infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,836 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

8600 Commits (925cd63171be5b9cf0afd00f81d34833b37e75a7)

Author SHA1 Message Date
Luke Imhoff e6f442697b
Extract Msf::Module::Type 
MSP-11126
 2014-10-16 14:23:21 -05:00
Luke Imhoff e418f98d45
arch -> Msf::Module::Arch 
MSP-11126
 2014-10-16 13:21:11 -05:00
Luke Imhoff 44b2e5e35c
Extract Msf::Module::Arch 
MSP-11126
 2014-10-16 13:14:56 -05:00
Luke Imhoff 31c93e9dbc
Extract Msf::Module::ModuleInfo 
MSP-11126
 2014-10-16 13:01:42 -05:00
Luke Imhoff f9caa4d25e
Extract Msf::Module::Options 
MSP-11126

Methods for registering, derigsterings, and validating options.
 2014-10-16 11:14:42 -05:00
Luke Imhoff c50cb2eb8a
Extract Msf::Module::UI::*::Verbose and shared examples 
MSP-11126
 2014-10-16 10:05:45 -05:00
Luke Imhoff a9a6f0c5f9
Extract Msf::Module::UI::Line 
MSP-11126
 2014-10-16 09:50:07 -05:00
Luke Imhoff bc2bd99698
Extract Msf::Module::UI::Message 
MSP-11126
 2014-10-16 09:39:30 -05:00
Luke Imhoff f5d09f735e
Extract Msf::Module::Compatibility 
MSP-11126
 2014-10-16 09:14:57 -05:00
Luke Imhoff 85169d5e8d
Extract Msf::Module::DataStore 
MSP-11126
 2014-10-16 09:03:23 -05:00
Luke Imhoff f068d669d6
Extract Msf::Module::ModuleStore 
MSP-11126
 2014-10-16 09:03:07 -05:00
Luke Imhoff 370daaed5e
Extract Msf::Module::Failure 
MSP-11126

Move `Msf::Module::Failure` to a file of its own.
 2014-10-16 09:02:55 -05:00
Tod Beardsley c4d1a4c7dc
Revert #4022, as the solution is incomplete 
Revert "Land 4022, datastore should default TLS1 vs SSL3"

This reverts commit 4c8662c6c1, reversing
changes made to 0937f32ff9.
 2014-10-15 12:32:08 -05:00
Tod Beardsley 1754b23ffb
Datastore options should default to TLS1, not SSL3 
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)

Squashed commit of the following:

commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:19:04 2014 -0500

    Whoops missed one

commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:16:59 2014 -0500

    Other datastore options also want TLS1 as default

commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:12:06 2014 -0500

    TCP datastore opts default to TLS1

    Old encryption is old. See also: POODLE
 2014-10-15 10:28:53 -05:00
HD Moore 6cf62765de Default to TLSv1 for RPC connections 2014-10-15 01:20:43 -05:00
Tod Beardsley e68aaa4226
Don't disclose empty disclosure dates 
For rapid7#4015
 2014-10-14 16:02:23 -05:00
William Vu f612c8cd3e
Add disclosure date to info 2014-10-14 15:15:24 -05:00
William Vu fdd79e64c3
Land #4010, ReverseAllowProxy clarification 2014-10-14 15:10:50 -05:00
William Vu 5c4f61057f
Show available actions for info 2014-10-14 12:41:02 -05:00
Pedro Laguna 70d1eefaa9 Update reverse_tcp.rb 
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:

>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.

Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
 2014-10-14 11:24:59 +01:00
Jon Hart 458da2bca4
Land #3988, @wchen-r7's fix for #3985, a lack of logging for 'check' 2014-10-12 18:46:35 -07:00
sinn3r 96be53dcf1
Land #3962 - Show selected action 2014-10-12 14:02:40 -05:00
William Vu a04ad3aa8c
Update print_error to reflect new usage 2014-10-10 14:38:26 -05:00
William Vu 26743b4c38
Rewrite existing code to use HasActions 
And fix a bug in the initial use case where mod.action was dropped.
 2014-10-10 14:35:54 -05:00
William Vu 7e7e0259e4 Fix tab completion for post actions 2014-10-10 12:24:23 -05:00
William Vu 238a30a769
Update print_error to include post modules 2014-10-10 12:12:43 -05:00
sinn3r 48d2343152 Fix #3985 - check command should elog 2014-10-10 01:06:37 -05:00
Spencer McIntyre a535d236f6
Land #3947, login scanner for jenkins by @nstarke 2014-10-09 12:59:02 -04:00
William Vu 1d766ba95b
Rename dump_auxiliary_action{,s} 
To dump_module_action{,s} to accommodate post modules, etc.
 2014-10-08 14:49:14 -05:00
jvazquez-r7 f30309fe81
Land #3919, @wchen-r7's Fixes #3914, Inconsistent unicode names 2014-10-08 14:46:14 -05:00
William Vu f6a9cfcc52
Break away the elsif into a separate if 
In case exploits support actions for some crazy reason in the future.
 2014-10-08 14:30:41 -05:00
William Vu b2ba6e7ae1
Make the code more maintainable 
Despite the code around it.

Thanks for the advice, @jlee-r7!
 2014-10-08 14:14:28 -05:00
jvazquez-r7 dbc199ad77 space after commas 2014-10-08 13:56:59 -05:00
William Vu c0ef2c7938
Support post modules 
I kinda hate this code.

TODO: Get rid of and/or and the extra parens.
 2014-10-08 13:23:50 -05:00
William Vu a8b5bf4625
Show selected auxiliary action 2014-10-07 14:34:41 -05:00
nstarke eed0958de5 Fixing Comment 
Comment was incorrect and needed to be fixed.
 2014-10-07 11:28:40 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs 
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
 2014-10-06 21:14:10 -05:00
sinn3r 17f278effd Fix #3822 - Support file:// syntax for check() 2014-10-06 13:37:14 -05:00
James Lee a65ee6cf30
Land #3373, recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-10-03 18:05:58 -05:00
Tod Beardsley 097d2bfbb5
Land #3922: Metasploit Park banner 2014-10-03 16:32:56 -05:00
Tod Beardsley d048bb7725 Add some color to the msfpark banner 
It looks kind of naked without some color compared to all the other
banners.
 2014-10-03 14:52:54 -05:00
Samuel Huckins f2fc0d88ef Lands #3943, changes to engine require 2014-10-03 14:26:50 -05:00
Matt Buck 0bb4eac259
Rename the method for optional requires 
MSP-11412
 2014-10-03 14:06:13 -05:00
Matt Buck 88cbf22ef0
Optionally require mdm, as well 
MSP-11412
 2014-10-03 13:49:39 -05:00
William Vu f7e709dcb3
Land #3941, new WPVDB reference 2014-10-03 10:17:02 -05:00
Christian Mehlmauer f45b89503d change WPVULNDBID to WPVDB 2014-10-03 17:13:18 +02:00
sinn3r 6f50ef581c
Land #3935 - Fix SNMP scanners on OS X/FreeBSD 2014-10-02 16:38:36 -05:00
sinn3r 6d7870a4ac
Land #3934 - New :vuln_test option to BES 2014-10-02 16:31:50 -05:00
Christian Mehlmauer 33b37727c7 Added wpvulndb links 2014-10-02 23:03:31 +02:00
Matt Buck dabec92e61
Ensure require of metasploit/credential/engine is optional 2014-10-02 14:46:56 -05:00