Tab Assassin
3788bab8e5
Merge for retab
2013-09-05 14:56:30 -05:00
Tab Assassin
26b8364dcb
Retab changes for PR #1789
2013-09-05 14:44:21 -05:00
Tab Assassin
789be1fe3e
Merge for retab
2013-09-05 14:44:14 -05:00
Tab Assassin
daed98931e
Retab changes for PR #2158
2013-09-05 14:19:55 -05:00
Tab Assassin
27fd54092a
Merge for retab
2013-09-05 14:19:49 -05:00
Tab Assassin
7e5e0f7fc8
Retab lib
2013-08-30 16:28:33 -05:00
Meatballs
1ea3d91f48
Lands #2244 Python Meterpreter
...
[Closes #2244 ]
2013-08-30 14:33:35 +01:00
Meatballs
526e504531
More fix
2013-08-25 12:21:37 +01:00
Meatballs
d45d37bc38
Really fix...
2013-08-25 00:18:50 +01:00
Meatballs
83da0b3a57
Correct fname
2013-08-25 00:17:26 +01:00
Meatballs
19e47d5e82
Really fix war
2013-08-25 00:06:31 +01:00
Meatballs
b4b59aa065
Add guards against empty payloads
2013-08-24 11:59:59 +01:00
Meatballs
09ceeb5de2
Fix war generation
2013-08-23 20:06:57 +01:00
Meatballs
41b1b30438
vba transform
2013-08-23 18:00:19 +01:00
Meatballs
7370fc3f4e
vbs transform
2013-08-23 16:26:03 +01:00
Meatballs
5040347521
Fix psh and add powershell transform
2013-08-23 15:59:19 +01:00
Spencer McIntyre
e276b57ee7
Merge remote-tracking branch 'upstream/master' into python-meterpreter-dev
2013-08-19 08:37:12 -04:00
James Lee
ed00b8c19e
Ensure checksum* methods return a Fixnum
...
Fixes a bug in reverse_http* stagers where requests for the root URI
(i.e., "/") cause a NoMethodError on nil returned by checksum8.
[See #2216 ]
2013-08-14 14:09:37 -05:00
James Lee
3827b14103
Land #1726 , ssl verify mode
...
Conflicts:
lib/rex/socket/parameters.rb
Fix doc strings
2013-08-12 17:57:10 -05:00
Meatballs
08c32c250f
File versions
2013-08-08 19:42:14 +01:00
Spencer McIntyre
2d69174c5b
Initial commit of the python meterpreter.
2013-08-05 23:38:49 -04:00
Tod Beardsley
7e539332db
Reverting disaster merge to 593363c5f
with diff
...
There was a disaster of a merge at 6f37cf22eb
that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).
What this commit does is simulate a hard reset, by doing thing:
git checkout -b reset-hard-ohmu
git reset --hard 593363c5f9
git checkout upstream-master
git checkout -b revert-via-diff
git diff --no-prefix upstream-master..reset-hard-ohmy > patch
patch -p0 < patch
Since there was one binary change, also did this:
git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf
Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7
455569aee8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-29 12:10:12 -05:00
Meatballs
b99ad41a64
Add api constants and tidy
2013-07-26 01:48:39 +01:00
Meatballs
0235e6803d
Initial working
2013-07-25 23:24:11 +01:00
Meatballs
1d2d4b5345
Add some null checks
2013-07-25 18:35:11 +01:00
jvazquez-r7
47c21dfe85
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-24 11:42:11 -05:00
Tod Beardsley
00630376c3
Revert the default call to firefox
...
This reverts commit 0928a370f3
.
No, no, you guys are right in the comments for #2148 . The call to
system is inside the else, but the tabbing made my eyes cross.
Sorry about that. Someday soon, @tabassassin will save us all from these
kinds of screw ups in mental parsing.
2013-07-23 16:13:02 -05:00
William Vu
d493346691
Land #2137 , fixes and specs for Opt containers
2013-07-23 15:58:09 -05:00
David Maloney
621568bf8f
Another Error Type needs caught
...
Different systems throw a different error
Need to rescue that error too
2013-07-23 15:47:42 -05:00
William Vu
86ab942435
Land #2146 , Unix and Windows path normalization
2013-07-23 15:23:41 -05:00
Tod Beardsley
0928a370f3
Adding back default firefox
...
the default is triggered only outside the case statement, which itself
is totally bizarre. I can't tell if anyone is relying on this behavior
right now, but it's too premature to just remove it out at this point.
2013-07-23 14:43:30 -05:00
Tod Beardsley
53c3fd2ce7
Update comment docs on Rex::Compat.open_browser
2013-07-23 14:38:04 -05:00
ZeroChaos
ce5742461a
update open_browser functionality
...
open_browser didn't support xdg-open or firefox-bin. xdg-open was made the default as it is the most likely to succeed afaik.
the fallback to firefox was removed because since we check for the existence of firefox is makes no sense to try to run it after we failed to find it. This will silently fail if no supported browser is found due to suggestions from the msf team:
< Zero_Chaos> more importantly, it would be great if someone told me how to spit out a message to the user
< Zero_Chaos> because I have no clue :-)
<@egypt> Zero_Chaos: it's in rex, so the answer is "don't"
2013-07-23 14:58:16 -04:00
Tod Beardsley
bb16683415
Land #2087 , @egypt's random ID generator
2013-07-23 13:52:08 -05:00
sinn3r
958a4edd73
Keep the trailing slash if the user wishes
2013-07-22 20:46:18 -05:00
sinn3r
359009583f
Drop support for UNC path parsing in normalize_win_path
...
Not really a good idea to try to parse UNC format. Confuses the
purpose of the function.
2013-07-22 20:20:45 -05:00
sinn3r
4b3fce9349
Add functions to normalize Winodws & Unix paths
...
The purpose of these functions is to be able to join file/dir paths
safely without trailing slashes, basically for the same reason as
normalize_uri. Some modules are really buggy when merging paths,
so instead of letting them do it, it's better to use these functions.
2013-07-22 19:26:04 -05:00
jvazquez-r7
15b0e39617
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-21 13:47:40 -05:00
sinn3r
757cf18bb4
Land #2135 - Update FF detection
2013-07-20 13:10:14 -05:00
Joe Vennix
92ae90b828
Whitespace fixes.
2013-07-19 17:27:27 -05:00
Joe Vennix
2e838d7be3
Fix minor bugs discovered when testing.
2013-07-19 17:18:39 -05:00
Joe Vennix
7e2fc147f1
Add updated versions of firefox.
2013-07-18 16:35:57 -05:00
David Maloney
ec82644bd3
mo fixes mo specs
...
SEERM #7536
SEERM #7537
2013-07-18 15:00:57 -05:00
jvazquez-r7
58229ff8b7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-17 20:18:48 -05:00
James Lee
9d56e58e84
Rely on object detection for '5716599'
...
[SeeRM #7252 ]
2013-07-17 15:47:25 -05:00
jvazquez-r7
458ac5f289
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-17 15:02:33 -05:00
jvazquez-r7
11f8b351c0
Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework
2013-07-17 11:44:42 -05:00
William Vu
54af2929f5
Land #2109 , kill stray character
2013-07-16 11:11:06 -05:00
Joe Vennix
34e732eabd
Kill stray character in whitespace gutter.
2013-07-16 10:14:41 -05:00
James Lee
85affe4d47
Land #2089 , smb last_filename can be nil
2013-07-10 14:18:00 -05:00
James Lee
4cc179a24c
Store inverted hash for better lookups
...
Also clarifies comment about infinite loops
2013-07-10 12:38:42 -05:00
sinn3r
71974a8535
to_addr_hex_dump is never used and is too similar to to_hex_dump
...
Not so much value in to_addr_hex_dump, as Meatballs1 suggested, we
should remove this.
2013-07-10 11:09:47 -05:00
sinn3r
add294d999
Fix potential nil in last_filename
...
Replacing #2060 . It is possible to get a nil in last_filename if
the sub! function doesn't find any 0x00s to replace, so instead
it's best to use sub(), which should at least return the original
filename. To make sure we don't hit any other unknown conditions
that may result in nil last_filename, it's also convert with to_s
to make sure it's always a string.
2013-07-09 12:50:19 -05:00
James Lee
afa6a36df3
Make first char's character class configurable
2013-07-09 02:50:28 -05:00
James Lee
273046d8f0
Add a class for generating random identifiers
...
Will be useful for all kinds of things, but brought about in discussions
specifically for Util::EXE in #2037 .
2013-07-09 02:06:44 -05:00
Meatballs
0ce3fe2e7c
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
2013-07-05 22:25:04 +01:00
William Vu
28a4a05991
Land #2046 , base argument for to_hex_dump
2013-07-02 12:11:05 -05:00
sinn3r
98c214d2fb
Allow 0 base address, and dynamic left column length
2013-07-02 11:40:23 -05:00
jvazquez-r7
2ceb404f7d
Land #2047 , @hmoore-r7 ipmi related work
2013-07-02 11:13:25 -05:00
sinn3r
9eb32ea9af
Allow "base" argument for to_hex_dump
...
[SeeRM:#8121] - For debugging purposes, it's useful to be able to
specify a base.
2013-07-01 23:56:51 -05:00
jvazquez-r7
2751470c71
Add @jlee-r7's feedback to sapni proxies support
2013-07-01 21:37:53 -05:00
jvazquez-r7
9c4d869ed8
Land #1018 , @nmonkee's support for sap router proxies
2013-07-01 21:36:02 -05:00
HD Moore
8e4dd29a4c
Add cipher zero scanner
2013-06-30 02:35:37 -05:00
HD Moore
4fb6fa67f2
Fix require for constants, trim useless fields from banner
2013-06-26 09:59:40 -05:00
HD Moore
84117e28a8
Remove stale constants.rb require
2013-06-26 09:52:15 -05:00
James Lee
b3b94c7a73
Break packet classes into their own files
...
This makes the file structure match the class structure and makes the
source tree easier to grok.
2013-06-24 19:24:09 -05:00
HD Moore
1801a5a270
Better HP iLO compatibility (retry on session ID error)
2013-06-24 14:23:53 -05:00
HD Moore
c869112407
Cleanup, reporting, and automatic cracking
2013-06-23 01:35:31 -05:00
HD Moore
5656e0cb7a
Initial commit of IPMI library, scanner, & cracker
2013-06-22 23:38:28 -05:00
Meatballs
6c62463f83
Add ipv6 resolution and remove nix
2013-06-20 22:17:31 +01:00
jvazquez-r7
1aff778a79
Fix unpack
2013-06-18 09:06:44 -05:00
jvazquez-r7
3f665ba5a0
Skip also max-age from cookies
2013-06-17 14:04:08 -05:00
Meatballs
1637651bbb
Revert multilang test
2013-06-15 17:48:32 +01:00
Meatballs
62e335dab2
Resolve conflict
2013-06-15 17:40:37 +01:00
Meatballs
fc7d151273
Add multilang syscheck
2013-06-15 17:39:01 +01:00
jvazquez-r7
f5b00512e0
Fix sap ni proxy, hopefully
2013-06-13 17:15:48 -05:00
Brandon Perry
3cb851e4e0
Merge remote-tracking branch 'todb-r7/fix-msftidy-1944' into csharp_payload
2013-06-12 17:29:00 -05:00
Brandon Perry
0f06e9b08c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into csharp_payload
2013-06-12 17:27:55 -05:00
Tod Beardsley
9c75d821d1
Fix up msftidy warnings on rex/text.rb
2013-06-12 11:17:58 -05:00
Brandon Perry
d0e1e4df0a
This commit adds support for C# byte arrays for the assembly payloads.
2013-06-11 19:27:06 -05:00
James Lee
af613ee254
Add a more readable #inspect
2013-06-11 15:22:49 -05:00
sinn3r
937d7fb762
Landing #1835 - Fix a backwards disasm bug which stomps on the depth opt
2013-05-31 16:28:49 -05:00
sinn3r
df2140ea59
Add back the tmp include check according to bannedit's feedback
2013-05-31 16:26:52 -05:00
sinn3r
dacc73a60f
Improve readability based on Egypt's feedback
2013-05-31 16:24:27 -05:00
Tod Beardsley
14c4dbcf8c
Also remove *.ts.rb files
...
On the heels of #1862 , this gets rid of the "test suites" that bound
together all the old unit tests.
2013-05-28 17:05:44 -05:00
Samuel Huckins
e20385dd9e
Merge pull request #1864 from dmaloney-r7/feature/task_associations/cred_service_host
...
Passes specs and functional tests
2013-05-28 12:11:57 -07:00
James Lee
9843dc4cb4
Land #1708 , android meterpreter
...
Conflicts:
data/meterpreter/ext_server_stdapi.jar
2013-05-28 12:19:45 -05:00
David Maloney
0f21861921
Add task handling to imports
...
allow imports to carry along task info
[Story #49167601 ]
2013-05-23 13:33:19 -05:00
Tod Beardsley
05916c079e
Inline unit tests are so last decade
...
Aside from codebase-wide changes, nearly all of these tests haven't been
touched since before 2010, and there is no effort to maintain this style
of testing. We've moved on to (correctly) seperating out our tests from
our codebase.
2013-05-23 12:41:14 -05:00
James Lee
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
bannedit
031bb2eb0b
Fix a backwards disasm bug which stomps on the depth option
2013-05-15 22:08:50 -04:00
James Lee
61afe1449e
Landing #1275 , bash cmdstager
...
Conflicts:
lib/rex/exploitation/cmdstager.rb
Conflict was just the $Id$ tag, which is no longer used anyway.
2013-05-15 10:44:05 -05:00
Joshua J. Drake
c71b57764e
Add a Python buffer formatter and update msfpayload to enable using it
2013-05-13 20:41:15 -05:00
Meatballs
7fb092c58c
Initial commit
2013-05-02 22:08:19 +01:00
Tasos Laskos
6bf19c6fb8
HTTP::ClientRequest: Should handle nils in params
...
When hashes for params contain nils, they should be converted to empty
strings instead of crashing.
* #to_s: Calls #to_s on vars_get and vars_post data
* #set_encode_uri: Calls #to_s on its arg
2013-04-30 22:01:00 +03:00
Meatballs
293c847a32
Fix table.print
2013-04-29 22:02:41 -05:00
Meatballs
69dead8c8f
Tidier
2013-04-29 23:17:11 +01:00
Meatballs
36ef2cb5a1
x86 warning for mimikatz
2013-04-29 23:14:32 +01:00
Meatballs
02788f71d9
Fix table.print
2013-04-29 22:37:02 +01:00
James Lee
d53d6370b3
Land #1747 , mimikatz meterpreter extension
...
[Closes #1747 ]
See rapid7/meterpreter#9
2013-04-29 14:45:07 -05:00
sinn3r
1d9a695d2b
Landing #1772 - Adds phpMyadmin Preg_Replace module (CVE-2013-3238)
...
[Closes #1772 ]
2013-04-28 12:17:16 -05:00
Meatballs
bbd53a2dbd
Add domain to get_cookies
2013-04-26 20:34:21 +01:00
Meatballs
b25b9e769c
Msftidy
2013-04-26 20:30:04 +01:00
Meatballs
1f2cab7aef
Tidyup and getcookies
2013-04-26 20:26:04 +01:00
Meatballs
9ad19ed2bf
Final tidyup
2013-04-26 15:41:28 +01:00
Meatballs
c7ac647e4e
Initial attempt lfi
2013-04-26 14:32:18 +01:00
Meatballs
d8430c83cf
Add simple rspec
2013-04-26 00:47:00 +01:00
Meatballs
668dd78587
Msftidy
2013-04-26 00:21:31 +01:00
Meatballs
e2bf4882f0
Add domain join parse
2013-04-26 00:20:10 +01:00
Meatballs
235887ccb5
Finished
2013-04-25 23:25:05 +01:00
James Lee
93bddd9041
Improved docs and partial specs for Rex::Text
...
Conflicts:
lib/msf/core/modules/loader/base.rb
lib/rex/poly/block.rb
lib/rex/text.rb
2013-04-23 17:24:03 -05:00
Meatballs
fab1781812
Refactored to send custom commands
2013-04-22 10:04:38 +01:00
Meatballs
6656514616
Msftidy
2013-04-21 14:34:47 +01:00
Meatballs
fc621e8d7e
Parse ssp correctly
2013-04-21 10:55:01 +01:00
Meatballs
83fbc3e46f
Small fix and attribution to gentilkiwi
2013-04-21 00:36:43 +01:00
Meatballs
cec737d399
tidy and table header
2013-04-20 18:05:47 +01:00
Meatballs
b219a23f00
Refactoring
2013-04-20 18:00:46 +01:00
Meatballs
20849714ac
Add all methods
2013-04-20 17:27:32 +01:00
Meatballs
ddaa09edad
Added msv
2013-04-20 16:31:45 +01:00
Meatballs
83578dec68
Getprivs by default
2013-04-20 14:59:07 +01:00
Meatballs
a23d7bb66f
Add client UI and parse results
2013-04-20 12:20:38 +01:00
Meatballs
5fa81942db
Initial comms
2013-04-19 22:19:50 +01:00
Tod Beardsley
4d21c7dff5
Landing #1727 , adding @jlee-r7's new fingerprints
2013-04-15 13:49:59 -05:00
Meatballs
67791c12a5
Small tidy
2013-04-14 11:18:45 +01:00
Meatballs
26479bbe82
Fixup resolve_host
2013-04-14 10:58:51 +01:00
Meatballs
6a7fc70274
Remove length stuff
2013-04-14 10:54:19 +01:00
Meatballs
6bca2b305f
Typo
2013-04-14 10:44:00 +01:00
Meatballs
849b42ffb9
Further tidy
2013-04-14 10:42:15 +01:00
Meatballs
4b4f77eb0f
Finalize
2013-04-14 10:32:56 +01:00
timwr
32bd812bdb
android meterpreter
2013-04-12 18:57:04 +01:00
James Lee
2c8ec656ca
Typo
2013-04-11 22:36:08 -05:00
James Lee
7df80c7aac
Add a couple new IE fingerprints to osdetect.js
2013-04-11 22:29:02 -05:00
RageLtMan
1e93ae65e3
fix typo in parameters
2013-04-11 19:12:32 -04:00
RageLtMan
5ac18e9156
commant update
2013-04-11 19:11:25 -04:00
RageLtMan
6eb33ae5ed
Rex::Socket::SslTcp set cipher and verify_mode
...
Update Rex::Socket::SslTcp to accept verification mode string from
Rex::Socket::Parameters, which has been modified accordingly.
Add SSLVerifyMode and SSLCipher options (params and socket work
were done before, but the option was not exposed) to
Msf::Exploit::Tcp.
Testing:
```
>> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort'
=>443,'SSL' => true, 'SSLVerifyMode' => 'NONE')
>> sock.sslctx.verify_mode
=> 0
>> sock.close
=> nil
>> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort'
=>443,'SSL' => true, 'SSLVerifyMode' => 'PEER')
=> #<Socket:fd 13>
>> sock.sslctx.verify_mode
=> 1
```
Note: this should be able to resolve the recent SSL socket hackery
of exploit/linux/misc/nagios_nrpe_arguments.
2013-04-11 18:00:33 -04:00
James Lee
6a0b240d10
Add some better docs for Rex::Socket
2013-04-10 12:41:41 -05:00
Meatballs
e4ff7a2f2c
Address egypt's feedback
2013-04-09 21:15:04 +01:00
Meatballs
3660ad8c0a
Initial attempt
2013-04-07 23:03:43 +01:00
James Lee
067140643e
Landing #1579 , meterpreter mv
...
See rapid7/meterpreter/#6
2013-04-04 23:42:31 -05:00
James Lee
ad46b46684
Landing #1463 , Meatballs' cdecl fixes
2013-04-04 22:58:59 -05:00
Luke Imhoff
47842aa6a2
Fix 'Output is not a module'
...
[#46491831 ]
I missed that Rex::Ui::Text::Output was a class and not a module, so
starting up prosvc fell over when it loaded
rex/ui/text/output/buffer/stdout, which also would screw up
msf/ui/console/command_dispatcher/core.rb where I original added
Rex::Ui::Text::Output::Buffer::Stdout.
2013-04-01 20:16:28 -05:00
Luke Imhoff
2317e9cced
Fix yard tag warnings
...
[#46491831 ]
2013-03-30 17:13:12 -05:00
Luke Imhoff
7ed2812ec3
Fix Cannot resolve link YARD warnings
...
[#46491831 ]
2013-03-30 16:58:49 -05:00
Luke Imhoff
bc4b87ebd9
Fix Undocumentable method defined on object instance YARD warnings
...
[#46491831 ]
Change code to use format that YARD can document without changing
semantics.
2013-03-30 16:05:12 -05:00
Luke Imhoff
c210260845
Fix Undocumentable method, missing name YARD warning
...
[#46491831 ]
Comments at the start of the file with ## caused YARD to think the
comment was documenting the require call. By removing the ##, the
warning disappeared. I did not determine what is special about ## in
file comments.
2013-03-30 15:32:38 -05:00
Tod Beardsley
91e3f4cca6
Merge 'kernelsmith/msfconsole-grep'
...
Resolved a conflict between grep and go_pro (go_pro was added after
grep). Adds @kernelsmith's grep command. Josh is determined to have
msfconsole be his default shell, it seems.
[Closes #1320 ]
Conflicts:
lib/msf/ui/console/command_dispatcher/core.rb
2013-03-18 14:39:45 -05:00
RageLtMan
d399093d80
Add Framework side of stdapi.fs.file.mv
...
Add the appropriate methods to Rex side of the FS extension and
the commensurate command dispatcher.
Requires https://github.com/rapid7/meterpreter/pull/6 from the
meterpreter repo as well as compiling fresh DLL for
ext_server_stdapi.
2013-03-12 02:06:38 -04:00
Spencer McIntyre
bf54b582c9
Condense the decoder commands
2013-03-08 16:29:03 -05:00
Spencer McIntyre
8b5a83c7f5
Remove the DECODER option
2013-03-08 15:25:16 -05:00