387d784ddc
Implement db_disconnect for remote data service
...
And a couple of fixes for db_connect for remote data services
2018-08-07 14:03:38 -05:00
3e8efea57a
Merge branch 'conform_to_api_standards' into exploit-query
...
Prepare for new JSON format.
2018-07-31 14:48:37 -05:00
eb240892fc
Fix but with origin display in console
...
Also prevent adding workspace to opts when id is present
2018-07-31 14:03:53 -05:00
3291931955
Merge branch 'upstream-master' into exploit-query
2018-07-31 11:51:14 -05:00
0843e6789d
Fix private data not displaying for creds
...
Also fix issue where delete and update cred were not using the data format
2018-07-30 15:31:38 -05:00
d1f09ca81c
Add path selection for GET requests
...
Also remove instances where workspace is passed for
single object lookups since it is no longer required
2018-07-30 13:56:34 -05:00
9e08bf6ec2
Fix logic issue when processing HTTP requests
2018-07-28 15:23:56 -05:00
829b43f743
Address minor code review comments
2018-07-27 16:19:17 -05:00
57c9a3544a
delete unnecessary proxy files
2018-07-27 16:01:45 -05:00
15fe80de06
Merge branch 'master' into conform_to_api_standards
2018-07-27 11:08:18 -05:00
625ea87ea9
Land #10368 , PhpMyAdmin Login Scanner Module
2018-07-24 23:25:27 -05:00
87434ef22d
pull changes
2018-07-24 15:42:31 -05:00
503a2276f2
Convert creds to use new format
2018-07-24 15:25:48 -05:00
6d878a9bb6
Land #10367 , Pass a framework instance to external module shims
2018-07-24 15:22:47 -05:00
de52e8c631
Update Rspec expected thread count
...
External modules start threads during the test run, so the thread
manager is always running by the end in addition to the main VM thread.
2018-07-24 15:14:47 -05:00
4f81fcdc87
retn versions in chk_setup, tests to reflect, doc
2018-07-24 14:51:00 -05:00
eccd223a3e
Merge branch 'master' into conform_to_api_standards
2018-07-24 12:11:14 -05:00
976a3464e1
added phpmyadmin login scanner and aux module
2018-07-24 09:47:01 -05:00
2242cb590d
Fix name in credential_data_service
2018-07-23 17:26:12 -05:00
e3da0a6828
Merge branch 'master' into remote_creds_data
2018-07-23 16:39:13 -05:00
c7ea24e856
Pass symbols for credential types
2018-07-20 13:17:57 -05:00
c11d404ae0
successfully works on v4.8.1
2018-07-20 09:13:51 -05:00
65d42380d3
Merge branch 'master' into remote_creds_data
2018-07-19 16:25:06 -05:00
a8e5308fd3
WIP: Convert each endpoint to use the correct JSON format
2018-07-19 16:20:35 -05:00
9327d75ceb
Land #10343 , Add decryption and decoding support for Metasploit C compiler
2018-07-19 14:57:43 -05:00
04a6cf8f0a
pull latest changes and re-register module servlet in new sinatra base
2018-07-19 14:42:39 -05:00
59962c5273
Merge branch 'master' into conform_to_api_standards
2018-07-19 09:26:17 -05:00
f2fd24780c
Add support for XOR
2018-07-18 23:13:45 -05:00
1534613cda
Add Base64 support
2018-07-18 20:07:27 -05:00
999d0e994f
Add RC4 decryption
2018-07-18 19:50:46 -05:00
612959d9ab
Land #10323 , add authentication to REST API
2018-07-18 17:29:22 -05:00
026ddad9d8
Remove more unused code
2018-07-18 12:44:27 -05:00
08b53a1ef7
Homogenize GET requests
2018-07-18 12:43:48 -05:00
a2da40a104
refactor endpoint under /v1/modules/
2018-07-18 12:06:25 -05:00
846df018e0
Minor code cleanup. Remove unused methods
2018-07-18 11:51:43 -05:00
f30c4e0465
Land #10226 , Add code randomization capabilities to Metasploit::Framework::Compiler
2018-07-12 11:20:04 -05:00
b8ae4f5d12
Update rspec tests for creds and add stubs
2018-07-11 17:42:55 -05:00
8c350cdcd7
Add protections for nil HTTP responses
2018-07-11 15:45:26 -05:00
d3eb71e8e5
Implement invalidate_login
2018-07-09 16:15:40 -05:00
bbc16e1873
Merge branch 'master' into remote_creds_data
2018-07-09 09:49:14 -05:00
0e75317cfe
Change a typo
2018-07-06 13:30:07 -05:00
a60fc3dc00
Fix code based on feedback from Jacob
2018-07-06 00:00:28 -05:00
77a0b74f76
Add delete option to data_services cmd
2018-07-05 16:40:55 -04:00
8a3166e198
Set a default user-agent value
2018-07-03 18:28:35 -04:00
ed34cd8898
Simplify request headers assignment
2018-07-03 17:59:57 -04:00
514c0c76d5
Add API token to RemoteHTTPDataService
2018-07-02 18:34:35 -04:00
2beaabb11a
Add dep for GetTickCount
2018-06-29 10:22:07 -05:00
d9b664c86a
Change option name
2018-06-29 00:07:40 -05:00
52047a6c59
Add switch_spec
2018-06-28 21:21:54 -05:00
5c86b836c4
Add rspec for outputdebugstring and correct a few things
2018-06-28 21:08:15 -05:00
b8094aca7a
Combine rescues
2018-06-28 07:59:40 -05:00
1699f352c1
Rescue RubySMB Error
...
Error occurs when scanning OSX SMB server.
2018-06-28 07:06:33 -05:00
cec506421d
Add rspec fake_function_collection and update the lib
2018-06-27 18:18:05 -05:00
dcaa623075
make random compiling work
2018-06-27 00:09:04 -05:00
823647fbe1
Add compile_random_c func && support optional func collection
2018-06-25 16:50:05 -05:00
90bc7d2294
Update randomizer for progress
2018-06-22 18:22:29 -05:00
8f5ad7c1cb
Add CRandomizer
2018-06-21 14:33:04 -05:00
e42c695baf
Add CRandomizer (WIP)
2018-06-21 10:50:39 -05:00
2ded48a510
Merge branch 'master' into remote_creds_data
2018-06-15 10:26:10 -05:00
0ba319bf56
More handling of nil private, publics, and origins
2018-06-14 16:20:13 -05:00
9f2f61c481
Implement create_credential_and_login in the dataproxy
2018-06-14 13:28:03 -05:00
9aaa7ce142
Enable cracked credential creation via data proxy
2018-06-12 16:00:02 -05:00
64cb7dfb3c
Include origin in remote requests and display it
2018-06-05 14:59:11 -05:00
20c9190aca
Land #10093 , Add Winsock2 API for Metasploit::Framework::Compiler::Windows
2018-06-02 14:35:21 -05:00
d1e0bcf946
WIP: add endpoint for Credential::Login
2018-05-31 15:33:11 -05:00
a8f19df4e6
Pass params through query string on creds GET
...
Also updated API docs to use correct params
2018-05-30 16:23:37 -05:00
7bcf28440f
Merge branch 'local_api_docs' into remote_creds_data
2018-05-29 12:52:15 -05:00
a595dff6a8
Add remote creds update
2018-05-25 16:02:25 -05:00
835281c7cc
Land #9979 , Add inactive list option to sessions command
2018-05-25 03:28:22 -05:00
cab2daf4ed
Add Winsock2 API for Metasploit::Framework::Compiler::Windows
2018-05-24 11:57:41 -05:00
add51a6741
Remove OpenStruct
2018-05-23 18:05:48 -04:00
a107336ad5
Move cred delete to DBManager
2018-05-23 16:47:56 -05:00
0472b9df3f
Land #10024 , Fix find_or_create_* methods for remote data service
...
This PR updates the find_or_create_* methods associated with each model to
no longer just proxy to the report_* model. It now performs a lookup through
the DataProxy and returns the found object if it exists, or creates a new
record if needed.
2018-05-22 17:08:46 -05:00
4ecc1ff551
Modify loots, notes and services search methods
...
Modify loots and services method signatures. Remove workspace as a
positional argument, move into opts hash argument and update callers.
Made host search for these models more uniform. Update find_or_create
methods to handle difference in opts between find and report
operations.
2018-05-21 17:37:51 -04:00
e5c763f6bf
Add support for stdio.h, stdlib.h, and String.h
2018-05-17 14:40:49 -05:00
6b1113d38d
Fix incorrect rescue argument
2018-05-17 12:46:41 -04:00
73393b236c
Add missing data service stub methods
2018-05-14 17:42:52 -04:00
09a7396ad5
Remove remote data service find_or_create method
2018-05-14 17:20:58 -04:00
02566071be
Implement find_or_create DataProxy methods
2018-05-14 17:09:20 -04:00
b1e767298f
Update doc
2018-05-11 10:30:15 -05:00
ad0ba4f402
Update to update compile_c_to_file argument
2018-05-11 10:29:24 -05:00
6cd59faa69
Namespace update
2018-05-11 10:27:54 -05:00
76865732c8
Namespace update
2018-05-11 10:26:59 -05:00
82c8138de0
Update naming and license
2018-05-11 10:08:16 -05:00
d3f50f421d
Update regex
2018-05-10 22:39:49 -05:00
caf07116db
Add compiler support capable of including headers.
...
This is basically a wrapper for metasm, but supports built-in
headers so that as an user, I don't have manually do this
every time I compile something with metasm.
2018-05-10 00:33:01 -05:00
06e178cba2
Add functionality to retrieve sessions
2018-05-05 00:39:56 -04:00
038fe03777
Merge branch 'master' into ms-2962
2018-05-02 15:31:57 -05:00
a7ec7b52b7
Fix error on data server due to unexpected report_exploit call
2018-05-02 14:59:02 -05:00
08d3074c79
Add blurb about potential windows issue
2018-04-27 16:38:10 -05:00
0a73a5007c
Removed duplicated online test
2018-04-27 09:37:17 -05:00
916b4b2261
Land #9936 , Narrow rescue scope to StandardError with database
2018-04-26 17:45:15 -05:00
0fd7ab6dd9
test
2018-04-26 16:52:48 -05:00
9c7db375bf
Fix broken tests after latest merge with master
2018-04-26 16:39:56 -05:00
516b61ebaa
Merged master
2018-04-26 16:02:56 -05:00
e97693d056
Cleanup
2018-04-26 16:01:15 -05:00
c79e39377e
Narrow rescue scope to StandardError
2018-04-26 14:55:41 -04:00
1aad9f0879
Revert NoteDataService to raise RuntimeError
2018-04-26 10:43:03 -04:00
a5172e066d
Land #9926 , check remote data service before connecting
...
This PR adds a check prior to connecting to a remote data service
to verify it is online and returning expected data. This prevents
crashes that were occurring when unexpected responses were returned
2018-04-25 14:07:33 -05:00
071a191055
Merge master + workspace removal from http remote data service
2018-04-25 13:39:46 -05:00
43edf46c43
Fix set data service for no database YAML case
2018-04-24 18:34:16 -04:00
359ef27834
Narrow rescue scope to StandardError
2018-04-24 17:19:54 -04:00
f66029d129
Validate remote data service instance
...
Adds simple data service instance validation when registering and
setting a data service.
2018-04-24 16:54:10 -04:00
01dd79173b
Add data proxy and service for online check
2018-04-24 15:11:16 -04:00
e5513409db
Include :workspace in db_import opts
2018-04-24 13:53:55 -05:00
31be847213
Add workspace when reporting vuln_attempt
2018-04-19 11:09:13 -05:00
aa40ef1789
Grab session_dto workspace from host
2018-04-18 17:38:42 -05:00
82798424b2
Support getting a workspace via id
...
Also implements a helper method to sanitize sinatra injected
params since it was causing issues downstream. Updated each
use of sinatra params to use this helper method.
2018-04-17 12:35:22 -05:00
a8a95a03a3
Implement remote workspace delete
2018-04-17 10:19:40 -05:00
f27490dc61
Address PR suggestions and add comments
2018-04-16 16:45:23 -05:00
68ad91763a
Merge branch 'rapid7/master' into MS-3062_workspaces
2018-04-16 15:33:59 -05:00
2ef451c349
Land #9873 , add notes functionality to remote datastore
...
This PR enables create, update, and delete functionality for the notes
command and data model when using a remote data service.
2018-04-16 15:03:27 -05:00
e283f109a7
Remove commented out code
2018-04-16 14:14:46 -04:00
daf67999d6
Raise NotImplementedError in NoteDataService stubs
2018-04-13 12:07:35 -04:00
e639fda53c
Fix DB initialization with no database YAML
2018-04-11 09:15:38 -04:00
cd48b47760
Fix failing tests.
...
-Was accidentally deleting opts[:workspace] instead of processing
-Update notes help text expectations
2018-04-10 17:10:32 -05:00
e51f41fa34
Merge remote-tracking branch 'msf_jbarnett/fix_services_bugs' into MS-3062_workspaces
2018-04-10 13:35:33 -05:00
90542779ff
Audit models to ensure :workspace is passed only when needed
2018-04-09 14:50:37 -05:00
e17a788ab5
Remove stray dlog filling framework.log
2018-04-09 13:58:10 -05:00
852bc3d237
Dont inject :workspace into every HTTP request.
2018-04-04 16:30:25 -05:00
6a02712674
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces
2018-04-04 16:03:43 -05:00
e892911fbe
Use a constant for default workspace name
2018-04-02 17:02:14 -05:00
3aed6d6666
Initial
2018-04-02 08:08:23 -05:00
840923d591
Land #9738 , msfconsole user-friendliness changes
2018-04-01 02:12:53 -05:00
ecbbf1d940
Pass workspace when using db_nmap
2018-03-30 15:27:32 -05:00
2b7c3872d4
Add proxy method for find_or_create_note
2018-03-29 18:43:34 -04:00
3b1e3a4256
Missed one more bug in append_workspace
2018-03-29 15:18:31 -05:00
19e01b4b66
Fix bug in append workspace when using :wspace
2018-03-29 15:04:00 -05:00
7f42235ad7
Create default workspace if it doesnt exist
2018-03-28 15:39:24 -05:00
d23e33a7bc
Make workspace -v work with updates
2018-03-28 13:31:49 -05:00
1b6aa86d92
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces
2018-03-27 15:57:41 -05:00
0b5d3d31f9
WIP remote note read, update, delete
2018-03-27 16:36:56 -04:00
cfa03a999c
Finish moving current_workspace tracking to client
2018-03-26 15:58:47 -05:00
def0e4d93b
Merge branch 'goliath' into MS-3062_workspaces
2018-03-23 11:37:01 -05:00
6b3a4a56dc
Merge branch 'rapid7/master' into goliath
2018-03-23 11:26:31 -05:00
ed5b22a541
Address more code review comments
2018-03-22 21:47:59 -05:00
6c5a7a663a
Merge branch 'goliath' into MS-2879_db_export
2018-03-22 21:22:23 -05:00
466c97f114
WIP: move tracking active workspace to client side
...
* Move the @current_workspace tracking to workspace proxy
* Create helper for handling workspace value in opts
* Call framework.db.proxy across dbmanager files now that active ws is tracked in proxy
NOTE: This commit throws an exception when adding a remote data service.
2018-03-22 21:00:06 -05:00
93d4f5cd0b
Last few review comments
2018-03-21 17:50:11 -05:00
eee24366c9
Address code review comments and bug
2018-03-21 17:42:54 -05:00
553789557b
Merge branch 'goliath' into MS-2910-remote-vuln-read-update-delete
2018-03-21 01:45:58 -04:00
7e5214fef5
Improved CTRL-C edge case, Invalid Options edge case, help output, version output
2018-03-20 13:34:15 -05:00
90bebc2096
Convert workspace update to new api
2018-03-19 14:24:16 -05:00
929fb041ab
Fix bug when adding workspace remotely
2018-03-19 11:01:22 -05:00
35bc8e905e
Refactor workspace delete to be consistent with other commands
2018-03-16 16:11:09 -05:00
8ddaae5fe4
Remove unused code
2018-03-15 12:12:12 -05:00
4d04319d2a
Merged master
2018-03-15 11:31:44 -05:00
0d170571da
Fix bug with file name
2018-03-14 15:59:07 -05:00
b179603b4a
Externalize db_export command
2018-03-14 15:06:28 -05:00
ac5669388a
Merge branch 'goliath' into MS-2879_db_export
2018-03-14 11:37:08 -05:00
James Barnett
Erin Bleiweiss
Wei Chen
Jeffrey Martin
Adam Cammack
Shelby Pace
Jacob Robles
Matthew Kienow
Brent Cook
christopher lee
William Vu
Aaron Soto