02d30b3d44
Changes workspace cmd ordering to updated_at asc
2015-03-05 14:05:24 -06:00
84df403d11
Land #4852 , vuln note import/export addition
2015-03-05 13:54:22 -06:00
31191bef39
Fix #4865 , undef method 'ancestors' in lib/msf/core/payload_set.rb
...
Fix #4865
2015-03-05 12:49:51 -06:00
5ede40a39d
Change the variable name
2015-03-05 12:21:33 -06:00
e0a22a6794
Add support for folder
2015-03-05 12:19:33 -06:00
7a354f322c
Comment typo (missing i).
2015-03-04 20:11:41 -06:00
95f67dba7a
Tell payloads and encoders how much space they have to work with
2015-03-04 19:25:04 -06:00
a64dd4a1af
Land #4871 , Postgres PTH support
...
MSP-12244
2015-03-04 15:08:57 -06:00
2d46c06b97
Merge branch 'master' into feature/MSP-12244/postgres-pass-the-hash
2015-03-04 13:56:10 -06:00
36375fab28
Fix downcase path handling
2015-03-04 12:58:41 -06:00
4de1fdd020
Make SHARE prints verbose
2015-03-04 10:57:18 -06:00
1c064f6b46
Land #3074 , @0x41414141 SMB Share mixin
2015-03-04 10:16:04 -06:00
64fd818364
Land #4411 , @bcook-r7's support for direct, atomic registry key access in meterpreter
2015-03-04 10:01:33 -06:00
cdf5fec474
Fix style
2015-03-04 09:57:39 -06:00
75c075e32b
properly anchor regexes
...
duh
2015-03-03 19:15:29 -06:00
64490c746a
CredCollection now knows about postgres_md5
...
the cred collection can now identify a postgres_md5 hash string
and set the type on the Metasploit::Framework::Credential object
appropriately
MSP-12244
2015-03-03 16:43:52 -06:00
c836078292
allow credentials to have a type of postgres_md5
...
add postgres_md5 to the type validation on
Metasploit::Framework::Credential to account
for the new Private type
MSP-12244
2015-03-03 16:35:30 -06:00
fb74136723
Add MIPS arches to this stupid case statement
2015-03-03 15:25:08 -06:00
a57aefb721
Add specs for QUERY information level
2015-03-03 15:24:13 -06:00
c213ed3f5f
Add specs for FIND information level
2015-03-03 14:13:36 -06:00
4237cd2c88
Add specs for QueryPathInformation
2015-03-03 13:19:06 -06:00
aa4038d539
allow the postgres librry to take an md5 hash
...
allow the raw md5 password hash to be passed in instead of
a password for md5 authentication in postgres. Adds an extra exception
class for when an md5 hash is given but the server expects
a different form of authentication.
MSP-12244
2015-03-03 13:16:46 -06:00
8328c5c5e9
Add specs for SMB_FIND_FILE_BOTH_DIRECTORY_INFO requests
2015-03-03 12:43:41 -06:00
63a3ab16fe
Add specs for SMB_COM_SESSION_SETUP_ANDX commands
2015-03-03 10:31:43 -06:00
4fc08d7243
Add specs for Msf::Exploit::Remote::SMB::Server::Share::Command::ReadAndX
2015-03-02 17:32:03 -06:00
b0bc69b832
Add @todo comment
2015-03-02 14:25:56 -06:00
d57e220f00
Delete unnecessary case on smb_cmd_trans_query_path_info_basic
2015-03-02 14:19:20 -06:00
2004aea7b7
Add helpers for path handling on TRANS2 requests
2015-03-02 14:15:25 -06:00
8acde11aaf
Use file_contents instead of exe_contents
2015-03-02 12:56:48 -06:00
34bd6a4365
Add documentation for the Share mixin
2015-03-02 12:42:32 -06:00
9a8e17508f
Add documentation for QUERY information levels
2015-03-02 12:00:34 -06:00
750022806b
Add documentation for FIND information levels
2015-03-02 11:46:20 -06:00
0d8632dae9
Add documentation for TRANSACTION2 subcommands
2015-03-02 11:19:34 -06:00
6a5dae4549
Add documentation for SMB_COM_TRANSACTION2 handling
2015-03-02 11:12:57 -06:00
3923589286
Add documentation for SMB_COM_SESSION_SETUP_ANDX handling
2015-03-02 11:06:41 -06:00
e8dd9c1971
Add documentation for SMB_COM_READ_ANDX
2015-03-02 10:59:07 -06:00
1ad3f91c50
Add documentation for SMB_COM_NT_CREATE_ANDX handling
2015-03-02 10:52:30 -06:00
19061121b3
Add documentation for SMB_COM_NEGOTIATE handling
2015-03-02 10:45:43 -06:00
3e8bbb6c9e
Add documentation for SMB_COM_CLOSE handling
2015-03-02 10:36:13 -06:00
227cf4500d
define constants for tree connect access rights
2015-02-28 18:38:45 -06:00
eb3aedf4a7
Define constants for WordCount in responses
2015-02-28 18:15:14 -06:00
5f8c14c958
Fix check for TrueClass, plus other small changes
2015-02-28 14:11:15 -06:00
6f4259f2de
Revert #4859 , temporary solution for unbreaking client
...
This reverts commit 7ab86be72a49ae173057
2015-02-28 14:07:26 -06:00
eb7ac02d1a
Normalize handlers names
2015-02-28 12:14:58 -06:00
1d602d38c9
Refactor SessionSetupAndx handler
2015-02-28 12:10:48 -06:00
b27c9b9efc
Land #4838 , reverse_http{,s} listening service fix
2015-02-27 21:02:58 -06:00
ac81318e7a
Revert #4823 , changes for ruby style guide
...
This reverts commit 885469ca52fd73445d9b#4823 for why.
2015-02-27 17:28:00 -06:00
e5e13108ed
Refactor close handling
2015-02-26 23:50:10 -06:00
5418cdad11
Refactor negotiate handling
2015-02-26 23:49:07 -06:00
5ed1f8d44f
Make opts optional
2015-02-26 23:39:17 -06:00
882f0bdc0e
Refactor read_andx request handling
2015-02-26 23:35:12 -06:00
5b770f9f7a
Refactor nt_create_andx requests
2015-02-26 23:31:09 -06:00
70033576fe
Refactor query information level
2015-02-26 23:22:57 -06:00
49ae173057
Land #4844 : the final tweaks to @wv-r7's PJL extensions
2015-02-26 17:39:49 -06:00
1454ad79d8
Land #4844 : @wv-r7 extends the PJL repetoire
2015-02-26 17:29:28 -06:00
d544da22b5
Always send answer
2015-02-26 16:47:05 -06:00
45be95747f
Refactor Find Information Levels
2015-02-26 16:46:34 -06:00
89a033c194
Delete unnecessary paddings due to miscalculations
2015-02-26 15:54:00 -06:00
095431c323
fix note search conditions
...
note search conditions needed to know about
vuln_id or else vuln notes would get overwritten
MSP-12183
2015-02-26 15:48:04 -06:00
260c603ffb
Fix msfconsole -L
...
s/rb-readline/rb-readline-r7/
Should have been in #4816 (#4128 ).
2015-02-26 15:14:38 -06:00
387c966550
Fix unnecessary paddings
2015-02-26 15:00:53 -06:00
a72d49678a
only match by CVE refs
...
the other refs can be non-specific and refer
to multiple distinct vulns, resulting in
incorrect refs being attached to a vuln leading to
a snowball effect with more and more vulns being
misidentified.
MSP-12183
2015-02-26 14:57:16 -06:00
500e4707ab
Use smb_error
2015-02-26 14:35:52 -06:00
3aa68c30b0
=> not => !
2015-02-26 21:31:01 +01:00
a427e417a3
-consomation +consumption
2015-02-26 21:23:09 +01:00
0a51ca12a5
Download all of every file implicitly
2015-02-26 14:10:53 -06:00
d0ca1b2dc6
Delete a thing I added for no reason
2015-02-26 14:06:10 -06:00
5996256ccc
Fix formatting
2015-02-26 14:05:50 -06:00
c73ffea1b9
Do minor cleanup
2015-02-26 12:50:45 -06:00
8351920d1e
don't match based on URL refs
...
multiple vulns may be listed for
the same URL making matches based on
these refs entirely unreliable
MSP-12183
2015-02-26 11:40:15 -06:00
b1e6de2eeb
Add todo
2015-02-26 11:39:17 -06:00
26bfebf1bb
Add dummy wildcard handling
2015-02-26 11:39:05 -06:00
d0ab9206b9
Do minor cleanup
2015-02-26 10:58:36 -06:00
970f0c94b2
Create CREATE_ANDX constants
2015-02-26 10:44:07 -06:00
ab1bb0e50d
bugfixes to https://github.com/jvazquez-r7/metasploit-framework/tree/review_3074_clean_server
...
to provide consistent support for various exploits and OS SMB Commands.
Reintroduces smb_cmd_trans_query_path_info_network for use with the Struts2 JSP injection vulnerability.
Reintroduces smb_cmd_trans_query_file_info_basic for common use with rundll32.
Corrects some issues with filename formatting and pattern matching for file requests (can still be improved).
2015-02-26 16:10:34 +00:00
ed9213eb4c
Add fsquery check to fs{download,delete} methods
2015-02-25 17:37:20 -06:00
ea5b6f66d4
Add UEL to fsdownload method
2015-02-25 17:35:34 -06:00
5d3c7f3b4a
Add fsquery method
2015-02-25 17:18:23 -06:00
1f981dd336
Add FSQUERY constant
2015-02-25 17:00:27 -06:00
993c75ec77
Update Offset counts with constants
2015-02-25 16:25:16 -06:00
ee18cf592b
Calculate ParamCount and DataCount
2015-02-25 16:00:26 -06:00
91f0713056
Add fsdelete method
2015-02-25 15:41:40 -06:00
a096a17e21
Add FSDELETE constant
2015-02-25 15:39:51 -06:00
80d8491d09
Add fsdownload method
2015-02-25 15:00:31 -06:00
e8c2c3687d
Replace "pathname" with "path"
...
This always bothered me, since I usually say "path."
2015-02-25 15:00:18 -06:00
02ea7a0282
Add FSDOWNLOAD constant
2015-02-25 15:00:11 -06:00
df50aa0f06
Use constants for DataCount and DataCountTotal
2015-02-25 14:11:38 -06:00
f35e03b21b
Use constants
2015-02-25 13:44:56 -06:00
f21959a8a2
Add constants for session setup actions
2015-02-25 13:31:57 -06:00
e967cfbfb3
Create Access rights constants
2015-02-25 13:22:16 -06:00
1caffbea2d
Add constants for Negotiation Capabilities
2015-02-25 12:50:33 -06:00
50d50d5353
Define constants for SMB Flags
2015-02-25 12:28:25 -06:00
e5d9bb0a47
Update from master
2015-02-25 11:37:13 -06:00
ec9be4531b
Add SMB_CREATE_ANDX_RES_PKT template
2015-02-25 11:33:08 -06:00
50f8731980
Parse SMB_CMD_CREATE requests
2015-02-25 11:09:14 -06:00
0ad3473ebb
Implement case-insensitive datastore.delete
2015-02-24 20:47:00 -06:00
d10385cfed
Add template for SMB_TREE_CONN_ANDX_RES_PKT
2015-02-24 19:27:25 -06:00
1f1d95bb37
Delete one more extra comment
2015-02-24 18:27:39 -06:00
aeb7f05158
Delete extra comment
2015-02-24 18:27:21 -06:00
642765aeb5
Delete comments
2015-02-24 18:27:02 -06:00
Samuel Huckins
sinn3r
jvazquez-r7
HD Moore
William Vu
David Maloney
David Barksdale
Brent Cook
Bazin Danil
Matthew Hall