William Vu
1a66786d1b
Fix Nmap XML parser for tunnel attribute
2015-04-20 17:04:19 -05:00
Samuel Huckins
13fc498523
Land #4948 , fixes several AppScan import issues
2015-03-29 23:33:01 -05:00
David Maloney
60966f3d2a
handle a blank response body
...
sometimes the response body itself can be blank
so we need to handle that properly.
MSP-9972
2015-03-23 16:03:30 -05:00
OJ
9c9d333a1b
Create verify ssl mixin, adjust some formatting
2015-03-23 13:21:08 +10:00
oj@buffered.io
fd4ad9bd2e
Rework changes on top of HD's PR
...
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
2015-03-20 13:06:57 +10:00
David Maloney
4293af01b1
make sure we strip leading whitespace
...
in the aforementiond record_request_and_response method
we need to still make sure to strip leading whitespace
from the front of our data before saving it
MSP-9972
2015-03-18 11:23:45 -05:00
David Maloney
dacaa9e82b
simplify request-response parsing in apsscan
...
the record_request_and_response method for the
nokogiri appscan parser was way overcomplicated
it was trying to do way too much trickiness
when the data could be very simply split and consumed
MSP-9972
2015-03-18 11:19:00 -05:00
David Maloney
3269817b29
remove bad truthiness checks
...
truthy checks were used here, but you'll get
an empty hash which will be treated as true causing
the test to be invalid and allowing for errors further in the method
MSP-9972
2015-03-18 10:52:24 -05:00
HD Moore
11593800b6
Move X509 PEM parsing into Rex::Parser::X509Certificate
2015-03-14 15:52:23 -05:00
HD Moore
7252ba284a
Tweak memory usage from 64Mb to 4Mb
2015-03-11 23:58:13 -05:00
Bazin Danil
3aa68c30b0
=> not => !
2015-02-26 21:31:01 +01:00
Bazin Danil
a427e417a3
-consomation +consumption
2015-02-26 21:23:09 +01:00
BAZIN-HSC
d8132f86ff
ajust buffer size
2015-02-22 08:51:16 +01:00
BAZIN-HSC
0d53dc1d13
use a buffer to avoid memory use on victims machine
...
use a buffer to avoid memory use on victims machine
use attacker memory to store files
avoid bugs on large files
2015-02-20 20:02:09 +01:00
BAZIN-HSC
fe75a31a59
NTFS parser optimisation
...
NTFS Parser does not gather automaticaly non resident attribute
that were not necessary
Railgun is called 17 times instead of 32 on an examples on ntds.dit
2015-02-20 13:11:53 +01:00
Bazin Danil
8cefe637df
bug with testing Win2k8 correction
2015-02-08 17:28:33 +01:00
Meatballs
358ab2590e
Small tidyup
2015-02-07 11:35:47 +00:00
Bazin Danil
970c5d115a
spellcheck
2015-02-05 22:08:39 +01:00
Bazin Danil
fbb85c0391
using string concatenation for performence
2015-01-31 05:13:44 +01:00
Bazin Danil
d9c64397fd
shorter the line, using more variables
2015-01-31 04:32:32 +01:00
Bazin Danil
0fce908045
add constant class
2015-01-31 04:19:27 +01:00
Bazin Danil
f4ec6bdc78
- use non-native pack/unpack directives
...
- coding: binary
- use constant for data_attribute
2015-01-31 03:59:23 +01:00
Bazin Danil
68b735dbda
Add a NTFS parser and a post module to dump files
...
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00
nstarke
55a746eeb7
Changing code to catch everything extraneous
2015-01-17 15:46:26 +00:00
nstarke
9baae6e494
Potential Fix For OpenVAS DB Import Issue
2015-01-13 02:46:13 +00:00
sinn3r
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
HD Moore
5e123e024d
Add 'coding: binary' to all msf/rex library files
...
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
HD Moore
6d92d701d7
Merge feature/recog into post-electro master for this PR
2014-08-16 01:19:08 -05:00
Meatballs
4ef3de84f3
get some more test cases
2014-08-01 14:34:17 +01:00
Meatballs
92669cd4d6
Use parser
2014-05-20 22:26:13 +01:00
Meatballs
0a2b79ccd1
Tidyup parser
2014-05-20 22:04:59 +01:00
Meatballs
09af023a71
Merge in parser
2014-05-20 21:56:35 +01:00
HD Moore
231138da1b
Fix a typo in the nexpose raw importer
2014-04-03 07:12:45 -07:00
Jonathan
26482f9ebd
reset head~2 and removed shebang from unattend.rb
2013-11-09 15:05:56 -05:00
Tod Beardsley
f6675f3120
Reordered case statements
2013-10-18 13:21:28 -05:00
William Vu
93ff9ec501
Create methods for start_element for readability
2013-10-18 12:20:43 -05:00
William Vu
ff69e9fd05
Move product info code to a better location
2013-10-18 12:07:34 -05:00
William Vu
e6cccedad0
Append vuln info to vuln description
2013-10-18 11:31:54 -05:00
William Vu
12151650e4
Add product info to hosts and services :)
2013-10-17 16:18:27 -05:00
William Vu
06c7943f54
Import hostnames without breaking everything
2013-10-17 15:31:48 -05:00
William Vu
920e406526
Import CVE refs and db.emit all the things
2013-10-17 14:29:54 -05:00
William Vu
ad8af02021
Add my wonderfully simplistic Outpost24 parser
2013-10-15 16:34:46 -05:00
Tod Beardsley
7cc2ad55a6
Land #1770 , unattend.xml snarfing modules
2013-09-27 16:04:38 -05:00
Tod Beardsley
63d638888d
Get rid of interior tabs
2013-09-27 16:04:03 -05:00
Tod Beardsley
d869b1bb70
Unless, unless everywhere.
2013-09-27 15:55:57 -05:00
Tod Beardsley
f4e2e0ac11
Clear report_data on each host report
2013-09-18 17:11:22 -05:00
HD Moore
72dff03426
FixRM #8396 change all lib use of regex to 8-bit pattern
2013-09-12 16:58:49 -05:00
Tab Assassin
2846a5d680
Retab changes for PR #1770
2013-09-05 14:57:40 -05:00
Tab Assassin
269c1a26cb
Merge for retab
2013-09-05 14:57:32 -05:00