Commit Graph

48 Commits (bfa7e32c91b53887acc402a11327474fe6461fcf)

Author SHA1 Message Date
Brent Cook 7fe237abe1
Land #9220, Module cache improvements 2018-01-17 22:34:51 -06:00
Christian Mehlmauer 50351320d7
more docker work 2017-11-28 21:35:20 +01:00
christopher lee aee8db5b07 Ignore base metadata store file 2017-11-21 09:57:41 -06:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
darkbushido e873c87f0b
trying rspec-retry 2017-06-20 14:02:32 -05:00
Brent Cook 037fdf854e move common json-rpc bits to a library 2017-04-26 18:08:08 -05:00
defektive 6ccd3c71e9 Dockerfile and Docker Compose for Metasploit
Adds a basic Dockerfile and docker-compose config. `docker-compose.yml`
adds a named volume for postgres so data should persist.

`$HOME/.msf4` will be mounted to `/root/.msf4` by default.
port 4444 is exposed by default

Basic Usage:

	docker/bin/msfconsole
	docker/bin/msfvenom
2017-03-02 11:35:24 -07:00
mo khan a65a4929f7 Merge branch 'master' into vagrant 2016-02-20 09:10:17 -07:00
mo khan a73f738f27 ignore .vagrant directory. 2016-02-09 21:48:12 -07:00
OJ ed49a67c8b Add .php and .py meterpreter excludes to gitignore 2015-12-08 16:59:57 +10:00
Brent Cook 64e86165ef remove android meterpreter bins, update to payloads 1.0.2
This switches us to using the Android payload files from the
metasploit-payloads gem
2015-06-01 09:14:31 -05:00
OJ fc57852a23 Add the POSIX binaries to the ignore list
Now that the POSIX bins are in the metasploit-payloads gem, we can make
sure that we don't accidentally include them in future commits by adding
them to gitignore.
2015-05-07 07:25:24 +10:00
OJ cdbe923419 Ignore all the DLLs
We don't keep any meterpreter DLLs in the main repo now, so this changes
the ignore to make sure nothing goes in.
2015-03-20 13:12:48 +10:00
Tod Beardsley 4aa0785076
Also .gitignore the source directory for metakitty 2014-12-03 16:12:30 -06:00
Jon Hart 973c639c0e Add note about rbenv for rvm .versions.conf local override 2014-11-05 15:03:02 -08:00
Tod Beardsley 6b0107190e
typo 2014-11-05 13:19:40 -06:00
Tod Beardsley 231d03bd3b
Allow for locally chosen rubies
By ignoring .versions.conf, we can allow users pick their own versions
of ruby without having to jump through a bunch of hoops on keeping
.ruby-version straight between local and remote branches.
2014-11-05 13:18:26 -06:00
darkbushido 15a7ed0031
adding scenarios for booting msfconsole without a db 2014-08-20 11:02:11 -05:00
darkbushido 565f622fe0
renaming targets.yml to .example
ignoring the targets.yml file
2014-08-13 17:40:51 -05:00
Samuel Huckins be18dddac7 Merge branch 'staging/electro-release' of github.com:shuckins-r7/metasploit-framework into staging/electro-release 2014-07-29 20:50:05 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-16 09:38:44 -05:00
OJ 117cd8bf3a Add wildcards to gitignore for extensions 2014-06-25 03:19:59 +10:00
Tod Beardsley 99d60b7d6c
Update .gitignore to avoid Meterpreter bins 2014-06-20 11:57:59 -05:00
David Maloney 99b1702559
Merge branch 'master' into staging/electro-release
Conflicts:
	lib/msfenv.rb
2014-06-20 11:38:47 -05:00
Samuel Huckins 021983089b
Removing ruby-version and -gemset from gitignore
These should not have been removed.
2014-05-20 10:14:21 -05:00
Luke Imhoff 3370465d84
Use railties to load Metasploit::Credential correctly
MSP-9606

In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines.  To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
2014-05-12 15:03:51 -05:00
Trevor Rosen cf58f214a9 New-style RVM stuff now in .gitignore 2014-05-08 13:26:08 -05:00
kn0 fcfb48fda1 Added support for Gemfile.local 2014-02-21 13:37:31 -06:00
OJ 506a4d9e67
Remove genericity, x64 and renamed stuff
As per discussion on the github issue, the following changes were made:

* Project renamed from elevate to kitrap0d, implying that this is not
  intended to be a generic local priv esc exploit container.
* Container DLL no longer generic, always calls the kitrap0d exploit.
* Removal of all x64 code and project configurations.
* Invocation of the exploit changed so that the address of the payload
  is passed in to the exploit entry point. The exploit is now responsible
  for executing the payload if the exploit is successful. This removes
  the possibility of the payload getting executed when the exploit fails.
* Source moved to the appropriate CVE folder.
* Binary moved to the appropriate CVE folder.
* Little bit of source rejigging to tidy things up.
2013-11-14 12:22:53 +10:00
OJ 6a25ba18be Move kitrap0d exploit from getsystem to local exploit
This version modifies the existing meterpreter session and bumps the privs
up to SYSTEM. However it's not how local exploits are supposed to work.
More work will be done to make this create a new session with the elevated
privs instead.
2013-11-11 17:14:40 +10:00
OJ 3cdddb8ff3
New meterpreter binaries for ip resolv feature
* New meterpreter binaries that include the IP resolve feature.
* Updated .gitignore to correctly match pivot file name.
2013-09-21 07:12:40 +10:00
Tod Beardsley 4e1820a668 Remove gitignore, change to metasploit-framework 2013-09-13 12:44:19 -05:00
Josh 7d3c67614d add .sublime-project to gitignore 2013-08-15 22:25:29 -05:00
Tod Beardsley c5f0651b7e Add *.notab to gitignore
These are artifacts of tools/dev/retab.rb
2013-08-07 11:39:36 -05:00
Luke Imhoff 75e77f5801 Add new rvm control files to ignores
[#49402505]

rvm stable (1.19.6) has deprecated .rvmrc in favor of the .ruby-version
file used by other ruby version switchers and .ruby-gemset.  These files
only contain strings to be looked up instead of bash or sh code, so it's
also a safer format than the old script in the .rvmrc.
2013-05-07 08:32:21 -05:00
Tod Beardsley 95ff5c6ab7 Adding new .gitignores 2013-04-08 22:01:46 -05:00
Tod Beardsley b7ddedcb67 Replacing with master's .gitignore 2013-04-08 21:52:35 -05:00
Michael Schierl 89097e1fbc Remove old .gitignore entries 2012-12-21 14:48:28 +01:00
Michael Schierl d71b2c35a8 Convert Java Meterpreter project to use Maven
Functionality and build result is 1:1 the same as before. Auxiliary ant
targets have been converted to Maven profiles.
2012-12-21 01:17:57 +01:00
Michael Schierl 2d03b747c0 Convert JavaPayload project to use Maven
Functionality and build result is 1:1 the same as before. Auxiliary ant
targets have been converted to Maven profiles.
2012-12-21 00:09:06 +01:00
Luke Imhoff 236db52d3d Add simplecov for code coverage
Conflicts:
	Gemfile.lock
2012-11-06 16:30:41 -06:00
Luke Imhoff d92c078a9d Remove .rvmrc
Remove .rvmrc from source control and add it to .gitignore so it can't
be readded.
2012-10-02 16:29:22 -05:00
Luke Imhoff 555a9f2559 Refactor Msf::ModuleManager
[Fixes #36737359]

Refactor Msf::ModuleManager into concerns so its easier to understand and
duplicate code can be made DRY.  The refactoring also ensures that when
loading from directories, Fastlibs, or reloading, the wrapper module will
always be named so that activesupport/dependencies will function.
2012-10-01 13:09:30 -05:00
Luke Imhoff 8a2dc0a09f Give ruby Modules that wrap Metasploit modules a name
[#36737359]

active_support/dependencies cannot resolve missing constants in Metasploit
modules because the wrapper module is anonymous.  In order to make the
wrapper module non-anonymous, the module must be assigned to a constant.
Since we don't want modules colliding, the wrapper module needs a unique
name, so use the module lookup name to derive the proper nested module names
to namespace the wrapper module.  All derived modules are nested under
Msf::Modules.  The name derivation handles invalid characters for constant
names such as digits as the first character or non-alphanumeric character.
The invalid constant name characters are converted to their hex value and
prefixed with X, so '-' in a name become 'X2d'.
2012-09-27 12:52:09 -05:00
Michael Schierl 1d56ffe225 Update javapayload and java meterpreter
* Add support for hashing commands (stdapi_fs_md5 and sha1)
* Replace MTU detection with the Proper Java Way

Squashed commit of the following:

commit 0207b6e2e0c0eb55c7c5f04bd3008f674f6239ad
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 22:02:15 2012 +0100

    add support for stdapi_fs_{md5|sha1} commands

commit a187e7bc79f8d89e66df8d3a3f892c6dce10307b
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 20:32:03 2012 +0100

    update binaries

commit 0fc553bdac76cc8997fc581141483a3efbdefdfc
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 20:29:48 2012 +0100

    Add support to Java Meterpreter for multiple addresses on same interface

    For more information, see https://dev.metasploit.com/redmine/issues/6476

    Tested with Java 1.4, 1.5, 1.6, 1.7.

commit fc6dba99fe0b13bf8837ed7a699c5dbad35100e6
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:55:15 2012 +0100

    Fix Eclipse warnings

commit 4168d025507c1ecfbc50164cfc7f25f3f222b0ab
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:29:37 2012 +0100

    Update pretty-printing of unsupported command TLVs

    This adds the TLVs added by commit fbc8e25aaa to the pretty-printer.

commit 4a9335abdabb1b8a7741c5ec67852d7c5d552d6b
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:17:25 2012 +0100

    Un-ghetto Java Meterpreter MTU determination

    This splits the change from commit 14dfcce63a into a 1.6-specific and a 1.4-specific implementation (the latter being empty).

    Tested with Java 1.4, 1.5, 1.6, 1.7.

commit 968edd210ed68ba4974f051e280d90f0151df222
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:52:46 2012 +0100

    update .gitignore to ignore IDE generated files in JavaPayload projects

commit 86111625bee318411cf43da7706d37ce5d7045c5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:49:58 2012 +0100

    synchronize stages with upstream JavaPayload

commit 2360f2e6eb8703ae762868678ac952203be35d93
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:39:58 2012 +0100

    remove unused stages

[Closes #270]
2012-04-04 09:56:07 -06:00
James Lee c1989de06b Don't commit leftovers from failed patches 2012-03-16 16:28:16 -06:00
James Lee d2155c145d Ignore tags and swap files 2011-11-17 04:57:59 +11:00
HD Moore 43fa2c3d1b Add a gitignore and delete the broken file_autopwn code. Fixes #4964 2011-11-10 20:11:53 -06:00