William Vu
ce40c1152a
Land #4014 , msfconsole spinnerz
2014-10-17 16:25:31 -05:00
Luke Imhoff
080ea3e56a
Merge branch 'staging/great-backport' into feature/MSP-11126/msf-module-reorg
...
MSP-11126
2014-10-17 14:28:13 -05:00
Luke Imhoff
06fbbf7001
Fully-qualified Msf::NormalRanking in Msf::Module::Ranking
...
MSP-11126
Needed due to loss of `Msf` lexical scope.
2014-10-17 13:58:57 -05:00
Luke Imhoff
43354774e1
Fully qualified Msf::RankingName in Msf::Module::Ranking
...
MSP-11126
To compensate for loss of `Msf` lexical scope.
2014-10-17 13:43:51 -05:00
Luke Imhoff
ae45c1b9d3
Msf::Module::Rank -> Msf::Module::Ranking
...
MSP-11126
So that mixin module won't appear as Rank constant that Msf::Module
subclasses are supposed to define.
2014-10-17 13:39:53 -05:00
Tod Beardsley
a431bff13f
@wvu-r7 is a skilled negotiator. s/stdout/stderr/
2014-10-17 13:13:44 -05:00
Luke Imhoff
a6a2886faa
Fully-qualify Msf::OptionContainer references
...
MSP-11126
2014-10-17 13:09:27 -05:00
Luke Imhoff
112b5988f2
Add missing autoload to fix loading on travis-ci
...
MSP-11126
`Msf::Module::Failure` fails to load on travis-ci probably due to a load
order difference, so add `:Failure` to autoloads in `Msf::Module`.
2014-10-17 13:05:59 -05:00
Luke Imhoff
0c00c7cc50
Fully-qualifiy Msf::MODULE_TYPES constants
...
MSP-11126
Fully-qualify `Msf::MODULE_TYPES`, `Msf::MODULE_ANY`,
Msf::MODULE_ENCODER`, `Msf::MODULE_EXPLOIT`, `Msf::MODULE_NOP`,
`Msf::MODULE_AUX`, `Msf::MODULE_PAYLOAD`, `Msf::MODULE_POST` so that
their usage isn't dependent on nested lexical scoping.
2014-10-17 12:43:40 -05:00
Tod Beardsley
5978bd5e62
Control the startup msg with -q, too
2014-10-17 12:41:58 -05:00
Tod Beardsley
a45b21b6bf
-q will quiet the animation, too
2014-10-17 12:32:28 -05:00
Luke Imhoff
200d64040d
Fully-qualify Msf::ServiceState
...
MSP-11152
Replace unqualified `ServiceState` with `Msf::ServiceState`.
2014-10-17 11:58:11 -05:00
Luke Imhoff
172afd180a
Extract Msf::Module::Privileged
...
MSP-11126
2014-10-17 11:45:03 -05:00
Luke Imhoff
cbae9be5b5
Extract Msf::Module::UUID
...
MSP-11126
2014-10-17 11:31:56 -05:00
Luke Imhoff
a59e635913
Extract Msf::Module::Author
...
MSP-11126
2014-10-17 11:17:12 -05:00
Luke Imhoff
9f32cbd476
Use :: to force top-level constant resolution
...
MSP-11152
When `Msf::DBManager::Import::MetasploitFramework` is included in
`Msf::DBManager::Import`, it's child namespace of
`Msf::DBManager::Import::MetasploitFramework::Zip becomes resolvable as
`Zip` in `Msf::DBManager::Import` methods, so need to use `::Zip` to
cause `Zip` to be resolved from rubyzip gem.
2014-10-17 10:15:59 -05:00
Luke Imhoff
13923a8ca5
Fully-qualify Msf::DBImportError
...
MSP-11152
Constant was unqualified in some of the reorganized Msf::DBManager code
because that code was take advantage of the old nested lexical scope
that included `Msf`.
2014-10-17 09:29:01 -05:00
Luke Imhoff
e822920298
Msf::Module::Author -> Msf::Author
...
MSP-11126
`Msf::Module::Author` was already aliased to `Msf::Author`. This just
moved `Msf::Module::Author` to that alias to free up
`Msf::Module::Author` so it can be used for a concern for
`Msf::Module`'s author methods.
2014-10-17 08:59:54 -05:00
Luke Imhoff
b5039c3817
Extract Msf::Module::Network
...
MSP-11126
2014-10-16 15:51:59 -05:00
Luke Imhoff
2e538bd72d
Extract Msf::Module::Search
...
MSP-11126
2014-10-16 15:27:54 -05:00
Luke Imhoff
7743fdb2f9
Extract Msf::Module::FullName
...
MSP-11126
2014-10-16 15:24:59 -05:00
Jon Hart
8fdae8fbfb
Move protocol and lifetime to mixin, use correct map_target if CHOST
2014-10-16 13:24:17 -07:00
Luke Imhoff
0e53548c82
Extract Msf::Target
...
MSP-11126
2014-10-16 15:13:18 -05:00
Luke Imhoff
e5cc456be7
Extract Msf::Platform
...
MSP-11126
2014-10-16 15:11:59 -05:00
Luke Imhoff
27c006a8f9
Extract Msf::SiteReference
...
MSP-11126
2014-10-16 15:09:55 -05:00
Luke Imhoff
9981271e2a
extract Msf::Reference
...
MSP-11126
2014-10-16 15:03:21 -05:00
Luke Imhoff
c8730ca55b
Extract Msf::Author
...
MSP-11126
2014-10-16 14:59:15 -05:00
Luke Imhoff
fe5ffa9cec
Standardize on autoload over require
...
MSP-11126
Standardize on autoload to prevent trying to use colliding names for
included Module with Modules/Classes just under the namespace.
2014-10-16 14:58:08 -05:00
Luke Imhoff
d5c7a50e86
Extract Msf::Module::Rank
...
MSP-11126
2014-10-16 14:39:33 -05:00
Luke Imhoff
e6f442697b
Extract Msf::Module::Type
...
MSP-11126
2014-10-16 14:23:21 -05:00
Luke Imhoff
e418f98d45
arch -> Msf::Module::Arch
...
MSP-11126
2014-10-16 13:21:11 -05:00
Luke Imhoff
44b2e5e35c
Extract Msf::Module::Arch
...
MSP-11126
2014-10-16 13:14:56 -05:00
Luke Imhoff
31c93e9dbc
Extract Msf::Module::ModuleInfo
...
MSP-11126
2014-10-16 13:01:42 -05:00
Trevor Rosen
c503e8a3d8
Merge branch 'landing/4026' into upstream-master
...
Land #4026
* db.rb (DBManager) now in multiple files
* Cucumber coverage for DB-related msfconsole commands
2014-10-16 11:52:57 -05:00
Luke Imhoff
f9caa4d25e
Extract Msf::Module::Options
...
MSP-11126
Methods for registering, derigsterings, and validating options.
2014-10-16 11:14:42 -05:00
Luke Imhoff
c50cb2eb8a
Extract Msf::Module::UI::*::Verbose and shared examples
...
MSP-11126
2014-10-16 10:05:45 -05:00
Luke Imhoff
a9a6f0c5f9
Extract Msf::Module::UI::Line
...
MSP-11126
2014-10-16 09:50:07 -05:00
Luke Imhoff
bc2bd99698
Extract Msf::Module::UI::Message
...
MSP-11126
2014-10-16 09:39:30 -05:00
Luke Imhoff
f5d09f735e
Extract Msf::Module::Compatibility
...
MSP-11126
2014-10-16 09:14:57 -05:00
Luke Imhoff
85169d5e8d
Extract Msf::Module::DataStore
...
MSP-11126
2014-10-16 09:03:23 -05:00
Luke Imhoff
f068d669d6
Extract Msf::Module::ModuleStore
...
MSP-11126
2014-10-16 09:03:07 -05:00
Luke Imhoff
370daaed5e
Extract Msf::Module::Failure
...
MSP-11126
Move `Msf::Module::Failure` to a file of its own.
2014-10-16 09:02:55 -05:00
James Lee
41a57b7ba5
Re-enable proxies for HTTP-based login scanners
2014-10-15 17:00:44 -05:00
Tod Beardsley
d5a0b81680
Land #4024 , auto-negotiate SSL versions
...
Thanks @hmoore-r7!
2014-10-15 16:04:38 -05:00
Tod Beardsley
62be638258
Add 'Auto' to tcp.rb as well.
2014-10-15 16:01:42 -05:00
James Lee
3a9c2f95c9
Add magic encoding to new files
2014-10-15 14:23:34 -05:00
James Lee
2986031db5
Move SMBServer into its own file
2014-10-15 14:22:23 -05:00
James Lee
1064488ada
Whitespace
2014-10-15 14:21:39 -05:00
Luke Imhoff
9456506e3d
Merge branch 'master' into feature/MSP-11124/msf-dbmanager-reorg
...
MSP-11124
2014-10-15 14:08:55 -05:00
Luke Imhoff
1f7ad1cac9
unserialize_object -> Msf::DBManager::Import::MetasploitFramework
...
MSP-11124
2014-10-15 14:03:18 -05:00
Luke Imhoff
bed98fe43b
nils_for_nulls -> Msf::DBManager::Import::MetasploitFramework
...
MSP-11124
2014-10-15 13:59:03 -05:00
HD Moore
fcd9b4b293
Allow non-SSLv3 Meterpreters (auto-negotiate)
2014-10-15 13:57:51 -05:00
Luke Imhoff
ac30990177
Move libpcap helpers to Libpcap module
...
MSP-11124
2014-10-15 13:55:24 -05:00
Luke Imhoff
7aed88f11b
Extract Msf::DBManager::Import::Report
...
MSP-11124
2014-10-15 13:51:57 -05:00
HD Moore
cb3a4afac5
Typo: request -> requested in message
2014-10-15 13:48:22 -05:00
Luke Imhoff
e5e051c905
Extract Msf::DBManager::Import::Wapiti
...
MSP-11124
2014-10-15 13:42:54 -05:00
Luke Imhoff
e65a386d3d
Extract Msf::DBManager::Import::Spiceworks
...
MSP-11124
2014-10-15 13:37:35 -05:00
HD Moore
7516512650
Raise an ArgumentError vs RuntimeError for backwards compatibility
2014-10-15 13:30:38 -05:00
HD Moore
a762d871bf
Autonegotiate SSL/TLS versions when not explicit
2014-10-15 13:26:40 -05:00
Luke Imhoff
dfe690ac52
Extract Msf::DBManager::Import::Retina
...
MSP-11124
2014-10-15 13:23:12 -05:00
Luke Imhoff
8af280b1cb
Extract Msf::DBManager::Import::Outpost24
...
MSP-11124
2014-10-15 13:16:11 -05:00
Luke Imhoff
eff95221da
Order methods
...
MSP-11124
2014-10-15 13:14:20 -05:00
Luke Imhoff
cf555e2390
Extract Msf::DBManager::Import::OpenVAS
...
MSP-11124
2014-10-15 13:11:49 -05:00
Luke Imhoff
5d6044786a
Extract Msf::DBManager::Import::Nmap
...
MSP-11124
2014-10-15 13:06:28 -05:00
Luke Imhoff
cf3a3a0d65
Move nexpose requires to appropriate module
...
MSP-11124
2014-10-15 12:54:30 -05:00
Luke Imhoff
16f143c2ed
Extract Msf::DBManager::Import::Nikto
...
MSP-11124
2014-10-15 12:51:16 -05:00
Luke Imhoff
e64a14c748
Extract Msf::DBManager::Import::Nexpose::Simple
...
MSP-11124
2014-10-15 12:40:04 -05:00
Tod Beardsley
c4d1a4c7dc
Revert #4022 , as the solution is incomplete
...
Revert "Land 4022, datastore should default TLS1 vs SSL3"
This reverts commit 4c8662c6c1
, reversing
changes made to 0937f32ff9
.
2014-10-15 12:32:08 -05:00
Luke Imhoff
2b861f91e9
Extract Msf::DBManager::Import::Nexpose::Raw
...
MSP-11124
2014-10-15 11:59:03 -05:00
Luke Imhoff
c371eab26a
Extract Msf::DBManager::Import::Netsparker
...
MSP-11124
2014-10-15 11:46:38 -05:00
Luke Imhoff
a73b0e2283
Move requires for nessus parses to appropriate module
...
MSP-11124
2014-10-15 11:42:00 -05:00
Luke Imhoff
b43035145d
Move nessus helper function to closest module
...
MSP-11124
2014-10-15 11:39:23 -05:00
Luke Imhoff
aae6dc9066
Extract Msf::DBManager::Import::Nessus::XML::V*
...
MSP-11124
Extract different versions of Nessus XML format.
2014-10-15 11:34:37 -05:00
Luke Imhoff
a0494b2eeb
Extract Msf::DBManager::Import::Nessus::XML
...
MSP-11124
2014-10-15 11:27:23 -05:00
Luke Imhoff
0c861848bc
Extract Msf::DBManager::Import::Nessus::NBE
...
MSP-11124
2014-10-15 11:21:26 -05:00
Luke Imhoff
d0d0c478aa
Extract Msf::DBManager::Import::MetasploitFramework::Credential
...
MSP-11124
2014-10-15 11:12:13 -05:00
Luke Imhoff
46a2c47dfe
Extract Msf::DBManager::Import::MetasploitFramework::Zip
...
MSP-11124
2014-10-15 10:59:41 -05:00
Tod Beardsley
1754b23ffb
Datastore options should default to TLS1, not SSL3
...
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)
Squashed commit of the following:
commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:19:04 2014 -0500
Whoops missed one
commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:16:59 2014 -0500
Other datastore options also want TLS1 as default
commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:12:06 2014 -0500
TCP datastore opts default to TLS1
Old encryption is old. See also: POODLE
2014-10-15 10:28:53 -05:00
Luke Imhoff
65885c8cc8
MsfXml -> MetasploitFramework::XML
...
MSP-11124
2014-10-15 10:25:42 -05:00
Luke Imhoff
ac9a593b43
import_msf_file -> Msf::DBManager::Import::MsfXml
...
MSP-11124
2014-10-15 10:02:42 -05:00
Luke Imhoff
d870188377
Extract Msf::DBManager::Import::MBSA
...
MSP-11124
2014-10-15 09:54:03 -05:00
Luke Imhoff
f29408680f
Extract Msf::DBManager::Import::Libpcap
...
MSP-11124
2014-10-15 09:48:23 -05:00
Luke Imhoff
44968400e9
Extract Msf::DBManager::Import::IPList
...
MSP-11124
2014-10-15 09:42:11 -05:00
Luke Imhoff
e5236e9b56
Extract Msf::DBManager::Import::FusionVM
...
MSP-11124
2014-10-15 09:36:29 -05:00
Luke Imhoff
2e85dc910a
Extracts Msf::DBManager::Import::Foundstone
...
MSP-11124
2014-10-15 09:27:53 -05:00
Luke Imhoff
68a1ebd2fb
Extract Msf::DBManager::Import::CI
...
MSP-11124
2014-10-15 09:23:08 -05:00
Luke Imhoff
8d628c221b
Extract Msf::DBManager::Import::Burp
...
MSP-11124
2014-10-15 09:16:57 -05:00
Luke Imhoff
f42307a6ff
Extract Msf::DBManager::Import::Appscan
...
MSP-11124
2014-10-15 09:12:38 -05:00
Luke Imhoff
dcac8a45ee
Extract Msf::DBManager::Import::Amap
...
MSP-11124
2014-10-15 09:06:03 -05:00
Jon Hart
07f2d4dafe
Further improvements to NAT-PMP. Faster, more useful, less not useful
2014-10-15 06:39:38 -07:00
HD Moore
6cf62765de
Default to TLSv1 for RPC connections
2014-10-15 01:20:43 -05:00
James Lee
5434996969
Move TcpServer into its own file
2014-10-14 18:43:40 -05:00
Jon Hart
ea6824c46f
WIP of NAT-PMP rework
2014-10-14 14:20:24 -07:00
Luke Imhoff
a00d039796
Move require for IP360 XML parser
...
MSP-11124
2014-10-14 16:18:47 -05:00
Luke Imhoff
599bcc33a9
Extract Msf::DBManager::Import::IP360::V3
...
MSP-11124
2014-10-14 16:16:47 -05:00
Tod Beardsley
e68aaa4226
Don't disclose empty disclosure dates
...
For rapid7#4015
2014-10-14 16:02:23 -05:00
Luke Imhoff
81c18c96ee
Extract Msf::DBManager::Import::IP260::ASPL
...
MSP-11124
2014-10-14 15:58:43 -05:00
Luke Imhoff
6c0f549abb
Extract Msf::DBManager::Import::Acunetix
...
MSP-11124
2014-10-14 15:40:29 -05:00
Luke Imhoff
0c10b5a859
Extract #handle_qualys to Msf::DBManager::Import::Qualys
...
MSP-11124
2014-10-14 15:32:22 -05:00
Luke Imhoff
11bcac8a4e
Extract Msf::DBManager::Import::Qualys::Scan
...
MSP-11124
2014-10-14 15:19:55 -05:00
William Vu
f612c8cd3e
Add disclosure date to info
2014-10-14 15:15:24 -05:00
William Vu
fdd79e64c3
Land #4010 , ReverseAllowProxy clarification
2014-10-14 15:10:50 -05:00
Tod Beardsley
e010d70913
No need for that bool option
2014-10-14 14:59:57 -05:00
Tod Beardsley
bf0a5d038e
Add an animation to comfort the user
...
Sometimes msfconsole takes a little while to start.
This adds a fairly common ASCII spinner to the startup sequence.
I haven't spec'ed it, and the code organization isn't great, so consider
this PR more of a cry for help than something immediately landable.
That said, it works for me.
2014-10-14 14:54:45 -05:00
William Vu
5c4f61057f
Show available actions for info
2014-10-14 12:41:02 -05:00
Pedro Laguna
70d1eefaa9
Update reverse_tcp.rb
...
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:
>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
2014-10-14 11:24:59 +01:00
Luke Imhoff
1f49f767dc
Extract Msf::DBManager::Import::Qualys::Asset
...
MSP-11124
2014-10-13 16:06:15 -05:00
Luke Imhoff
a7d1577494
ImportMsfXml -> Import::MsfXml
...
MSP-11124
2014-10-13 15:46:13 -05:00
Luke Imhoff
87825d40b1
Fix migration.rb loading
...
MSP-11124
2014-10-13 15:39:15 -05:00
Luke Imhoff
b8ea44235b
Remove nesting in Msf::DBManager::ImportMsfXml
...
MSP-11124
Don't use nested modules to prevent Msf::DBManager::ImportMsfXml from
being the declaring location for Msf::DBManager.
2014-10-13 15:37:16 -05:00
Luke Imhoff
ef04261686
Fix indentation in Msf::DBManager
...
MSP-11124
2014-10-13 15:26:19 -05:00
Luke Imhoff
c6ea3a3880
Distribute requires to where they are needed
...
MSP-11124
Push requires down to the Msf::DBManager mixins that actually need them.
2014-10-13 15:24:56 -05:00
Luke Imhoff
4371254dd2
Reorder remaining code in Msf::DBManager
...
MSP-11124
2014-10-13 15:13:28 -05:00
Luke Imhoff
2dd925c18c
Move add_rails_engine_migration_paths to Msf::DBManager::Migration
...
MSP-11124
2014-10-13 15:01:14 -05:00
Luke Imhoff
1dfaba1884
Remove nesting in Msf::DBManager::Migration
...
MSP-11124
To prevent migration.rb as counting as the definer of `Msf::DBManager`.
2014-10-13 14:56:08 -05:00
Luke Imhoff
bc4d2ff152
Extract Msf::DBManager::Adapter
...
MSP-11124
Extract methods related to setting up the adapter/driver(s).
2014-10-13 14:49:26 -05:00
Luke Imhoff
930b020211
Extract Msf::DBManager::Connection
...
MSP-11124
Extract methods that connect, disconnect and show status of connection
to database.
2014-10-13 12:07:13 -05:00
Luke Imhoff
f472411c8c
Extract Msf::DBManager::Web
...
MSP-11124
Extract `Mdm::Web*` methods.
2014-10-13 11:59:39 -05:00
Luke Imhoff
5067e43ac1
Extract Msf::DBManager::VulnAttempt
...
MSP-11124
Extract `Mdm::VulnAttempt` methods.
2014-10-13 11:32:15 -05:00
Luke Imhoff
e7e12ec6a5
Extract Msf::DBManager::Route
...
MSP-11124
Extract `Mdm::Route` methods.
2014-10-13 11:23:37 -05:00
Luke Imhoff
8011187aa9
Extract Msf::DBManager::SessionEvent
...
MSP-11124
Extract `Mdm::SessionEvent` methods.
2014-10-13 11:13:39 -05:00
Luke Imhoff
1f86712d63
Extract Msf::DBManager::HostTag
...
MSP-11124
Extract `Mdm::HostTag` method.
2014-10-13 11:00:36 -05:00
Luke Imhoff
1811d4e58f
Extract Msf::DBManager::Session
...
MSP-11124
Extract methods related to `Mdm::Session`s.
2014-10-13 10:50:11 -05:00
Luke Imhoff
f16b3f05b4
Extract Msf::DBManager::HostDetail
...
MSP-11124
Extract method related to `Mdm::HostDetail`s.
2014-10-13 10:15:14 -05:00
Luke Imhoff
87ee06b792
Extract Msf::DBManager::Ref
...
MSP-11124
Extract methods related to `Mdm::Ref`s.
2014-10-13 10:06:37 -05:00
Luke Imhoff
5668a2820e
Move #report_artifact to Msf::DBManager::Report
...
MSP-11124
2014-10-13 10:00:19 -05:00
Luke Imhoff
43c9909636
Extract Msf::DBManager::VulnDetail
...
MSP-11124
Extract methods related to `Mdm::VulnDetail`s.
2014-10-13 09:54:38 -05:00
Luke Imhoff
f42f8e106a
Extract Msf::DBManager::ExploitAttempt
...
MSP-11124
Extract methods that create `Mdm::ExploitAttempt`s.
2014-10-13 09:41:32 -05:00
Luke Imhoff
e0f76a7517
Extract Msf::DBManager::Task
...
MSP-11124
Extract methods related to `Mdm::Task`s.
2014-10-13 09:28:48 -05:00
Luke Imhoff
90b50339c3
Extract Msf::DBManager::Report
...
MSP-11124
Extract methods related to the obsolete `Mdm::Report`. These methods
should be deleted, but since this branch is just for moves, I won't
delete them now.
2014-10-13 09:19:39 -05:00
Luke Imhoff
9632c83cde
Extract Msf::DBManager::Event
...
MSP-11124
Extract methods related to `Mdm::Event`s.
2014-10-13 09:05:10 -05:00
Luke Imhoff
89d588272e
Extract Msf::DBManager::Client
...
MSP-11124
Extract methods related to `Mdm::Client`s.
2014-10-13 08:27:09 -05:00
Jon Hart
458da2bca4
Land #3988 , @wchen-r7's fix for #3985 , a lack of logging for 'check'
2014-10-12 18:46:35 -07:00
sinn3r
96be53dcf1
Land #3962 - Show selected action
2014-10-12 14:02:40 -05:00
William Vu
a04ad3aa8c
Update print_error to reflect new usage
2014-10-10 14:38:26 -05:00
William Vu
26743b4c38
Rewrite existing code to use HasActions
...
And fix a bug in the initial use case where mod.action was dropped.
2014-10-10 14:35:54 -05:00
William Vu
7e7e0259e4
Fix tab completion for post actions
2014-10-10 12:24:23 -05:00
William Vu
238a30a769
Update print_error to include post modules
2014-10-10 12:12:43 -05:00
nstarke
f8d6af6d4e
Rescuing from JSON Parse
...
Previous code was not using any sort of exception handling
for parsing the response body. I have added a rescue block
for JSON errors to remedy this problem.
2014-10-10 12:41:11 +00:00
sinn3r
48d2343152
Fix #3985 - check command should elog
2014-10-10 01:06:37 -05:00
nstarke
472985a8a8
Adding Buffalo Linkstation NAS Login Scanner
...
I have added a login scanner for the Buffalo Linkstation
NAS. I have been testing against version 1.68 of the
firmware. Also included are some specs for this module.
2014-10-10 03:16:48 +00:00
Luke Imhoff
08aee23966
Extract Msf::DBManager::Vuln
...
MSP-11124
Extract all methods related to `Mdm::Vuln`s from `Msf::DBManager`.
2014-10-09 15:47:34 -05:00
Luke Imhoff
2fa02f5c44
Extract Msf::DBManager::Note
...
Extract all methods related to `Mdm::Note`s.
2014-10-09 15:29:07 -05:00
Luke Imhoff
0bc71ecd24
Extract Msf::DBManager::Loot
...
MSP-11124
2014-10-09 15:15:40 -05:00
Luke Imhoff
cb9bdd96c7
Extract Msf::DBManager::Import
...
MSP-11124
Extract all methods dealing with imports.
2014-10-09 14:51:24 -05:00
Luke Imhoff
d18dcf5961
Extract Msf::DBManager::ExploitedHost
...
MSP-11124
Extract methods related to `Mdm::ExploitedHost`s.
2014-10-09 12:54:04 -05:00
Spencer McIntyre
a535d236f6
Land #3947 , login scanner for jenkins by @nstarke
2014-10-09 12:59:02 -04:00
Luke Imhoff
ceba04d556
Extract Msf::DBManager::Cred
...
MSP-11124
Extract methods related to `Mdm::Cred`s.
2014-10-09 11:41:04 -05:00
Luke Imhoff
0284edf430
Extract Msf::DBManager::Service
...
MSP-11124
Extract methods related to `Mdm::Service`s.
2014-10-09 11:31:29 -05:00
Luke Imhoff
0cfac32290
Extract Msf::DBManager::Host
...
MSP-11124
Extract methods related to `Mdm::Host`s.
2014-10-09 11:11:36 -05:00
Luke Imhoff
bb26f4f303
Extract Msf::DBManager::Wmap
...
MSP-11124
Extract methods that are commented as related to WMAP.
2014-10-09 10:13:34 -05:00
Luke Imhoff
b0147c994a
Extract Msf::DBManager::IPAddress
...
MSP-11124
Extract the IP address validation methods to
`Msf::DBManager::IPAddress`.
2014-10-09 09:35:19 -05:00
Luke Imhoff
3a96ae9be9
Move #match_values to Msf::DBManager::ModuleCache
...
MSP-11124
`#match_values` is only used in `#search_modules`, so `#match_values`
should be grouped with `#search_modules` in
`Msf::DBManager::ModuleCache`.
2014-10-09 09:18:03 -05:00
Luke Imhoff
d4a94366a6
Extract Msf::DBManager::ModuleCache
...
MSP-11124
Extract methods related to the module cache state and maintenance to
`Msf::DBManager::ModuleCache`.
2014-10-09 08:53:41 -05:00
Luke Imhoff
ee0de997d5
Extract Msf::DBManager::Workspace
...
MSP-11124
Gather together all workspace related methods into
`Msf::DBManager::Workspace` and include it in `Msf::DBManager`.
2014-10-08 15:46:35 -05:00
Luke Imhoff
a64036f6cf
Move Msf::DBManager#sync to Msf::DBManager::Sink
...
MSP-11124
The comment on `#sync` says it's related to `sink`, so move it into its
Module.
2014-10-08 15:38:56 -05:00
Luke Imhoff
a054259ee5
Extract Msf::DBManager::Sink
...
MSP-11124
Extract attributes and methods associated with the deprecated sink.
2014-10-08 15:26:28 -05:00
William Vu
1d766ba95b
Rename dump_auxiliary_action{,s}
...
To dump_module_action{,s} to accommodate post modules, etc.
2014-10-08 14:49:14 -05:00
jvazquez-r7
f30309fe81
Land #3919 , @wchen-r7's Fixes #3914 , Inconsistent unicode names
2014-10-08 14:46:14 -05:00
William Vu
f6a9cfcc52
Break away the elsif into a separate if
...
In case exploits support actions for some crazy reason in the future.
2014-10-08 14:30:41 -05:00
Luke Imhoff
15f9461279
Merge db.rb into db_manager.rb
...
MSP-11124
The class name is DBManager, so the correct file name is db_manager.rb
2014-10-08 14:27:22 -05:00
Luke Imhoff
cffc74d571
Extract Msf::DBImportError
...
MSP-11124
2014-10-08 14:14:35 -05:00
William Vu
b2ba6e7ae1
Make the code more maintainable
...
Despite the code around it.
Thanks for the advice, @jlee-r7!
2014-10-08 14:14:28 -05:00
Luke Imhoff
7a5ce19735
Fix code style
...
MSP-11124
Fix comment style and order methods.
2014-10-08 14:07:05 -05:00
Luke Imhoff
6824515949
Fix indentation and whitespace in Msf::DatabaseEvent
...
MSP-11124
2014-10-08 14:04:21 -05:00
Luke Imhoff
2206a86387
Extract Msf::DatabaseEvent
...
MSP-11124
Extract `Msf::DatabaseEvent` from `lib/msf/core/db.rb` into a more
conventional `lib/msf/core/database_event.rb`.
2014-10-08 14:01:58 -05:00
jvazquez-r7
dbc199ad77
space after commas
2014-10-08 13:56:59 -05:00
Luke Imhoff
6b3d70ce00
Fix code style in Msf::ServiceState
...
MSP-11124
2014-10-08 13:52:42 -05:00
Luke Imhoff
46156fbbc6
Fix indentation in Msf::ServiceState
...
MSP-11124
2014-10-08 13:50:26 -05:00
Luke Imhoff
57d9dc306c
Extract Msf::ServiceState
...
MSP-11124
Extract Msf::ServiceState from `lib/msf/core/db.rb` and put it into
`lib/msf/core/service_state.rb`.
2014-10-08 13:45:15 -05:00
William Vu
c0ef2c7938
Support post modules
...
I kinda hate this code.
TODO: Get rid of and/or and the extra parens.
2014-10-08 13:23:50 -05:00
Luke Imhoff
0708ac1361
Fix comment style in Msf::HostState
...
MSP-11124
2014-10-08 11:47:04 -05:00
Luke Imhoff
5ecd194a0d
Fix indent in Msf::HostState
...
MSP-11124
2014-10-08 11:43:28 -05:00
Luke Imhoff
6e6780da86
Split Msf::HostState into own file
...
MSP-11124
2014-10-08 11:37:59 -05:00
William Vu
a8b5bf4625
Show selected auxiliary action
2014-10-07 14:34:41 -05:00
nstarke
eed0958de5
Fixing Comment
...
Comment was incorrect and needed to be fixed.
2014-10-07 11:28:40 -05:00
jvazquez-r7
0ec855cd07
Add debug log for ARCH_CMD encoder results
2014-10-06 22:34:09 -05:00
nstarke
b8c2643d56
Converting Module to LoginScanner w/ Specs
...
The previous commits for this Jenkins CI module relied on an
obsolete pattern. Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
jvazquez-r7
260e829a59
Fix PayloadGenerator to have platform into account, so msfvenom works as expected
2014-10-06 19:20:59 -05:00
jvazquez-r7
0089810026
Merge to update
2014-10-06 19:09:31 -05:00
jvazquez-r7
212762e1d6
Delete RequiredCmd for unix cmd encoders, favor EncoderType
2014-10-06 18:42:21 -05:00
sinn3r
17f278effd
Fix #3822 - Support file:// syntax for check()
2014-10-06 13:37:14 -05:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
Tod Beardsley
097d2bfbb5
Land #3922 : Metasploit Park banner
2014-10-03 16:32:56 -05:00
Tod Beardsley
d048bb7725
Add some color to the msfpark banner
...
It looks kind of naked without some color compared to all the other
banners.
2014-10-03 14:52:54 -05:00
Samuel Huckins
f2fc0d88ef
Lands #3943 , changes to engine require
2014-10-03 14:26:50 -05:00
Matt Buck
0bb4eac259
Rename the method for optional requires
...
MSP-11412
2014-10-03 14:06:13 -05:00
Matt Buck
88cbf22ef0
Optionally require mdm, as well
...
MSP-11412
2014-10-03 13:49:39 -05:00
William Vu
f7e709dcb3
Land #3941 , new WPVDB reference
2014-10-03 10:17:02 -05:00
Christian Mehlmauer
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
sinn3r
6f50ef581c
Land #3935 - Fix SNMP scanners on OS X/FreeBSD
2014-10-02 16:38:36 -05:00
sinn3r
6d7870a4ac
Land #3934 - New :vuln_test option to BES
2014-10-02 16:31:50 -05:00
Christian Mehlmauer
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
Matt Buck
dabec92e61
Ensure require of metasploit/credential/engine is optional
2014-10-02 14:46:56 -05:00
Matt Buck
7ed1977d0b
Specific require all metasploit gem dependencies' engines
...
MSP-11412
2014-10-02 14:20:10 -05:00
sinn3r
0820a4fe6a
Land #3933 - Fix cmd_exec with Python Meterpreter on OS X
2014-10-02 13:48:19 -05:00
Samuel Huckins
0dfd8e25b8
Land #3846 , Rex::ImageSource specs
2014-10-02 12:33:56 -05:00
Joe Vennix
7861b17e16
Use write() to fix SNMP on osx/freebsd.
2014-10-02 09:15:43 -05:00
Joe Vennix
6571213f1c
Remove un-truthy doc string.
2014-10-01 23:41:02 -05:00
Joe Vennix
5a8eca8946
Adds a :vuln_test option to BES, just like in BAP.
...
I needed this to run a custom JS check for the Android
webview vuln when the exploit is served straight
through BES. The check already existed when using BAP,
so I tried to preserve that syntax, and also added a
:vuln_test_error as an optional error message.
This commit also does some mild refactoring of un-
useful behavior in BES.
2014-10-01 23:34:31 -05:00
Joe Vennix
b1b8cba4c5
Rescue an IOError on channel double-close.
...
This was causing output from python meterpreter
commands run on OSX to be discarded when the error
was raised, making cmd_exec not-so-useful.
2014-10-01 22:35:41 -05:00
James Lee
5cb016c1b1
Use Match constant in BES as well
2014-10-01 16:17:13 -05:00
James Lee
a75d47aad9
Use yardoc for new methods
...
Also substitute '&&' for 'and', and fix some whitespace
2014-10-01 16:02:33 -05:00
William Vu
909ac522d1
Add metasploit-park.txt banner to msfconsole
...
Obviously a homage to Jurassic Park. :)
2014-09-30 16:28:23 -05:00
sinn3r
1e2d860ae1
Fix #3914 - Inconsistent unicode names
2014-09-30 12:19:27 -05:00
sinn3r
7163b8c55a
Fixes #3915 - NoMethodError private method `rhost'
...
There's no self.rhost, but rhost is defined
2014-09-30 11:34:16 -05:00
sinn3r
9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits
2014-09-29 11:15:14 -05:00
HD Moore
8fa666b75d
Verbose messages on why a connection is closed
2014-09-28 17:41:21 -07:00
Meatballs
d5959d6bd6
Land #2585 , Refactor Bypassuac with Runas Mixin
2014-09-28 09:24:22 +01:00
Meatballs
e14dd9900b
Land #3896 , Change Max LOGLEVEL to 3
2014-09-28 09:18:29 +01:00
Meatballs
67c25c20ca
Land #3357 , Run Local Exploits in AutoRunScript
2014-09-28 09:12:26 +01:00
Meatballs
3fc57109e6
Dont rescue Exception
2014-09-28 09:12:03 +01:00
sinn3r
ae82ebc734
Change max LogLevel to 3
...
There is no such thing as a LogLevel 5.
2014-09-26 14:20:47 -05:00
jvazquez-r7
e1f00a83bc
Fix Rex because domainname and domain_name were duplicated
2014-09-26 13:40:52 -05:00
jvazquez-r7
a31b4ecad9
Merge branch 'review_3893' into test_land_3893
2014-09-26 08:41:43 -05:00
James Lee
86f85a356d
Add DHCP server module for CVE-2014-6271
2014-09-26 01:24:42 -05:00
HD Moore
52ffddd639
Adds domain and url options to DHCP/PXE server, lands #3889
...
There are serious style and code quality issues with this class and normally I would push for a full refactor, but given the urgency of delivering DHCP functionality to support the bash issues, we will have to refactor the DHCP Server code another day.
2014-09-25 22:43:51 -05:00
Ramon de C Valle
bdac82bc7c
Fix lib/msf/core/exploit/dhcp.rb
2014-09-25 22:18:26 -03:00
Ramon de C Valle
5dde73bb51
Add domain name and url options to DHCP server
2014-09-25 19:58:42 -03:00
Joe Vennix
2b02174999
Yank Android->jsobfu integration. Not really needed currently.
2014-09-25 16:00:37 -05:00
Joe Vennix
b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu.
2014-09-24 16:05:00 -05:00
Joe Vennix
5d234c0e01
Pass #send in this so jsobfu is not confused.
2014-09-24 15:07:14 -05:00
Jon Hart
650b65250f
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
2014-09-22 11:51:10 -07:00
Jon Hart
4e9f1282de
Land #3834 , @jabra-'s updates to UDPscanner to support spoofing
2014-09-22 11:49:53 -07:00
Jon Hart
e86b18cdd4
Add sanity check for NUM_REQUESTS
2014-09-22 11:48:39 -07:00
jvazquez-r7
a677749f5b
Add specs for #read_asciiz and fix bugs there
2014-09-22 12:14:21 -05:00
Luke Imhoff
f61afe2598
Merge branch 'master' into bug/MSP-11368/boot-profiling
...
MSP-11368
2014-09-22 10:00:07 -05:00
William Vu
ebacb26e51
Land #3838 , msfvenom badchar fix
2014-09-22 03:08:57 -05:00
Joe Vennix
d9e6f2896f
Add the JSObfu mixin to a lot of places.
2014-09-21 23:45:59 -05:00
sinn3r
e1cfc74c32
Move jsobfu to a mixin
2014-09-21 00:39:04 -05:00
sinn3r
cd037466a6
upate doc
2014-09-20 23:40:47 -05:00
sinn3r
9191af6241
Update js_obfuscate
2014-09-20 23:38:35 -05:00
sinn3r
a9420befa4
Default to 0
2014-09-20 21:39:20 -05:00
sinn3r
046045c608
Chagne option description
2014-09-20 21:38:57 -05:00
sinn3r
fd5aee02d7
Update js_obfuscate
2014-09-20 21:36:17 -05:00
sinn3r
7bab825224
Last changes
2014-09-20 18:39:09 -05:00
sinn3r
135bed254d
Update BrowserExploitServer for JSObfu
2014-09-20 17:59:36 -05:00
Joe Vennix
d9a713b415
Decode the badchars string correctly.
2014-09-20 17:48:03 -05:00
Josh Abraham
cd8b1318e0
send data based on input not @probe
2014-09-20 15:18:58 -04:00
Josh Abraham
3fb00ece9e
refactored the code based on PR feedback
2014-09-20 14:10:00 -04:00
sinn3r
d52236fe05
Land #3835 - JSObfu to a gem
2014-09-20 01:38:45 -05:00
Joe Vennix
8e1b00ce95
Adds JSObfu.disabled for spec stubbing, fixes BES specs.
2014-09-19 20:42:05 -05:00
Joe Vennix
0f4be63903
Move JSObfu a gem then pull it into the Rex namespace.
2014-09-19 19:10:39 -05:00
Luke Imhoff
5884cbc196
Optimize skip logic in #update_all_module_details
...
MSP-11368
Use `Hash<String, Set<String>>` instead of `Array<(String, String)>` so
that `include?` call is faster because (1) it's only search through
reference names of the same module_type and (2) `Set#include?` is faster
than `Array#include?`. This change is a 8.20% average reduction in boot
time compare to b863978028
, for a overall
reduction of 40.95% over b5c3c87790
.
See statistics at
https://docs.google.com/spreadsheets/d/1TnZIUFIR1S5nCnkeM-7XR3AVSbyCl39x2mItJKJCOqg/edit?usp=sharing
and data at
https://drive.google.com/folderview?id=0Bx1hRHfpRW92VEFvQ2FaN3RoWWs&usp=drive_web
2014-09-19 15:34:10 -05:00
jvazquez-r7
b16085baa6
Land #3244 , @dmaloney-r7's fix for integer comparisions on metasm
2014-09-19 15:31:37 -05:00
Luke Imhoff
8b5a146067
Wrap Array#include? usage
...
MSP-11368
Wrap skipped.include? call to confirm it is the culprit for
Array#include? inside of with_connection in profile.
2014-09-19 14:38:12 -05:00
Josh Abraham
c216cf8c53
added spoofing capabilities to udp_scanner
2014-09-19 10:29:05 -04:00
Luke Imhoff
b863978028
Remove fastlib
...
MSP-11368
MSP-11143
Remove fastlib as it slows down the code loading process. From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10). The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10). This means an average 35.67%
reduction in boot time.
2014-09-18 15:24:21 -05:00
David Maloney
5ff4a55cd2
smb connection error not setting result properly
...
if the initial connection from the SMB LoginScanner fails
it wouldn't set the target information on the result. this could cause
smb_login to throw a stack trace when it calls invalidate_login
2014-09-16 15:24:14 -05:00
David Maloney
e5aa5c4014
missing postgres rescues
2014-09-16 15:04:07 -05:00