Christian Mehlmauer
2e9a579a08
implement @limhoff-r7 feedback
2013-08-21 21:05:52 +02:00
Christian Mehlmauer
ffdd057f10
-) Documentation
...
-) Added Wordpress checks
2013-08-21 14:27:11 +02:00
Christian Mehlmauer
655e2dcf6c
more methods
2013-08-21 13:13:41 +02:00
Christian Mehlmauer
68a51f4055
msftidy
2013-08-21 12:50:26 +02:00
Christian Mehlmauer
11ef8d077c
-) added wordpress mixin
...
-) fixed typo in web mixin
2013-08-21 12:45:15 +02:00
Shelby Spencer
97933c4954
Moving meterpreter scripts out of exe.rb into a templates folder.
2013-08-20 16:49:48 -07:00
sinn3r
f148eb4715
Land #2255 - Fix fail_with()
2013-08-20 01:28:21 -05:00
jvazquez-r7
491ea81acf
Fix calls to fail_with from mixins
2013-08-19 16:42:52 -05:00
jvazquez-r7
7e37130837
Patch for [SeeRM #8315 ]
2013-08-19 16:34:02 -05:00
Spencer McIntyre
e276b57ee7
Merge remote-tracking branch 'upstream/master' into python-meterpreter-dev
2013-08-19 08:37:12 -04:00
Tod Beardsley
1eb3c323ed
Land #2175 , force string encoding for RPC
...
Metasploit takes great pains to ensure that all strings are encoded as
plain old US-ASCII. This PR enforces this conversion over RPC as well.
[FixRM #7888 ]
2013-08-16 16:09:24 -05:00
Tod Beardsley
7937fbcc49
More idiomatic ruby with symbols and spaces
2013-08-16 15:59:04 -05:00
HD Moore
bec15ebf7c
Remove Failure (moved to parent class)
2013-08-15 13:31:21 -05:00
HD Moore
4706f8b54c
Add fail_with() stub and move Failure from Exploit
2013-08-15 13:30:47 -05:00
sinn3r
bd6a45fffa
Get rid of version() use
2013-08-14 11:00:09 -05:00
sinn3r
83aec3b231
Remove module version display
...
Since modules no longer use the 'Version' key, there's no point to
collect and show them. It's all 0 anyway.
[See RM 8278]
2013-08-14 02:26:39 -05:00
sinn3r
92d57ef37d
Fix merge conflict
...
Conflicts:
msfvenom
2013-08-13 00:00:16 -05:00
James Lee
3827b14103
Land #1726 , ssl verify mode
...
Conflicts:
lib/rex/socket/parameters.rb
Fix doc strings
2013-08-12 17:57:10 -05:00
jvennix-r7
8278808a37
Merge pull request #2204 from todb-r7/bug/undo-optstring-validator
...
Revert "OptString specs and better validation"
2013-08-09 13:42:46 -07:00
Tod Beardsley
02f460287b
Revert "OptString specs and better validation"
...
This reverts commit d66779ba4c
.
Specifically, this commit was causing trouble when a datastore was
getting an Integer. For some reason (as yet undiscovered), the option
normalizer wasn't trying to Integer#to_s such arguments.
This kind of thing is going to happen a lot. For now, I'd rather just
end up with the ducktype, and attack the normalizer in a seperate fix.
2013-08-09 15:30:42 -05:00
sinn3r
4558aca7ca
Land #2136 - Removed requirement for note.data to be present
2013-08-09 15:29:25 -05:00
Meatballs
08c32c250f
File versions
2013-08-08 19:42:14 +01:00
James Lee
ab976ddf8f
Fix genarate command in msfconsole
...
Thanks @Meatballs1 for spotting
2013-08-06 14:46:53 -05:00
Spencer McIntyre
2d69174c5b
Initial commit of the python meterpreter.
2013-08-05 23:38:49 -04:00
allfro
9180dd59fe
Patch for string encoding issues with `msgpack`
...
Fixes an issue that causes exploits to fail if the PAYLOAD option is the last option to get marshalled in an MSFRPC dictionary. The patch adjusts the string's encoding to match the internal default encoding used by Ruby. Hence, making `fetch()` succeed.
2013-07-30 13:38:44 -04:00
Tod Beardsley
7e539332db
Reverting disaster merge to 593363c5f
with diff
...
There was a disaster of a merge at 6f37cf22eb
that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).
What this commit does is simulate a hard reset, by doing thing:
git checkout -b reset-hard-ohmu
git reset --hard 593363c5f9
git checkout upstream-master
git checkout -b revert-via-diff
git diff --no-prefix upstream-master..reset-hard-ohmy > patch
patch -p0 < patch
Since there was one binary change, also did this:
git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf
Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7
05be76ecb7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-29 16:41:22 -05:00
jvazquez-r7
593363c5f9
Land #2154 , @wchen-r7's msfcli optimizations and refactoring
2013-07-29 16:38:32 -05:00
sinn3r
a0decf502f
Refactor msfcli
2013-07-28 12:40:50 -05:00
jvazquez-r7
4a0b33241f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-25 18:41:50 -05:00
sinn3r
7b7603a5e7
Land #2104 - reverse_https_proxy
2013-07-25 17:26:56 -05:00
jvazquez-r7
33f6f7e8fc
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-25 17:03:45 -05:00
William Vu
27a540e12f
Land #1215 , creds reuse for AuthBrute modules
2013-07-25 16:54:44 -05:00
William Vu
dac9ac4a1d
Land #2159 , spool command nil dereference fix
2013-07-25 15:38:35 -05:00
James Lee
a5ca516435
Fix nil deref in spool command
...
Occurs when no module is currently `use`d
2013-07-25 14:51:39 -05:00
jvazquez-r7
2b3dcaf678
Land #2157 , @wvu and @averagesecurityguy patch for OpenVAS XML Reports importing
2013-07-25 12:04:38 -05:00
William Vu
97680304d6
Use index, since it can apparently do regex
2013-07-25 12:00:33 -05:00
jvazquez-r7
5014919198
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-25 09:02:20 -05:00
sinn3r
56367ef69c
Update documentation
2013-07-24 19:04:47 -05:00
sinn3r
0fd2c385fb
Update documentation
2013-07-24 19:02:10 -05:00
sinn3r
e266d1bd0a
Add comment about opts
2013-07-24 19:00:58 -05:00
sinn3r
a71d7eb372
Update archive.rb to handle whitelist
2013-07-24 18:59:43 -05:00
sinn3r
9ae550c883
Do if [].empty?. Avoid msfcli running as a job
2013-07-24 18:35:06 -05:00
sinn3r
ed51d284fa
Change name, change how data is passed, fix rspec
2013-07-24 17:15:56 -05:00
jvazquez-r7
214f337f58
Fix indentation
2013-07-24 16:55:01 -05:00
Meatballs
c221360cc1
Retab
2013-07-24 22:16:41 +01:00
sinn3r
e120ecfba9
msfcli is designed to load only one module (auxiliary or exploit),
...
so we shouldn't have to load all of them to run this utility. The
overall goal of this PR is to narrow down what modules
(exploit/aux + payload + encoder + nop) you possibly need in order
to shave off loading time. By doing this, on my box this is 5-6
seconds faster than the original one.
I actually tried to avoid making too many changes in the library
(such as Module Manager), because we don't have test cases for them,
and we can't really afford to risk breaking it. I also developed
a test script to actually be able to test msfcli.
2013-07-24 14:40:46 -05:00
jvazquez-r7
e9a4f6d5da
Merge branch 'dll_fix' of https://github.com/Meatballs1/metasploit-framework
2013-07-24 14:00:52 -05:00
Meatballs
edc297756b
Tabs
2013-07-24 19:14:11 +01:00
Meatballs
4b84b49674
Fix payload corruption
2013-07-24 19:08:02 +01:00
jvazquez-r7
47c21dfe85
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-24 11:42:11 -05:00
William Vu
d493346691
Land #2137 , fixes and specs for Opt containers
2013-07-23 15:58:09 -05:00
jvazquez-r7
b0c17fdebc
Land #2002 , @jlee-r7's patch for better handling uri resources
2013-07-23 15:49:21 -05:00
jvazquez-r7
99a345f8d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 13:54:26 -05:00
jvazquez-r7
77e8250349
Add support for CWE
2013-07-22 12:13:56 -05:00
David Maloney
943dde5c6c
OptRegexp specs
2013-07-20 18:44:55 -05:00
David Maloney
d66779ba4c
OptString specs and better validation
2013-07-20 17:49:03 -05:00
David Maloney
d6f2b28708
More opt specs
2013-07-20 17:37:39 -05:00
Samuel Huckins
832db57171
Removed requirement for note.data to be present. It wasn't required in
...
the model or in specs, but was in db.rb, resulting in an error during
certain import scenarios.
2013-07-20 10:27:12 -05:00
David Maloney
ec82644bd3
mo fixes mo specs
...
SEERM #7536
SEERM #7537
2013-07-18 15:00:57 -05:00
jvazquez-r7
1a5e0e10a5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 13:53:57 -05:00
sinn3r
9d92b38dc7
Land #2121 - add specs for module search filter
2013-07-18 13:50:26 -05:00
Joe Vennix
67d8c1170b
Remove unnecessary whitespace.
2013-07-18 13:43:30 -05:00
David Maloney
57dd525714
More optaddressrange specs and fixes
...
SEERM #7536
2013-07-18 13:03:32 -05:00
Joe Vennix
f4b0ab8184
Adds 141 passing specs to Msf::Module#search_filter.
...
* tests exclusion functionality, type: matching, port: matching, app: matching,
platform: matching, author: matching, text: matching, name: matching, and
path: matching.
[RM #4790 ]
2013-07-18 12:47:08 -05:00
David Maloney
22e4db04e0
opening specs and fixes for OptAddressRange
2013-07-18 12:44:48 -05:00
David Maloney
27e2469d8e
Specs and code changes for OptAddress
...
handles wierness around Optaddress.
Still need to address isues in optaddressRange
FIXRM #7537
2013-07-17 20:21:24 -05:00
jvazquez-r7
58229ff8b7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-17 20:18:48 -05:00
Tod Beardsley
72df070b80
Bump version to 4.8.0-dev, -rls is so fleeting
2013-07-17 16:43:24 -05:00
Tod Beardsley
8d1a760b1f
Bump version to -rls
2013-07-17 16:42:37 -05:00
jvazquez-r7
11f8b351c0
Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework
2013-07-17 11:44:42 -05:00
Alexandre Maloteaux
a5d526d710
remove metsrv.dll
2013-07-15 17:16:21 +01:00
Alexandre Maloteaux
e28dd42992
add http authentification and socks
2013-07-15 15:36:58 +01:00
William Vu
fdd577598a
Land #2095 , go_pro fix for Kali
2013-07-15 04:27:56 -05:00
Alexandre Maloteaux
f48c70d468
enable tor and small fix
2013-07-13 17:59:49 +01:00
James Lee
94f8b1d177
Land #2073 , psexec_psh
2013-07-12 16:14:17 -05:00
James Lee
91b748a701
Make it clear where we failed
...
Even when VERBOSE=false
2013-07-12 15:57:30 -05:00
corelanc0d3r
e8983a21c5
New meterpreter payload reverse_https_proxy
2013-07-12 16:45:16 -04:00
William Vu
e8294b4f02
Add tentative fixes
2013-07-12 07:12:07 -05:00
James Lee
1ac1d322f2
Dup before modifying
...
Because `remove_resource` modifies @my_resources, we can't call it while
iterating over the actual @my_resources. The following snippet
illustrates why:
```
>> a = [1,2,3,4]; a.each {|elem| a.delete(elem); puts elem }
1
3
=> [2, 4]
```
[See #2002 ]
2013-07-12 00:57:10 -05:00
James Lee
38e837dc28
Remove inaccurate comment
2013-07-11 22:48:35 -05:00
g0tmi1k
a4d96d37f3
Updated regex
2013-07-11 21:16:02 +01:00
g0tmi1k
ff62a85501
command_dispatcher/core.rb - Made msftidy happy
2013-07-11 10:52:25 +01:00
g0tmi1k
b2fe31e30f
go_pro - fix start with kali linux
2013-07-11 10:42:26 +01:00
William Vu
f267c11bc4
Add regex fix
2013-07-10 15:43:16 -05:00
Tod Beardsley
56ffa4ae2f
Fixes for network_interface PR #2085
...
Implementing the suggestions from @limhoff-r7.
See #2085
FixRM #8023
FixRM #7943
2013-07-10 13:25:06 -05:00
lsanchez-r7
4541a9e49e
now with passing msftidy
2013-07-08 17:44:50 -05:00
lsanchez-r7
5c93fb2849
arp_sweep is once again working
...
modified the capture mixin to use NetworkInteface instead of
pcaprub for interfaces and addresses
FIXRM #8023,#7943
2013-07-08 17:24:28 -05:00
James Lee
00c7581099
Fix constant names and 'exe-only'
...
That'll teach me to commit before the specs finish.
Really [FixRM #8149 ]
2013-07-06 12:39:15 -05:00
James Lee
1b504197be
Check equality instead of regex
...
Thanks, @Meatballs1 for finding the cause of this bug!
[FixRM #8149 ]
2013-07-06 12:29:37 -05:00
Meatballs
2bfe8b3b29
msftidy
2013-07-05 22:35:22 +01:00
Meatballs
0ce3fe2e7c
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
2013-07-05 22:25:04 +01:00
jvazquez-r7
0e2380c115
Fix method documentation
2013-07-05 11:19:53 -05:00
jvazquez-r7
bcf6d11442
Land #2049 , @wchen-r7's had_pid? method work
2013-07-05 11:19:11 -05:00
Meatballs
1a0bdf335e
Retab lib
2013-07-04 12:09:46 +01:00
Meatballs
a76ee6c2ec
Add flexibility to lib
2013-07-04 11:03:48 +01:00
Meatballs
1368c1c27f
Move options to lib
2013-07-04 10:25:08 +01:00
Meatballs
03de8c1c3d
Pull in exploit/powershell
2013-07-04 09:54:40 +01:00
James Lee
e330916744
Pull out common stuff in Util::EXE/MsfVenom tests
2013-07-03 12:25:15 -05:00
g0tmi1k
38b83ba335
ui/banner~Made msftidy happy
2013-07-03 00:29:42 +01:00