infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,467 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

5230 Commits (b4b1a4168eb965b29d46d040f734d891e308ef28)

Author SHA1 Message Date
HD Moore 38ad7230d2 Fix up a typo 2012-06-17 01:35:39 -05:00
HD Moore e4fffc36de Move to one to many instead of m2m for module_detail tracking 2012-06-17 01:21:38 -05:00
HD Moore 780b8ee48b Remove the vulns_refs destroy, this causes issues 
when the join table has no .id
 2012-06-17 00:12:10 -05:00
HD Moore be9b7a88fb Complicate the matching process in the name of memory 
and loading speed. Use optional match_details param
to find matching vuln instances.
 2012-06-17 00:07:00 -05:00
HD Moore 7d9d6f11e5 Comitting a copy of the "old" mode of loading, 
still hoping to avoid having to do this due to
memory bloat and slowness.
 2012-06-16 22:42:31 -05:00
HD Moore 52150b0e89 Merge branch 'master' into feature/vuln-info 2012-06-16 15:43:52 -05:00
HD Moore 6dd8fd2e05 Move the cache rebuild into a background job 2012-06-16 15:41:37 -05:00
sinn3r 931f24b380 Merge branch 'php_apache_request_headers_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-php_apache_request_headers_bof 2012-06-16 14:56:45 -05:00
HD Moore 8425c8438d Switch to a MDM/SQL-based module cache 2012-06-16 14:51:09 -05:00
David Maloney 122b34c703 fix missing bock transitions 
the block objects weren't being transitioned over from the class
methods properly, so the callback blocks were never getting processed.
 2012-06-15 14:25:47 -05:00
jvazquez-r7 091b3bbbd9 Added module plus encoder for CVE-2012-2329 2012-06-15 00:29:52 +02:00
HD Moore 8177783681 Merge branch 'master' into feature/vuln-info 2012-06-14 16:21:51 -05:00
HD Moore e2c1657eb4 Adds a block callback to work with the replicant 
module instance prior to it being launched.
 2012-06-14 16:21:06 -05:00
HD Moore e59b33fc76 Incorporate egypt's feedback 2012-06-14 10:43:09 -05:00
Tod Beardsley bffb3571c2 Adding URL ref for db_autopwn deprecation message 2012-06-14 09:53:59 -05:00
James Lee 2683bb0ba7 Add deprecation warnings for old commands 
This should hopefully cut down a bit on support requests from people
asking about old commands  they read about in _Metasploit: The
Penetration Tester's Guide_
 2012-06-14 09:44:38 -05:00
HD Moore 03b29fff68 Merge up the latest, does not automaticlly load 
the module tree into the database right now.
 2012-06-14 04:35:43 -05:00
HD Moore a6070f8584 Tweak schema (type gets mangled by AR), add caching routine 2012-06-14 03:27:36 -05:00
HD Moore cc56f43532 Merge in new MDM with corrected relationships 2012-06-14 00:24:21 -05:00
HD Moore 65686824e0 Merge in the MDM with module tables 2012-06-13 21:59:55 -05:00
HD Moore 554defa9c0 Merge MDM changes to fix the vuln refs relationship 2012-06-13 20:43:30 -05:00
HD Moore 8f448c9159 Merge MDM 2012-06-13 14:06:12 -07:00
HD Moore 9351e3ab25 MDM update to support fusion import 2012-06-13 14:02:40 -07:00
David Maloney 08cbd87541 Default mime-types to octet-stream 2012-06-13 14:48:58 -05:00
HD Moore de45630092 Merge branch 'master' into feature/vuln-info 2012-06-12 15:36:16 -05:00
Jeff Jarmoc e820d23f73 Cleanup whitespace 2012-06-12 15:32:50 -05:00
HD Moore 374b5b86f7 Merge branch 'master' into feature/vuln-info 2012-06-12 15:24:50 -05:00
Tod Beardsley 3756a5031f Adding carrierwave to metasploit's gemcache. 2012-06-12 14:47:50 -05:00
HD Moore 6290bba71b Merge branch 'master' into feature/vuln-info 2012-06-12 12:41:41 -05:00
Michael Schierl 34ecc7fd18 Adding @schierlm 's AES encryption for Java 
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.

Squashed commit of the following:

commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date:   Wed Apr 4 00:45:24 2012 +0200

    Do not break other architectures
    even when using `setg AESPassword`

commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:50:42 2012 +0200

    binaries

commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:49:10 2012 +0200

    Add AES support to Java stager

    This is compatible to the AES mode of the JavaPayload project.

    I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
    is not the supposed way, but it works :-)
 2012-06-11 16:13:25 -05:00
HD Moore bbd500aca9 Show a stack trace in auxiliary timeouts [ temp ] 2012-06-11 01:40:57 -05:00
HD Moore d975d1a236 Add counter caches for host_details, vuln_details, vuln_attempts 2012-06-10 17:15:53 -05:00
David Maloney fc0dc23752 Some handling around empty elements 2012-06-10 17:04:47 -05:00
David Maloney a20c85a655 Remove binding.pry call 2012-06-10 17:01:31 -05:00
David Maloney f9999a3033 Add FusiuonVM Importer 
This adds a nokogiri stream parser for XML reports from
Critical Watch's FusionVM.
 2012-06-10 16:38:28 -05:00
HD Moore 4f55452153 This adds import/export support for vuln_attempts 2012-06-10 12:50:59 -05:00
HD Moore 9dcb3059f8 MDM update 2012-06-10 03:46:58 -05:00
HD Moore 7c8cb2d79e Add vuln_attempts, track exploit attempts when a matching vuln exists. 
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
 2012-06-10 03:15:48 -05:00
HD Moore 55bdbb6ec9 Merge branch 'master' into feature/vuln-info 2012-06-09 01:37:11 -05:00
HD Moore e840f7e9ee Add additional host detail columns and parsers 2012-06-09 00:43:03 -05:00
HD Moore dabda58f17 Import host_details and vuln_details now 2012-06-08 23:27:02 -05:00
HD Moore 465998bc17 Export host_details and vuln_details, add missing refs to db_export 2012-06-08 22:55:55 -05:00
HD Moore 376aaa410b Fix tag deuplication and reset after each vuln properly 2012-06-08 22:55:37 -05:00
James Lee 1be9ce8649 Fixes command parsing in Post::Common 
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
 2012-06-07 22:24:59 -06:00
HD Moore d393dbb28f MDM update 2012-06-07 21:27:41 -05:00
HD Moore 49b3c9b0e8 More cleanup related to vuln schema 2012-06-07 04:42:16 -05:00
HD Moore 42c3bedfad Merge MDM, add migrations, tweak report_vuln 2012-06-07 00:40:26 -05:00
James Lee a2751e3ccd Rdoc fixes 2012-06-06 17:04:54 -06:00
Joe Vennix a20cec75cc Rollback activerecord to 3.2.2 to prevent asset inclusion issues. 2012-06-06 11:08:39 -05:00
James Lee fc7293baae Arguments have to be joined with a space 
Fixes cmd_exec() calls with more than one argument
 2012-06-04 18:12:45 -06:00