infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
35,759 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

165 Commits (7a16f28969bacb59bc846f39b4fa9c5216fadd6c)

Author SHA1 Message Date
Fernando Arias eb479318b1
Use existing run for match result or create a new one if it doesnt exist 
MSP-13119
 2015-09-15 14:34:44 -05:00
Fernando Arias c7f15ca940
Rework how match results get created 
MSP-13119

* Create match result when we create vuln attempt
 2015-09-14 12:18:47 -05:00
Fernando Arias 0bb03db786
Rework vuln lookup logic to account for vuln with no service (nexpose import vuln with -1 port) 
MSP-13234
 2015-09-09 13:21:05 -05:00
Fernando Arias ed1065b297
Create MatchResult with status Failure on session failure 
MSP-13104
 2015-08-24 12:56:32 -05:00
jvazquez-r7 af326a4f88
Use compatible_payloads instead of copy and paste 2015-05-29 16:55:19 -05:00
wchen-r7 defda01d87 Some doc 2015-05-29 15:09:29 -05:00
wchen-r7 b33ace2f44 Put is_payload_compatible? in exploit.rb 2015-05-29 15:07:59 -05:00
Christian Mehlmauer 668961b69d
fix some yarddoc issues 2015-04-20 00:06:59 +02:00
wchen-r7 37613adebb Improve developer experience for fail_with 
The fail_with for an exploit is used differently than a non-exploit,
so it would be nice to document about this. Also, be strict about
the reason for the exploit one, because this can affect other
components of Metasploit.
 2015-04-17 15:55:22 -05:00
Christian Mehlmauer 69d3c26746
fix documentation 2015-04-16 21:28:16 +02:00
root 51dd88114b Fix grammer in comments 2015-04-13 13:21:41 +05:00
Luke Imhoff 0c00c7cc50
Fully-qualifiy Msf::MODULE_TYPES constants 
MSP-11126

Fully-qualify `Msf::MODULE_TYPES`, `Msf::MODULE_ANY`,
Msf::MODULE_ENCODER`, `Msf::MODULE_EXPLOIT`, `Msf::MODULE_NOP`,
`Msf::MODULE_AUX`, `Msf::MODULE_PAYLOAD`, `Msf::MODULE_POST` so that
their usage isn't dependent on nested lexical scoping.
 2014-10-17 12:43:40 -05:00
jvazquez-r7 0c44cc5ae4 Allow Exploits to provide Encoder Compat options 2014-02-21 15:49:39 -06:00
Meatballs 56359aa99f
Merge changes from other dev machine 2014-02-07 21:22:44 +00:00
jvazquez-r7 80e7ae144b Use the platform when selecting the payload 2014-02-04 14:34:11 -06:00
Meatballs 0a3cb3377f
AppendEncoder 2014-02-04 15:41:10 +00:00
sinn3r 6ffb750633 Change Unsupported message 
Auxiliary modules can use check, too. Not just exploits.
 2014-01-26 01:14:11 -06:00
sinn3r ea47da5682 Add wiki link "How to write a check() method" to documentation 2014-01-20 20:10:50 -06:00
sinn3r e48b8ae14c Use a better term 2014-01-19 16:01:38 -06:00
sinn3r afd0e71457 Use the term "exploit" is a little more correctly 
So Metasploit uses the term "exploit" to describe something, a module
or an action, that results popping a shell. A check normally doesn't
pop a shell, so avoid that language.
 2014-01-17 13:50:23 -06:00
sinn3r 363c53e14e Clearify when to use a specific CheckCode 
An example of the biggest confusion module developers face is not
actually knowing the difference between Detected vs Appears vs
Vulnerable. For example: a module might flag something as a
vulnerable by simply doing a banner check, but this is often
unreliable because either 1) that banner can be fooled, or 2)
the patch does not actually update the banner. More reasons may
apply. Just because the banner LOOKS vulnearble doesn't mean it is.
 2014-01-17 13:35:17 -06:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
HD Moore bec15ebf7c Remove Failure (moved to parent class) 2013-08-15 13:31:21 -05:00
James Lee f3ff5b5205 Factorize and remove includes 
Speeds up compilation and removes dependency on bionic source
 2013-05-28 15:46:06 -05:00
James Lee 0466cce7b1 Move PostMixin to its own file 
Also replaces dead code in lib/msf/core/exploit/local.rb with what was
actually being used for the Exploit::Local class that lived in
lib/msf/core/exploit.rb.
 2013-05-28 15:46:06 -05:00
Tod Beardsley a852304ba3 DRY: Move check things to the common module level 
While it makes lots of sense to bring check to all modules, of course
some modules will not be able to actually use it. Namely modules like
nop and payload modules. If you're feeling creative, you could probably
come up with semantically similar checks for those, too.
 2013-05-23 11:42:41 -05:00
James Lee db676f1a88 Whitespace at EOL 2013-03-07 18:20:08 -06:00
James Lee 32aa2c6d9c Make asm spacing easier to read 
Also adds a #prepends callback to Payload::Windows to make it a little
clearer what's happening.
 2013-01-22 13:25:27 -06:00
scriptjunkie 66d5f39057 Ensure prepend_migrate? always functions correctly. 2013-01-18 18:04:09 -06:00
scriptjunkie 0b32111a9f Revert "Revert "Merge branch 'migrator' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-migrator"" 
This reverts commit 2436ac3a58.
 2013-01-18 16:34:38 -06:00
James Lee 6d6b4bfa92 Merge remote branch 'rapid7/master' into omg-post-exploits 2012-07-08 17:32:39 -06:00
HD Moore d656e3185f Mark all libraries as defaulting to 8-bit strings 2012-06-29 00:18:28 -05:00
HD Moore 83bf78c63b New failure_reason messages 2012-06-19 13:31:39 -05:00
HD Moore d5768080bf Add a fail_message to attempts and fix bugs 2012-06-19 00:48:39 -05:00
James Lee 5717f52246 Make the Exploit::Local class useful 
This commit is the main infrastructure needed to run exploits in a local
context, gluing the Exploit and Post module classes together.
 2012-06-12 23:58:19 -06:00
HD Moore 7c8cb2d79e Add vuln_attempts, track exploit attempts when a matching vuln exists. 
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
 2012-06-10 03:15:48 -05:00
HD Moore e6968c202a A couple bug fixes to enable cmd_interact and a new module for the VSFTPD backdoor 
git-svn-id: file:///home/svn/framework3/trunk@13093 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 20:09:32 +00:00
HD Moore 7f3e2d182d Fix Axis2 to inherit from the correct class, prevent a stack trace when a non-Remote exploit has the cleanup method called. 
git-svn-id: file:///home/svn/framework3/trunk@12928 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-12 18:32:27 +00:00
HD Moore 9ce47c01bd Reverting the autoload changes until we can upgrade to a new ActiveSupport library or find a workaround 
git-svn-id: file:///home/svn/framework3/trunk@12600 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-12 20:03:55 +00:00
Joshua Drake fd4e6db85d Fixes 4373, Migrates lib/msf to use autoload instead of require (first try) 
git-svn-id: file:///home/svn/framework3/trunk@12596 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-12 19:07:35 +00:00
HD Moore 1c86441f12 This removes the abortive_close code for stream sockets, it was leading to inconsistencies in how dead sessions were cleaned up 
git-svn-id: file:///home/svn/framework3/trunk@12519 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-03 03:59:02 +00:00
Tod Beardsley b1178686cf Fixes #3988. Adds a command execution module for PostgreSQL by uploading a UDF library and adding sys_exec() as a temporary function. Requires the target to be Windows, uses Bernardo Damele A. G.'s binaries. 
Also fixes a typo in the arguments to handler which clears up a heretofore mysterious exception (see exploit.rb).



git-svn-id: file:///home/svn/framework3/trunk@12111 4d416f70-5f16-0410-b530-b9f4589650da
 2011-03-23 19:36:07 +00:00
James Lee 326dc42bca add EncodedPayload#encoded_exe, encoded_jar, and encoded_war. simplifies exploits that need java and native payloads. see #406 and #3009 
git-svn-id: file:///home/svn/framework3/trunk@10999 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 23:01:35 +00:00
Tod Beardsley 865b711b5c Fixes #2974. Adds an "Unknown" level to Exploit::CheckCode, fixes the URI check for exploit/unix/webapp/php_include (which was relying on Unknown). 
git-svn-id: file:///home/svn/framework3/trunk@10694 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-15 12:24:17 +00:00
Joshua Drake 2f384cde82 add alias for calling Msf::Exploit regenerate_payload explicitly -- fixes #2312 
git-svn-id: file:///home/svn/framework3/trunk@9950 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-03 15:14:34 +00:00
HD Moore 42da9e899a Improvements to the cleanup process, close sockets properly for exploits and auxiliary 
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-01 16:26:24 +00:00
HD Moore 6383ef6cfd Typo 
git-svn-id: file:///home/svn/framework3/trunk@8844 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-17 18:41:09 +00:00
Joshua Drake 070d6e20cd fix bug from natron 
"show info" was displaying the default target as index 0 when it was really 4

git-svn-id: file:///home/svn/framework3/trunk@8461 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-12 02:11:52 +00:00
James Lee 53662ed46e save events to the database. fixes 618 
git-svn-id: file:///home/svn/framework3/trunk@8126 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-15 00:32:48 +00:00
HD Moore f76a9a43e6 Switch compat payloads to normal vs ranked 
git-svn-id: file:///home/svn/framework3/trunk@7877 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 13:14:01 +00:00