Commit Graph

179 Commits (d7887b59aa1352dda460c69ba0a8e4fc58cdaacd)

Author SHA1 Message Date
William Vu 1a66786d1b Fix Nmap XML parser for tunnel attribute 2015-04-20 17:04:19 -05:00
Samuel Huckins 13fc498523
Land #4948, fixes several AppScan import issues 2015-03-29 23:33:01 -05:00
David Maloney 60966f3d2a
handle a blank response body
sometimes the response body itself can be blank
so we need to handle that properly.

MSP-9972
2015-03-23 16:03:30 -05:00
OJ 9c9d333a1b Create verify ssl mixin, adjust some formatting 2015-03-23 13:21:08 +10:00
oj@buffered.io fd4ad9bd2e Rework changes on top of HD's PR
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
2015-03-20 13:06:57 +10:00
David Maloney 4293af01b1
make sure we strip leading whitespace
in the aforementiond record_request_and_response method
we need to still make sure to strip leading whitespace
from the front of our data before saving it

MSP-9972
2015-03-18 11:23:45 -05:00
David Maloney dacaa9e82b
simplify request-response parsing in apsscan
the record_request_and_response method for the
nokogiri appscan parser was way overcomplicated
it was trying to do way too much trickiness
when the data could be very simply split and consumed

MSP-9972
2015-03-18 11:19:00 -05:00
David Maloney 3269817b29
remove bad truthiness checks
truthy checks were used here, but you'll get
an empty hash which will be treated as true causing
the test to be invalid and allowing for errors further in the method

MSP-9972
2015-03-18 10:52:24 -05:00
HD Moore 11593800b6 Move X509 PEM parsing into Rex::Parser::X509Certificate 2015-03-14 15:52:23 -05:00
HD Moore 7252ba284a Tweak memory usage from 64Mb to 4Mb 2015-03-11 23:58:13 -05:00
Bazin Danil 3aa68c30b0 => not => ! 2015-02-26 21:31:01 +01:00
Bazin Danil a427e417a3 -consomation +consumption 2015-02-26 21:23:09 +01:00
BAZIN-HSC d8132f86ff ajust buffer size 2015-02-22 08:51:16 +01:00
BAZIN-HSC 0d53dc1d13 use a buffer to avoid memory use on victims machine
use a buffer to avoid memory use on victims machine
use attacker memory to store files
avoid bugs on large files
2015-02-20 20:02:09 +01:00
BAZIN-HSC fe75a31a59 NTFS parser optimisation
NTFS Parser does not gather automaticaly non resident attribute
that were not necessary
Railgun is called 17 times instead of 32 on an examples on ntds.dit
2015-02-20 13:11:53 +01:00
Bazin Danil 8cefe637df bug with testing Win2k8 correction 2015-02-08 17:28:33 +01:00
Meatballs 358ab2590e
Small tidyup 2015-02-07 11:35:47 +00:00
Bazin Danil 970c5d115a spellcheck 2015-02-05 22:08:39 +01:00
Bazin Danil fbb85c0391 using string concatenation for performence 2015-01-31 05:13:44 +01:00
Bazin Danil d9c64397fd shorter the line, using more variables 2015-01-31 04:32:32 +01:00
Bazin Danil 0fce908045 add constant class 2015-01-31 04:19:27 +01:00
Bazin Danil f4ec6bdc78 - use non-native pack/unpack directives
- coding: binary
- use constant for data_attribute
2015-01-31 03:59:23 +01:00
Bazin Danil 68b735dbda Add a NTFS parser and a post module to dump files
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00
nstarke 55a746eeb7 Changing code to catch everything extraneous 2015-01-17 15:46:26 +00:00
nstarke 9baae6e494 Potential Fix For OpenVAS DB Import Issue 2015-01-13 02:46:13 +00:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
2015-01-02 13:29:17 -06:00
James Lee a65ee6cf30
Land #3373, recog
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
HD Moore 5e123e024d Add 'coding: binary' to all msf/rex library files
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
HD Moore 6d92d701d7 Merge feature/recog into post-electro master for this PR 2014-08-16 01:19:08 -05:00
Meatballs 4ef3de84f3
get some more test cases 2014-08-01 14:34:17 +01:00
Meatballs 92669cd4d6
Use parser 2014-05-20 22:26:13 +01:00
Meatballs 0a2b79ccd1
Tidyup parser 2014-05-20 22:04:59 +01:00
Meatballs 09af023a71
Merge in parser 2014-05-20 21:56:35 +01:00
HD Moore 231138da1b Fix a typo in the nexpose raw importer 2014-04-03 07:12:45 -07:00
Jonathan 26482f9ebd reset head~2 and removed shebang from unattend.rb 2013-11-09 15:05:56 -05:00
Tod Beardsley f6675f3120
Reordered case statements 2013-10-18 13:21:28 -05:00
William Vu 93ff9ec501 Create methods for start_element for readability 2013-10-18 12:20:43 -05:00
William Vu ff69e9fd05 Move product info code to a better location 2013-10-18 12:07:34 -05:00
William Vu e6cccedad0 Append vuln info to vuln description 2013-10-18 11:31:54 -05:00
William Vu 12151650e4 Add product info to hosts and services :) 2013-10-17 16:18:27 -05:00
William Vu 06c7943f54 Import hostnames without breaking everything 2013-10-17 15:31:48 -05:00
William Vu 920e406526 Import CVE refs and db.emit all the things 2013-10-17 14:29:54 -05:00
William Vu ad8af02021 Add my wonderfully simplistic Outpost24 parser 2013-10-15 16:34:46 -05:00
Tod Beardsley 7cc2ad55a6
Land #1770, unattend.xml snarfing modules 2013-09-27 16:04:38 -05:00
Tod Beardsley 63d638888d Get rid of interior tabs 2013-09-27 16:04:03 -05:00
Tod Beardsley d869b1bb70 Unless, unless everywhere. 2013-09-27 15:55:57 -05:00
Tod Beardsley f4e2e0ac11 Clear report_data on each host report 2013-09-18 17:11:22 -05:00
HD Moore 72dff03426 FixRM #8396 change all lib use of regex to 8-bit pattern 2013-09-12 16:58:49 -05:00
Tab Assassin 2846a5d680 Retab changes for PR #1770 2013-09-05 14:57:40 -05:00
Tab Assassin 269c1a26cb Merge for retab 2013-09-05 14:57:32 -05:00