Commit Graph

55 Commits (c19e9a80533d08399c3d61504411396a92a10f9c)

Author SHA1 Message Date
joe 4d63218c08 Bump rails-related gem versions to 3.2.8. 2012-09-17 14:15:14 -05:00
Samuel Huckins 7f03e37cc3 Removing unneeded user-agent gem from cache 2012-09-14 12:33:02 -05:00
Samuel Huckins 578b507dc7 Adding new user-agent gem. 2012-09-13 12:52:33 -05:00
Samuel Huckins 288fe0395a Corrected auto-generated env ref in mdm_console bin 2012-08-15 22:39:52 -05:00
Samuel Huckins a8ea014f25 MDM cache update 2012-08-15 10:16:47 -05:00
Tod Beardsley 33bf2881cc Removing cached gem for journey. 2012-07-06 22:12:50 -05:00
Tod Beardsley 505b97b470 Adding new gem versions
Add the new gems referenced in the last commit for real.
2012-07-06 22:11:16 -05:00
Tod Beardsley 63e41ee6bb Updating gems: coderay, journey, spork, sprockets 2012-07-06 22:03:33 -05:00
Tod Beardsley 3dba8273c9 Adding journey-1.0.4. 2012-07-06 17:33:16 -05:00
HD Moore 4afc6d698d Merge/sync with mdm 2012-06-25 10:11:53 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
Joe Vennix 328f927829 Updated MDM, specifically the error message on tag name validation. 2012-06-20 13:50:50 -05:00
Joe Vennix f7f9c23a23 Revert "MDM update."
This reverts commit 1b8d9446c9.
2012-06-20 13:27:49 -05:00
Joe Vennix 1b8d9446c9 MDM update. 2012-06-20 13:12:47 -05:00
HD Moore 5b5f3d0cf6 Merge over MDM 2012-06-18 13:35:27 -05:00
Samuel Huckins 68496d364a MDM update for report model validation 2012-06-18 08:57:32 -05:00
HD Moore e8ad66b799 Exploit attempt tracking is mostly complete 2012-06-17 23:00:21 -05:00
HD Moore a8f7ea901a Fix cache counters for vuln_attempts, tweak nexpose 2012-06-17 21:55:11 -05:00
HD Moore d7d4d13076 Store platform as a shortname, tweaks to vulns_refs to fix validation 2012-06-17 12:27:58 -05:00
HD Moore 642f2bf552 MDM update 2012-06-17 11:44:04 -05:00
HD Moore 37531d4486 Fix typo in table name 2012-06-17 02:01:23 -05:00
HD Moore 980327dddf Fix typo, redo add(), account for it in the loader 2012-06-17 01:59:19 -05:00
HD Moore 38ad7230d2 Fix up a typo 2012-06-17 01:35:39 -05:00
HD Moore e4fffc36de Move to one to many instead of m2m for module_detail tracking 2012-06-17 01:21:38 -05:00
HD Moore 780b8ee48b Remove the vulns_refs destroy, this causes issues
when the join table has no .id
2012-06-17 00:12:10 -05:00
HD Moore 03b29fff68 Merge up the latest, does not automaticlly load
the module tree into the database right now.
2012-06-14 04:35:43 -05:00
HD Moore cc56f43532 Merge in new MDM with corrected relationships 2012-06-14 00:24:21 -05:00
HD Moore 65686824e0 Merge in the MDM with module tables 2012-06-13 21:59:55 -05:00
HD Moore 554defa9c0 Merge MDM changes to fix the vuln refs relationship 2012-06-13 20:43:30 -05:00
HD Moore 8f448c9159 Merge MDM 2012-06-13 14:06:12 -07:00
HD Moore 9351e3ab25 MDM update to support fusion import 2012-06-13 14:02:40 -07:00
HD Moore 374b5b86f7 Merge branch 'master' into feature/vuln-info 2012-06-12 15:24:50 -05:00
Tod Beardsley 3756a5031f Adding carrierwave to metasploit's gemcache. 2012-06-12 14:47:50 -05:00
HD Moore d975d1a236 Add counter caches for host_details, vuln_details, vuln_attempts 2012-06-10 17:15:53 -05:00
HD Moore 9dcb3059f8 MDM update 2012-06-10 03:46:58 -05:00
HD Moore 7c8cb2d79e Add vuln_attempts, track exploit attempts when a matching vuln exists.
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
2012-06-10 03:15:48 -05:00
HD Moore d393dbb28f MDM update 2012-06-07 21:27:41 -05:00
HD Moore 42c3bedfad Merge MDM, add migrations, tweak report_vuln 2012-06-07 00:40:26 -05:00
Joe Vennix a20cec75cc Rollback activerecord to 3.2.2 to prevent asset inclusion issues. 2012-06-06 11:08:39 -05:00
Samuel Huckins 2e15ecfbd7 MDM Update 2012-06-01 11:01:08 -05:00
Joe Vennix daf5ae8e4b Updating to Rails 3.2.4.
Among other fixes, this addresses the Rails security advisory
from 5/31/2012:

http://groups.google.com/group/rubyonrails-security/browse_thread/thread/7546a238e1962f59
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/f1203e3376acec0f

Thanks Joe and Trevor!

Squashed commit of the following:

commit d7031cebcc8a0f42f6980729c84b0ea6d24e0a9b
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:57:29 2012 -0500

    Update activerecord in gemcache to support rails 3.2.4. [#30507689]

commit c7369f6d6631647907a5d67ac163020a5ab5d6dc
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:53:01 2012 -0500

    Bump rails version.
2012-05-31 17:09:59 -05:00
Tod Beardsley 373c174af3 Updates MDM from upstream.
This pulls in a few recent changes to MDM.
2012-05-18 12:04:33 -05:00
Tod Beardsley c6d91481f7 Updating to skip blank/nil service infos too 2012-05-17 14:15:13 -05:00
Tod Beardsley 4a5064a21e Typo on fingerprintable 2012-05-17 13:58:22 -05:00
Tod Beardsley 2238363e4d Fixes the normalize mem leak in host.rb MDM model
This should not be pushed up though, because we really need to fix in
MDM proper.
2012-05-17 13:50:44 -05:00
HD Moore 5282f9fd0a Update MDM 2012-04-23 22:21:13 -05:00
HD Moore 0e4593ce5b Purge the NoteSerializer and switch to Base64, have Base64 use the old format as well 2012-04-23 22:20:41 -05:00
HD Moore 3d24af8fd6 Add the fixed nokogiri gems (corrected rpath) 2012-04-23 19:00:10 -05:00
HD Moore 206018c8a3 Patched with a small tweak to avoid a raise 2012-04-23 14:58:25 -05:00
HD Moore a0815223e8 Patch this with a newer/manually built extension 2012-04-23 13:41:56 -05:00