62be638258
Add 'Auto' to tcp.rb as well.
2014-10-15 16:01:42 -05:00
3a9c2f95c9
Add magic encoding to new files
2014-10-15 14:23:34 -05:00
2986031db5
Move SMBServer into its own file
2014-10-15 14:22:23 -05:00
1064488ada
Whitespace
2014-10-15 14:21:39 -05:00
9456506e3d
Merge branch 'master' into feature/MSP-11124/msf-dbmanager-reorg
...
MSP-11124
2014-10-15 14:08:55 -05:00
1f7ad1cac9
unserialize_object -> Msf::DBManager::Import::MetasploitFramework
...
MSP-11124
2014-10-15 14:03:18 -05:00
bed98fe43b
nils_for_nulls -> Msf::DBManager::Import::MetasploitFramework
...
MSP-11124
2014-10-15 13:59:03 -05:00
fcd9b4b293
Allow non-SSLv3 Meterpreters (auto-negotiate)
2014-10-15 13:57:51 -05:00
ac30990177
Move libpcap helpers to Libpcap module
...
MSP-11124
2014-10-15 13:55:24 -05:00
7aed88f11b
Extract Msf::DBManager::Import::Report
...
MSP-11124
2014-10-15 13:51:57 -05:00
cb3a4afac5
Typo: request -> requested in message
2014-10-15 13:48:22 -05:00
e5e051c905
Extract Msf::DBManager::Import::Wapiti
...
MSP-11124
2014-10-15 13:42:54 -05:00
e65a386d3d
Extract Msf::DBManager::Import::Spiceworks
...
MSP-11124
2014-10-15 13:37:35 -05:00
7516512650
Raise an ArgumentError vs RuntimeError for backwards compatibility
2014-10-15 13:30:38 -05:00
a762d871bf
Autonegotiate SSL/TLS versions when not explicit
2014-10-15 13:26:40 -05:00
dfe690ac52
Extract Msf::DBManager::Import::Retina
...
MSP-11124
2014-10-15 13:23:12 -05:00
8af280b1cb
Extract Msf::DBManager::Import::Outpost24
...
MSP-11124
2014-10-15 13:16:11 -05:00
eff95221da
Order methods
...
MSP-11124
2014-10-15 13:14:20 -05:00
cf555e2390
Extract Msf::DBManager::Import::OpenVAS
...
MSP-11124
2014-10-15 13:11:49 -05:00
5d6044786a
Extract Msf::DBManager::Import::Nmap
...
MSP-11124
2014-10-15 13:06:28 -05:00
cf3a3a0d65
Move nexpose requires to appropriate module
...
MSP-11124
2014-10-15 12:54:30 -05:00
16f143c2ed
Extract Msf::DBManager::Import::Nikto
...
MSP-11124
2014-10-15 12:51:16 -05:00
e64a14c748
Extract Msf::DBManager::Import::Nexpose::Simple
...
MSP-11124
2014-10-15 12:40:04 -05:00
c4d1a4c7dc
Revert #4022 , as the solution is incomplete
...
Revert "Land 4022, datastore should default TLS1 vs SSL3"
This reverts commit 4c8662c6c10937f32ff9
2014-10-15 12:32:08 -05:00
2b861f91e9
Extract Msf::DBManager::Import::Nexpose::Raw
...
MSP-11124
2014-10-15 11:59:03 -05:00
c371eab26a
Extract Msf::DBManager::Import::Netsparker
...
MSP-11124
2014-10-15 11:46:38 -05:00
a73b0e2283
Move requires for nessus parses to appropriate module
...
MSP-11124
2014-10-15 11:42:00 -05:00
b43035145d
Move nessus helper function to closest module
...
MSP-11124
2014-10-15 11:39:23 -05:00
aae6dc9066
Extract Msf::DBManager::Import::Nessus::XML::V*
...
MSP-11124
Extract different versions of Nessus XML format.
2014-10-15 11:34:37 -05:00
a0494b2eeb
Extract Msf::DBManager::Import::Nessus::XML
...
MSP-11124
2014-10-15 11:27:23 -05:00
0c861848bc
Extract Msf::DBManager::Import::Nessus::NBE
...
MSP-11124
2014-10-15 11:21:26 -05:00
d0d0c478aa
Extract Msf::DBManager::Import::MetasploitFramework::Credential
...
MSP-11124
2014-10-15 11:12:13 -05:00
46a2c47dfe
Extract Msf::DBManager::Import::MetasploitFramework::Zip
...
MSP-11124
2014-10-15 10:59:41 -05:00
1754b23ffb
Datastore options should default to TLS1, not SSL3
...
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)
Squashed commit of the following:
commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:19:04 2014 -0500
Whoops missed one
commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:16:59 2014 -0500
Other datastore options also want TLS1 as default
commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:12:06 2014 -0500
TCP datastore opts default to TLS1
Old encryption is old. See also: POODLE
2014-10-15 10:28:53 -05:00
65885c8cc8
MsfXml -> MetasploitFramework::XML
...
MSP-11124
2014-10-15 10:25:42 -05:00
ac9a593b43
import_msf_file -> Msf::DBManager::Import::MsfXml
...
MSP-11124
2014-10-15 10:02:42 -05:00
d870188377
Extract Msf::DBManager::Import::MBSA
...
MSP-11124
2014-10-15 09:54:03 -05:00
f29408680f
Extract Msf::DBManager::Import::Libpcap
...
MSP-11124
2014-10-15 09:48:23 -05:00
44968400e9
Extract Msf::DBManager::Import::IPList
...
MSP-11124
2014-10-15 09:42:11 -05:00
e5236e9b56
Extract Msf::DBManager::Import::FusionVM
...
MSP-11124
2014-10-15 09:36:29 -05:00
2e85dc910a
Extracts Msf::DBManager::Import::Foundstone
...
MSP-11124
2014-10-15 09:27:53 -05:00
68a1ebd2fb
Extract Msf::DBManager::Import::CI
...
MSP-11124
2014-10-15 09:23:08 -05:00
8d628c221b
Extract Msf::DBManager::Import::Burp
...
MSP-11124
2014-10-15 09:16:57 -05:00
f42307a6ff
Extract Msf::DBManager::Import::Appscan
...
MSP-11124
2014-10-15 09:12:38 -05:00
dcac8a45ee
Extract Msf::DBManager::Import::Amap
...
MSP-11124
2014-10-15 09:06:03 -05:00
07f2d4dafe
Further improvements to NAT-PMP. Faster, more useful, less not useful
2014-10-15 06:39:38 -07:00
6cf62765de
Default to TLSv1 for RPC connections
2014-10-15 01:20:43 -05:00
5434996969
Move TcpServer into its own file
2014-10-14 18:43:40 -05:00
ea6824c46f
WIP of NAT-PMP rework
2014-10-14 14:20:24 -07:00
a00d039796
Move require for IP360 XML parser
...
MSP-11124
2014-10-14 16:18:47 -05:00
599bcc33a9
Extract Msf::DBManager::Import::IP360::V3
...
MSP-11124
2014-10-14 16:16:47 -05:00
e68aaa4226
Don't disclose empty disclosure dates
...
For rapid7#4015
2014-10-14 16:02:23 -05:00
81c18c96ee
Extract Msf::DBManager::Import::IP260::ASPL
...
MSP-11124
2014-10-14 15:58:43 -05:00
6c0f549abb
Extract Msf::DBManager::Import::Acunetix
...
MSP-11124
2014-10-14 15:40:29 -05:00
0c10b5a859
Extract #handle_qualys to Msf::DBManager::Import::Qualys
...
MSP-11124
2014-10-14 15:32:22 -05:00
11bcac8a4e
Extract Msf::DBManager::Import::Qualys::Scan
...
MSP-11124
2014-10-14 15:19:55 -05:00
f612c8cd3e
Add disclosure date to info
2014-10-14 15:15:24 -05:00
fdd79e64c3
Land #4010 , ReverseAllowProxy clarification
2014-10-14 15:10:50 -05:00
e010d70913
No need for that bool option
2014-10-14 14:59:57 -05:00
bf0a5d038e
Add an animation to comfort the user
...
Sometimes msfconsole takes a little while to start.
This adds a fairly common ASCII spinner to the startup sequence.
I haven't spec'ed it, and the code organization isn't great, so consider
this PR more of a cry for help than something immediately landable.
That said, it works for me.
2014-10-14 14:54:45 -05:00
5c4f61057f
Show available actions for info
2014-10-14 12:41:02 -05:00
70d1eefaa9
Update reverse_tcp.rb
...
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:
>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
2014-10-14 11:24:59 +01:00
1f49f767dc
Extract Msf::DBManager::Import::Qualys::Asset
...
MSP-11124
2014-10-13 16:06:15 -05:00
a7d1577494
ImportMsfXml -> Import::MsfXml
...
MSP-11124
2014-10-13 15:46:13 -05:00
87825d40b1
Fix migration.rb loading
...
MSP-11124
2014-10-13 15:39:15 -05:00
b8ea44235b
Remove nesting in Msf::DBManager::ImportMsfXml
...
MSP-11124
Don't use nested modules to prevent Msf::DBManager::ImportMsfXml from
being the declaring location for Msf::DBManager.
2014-10-13 15:37:16 -05:00
ef04261686
Fix indentation in Msf::DBManager
...
MSP-11124
2014-10-13 15:26:19 -05:00
c6ea3a3880
Distribute requires to where they are needed
...
MSP-11124
Push requires down to the Msf::DBManager mixins that actually need them.
2014-10-13 15:24:56 -05:00
4371254dd2
Reorder remaining code in Msf::DBManager
...
MSP-11124
2014-10-13 15:13:28 -05:00
2dd925c18c
Move add_rails_engine_migration_paths to Msf::DBManager::Migration
...
MSP-11124
2014-10-13 15:01:14 -05:00
1dfaba1884
Remove nesting in Msf::DBManager::Migration
...
MSP-11124
To prevent migration.rb as counting as the definer of `Msf::DBManager`.
2014-10-13 14:56:08 -05:00
bc4d2ff152
Extract Msf::DBManager::Adapter
...
MSP-11124
Extract methods related to setting up the adapter/driver(s).
2014-10-13 14:49:26 -05:00
930b020211
Extract Msf::DBManager::Connection
...
MSP-11124
Extract methods that connect, disconnect and show status of connection
to database.
2014-10-13 12:07:13 -05:00
f472411c8c
Extract Msf::DBManager::Web
...
MSP-11124
Extract `Mdm::Web*` methods.
2014-10-13 11:59:39 -05:00
5067e43ac1
Extract Msf::DBManager::VulnAttempt
...
MSP-11124
Extract `Mdm::VulnAttempt` methods.
2014-10-13 11:32:15 -05:00
e7e12ec6a5
Extract Msf::DBManager::Route
...
MSP-11124
Extract `Mdm::Route` methods.
2014-10-13 11:23:37 -05:00
8011187aa9
Extract Msf::DBManager::SessionEvent
...
MSP-11124
Extract `Mdm::SessionEvent` methods.
2014-10-13 11:13:39 -05:00
1f86712d63
Extract Msf::DBManager::HostTag
...
MSP-11124
Extract `Mdm::HostTag` method.
2014-10-13 11:00:36 -05:00
1811d4e58f
Extract Msf::DBManager::Session
...
MSP-11124
Extract methods related to `Mdm::Session`s.
2014-10-13 10:50:11 -05:00
f16b3f05b4
Extract Msf::DBManager::HostDetail
...
MSP-11124
Extract method related to `Mdm::HostDetail`s.
2014-10-13 10:15:14 -05:00
87ee06b792
Extract Msf::DBManager::Ref
...
MSP-11124
Extract methods related to `Mdm::Ref`s.
2014-10-13 10:06:37 -05:00
5668a2820e
Move #report_artifact to Msf::DBManager::Report
...
MSP-11124
2014-10-13 10:00:19 -05:00
43c9909636
Extract Msf::DBManager::VulnDetail
...
MSP-11124
Extract methods related to `Mdm::VulnDetail`s.
2014-10-13 09:54:38 -05:00
f42f8e106a
Extract Msf::DBManager::ExploitAttempt
...
MSP-11124
Extract methods that create `Mdm::ExploitAttempt`s.
2014-10-13 09:41:32 -05:00
e0f76a7517
Extract Msf::DBManager::Task
...
MSP-11124
Extract methods related to `Mdm::Task`s.
2014-10-13 09:28:48 -05:00
90b50339c3
Extract Msf::DBManager::Report
...
MSP-11124
Extract methods related to the obsolete `Mdm::Report`. These methods
should be deleted, but since this branch is just for moves, I won't
delete them now.
2014-10-13 09:19:39 -05:00
9632c83cde
Extract Msf::DBManager::Event
...
MSP-11124
Extract methods related to `Mdm::Event`s.
2014-10-13 09:05:10 -05:00
89d588272e
Extract Msf::DBManager::Client
...
MSP-11124
Extract methods related to `Mdm::Client`s.
2014-10-13 08:27:09 -05:00
458da2bca4
Land #3988 , @wchen-r7's fix for #3985 , a lack of logging for 'check'
2014-10-12 18:46:35 -07:00
96be53dcf1
Land #3962 - Show selected action
2014-10-12 14:02:40 -05:00
a04ad3aa8c
Update print_error to reflect new usage
2014-10-10 14:38:26 -05:00
26743b4c38
Rewrite existing code to use HasActions
...
And fix a bug in the initial use case where mod.action was dropped.
2014-10-10 14:35:54 -05:00
7e7e0259e4
Fix tab completion for post actions
2014-10-10 12:24:23 -05:00
238a30a769
Update print_error to include post modules
2014-10-10 12:12:43 -05:00
f8d6af6d4e
Rescuing from JSON Parse
...
Previous code was not using any sort of exception handling
for parsing the response body. I have added a rescue block
for JSON errors to remedy this problem.
2014-10-10 12:41:11 +00:00
48d2343152
Fix #3985 - check command should elog
2014-10-10 01:06:37 -05:00
472985a8a8
Adding Buffalo Linkstation NAS Login Scanner
...
I have added a login scanner for the Buffalo Linkstation
NAS. I have been testing against version 1.68 of the
firmware. Also included are some specs for this module.
2014-10-10 03:16:48 +00:00
08aee23966
Extract Msf::DBManager::Vuln
...
MSP-11124
Extract all methods related to `Mdm::Vuln`s from `Msf::DBManager`.
2014-10-09 15:47:34 -05:00
2fa02f5c44
Extract Msf::DBManager::Note
...
Extract all methods related to `Mdm::Note`s.
2014-10-09 15:29:07 -05:00
0bc71ecd24
Extract Msf::DBManager::Loot
...
MSP-11124
2014-10-09 15:15:40 -05:00
cb9bdd96c7
Extract Msf::DBManager::Import
...
MSP-11124
Extract all methods dealing with imports.
2014-10-09 14:51:24 -05:00
d18dcf5961
Extract Msf::DBManager::ExploitedHost
...
MSP-11124
Extract methods related to `Mdm::ExploitedHost`s.
2014-10-09 12:54:04 -05:00
a535d236f6
Land #3947 , login scanner for jenkins by @nstarke
2014-10-09 12:59:02 -04:00
ceba04d556
Extract Msf::DBManager::Cred
...
MSP-11124
Extract methods related to `Mdm::Cred`s.
2014-10-09 11:41:04 -05:00
0284edf430
Extract Msf::DBManager::Service
...
MSP-11124
Extract methods related to `Mdm::Service`s.
2014-10-09 11:31:29 -05:00
0cfac32290
Extract Msf::DBManager::Host
...
MSP-11124
Extract methods related to `Mdm::Host`s.
2014-10-09 11:11:36 -05:00
bb26f4f303
Extract Msf::DBManager::Wmap
...
MSP-11124
Extract methods that are commented as related to WMAP.
2014-10-09 10:13:34 -05:00
b0147c994a
Extract Msf::DBManager::IPAddress
...
MSP-11124
Extract the IP address validation methods to
`Msf::DBManager::IPAddress`.
2014-10-09 09:35:19 -05:00
3a96ae9be9
Move #match_values to Msf::DBManager::ModuleCache
...
MSP-11124
`#match_values` is only used in `#search_modules`, so `#match_values`
should be grouped with `#search_modules` in
`Msf::DBManager::ModuleCache`.
2014-10-09 09:18:03 -05:00
d4a94366a6
Extract Msf::DBManager::ModuleCache
...
MSP-11124
Extract methods related to the module cache state and maintenance to
`Msf::DBManager::ModuleCache`.
2014-10-09 08:53:41 -05:00
ee0de997d5
Extract Msf::DBManager::Workspace
...
MSP-11124
Gather together all workspace related methods into
`Msf::DBManager::Workspace` and include it in `Msf::DBManager`.
2014-10-08 15:46:35 -05:00
a64036f6cf
Move Msf::DBManager#sync to Msf::DBManager::Sink
...
MSP-11124
The comment on `#sync` says it's related to `sink`, so move it into its
Module.
2014-10-08 15:38:56 -05:00
a054259ee5
Extract Msf::DBManager::Sink
...
MSP-11124
Extract attributes and methods associated with the deprecated sink.
2014-10-08 15:26:28 -05:00
1d766ba95b
Rename dump_auxiliary_action{,s}
...
To dump_module_action{,s} to accommodate post modules, etc.
2014-10-08 14:49:14 -05:00
f30309fe81
Land #3919 , @wchen-r7's Fixes #3914 , Inconsistent unicode names
2014-10-08 14:46:14 -05:00
f6a9cfcc52
Break away the elsif into a separate if
...
In case exploits support actions for some crazy reason in the future.
2014-10-08 14:30:41 -05:00
15f9461279
Merge db.rb into db_manager.rb
...
MSP-11124
The class name is DBManager, so the correct file name is db_manager.rb
2014-10-08 14:27:22 -05:00
cffc74d571
Extract Msf::DBImportError
...
MSP-11124
2014-10-08 14:14:35 -05:00
b2ba6e7ae1
Make the code more maintainable
...
Despite the code around it.
Thanks for the advice, @jlee-r7!
2014-10-08 14:14:28 -05:00
7a5ce19735
Fix code style
...
MSP-11124
Fix comment style and order methods.
2014-10-08 14:07:05 -05:00
6824515949
Fix indentation and whitespace in Msf::DatabaseEvent
...
MSP-11124
2014-10-08 14:04:21 -05:00
2206a86387
Extract Msf::DatabaseEvent
...
MSP-11124
Extract `Msf::DatabaseEvent` from `lib/msf/core/db.rb` into a more
conventional `lib/msf/core/database_event.rb`.
2014-10-08 14:01:58 -05:00
dbc199ad77
space after commas
2014-10-08 13:56:59 -05:00
6b3d70ce00
Fix code style in Msf::ServiceState
...
MSP-11124
2014-10-08 13:52:42 -05:00
46156fbbc6
Fix indentation in Msf::ServiceState
...
MSP-11124
2014-10-08 13:50:26 -05:00
57d9dc306c
Extract Msf::ServiceState
...
MSP-11124
Extract Msf::ServiceState from `lib/msf/core/db.rb` and put it into
`lib/msf/core/service_state.rb`.
2014-10-08 13:45:15 -05:00
c0ef2c7938
Support post modules
...
I kinda hate this code.
TODO: Get rid of and/or and the extra parens.
2014-10-08 13:23:50 -05:00
0708ac1361
Fix comment style in Msf::HostState
...
MSP-11124
2014-10-08 11:47:04 -05:00
5ecd194a0d
Fix indent in Msf::HostState
...
MSP-11124
2014-10-08 11:43:28 -05:00
6e6780da86
Split Msf::HostState into own file
...
MSP-11124
2014-10-08 11:37:59 -05:00
a8b5bf4625
Show selected auxiliary action
2014-10-07 14:34:41 -05:00
eed0958de5
Fixing Comment
...
Comment was incorrect and needed to be fixed.
2014-10-07 11:28:40 -05:00
0ec855cd07
Add debug log for ARCH_CMD encoder results
2014-10-06 22:34:09 -05:00
b8c2643d56
Converting Module to LoginScanner w/ Specs
...
The previous commits for this Jenkins CI module relied on an
obsolete pattern. Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
260e829a59
Fix PayloadGenerator to have platform into account, so msfvenom works as expected
2014-10-06 19:20:59 -05:00
0089810026
Merge to update
2014-10-06 19:09:31 -05:00
3329aa68ad
Fix baffling comment
...
See 9d759146
2014-10-06 18:55:52 -05:00
212762e1d6
Delete RequiredCmd for unix cmd encoders, favor EncoderType
2014-10-06 18:42:21 -05:00
e9f341fd6c
Rename to more intention-revealing name
2014-10-06 16:33:21 -05:00
41e41e2f49
Fix typo that caused encoding to ignore saved regs
2014-10-06 16:24:50 -05:00
17f278effd
Fix #3822 - Support file:// syntax for check()
2014-10-06 13:37:14 -05:00
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
097d2bfbb5
Land #3922 : Metasploit Park banner
2014-10-03 16:32:56 -05:00
d048bb7725
Add some color to the msfpark banner
...
It looks kind of naked without some color compared to all the other
banners.
2014-10-03 14:52:54 -05:00
f2fc0d88ef
Lands #3943 , changes to engine require
2014-10-03 14:26:50 -05:00
0bb4eac259
Rename the method for optional requires
...
MSP-11412
2014-10-03 14:06:13 -05:00
88cbf22ef0
Optionally require mdm, as well
...
MSP-11412
2014-10-03 13:49:39 -05:00
f7e709dcb3
Land #3941 , new WPVDB reference
2014-10-03 10:17:02 -05:00
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
6f50ef581c
Land #3935 - Fix SNMP scanners on OS X/FreeBSD
2014-10-02 16:38:36 -05:00
6d7870a4ac
Land #3934 - New :vuln_test option to BES
2014-10-02 16:31:50 -05:00
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
dabec92e61
Ensure require of metasploit/credential/engine is optional
2014-10-02 14:46:56 -05:00
7ed1977d0b
Specific require all metasploit gem dependencies' engines
...
MSP-11412
2014-10-02 14:20:10 -05:00
0820a4fe6a
Land #3933 - Fix cmd_exec with Python Meterpreter on OS X
2014-10-02 13:48:19 -05:00
0dfd8e25b8
Land #3846 , Rex::ImageSource specs
2014-10-02 12:33:56 -05:00
7861b17e16
Use write() to fix SNMP on osx/freebsd.
2014-10-02 09:15:43 -05:00
6571213f1c
Remove un-truthy doc string.
2014-10-01 23:41:02 -05:00
5a8eca8946
Adds a :vuln_test option to BES, just like in BAP.
...
I needed this to run a custom JS check for the Android
webview vuln when the exploit is served straight
through BES. The check already existed when using BAP,
so I tried to preserve that syntax, and also added a
:vuln_test_error as an optional error message.
This commit also does some mild refactoring of un-
useful behavior in BES.
2014-10-01 23:34:31 -05:00
b1b8cba4c5
Rescue an IOError on channel double-close.
...
This was causing output from python meterpreter
commands run on OSX to be discarded when the error
was raised, making cmd_exec not-so-useful.
2014-10-01 22:35:41 -05:00
5cb016c1b1
Use Match constant in BES as well
2014-10-01 16:17:13 -05:00
a75d47aad9
Use yardoc for new methods
...
Also substitute '&&' for 'and', and fix some whitespace
2014-10-01 16:02:33 -05:00
6d07dffa6c
Fix a typo that was preventing WAR deletion
...
I made a typo while refactoring jboss_deploymentfilerepository. This
typo was preventing the WAR payload to be removed after its execution.
2014-10-01 18:04:21 +02:00
909ac522d1
Add metasploit-park.txt banner to msfconsole
...
Obviously a homage to Jurassic Park. :)
2014-09-30 16:28:23 -05:00
1e2d860ae1
Fix #3914 - Inconsistent unicode names
2014-09-30 12:19:27 -05:00
7163b8c55a
Fixes #3915 - NoMethodError private method `rhost'
...
There's no self.rhost, but rhost is defined
2014-09-30 11:34:16 -05:00
47507e1ff1
Slight modifications to pass msftidy
2014-09-29 23:59:12 +02:00
9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits
2014-09-29 11:15:14 -05:00
8fa666b75d
Verbose messages on why a connection is closed
2014-09-28 17:41:21 -07:00
7125a9f047
Added YARD doc to the mixin
...
Also make a slight correction on jboss_deployementfilerepository.rb to
handle nil responses.
2014-09-28 19:44:37 +02:00
d5959d6bd6
Land #2585 , Refactor Bypassuac with Runas Mixin
2014-09-28 09:24:22 +01:00
e14dd9900b
Land #3896 , Change Max LOGLEVEL to 3
2014-09-28 09:18:29 +01:00
67c25c20ca
Land #3357 , Run Local Exploits in AutoRunScript
2014-09-28 09:12:26 +01:00
3fc57109e6
Dont rescue Exception
2014-09-28 09:12:03 +01:00
ae82ebc734
Change max LogLevel to 3
...
There is no such thing as a LogLevel 5.
2014-09-26 14:20:47 -05:00
e1f00a83bc
Fix Rex because domainname and domain_name were duplicated
2014-09-26 13:40:52 -05:00
a31b4ecad9
Merge branch 'review_3893' into test_land_3893
2014-09-26 08:41:43 -05:00
86f85a356d
Add DHCP server module for CVE-2014-6271
2014-09-26 01:24:42 -05:00
52ffddd639
Adds domain and url options to DHCP/PXE server, lands #3889
...
There are serious style and code quality issues with this class and normally I would push for a full refactor, but given the urgency of delivering DHCP functionality to support the bash issues, we will have to refactor the DHCP Server code another day.
2014-09-25 22:43:51 -05:00
bdac82bc7c
Fix lib/msf/core/exploit/dhcp.rb
2014-09-25 22:18:26 -03:00
5dde73bb51
Add domain name and url options to DHCP server
2014-09-25 19:58:42 -03:00
2b02174999
Yank Android->jsobfu integration. Not really needed currently.
2014-09-25 16:00:37 -05:00
b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu.
2014-09-24 16:05:00 -05:00
02d202dd44
Refactor Jboss mixin
...
Use send_request_cgi and vars_get
rand_text_alpha -> Rex::Text.rand_text_alpha
2014-09-24 22:41:58 +02:00
919eec250d
Refactor auto_target from Jboss mixin
...
Removed fail_with and targets from the mixin.
2014-09-24 22:15:32 +02:00
5d234c0e01
Pass #send in this so jsobfu is not confused.
2014-09-24 15:07:14 -05:00
650b65250f
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
2014-09-22 11:51:10 -07:00
4e9f1282de
Land #3834 , @jabra-'s updates to UDPscanner to support spoofing
2014-09-22 11:49:53 -07:00
e86b18cdd4
Add sanity check for NUM_REQUESTS
2014-09-22 11:48:39 -07:00
a677749f5b
Add specs for #read_asciiz and fix bugs there
2014-09-22 12:14:21 -05:00
f61afe2598
Merge branch 'master' into bug/MSP-11368/boot-profiling
...
MSP-11368
2014-09-22 10:00:07 -05:00
ebacb26e51
Land #3838 , msfvenom badchar fix
2014-09-22 03:08:57 -05:00
d9e6f2896f
Add the JSObfu mixin to a lot of places.
2014-09-21 23:45:59 -05:00
e1cfc74c32
Move jsobfu to a mixin
2014-09-21 00:39:04 -05:00
cd037466a6
upate doc
2014-09-20 23:40:47 -05:00
9191af6241
Update js_obfuscate
2014-09-20 23:38:35 -05:00
a9420befa4
Default to 0
2014-09-20 21:39:20 -05:00
046045c608
Chagne option description
2014-09-20 21:38:57 -05:00
fd5aee02d7
Update js_obfuscate
2014-09-20 21:36:17 -05:00
7bab825224
Last changes
2014-09-20 18:39:09 -05:00
135bed254d
Update BrowserExploitServer for JSObfu
2014-09-20 17:59:36 -05:00
d9a713b415
Decode the badchars string correctly.
2014-09-20 17:48:03 -05:00
cd8b1318e0
send data based on input not @probe
2014-09-20 15:18:58 -04:00
3fb00ece9e
refactored the code based on PR feedback
2014-09-20 14:10:00 -04:00
d52236fe05
Land #3835 - JSObfu to a gem
2014-09-20 01:38:45 -05:00
8e1b00ce95
Adds JSObfu.disabled for spec stubbing, fixes BES specs.
2014-09-19 20:42:05 -05:00
0f4be63903
Move JSObfu a gem then pull it into the Rex namespace.
2014-09-19 19:10:39 -05:00
5884cbc196
Optimize skip logic in #update_all_module_details
...
MSP-11368
Use `Hash<String, Set<String>>` instead of `Array<(String, String)>` so
that `include?` call is faster because (1) it's only search through
reference names of the same module_type and (2) `Set#include?` is faster
than `Array#include?`. This change is a 8.20% average reduction in boot
time compare to b863978028b5c3c87790https://docs.google.com/spreadsheets/d/1TnZIUFIR1S5nCnkeM-7XR3AVSbyCl39x2mItJKJCOqg/edit?usp=sharing
and data at
https://drive.google.com/folderview?id=0Bx1hRHfpRW92VEFvQ2FaN3RoWWs&usp=drive_web
2014-09-19 15:34:10 -05:00
b16085baa6
Land #3244 , @dmaloney-r7's fix for integer comparisions on metasm
2014-09-19 15:31:37 -05:00
8b5a146067
Wrap Array#include? usage
...
MSP-11368
Wrap skipped.include? call to confirm it is the culprit for
Array#include? inside of with_connection in profile.
2014-09-19 14:38:12 -05:00
c216cf8c53
added spoofing capabilities to udp_scanner
2014-09-19 10:29:05 -04:00
b863978028
Remove fastlib
...
MSP-11368
MSP-11143
Remove fastlib as it slows down the code loading process. From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10). The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10). This means an average 35.67%
reduction in boot time.
2014-09-18 15:24:21 -05:00
4bd14ed5ea
Uses a hash for options as opposed to numerous methods on blob
2014-09-17 14:11:37 -04:00
5ff4a55cd2
smb connection error not setting result properly
...
if the initial connection from the SMB LoginScanner fails
it wouldn't set the target information on the result. this could cause
smb_login to throw a stack trace when it calls invalidate_login
2014-09-16 15:24:14 -05:00
e5aa5c4014
missing postgres rescues
2014-09-16 15:04:07 -05:00
169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner)
2014-09-16 14:51:24 -05:00
4c3c8e5337
Land #3795 , various LoginScanners shored up
2014-09-16 13:55:26 -05:00
b028424152
Land #3752 - add "show missing"
2014-09-16 13:45:13 -05:00
aeed66b694
missing mysql rescue
2014-09-16 13:41:03 -05:00
d708de07a3
return the lgoinscanner class name in an invalid exception
...
when a loginScanner throws an Invalid exception , the message
will now include the classname of the Scanner that threw it.
2014-09-16 13:24:08 -05:00
6decd3cbd2
fix exceptions thrown in telnet loginscanner too
2014-09-16 10:09:59 -05:00
29eb3ebf86
Fix up the StageEncodingFallback logic and error handling
2014-09-15 21:56:35 -05:00
3c11251432
Mitigates excessive use of lookup operator (hopefully adds clarity)
2014-09-15 17:05:54 -04:00
bf8f7221c7
rescue exceptions in check_setup
2014-09-15 13:52:17 -05:00
7d4c4c3658
Land #3699 , @dmaloney-r7's ipboard login refactor
2014-09-15 08:29:42 -05:00
9cbc7e46a3
Fix suggested stuff
...
https://github.com/hmoore-r7/metasploit-framework/pull/2
2014-09-15 09:47:06 +02:00
e55dab3914
Refactored expiration and timeout logic in client_core.rb
2014-09-15 01:01:23 -04:00
c71428be50
Choose fallback if stage encoding fail
2014-09-13 13:56:54 +02:00
6bd3675f03
Land #3680 , add specs for Rex::MIME
2014-09-13 00:34:39 -05:00
6a2a85d2c4
Land #3789 , adds specs for Rex::Proto::Http::Packet::Header
...
orts
2014-09-13 00:21:43 -05:00
917a7ffa1e
Add specs for valid IPBoard application
2014-09-12 16:08:03 -05:00
b80519dc16
Lands #3779 , specs
...
MSP-11343
Merge specs that I missed during last merge.
2014-09-12 14:49:26 -05:00
f68628c487
Add minimal specs for rex/proto/http/packet/header
2014-09-12 14:30:27 -05:00
12e3cb3c6a
Land #3764 - Add specs for Rex::Encoder::NonAlpha
2014-09-12 12:09:55 -05:00
2977e8e102
Add msfcli (M)issing
2014-09-12 10:25:13 -05:00
425874315c
Add show missing
2014-09-12 10:23:12 -05:00
0d054d8354
Update with master changes
2014-09-12 09:52:32 -05:00
b8d31891f8
Clean YARD documentation
2014-09-12 09:32:32 -05:00
7485d9172a
Rescue only NoEncodersSucceededError to pass the tests
2014-09-12 13:30:03 +02:00
28e61edef4
Unblock when invalid encoder is selected and allow multiple encoder
2014-09-12 12:48:09 +02:00
ba848c963a
Fix rake when cucumber gem is not present
2014-09-11 22:31:57 -05:00
55519d8867
Land #3781 , my addition of Metasploit::Concern to msf.
2014-09-11 16:57:24 -05:00
706655f755
Land #3779 , Glassfish LoginScanner exception
...
MSP-11343
2014-09-11 15:57:47 -05:00
0ed7f19eb2
Land #3780 , msfelfscan use correct offsets
2014-09-11 15:28:18 -05:00
8654b63c58
Make sure Metasploit::Concern is accessible everywhere.
2014-09-11 14:46:35 -05:00
0663355237
catch connectionreset in ftp login scanner
...
add exception rescue for Errno::ECONNRESET
2014-09-11 14:39:36 -05:00
37e6173d1f
Make Metasploit::Concern a first-class dep.
...
Also adds a Concern hook to HttpServer, so Pro can more
easily change its behavior.
2014-09-11 13:28:45 -05:00
a8e3ff0c0f
Add specs to verify server header matching
2014-09-11 11:42:38 -05:00
9151c2c79d
Add docstrings and avoid multiple returns
2014-09-11 10:50:42 -05:00
20e48a233a
Explicitly set @version to nil if we can't detect
2014-09-11 10:30:52 -05:00
11004ab7c6
typo fix
2014-09-11 16:27:35 +03:00
be0c68d8bb
BUGFIX: wrong imagebase used
2014-09-11 12:33:09 +02:00
88cacd000e
flags for phdr.p_flags added
2014-09-11 12:31:44 +02:00
8aa06b8605
Better api for check_setup
2014-09-10 23:43:54 -05:00
71228b48a0
Update 3 more encoders to be StageEncoder compatible
...
This could probably use some DRY love via a mixin
2014-09-10 20:21:35 -05:00
c1658e5d51
Add a check_setup method
2014-09-10 20:09:46 -05:00
84e4db9035
Don't raise in the middle
...
MSP-11343
This means we don't bomb out with an unhandled exception, instead
continuing attempting logins against the host even though it will never
succeed. Next up: verify state before running scan!()
2014-09-10 20:09:33 -05:00
65287e41cd
Land #3773 - Fix windows cmd redirection in firefox payloads
2014-09-10 13:25:42 -05:00
1bb6573570
Fix windows cmd redirection in ff payloads.
2014-09-10 00:47:05 -05:00
99c9d5a578
Land #3683 , cucumber tests for msfconsole
2014-09-09 21:28:45 -05:00
1b4ceec4f9
Land #3743 - Add specs for Rex::Arch::X86
2014-09-09 17:24:08 -05:00
0a6ce1f305
Land #3727 - SolarWinds Storage Manager exploit AND Msf::Payload::JSP
2014-09-09 17:21:03 -05:00
6c0dae953d
Stage encoding is now SaveRegister aware
2014-09-09 14:21:51 -05:00
b8000517cf
Land #3746 , reinstate DB_ALL_CREDS
2014-09-08 17:24:12 -05:00
b9c8eb70c4
Land #3675 , update copyright on Rex
2014-09-08 16:05:41 -05:00
250b3d227c
Fix the rex.rb header and copyright date
2014-09-08 15:32:13 -05:00
2ac15f2088
some fixes based on Christruncer's feedback
...
fixed some stuff i borked, back to you chris
2014-09-08 15:27:01 -05:00
cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor
2014-09-08 14:48:37 -05:00
11ca383d4f
Add specs for .encode_byte
2014-09-08 14:24:03 -05:00
ef748fdef7
check if database is connected first
...
wooops
2014-09-08 12:54:19 -05:00
09e6c2f51f
Merge branch 'master' into feature/MSP-11162/db-all-creds
2014-09-08 12:52:25 -05:00
16502b831f
Merge branch 'master' of github.com:rapid7/metasploit-framework
2014-09-08 12:45:52 -05:00
b84142715f
rescue mysql host blocked
...
rbmysql can throw an exception if the
server blocked this host due to too many connection errors
2014-09-08 12:45:10 -05:00
ae5a8f449c
Land #3691 , gdbserver hax
2014-09-08 11:48:39 -05:00
b8ba2dd703
Fix timeout with HEAD request in delete_file
2014-09-08 18:34:50 +02:00
cc5b852517
Fixed spec for lib/msf/http/jboss
...
Revert commit abdd72e8c6
2014-09-08 17:42:04 +02:00
283e83028f
Fix problem with HEAD requests
...
Split lib/msf/http/jboss/script into
lib/msf/http/jboss/deployment_file_repository_scripts.rb and
lib/msf/http/jboss/bean_shell_scripts.rb as
2014-09-08 14:02:15 +02:00
5c1d95812c
Add verify_checksum and use it
...
Also fixed a YARD typo.
2014-09-08 02:19:21 -05:00
10bb77af9f
Land #3716 , @wchen-r7's Glassfish LoginScanner update
2014-09-07 21:54:34 -05:00
768b50974f
Redo try_glassfish_3 specs
2014-09-07 21:04:43 -05:00
07238ef7b3
Redo try_glassfish_2 specs
2014-09-07 20:47:54 -05:00
af24e30ae9
Return instead of crashing if no challenge is received
2014-09-06 15:51:50 -05:00
6df7658267
Very small change to the doc
2014-09-06 01:54:52 -05:00
78cf75c4d5
Clean YARD documentation
2014-09-06 00:24:39 -05:00
ce0e7b59f5
Remove WVE and BPS reference identifiers
...
Reasons why they should be gone:
WVE:
* wirelessve.org is down.
* Not a single module uses WVE as a reference
BPS:
* "BreakingPoint" no longer exists
* The URL takes you to a login page to ixia. And there is no point
of referencing something people can't see.
* Not a single module uses BPS as a reference.
2014-09-05 13:28:10 -05:00
b6e04599a7
Fix read_ack to read only the ACK
...
It was reading the response, too. Also removed an extraneous send_ack.
2014-09-05 12:30:59 -05:00
0dcf481d76
This one is good to go
2014-09-04 14:13:33 -05:00
093f488360
add db_all_cred methods to authbrute
...
adds 3 methods to add db_all_creds functionality back to
the loginscanners
2014-09-04 12:20:42 -05:00
28427ccee3
add VHOST and useragent support to loginscanner
2014-09-04 10:59:07 -05:00
4966082de5
Replace 'rescue nil' with DRY-violating versions :(
2014-09-03 23:06:11 -05:00
e1694ec3e5
LoginScanner update for hp_sys_mgmt_login
...
Work in progress
2014-09-03 16:23:57 -05:00
0e18d69aab
Add extended mode to prevent service from dying.
2014-09-03 16:07:27 -05:00
4293500a5e
Implement running exe in multi.
2014-09-03 15:56:21 -05:00
268d42cf07
Add PrependFork to payload options.
2014-09-03 14:56:22 -05:00
61e58dc6d3
Yard doc
2014-09-02 20:48:07 -05:00
954475c0bf
Add rspec and update about secure admin
2014-09-02 20:35:25 -05:00
50e804d9cb
updating how we use cucumber to match lukes changes
2014-09-02 18:57:55 -05:00
a1823b6c1e
Add more specs for Rex::Arch::X86
2014-09-02 18:17:14 -05:00
85c5de07ec
Fix use of datastore['SMBServerIdleTimeout']
2014-09-02 13:47:01 -05:00
6fcc864942
Reduce the chance of file descriptor leaks in SMBServer
...
This patch addresses three observed error conditions in long-running SMB services.
1. A call to get_once() in on_client_data could raise a Timeout exception and bubble all the way up to the dispatcher. This should technically never happen, but gets triggered for zero-byte writes and clients closing their connections. The fix was to handle the exception and lower the timeout. The change was tested with a number of SMB clients to make sure this didn't introduce any regressions.
2. A client could indefinitely keep a connection to the SMB server. The SMB server now disconnects idle clients after 120 seconds of inactivity (configurable).
3. A client could send a large amount of data that was invalid SMB traffic, using up memory as a potential DoS.
Caveats: The idle client sweep occurs every 100 requests or at an interval equal to the idle timeout. A client could fill up the entire connection table on its own, preventing the sweep from occurring by preventing new connections. Fixing this would require a dedicated thread to sweep for idle connections and is a more aggressive attack than this patch is designed to defend against (accidental connection flooding, basically).
2014-09-02 13:29:37 -05:00
0ef71c70d3
s/services/creds
2014-08-31 09:54:49 -07:00
3bb370437c
Returns csv output to creds command
...
commit 82b2c1deae
2014-08-31 08:35:22 -07:00
559ec4adfe
Add module for ZDI-14-299
2014-08-31 01:11:46 -05:00
e1b6ee283f
Allow Msf::Payload::JSP to guess system shell path if it isnt provided
2014-08-30 16:27:02 -05:00
403eae3579
Jboss file deployment repository refactorization
...
Moved lib/msf/http/jboss/bean_shell_script.rb to
lib/msf/http/jboss/script.rb. Moved head_stager_jsp to script.rb.
Removed stager_jsp to use the function from the mixin.
2014-08-30 13:15:37 +02:00
33f90de7f6
Refactoring jboss module to work with the Mixin
...
Moved upload and delete methods of deploymentfilerepository to the
mixin. Removed call_uri_mtimes method as the module now uses deploy
from the mixin.
2014-08-29 20:08:35 +02:00
928aeffcba
add wordpress_rpc loginscanner and specs
2014-08-29 13:06:12 -05:00
b4e3ce0fdc
Merge branch 'master' of github.com:rapid7/metasploit-framework
2014-08-28 17:14:07 -05:00
fa77caa819
Merge branch 'bug/MSP-11153/database-config-overrides'
...
MSP-11153 #land
2014-08-28 17:12:37 -05:00
031445fee7
Check for nil resource files
...
See #3719
2014-08-28 16:27:33 -05:00
20177c7c23
Restore backup database.yml when retesting after interrupt
...
MSP-11153
Restore the config/database.yml backed up to
config/database.yml.cucumber.bak in the db:config:restore task, which is
made a dependency of the environment rake task so that
config/database.yml is restored before Rails tries to use it in the
environment task. This specifically, allows for rake cucumber to be
interrupted when the config/database.yml has been moved to
config/database.yml.cucumber.bak and a subsequence rake cucumber to
succeed and restore config/database.yml, but any task that depends on
environment will restore the config/database.yml.
2014-08-28 15:20:53 -05:00
7a8d7a38d1
Remove debugging 'puts'
...
MSP-11153
2014-08-28 13:48:46 -05:00
f097ef96e0
Use &&
2014-08-28 12:13:03 -05:00
d0d9949d91
Do SSL options correctly
2014-08-28 12:04:14 -05:00
275fa5cb50
Remove unnecessary return
...
MSP-11153
Leftover from earlier design.
2014-08-27 16:58:45 -05:00
83b6f268b4
Remove unnecessary realpath
...
MSP-11153
Causes errors on machines that don't have ~/.msf4 like travis-ci.
2014-08-27 16:58:05 -05:00
df215a380d
Do not send 2 content-length headers
2014-08-27 16:05:08 -05:00
af9f3b83a7
Refactoring jboss module to work with the Mixin
...
Removed datastore USERNAME and PASSWORD which are provided by
Msf::Exploit::Remote::HttpClient. Removed datastore PATH and VERB which
are provided by the mixin (lib/msf/http/jboss). Moved target detection
to the mixin.
2014-08-27 22:54:40 +02:00
a32ffc4c26
Add the final portion for Glassfish login module
2014-08-27 15:09:11 -05:00
2f48f7c48c
rails generate cucumber:install
...
MSP-11153
Add cucumber-rails for testing msfconsole's loading of database.yml from
different paths.
2014-08-27 14:10:04 -05:00
951ce15b44
Move database.yml selection to Metasploit::Framework::Database
...
MSP-11153
Test the following paths in order and only return them if the path
exists:
1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
2014-08-27 12:01:43 -05:00
5d8cbe0544
Early version of Glassfish using LoginScanner
2014-08-27 01:23:02 -05:00
1f35c0ff1c
Merge #3713 , @hmoore-r7's SIP cleanup of my SIP cleanup
2014-08-26 17:52:35 -07:00
316a952e9c
Make SIP note, service and print output more similar
2014-08-26 17:47:31 -07:00
4a1b037af0
Remaining files..
2014-08-26 18:15:58 -05:00
2d2606aeaf
Update sip note format, small tweaks to output, service.info
2014-08-26 16:42:00 -05:00
ba1f7c3bf6
Land #3687 , reworks the nat-pmp portscanner
2014-08-26 14:34:46 -05:00
3b8bbdf10c
Merge master back in before landing #3545
2014-08-26 14:07:58 -05:00
4e19d9ade1
Land #3545 , fix up sip scanners, msftidy, db services cmd
2014-08-26 14:07:21 -05:00
c42517a14a
missing exception rescue
...
needed to also rescue Errno::ETIMEDOUT
2014-08-26 13:58:34 -05:00
e75e213b52
Clarify SIP mixin method name, store header values as string, etc
2014-08-26 11:40:49 -07:00
677d7804ae
Fix bad merge
2014-08-26 10:49:54 -07:00
5ad090e833
Add unit test for and correct parsing of NAT-PMP port map responses
2014-08-26 10:49:53 -07:00
162508f532
Update NAT-PMP modules to use new/updated mixins
2014-08-26 10:49:53 -07:00
816404bb88
Move common NAT-PMP functionality into a central place
2014-08-26 10:49:53 -07:00
32a14cfc43
Missed the file...
2014-08-26 10:49:53 -07:00
ff7e0f3c19
Land #3705 , xistence's UPNP SSDP M-SEARCH amplification scanner
2014-08-26 08:30:43 -07:00
337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification
2014-08-26 07:48:44 -07:00
9749c78632
Add amplification multiplier for vulnerable proofs
2014-08-26 07:36:38 -07:00
b3e898736f
Land 3694, msfconsole.rc wasn't loading, add yard
2014-08-26 01:12:33 -05:00
a41748e77e
Correct SIP header note storage to align with Recog
2014-08-25 13:12:30 -07:00
bfa89bb3a5
Enforce binary encoding on non-modules, no encoding on modules
2014-08-25 13:12:29 -07:00
6185721a61
Address @hmoore-r7's feedback regarding binary encoding
2014-08-25 13:11:22 -07:00
a4f623a955
Show port and protocol when printing service notes, not just name
2014-08-25 13:11:22 -07:00
9955cb5b27
Enforce proper protocol case where necessary
2014-08-25 13:11:22 -07:00
b760815c86
Also pull the Allow headers (previous behavior)
2014-08-25 13:11:21 -07:00
637f86f37d
Gut SIP UDP stuff, use Msf::Auxiliary::UDPScanner
2014-08-25 13:11:21 -07:00
50d90defbc
Use a correct default Accept header -- responses++
2014-08-25 13:11:21 -07:00
c2e70446ed
Move SIP module stuff to Msf::Exploit::Remote::SIP
2014-08-25 13:11:21 -07:00
fc67aed174
Correct style and doc issues, tidy failure message when not SIP
2014-08-25 13:11:21 -07:00
e3753e3649
Refactor SIP response parsing for future improvements
2014-08-25 13:11:21 -07:00
02e41c27e7
Split SIP response parsing out on its own, add unit tests.
...
Passes rspec but fails in framework. WIP.
2014-08-25 13:11:20 -07:00
d4ea3e9f29
Pass protocol down to parse_reply for report_* purposes
2014-08-25 13:09:39 -07:00
a2e2e37a69
Fix SIP options scanning
2014-08-25 13:09:39 -07:00
c4a173e943
Remove automatic target, couldn't figure out generic payloads.
2014-08-25 14:14:47 -05:00
32b1a5ea23
add ipboard loginscanner
...
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
2014-08-25 13:58:30 -05:00
b7714c9661
Cleaned up indents.
2014-08-25 13:03:23 -04:00
1ee83ff57e
Land #3696 , pile of NTP DRDoS 0days
...
Dr. DoS in da house?
2014-08-25 11:47:28 -05:00
92ff0974b7
Add YARD option formatting
2014-08-25 01:45:59 -05:00
e47a6f1573
Provides methods to patch metsrv stagers with options.
2014-08-25 00:55:07 -04:00
19d6feca62
Fix regression where msfconsole.rc wasn't loading
...
Also add some slightly better docs for the Driver class
2014-08-24 15:10:41 -05:00
6313b29b7a
Add #arch method to Msf::EncodedPayload.
...
This allows exploits with few one automatic target to support many
different architectures.
2014-08-24 02:22:15 -05:00
1d3531d09d
Put include above constant defs.
2014-08-24 01:17:32 -05:00
4e63faea08
Get a shell from a loose gdbserver session.
2014-08-24 01:10:30 -05:00
7ee5423310
Add specs for Msf::HTTP::JBoss::Base
2014-08-22 15:11:27 -05:00
4742dbad91
Fix YARD documentation
2014-08-22 14:18:13 -05:00
38e6576990
Update
2014-08-22 13:22:57 -05:00
95fbb8f1b7
Land PR #3672 , dmaloney-r7's login scanner credential rework.
2014-08-22 11:15:32 -05:00
05f0d09828
Merge branch staging/electro-release into master
...
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master. Rather than merging with
history, he squashed all history into two commits (see
149c3ecc6382760bf5b319ba7772f362b81d681448f0743d1b
2014-08-22 10:50:38 -05:00
19ba7772f3
Revert "Various merge resolutions from master <- staging"
...
This reverts commit 149c3ecc63
2014-08-22 10:17:44 -05:00
48f0743d1b
remove crappy basedir method
...
this method is no lopnger needed
2014-08-20 15:28:36 -05:00
6bc55bf8cc
change is_apt method
2014-08-20 15:27:11 -05:00
b547f7fc75
fix msfbasedir for go_pro
...
go_pro uses the wrong base director y for starting
up metasploit pro when using the go_pro command
this caused errors
2014-08-20 15:22:18 -05:00
8fd4ee87ab
Allow singular NTP version and mode 7 implementation testing
2014-08-20 12:21:39 -07:00
9d007a8c63
Add @jlee-r7's feedback
2014-08-20 12:04:33 -05:00
c3e8bc8fa0
Fix a crash when we can't connect to PG, again
2014-08-20 11:02:46 -05:00
fa27def41f
Revert "Fix a crash when we can't connect to PG"
...
This reverts commit b6deb6a342
2014-08-20 11:01:29 -05:00
9dcc95fb04
Fix Rex::MIME::Message#initialize boundaries parsing
2014-08-20 10:22:38 -05:00
e8a6307df1
Fix Rex::MIME::Header#parse
2014-08-20 09:42:44 -05:00
0c9dafff54
Merge pull request #3673 from jlee-r7/bug/MSP-11061/crash-without-postgres
...
Fix a crash when we can't connect to PG
2014-08-19 16:16:30 -05:00
b6deb6a342
Fix a crash when we can't connect to PG
...
MSP-11061
No Postgres, no cry
2014-08-19 15:30:24 -05:00
311cc5befb
Land #3668 - Add specs for Rex::Exploitation::HeapLib
2014-08-19 13:14:24 -05:00
473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
...
Conflicts:
Gemfile.lock
lib/metasploit/framework/command/console.rb
lib/metasploit/framework/common_engine.rb
lib/metasploit/framework/credential.rb
lib/metasploit/framework/credential_collection.rb
lib/metasploit/framework/login_scanner/afp.rb
lib/metasploit/framework/login_scanner/axis2.rb
lib/metasploit/framework/login_scanner/db2.rb
lib/metasploit/framework/login_scanner/ftp.rb
lib/metasploit/framework/login_scanner/http.rb
lib/metasploit/framework/login_scanner/mssql.rb
lib/metasploit/framework/login_scanner/mysql.rb
lib/metasploit/framework/login_scanner/pop3.rb
lib/metasploit/framework/login_scanner/postgres.rb
lib/metasploit/framework/login_scanner/result.rb
lib/metasploit/framework/login_scanner/smb.rb
lib/metasploit/framework/login_scanner/snmp.rb
lib/metasploit/framework/login_scanner/ssh.rb
lib/metasploit/framework/login_scanner/telnet.rb
lib/metasploit/framework/login_scanner/vnc.rb
lib/metasploit/framework/parsed_options/console.rb
lib/metasploit/framework/require.rb
lib/metasploit/framework/version.rb
lib/msf/core/modules/namespace.rb
modules/auxiliary/analyze/jtr_postgres_fast.rb
modules/auxiliary/scanner/afp/afp_login.rb
modules/auxiliary/scanner/db2/db2_auth.rb
modules/auxiliary/scanner/ftp/ftp_login.rb
modules/auxiliary/scanner/http/axis_login.rb
modules/auxiliary/scanner/http/http_login.rb
modules/auxiliary/scanner/http/tomcat_mgr_login.rb
modules/auxiliary/scanner/mssql/mssql_login.rb
modules/auxiliary/scanner/mysql/mysql_login.rb
modules/auxiliary/scanner/pop3/pop3_login.rb
modules/auxiliary/scanner/postgres/postgres_login.rb
modules/auxiliary/scanner/snmp/snmp_login.rb
modules/auxiliary/scanner/ssh/ssh_login.rb
modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
modules/auxiliary/scanner/telnet/telnet_login.rb
modules/auxiliary/scanner/vnc/vnc_login.rb
modules/auxiliary/scanner/winrm/winrm_login.rb
spec/lib/metasploit/framework/credential_spec.rb
spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00
e0df664656
Land #3653 : NETAPI x64 fixes
2014-08-19 11:40:43 +10:00
f812d2619c
Fix load_js when opts[:newobfu] and add specs
2014-08-18 13:50:19 -05:00
b9e449f5e2
Fix crash when database.yml doesn't exist
2014-08-18 12:40:57 -05:00
fd40a68525
Added YARD documentation to lib/msf/http/jboss
2014-08-18 18:19:37 +02:00
6661e1a5a4
De-committing based on suggestions from Meatballs1 and jlee-r7.
2014-08-17 20:37:06 -04:00
5e123e024d
Add 'coding: binary' to all msf/rex library files
...
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
6d92d701d7
Merge feature/recog into post-electro master for this PR
2014-08-16 01:19:08 -05:00
82760bf5b3
Deprecation warnings hidden for non-listeners
2014-08-15 12:33:44 -05:00
149c3ecc63
Various merge resolutions from master <- staging
...
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
8302e82ca1
Use x64 ptr sizes
2014-08-14 23:32:04 +01:00
256204f2af
Use correct pack/unpack specifier
2014-08-13 11:36:16 +01:00
84374fe92c
Merge branch 'staging/electro-release' into bug/MSP-11050/rails_root
2014-08-12 13:54:38 -05:00
12f1234296
always set our rails root to our root
...
this works fine when calling any framework binaries
from their path as CWD. if you call tehm from another path
you will get an incorrect root which can cause certain things to load
incorrectly
Signed-off-by: David Maloney <DMaloney@rapid7.com>
2014-08-12 13:53:28 -05:00
fcfce9efec
Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry
2014-08-12 11:22:51 -05:00
e051272a20
Fix typo
...
MSP-11046
`ActiveSupport::OrderedOptions` automatically create an attribute for
any missing keys, so when `options.console.resource` was used it would
return `nil` instead of the erroring. The correct option name was
`options.console.resources` (note the pluralization).
2014-08-12 10:49:35 -05:00
351b687759
Land #3612 , Windows Local Kernel exploits refactor
2014-08-10 22:05:06 +01:00
b277f588fb
Use railgun helper functions
2014-08-10 21:52:12 +01:00
af3ca19ab2
Land #3501 , @AnwarMohamed's android meterpreter commands.
2014-08-09 16:29:59 -05:00
dbaa377aa1
Final-round of code tweaks. All commands working well.
2014-08-09 13:04:52 -05:00
d6198c786d
Move rdoc for Msf::Auxiliary::DRDoS
2014-08-08 23:23:48 -07:00
ddcaa11216
Add new mixin for helping to detect DRDoS vulns
2014-08-08 23:15:09 -07:00
c48cf48d85
Return the NTP message, not the string
2014-08-08 21:39:48 -07:00
ed3ccdc9e0
Initial commit of modules for NTP vulns described in R7-2014-12
...
Not entirely functional or polished, but mostly working
2014-08-08 21:00:43 -07:00
3fd76105db
msftidy'd
2014-08-08 22:03:51 -04:00
73253b575a
Land #3626 , @wchen-r7's storing of text loot as txt
2014-08-08 18:57:38 -07:00
c5e452c866
Patches UA and PROXY in metsrv when running migrate
2014-08-08 21:48:02 -04:00
93174a818b
Land #3628 - Add --ask option in msfconsole
2014-08-08 11:03:15 -05:00
b33d2b8583
Adds a newline for readability
2014-08-07 13:49:13 -05:00
6cea921478
Adds --ask option to prompt before exiting msfconsole
2014-08-07 13:44:46 -05:00
e432f3f442
Support all text-based ctypes
2014-08-07 11:10:32 -05:00
d6e60453d6
Added Wordpress XMLRPC DoS
2014-08-07 11:38:44 +02:00
1d430dbb45
Run migrations when connection already established in console
...
MSP-10955
`Msf::Ui::Console::Driver#initialize` doesn't call
`framework.db.connect` if it can't find the the `database.yml`, but when
using `msfpro`, the connection is already established, so the console
doesn't need to know where the database file is and should just run the
migrations so that `framework.db.migrate` can be set and
`framework.db.active` will return `true`.
2014-08-06 19:55:51 -05:00
91bb0b6e10
Metasploit Framework 4.9.3-2014072301
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
/lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
aJ0QgKJz8thZgafZc89I
=e1z9
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
AjGcfOzhhcsY+WAQ7OG+
=Pjob
-----END PGP SIGNATURE-----
Merge tag '2014072301' into staging/electro-release
Conflicts:
Gemfile.lock
modules/post/windows/gather/credentials/gpp.rb
This removes the active flag in the gpp.rb module. According to Lance,
the active flag is no longer used.
2014-08-06 15:58:12 -05:00
2ed02c30a8
Use better variable names instad of an array
2014-08-05 21:34:36 -07:00
b602e47454
Implement improvements based on feedback
2014-08-05 21:24:37 -07:00
77bba6e4ee
fixed msfcli with missing require
2014-08-05 09:38:33 +02:00
9c29b78b9a
Add missing require
...
MSP-10848
Not triggered on OSX development machines, only on Linux.
2014-08-04 18:23:25 -05:00
7044dabea1
Land #3600 - GPP Junk Padding Fix
2014-08-04 16:21:57 -05:00
8fe9ec098e
Date attrs set after creation in report import
...
MSP-11021
* created_at and updated_at are protected against mass-assignment, so
these need to be set after for reports and report artifacts
2014-08-04 14:02:59 -05:00
6543b08eb4
Support writing a copy of the original token
2014-08-04 11:49:00 -07:00
4b73ad6f40
Fix guessing the arch with modules specifying an array
2014-08-04 11:49:00 -07:00
893b9a6e99
Add an open_device function for wrapping CreateFileA
2014-08-04 11:49:00 -07:00
43a5120696
Cleanup the WindowsKernel mixin
2014-08-04 11:49:00 -07:00
49837a3ba6
Create a basic WindowsKernel exploit mixin
2014-08-04 11:49:00 -07:00
88f23832e6
Added Time out
...
For some reason the handler was closing before the command could
complete. Added the time out from bypassuac and now both psh and exe
work perfectly.
2014-08-02 14:29:42 -07:00
693e744da4
Hide icon flash on taskbar during cmd_psh_payload
...
When 'cmd_psh_payload' is run via 'cmd_exec' on a windows shell that is running in the context of an interactive user an icon will flash very quickly on the user's task bar. This can be avoided (verified) by adding the /b switch to the start section of the command launcher text. I have verified that this switch exists from Windows 2000 through Windows 2012 R2.
2014-08-02 15:52:52 -05:00
11515fc75c
Update core.rb
2014-08-02 15:27:10 -05:00
6603443df4
Add missing require
...
MSP-10998
2014-08-01 21:54:41 -05:00
9096a8a1f5
Remove Msf::Framework::VersionAPI
...
MSP-10998
It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
2014-08-01 21:43:14 -05:00
22db5aad8a
Remove Msf::Framework::VersionCore
...
MSP-10998
It can't handle 4.10.0 because it tries to compact the multiple part
version into one float using (1 / 10.0).
2014-08-01 21:31:48 -05:00
5aa347ef65
Changed Method Names
...
Changed names to look like shell_execute_(option), to make it more
defined on what it does.
2014-08-01 17:10:32 -07:00
def652a50e
Merge https://github.com/rapid7/metasploit-framework into bypassuac/psh_option
2014-08-01 14:32:55 -07:00
c31fc61617
Land #3270 , @jlee-r7 deprecation ipv6 payloads
...
These are not needed, since you can just config the regular handler now
and pick either.
This resolves the conflict (rm'ed the old modules)
Conflicts:
modules/payloads/stagers/windows/reverse_ipv6_http.rb
modules/payloads/stagers/windows/reverse_ipv6_https.rb
2014-08-01 16:27:59 -05:00
ceaffce727
Merge branch 'pr/3593' into staging/electro-release
2014-08-01 16:01:10 -05:00
ab7111120b
and all the rest
...
finally!
2014-08-01 14:54:18 -05:00
4821851ae4
telnet and ssh next
2014-08-01 14:47:08 -05:00
12902b0a6d
the refactor continues!
2014-08-01 14:41:03 -05:00
b74813b9a1
mysql and pop3 now
2014-08-01 14:30:33 -05:00
73ca8c0f6d
Work on jboss refactoring
2014-08-01 14:28:26 -05:00
2e7738c788
http and mssql now
2014-08-01 14:22:58 -05:00
e6a0e079b6
Merge pull request #3596 from darkbushido/bug/MSP-10937/adding-parent-to-cores-to-credential
...
.to_credential now assigns a parent
2014-08-01 13:13:48 -05:00
33f73a8af7
refactor db2
2014-08-01 13:00:27 -05:00
439b893fea
refactor axislogin
2014-08-01 12:30:16 -05:00
0fffb179fa
refactor afp_login
2014-08-01 12:10:52 -05:00
db345fcb58
make credential_collection always set private_type
2014-08-01 11:57:35 -05:00
a380646667
start refactoring ftp loginscanner
2014-08-01 11:47:13 -05:00
320f032dfe
add to_h to result
2014-08-01 11:46:43 -05:00
Tod Beardsley
James Lee
Luke Imhoff
HD Moore
Jon Hart
William Vu
Pedro Laguna
sinn3r
nstarke
Spencer McIntyre
jvazquez-r7
Samuel Huckins
Matt Buck
Christian Mehlmauer
Joe Vennix
Vincent Herbulot
Meatballs
Ramon de C Valle
Josh Abraham
Sean Verity
David Maloney
agix
Cucumber
Brandon Turner
Cenk Kalpakoğlu
Sascha Schirra
darkbushido
Kurt Grutzmacher
Tom Sellers
Joshua Smith
OJ
joev
Iquaba
byt3bl33d3r
b00stfr3ak