67fbeacbf0
Add support for optional image downloading
...
Without -d, `CF_DIB` types will just show image dimensions. Running
with -d will result in the image being looted.
2013-11-02 23:07:13 +10:00
6e7e5a0ff9
Put postInfo() in the js directory
2013-10-31 13:55:22 -05:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
2fbac9b129
Add `getproxy` command
...
This command pulls out system proxy details on windows machines.
2013-10-30 18:40:51 +10:00
1f6c320bb3
Tidy up of extapi code, new bins
...
* Rename methods to remove redundancy.
* Update bins to freshly compiled version.
* Use the Rex Table functionality instead of custom look.
* Use the `usage` feature of the Arguments class for help.
2013-10-29 21:22:05 +10:00
606411de81
Fix mimikatz error when password is nil
...
In some cases the password value that comes out of mimikatz results
is `nil`, instead of an empty string. This fixes this so that if
the string is `nil` is falls back to an empty string, resulting in
the call to `gsub` working instead of failing.
2013-10-29 15:13:32 +10:00
b5f26455a3
Land #2545 , javascript library overhaul
2013-10-23 16:12:49 -05:00
ee95ca5e2b
Land #2158 - Fix NoMethodError undefined method `split' for nil:NilClass
2013-10-22 16:01:27 -05:00
e1c4aef805
Land #1789 - Windows SSO Post Module
2013-10-22 15:48:15 -05:00
afcce8a511
Merge osdetect and addonsdetect
2013-10-22 01:11:11 -05:00
19615ac4b7
Apparently I missed a lot of stuff
2013-10-21 21:02:01 -05:00
fcba529ea5
Update coding format
2013-10-21 20:54:25 -05:00
ea56c4914c
Need this file
2013-10-21 20:17:38 -05:00
9a3e719233
Rework the naming style
2013-10-21 20:16:37 -05:00
cf65f59a28
Retry shell without thread impersonation
...
In certain scenarios on Windows XP there are times when creating a
shell fails with the error `ERROR_PRIVILEGE_NOT_HELD`. When this
happens the user will usuall fallback to a non-impersonated shell
via the command: `execute -f cmd.exe -H -i -c`
This patch catches the error, warns the use of the failure and then retries
to create the interactive shell without the `-t` flag.
2013-10-21 15:29:19 +10:00
4e90394c7f
Add support for CF_DIB clipboard formats
...
Image data copied to the clipboard, such as a screenshot, is converted to a JPEG using GDI+, and downloaded to the local loot folder.
This feature doesn't work with W2K as a result, but that doesn't really bother me. The code is simpler and much smaller as a result and doesn't require the inclusion of the jpeg library code.
2013-10-21 00:05:42 +10:00
2d24824e78
Use data_directory instead of install_root
2013-10-19 17:55:03 -05:00
8a94df7dcd
Change category name for base64
2013-10-18 21:20:16 -05:00
62dadc80d3
Make sure the data type for the return value is a string
2013-10-18 21:08:46 -05:00
298f23c91c
Fix extra slashes that cause browser autopwn to fail.
2013-10-18 20:43:39 -05:00
ffcb86eba2
Land #2541 , Outpost24 importer
...
Sample data is currently secret. If we get a hold of non-secret sample
data, it'll be tacked on to the Redmine bug referenced below.
[FixRM #8384 ]
2013-10-18 13:21:58 -05:00
f6675f3120
Reordered case statements
2013-10-18 13:21:28 -05:00
8579cb8322
Use obfuscation
2013-10-18 13:06:19 -05:00
93ff9ec501
Create methods for start_element for readability
2013-10-18 12:20:43 -05:00
ff69e9fd05
Move product info code to a better location
2013-10-18 12:07:34 -05:00
3af38b9602
I bet "../" will drive people crazy, avoid that.
2013-10-18 11:56:03 -05:00
e6cccedad0
Append vuln info to vuln description
2013-10-18 11:31:54 -05:00
b0d614bc6a
Cleaning up requires
2013-10-18 01:47:27 -05:00
c926fa710b
Move all exploitation-related JavaScript to their new home
2013-10-17 16:43:29 -05:00
12151650e4
Add product info to hosts and services :)
2013-10-17 16:18:27 -05:00
06c7943f54
Import hostnames without breaking everything
2013-10-17 15:31:48 -05:00
920e406526
Import CVE refs and db.emit all the things
2013-10-17 14:29:54 -05:00
d4d4839dc2
Add size (bytes) of the files on the clipboard
...
Output of the `clipboard_get_data` call now includes the size
of each file in bytes.
2013-10-16 22:54:55 +10:00
afc5e282a9
Add CF_HDROP file support to the clipboard
...
`clipboard_get_data` has been changed so that raw text is supported and file listings are supported.
If files are on the clipboard, those files and folders are listed when this command is run. To download the files, pass in the `-d` option.
2013-10-16 17:46:22 +10:00
0081e186f7
Make sure i var is local
2013-10-15 23:59:23 -05:00
ad8af02021
Add my wonderfully simplistic Outpost24 parser
2013-10-15 16:34:46 -05:00
4c91f2e0f5
Add detection code MS Office
...
Add detection code for MS Office XP, 2003, 2007, 2010, and 2012.
[SeeRM #8413 ]
2013-10-15 16:27:23 -05:00
41ab4739e3
Land #2520 - Add detection for FF 22 - 24
2013-10-15 15:17:43 -05:00
414a814d5d
Add the start of clipboard support
...
This commit adds support for getting text-based information from the
victim's clipboard and for setting text-based data to the victim's
clipboard. Early days, with much wiggle room left for extra fun
functionality.
2013-10-15 23:57:33 +10:00
ea89b5e880
Add support for child window enumeration
...
Children of windows can now be enumerated via the -p parameter, which
specifies the handle of the parent window to enumerate.
There is also a -u parameter which includes unknown/untitled windows
in the result set.
2013-10-15 18:02:27 +10:00
711fac08b7
Don't throw exception if createElement is missing.
2013-10-14 14:15:13 -05:00
183940308b
Add another nil check, just to be safe.
2013-10-14 13:55:54 -05:00
20a145f1e7
Check for prop in prototype, not constructor.
2013-10-14 13:51:45 -05:00
488ed5bd4a
Add new feature detection logic for FF 23 and 24.
2013-10-14 13:41:26 -05:00
cad717a186
Use NDR 32bit syntax.
...
Compatible with both x86 and x64 systems.
Tidy up the module...
2013-10-12 18:52:45 +01:00
876d4e0aa8
Land #1420 , WDS scanner
2013-10-11 16:53:25 -05:00
b99af52279
Improve extapi ruby structure, add bins
...
The extapi project will get bigger over time so this change allows for the code to get
bigger without becoming a headache before it starts.
Added binaries to this commit as well.
2013-10-11 09:52:23 +10:00
85112e8704
Land #2413 , axe callcc
...
This is the only time callcc is used in the entire codebase, too, so
this apparently removes a roadblack to non-MRI Rubies, so that's nice.
2013-10-10 14:55:55 -05:00
378f403fab
Land #2453 , Add stdapi_net_resolve_host(s) to Python Meterpreter.
...
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
2013-10-10 20:13:06 +01:00
cbaeebeff7
Add service_query to ext_server_extapi
...
Once the user has queried the list of services they can now use the
`service_query` function to get more detail about a specific service.
2013-10-11 01:02:51 +10:00
23340e9df0
Add service_enum to the ext_server_extapi extension
...
This commit adds the ability to enumerate services on the target machine,
showing the PID, the service name, the display name and an indication of
the service's ability to interact with the desktop.
Some other small code tidies were done too.
2013-10-10 21:23:23 +10:00
adbcace9dd
Land #2458 , OJ's Meterpreter railgun multi call fix
...
also [FixRM #8269 ]
2013-10-10 00:38:44 -05:00
6c382c8eb7
Return nil on error, and move the module to post/multi.
2013-10-09 16:52:53 -04:00
47801c17b3
MSF started to the extended API with window enum
...
Decided to kick off a new extended API extension with mubix and
kernelsmith to include some more advanced enumeration stuff. The goal of
this extension is to take stuff that wouldn't be part of the std api but
is rather useful for enumeration of a target once meterpreter has been
established.
This commit kicks things off with enumeration of top level windows on the
current desktop.
2013-10-09 22:25:43 +10:00
e895a17722
Add 'no quotes' option for CmdStagerPrintf
...
Exploit developers can use the ':noquotes => true' option to avoid
single quotes surrounding the octal escapes argument.
2013-10-08 21:04:28 +02:00
2593c06e7c
Land #2412 , @mwulftange's printf cmd stager
2013-10-08 09:08:29 -05:00
6f7d513f6e
Another clean up and simplification of CmdStagerPrintf
2013-10-08 07:22:09 +02:00
836ff24998
Clean and fix CmdStagerPrintf
...
Clean up of the CmdStagerPrintf as discussed in mwulftange#1
2013-10-05 10:39:55 +02:00
77cbb7cd19
Update function documentation
2013-10-04 15:18:27 -05:00
29d1c75d1c
Update RopDb mixin to allow dynamic payload size for neg
...
This adds a new key to allow a "safe" integer value to NEG. "Safe"
means the value does not have any null bytes after the NEG instruction,
which is typically used to calculate the payload size.
2013-10-03 23:09:23 -05:00
21afa9defe
Meterpreter railgun multi call fix
...
Modifications accommodate changes in the multi-call railgun code that
were made to Meterpreter.
This also includes a fix for Redmine 8269, so the Windows constants
now work correctly with the multi-calls.
2013-10-04 12:04:18 +10:00
758fd02619
Windows 7 SP1 and newer fail when forcing IPv6 sockets
2013-10-02 09:45:51 -05:00
82162ef486
Add error message support to railgun
...
This code was lost in the transition when the meterpreter source was
removed from the metasploit-framework source. I'm pulling this in by
request of @dmaloney-r7 who originally requested this code be inculded
as part of https://github.com/rapid7/metasploit-framework/pull/740
I added an extra bit of code to free up memory that is allocated by the
call to FormatMessage and forced the ASCII-version (FormatMessageA) of
the call.
This PR is the MSF side of https://github.com/rapid7/meterpreter/pull/26
2013-10-01 17:23:08 +10:00
7cc2ad55a6
Land #1770 , unattend.xml snarfing modules
2013-09-27 16:04:38 -05:00
63d638888d
Get rid of interior tabs
2013-09-27 16:04:03 -05:00
d869b1bb70
Unless, unless everywhere.
2013-09-27 15:55:57 -05:00
c94e8a616f
Retabbed to catch new bad tabs
2013-09-27 13:34:13 -05:00
869c10af04
Land #2396 , aspx-exe shellcode generator
...
Looks good to me, specs are all happy (also added a #to_h spec)
2013-09-27 11:42:16 -05:00
d04c47d2b7
Remove comment since it was addressed in 4500d09c2f
2013-09-26 19:47:54 -05:00
701410f608
Land #2414 , portfwd teardown and recreate
...
[FixRM #8240 ]
2013-09-25 17:40:47 -05:00
1a515093cb
Idiomatic Ruby
...
Assuming this gets accepted, this should [FixRM #8240 ]. Take a look, and
if you're good with it, I'll land on master. Everything seems to work
out on this end.
2013-09-25 17:26:00 -05:00
9cc446ae2a
Get cookies with empty values
2013-09-25 14:31:34 -05:00
58d4096e0f
Resolv conflicts on #2267
2013-09-25 13:06:14 -05:00
99e46d2cdb
Merge branch 'master' into cve-2013-4660_js_yaml_code_exec
...
Conflicts:
modules/exploits/multi/handler.rb
2013-09-25 00:32:56 -05:00
f1e563d375
Merge branch 'master' of github.com:rapid7/metasploit-framework into enum_ad_perf
2013-09-24 19:08:52 +01:00
0038bb90b1
Remove unncessary counter var
2013-09-24 13:35:29 +10:00
b91e344815
Add code to recreate the forwards after migration
...
* Feels like a bit of a hack job, but it works.
2013-09-24 13:27:58 +10:00
487f68f4d2
Get rid of callcc
...
[SeeRM 8407]
2013-09-23 19:36:26 -05:00
7c4708b1df
-) Fix get_cookies to return multiple cookies. Before it only returned the first cookie
...
-) Bugfix
2013-09-23 23:59:45 +02:00
e885ab45b6
Land #1734 Metasploit side for ip resolv
2013-09-23 16:18:40 -05:00
10252ca6f4
Just Rex::Text.to_octal is probably better
2013-09-23 23:03:38 +02:00
9353929945
Add CmdStagerPrintf
2013-09-23 22:02:29 +02:00
b6c7116890
Land #1778 - Mimikatz Fix for table.print and x86 warning
2013-09-20 16:13:53 -05:00
e9e1b28ba8
Land #2371 , echo -e cmd stager
2013-09-19 14:47:39 -05:00
11bdf5d332
New pull
2013-09-19 19:57:38 +01:00
72155f8e9e
Comment update
2013-09-19 19:46:05 +01:00
598e85a8d9
Fix for dangling port forwards
...
Code tears down the port forwards prior to migrating so that we don't end up with dangling connections that don't work.
2013-09-19 19:27:54 +10:00
f4e2e0ac11
Clear report_data on each host report
2013-09-18 17:11:22 -05:00
dd7010d272
Fix @todb-r7 feedback
2013-09-17 20:54:19 -05:00
dae8847c4d
Land #2374 , more complete 32/64 migrate fix
...
[FixRM #8395 ]
2013-09-17 14:52:04 -05:00
21055f6856
Add x86 to meterpreter's binary suffix
...
This makes x86 more consistent with x64.
Also replaces a bunch of instances of:
File.join(Msf::Config.install_root, 'data', ...)
with the simpler
File.join(Msf::Config.data_directory, ...)
[See rapid7/meterpreter#19 ]
2013-09-16 21:52:04 -05:00
d954d64f69
Add NODEJS arch constants.
2013-09-16 21:33:44 -05:00
217449a836
Ensures termination of inner while loop and cleans up #map.
...
* Tested working against ubuntu target using the sshexec test script.
2013-09-16 20:42:20 -05:00
edec022957
Use shellwords, as recommended by @jvennix-r7
2013-09-16 16:35:45 -05:00
d6954e9ce7
Fix migrate from 32- to 64-bit processes
...
In some cases, it was possible to end up in a situation where the x64
reflective library hadn't been loaded by the time a user typed migrate.
If the target process was 64-bit, msfconsole would error out with a
NoMethodError and much sadness would ensue.
[See #2356 ]
2013-09-16 16:04:50 -05:00
a5049df320
Add echo CmdStager
2013-09-16 11:35:05 -05:00
72dff03426
FixRM #8396 change all lib use of regex to 8-bit pattern
2013-09-12 16:58:49 -05:00
8bc83f4922
Retab changes for PR #1420
2013-09-05 16:21:26 -05:00
d6a7ce5328
Merge for retab
2013-09-05 16:21:13 -05:00
b3b8cee870
Retab changes for PR #1473
2013-09-05 16:19:05 -05:00
0ba4e1da65
Merge for retab
2013-09-05 16:18:56 -05:00
3c1df47314
Retab changes for PR #1681
2013-09-05 16:10:40 -05:00
a231e85293
Merge for retab
2013-09-05 16:10:28 -05:00
2e9096d427
Retab changes for PR #1734
2013-09-05 14:59:41 -05:00
322ed35bb4
Merge for retab
2013-09-05 14:59:34 -05:00
2846a5d680
Retab changes for PR #1770
2013-09-05 14:57:40 -05:00
269c1a26cb
Merge for retab
2013-09-05 14:57:32 -05:00
701513a212
Retab changes for PR #1778
2013-09-05 14:56:35 -05:00
3788bab8e5
Merge for retab
2013-09-05 14:56:30 -05:00
26b8364dcb
Retab changes for PR #1789
2013-09-05 14:44:21 -05:00
789be1fe3e
Merge for retab
2013-09-05 14:44:14 -05:00
81479a6ade
Retab changes for PR #2093
2013-09-05 14:31:10 -05:00
8a76b3390d
Merge for retab
2013-09-05 14:31:05 -05:00
daed98931e
Retab changes for PR #2158
2013-09-05 14:19:55 -05:00
27fd54092a
Merge for retab
2013-09-05 14:19:49 -05:00
7e5e0f7fc8
Retab lib
2013-08-30 16:28:33 -05:00
1ea3d91f48
Lands #2244 Python Meterpreter
...
[Closes #2244 ]
2013-08-30 14:33:35 +01:00
526e504531
More fix
2013-08-25 12:21:37 +01:00
d45d37bc38
Really fix...
2013-08-25 00:18:50 +01:00
83da0b3a57
Correct fname
2013-08-25 00:17:26 +01:00
19e47d5e82
Really fix war
2013-08-25 00:06:31 +01:00
b4b59aa065
Add guards against empty payloads
2013-08-24 11:59:59 +01:00
09ceeb5de2
Fix war generation
2013-08-23 20:06:57 +01:00
41b1b30438
vba transform
2013-08-23 18:00:19 +01:00
7370fc3f4e
vbs transform
2013-08-23 16:26:03 +01:00
5040347521
Fix psh and add powershell transform
2013-08-23 15:59:19 +01:00
e276b57ee7
Merge remote-tracking branch 'upstream/master' into python-meterpreter-dev
2013-08-19 08:37:12 -04:00
ed00b8c19e
Ensure checksum* methods return a Fixnum
...
Fixes a bug in reverse_http* stagers where requests for the root URI
(i.e., "/") cause a NoMethodError on nil returned by checksum8.
[See #2216 ]
2013-08-14 14:09:37 -05:00
3827b14103
Land #1726 , ssl verify mode
...
Conflicts:
lib/rex/socket/parameters.rb
Fix doc strings
2013-08-12 17:57:10 -05:00
08c32c250f
File versions
2013-08-08 19:42:14 +01:00
2d69174c5b
Initial commit of the python meterpreter.
2013-08-05 23:38:49 -04:00
7e539332db
Reverting disaster merge to 593363c5f with diff
...
There was a disaster of a merge at 6f37cf22eb593363c5f9
2013-07-29 21:47:52 -05:00
455569aee8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-29 12:10:12 -05:00
b99ad41a64
Add api constants and tidy
2013-07-26 01:48:39 +01:00
0235e6803d
Initial working
2013-07-25 23:24:11 +01:00
1d2d4b5345
Add some null checks
2013-07-25 18:35:11 +01:00
47c21dfe85
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-24 11:42:11 -05:00
00630376c3
Revert the default call to firefox
...
This reverts commit 0928a370f3#2148 . The call to
system is inside the else, but the tabbing made my eyes cross.
Sorry about that. Someday soon, @tabassassin will save us all from these
kinds of screw ups in mental parsing.
2013-07-23 16:13:02 -05:00
d493346691
Land #2137 , fixes and specs for Opt containers
2013-07-23 15:58:09 -05:00
621568bf8f
Another Error Type needs caught
...
Different systems throw a different error
Need to rescue that error too
2013-07-23 15:47:42 -05:00
86ab942435
Land #2146 , Unix and Windows path normalization
2013-07-23 15:23:41 -05:00
0928a370f3
Adding back default firefox
...
the default is triggered only outside the case statement, which itself
is totally bizarre. I can't tell if anyone is relying on this behavior
right now, but it's too premature to just remove it out at this point.
2013-07-23 14:43:30 -05:00
53c3fd2ce7
Update comment docs on Rex::Compat.open_browser
2013-07-23 14:38:04 -05:00
ce5742461a
update open_browser functionality
...
open_browser didn't support xdg-open or firefox-bin. xdg-open was made the default as it is the most likely to succeed afaik.
the fallback to firefox was removed because since we check for the existence of firefox is makes no sense to try to run it after we failed to find it. This will silently fail if no supported browser is found due to suggestions from the msf team:
< Zero_Chaos> more importantly, it would be great if someone told me how to spit out a message to the user
< Zero_Chaos> because I have no clue :-)
<@egypt> Zero_Chaos: it's in rex, so the answer is "don't"
2013-07-23 14:58:16 -04:00
bb16683415
Land #2087 , @egypt's random ID generator
2013-07-23 13:52:08 -05:00
958a4edd73
Keep the trailing slash if the user wishes
2013-07-22 20:46:18 -05:00
359009583f
Drop support for UNC path parsing in normalize_win_path
...
Not really a good idea to try to parse UNC format. Confuses the
purpose of the function.
2013-07-22 20:20:45 -05:00
4b3fce9349
Add functions to normalize Winodws & Unix paths
...
The purpose of these functions is to be able to join file/dir paths
safely without trailing slashes, basically for the same reason as
normalize_uri. Some modules are really buggy when merging paths,
so instead of letting them do it, it's better to use these functions.
2013-07-22 19:26:04 -05:00
15b0e39617
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-21 13:47:40 -05:00
757cf18bb4
Land #2135 - Update FF detection
2013-07-20 13:10:14 -05:00
92ae90b828
Whitespace fixes.
2013-07-19 17:27:27 -05:00
2e838d7be3
Fix minor bugs discovered when testing.
2013-07-19 17:18:39 -05:00
7e2fc147f1
Add updated versions of firefox.
2013-07-18 16:35:57 -05:00
ec82644bd3
mo fixes mo specs
...
SEERM #7536
SEERM #7537
2013-07-18 15:00:57 -05:00
58229ff8b7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-17 20:18:48 -05:00
9d56e58e84
Rely on object detection for '5716599'
...
[SeeRM #7252 ]
2013-07-17 15:47:25 -05:00
458ac5f289
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-17 15:02:33 -05:00
11f8b351c0
Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework
2013-07-17 11:44:42 -05:00
54af2929f5
Land #2109 , kill stray character
2013-07-16 11:11:06 -05:00
34e732eabd
Kill stray character in whitespace gutter.
2013-07-16 10:14:41 -05:00
987d6a671f
Allow passing MaxChar to Rex::Ui::Text::Table cols
...
Passing MaxChar allows setting the maximum number of characters
printed within a specific column during the row_to_s method.
This does not affect CSV output nor truncate the actual data.
Meant for tidying up long console ouput.
Example: cleaned up cmd_creds to show proof and not maul tables
with unix session data.
2013-07-10 20:00:40 -04:00
85affe4d47
Land #2089 , smb last_filename can be nil
2013-07-10 14:18:00 -05:00
4cc179a24c
Store inverted hash for better lookups
...
Also clarifies comment about infinite loops
2013-07-10 12:38:42 -05:00
71974a8535
to_addr_hex_dump is never used and is too similar to to_hex_dump
...
Not so much value in to_addr_hex_dump, as Meatballs1 suggested, we
should remove this.
2013-07-10 11:09:47 -05:00
add294d999
Fix potential nil in last_filename
...
Replacing #2060 . It is possible to get a nil in last_filename if
the sub! function doesn't find any 0x00s to replace, so instead
it's best to use sub(), which should at least return the original
filename. To make sure we don't hit any other unknown conditions
that may result in nil last_filename, it's also convert with to_s
to make sure it's always a string.
2013-07-09 12:50:19 -05:00
afa6a36df3
Make first char's character class configurable
2013-07-09 02:50:28 -05:00
273046d8f0
Add a class for generating random identifiers
...
Will be useful for all kinds of things, but brought about in discussions
specifically for Util::EXE in #2037 .
2013-07-09 02:06:44 -05:00
0ce3fe2e7c
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
2013-07-05 22:25:04 +01:00
28a4a05991
Land #2046 , base argument for to_hex_dump
2013-07-02 12:11:05 -05:00
98c214d2fb
Allow 0 base address, and dynamic left column length
2013-07-02 11:40:23 -05:00
2ceb404f7d
Land #2047 , @hmoore-r7 ipmi related work
2013-07-02 11:13:25 -05:00
9eb32ea9af
Allow "base" argument for to_hex_dump
...
[SeeRM:#8121] - For debugging purposes, it's useful to be able to
specify a base.
2013-07-01 23:56:51 -05:00
2751470c71
Add @jlee-r7's feedback to sapni proxies support
2013-07-01 21:37:53 -05:00
9c4d869ed8
Land #1018 , @nmonkee's support for sap router proxies
2013-07-01 21:36:02 -05:00
8e4dd29a4c
Add cipher zero scanner
2013-06-30 02:35:37 -05:00
4fb6fa67f2
Fix require for constants, trim useless fields from banner
2013-06-26 09:59:40 -05:00
84117e28a8
Remove stale constants.rb require
2013-06-26 09:52:15 -05:00
b3b94c7a73
Break packet classes into their own files
...
This makes the file structure match the class structure and makes the
source tree easier to grok.
2013-06-24 19:24:09 -05:00
1801a5a270
Better HP iLO compatibility (retry on session ID error)
2013-06-24 14:23:53 -05:00
c869112407
Cleanup, reporting, and automatic cracking
2013-06-23 01:35:31 -05:00
5656e0cb7a
Initial commit of IPMI library, scanner, & cracker
2013-06-22 23:38:28 -05:00
6c62463f83
Add ipv6 resolution and remove nix
2013-06-20 22:17:31 +01:00
1aff778a79
Fix unpack
2013-06-18 09:06:44 -05:00
3f665ba5a0
Skip also max-age from cookies
2013-06-17 14:04:08 -05:00
1637651bbb
Revert multilang test
2013-06-15 17:48:32 +01:00
62e335dab2
Resolve conflict
2013-06-15 17:40:37 +01:00
fc7d151273
Add multilang syscheck
2013-06-15 17:39:01 +01:00
f5b00512e0
Fix sap ni proxy, hopefully
2013-06-13 17:15:48 -05:00
3cb851e4e0
Merge remote-tracking branch 'todb-r7/fix-msftidy-1944' into csharp_payload
2013-06-12 17:29:00 -05:00
0f06e9b08c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into csharp_payload
2013-06-12 17:27:55 -05:00
9c75d821d1
Fix up msftidy warnings on rex/text.rb
2013-06-12 11:17:58 -05:00
d0e1e4df0a
This commit adds support for C# byte arrays for the assembly payloads.
2013-06-11 19:27:06 -05:00
af613ee254
Add a more readable #inspect
2013-06-11 15:22:49 -05:00
937d7fb762
Landing #1835 - Fix a backwards disasm bug which stomps on the depth opt
2013-05-31 16:28:49 -05:00
df2140ea59
Add back the tmp include check according to bannedit's feedback
2013-05-31 16:26:52 -05:00
dacc73a60f
Improve readability based on Egypt's feedback
2013-05-31 16:24:27 -05:00
14c4dbcf8c
Also remove *.ts.rb files
...
On the heels of #1862 , this gets rid of the "test suites" that bound
together all the old unit tests.
2013-05-28 17:05:44 -05:00
e20385dd9e
Merge pull request #1864 from dmaloney-r7/feature/task_associations/cred_service_host
...
Passes specs and functional tests
2013-05-28 12:11:57 -07:00
9843dc4cb4
Land #1708 , android meterpreter
...
Conflicts:
data/meterpreter/ext_server_stdapi.jar
2013-05-28 12:19:45 -05:00
0f21861921
Add task handling to imports
...
allow imports to carry along task info
[Story #49167601 ]
2013-05-23 13:33:19 -05:00
05916c079e
Inline unit tests are so last decade
...
Aside from codebase-wide changes, nearly all of these tests haven't been
touched since before 2010, and there is no effort to maintain this style
of testing. We've moved on to (correctly) seperating out our tests from
our codebase.
2013-05-23 12:41:14 -05:00
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
031bb2eb0b
Fix a backwards disasm bug which stomps on the depth option
2013-05-15 22:08:50 -04:00
61afe1449e
Landing #1275 , bash cmdstager
...
Conflicts:
lib/rex/exploitation/cmdstager.rb
Conflict was just the $Id$ tag, which is no longer used anyway.
2013-05-15 10:44:05 -05:00
c71b57764e
Add a Python buffer formatter and update msfpayload to enable using it
2013-05-13 20:41:15 -05:00
7fb092c58c
Initial commit
2013-05-02 22:08:19 +01:00
6bf19c6fb8
HTTP::ClientRequest: Should handle nils in params
...
When hashes for params contain nils, they should be converted to empty
strings instead of crashing.
* #to_s: Calls #to_s on vars_get and vars_post data
* #set_encode_uri: Calls #to_s on its arg
2013-04-30 22:01:00 +03:00
293c847a32
Fix table.print
2013-04-29 22:02:41 -05:00
69dead8c8f
Tidier
2013-04-29 23:17:11 +01:00
36ef2cb5a1
x86 warning for mimikatz
2013-04-29 23:14:32 +01:00
02788f71d9
Fix table.print
2013-04-29 22:37:02 +01:00
d53d6370b3
Land #1747 , mimikatz meterpreter extension
...
[Closes #1747 ]
See rapid7/meterpreter#9
2013-04-29 14:45:07 -05:00
1d9a695d2b
Landing #1772 - Adds phpMyadmin Preg_Replace module (CVE-2013-3238)
...
[Closes #1772 ]
2013-04-28 12:17:16 -05:00
bbd53a2dbd
Add domain to get_cookies
2013-04-26 20:34:21 +01:00
b25b9e769c
Msftidy
2013-04-26 20:30:04 +01:00
1f2cab7aef
Tidyup and getcookies
2013-04-26 20:26:04 +01:00
9ad19ed2bf
Final tidyup
2013-04-26 15:41:28 +01:00
c7ac647e4e
Initial attempt lfi
2013-04-26 14:32:18 +01:00
d8430c83cf
Add simple rspec
2013-04-26 00:47:00 +01:00
668dd78587
Msftidy
2013-04-26 00:21:31 +01:00
e2bf4882f0
Add domain join parse
2013-04-26 00:20:10 +01:00
235887ccb5
Finished
2013-04-25 23:25:05 +01:00
93bddd9041
Improved docs and partial specs for Rex::Text
...
Conflicts:
lib/msf/core/modules/loader/base.rb
lib/rex/poly/block.rb
lib/rex/text.rb
2013-04-23 17:24:03 -05:00
fab1781812
Refactored to send custom commands
2013-04-22 10:04:38 +01:00
6656514616
Msftidy
2013-04-21 14:34:47 +01:00
fc621e8d7e
Parse ssp correctly
2013-04-21 10:55:01 +01:00
83fbc3e46f
Small fix and attribution to gentilkiwi
2013-04-21 00:36:43 +01:00
cec737d399
tidy and table header
2013-04-20 18:05:47 +01:00
b219a23f00
Refactoring
2013-04-20 18:00:46 +01:00
20849714ac
Add all methods
2013-04-20 17:27:32 +01:00
ddaa09edad
Added msv
2013-04-20 16:31:45 +01:00
83578dec68
Getprivs by default
2013-04-20 14:59:07 +01:00
a23d7bb66f
Add client UI and parse results
2013-04-20 12:20:38 +01:00
5fa81942db
Initial comms
2013-04-19 22:19:50 +01:00
4d21c7dff5
Landing #1727 , adding @jlee-r7's new fingerprints
2013-04-15 13:49:59 -05:00
67791c12a5
Small tidy
2013-04-14 11:18:45 +01:00
26479bbe82
Fixup resolve_host
2013-04-14 10:58:51 +01:00
6a7fc70274
Remove length stuff
2013-04-14 10:54:19 +01:00
6bca2b305f
Typo
2013-04-14 10:44:00 +01:00
849b42ffb9
Further tidy
2013-04-14 10:42:15 +01:00
4b4f77eb0f
Finalize
2013-04-14 10:32:56 +01:00
32bd812bdb
android meterpreter
2013-04-12 18:57:04 +01:00
2c8ec656ca
Typo
2013-04-11 22:36:08 -05:00
7df80c7aac
Add a couple new IE fingerprints to osdetect.js
2013-04-11 22:29:02 -05:00
1e93ae65e3
fix typo in parameters
2013-04-11 19:12:32 -04:00
5ac18e9156
commant update
2013-04-11 19:11:25 -04:00
6eb33ae5ed
Rex::Socket::SslTcp set cipher and verify_mode
...
Update Rex::Socket::SslTcp to accept verification mode string from
Rex::Socket::Parameters, which has been modified accordingly.
Add SSLVerifyMode and SSLCipher options (params and socket work
were done before, but the option was not exposed) to
Msf::Exploit::Tcp.
Testing:
```
>> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort'
=>443,'SSL' => true, 'SSLVerifyMode' => 'NONE')
>> sock.sslctx.verify_mode
=> 0
>> sock.close
=> nil
>> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort'
=>443,'SSL' => true, 'SSLVerifyMode' => 'PEER')
=> #<Socket:fd 13>
>> sock.sslctx.verify_mode
=> 1
```
Note: this should be able to resolve the recent SSL socket hackery
of exploit/linux/misc/nagios_nrpe_arguments.
2013-04-11 18:00:33 -04:00
6a0b240d10
Add some better docs for Rex::Socket
2013-04-10 12:41:41 -05:00
e4ff7a2f2c
Address egypt's feedback
2013-04-09 21:15:04 +01:00
3660ad8c0a
Initial attempt
2013-04-07 23:03:43 +01:00
OJ
sinn3r
William Vu
Tod Beardsley
joev
Meatballs
kernelsmith
Spencer McIntyre
Markus Wulftange
jvazquez-r7
Tab Assassin
Joshua J. Drake
James Lee
FireFart
Joe Vennix
HD Moore
David Maloney
ZeroChaos
RageLtMan
Brandon Perry
Samuel Huckins
bannedit
Tasos Laskos
Tod Beardsley
timwr