72b9647b31
Land #5057 , CVE fixups
2015-04-03 16:36:11 -05:00
8140b0ee6c
Update Qualys importers for the new CVE format
2015-04-01 17:50:18 -05:00
8c1a597a25
Make a Session record before using it
...
How about that.
2015-04-01 13:12:28 -05:00
2fc22132e0
Link the new constant as default in documentation
2015-03-31 16:48:02 -05:00
44dd45e48d
Use a const instead of hardcoding "tcp" everywhere
2015-03-31 16:15:04 -05:00
76bfaa6ce9
Fix dumb inverted logic. Thanks, rspec!
2015-03-31 14:28:07 -05:00
8b8ec5990a
Ask the database how long the column should be
...
Instead of hardcoding a number
2015-03-31 14:12:22 -05:00
a8ef465b46
Use the variables we worked so hard to create
2015-03-31 13:34:27 -05:00
3695d4b0c7
Don't modify argument in place
2015-03-31 13:32:28 -05:00
adcf88761d
Save ref names for easier debugging
2015-03-31 13:07:09 -05:00
176cdcb836
Use sym-to-proc instead of reimplementing it
2015-03-31 11:21:53 -05:00
a1a7faa77a
Don't modify argument in place
2015-03-31 10:41:24 -05:00
7e559f7b13
Don't modify argument in place
2015-03-31 10:16:14 -05:00
971120ce98
Use create! instead of new ... save!
2015-03-31 10:15:23 -05:00
790a08a848
It's pronounced "exploit", not "assoc_exploit"
2015-03-30 16:21:17 -05:00
1b0e3f13c6
Remove unnecessary extra assignment
2015-03-30 13:14:36 -05:00
310779d7bf
Death to hashrockets
2015-03-30 13:13:58 -05:00
e65f4e92ea
Separate the two ways to make `Mdm::Session`s
...
Failing spec due to reuse of Mdm::Module::Detail instead of also
instantiating an Msf::Module
2015-03-30 13:05:20 -05:00
374db22d5b
Re-enable host lookup for _failure
...
Again needed when called from exploit_driver because nothing is reported
yet at that point.
Also adds some yardoc
2015-03-30 12:30:52 -05:00
f0eeef3cbb
Move copy-pasta into a new method
2015-03-30 01:43:56 -05:00
49902a6395
We actually do need the port/proto for failure
...
Because it is called from lib/msf/core/exploit.rb Exploit#report_failure
with datstore values
Partial revert of e3605aa252
2015-03-30 01:01:34 -05:00
415510ca6a
Fix stupid typo that made vuln_id an Array
2015-03-30 00:52:02 -05:00
e3605aa252
We always pass a Service, get rid of port/proto
2015-03-27 11:54:03 -05:00
25d0b8baff
Redundant check
2015-03-27 11:35:35 -05:00
3b8d70b567
host is always an Mdm::Host, don't look it up again
2015-03-27 11:34:32 -05:00
466ef4349e
Second verse, same as the first
2015-03-27 09:59:10 -05:00
bf8146c8b5
Axe redundant check
2015-03-26 21:19:19 -05:00
88a8186a11
Pull up redundant hash literal
2015-03-26 19:33:53 -05:00
a9e4961563
New hash syntax
2015-03-26 10:05:08 -05:00
a3ae0daf5a
Whitespace
2015-03-26 10:02:08 -05:00
414983ac8c
Merge branch 'feature/MSP-11925/create-user-data' into staging/single-vuln-push
...
Conflicts:
Gemfile.lock
2015-03-24 12:42:08 -05:00
cb41154712
Make a MatchResult when sessions are reported
2015-03-10 15:17:57 -05:00
b37a975108
Use metasploit_data_models staging branch
2015-03-09 01:28:27 -05:00
d771f54e35
Axe unused var
2015-03-09 00:21:10 -05:00
6baff47e98
Refactor inference into its own method
2015-03-09 00:19:57 -05:00
5316e0f0ce
Land #4887 , msfconsole -n store_loot fix
2015-03-07 17:14:21 -06:00
ca3b2220b5
Check to ensure Mdm is loaded to fix store_loot.
2015-03-05 23:27:13 -06:00
7cb3e236fb
Adding back prepended colons
...
Don't seem to be needed but don't want to introduce that change.
2015-03-05 14:06:50 -06:00
02d30b3d44
Changes workspace cmd ordering to updated_at asc
2015-03-05 14:05:24 -06:00
095431c323
fix note search conditions
...
note search conditions needed to know about
vuln_id or else vuln notes would get overwritten
MSP-12183
2015-02-26 15:48:04 -06:00
a72d49678a
only match by CVE refs
...
the other refs can be non-specific and refer
to multiple distinct vulns, resulting in
incorrect refs being attached to a vuln leading to
a snowball effect with more and more vulns being
misidentified.
MSP-12183
2015-02-26 14:57:16 -06:00
8351920d1e
don't match based on URL refs
...
multiple vulns may be listed for
the same URL making matches based on
these refs entirely unreliable
MSP-12183
2015-02-26 11:40:15 -06:00
e4a58a2ec5
import notes attached to vulns
...
add the ability to import notes that
are attached to vulns instead of hosts
MSP-12183
2015-02-24 13:36:57 -06:00
389bcbd343
refactor note import into sep method
...
we will now be importing notes from multiple
place within the XML document. the importing
of notes has been refactored into a seperate
method to be easily reused in this fashion
MSP-12183
2015-02-24 12:18:32 -06:00
ce688f4247
Land #4765 , Rails4 compatible finder conversion
...
* find_or_initialize_by_DYNAMIC
2015-02-13 15:56:09 -06:00
dc6a365a13
Fix finder query in Msf::DBManager::Vuln
...
MSP-12152
* This is part of updating finder queries to be Rails 4 compatibile
* In #find_vuln_by_details, pass in conditons hash crit rather than symbol :crit
2015-02-13 13:21:25 -06:00
dc1eab377c
Rails 4 finder conversion: convert find_or_initialize_by_x_and_y
...
MSP-12153
* convert to where(conditions).first_or_initialize
2015-02-13 12:39:44 -06:00
f0bf881cc3
Land #4720 , update Rails 3-style .find(:first)
...
Eliminate the Rails 3-style .find(:first) calls, and replace with
Rails 4-compatible .first().
Fixes #4720 , also see MSP-12012
2015-02-12 14:30:13 -06:00
7c57b9fb57
Fix Master - Pro build
...
MSP-12138
* revert to previous Rails 3 syntax.
2015-02-11 12:02:34 -06:00
9a445e2027
Land #4707 , updates to finder syntax
...
Updates some Rails 3 style ActiveRecord calls to use the Rails 4 Arel
syntax, in preparation for our move to Rails 4.
Fixes #4707 , also see MSP-12018
2015-02-09 16:01:38 -06:00
Tod Beardsley
William Vu
James Lee
joev
Samuel Huckins
David Maloney
Christian Catalan
Sonny Gonzalez
Matt Buck