00
Jonathan Claudius a3c7cf70f8 Make MSF Tidy more happy 2015-01-26 22:30:26 -05:00
Jonathan Claudius d37b3cf0c3 Use next instead of return 2015-01-26 22:26:56 -05:00
Jonathan Claudius f58dc2789f Remove creds 2015-01-26 22:13:15 -05:00
Jonathan Claudius a27c376ae7 Add service port and host 2015-01-26 22:06:07 -05:00
Jonathan Claudius dd34b58e49 Add add loot 2015-01-26 22:01:38 -05:00
Jonathan Claudius 3889ed5784 Add cred login 2015-01-26 21:50:10 -05:00
Jonathan Claudius eead063375 Add RubyGems API Post Gather Module 2015-01-26 20:53:39 -05:00
jvazquez-r7 43e0afeaed Delete 's' typo 2015-01-19 12:55:35 -06:00
jvazquez-r7 79a24f80b8 Use constant for play options 2015-01-19 12:50:40 -06:00
jvazquez-r7 652400451e Delete extra k 2015-01-19 12:35:26 -06:00
IMcPwn 50d43f118b Make URLs better 
Removes YouTube logo, loops, hides video controls at bottom, disables keyboard controls, doesn't show info about the video on the top, hides video annotations, and doesn't show related videos at the end.
 2015-01-19 12:27:18 -05:00
EricGershman 0496bb16bc Minor spelling fix 2015-01-07 23:43:59 -05:00
Christian Mehlmauer 0f27c63720
fix msftidy warnings 2014-12-12 13:16:21 +01:00
Jon Hart 65b316cd8c
Land #4372 2014-12-11 18:48:16 -08:00
Christian Mehlmauer 544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Christian Mehlmauer de88908493
code style 2014-12-11 23:30:20 +01:00
jvazquez-r7 54de805b7a Report credentials 
* Even when we are not associating them to hosts
* It's a post module so maybe we cannot solve some names
 2014-11-17 12:49:18 -06:00
jvazquez-r7 b3b37c7c9f Use longer description lines 2014-11-17 12:23:22 -06:00
Jon Hart d5afb2b766 %q 2014-11-17 09:01:14 -08:00
Jon Hart ce73e32673 Doc and named captures 2014-11-17 09:01:14 -08:00
Jon Hart bf05fe1389 Refactoring, simplification, better print_* 2014-11-17 09:01:14 -08:00
Jon Hart 6e1cdfde36 Rip out create_credential* stuff. Use what works 2014-11-17 09:01:14 -08:00
Jon Hart e5bb13a609 If remmina config files are missing data for creds, tell me what 2014-11-17 09:01:14 -08:00
Jon Hart 875d1f9ea0 Convert Remmina credential gatherer to use new credentials model 2014-11-17 09:01:14 -08:00
Jon Hart 086f0c02d6 Remove excessive logging 2014-11-17 09:01:14 -08:00
Jon Hart 90e58e9e71 Binary encoding 2014-11-17 09:01:14 -08:00
Jon Hart e76373340e Correct some Rubocop things that I agree with 2014-11-17 09:01:14 -08:00
Jon Hart f729a6cf02 Add Remmina RDP/SSH/VNC password gathering 2014-11-17 09:01:13 -08:00
Jon Hart c765100efd
Land #4004, @martinvigo's LastPass master password extraction module 2014-10-22 16:34:54 -07:00
Jon Hart 29b61984c5 Update to use correctly joined path 2014-10-22 16:34:17 -07:00
Tim Wright b8c3fadb9e python 3 is supported now too :) 2014-10-22 20:10:48 +01:00
Tim Wright 8c3c73a72d inline the error message 2014-10-22 20:08:14 +01:00
Tim Wright 2ab73688dc use framework.threads to launch cleanup thread 2014-10-22 19:40:29 +01:00
Tim Wright 22fc6496ac Merge branch 'pr/3401' into landing-3401 2014-10-22 19:23:01 +01:00
Jon Hart 88c1647c80 Loot the passwords, obviously 2014-10-19 13:11:10 -07:00
Jon Hart 0971d7c3ac Remove ... from prints, only map a browser if we found something 2014-10-19 13:05:11 -07:00
Jon Hart 967800eed0 Track account name for more useful table and prints 2014-10-19 12:59:51 -07:00
Jon Hart 5a05246682 Consistent case in *print_* 2014-10-19 12:30:50 -07:00
Jon Hart a30663e412
Fix multiuser LastPass extraction, print/vprint cleanup 2014-10-17 17:40:19 -07:00
Jon Hart d2a00b208e Minor style cleanup to appease Rubocop 2014-10-17 12:50:18 -07:00
Jon Hart d97fe548b9 Store the browser name in LastPass loot 2014-10-17 11:33:31 -07:00
Jon Hart 43238c7324 Simplify LastPass extraction. Track what browser that puked creds 2014-10-17 11:19:36 -07:00
Jon Hart 9177b931fd Refactoring of LastPass module to use correct Firefox path on *nix 2014-10-17 10:20:55 -07:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
Martin Vigo 36d6220f8f Make use of Rex::Ui::Text::Table 2014-10-15 23:13:53 -07:00
Martin Vigo bb421859d3 Refactor code and add support for all Windows 2014-10-15 22:15:54 -07:00
Martin Vigo c7e0ced02b Remove useless conditions 2014-10-15 21:29:47 -07:00
Martin Vigo 2bdc703930 Remove useless condition 2014-10-15 21:16:06 -07:00
Martin Vigo 5fa39782b8 Fix unused variable 2014-10-15 21:10:50 -07:00
Martin Vigo 8fc0f0955e Add support for Firefox 2014-10-15 20:44:20 -07:00
Martin Vigo 47794510c3 Add support for Firefox in XP 2014-10-15 20:44:19 -07:00
Martin Vigo 484d98d0a8 Meet rubocop and msftify rules 2014-10-15 20:17:36 -07:00
Martin Vigo 85e6febe09 Add module to extract/decrypt LastPass credentials 2014-10-15 20:17:36 -07:00
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
 2014-08-06 15:58:12 -05:00
Tom Sellers 6315710697 Update for most recent PowerShell.rb 
This update makes the module compatible with Meatballs' march PowerShell changes mentioned earlier (lines 112/113).  It also includes changes recommended by Timwr and about 2/3 of the issues mentioned by Rubocop.  I didn't make some of the Rubocop changes based on HD's comments in IRC that it was still being tuned to meet the project's requirements.
 2014-08-02 15:32:45 -05:00
sinn3r 6048f21875
Land #3552 - Correct DbVisualizer title name 2014-07-21 13:07:33 -05:00
sinn3r 73e665b863
Land #3542 - Multi Manage DbVisualizer Query 2014-07-21 13:02:19 -05:00
sinn3r fbbaaf2e2a Fix spaces and module description 2014-07-21 13:01:18 -05:00
Tod Beardsley a41768fd7d
Correct DbVisualizer title name 
I think "DbVis Software" is the name of the company and the product
itself is called DbVisualizer.

Also fixed the description on the WPTouch module.
 2014-07-21 12:35:01 -05:00
sinn3r c59d72b0c6
Land #3530 - dbvis database administrator 2014-07-17 14:36:34 -05:00
sinn3r 6d35867f7f Update module description 2014-07-17 14:24:57 -05:00
sinn3r 8e7361d952 Fix indent again 2014-07-17 14:12:04 -05:00
sinn3r aed8af3abc Retabbed 2014-07-17 14:03:27 -05:00
sinn3r d6ab418d6f Fix spaces 2014-07-17 13:52:00 -05:00
David Bloom b4e68a7c25 Update dbvis_query.rb 2014-07-17 19:21:35 +02:00
David Bloom 0f92b73f1a Update dbvis_add_db_admin.rb 2014-07-17 10:14:28 +02:00
David Bloom 561ef427cc Update dbvis_query.rb 2014-07-17 10:13:58 +02:00
David Bloom 60c71b2681 Update dbvis_add_db_admin.rb 2014-07-17 10:11:13 +02:00
David Bloom 8f9a1e485c Delete dbvis_query.rb 2014-07-17 08:05:18 +02:00
David Bloom 1c8cac359c Added video link 2014-07-17 08:02:27 +02:00
David Bloom 7bee4db1d7 dbvis_query.rb add 2014-07-17 07:48:17 +02:00
Trevor Rosen bebf11c969
Resolves some Login::Status migration issues 
MSP-10730
 2014-07-16 21:52:08 -05:00
David Bloom 4a25bb4247 Update dbvis_add_db_admin.rb 2014-07-17 02:01:50 +02:00
David Bloom 52bdc5364c Update dbvis_query.rb 2014-07-16 18:52:27 +02:00
David Bloom 200c122ecd Update dbvis_query.rb 2014-07-16 18:48:15 +02:00
David Bloom 31e38cee23 Update dbvis_add_db_admin.rb 2014-07-16 18:45:38 +02:00
David Bloom 5f38ad5e10 Update dbvis_add_db_admin.rb 2014-07-16 18:30:23 +02:00
David Bloom c3b87e2e6c Update rigth on dbviscmd check 2014-07-16 18:27:19 +02:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-16 09:38:44 -05:00
David Bloom 90932116f8 Update dbvis_query.rb 
Minor changes
 2014-07-16 15:44:48 +02:00
David Bloom b4aca68406 Update dbvis_query.rb 2014-07-16 15:10:07 +02:00
David Bloom 17b2169b9d Create dbvis_query.rb 
Dbvisulaizer offers a command line functionality to execute SQL pre-configured databases (With GUI).
The remote database can be accessed from the command line without the need to authenticate.
The module abuses this functionality to query the remote database and store the result.
 2014-07-16 14:51:24 +02:00
David Bloom b602fc89a3 Update dbvis_add_db_admin.rb 
Corrections
 2014-07-16 13:42:58 +02:00
David Bloom 875c024243 create dbvis_add_db_admin.rb 
Dbvisulaizer offers a command line functionality to execute SQL pre-configured databases (With GUI).
The remote database can be accessed from the command line without the need to authenticate.
The module abuses this functionality to create an administrator in the database if DB user rights allow it.
 2014-07-15 21:43:14 +02:00
sinn3r 1d6f088eab Pass msftidy 2014-07-15 11:31:37 -05:00
David Bloom 526538ecd6 Added dbvis version find and print 2014-07-15 15:04:46 +02:00
David Bloom 97dcc56225 Update dbvis_enum.rb 2014-07-15 14:23:40 +02:00
David Bloom 400b0f4276 parse url to report host in old config 2014-07-15 14:21:09 +02:00
David Bloom f3d953f829 Old config file update 
Added functions to parse old and new config files.
 2014-07-15 14:00:29 +02:00
David Bloom ac3d453002 Update dbvis_enum.rb 2014-07-15 12:33:07 +02:00
David Bloom a53341f520 Added compatibility with dbvis <= 6 
Checking for "config" folder existence if "config70" is not found.
 2014-07-15 12:14:38 +02:00
sinn3r cc1ba265cb Change module name for consistency 2014-07-14 15:49:19 -05:00
sinn3r 4d7bffd713 Change header 2014-07-14 15:45:17 -05:00
sinn3r 5a821cea9d Account for EOFError condition 2014-07-14 15:27:40 -05:00
sinn3r 89a877031f I mean "unless", not "if" 2014-07-14 15:24:53 -05:00
sinn3r bec32a01ab For for missing an end 2014-07-14 15:17:54 -05:00
sinn3r cecdcef2e2 + not preferred 2014-07-14 15:14:54 -05:00
sinn3r 0737deb2a3 Remove the last exception handler 
We're already checking the file path with file?(), so we don't need
to use exception handling for this task anymore.
 2014-07-14 15:02:23 -05:00
sinn3r 8fe3f1a077 File should be checked for existence before reading 2014-07-14 15:01:03 -05:00
sinn3r 20e5803592 Author's Twitter handle should be a comment 
msfconsole treats whatever is in <> as the author's email, not
twitter handle
 2014-07-14 14:57:36 -05:00
sinn3r 3b6947c1d7 Use Rex to check IPv4 instead of using resolv 2014-07-14 14:56:38 -05:00
sinn3r b5e556519b Change = to == 
This is an if condition, not an assignment
 2014-07-14 14:53:27 -05:00
sinn3r 8f51fd0e45 Retabbed and reformatted 2014-07-14 14:39:34 -05:00
David Bloom 72d9587a50 DbVisualizer stores the user database configuration in dbvis.xml 
This module retrieves the connections settings from this file
 2014-07-14 20:08:48 +02:00
David Bloom 667b1363f3 Delete dbvis_enum.rb 2014-07-14 10:57:53 +02:00
David Bloom 0ef0f6aae1 Update dbvis_enum.rb 2014-07-14 10:54:43 +02:00
David Bloom bcbb0b4fde dbvis connections gathering 
DbVisualizer stores the user database configuration in dbvis.xml.
This module retrieves the connections settings from this file.
 2014-07-14 10:49:20 +02:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
James Lee 62a2f1dc0a
Credential -> Model for realm key constants 2014-07-10 14:30:25 -05:00
Tom Sellers 0822713f2e Hide unneeded options 2014-06-21 11:39:52 -05:00
Tom Sellers cec3ca1df6 Improve detection of failed uploads 
leaving aborted = nil was causing unexpected behavior when the upload failed.  Explicitly setting aborted = false by default corrects this issue.
 2014-06-21 10:12:17 -05:00
David Maloney 2b0bb608b1
Merge branch 'master' into staging/electro-release 2014-06-18 10:49:58 -05:00
Christian Mehlmauer 8e1949f3c8
Added newline at EOF 2014-06-17 21:03:18 +02:00
James Lee a3eea2f712
Add better handling of host and port 2014-06-13 15:22:09 -05:00
William Vu 4593c309f5 Fix a dummy because I can't read 2014-06-12 19:10:24 -05:00
William Vu 9d89730026
Use realm instead of private 2014-06-12 18:46:13 -05:00
William Vu 5d19410294
Don't use getaddress with session.session_host 2014-06-12 18:30:51 -05:00
William Vu 74cb5cd79e
Fix bad copypasta 2014-06-12 13:17:12 -05:00
William Vu 89434a75c3
Fix bad indent 2014-06-12 13:10:50 -05:00
William Vu 512395395b
Refactor pgpass_creds creds 2014-06-12 13:08:47 -05:00
Luke Imhoff 4d923a4809
Update to Rubyzip 1.X API 
MSP-10004

`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
 2014-06-10 13:41:42 -05:00
David Maloney 90c63efaeb
refactor ssh_creds post module 
the sssh_ creds post module now stores
SSH Keys as Metasploit::Credential objects
 2014-06-09 11:49:49 -05:00
Tom Sellers af569449d9 Code cleanup 
Fixes based on response from @timwr and @kernelsmith.
Retested with Ubuntu and Metasploitable 2 to validate proper payload. Also tested for port conflict detection after the change.  Returning false on line 243 simplifies the if logic on line 251/252.
 2014-05-29 18:27:17 -05:00
Tom Sellers 2f811381dc Update shell_to_meterpreter.rb 2014-05-29 06:17:31 -05:00
Tom Sellers 6a30a49bcf Update shell_to_meterpreter.rb 2014-05-29 06:08:42 -05:00
Tom Sellers f956c8d94f Create shell_to_meterpreter.rb 2014-05-27 06:12:09 -05:00
Tom Sellers 2b8dd9139c Fix cosmetic issue 
Fix cosmetic issue /w email address when it is output via 'info' or the Rapid7 module page.
 2014-05-11 16:14:51 -05:00
Tom Sellers d4c0d015c1 Update wlan_geolocate.rb 
Updated based on feedback.  Also added enumeration only support for BSD and Solaris.
 2014-04-24 07:04:50 -05:00
Tom Sellers 2fd004b69e New module: Multiplatform Wireless LAN Geolocation 
This is a new POST module that allows Windows, Linux, and OSX targets to be geolocated using Google services if the target has an active and functional wireless adapter.
 2014-04-19 17:31:48 -05:00
Tod Beardsley 062175128b
Update @Meatballs and @FireFart in authors.rb 2014-04-09 10:46:10 -05:00
OJ 3ea3968d88
Merge branch 'upstream/master' into stop_abusing_expand_path 
Conflicts:
	lib/msf/core/post/windows/shadowcopy.rb
	modules/exploits/windows/local/bypassuac.rb
	modules/post/windows/gather/wmic_command.rb
	modules/post/windows/manage/persistence.rb
 2014-03-11 23:13:39 +10:00
David Maloney 42a730745e
Land #2418, Use meterpreter hostname resolution 2014-02-28 14:45:39 -06:00
William Vu a4035252d6 Land #1910, DISCLAIMER for firefox_creds 
Fixed conflict in Author.
 2014-02-12 16:32:08 -06:00
sinn3r d1d45059f2 use session_host instead 2014-01-10 18:27:03 -06:00
sinn3r 8534f7948a Change the post module's default api key as well (to Metasploit's) 2014-01-10 17:59:51 -06:00
sinn3r 238d052073 Update description 
key is no longer required.
 2014-01-10 04:02:01 -06:00
sinn3r da273f1440 Update the use of report_note 2014-01-10 01:49:07 -06:00
sinn3r 807d8c12c7 Have a default API key 
Modules now should have a default API key. See the following for
details:
http://blog.virustotal.com/2012/12/public-api-request-rate-limits-and-tool.html
 2014-01-10 01:26:42 -06:00
sinn3r a99e2eb567 Update the post module 2014-01-08 18:41:22 -06:00
sinn3r 130a99f52b Add a post module that checks with VirusTotal with a checksum 
This post module will submit a SHA1 checksum to VirusTotal to see
if it's a malicious file.
 2014-01-08 18:26:40 -06:00
OJ 9fb081cb2d Add getenvs, update getenv, change extract_path use 
Stacks of modules were using `extract_path` where it wasn't really semantically correct
because this was the only way to expand environment variables. This commit fixes that
up a bit.

Also, I changed the existing `getenv` function in `stdapi` to `getenvs`, and had it
support the splat operator. I added a `getenv` function which is used just for a
single variable and uses `getenvs` behind the scenes.

The meterpreter console `getenv` command now uses `getenvs`
 2013-12-19 11:54:34 +10:00
Tod Beardsley c4b8178663
Correct camelCase of YouTube 2013-12-18 14:06:45 -06:00
Tod Beardsley 040619c373
Minor description changes 
No code changes (one comment made on play_youtube to suggest xdg-open
rather than firefox for linux targets).
 2013-12-16 14:57:33 -06:00
sinn3r 1bcaffccc8 Make sure profile name is random 2013-12-12 16:19:06 -06:00
sinn3r 036955983d Add support for Linux, thanks @jvennix-r7! 2013-12-12 16:12:36 -06:00
sinn3r 7d12ced66e Remove unnecessary require statements 2013-12-12 13:49:54 -06:00
sinn3r ce18ac4c62 fix comment 2013-12-12 12:49:46 -06:00
sinn3r 97e9daaa6a Change title 2013-12-12 12:42:07 -06:00
sinn3r de087d134a Account for error 2013-12-12 12:41:05 -06:00
sinn3r 7ff0f4a2e7 move to multi for real 2013-12-12 12:35:58 -06:00
Meatballs 7f048bcd2c
Merge HOSTFILE and CSV input 
And remember to uniq the array.
 2013-11-24 15:28:44 +00:00
Meatballs 511d176128
Add hostfile resolution 2013-11-24 15:20:04 +00:00
James Lee faf6be4529
Missed an errant require 
Wasn't even using it anyway
 2013-11-05 14:00:55 -06:00
James Lee 9e30c58495 Blow away remnants of Local::Unix 2013-11-05 13:51:45 -06:00
sinn3r 032da9be10
Land #2426 - make use of Msf::Config.data_directory 2013-10-21 13:07:33 -05:00
Tod Beardsley f0aedd932d
More stragglers 2013-10-16 16:29:55 -05:00
Tod Beardsley 5d86ab4ab8
Catch mis-formatted bracket comments. 2013-10-15 14:52:12 -05:00
Tod Beardsley c83262f4bd
Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat 
[SeeRM #8496]
 2013-10-15 13:51:57 -05:00
Tod Beardsley 63e40f9fba
Release time fixes to modules 
* Period at the end of a description.
  * Methods shouldn't be meth_name! unless the method is destructive.
  * "Setup" is a noun, "set up" is a verb.
  * Use the clunky post module naming convention.
 2013-10-14 15:17:39 -05:00
Meatballs 378f403fab
Land #2453, Add stdapi_net_resolve_host(s) to Python Meterpreter. 
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
 2013-10-10 20:13:06 +01:00
Meatballs 9ca9b4ab29
Merge branch 'master' into data_dir 
Conflicts:
	lib/msf/core/auxiliary/jtr.rb
 2013-10-10 19:55:26 +01:00
Spencer McIntyre be139beb20 Remove windows from title of multi module. 2013-10-09 17:11:47 -04:00
Spencer McIntyre 6c382c8eb7 Return nil on error, and move the module to post/multi. 2013-10-09 16:52:53 -04:00
Tod Beardsley 4266b88a20
Move author name to just 'joev' 
[See #2476]
 2013-10-07 12:50:04 -05:00
Meatballs 7ba846ca24 Find and replace 2013-09-26 20:34:48 +01:00
Tod Beardsley c547e84fa7 Prefer Ruby style for single word collections 
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.

This change converts all Payloads to this format if there is more than
one payload to choose from.

It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.

See:
  https://github.com/bbatsov/ruby-style-guide#collections
 2013-09-24 12:33:31 -05:00
James Lee 9a555d8701 Fix the modules added since the branch 2013-09-17 18:25:12 -05:00
James Lee 150f0f644e Merge branch 'rapid7' into bug/osx-mods-load-order 
Conflicts:
	modules/post/windows/gather/enum_dirperms.rb
 2013-09-17 18:21:13 -05:00
James Lee 58b634dd27 Remove unnecessary requires from post mods 2013-09-12 14:36:01 -05:00
jvazquez-r7 4f1db80c24 Fix requires in new post modules 2013-09-10 11:13:07 -05:00
Tod Beardsley aff35a615b Grammar fixes in descriptions 2013-09-09 15:09:53 -05:00
jvazquez-r7 ffa600ff8b Fix really the check method 2013-09-06 10:21:18 -05:00
jvazquez-r7 9b9e1592fd Retab changes 2013-09-06 10:13:38 -05:00
jvazquez-r7 a64f960bfc Merge for retab 2013-09-06 10:12:55 -05:00
jvazquez-r7 d9fed860a5 Fix check method 2013-09-06 10:11:06 -05:00
Tab Assassin b720fc215b Retab changes for PR #1910 2013-09-05 14:40:18 -05:00
Tab Assassin fc8ad8c633 Merge for retab 2013-09-05 14:40:11 -05:00
Tab Assassin 845bf7146b Retab changes for PR #2304 2013-09-05 13:41:25 -05:00
Tab Assassin adf9ff356c Merge for retab 2013-09-05 13:41:23 -05:00
Tab Assassin 9f3a5dc5d0 Retab new modules 2013-09-04 12:32:53 -05:00
Tab Assassin 999b802468 Merge branch 'master' into retab/rumpus 2013-09-04 12:32:05 -05:00
sinn3r bcc0152274 Correct metasploit_pcaplog's naming style 
The naming style nazi is in town. ph33r.
 2013-08-31 18:25:06 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
James Lee 63adde2429 Fix load order in posts, hopefully forever 2013-08-29 13:37:50 -05:00
Joe Vennix f823290a4c Add nc check. Prints successful binary match. 
* kills session nil check
 2013-08-27 17:21:18 -05:00
Joe Vennix 067b8f3c59 Adds session existence check. Moves error log path to datastore option. 2013-08-27 11:44:21 -05:00
Joe Vennix 8a8f80e097 Move error log path to datastore option. 2013-08-27 11:43:20 -05:00
Joe Vennix 5cc4ef09d1 Move previous error log path to method. Renames the #check method. 2013-08-27 11:25:00 -05:00
Joe Vennix 87c03237a9 Fix discrepencies between unix/osx with whereis cmd. 2013-08-27 03:17:14 -05:00
Joe Vennix 98b21471ed fix some bugs in cups_root_file_read module. 2013-08-27 03:03:08 -05:00
Joe Vennix 34404ee067 Commit cups module. Tested on osx 10.7, 10.8, and unpatched ubuntu 12.0.4. 2013-08-25 14:30:11 -05:00
Tod Beardsley 8431eb7a79 Msftidy fixes, also use correct possessive plurals 
http://englishplus.com/grammar/00000132.htm
 2013-08-05 09:43:38 -05:00
xard4s 1953473e1f added advanced option 2013-06-10 16:09:31 -04:00
xard4s bc7066a8b6 added user warnings 2013-06-06 08:02:32 -04:00
xard4s 182863f1a4 addressing feedback/updated description 2013-06-04 17:15:42 -04:00
sinn3r cb31772302 Fix indent 2013-06-04 11:37:16 -05:00
xard4s 423a33b1fc Added firefox pw decryption support 2013-06-03 13:13:59 -04:00
David Maloney b0f5255de8 fix ssh_creds username 
ssh_creds post module as not saving
the username in the cred objects
 2013-05-05 16:31:28 -05:00
James Lee e3ee0d7913 Don't try to download '.' or '..' as files 2013-02-08 11:25:17 -06:00
jvazquez-r7 fbbac2bd51 make module msftidy compliant 2013-01-24 21:37:04 +01:00
jvazquez-r7 2419e55603 Merge branch 'feature/rm7581-sudo-improved-with-PASSWORD-option' of https://github.com/lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7581-sudo-improved-with-PASSWORD-option 2013-01-24 21:36:40 +01:00
lmercer 3b65f31d95 post/multi/manage/sudo improved with the PASSWORD option 
as described in Redmine Feature #7581
 2013-01-23 15:23:40 -05:00
sinn3r 8b70a94b34 Updates the progress function 
Because the previous one was wrong.
 2013-01-21 00:30:43 -06:00
jvazquez-r7 75109114df Merge branch 'post_mod_record_mic' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-post_mod_record_mic 2013-01-18 00:25:01 +01:00
Charles Smith 624ef9a329 Fixed a typo in the skype_enum module. 
"platfom" instead of "platform" fixed.
 2013-01-17 14:04:52 -05:00
sinn3r 419b32b742 Can be used against multiple platforms since it supports java 2013-01-17 12:45:03 -06:00
sinn3r ff11cfe6e5 Avoid saying "webcam", might be misleading. 2013-01-17 12:30:02 -06:00
sinn3r f351db3621 Implements the record_mic feature as a post module 
For easier deployment in the web GUI. Works for Windows meterpreter
and Java meterpreter.
 2013-01-17 12:19:52 -06:00
Christian Mehlmauer 8f2dd8e2ce msftidy: Remove $Revision$ 2013-01-04 00:48:10 +01:00
Christian Mehlmauer 25aaf7a676 msftidy: Remove $Id$ 2013-01-04 00:41:44 +01:00
HD Moore 93a69ea62e Fix instances of invalid lower-case datastore use 2012-11-29 00:05:36 -06:00
Tod Beardsley b973927ab2 Msftidy on digi_addp_reboot and pgpass_creds 2012-11-05 16:19:38 -06:00
sinn3r 42b285c7f6 Merge branch '403labs-post-pgpass_creds' 2012-11-02 01:16:37 -05:00
sinn3r 1a162d7dd9 Use Rex table, fix 1.8 syntax issues, format fixes 2012-11-02 01:15:47 -05:00
Zach Grace 5c27c9c953 Added a print_good from the results of store_loot 2012-10-29 15:18:13 -05:00
Zach Grace eda5e8a12f Changed platform type from windows to win and fixed an indentation error. 2012-10-29 14:23:50 -05:00
Tod Beardsley 5c0fb2789f Merge branch 'module-metasploit-pcaplog-privesc' into rapid7-master 2012-10-29 11:32:32 -05:00
Tod Beardsley 65e27ff38a Warn about the potential to jack up /etc/passwd 
This needs to be underlined. It's too easy to wang up /etc/passwd by
accident.

This closes PR #632
[Fixes #38593685]
 2012-10-29 11:28:27 -05:00
Tod Beardsley 5e80e19a4e Msftidy complaint about EOL spaces 2012-10-29 11:08:03 -05:00
Zach Grace 3746a3ef64 adding pgpass_creds post module 2012-10-25 21:30:54 -05:00
0a2940 2f0c2d76ea remove load statements 2012-10-24 11:01:26 +02:00
0a2940 32ddd981eb linux_kernel mixin not required 2012-10-24 10:58:09 +02:00
0a2940 6d5da1662b Update modules/post/multi/escalate/metasploit_pcaplog.rb 
Stance is now passive
 2012-10-24 10:55:48 +02:00
Tod Beardsley be9a954405 Merge remote branch 'jlee-r7/cleanup/post-requires' 2012-10-23 15:08:25 -05:00
Michael Schierl 21f6127e29 Platform windows cleanup 
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
 2012-10-23 20:33:01 +02:00
James Lee 9c95c7992b Require's for all the include's 2012-10-23 13:24:05 -05:00
Michael Schierl e9f7873afc Version cleanup 
Remove all values that are neither 0 nor $Revision$.
 2012-10-22 20:57:02 +02:00
Michael Schierl 70ac7c8345 Author cleanup: fix unmatched angle brackets 2012-10-22 19:45:27 +02:00
Tod Beardsley cbce2c0fd5 Loop management, timeouts, and verbosity 
Add a todo for cred recording. Allow the user to determine when to give
up. Changes while true to simply loop. Clear up some of the boolean
checks. Inform the user what's going on.
 2012-10-17 17:30:30 -05:00
Tod Beardsley adfced8d0e Post require on gpg_creds 2012-10-15 06:58:35 -05:00
sinn3r 7196ca5b5e Fix bad indent 2012-10-12 18:35:05 -05:00
Raphael Mudge 7aa6776e4b let's not rejoin threads we've already joined. 2012-10-12 17:12:42 -04:00
Raphael Mudge 694eacfc4b performance fix for host discovery post modules 2012-10-12 16:43:42 -04:00
jvazquez-r7 8b8bfec6b8 Merge branch 'gpg' of https://github.com/kholia/metasploit-framework into kholia-gpg 2012-10-05 09:23:54 +02:00
James Lee dc9907da98 Fix load order issue with multi/gather/ssh_creds 
Make sure Post::Unix exists before including
 2012-10-04 11:19:14 -05:00
Dhiru Kholia d63b5fb9e3 fixes: author format, remove meterpreter support, fix ltype 2012-10-04 21:29:00 +05:30
Dhiru Kholia 80bcf930e3 GnuPG Information Gather Module, tested against Linux 2012-10-02 17:46:57 +05:30
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
0a2940 733f656b00 code style improvement - start counter at 0 2012-09-13 11:32:10 +02:00
0a2940 f48f77c0d7 compatibility improvement - backticks not $() 
For the comments above, and the fact we're using backticks later in the line also (uniformity++)
 2012-09-13 11:19:00 +02:00
0a2940 f728d32f60 code style improvement - remove 'then' from 'if's 2012-09-13 11:14:45 +02:00
sinn3r b46fb260a6 Comply with msftidy 
*Knock, knock!*  Who's there? Me, the msftidy nazi!
 2012-08-07 15:59:01 -05:00
0a2940 f5b3886e8c fix success/fail print statements 2012-08-06 10:41:55 +02:00
0a2940 176f6ea41e added USERNAME and PASSWORD as options 2012-08-05 18:20:44 +02:00
sinn3r 716028c907 Catch exceptions that are expected when a host isn't pingable. 2012-07-23 18:34:03 -05:00
sinn3r bc176b4148 Merge branch 'pingsweep_fix' of https://github.com/darkoperator/metasploit-framework into darkoperator-pingsweep_fix 2012-07-23 17:37:01 -05:00
Carlos Perez cdee09b5cd Fixes in threading and for Java Meterpreter on OSX 2012-07-23 18:34:05 -04:00