James Barnett
a5172e066d
Land #9926 , check remote data service before connecting
...
This PR adds a check prior to connecting to a remote data service
to verify it is online and returning expected data. This prevents
crashes that were occurring when unexpected responses were returned
2018-04-25 14:07:33 -05:00
christopher lee
071a191055
Merge master + workspace removal from http remote data service
2018-04-25 13:39:46 -05:00
Matthew Kienow
43edf46c43
Fix set data service for no database YAML case
2018-04-24 18:34:16 -04:00
Matthew Kienow
359ef27834
Narrow rescue scope to StandardError
2018-04-24 17:19:54 -04:00
Matthew Kienow
f66029d129
Validate remote data service instance
...
Adds simple data service instance validation when registering and
setting a data service.
2018-04-24 16:54:10 -04:00
Matthew Kienow
01dd79173b
Add data proxy and service for online check
2018-04-24 15:11:16 -04:00
James Barnett
e5513409db
Include :workspace in db_import opts
2018-04-24 13:53:55 -05:00
James Barnett
31be847213
Add workspace when reporting vuln_attempt
2018-04-19 11:09:13 -05:00
James Barnett
aa40ef1789
Grab session_dto workspace from host
2018-04-18 17:38:42 -05:00
James Barnett
82798424b2
Support getting a workspace via id
...
Also implements a helper method to sanitize sinatra injected
params since it was causing issues downstream. Updated each
use of sinatra params to use this helper method.
2018-04-17 12:35:22 -05:00
James Barnett
a8a95a03a3
Implement remote workspace delete
2018-04-17 10:19:40 -05:00
James Barnett
f27490dc61
Address PR suggestions and add comments
2018-04-16 16:45:23 -05:00
James Barnett
68ad91763a
Merge branch 'rapid7/master' into MS-3062_workspaces
2018-04-16 15:33:59 -05:00
James Barnett
2ef451c349
Land #9873 , add notes functionality to remote datastore
...
This PR enables create, update, and delete functionality for the notes
command and data model when using a remote data service.
2018-04-16 15:03:27 -05:00
Matthew Kienow
e283f109a7
Remove commented out code
2018-04-16 14:14:46 -04:00
Matthew Kienow
daf67999d6
Raise NotImplementedError in NoteDataService stubs
2018-04-13 12:07:35 -04:00
Matthew Kienow
e639fda53c
Fix DB initialization with no database YAML
2018-04-11 09:15:38 -04:00
James Barnett
cd48b47760
Fix failing tests.
...
-Was accidentally deleting opts[:workspace] instead of processing
-Update notes help text expectations
2018-04-10 17:10:32 -05:00
James Barnett
e51f41fa34
Merge remote-tracking branch 'msf_jbarnett/fix_services_bugs' into MS-3062_workspaces
2018-04-10 13:35:33 -05:00
James Barnett
90542779ff
Audit models to ensure :workspace is passed only when needed
2018-04-09 14:50:37 -05:00
William Vu
e17a788ab5
Remove stray dlog filling framework.log
2018-04-09 13:58:10 -05:00
James Barnett
852bc3d237
Dont inject :workspace into every HTTP request.
2018-04-04 16:30:25 -05:00
James Barnett
6a02712674
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces
2018-04-04 16:03:43 -05:00
James Barnett
e892911fbe
Use a constant for default workspace name
2018-04-02 17:02:14 -05:00
christopher lee
3aed6d6666
Initial
2018-04-02 08:08:23 -05:00
William Vu
840923d591
Land #9738 , msfconsole user-friendliness changes
2018-04-01 02:12:53 -05:00
James Barnett
ecbbf1d940
Pass workspace when using db_nmap
2018-03-30 15:27:32 -05:00
Matthew Kienow
2b7c3872d4
Add proxy method for find_or_create_note
2018-03-29 18:43:34 -04:00
James Barnett
3b1e3a4256
Missed one more bug in append_workspace
2018-03-29 15:18:31 -05:00
James Barnett
19e01b4b66
Fix bug in append workspace when using :wspace
2018-03-29 15:04:00 -05:00
James Barnett
7f42235ad7
Create default workspace if it doesnt exist
2018-03-28 15:39:24 -05:00
James Barnett
d23e33a7bc
Make workspace -v work with updates
2018-03-28 13:31:49 -05:00
James Barnett
1b6aa86d92
Merge remote-tracking branch 'mkienow/MS-3061-remote-notes-read-update-delete' into MS-3062_workspaces
2018-03-27 15:57:41 -05:00
Matthew Kienow
0b5d3d31f9
WIP remote note read, update, delete
2018-03-27 16:36:56 -04:00
James Barnett
cfa03a999c
Finish moving current_workspace tracking to client
2018-03-26 15:58:47 -05:00
James Barnett
def0e4d93b
Merge branch 'goliath' into MS-3062_workspaces
2018-03-23 11:37:01 -05:00
James Barnett
6b3a4a56dc
Merge branch 'rapid7/master' into goliath
2018-03-23 11:26:31 -05:00
James Barnett
ed5b22a541
Address more code review comments
2018-03-22 21:47:59 -05:00
James Barnett
6c5a7a663a
Merge branch 'goliath' into MS-2879_db_export
2018-03-22 21:22:23 -05:00
James Barnett
466c97f114
WIP: move tracking active workspace to client side
...
* Move the @current_workspace tracking to workspace proxy
* Create helper for handling workspace value in opts
* Call framework.db.proxy across dbmanager files now that active ws is tracked in proxy
NOTE: This commit throws an exception when adding a remote data service.
2018-03-22 21:00:06 -05:00
James Barnett
93d4f5cd0b
Last few review comments
2018-03-21 17:50:11 -05:00
James Barnett
eee24366c9
Address code review comments and bug
2018-03-21 17:42:54 -05:00
Matthew Kienow
553789557b
Merge branch 'goliath' into MS-2910-remote-vuln-read-update-delete
2018-03-21 01:45:58 -04:00
Aaron Soto
7e5214fef5
Improved CTRL-C edge case, Invalid Options edge case, help output, version output
2018-03-20 13:34:15 -05:00
James Barnett
90bebc2096
Convert workspace update to new api
2018-03-19 14:24:16 -05:00
James Barnett
929fb041ab
Fix bug when adding workspace remotely
2018-03-19 11:01:22 -05:00
James Barnett
35bc8e905e
Refactor workspace delete to be consistent with other commands
2018-03-16 16:11:09 -05:00
James Barnett
8ddaae5fe4
Remove unused code
2018-03-15 12:12:12 -05:00
christopher lee
4d04319d2a
Merged master
2018-03-15 11:31:44 -05:00
James Barnett
0d170571da
Fix bug with file name
2018-03-14 15:59:07 -05:00
James Barnett
b179603b4a
Externalize db_export command
2018-03-14 15:06:28 -05:00
James Barnett
ac5669388a
Merge branch 'goliath' into MS-2879_db_export
2018-03-14 11:37:08 -05:00
Matthew Kienow
fcd2bbd1de
workaround attempt to parse nil JSON string value
2018-03-12 14:29:42 -04:00
Matthew Kienow
636284d530
Update session inferred vuln handling
...
Add remote vuln attempt
2018-03-12 14:26:03 -04:00
h00die
ec7a62bc4c
move ssh platforms to lib
2018-03-08 21:23:11 -05:00
James Barnett
b18ed03407
Merge branch 'goliath' into MS-2909
2018-03-07 14:55:50 -06:00
James Barnett
c670748fe3
Update services signature
2018-03-07 13:59:09 -06:00
James Barnett
c058d0fba0
WIP: port db_export command
2018-03-06 15:15:27 -06:00
Brent Cook
d6871f5733
Land #9614 , Juniper post enum module
2018-03-06 10:29:56 -06:00
christopher lee
68d72cbfa7
Goliath Cleanup in preparation for merge to master
2018-03-06 10:21:22 -06:00
James Barnett
b42c3ff654
Merge branch 'goliath' into MS-2909
2018-03-02 16:32:55 -06:00
James Barnett
fd4032928e
Add services search
2018-03-02 10:57:35 -06:00
christopher lee
4f6b1de9a3
Merge branch 'master' into goliath
2018-03-01 14:14:39 -06:00
James Barnett
06d2482e86
Implement services update
...
NOTE: This changes functionality for the services command flags.
Previously -s and -p were used for searching for services.
Now the commands will only be used for adds/updates.
If you would like to search, please use -s and pass a search string
2018-02-28 15:12:23 -06:00
James Barnett
dffbc67e71
Implement service delete
...
Also fix bug searching for services by host address
2018-02-27 17:17:07 -06:00
Brent Cook
9597e5294d
treat MUST_CHANGE + PASSWORD_EXPIRED as valid
2018-02-27 15:21:21 -06:00
James Barnett
c90fabee60
Implement remote service create
2018-02-27 14:20:43 -06:00
James Barnett
9dc6089fcf
Merge branch 'goliath' into MS-2909
2018-02-27 11:14:15 -06:00
Brent Cook
66e3ac4c76
treat 'password must change' as a successful login
2018-02-26 17:57:31 -06:00
h00die
c7bbc6eca4
juniper post enum module
2018-02-22 21:08:21 -05:00
Matthew Kienow
22752518ea
WIP remote vuln read, update, delete
2018-02-22 13:53:22 -05:00
James Barnett
d4440d049d
Merge branch 'goliath' of github.com:clee-r7/metasploit-framework into goliath
2018-02-21 11:16:31 -06:00
James Barnett
3005a8b7ce
Merge branch 'rapid7/master' into goliath
2018-02-21 11:16:05 -06:00
James Barnett
b3642b1079
Address PR comments
2018-02-20 15:30:37 -06:00
James Barnett
09ae4ac8ac
Add more info to console output
2018-02-20 13:34:33 -06:00
Wei Chen
9a293cd30e
Fix #8120 , Fix undef method 'gsub' in bavision_cam_login
...
Fix #8120
2018-02-14 11:03:03 -06:00
James Barnett
efd23d37c3
Use common error handling
2018-02-09 16:24:45 -06:00
James Barnett
bbd25fc97b
WIP: getting services add working
2018-02-08 17:20:50 -06:00
James Barnett
f114092445
Merge branch 'goliath' into MS-2833
2018-02-08 14:32:03 -06:00
jbarnett-r7
352cf295b5
Merge branch 'goliath' into MS-2833
2018-02-07 14:38:26 -06:00
James Barnett
5b35662dbf
Address PR comments
2018-02-07 14:21:31 -06:00
James Barnett
cb093d8063
Use proper logging
2018-02-07 10:25:56 -06:00
Matthew Kienow
52b8f405bd
Refactor change host methods, remove debug output
2018-02-06 18:54:05 -05:00
James Barnett
5bc38206c0
Few more loot bugs
2018-02-06 17:22:09 -06:00
James Barnett
6e2503bbd8
Add loot update
2018-02-06 16:16:22 -06:00
Matthew Kienow
629f79ebf7
WIP remote host update
2018-02-06 16:11:46 -05:00
James Barnett
49b88dbef7
Pass loot search using query string
2018-02-05 18:15:05 -06:00
jbarnett-r7
f176e339bc
Merge pull request #12 from clee-r7/ms-2911
...
Ms 2911
2018-02-05 15:46:28 -06:00
christopher lee
1759621b03
Make 8080 default service port
2018-02-05 15:01:03 -06:00
christopher lee
020a28f5c7
Unify data service command
2018-02-05 13:28:17 -06:00
James Barnett
e8b29af208
Merge branch 'goliath' into MS-2833
2018-02-02 17:32:17 -06:00
Matthew Kienow
dcf4171cfb
Fix query array encoding issue
2018-02-02 17:16:12 -05:00
christopher lee
5a899d5126
Renamed msfdb to avoid omnibus collision, removed inline data service startup code
2018-02-01 16:28:36 -06:00
christopher lee
3bc0608579
Finish POC cleanup
2018-02-01 13:59:15 -06:00
christopher lee
59bc1a34d5
Remove 'puts' logging and cleanup AWS poc
2018-02-01 13:38:20 -06:00
James Barnett
fc7ab6cbff
Merge branch 'externalize-host-data-search' into MS-2833
2018-02-01 11:24:11 -06:00
Matthew Kienow
5c38207a8e
WIP externalize host data search
2018-01-31 16:34:42 -05:00
James Barnett
3ff613db8f
"fix" adding loot from the command line
2018-01-31 10:31:09 -06:00
James Barnett
e1b61b8180
Merge branch 'goliath' into MS-2833
2018-01-31 10:06:36 -06:00
Matthew Kienow
3a01a16dcb
Fix issue with workspace in query data
2018-01-25 17:29:58 -05:00
Matthew Kienow
4989e94e68
Add HTTP PUT request method
2018-01-25 10:40:57 -05:00
James Barnett
5505996518
Add loot delete
2018-01-24 16:42:16 -06:00
Matthew Kienow
2ffd627c56
Merge branch 'goliath' into add_https
2018-01-23 18:59:59 -05:00
christopher lee
dd65141a22
Merge branch 'goliath' into MS-2891
2018-01-23 10:45:44 -06:00
James Barnett
d10cd2d92a
Add verification methods to HTTPS
...
This commit enables peer verification for SSL.
It also gives the user options to verify the server if the server uses a self-signed cert.
There is an override to skip verification as well.
2018-01-22 18:08:16 -06:00
Christopher Lee
6ffae7f6ad
Merge pull request #9 from clee-r7/correct-api-url
...
Update API URLs
2018-01-22 15:17:09 -06:00
christopher lee
2521c941d4
Ported singleton calls
2018-01-22 14:57:28 -06:00
Matthew Kienow
2211459b9d
Correct workspace_associations_counts API path
2018-01-20 14:54:14 -05:00
Matthew Kienow
b7e5b0f161
Update API URLs per design discussion
2018-01-20 14:50:59 -05:00
Matthew Kienow
cb4999c1ac
Add URI query data option to request methods
2018-01-19 16:51:49 -05:00
christopher lee
d5978803eb
Fix all failing rspec for goliath
2018-01-19 15:16:19 -06:00
James Barnett
b8296a809c
Merge branch 'goliath' into add_https
2018-01-19 13:33:24 -06:00
James Barnett
ff9c69c7c8
Merge branch 'rapid7/master' into goliath
2018-01-19 13:28:17 -06:00
Matthew Kienow
764ecf6562
Land #6 JSON to MDM
...
Deserialize JSON returned from a remote data service to an in-memory MDM object
2018-01-18 17:21:10 -05:00
James Barnett
0654979be6
Remove separate code path for openstruct for creds.
...
Also fix RemoteCredentialDataService to work with json_to_mdm
2018-01-18 13:27:33 -06:00
Brent Cook
7fe237abe1
Land #9220 , Module cache improvements
2018-01-17 22:34:51 -06:00
Brent Cook
08f622b0ce
update version
2018-01-17 17:24:15 -06:00
James Barnett
bab9b66521
Only send back one object for host create
2018-01-12 10:52:16 -06:00
James Barnett
809d3d28c7
Merge branch 'rapid7/master' into goliath
2018-01-11 16:18:41 -06:00
James Barnett
b2666ad3f2
Update host delete method to return full objects of deleted hosts
2018-01-11 16:12:25 -06:00
Metasploit
18f16e7c66
Bump version of framework to 4.16.32
2018-01-11 10:03:16 -08:00
Matthew Kienow
e964e8bcbb
Fix incorrect HTTP request method calls
2018-01-10 23:59:53 -05:00
Matthew Kienow
f895169c7f
Fix incorrect HTTP request method calls
2018-01-10 23:53:24 -05:00
James Barnett
3c73892a70
Use json_to_mdm for Credentials.
2018-01-10 16:58:44 -06:00
James Barnett
4a377af5e6
Deserialize JSON to Mdm Object
2018-01-09 15:18:49 -06:00
James Barnett
173705ad35
Add error handling when no data returned from server
2018-01-05 11:44:25 -06:00
Metasploit
3a7a539c84
Bump version of framework to 4.16.31
2018-01-04 12:17:08 -08:00
Metasploit
d4de9eef9b
Bump version of framework to 4.16.30
2018-01-04 10:03:21 -08:00
James Barnett
5058c2d36f
Merge branch 'goliath' into add_https
2018-01-03 10:51:22 -06:00
James Barnett
4aac8f5c39
Merge branch 'rapid7/master' into goliath
2018-01-02 17:34:40 -06:00
Matthew Kienow
40d15bf3e6
Hash#each style correction
2018-01-02 12:25:14 -05:00
James Barnett
f015b926da
Merge branch 'goliath' into add_https
2018-01-02 10:38:48 -06:00
Metasploit
7254130b77
Bump version of framework to 4.16.29
2017-12-28 15:19:22 -08:00
Jeffrey Martin
66ca61f636
Merge released '4.x'
2017-12-28 17:15:29 -06:00
Brent Cook
c2bb144d0f
Land #9302 , Implement ARD auth and add remote CVE-2017-13872 (iamroot) module
2017-12-28 14:11:26 -06:00
Metasploit
c681c7881d
Bump version of framework to 4.16.28
2017-12-28 10:03:39 -08:00
Brent Cook
6f1196d30c
clarify what's happening when there is a connection failure
2017-12-27 22:32:08 -06:00
Matthew Kienow
5e4836b1e9
Implement hosts remote data store delete
...
Also, resolve an issue when adding a host where the client-side
raises an exception.
2017-12-26 23:09:23 -05:00
Jon Hart
d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-22 08:07:40 -08:00
Metasploit
909caa0425
Bump version of framework to 4.16.27
2017-12-21 13:27:52 -08:00
Brent Cook
9d8cb8a8d0
Merge branch '4.x' into upstream-master
2017-12-21 15:17:38 -06:00
Metasploit
ee2f10efc5
Bump version of framework to 4.16.26
2017-12-21 10:04:38 -08:00
Jon Hart
962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 18:58:36 -08:00
Jon Hart
d0b3abc14b
Better handling of MQTT endpoints which don't require authentication
...
Arguably this is working around LoginScanner's inability to provide
blank usernames AND passwords
2017-12-20 18:02:52 -08:00
Jeffrey Martin
8cd7185a7f
Land #9313 , Add DirectAdmin login_scanner module
2017-12-20 15:23:24 -06:00
Jeffrey Martin
7f8a5d3834
improved credential reporting
2017-12-20 15:09:11 -06:00
Jon Hart
b4262662dc
Add missing mqtt login helper
2017-12-20 12:33:49 -08:00
Metasploit
66b1a555a1
Bump version of framework to 4.16.25
2017-12-18 16:33:25 -08:00
Nick Marcoccio
be2a3ca270
edited sid comment
2017-12-18 08:18:02 -05:00
Nick Marcoccio
f447fa1a12
Added DirectAdmin Login Utillity
2017-12-17 22:43:37 -05:00