Commit Graph

25202 Commits (897b0b1ee5cfad1c110facc548d8dcabf09ca5fc)

Author SHA1 Message Date
Spencer McIntyre 0e4177fb75 Pymeterpreter shorten stagers by 3 bytes 2014-06-03 12:03:20 -04:00
Trevor Rosen 9335495b30 Merge pull request #36 from rapid7/feature/MSP-9724/psexec
psexec credential refactor

MSP-9724 #land
2014-06-03 10:09:56 -05:00
Trevor Rosen 883976c6a8 Merge pull request #33 from rapid7/feature/MSP-9741/smartftp
refactor smartftp post module

MSP-9741 #land
2014-06-03 10:04:09 -05:00
Spencer McIntyre 95376bf6d3 Pymeterpreter update stager and stage descriptions 2014-06-03 10:17:27 -04:00
James Lee 9d9f3b5a03
Refactor to prepare for replacing report_auth_info 2014-06-02 18:07:44 -05:00
Tod Beardsley d0d389598a
Land #3086, Android Java Meterpreter updates
w00t.
2014-06-02 17:28:38 -05:00
Spencer McIntyre 76c3aaf743 Pymeterpreter get type encoder from dict instead 2014-06-02 17:32:08 -04:00
Spencer McIntyre aeca455a10 Pymeterpreter update pystagers for version 3.1/3.2 2014-06-02 17:18:13 -04:00
Spencer McIntyre b84297980d Pymeterpreter use print_exc and not print_exception 2014-06-02 16:50:54 -04:00
Christian Mehlmauer ff6607bd87 Correct documentation link
changed link from https://dev.metasploit.com/documents/api/ to https://dev.metasploit.com/api/
2014-06-02 22:37:20 +02:00
David Maloney 07093ada58
add realm handling to psexec
oops, forgot to create the realm when applicable
2014-06-02 14:53:40 -05:00
William Vu 9063d3cf1f
Land #3417, release fixes 2014-06-02 14:34:14 -05:00
Luke Imhoff ca63d2201e
Update init_module_paths spec to match Rails::Engine behavior
MSP-9653
2014-06-02 14:26:35 -05:00
Tod Beardsley b136765ef7
Nuke extra space at EOL 2014-06-02 14:22:01 -05:00
David Maloney 361b9a1616
psexec credential refactor
refactor psexec credential reporting
to use Metasploit::Credential
2014-06-02 14:20:54 -05:00
Luke Imhoff 1295028595
Remove unneeded MetasploitDataModels.require_models
MSP-9653

Models are loaded using railties features.
2014-06-02 13:54:38 -05:00
Luke Imhoff fcd23545e8
Remove pro schema infection
MSP-9653
2014-06-02 13:54:11 -05:00
Lance Sanchez 15fffb1668
Adding in some tests
cleaning up the regex a bit

MSP-9678
2014-06-02 13:50:30 -05:00
Luke Imhoff 9e78509aac
Merge branch 'staging/electro-release' into feature/MSP-9653/use-metasploit-concern-in-pro
MSP-9653

Conflicts:
	Gemfile
	Gemfile.lock
2014-06-02 13:40:11 -05:00
Luke Imhoff 0b57ed9134
Update schema.rb
MSP-9653
2014-06-02 13:32:00 -05:00
Luke Imhoff 80a75e1e9c
Update Gemfile.lock
MSP-9653

Forgot to `bundle install` after changing the metasploit-credential
version.
2014-06-02 13:27:56 -05:00
Tod Beardsley ea383b4139
Make print/descs/case consistent 2014-06-02 13:20:01 -05:00
Trevor Rosen 5c745c4b9c Merge pull request #31 from rapid7/feature/MSP-9728/coreftp
refactor coreFTP post module

MSP-9728 #land
2014-06-02 13:19:11 -05:00
Tod Beardsley b7dc89f569
I prefer "bruteforce" to "brute force" for search
Just makes it easier to search for, since it's an industry term of art.
2014-06-02 13:09:46 -05:00
Luke Imhoff 898b108863
Gemspec
MSP-9653

Add gemspec for metasploit-framework so that pro can declare it as a
proper dependency.  DO NOT release metasploit-framework to rubygems: it
is 47 MB and would be not be nice to their servers.
2014-06-02 13:03:07 -05:00
Luke Imhoff ebf61bef22
Metasploit::Framework::Engine
MSP-9653

Rails::Engine version of Metasploit::Framework::Application that can be
used by downstream projects, like Pro to get the shared behaviors, like
modules path adding, meterpreter extension merging, and binary default
encoding.
2014-06-02 13:00:22 -05:00
Luke Imhoff 9d326fcb24
Extra common engine and fix default encoding
MSP-9653

Extra config and initializers that can we shared between
Metasploit::Framework::Application and the future
Metasploit::Framework::Engine.  Move the default encoding setup from
lib/msf/sanity.rb to a before_initialize callback for the shared config
so that gems, like gherkin that depend on the utf-8 default internal
encoding can be loaded.
2014-06-02 12:57:48 -05:00
Luke Imhoff 3ebe7dfbc8
Gem version
MSP-9653

Move version information to standard location for gems.
2014-06-02 12:54:46 -05:00
Luke Imhoff 21fad7163d
Msf::DBManager#connection_established?
MSP-9653

Calling `ActiveRecord::Base.establish_connection`, followed by
`ActiveRecord::Base.connected?` returns false unless some other code
requires a connection to be checked out first.  The correct way to check
if the spec passed to `ActiveRecord::Base.establish_connection` is to
checkout a connection and then ask if it is active.
`Msf::DBManager#connection_established?` does the checkout, active check
and checkin, and should be used in place of
`ActiveRecord::Base.connected?` and
`ActiveRecord::Base.connection_pool.connected?`.
`Msf::DBManager#active` should still be used as it also checks for
adapter/driver usability and that migrations have run.
2014-06-02 12:49:09 -05:00
Luke Imhoff b436aeff01
msfenv compatibility with Pro
MSP-9653

lib/msfenv.rb should only load the framework environment to initialize
Metasploit::Framework::Application if a Rails.application is not
defined, otherwise it will clash with the Rails application in prosvc.
2014-06-02 12:41:22 -05:00
Luke Imhoff 1055efbeaa
Add module paths from paths['modules'] from Rails app and engines
MSP-9653

Allow rails engines (and other applications, like
Metasploit::Pro::Engine::Application) to define their own module paths
using the paths['modules'] entry for Rails Applications/Engines.
2014-06-02 12:32:54 -05:00
Luke Imhoff 84f5a0d499
Explicitly require gem dependencies
MSP-9653
2014-06-02 12:27:15 -05:00
David Maloney 9eb42cb80f
refactor smartftp post module
refactor the smartftp credential post module to use
Metasploit::Credential
2014-06-02 11:48:45 -05:00
David Maloney 34004908bb
Merge branch 'master' into staging/electro-release
Conflicts:
	.ruby-version
2014-06-02 11:10:33 -05:00
William Vu 8bd4e8d30a
Land #3406, indeces_enum -> indices_enum 2014-06-02 11:06:33 -05:00
William Vu bba741897e
Land #3413, improved FileDropper cleanup message 2014-06-02 11:05:48 -05:00
Trevor Rosen d9fd77fba7 Merge pull request #29 from rapid7/feature/MSP-9739/mremote_refactor
Feature/msp 9739/mremote refactor

MSP-9739 #land
2014-06-02 11:05:20 -05:00
Lance Sanchez f2a2975bc1 Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner 2014-06-02 10:56:54 -05:00
Christian Mehlmauer 428df19739
Changed message 2014-06-02 17:28:09 +02:00
Trevor Rosen 90c8ade911 Merge pull request #28 from rapid7/feature/MSP-9726/smart_hashdump
Feature/msp 9726/smart hashdump

MSP-9726 #land
2014-06-02 08:31:16 -05:00
Meatballs 58ee2ccd6e
Land #3390, Fix have_powershell 2014-06-01 10:43:35 +01:00
Christian Mehlmauer 03b4a29662
Clarify filedropper error message 2014-05-31 22:17:32 +02:00
OJ 823f31d8af
Land #3402 IE 11 sandbox source and updated bins 2014-05-31 11:34:51 +10:00
jvazquez-r7 f6862cd130 Land @OJ's updated meterpreter binaries 2014-05-30 20:27:28 -05:00
OJ d2b8706bd6
Include meterpreter bins, add Sandbox builds
This commit contains the binaries that are needed for Juan's sandbox
escape functionality (ie. the updated old libloader code). It also
contains rebuilt binaries for all meterpreter plugins.

I've also added command line build scripts for the sandbox escapes
and added that to the "exploits" build.
2014-05-31 08:12:34 +10:00
Spencer McIntyre 77eac38b01 Pymeterpreter fix processes_via_proc for Python v3 2014-05-30 16:32:03 -04:00
William Vu e9bce6641c
Land #3410, 1.9.3-p547 for .ruby-version 2014-05-30 15:11:48 -05:00
Christian Mehlmauer c0391edff7
Land #3409, fix for http crawler 2014-05-30 21:51:33 +02:00
Tod Beardsley 730ca62089
Bump to p547 to fix a regression in p545
In my excitement of landing #3281 I didn't check to see if there was a
newer Ruby available. Turns out, p547 was released on May 16, and fixes
a regression regarding OpenSSL.

Announcement:

https://www.ruby-lang.org/en/news/2014/05/16/ruby-1-9-3-p547-released/

Sorry about the shuffle.
2014-05-30 14:27:54 -05:00
David Maloney 1e2ae16713
refactor vnc post module
this adds Metasploit::Credential functionality to
the post/windows/gather/credentials/vnc module
it also fixes a hostname resolution issue on windows
hashdump that could occur when the peerhost is an unresolved
hostname
2014-05-30 14:27:44 -05:00