Commit Graph

5645 Commits (da49f67079ddf6b866de0bf41b118b8f9b8ed2a2)

Author SHA1 Message Date
James Lee e200f43183 Squashed commit of the following:
commit 1de16b41c8808df2919706eaa8cc89ae44d9b591
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:55:32 2012 +0200

    typo

commit a396b55018175f3eb2a83baecb1ec601cc99eef4
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:51:32 2012 +0200

    various posix meterpreter bugfixes

[Closes #584]
[FIXRM #7042]
2012-07-19 15:56:47 -06:00
James Lee c1cf71c4e9 Remove debugging load() 2012-07-18 11:02:21 -06:00
James Lee 5110aad0f3 Add better docs on some File methods 2012-07-17 17:32:27 -06:00
James Lee c9ccb02aae Clean up rdoc 2012-07-17 17:32:27 -06:00
sinn3r f4547527a8 Merge branch 'omg-post-exploits' of https://github.com/jlee-r7/metasploit-framework 2012-07-17 17:43:40 -05:00
James Lee 62fe00866d Add comments about what the block is for 2012-07-17 16:09:17 -06:00
James Lee 6b0196eccc Add a require for File in Common 2012-07-17 15:48:06 -06:00
James Lee a1cfb32f93 Fix a typo that breaks post param padding
Corner case and doesn't really *break* things, just means you end up
with one big param instead of multiple due to missing ampersands.
2012-07-17 12:29:28 -06:00
sinn3r fbe0cb7471 Merge branch 'post_win_gather_creds_gpp_pass' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_win_gather_creds_gpp_pass 2012-07-17 08:28:19 -05:00
HD Moore c887e0aaff Re-add AFP changes due to mangled merge 2012-07-17 00:42:49 -05:00
HD Moore b6d05c77ca No, really. Bump 2012-07-17 00:36:19 -05:00
HD Moore f62e0b1cca AFP fixes and JTR typo fix 2012-07-16 21:45:45 -05:00
HD Moore 7e50f91d59 Bump 2012-07-16 21:02:40 -05:00
HD Moore bc2edeace2 Cleanup AFP module output 2012-07-16 21:02:40 -05:00
James Lee efe478f847 Merge branch 'master' into omg-post-exploits 2012-07-16 09:20:23 -06:00
James Lee 7091d1c65b Add an exploit for sock_sendpage
Unfortunately, adds a dep on bionic for runtime compilation.

Gets ring0, sets the (res)uid to 0 and jumps to the payload.  Still some
payload issues because linux stagers don't mprotect(2) the buffer they
read(2) into.  Single payloads work fine, though.

Also cleans up and improves local exploits' ability to compile C.

[SEERM #3038]
2012-07-15 20:29:48 -06:00
HD Moore 4509c11916 Fingerprint dd-wrt even when auth is required 2012-07-15 21:21:13 -05:00
HD Moore f111ae097e Bail early if the user did not configure an injection parameter 2012-07-15 21:14:39 -05:00
HD Moore 0230ef60f6 Cosmetic 2012-07-15 15:46:54 -05:00
HD Moore d6c6a3d0c5 Correct an issue with payload recalc during iteration 2012-07-15 15:45:25 -05:00
HD Moore 2254086dbe Replace event handler with a straightforward filter 2012-07-11 03:00:44 -05:00
HD Moore 975d8004d3 Remove protected operator, not useful 2012-07-11 02:08:56 -05:00
HD Moore 430351fe79 Better handle of module cache when db_connect is run manually 2012-07-10 23:56:48 -05:00
HD Moore a7d1a61af2 Handle non-failure module exits as well 2012-07-10 19:55:43 -05:00
HD Moore 64e8956319 More small tweaks to import/export of attempts 2012-07-10 00:18:06 -05:00
HD Moore 25fee46020 Quick typo fix 2012-07-09 23:31:53 -05:00
HD Moore 6c977535d0 Fix up attempt/detail import/export structure 2012-07-09 22:47:05 -05:00
HD Moore bfde053cf4 Correct a flaw in vuln_attempt/vuln_detail import 2012-07-09 22:28:42 -05:00
webstersprodigy f50843e0b7 Adding http_ntlmrelay module 2012-07-09 22:56:24 -04:00
sinn3r b817070545 Merge branch 'mac_oui' of https://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-mac_oui 2012-07-09 20:14:25 -05:00
Alexandre Maloteaux e509c72574 better handle company name 2012-07-10 00:24:30 +01:00
Alexandre Maloteaux e949b8c2c8 mac_oui 2012-07-09 23:46:57 +01:00
m m 36d27242c7 allow reverse tcp with proxies 2012-07-09 23:05:09 +02:00
HD Moore c8c3c0e3e4 Correct an issue with HTTP response header parsing 2012-07-09 10:22:12 -07:00
James Lee 8d9186748f Fix logic fail 2012-07-08 20:46:37 -06:00
James Lee c82037d85b Add an xxd decoder 2012-07-08 20:45:25 -06:00
James Lee 6d6b4bfa92 Merge remote branch 'rapid7/master' into omg-post-exploits 2012-07-08 17:32:39 -06:00
HD Moore a8266bd831 Fix up odd reference normalization cases 2012-07-08 11:25:32 -05:00
HD Moore f75edc0ca1 Correct fix for older PG support, thanks to Patrick Fitzgerald 2012-07-08 10:16:51 -05:00
HD Moore 75430a0b7e Cleanup to support v1.2 as well as 1.1 2012-07-08 01:53:32 -05:00
HD Moore 4199b67879 Prevent an exception from breaking the sql cache 2012-07-07 17:30:31 -05:00
HD Moore 1d5b7a1a69 Fix an issue with PG's handling of group by on distinct 2012-07-07 17:27:11 -05:00
HD Moore 881d0ff0c9 Add method to create an asset group 2012-07-07 17:27:11 -05:00
Tod Beardsley 33bf2881cc Removing cached gem for journey. 2012-07-06 22:12:50 -05:00
Tod Beardsley 505b97b470 Adding new gem versions
Add the new gems referenced in the last commit for real.
2012-07-06 22:11:16 -05:00
Tod Beardsley 63e41ee6bb Updating gems: coderay, journey, spork, sprockets 2012-07-06 22:03:33 -05:00
Tod Beardsley 3dba8273c9 Adding journey-1.0.4. 2012-07-06 17:33:16 -05:00
HD Moore b102d869d7 Switch module search to the SQL backend. Fixes #565 2012-07-05 19:34:05 -07:00
HD Moore d266dc6031 Revert what looks like an errant debug mode 2012-07-03 20:32:19 -05:00
HD Moore 64364e3f16 Handle failed reloads in a nicer way 2012-07-03 19:49:44 -05:00
Meatballs1 bd2368d6ab Added specific details for each policy type to output table, modified REX:Ui:Table to prevent sorting when SortIndex == -1 2012-07-02 11:47:44 +01:00
HD Moore 4f9106b2e5 Reverse this back now that the bins are updated 2012-07-02 00:02:21 -05:00
sinn3r d7d21f1bda Merge branch 'patch-3' of https://github.com/mubix/metasploit-framework into mubix-patch-3 2012-07-01 19:42:49 -05:00
Rob Fuller 7298840478 Fix match on User-Agent for HTTPS 2012-07-01 21:32:29 -03:00
Rob Fuller 58dd2af998 Fix match on User-Agent for HTTP 2012-07-01 21:30:31 -03:00
RageLtMan 18e8285322 Fix up rev_http handler 2012-07-01 10:46:13 -04:00
HD Moore 12a6d67be4 Add support for user-agent and server control 2012-06-30 21:01:08 -07:00
HD Moore 9204a5b124 Move the db skip into the "web" console driver. FIXRM #7031 2012-06-29 10:46:15 -05:00
HD Moore eb762b3653 Back out encoding change of empty string, done by comment 2012-06-29 01:07:58 -05:00
HD Moore 1627720166 Skip module loads/db connect for existing framework sessions 2012-06-29 01:03:13 -05:00
HD Moore d656e3185f Mark all libraries as defaulting to 8-bit strings 2012-06-29 00:18:28 -05:00
HD Moore c45b1037f1 Make sure entries are 8-bit 2012-06-28 23:31:26 -05:00
sinn3r 0e55141fd9 Rename counts to count 2012-06-28 11:43:33 -05:00
sinn3r 5092152949 Fix the broken reload_modules method
When using the reload_all command, the framework will trigger an
'undefined method module_history' error, because we're missing
an accessor.

Also, even though reload_modules returns "counts". That actually
returns a hash instead of a real count of modules... the return
value is also never actually used anywhere.  But to make this
part not broken, we return the actual count.
2012-06-28 11:39:14 -05:00
sinn3r 807142e988 'Size' may not exist in certain PDF structure.
This is a fix for issues related to:
'undefined method `[]' for nil:NilClass'

It is possible that a PDF may not have the 'Size' xref, and people
are running into the 'undefined method'[]' for NilClass' exception.
Because the pdf parser always assumes there is a Size field,
so it uses a match() function to find the value for Size, which
can be nil.

See the following bug report for example:
https://dev.metasploit.com/redmine/issues/7014
2012-06-26 16:09:13 -05:00
James Lee b04170b283 Unbreak loadpath
HD's vuln-info merge broke add_module_path by removing an argument.
2012-06-25 16:37:16 -06:00
HD Moore 4dbdadfa3d Merge pull request #523 from alexmaloteaux/fixmsfvenom
Fix msfvenom to correctly generate elf binaries for bsd and solaris platform
2012-06-25 11:55:49 -07:00
HD Moore 4afc6d698d Merge/sync with mdm 2012-06-25 10:11:53 -05:00
HD Moore 3d0628debf Handle unreachable errors better 2012-06-25 03:29:30 -05:00
HD Moore a393f8d62d Apply the console ID if specified 2012-06-25 01:37:38 -05:00
HD Moore 19c18a3e4e Record the device_id correctly in the nexpose raw import 2012-06-25 01:23:16 -05:00
HD Moore 584e0dbd98 Load console config AFTER module path initialization 2012-06-25 01:16:35 -05:00
HD Moore 38cc6571de Merge branch 'master' into feature/vuln-info 2012-06-25 01:03:52 -05:00
HD Moore aa0c6d7036 Better IE 9/10 coverage 2012-06-25 01:03:34 -05:00
HD Moore faf5adadd9 Merge branch 'master' into feature/vuln-info 2012-06-25 00:42:02 -05:00
HD Moore 4bd9b0c94a Quick typo fix 2012-06-25 00:41:45 -05:00
HD Moore f7dca272b6 IE 10/Win8 detection support 2012-06-25 00:36:49 -05:00
HD Moore 1989f0ab46 IE 10/Win8 detection support 2012-06-25 00:36:04 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
Alexandre Maloteaux 2eddfa3444 fix bsd ans solaris platform when using encoder too 2012-06-25 03:12:33 +01:00
sinn3r 4d2e74e2ad Need to account for the fact the server may timeout during operation
See the following issue for more info:
http://dev.metasploit.com/redmine/issues/4866
2012-06-24 20:17:51 -05:00
James Lee 6913440d67 More progress on syscall wrappers
Something is still broken, my socket() is returning EAFNOSUPPORT whereas
what looks like the same syscall in wunderbar_emporium's exploit.c is
returning a socket. Similarly, my __mmap2() is returning EFAULT when
trying to map anything, not just NULL.
2012-06-22 17:45:49 -06:00
Tod Beardsley dfe0e10dc6 Adding kernelsmith's -a datastore opt
Works well enough on its own. Note that you cannot mix -g and -a since
set doesn't actually parse out dash options in a OptParse sort of way.

That said, setg -a seems to work well. This mixing options business
will need to be addressed soon, but that day is not today.

[Closes #514]
2012-06-22 16:01:38 -05:00
kernelsmith 1bcf241ec0 adds the -a (append) option to the console 'set' command
if RHOST is currently 192.168.20.1
set -a RHOST 5
appends 5 to RHOST making it 192.168.20.15
2012-06-22 01:23:54 -05:00
James Lee fd8b1636b9 Add the first bits of a sock_sendpage exploit
This can currently build an executable that creates a socket, opens a
temporary file, truncates that file with ftruncate(2) and calls
sendfile. Still needs to mmap NULL and figure out ring0 shellcode.

Baby steps.
2012-06-22 00:03:29 -06:00
James Lee 815d80a2cc Merge branch 'rapid7' into omg-post-exploits 2012-06-21 17:02:55 -06:00
Joe Vennix 328f927829 Updated MDM, specifically the error message on tag name validation. 2012-06-20 13:50:50 -05:00
HD Moore f7ecc98923 Merge branch 'master' into feature/vuln-info 2012-06-20 13:34:53 -05:00
HD Moore 1468a904a7 More error cleanup 2012-06-20 13:34:31 -05:00
Joe Vennix f7f9c23a23 Revert "MDM update."
This reverts commit 1b8d9446c9.
2012-06-20 13:27:49 -05:00
Joe Vennix 1b8d9446c9 MDM update. 2012-06-20 13:12:47 -05:00
sinn3r 5a5166c90b Merge branch 'gather-ssh-cleanup' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-gather-ssh-cleanup 2012-06-20 12:07:23 -05:00
James Lee 60eedc46dd Remove nils before sorting
Fixes a stack trace when one of the directory tests returns nil
2012-06-20 10:44:36 -06:00
HD Moore 83bf78c63b New failure_reason messages 2012-06-19 13:31:39 -05:00
HD Moore d5768080bf Add a fail_message to attempts and fix bugs 2012-06-19 00:48:39 -05:00
HD Moore bf3062aa89 Fix up opts.delete into temp storage for attempt tracking 2012-06-18 20:30:24 -05:00
HD Moore 5b5f3d0cf6 Merge over MDM 2012-06-18 13:35:27 -05:00
Samuel Huckins 68496d364a MDM update for report model validation 2012-06-18 08:57:32 -05:00
HD Moore 0696748914 Import exploit attempts 2012-06-18 01:27:50 -05:00
HD Moore d674ba103d Export exploit_attempts & module_details, fix mixin load 2012-06-18 01:13:57 -05:00
HD Moore e8ad66b799 Exploit attempt tracking is mostly complete 2012-06-17 23:00:21 -05:00
HD Moore a8f7ea901a Fix cache counters for vuln_attempts, tweak nexpose 2012-06-17 21:55:11 -05:00
HD Moore a892fce320 Indent only subsequent list items 2012-06-17 20:55:19 -05:00
HD Moore 9ceba4421a Bullet formatting rendered poorly, remove these and keep indents 2012-06-17 20:49:22 -05:00
HD Moore 39a77024e2 Parse solutions/descriptions into a slightly less ugly format 2012-06-17 19:27:25 -05:00
HD Moore d7d4d13076 Store platform as a shortname, tweaks to vulns_refs to fix validation 2012-06-17 12:27:58 -05:00
HD Moore 8709473e72 Add fullname to modules, load mixins, fix platform 2012-06-17 11:57:33 -05:00
HD Moore 642f2bf552 MDM update 2012-06-17 11:44:04 -05:00
HD Moore 999f7d7174 One more round of tweaks and finally back and running 2012-06-17 02:06:52 -05:00
HD Moore 37531d4486 Fix typo in table name 2012-06-17 02:01:23 -05:00
HD Moore 980327dddf Fix typo, redo add(), account for it in the loader 2012-06-17 01:59:19 -05:00
HD Moore 38ad7230d2 Fix up a typo 2012-06-17 01:35:39 -05:00
HD Moore e4fffc36de Move to one to many instead of m2m for module_detail tracking 2012-06-17 01:21:38 -05:00
HD Moore 780b8ee48b Remove the vulns_refs destroy, this causes issues
when the join table has no .id
2012-06-17 00:12:10 -05:00
HD Moore be9b7a88fb Complicate the matching process in the name of memory
and loading speed. Use optional match_details param
to find matching vuln instances.
2012-06-17 00:07:00 -05:00
HD Moore 7d9d6f11e5 Comitting a copy of the "old" mode of loading,
still hoping to avoid having to do this due to
memory bloat and slowness.
2012-06-16 22:42:31 -05:00
HD Moore 52150b0e89 Merge branch 'master' into feature/vuln-info 2012-06-16 15:43:52 -05:00
HD Moore 6dd8fd2e05 Move the cache rebuild into a background job 2012-06-16 15:41:37 -05:00
sinn3r 931f24b380 Merge branch 'php_apache_request_headers_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-php_apache_request_headers_bof 2012-06-16 14:56:45 -05:00
HD Moore 8425c8438d Switch to a MDM/SQL-based module cache 2012-06-16 14:51:09 -05:00
David Maloney 122b34c703 fix missing bock transitions
the block objects weren't being transitioned over from the class
methods properly, so the callback blocks were never getting processed.
2012-06-15 14:25:47 -05:00
jvazquez-r7 091b3bbbd9 Added module plus encoder for CVE-2012-2329 2012-06-15 00:29:52 +02:00
HD Moore 8177783681 Merge branch 'master' into feature/vuln-info 2012-06-14 16:21:51 -05:00
HD Moore e2c1657eb4 Adds a block callback to work with the replicant
module instance prior to it being launched.
2012-06-14 16:21:06 -05:00
HD Moore e59b33fc76 Incorporate egypt's feedback 2012-06-14 10:43:09 -05:00
Tod Beardsley bffb3571c2 Adding URL ref for db_autopwn deprecation message 2012-06-14 09:53:59 -05:00
James Lee 2683bb0ba7 Add deprecation warnings for old commands
This should hopefully cut down a bit on support requests from people
asking about old commands  they read about in _Metasploit: The
Penetration Tester's Guide_
2012-06-14 09:44:38 -05:00
HD Moore 03b29fff68 Merge up the latest, does not automaticlly load
the module tree into the database right now.
2012-06-14 04:35:43 -05:00
HD Moore a6070f8584 Tweak schema (type gets mangled by AR), add caching routine 2012-06-14 03:27:36 -05:00
HD Moore cc56f43532 Merge in new MDM with corrected relationships 2012-06-14 00:24:21 -05:00
HD Moore 65686824e0 Merge in the MDM with module tables 2012-06-13 21:59:55 -05:00
HD Moore 554defa9c0 Merge MDM changes to fix the vuln refs relationship 2012-06-13 20:43:30 -05:00
HD Moore 8f448c9159 Merge MDM 2012-06-13 14:06:12 -07:00
HD Moore 9351e3ab25 MDM update to support fusion import 2012-06-13 14:02:40 -07:00
David Maloney 08cbd87541 Default mime-types to octet-stream 2012-06-13 14:48:58 -05:00
James Lee d2d37f770d Add expand_path and upload_file methods 2012-06-12 23:58:20 -06:00
James Lee 2e4231d825 Fix NoMethodError when post mods call super from setup 2012-06-12 23:58:20 -06:00
James Lee 8707df3abb Allow tab-completing SESSION on exploits as well 2012-06-12 23:58:19 -06:00
James Lee 5717f52246 Make the Exploit::Local class useful
This commit is the main infrastructure needed to run exploits in a local
context, gluing the Exploit and Post module classes together.
2012-06-12 23:58:19 -06:00
HD Moore de45630092 Merge branch 'master' into feature/vuln-info 2012-06-12 15:36:16 -05:00
Jeff Jarmoc e820d23f73 Cleanup whitespace 2012-06-12 15:32:50 -05:00
HD Moore 374b5b86f7 Merge branch 'master' into feature/vuln-info 2012-06-12 15:24:50 -05:00
Tod Beardsley 3756a5031f Adding carrierwave to metasploit's gemcache. 2012-06-12 14:47:50 -05:00
HD Moore 6290bba71b Merge branch 'master' into feature/vuln-info 2012-06-12 12:41:41 -05:00
Michael Schierl 34ecc7fd18 Adding @schierlm 's AES encryption for Java
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.

Squashed commit of the following:

commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date:   Wed Apr 4 00:45:24 2012 +0200

    Do not break other architectures
    even when using `setg AESPassword`

commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:50:42 2012 +0200

    binaries

commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:49:10 2012 +0200

    Add AES support to Java stager

    This is compatible to the AES mode of the JavaPayload project.

    I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
    is not the supposed way, but it works :-)
2012-06-11 16:13:25 -05:00
HD Moore bbd500aca9 Show a stack trace in auxiliary timeouts [ temp ] 2012-06-11 01:40:57 -05:00
HD Moore d975d1a236 Add counter caches for host_details, vuln_details, vuln_attempts 2012-06-10 17:15:53 -05:00
David Maloney fc0dc23752 Some handling around empty elements 2012-06-10 17:04:47 -05:00
David Maloney a20c85a655 Remove binding.pry call 2012-06-10 17:01:31 -05:00
David Maloney f9999a3033 Add FusiuonVM Importer
This adds a nokogiri stream parser for XML reports from
Critical Watch's FusionVM.
2012-06-10 16:38:28 -05:00
HD Moore 4f55452153 This adds import/export support for vuln_attempts 2012-06-10 12:50:59 -05:00
HD Moore 9dcb3059f8 MDM update 2012-06-10 03:46:58 -05:00
HD Moore 7c8cb2d79e Add vuln_attempts, track exploit attempts when a matching vuln exists.
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
2012-06-10 03:15:48 -05:00
HD Moore 55bdbb6ec9 Merge branch 'master' into feature/vuln-info 2012-06-09 01:37:11 -05:00
HD Moore e840f7e9ee Add additional host detail columns and parsers 2012-06-09 00:43:03 -05:00
HD Moore dabda58f17 Import host_details and vuln_details now 2012-06-08 23:27:02 -05:00
HD Moore 465998bc17 Export host_details and vuln_details, add missing refs to db_export 2012-06-08 22:55:55 -05:00
HD Moore 376aaa410b Fix tag deuplication and reset after each vuln properly 2012-06-08 22:55:37 -05:00
James Lee 1be9ce8649 Fixes command parsing in Post::Common
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
2012-06-07 22:24:59 -06:00
HD Moore d393dbb28f MDM update 2012-06-07 21:27:41 -05:00
HD Moore 49b3c9b0e8 More cleanup related to vuln schema 2012-06-07 04:42:16 -05:00
HD Moore 42c3bedfad Merge MDM, add migrations, tweak report_vuln 2012-06-07 00:40:26 -05:00
James Lee a2751e3ccd Rdoc fixes 2012-06-06 17:04:54 -06:00
Joe Vennix a20cec75cc Rollback activerecord to 3.2.2 to prevent asset inclusion issues. 2012-06-06 11:08:39 -05:00
James Lee fc7293baae Arguments have to be joined with a space
Fixes cmd_exec() calls with more than one argument
2012-06-04 18:12:45 -06:00
David Maloney 7be365c299 Ignores SMTP Auth when no creds provided
Do not try to auth if the suer provided no creds
2012-06-04 16:41:36 -05:00
HD Moore f633281870 Straighten out the login error path for nexpose API calls 2012-06-04 15:21:04 -05:00
Samuel Huckins 2e15ecfbd7 MDM Update 2012-06-01 11:01:08 -05:00
sinn3r 9d6fc93ed3 Merge branch 'rubinius-gethostbyname' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-rubinius-gethostbyname 2012-06-01 00:39:52 -05:00
Samuel Huckins 35543d691d Now only loading MetasploitDataModels when not already loaded and
contained objects not in namespace
[Story #30430877]
2012-05-31 18:11:42 -05:00
James Lee fb1bf0b356 Work around a bug in rubinius 2012-05-31 16:48:34 -06:00
Joe Vennix daf5ae8e4b Updating to Rails 3.2.4.
Among other fixes, this addresses the Rails security advisory
from 5/31/2012:

http://groups.google.com/group/rubyonrails-security/browse_thread/thread/7546a238e1962f59
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/f1203e3376acec0f

Thanks Joe and Trevor!

Squashed commit of the following:

commit d7031cebcc8a0f42f6980729c84b0ea6d24e0a9b
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:57:29 2012 -0500

    Update activerecord in gemcache to support rails 3.2.4. [#30507689]

commit c7369f6d6631647907a5d67ac163020a5ab5d6dc
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:53:01 2012 -0500

    Bump rails version.
2012-05-31 17:09:59 -05:00
HD Moore 03b65c6a48 Handle cases where a user-agent was set via headers 2012-05-31 14:59:25 -05:00
James Lee fd67f7c37c Add cd and pwd to Post::File API
Also changes working dir to /tmp (or %TMP% on Windows) when testing file
stuff.
2012-05-30 13:52:48 -06:00
Brandon Perry e889d93924 missed @state[:bid] 2012-05-28 14:12:09 -05:00
Brandon Perry a3a308f74d fix tabs 2012-05-28 13:56:18 -05:00
Brandon Perry 820d5d2ec7 be a bit more defensive, check to make sur ethe data we think is there is there 2012-05-28 13:53:30 -05:00
James Lee 7c85a2796a Whitespace cleanup 2012-05-24 17:10:26 -06:00
James Lee 5bf973871c Space at EOF cleanup 2012-05-24 16:28:20 -06:00
James Lee e88501789c Make sure state is initialized
Fixes a stack trace when the xml has osmatch before osclass. Thanks Sean
Carolan for the report!
2012-05-24 10:43:30 -06:00
Tod Beardsley 0ecffd22b1 Make domain option requirement more clear 2012-05-24 10:11:08 -05:00
James Lee 22601180f3 Save the pilfered file as loot 2012-05-23 18:07:13 -06:00
James Lee dc08bc337b Default to ethernet if the server doesn't specify
Still need to recompile sniffer, but this will fix the immediate problem
of stack traces and failing to save the pcap.
2012-05-23 10:06:30 -06:00
James Lee e97994fdde Make sure matches is set
Fixes a nil issue introduced by 17943c7
2012-05-22 12:49:54 -06:00
James Lee 0c1d736fbc Hrm, out-of-order commits
Looks like my cherry-pick'ing fu hosed the previous commits and somehow
left two copies of dump_references.
2012-05-22 10:44:16 -06:00
James Lee 3bd0276ab3 Add references to info output for post modules
[Fixes #6902] [Closes #409]

Squashed commit of the following:

commit e29bf83196e39853d12b58d77db1ffdb26fbb6eb
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 22 10:01:12 2012 -0600

    Add references to info output for post modules

commit e0147f0f05375d812ecfd55f9c2cb4bffabc1887
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 22 10:05:32 2012 -0600

    Put references after description for consistency
2012-05-22 11:25:23 -05:00
HD Moore 5cc98b7ded Import NSE script output as notes 2012-05-22 01:49:45 -05:00
David Maloney 0b41d0f77d Fixes an issue where mysql_payload would crash agaisnt
unsupported arch. Due to a bad var name
[Fixes #29957453]
2012-05-21 16:09:08 -05:00
David Maloney 17943c7a48 Makes it so we don't ever use local config files for Net::SSH
Also makes sure that the :config =>false option keeps
Net:SSH from meddling with knowns_hosts too
2012-05-21 16:09:08 -05:00
RageLtMan 125aa43072 PowerShell post module download and exec
This adds sempervictus's PowerShell post module, along with a default
post module one can use for quick testing (for expected results, see
the screencap Gist at https://gist.github.com/6011cb87b01e970deca8

[Closes #403]

Squashed commit of the following:

commit c6b5a6aac1dc8781c67b611289d7710129592e83
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon May 21 14:43:48 2012 -0500

    Minor tweaks to language

commit ef088e135cd7b0ccb514a3011889154661d5bd09
Merge: 0a05455 1e14211
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon May 21 14:34:27 2012 -0500

    Merge remote branch 'todb/default-powershell' into Pull403

commit 0a0545558604c53d4648e3314ca8963ff9b225a7
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon May 21 14:33:33 2012 -0500

    Reverting unrelated telnet fix

    While I'm sure it's great, it needs to be tested.

commit 1e1421102b44a4c60c6eb9b442227075e959d7c6
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon May 21 14:14:09 2012 -0500

    Adds a default path to a script for exec_powershell.rb

commit 9978787f44896d06744d50febf4344111edcd7b1
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon May 21 14:06:46 2012 -0500

    Adds a new default powershell script

commit 25b605949fbf772e95a510162ca5af510c59788f
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Mon May 21 14:15:15 2012 -0400

    Synchronized SVIT version of lib...powershell.rb to github. Adds timeout option, check for script encoding, etc. Added post/windows/manage/powershell folder with script execution module. Other modules which can be placed here would be WinRM meterp exec, PS persistence, etc

commit c4a7fd932fb8850de732bfa911cf8d729a5db42d
Merge: 21b31f1 36207eb
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Mon May 21 14:07:26 2012 -0400

    msfvenom formatting merge conflict fix

commit 36207eb21ee04483c19790b5db7855d0a715e43d
Merge: c77eb03 4772c12
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Mon May 21 14:06:07 2012 -0400

    Merge branch 'master' of https://github.com/rapid7/metasploit-framework

commit 21b31f10c505862c14234824d4dabbb6fdfe7cbb
Merge: 81a7d62 c77eb03
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Fri May 18 12:57:52 2012 -0400

    Merge branch 'master' into powershell

commit c77eb03ca4428a741f5d231b3ec1cf80c90e9395
Merge: 89d5af7 52183aa
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Fri May 18 12:57:21 2012 -0400

    Merge branch 'master' of https://github.com/rapid7/metasploit-framework

commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Fri Mar 2 01:28:02 2012 -0500

    Banner encoding fix when running against dd-wrt on ruby 1.9.3

commit 81a7d62c6dab8404c1c0566a8be84c7280edeef8
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Tue Mar 20 20:19:13 2012 -0400

    powershell for msfvenom

commit 672c7bc37ea37a3b111f755ef17fe0c16047e488
Merge: 3e86dc4 ed542e2
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Tue Mar 20 20:08:12 2012 -0400

    exe.rb merge cleanup

commit 3e86dc4c40da1df3d0ff4a9ab6fffe8eeda52544
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Tue Mar 20 20:06:03 2012 -0400

    psh encoder cleanup

commit f619ed477fef7a2830b99ce6a9b27bb523c9d3ce
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Sun Feb 5 13:35:11 2012 -0500

    method call fix for psh-net encoder

commit 7b035e6da0ead328aebbfdf9fbbebed506cdca18
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Fri Feb 3 18:53:54 2012 -0500

    PS encoders: .net and architecture dependent native (psh-net, psh)

commit 7a2749bf2682686a87d37d240e61adece53fba8e
Merge: 32730b9 f89853d
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Fri Feb 3 18:38:03 2012 -0500

    Merge branch 'master' into powershell

commit 32730b96be4c9bd73f1f45b5d2d4330b8fb72cb8
Merge: e69fcd1 f6a6963
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Wed Jan 25 10:33:17 2012 -0500

    Merge branch 'master' of https://github.com/rapid7/metasploit-framework into powershell

commit e69fcd1a83412d6c0c96605b5acf0675e5b07205
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Wed Jan 25 07:59:38 2012 -0500

    msfvenom psh addition

commit 9a5d8ead7e69c40ff5e9a73244165a5685ca47ec
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Wed Jan 25 07:29:38 2012 -0500

    Proper author reference

commit 9fd8ac75a89ca2678b0d09192227eb23f00bf549
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Tue Jan 24 19:07:30 2012 -0500

    Fix script handling

commit fa363dfe965382a9f89ff404398e38e8f164c11a
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Tue Jan 24 17:31:09 2012 -0500

    added Msf::Post::Windows::Powershell, reworked post module to use mixin

commit e078d15b5464ff47ce616334d8cb1aa84a00df33
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Mon Jan 23 13:42:35 2012 -0500

    vprint_good change

commit 355f8bb19a62d974c5c89079dd26dd4cbb756c0a
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Mon Jan 23 12:50:51 2012 -0500

    exec powershell module

commit 5f9509444953f25352c994f90cae8a168878f7ea
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Mon Jan 23 12:45:41 2012 -0500

    powershell encoder support - Redmine Feature #6049
2012-05-21 14:48:16 -05:00
James Lee d273a0e44b Check for the right method name
"stdapi_fs_rm" doesn't exist
2012-05-21 12:42:23 -06:00
James Lee 3a4a61da80 Add missing require for `msf/post/unix`
[Fixes #6889]
2012-05-19 11:44:42 -06:00
Tod Beardsley f6e9ae6569 Merge pull request #397 from rapid7/normalize-memleak
Update MDM from upstream
2012-05-18 15:32:37 -07:00
Aram Verstegen d5d285ae96 Adding aczid's minimal exploit configurator
Note the syntax change, need to chase this down before pushing upstream
and make sure nobody's relying on that.... and grep says everything's
cool.

[Closes #295]

Squashed commit of the following:

commit 33b7438731ae5377c95d3d752d76eca73bad20ef
Merge: 6d3e6dd 7811b0a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri May 18 16:55:49 2012 -0500

    Merge branch 'master' into HEAD

commit 6d3e6dd6e215f8a4e0b1b53a29329748dad779af
Author: Aram Verstegen <aram.verstegen@gmail.com>
Date:   Sat Apr 7 22:58:29 2012 +0200

    Automatically configure payloads for wmap-enabled exploits

commit 410008bab7a4845d10d5077d0482899964088bd0
Author: Aram Verstegen <aram.verstegen@gmail.com>
Date:   Sat Apr 7 22:58:06 2012 +0200

    Exposed exploit_choose_payload as class method Exploit.choose_payload
2012-05-18 17:24:18 -05:00
Tod Beardsley 7811b0a3fd Landing sempervictus's Powershell features
Adding the payload generator, but not the post module -- couldn't get a
satisfactory test out of the module (see the comments on #251).

Please open a new request with the post module and a test scenario, like
a sample script or something to drop into /scripts/powershell.

I like the powershell stuff a lot; I imagine it's a popular set of
tools on high-value targets, like workstations of IT people.

[Closes #251]

Squashed commit of the following:

commit 46475c27a2d0a84b62167a65c9a158dfb7c9e755
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri May 18 15:23:22 2012 -0500

    Fixing whitespace on msfvenom case list.

commit 7e4c6613004e9b70e0ba4653e9eaa83470429c7e
Merge: 81a7d62 52183aa
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri May 18 15:06:51 2012 -0500

    Merge branch 'master' into rage-ps

commit 81a7d62c6dab8404c1c0566a8be84c7280edeef8
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Tue Mar 20 20:19:13 2012 -0400

    powershell for msfvenom

commit 672c7bc37ea37a3b111f755ef17fe0c16047e488
Merge: 3e86dc4 ed542e2
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Tue Mar 20 20:08:12 2012 -0400

    exe.rb merge cleanup

commit 3e86dc4c40da1df3d0ff4a9ab6fffe8eeda52544
Author: RageLtMan <rageltman [at] sempervictus>
Date:   Tue Mar 20 20:06:03 2012 -0400

    psh encoder cleanup

commit f619ed477fef7a2830b99ce6a9b27bb523c9d3ce
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Sun Feb 5 13:35:11 2012 -0500

    method call fix for psh-net encoder

commit 7b035e6da0ead328aebbfdf9fbbebed506cdca18
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Fri Feb 3 18:53:54 2012 -0500

    PS encoders: .net and architecture dependent native (psh-net, psh)

commit 7a2749bf2682686a87d37d240e61adece53fba8e
Merge: 32730b9 f89853d
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Fri Feb 3 18:38:03 2012 -0500

    Merge branch 'master' into powershell

commit 32730b96be4c9bd73f1f45b5d2d4330b8fb72cb8
Merge: e69fcd1 f6a6963
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Wed Jan 25 10:33:17 2012 -0500

    Merge branch 'master' of https://github.com/rapid7/metasploit-framework into powershell

commit e69fcd1a83412d6c0c96605b5acf0675e5b07205
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Wed Jan 25 07:59:38 2012 -0500

    msfvenom psh addition

commit 9a5d8ead7e69c40ff5e9a73244165a5685ca47ec
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Wed Jan 25 07:29:38 2012 -0500

    Proper author reference

commit 9fd8ac75a89ca2678b0d09192227eb23f00bf549
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Tue Jan 24 19:07:30 2012 -0500

    Fix script handling

commit fa363dfe965382a9f89ff404398e38e8f164c11a
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Tue Jan 24 17:31:09 2012 -0500

    added Msf::Post::Windows::Powershell, reworked post module to use mixin

commit e078d15b5464ff47ce616334d8cb1aa84a00df33
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Mon Jan 23 13:42:35 2012 -0500

    vprint_good change

commit 355f8bb19a62d974c5c89079dd26dd4cbb756c0a
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Mon Jan 23 12:50:51 2012 -0500

    exec powershell module

commit 5f9509444953f25352c994f90cae8a168878f7ea
Author: RageLtMan <rageltman@sempervictus.com>
Date:   Mon Jan 23 12:45:41 2012 -0500

    powershell encoder support - Redmine Feature #6049
2012-05-18 16:39:49 -05:00
Tod Beardsley 373c174af3 Updates MDM from upstream.
This pulls in a few recent changes to MDM.
2012-05-18 12:04:33 -05:00
James Lee 52183aa249 Unbreak the migrate command
The server is not returning the core_migrate command.  This is a bandaid
to make migrate work again until that gets sorted.
2012-05-18 10:25:29 -06:00
syndrowm fec2ec37f8 Squashed commit of the following:
commit fa9b2841cfcb7c833da5454f108f15ad229e6b75
Author: syndrowm <syndrowm@gmail.com>
Date:   Mon Apr 2 17:00:59 2012 -0600

    header files needed to generate solaris and bsd elf executables

commit f03fb2ff97823f3c177f3e1678aec26d92dd16ab
Author: syndrowm <syndrowm@gmail.com>
Date:   Mon Apr 2 16:59:46 2012 -0600

    add functions to allow generating elf executables for bsd and solaris

[Closes #292]
2012-05-18 10:21:34 -06:00
Tod Beardsley c6d91481f7 Updating to skip blank/nil service infos too 2012-05-17 14:15:13 -05:00
Tod Beardsley 4a5064a21e Typo on fingerprintable 2012-05-17 13:58:22 -05:00
Tod Beardsley 2238363e4d Fixes the normalize mem leak in host.rb MDM model
This should not be pushed up though, because we really need to fix in
MDM proper.
2012-05-17 13:50:44 -05:00
jlee-r7 fe7928c18d Merge pull request #390 from jlee-r7/consolidate-250-254-375
Consolidate #250, #254, #375
2012-05-16 17:07:33 -07:00
James Lee de22d76a40 Blank fields exist legitimately
The first process in Windows is usually [System Process] which has no
associated path, arch, or user, causing this code to skip all those
columns. Check for nil instead of blank to get around it. Need to
revisit this and make nonsense columns nil instead of an empty-string.
2012-05-16 17:47:31 -06:00
James Lee 5bd374e6e9 Refactor the processlist into its own class
*NOTE* Possible backwards compatibility issue! Changes get_processes
hash key from 'parentpid' to 'ppid'
2012-05-16 17:22:55 -06:00
James Lee 42719ab34b Squashed commit of the following:
commit 6a3ad1d887df9d277e4878de94f8700ed8e404f9
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 16:22:49 2012 -0600

    Add register_command calls for md5 and sha1

commit dbd52c5a1edfe1818a580d4d46aac0a9ca038e9c
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 16:22:09 2012 -0600

    Read the file instead of downloading it

commit 55b84ad8e2a8532b3f8520ccb1162169b8e9c056
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 15:27:11 2012 -0600

    Re-compile linux meterp to support the loadlib api

commit d112e84e490aa30aa9533fb0bdb33a9713ce01a5
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:50:25 2012 -0600

    Re-compile java meterp to support the loadlib api

commit c137187b346b708487245a849b95343223e4e7b0
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:44:10 2012 -0600

    Don't try to get interfaces if this session doesn't implement it

commit 88bba1e6c360c5725c4174623f56bcb6d8b54228
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:38:17 2012 -0600

    Remove debugging load

commit 02954cbf93e2a13da967780cb703103b3f83ecf4
Merge: d9ef256 88b35a3
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 12:06:53 2012 -0600

    Merge branch 'rapid7' into feature/4905

    Conflicts:
    	data/meterpreter/ext_server_stdapi.php
    	modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb

commit d9ef2569b88ae8bce67f13316f6eff76311fd846
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 2 18:06:06 2012 -0600

    PHP doesn't support rev2self

commit bf13ea0ff25541da07b8c099218e5ad7ea6ae8ba
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 18:21:59 2012 -0600

    Add php support for returning new extension commands

commit 7e35f2d671d3797fc3fab12e54015387f44b0b33
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 16:03:26 2012 -0600

    Reset CVE-2012-0507 back to master

    Purges commits unrelated to this branch.

commit 86a77b3cd017e1e3a3f23d9fba3b9ed173761f80
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 15:59:35 2012 -0600

    Revert "Make building the jar for cve-2012-0507 a bit easier"

    This reverts commit 27ef76522ad10436ec785728445ed2cc0657f85f.

    Conflicts:

    	external/source/exploits/CVE-2012-0507/Makefile
    	external/source/exploits/CVE-2012-0507/src/msf/x/PayloadX.java

commit 8c259fb779f736be16fe972215ddff1dd32fd0f3
Merge: fe2c273 1c03c2b
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 15:35:44 2012 -0600

    Merge branch 'rapid7' into feature/4905

    Conflicts:
    	data/meterpreter/ext_server_stdapi.jar
    	data/meterpreter/meterpreter.jar
    	external/source/meterpreter/java/src/meterpreter/com/metasploit/meterpreter/Meterpreter.java
    	modules/auxiliary/server/browser_autopwn.rb

commit fe2c273a6d840c67040d6c9e337f908204337e18
Merge: 8caff47 4e955e5
Author: James Lee <egypt@metasploit.com>
Date:   Fri Apr 6 10:19:53 2012 -0600

    Merge branch 'rapid7' into feature/4905

commit 8caff47d97469f1a5459c04461fd1098487ea514
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 17:51:18 2012 -0600

    Fix requires to find the test library

commit 51c33574cee3c47f0b2900c388d3d1213dd0a90d
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 17:48:35 2012 -0600

    Fix a load order problem with solaris post mods

commit 81b658362e5e6bdd215d18b53d14429d163aff72
Merge: adad2cf 6ef4257
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 15:43:19 2012 -0600

    Merge branch 'master' into feature/4905

commit 6ef42579471c6fde4bba71d0d4ce2c6c3e836180
Merge: 70ab8c0 5852455
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 15:16:56 2012 -0600

    Merge branch 'rapid7'

    Conflicts:
    	lib/rex/exploitation/javascriptosdetect.rb

commit adad2cf04c501c2a787e5475b62abd31871c06a0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 20:20:21 2012 -0600

    Deal with null data/jar

    Not sure why "" turns into null sometimes, but it was breaking shells;
    this fixes it.

commit 4f8a437b490e2b2774f9efd23b4891eaf007cf16
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:10:59 2012 -0600

    Prev commit moved these to src/a

commit 27ef76522ad10436ec785728445ed2cc0657f85f
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:08:32 2012 -0600

    Make building the jar for cve-2012-0507 a bit easier

    Mostly stolen from cve-2008-5353

commit db3dbad0a5ff20b05758be073c3502138ff095c2
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 14:52:23 2012 -0600

    Fix incorrect option name

commit 776976af31795bdf1b405e208a2d4b78a6b6c2cf
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:36:20 2012 -0600

    Add bap support to java_rhino

commit a611ab16e06bd324d6616d0bd69f2c09d671bca0
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:35:16 2012 -0600

    Put next_exploit on the window object so it's always in scope

    Solves some issues with Chrome not running more than one exploit

commit 5114d35de7c2f234ac7fe4288b344d4f2bb9731f
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 14:31:53 2012 -0600

    Pull common stuff up out of the body

commit 748309465a029593e2fe2fd445149745367513f4
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:04:03 2012 -0600

    Fix indentation level

commit 954d485e3b8ffea9a7451bd495c1956a098e0eda
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:02:42 2012 -0600

    Abstract out copy-pasted methods

    Need to do the same thing for OSX, but it's a different implementation.

commit cba8d7c911fb184f6358948022fd4a0e010878d0
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 18:04:50 2012 -0600

    Linux doesn't implement (drop|steal)_token

commit 1cfda3a7b045c08ecfae1ad688e0124e76bd0c8f
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 17:57:37 2012 -0600

    Add availability checks for net, sys, ui, and webcam

commit 4bdf39a8bf4b5aab293fc47cb8282d0346db0811
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 16:45:59 2012 -0600

    add requirement checking for fs and core commands

commit 42e35971c9f7348b57293b2b94a42dd0260ac7e4
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 21 17:20:59 2012 -0600

    Add a to_octal method that converts e.g. "A" to \0101

commit c3b9415a0a9e2b55b1effbaf2396e11f88301aaa
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 21 17:20:07 2012 -0600

    Don't use "echo -n"

    It's not portable

commit b0f3ceccfaedbeaf67fbbe76f1a0a9aec7b44548
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 20 17:01:10 2012 -0600

    Return a list of new commands after core_loadlib, java version

    Thanks mihi for the patch and the awesome responsiveness!

commit d65303e1b6458bd4b95138dc0d61e5354c4e8d3a
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 20 13:21:06 2012 -0600

    Make sure we have a response before doing stuff with it

commit 721001ead474a17d1a16de543f78b548879f5e7e
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 21:25:31 2012 -0600

    Add missing rmdir and mkdir protocol commands to PHP

    Now passes all the stdapi tests that it can
    	[*] Session type is meterpreter and platform is php/php
    	[+] should return a user id
    	[+] should return a sysinfo Hash
    	[-] FAILED: should return network interfaces
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
    	[-] FAILED: should have an interface that matches session_host
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
    	[-] FAILED: should return network routes
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_routes: Operation failed: 1
    	[+] should return the proper directory separator
    	[+] should return the current working directory
    	[+] should list files in the current directory
    	[+] should stat a directory
    	[+] should create and remove a dir
    	[+] should change directories
    	[+] should create and remove files
    	[+] should upload a file
    	[-] Passed: 10; Failed: 3

commit 024e99167a025f4678a707e1ee809a1524007d4d
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:26:00 2012 -0600

    Use a proper TLV type instead of a generic one

commit 1836d915cbe0bfd2f536a667e74d8d6a6ccee72a
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:24:25 2012 -0600

    Fix a counting error that caused segfaults (Linux)

commit 1e419d3fc392e435ae0af703561ce10bd5a45eb0
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:06:02 2012 -0600

    Return a list of new commands after core_loadlib

    Gets Windows back in sync with Linux

commit 3d3959f720de68e2f36ebfabe8196e01f98fe904
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 14:50:55 2012 -0600

    Refactor extensionList -> extension_commands

    It's not the same as extension_list.

commit a7acb638af803732fc5f3975e0c0632f427e0deb
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sun Mar 18 00:07:27 2012 -0500

    Massive whitespace cleanup

commit ef8b9fd5cea7db43860a5b88d7397ba84393ecd5
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 16:00:20 2012 -0500

    Add back enum_protections with some new changes

commit d778eec36953bb9bf4985e967ad2c119a1acd79b
Author: ohdae <bindshell@live.com>
Date:   Sat Mar 17 13:28:31 2012 -0400

    Added fix for enum_protections

commit 64611819d43bf13ab2d68f4353513c39e5a64fe0
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 03:14:26 2012 -0500

    A bunch of fixes

commit bb1a0205d73e75a61a8fbf5ff6440dd09f9780f9
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:28:05 2012 -0500

    The comments in get_chatlogs need an update

commit 666477e42a734f3120dcc4282b01b5ab5819384a
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:25:41 2012 -0500

    Correct license format

commit 3c8eecbcd7b952abaca0b1ce14dca41e1d4cabb7
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:22:03 2012 -0500

    Add enum_adium.rb post module

commit d290cf4fef1309df9a1af748e7c6c259a6788576
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 16:54:36 2012 -0300

    Changed store_note to store_loot. Fixed local/remote file retrieval

commit ccb830b594ea0f0a8ce7c29b24f2f137ecfd5c4c
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 11:29:07 2012 -0600

    Fall back to MIB method if we can't get netmasks

    Misses IPv6 addresses, but at least doesn't break everything.

    [Fixes #6525]

commit a9a30232dd5fcc0854c10b4d58df8511a23f3091
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Fri Mar 16 11:49:31 2012 -0500

    This module is not ready, yanked.

commit 6bb34f7fd0785d31902f1edc938a6b05b91a1495
Author: Gregory Man <man.gregory@gmail.com>
Date:   Fri Mar 16 18:09:08 2012 +0200

    sockso_traversal 1.8 compatibility fix

commit e76965ce565a8ae634dc0d3c743542f1a6d977d7
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 09:17:35 2012 -0400

    fix

commit 61ce7b587de54363f7071bc19df5a29eb29e9aa7
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 09:14:48 2012 -0400

    saves each config to loot instead of notes

commit f4713974fa82d8b13017cb0817b5fd36696194d9
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 03:46:10 2012 -0600

    Check for a 0 prefix length

    If the OnLinkPrefixLength is 0, something is wrong, try the value in the
    prefix linked list.  Appears to fix v4 addresses on XP but not 2k3.

    [See #6525]

commit cde7fcc012e04880f2faa28226a1fc5834a2e3d5
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 01:46:41 2012 -0600

    Return network prefixes when available

    Solves #6525 on Vista+.  Win2k still works using the old MIB method
    (which doesn't support ipv6).  Win2k3 and XP are still busted for
    unknown reasons.

commit 98bd9a7bd09149f524ebbe1501ec916bf99b078d
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 22:59:42 2012 -0400

    Enumerate important and interesting configuration files

commit 9336df2ac28ee2df10a0e66e7006df3d23493492
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Thu Mar 15 19:06:48 2012 -0500

    More Virtualisation SSL fixes

commit f24c378281ee6c85f687d4823f09ef5848812daf
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Thu Mar 15 18:15:29 2012 -0500

    Default SSL to true for esx_fingerprint module

commit d6e14c42120df0fd16b79709ac5723d0e2818810
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 15:56:24 2012 -0500

    Fix typo

commit b24dcfe43e625740ec8a1465f33be02f7ec40162
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 15:55:54 2012 -0500

    Add sockso dir traversal

commit 033052c1e075fcf43e9c17e5ee4a5006247cb375
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 15 14:31:25 2012 -0600

    Fix syntax error in 1.8, thanks Jun Koi for the patch

commit 4529efaeaa22e52c9c7c1528c68efb60af8af729
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 14:27:40 2012 -0500

    enum_protections is now find_apps

commit 49e823802bd8f2cb1940545e74db04f3788352d1
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 14:22:23 2012 -0500

    File rename, as well as design and cosmetic changes

commit ccf6b011145cf9db444f7e2d3fb3ec61738e88cb
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 15:29:52 2012 -0300

    added report_note, removed store_loot function, cleaned up info/author

commit 27d571932e51afbac0c0fcd95c52f038786a9a28
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 12:18:29 2012 -0300

    fixed output newline issue

commit 5a828e35d1629dc68825fe7d9322d1316888f8d7
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:05:35 2012 -0300

    fixed save line

commit 805c2ee9871c076a8c0ac62b028a7942af70b6a5
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:02:07 2012 -0300

    removed unneeded comments

commit 5861e1512f2949c0d7848d9ebed8241277462085
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:00:55 2012 -0300

    fixed output issue

commit 593a3648111f1db1f56a410250539261c2a7cd9f
Author: ohdae <bindshell@live.com>
Date:   Wed Mar 14 18:26:53 2012 -0300

    removed unneeded dependency

commit 05053e6e74b0ac99bbd4005c40ecc3b1196fd13f
Author: ohdae <bindshell@live.com>
Date:   Wed Mar 14 13:30:16 2012 -0400

    locates installed 3rd part av, fws, etc

commit 5bf512d0e9d2b412c4107228db178a7078111443
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Wed Mar 14 16:50:54 2012 -0500

    Add OSVDB-79863 NetDecision Directory Traversal

commit 18715d0367f4ef01b5998d732043cbe224e1787e
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 23:03:01 2012 -0600

    Store the retrieved commands on the session

commit b752cb8b31fd8dcd221fb6caa483f6202bf5a4fd
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 22:45:16 2012 -0600

    Retrieve the list of new commands

    The client side doesn't do anything with them yet

commit 69ce8ef42d4089a0b26644bd4d6bebf57c4cfd50
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 22:41:16 2012 -0600

    Return a list of the new commands in response to core_loadlib

    Linux

commit 354c754aa4cce63ffebb4567f3bbfd621ffef46c
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 15:13:45 2012 -0600

    Whitespace at EOL

commit 4afcb4cb9da1921ede29b03b149433cc65d680da
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 14:30:09 2012 -0600

    Create instance methods that return extensions

    Before this change, meterpreter sessions would not #respond_to? their
    extensions despite having a pseudo-accessor for them:
    ```
    >> client.respond_to? :sys
    => false
    >> client.sys
    => #<Rex::Post::Meterpreter::ObjectAliases:0x0000000e263488 @aliases={"config"=>#<Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Config:0x0000000e268dc8 @client=#<Session:meterpreter 192.168.99.1:55882 (192.168.99.1) "uid=1000, gid=1000, euid=1000, egid=1000, suid=1000, sgid=1000 @ wpad">>, "process"=>#<Class:0x0000000e268d20>, "registry"=>#<Class:0x0000000e266da0>, "eventlog"=>#<Class:0x0000000e2654e8>, "power"=>#<Class:0x0000000e263c30>}>

    ```

    After:
    ```
    >> client.respond_to? :sys
    => true
    ```

commit 70ab8c018f67d15929b6f41322540837ab7b37c5
Merge: a8a3938 5f2bace
Author: James Lee <egypt@metasploit.com>
Date:   Tue Apr 3 11:46:25 2012 -0600

    Merge branch 'master' into bap-refactor

    Conflicts:
    	external/source/exploits/CVE-2012-0507/Help.java
    	external/source/exploits/CVE-2012-0507/Makefile
    	external/source/exploits/CVE-2012-0507/msf/x/Help.java
    	external/source/exploits/CVE-2012-0507/src/a/Exploit.java
    	external/source/exploits/CVE-2012-0507/src/a/Help.java

commit a8a393891588a8b5c18e3c2173f1cd9c2480b2d0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 20:20:21 2012 -0600

    Deal with null data/jar

    Not sure why "" turns into null sometimes, but it was breaking shells;
    this fixes it.

commit 5e5eb39d3ccb62a9fc006be8241cfb97723caa06
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:10:59 2012 -0600

    Prev commit moved these to src/a

commit 5074eadbea426fc4f83d6d165a01e640ef42b4de
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:08:32 2012 -0600

    Make building the jar for cve-2012-0507 a bit easier

    Mostly stolen from cve-2008-5353

commit bdb3fbe7fd19aa76b4069edca5a78c53fec668c0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 14:52:23 2012 -0600

    Fix incorrect option name

commit 78824ef60084510d3befe0ded6eed314d55eeb12
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 13:24:33 2012 -0600

    Add the detected browser version to the DOM

    Doing it this way lets modules grab the info a bit more easily.

commit 9813ccb8d6b14e0e728b8a13bacf59dd31b9c4b9
Merge: 0faa3f6 b5fc8e4
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 13:19:05 2012 -0600

    Merge branch 'master' into bap-refactor

commit 0faa3f65240c3a2b3ab0e72f4aeb2e9f50ed54ee
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:36:20 2012 -0600

    Add bap support to java_rhino

commit 66ca27f994e3b11c9c8adae85642820768158860
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:35:16 2012 -0600

    Put next_exploit on the window object so it's always in scope

    Solves some issues with Chrome not running more than one exploit

commit 7fc2ca1a0690c7a973307772aed42ab3514e1761
Merge: 325d306 e48c47e
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:10:54 2012 -0600

    Merge branch 'master' into bap-refactor

commit 325d3060599bc79674e93dd5f55a4e60061e9bdb
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 14:31:53 2012 -0600

    Pull common stuff up out of the body

commit 4f2b3260bf7f14f4d763625792adb0c3cfd1ed7c
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:04:03 2012 -0600

    Fix indentation level

commit 9b905c53b4d46beb86da8168a1c2c5b2da340f6d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:02:42 2012 -0600

    Abstract out copy-pasted methods

    Need to do the same thing for OSX, but it's a different implementation.
2012-05-15 17:00:02 -06:00
MM 55bb7abc89 Squashed commit of the following:
commit 2027502c5c1364161854794529738344dddb5c50
Author: MM <gaspmat@gmail.com>
Date:   Thu Mar 22 18:12:07 2012 +0100

    link type must be signed, because dlt_to_linktype can return -1

commit 86027ea77d36d36e39070a54eb5caf3d3490e2e9
Author: MM <gaspmat@gmail.com>
Date:   Wed Mar 21 16:03:58 2012 +0100

    enable sniffing on any type of interface

commit df6eef12147a294d7f198d057c27e87ed4ffbeb3
Author: MM <gaspmat@gmail.com>
Date:   Tue Mar 20 18:01:50 2012 +0100

    ps support for linux meterpreter

[Closes #254]
2012-05-15 16:58:18 -06:00
MM 5d7190e8cb Squashed commit of the following:
commit df6eef12147a294d7f198d057c27e87ed4ffbeb3
Author: MM <gaspmat@gmail.com>
Date:   Tue Mar 20 18:01:50 2012 +0100

    ps support for linux meterpreter

[Closes #250]
2012-05-15 16:57:17 -06:00
James Lee 406661f620 Better object for FF6 2012-05-15 16:42:53 -06:00
James Lee 740c493be2 Add a Windows Mobile fingerprint 2012-05-15 16:29:17 -06:00
James Lee 4acb627d13 Add more detections for newer Firefox
Object detections are not extensively tested, but everything came from
the "Firefox for developers" series of documents from
developer.mozilla.org; thanks to Artur Szymczak for prompting this
update.

[Fixes #6860]
2012-05-15 14:58:18 -06:00
James Lee ee84195bdb Add fingerprint for latest Ubuntu build 2012-05-15 13:09:13 -06:00
Brandon Perry c4052b3f6c add missing import methods? 2012-05-14 21:03:37 -05:00
Brandon Perry 1beaeb8e2f OpenVAS import functionality. See qa/sample_data for two openvas reports. 2012-05-14 18:40:08 -05:00
sinn3r 06b12bcd7d Merge pull request #385 from brandonprry/wapiti_report
Wapiti XML report import
2012-05-14 16:02:03 -07:00
HD Moore 3033838909 Correct reflective DLL references 2012-05-14 15:17:03 -05:00
root 5aeab77499 fix tabs that I missed in db.rb 2012-05-14 07:26:37 -07:00
root 99a5d1a7b5 fix :pname in the web_vuln_info hash to no include the parameter value 2012-05-13 14:43:02 -07:00
James Lee ecb106d714 throw is not the same as raise
Clearly this code never gets called.
2012-05-13 15:31:57 -06:00
root 2906686da1 forgot to git add db.rb. oops 2012-05-13 14:30:27 -07:00
root d5cec05cc3 fix tabs 2012-05-13 14:28:50 -07:00
root 253802761f Remove extraneous puts 2012-05-13 14:19:19 -07:00
root d0f49c1213 Finished! Importing wapiti now adds Mdm::WebVulns to the db.
However, I see no way to actually seeing the webvulns in framework
after importing the report.
2012-05-13 13:58:25 -07:00
Brandon Perry b0b72b05d5 Adding the beginning of the wapiti report import nokogiri document 2012-05-13 13:02:48 -05:00
Tod Beardsley 36c805c5ff Move the context setting to the module
Apparently you can't hit the framework object before running the module
any more. Bummer.

[Fixes #6843]
2012-05-10 21:21:32 -05:00
sinn3r 4f2226e3b9 Make sure vim_index_array is actually an array before doing the delete_if. Bug #6809 2012-05-04 11:26:03 -05:00
HD Moore bbca2c4649 Remove reference to missing dispatch_ninja 2012-05-01 10:31:18 -05:00
HD Moore a9dd2f49d7 Bump versions to 4.4.0-dev 2012-05-01 00:43:06 -05:00
HD Moore 0367b7b3f2 Fix a mangled merge that prevent imported vulns from being registered in some cases 2012-05-01 00:35:01 -05:00
David Maloney 82b8042d2d Fix an error condition with the afp server info module
Better exception handling is probably needed for the entire thing
2012-04-30 18:29:44 -05:00
sinn3r cc76438a75 Merge branch 'jlee-r7-http-print-standardization' 2012-04-25 15:38:46 -05:00
HD Moore a261adaaea Fix broken comparison 2012-04-23 23:06:52 -05:00
HD Moore 5282f9fd0a Update MDM 2012-04-23 22:21:13 -05:00
HD Moore 0e4593ce5b Purge the NoteSerializer and switch to Base64, have Base64 use the old format as well 2012-04-23 22:20:41 -05:00
HD Moore 0a0f5459b4 Version bump 2012-04-23 22:01:42 -05:00
HD Moore 3d24af8fd6 Add the fixed nokogiri gems (corrected rpath) 2012-04-23 19:00:10 -05:00
David Maloney 680e92968a Fixes some msyql issues by forcing read/write timepouts on the
connection object
Fixes #6297
2012-04-23 18:44:14 -05:00
HD Moore 206018c8a3 Patched with a small tweak to avoid a raise 2012-04-23 14:58:25 -05:00
HD Moore a0815223e8 Patch this with a newer/manually built extension 2012-04-23 13:41:56 -05:00
HD Moore efc589c1e2 Fix up Net::HTTP usage so that it works with newer ruby as well 2012-04-23 03:53:50 -05:00
HD Moore a1f9d2c27a Bump up the wait_timeout (works with the recent AR patch) and fix a typo in the http_version commit 2012-04-23 02:44:56 -05:00
HD Moore a6787106a5 This ports two active_record patches over that deal with database thread pooling 2012-04-23 02:37:47 -05:00
HD Moore 5302c83db9 Remove extranenous .so files (ext not lib) 2012-04-22 21:30:05 -05:00
James Lee 6cb0fe9fbf Use the framework thread spawner instead of Rex
Not sure why this was Rex before, changed for consistency and to avail
of the ActiveRecord connection release code recently added to the
framework version.
2012-04-20 01:13:12 -06:00
James Lee 6d0e4fba5e Go ahead and wrap the db commands as well.
Most of this probably isn't necessary, but better safe than sorry.
2012-04-19 23:53:00 -06:00
James Lee 29e01760f0 Wrap more database usage in with_connection block 2012-04-19 23:51:20 -06:00
James Lee d79f8b0492 Add with_connection wrappers to the database rpc calls
Certainly not all of these methods require a connection, but it is
better to check one out when we don't need it than to risk grabbing an
implicit connection that will never be handed back to the pool.
2012-04-19 22:58:24 -06:00
David Maloney 5db3e5aa34 Fixes some issues with the nexpose integration library
Should now work for all cases
2012-04-19 23:04:14 -05:00
James Lee 06b3ed2e13 Add with_connection wrappers to the methods I missed 2012-04-19 15:45:23 -06:00
James Lee 876c59b192 Make use of the new ActiveRecord 3.x concurrency contract
All Database usage must go through framework.db (which should have been
the case before, anyways) or explicitly checkout and checkin a
connection.  Failure to do so causes thread starvation and bizarre
random failures when attempting to use the database.

This commit also explicitly releases database connections at the end of
all threads created via framework.threads.spawn, which should alleviate
Deprecation Warning messages from ActiveRecord.

[Fixes #6613]
2012-04-19 14:21:21 -06:00
Tod Beardsley 8edf3fc8bd Service info shouldn't be blanked if it exists.
Check service.info at the end of reporting a service instead of the
beginning. This will preserve an existing service info in the event
we're re-reporting a service.

[See #6701]
2012-04-19 09:47:41 -05:00
James Lee 1f577b24b2 Merge branch 'rapid7' into http-print-standardization 2012-04-18 08:51:42 -06:00
James Lee f9b2fe89b2 Merge branch 'rapid7' into http-print-standardization
Conflicts:
	modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb
	modules/exploits/windows/browser/apple_quicktime_rtsp.rb
	modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
2012-04-17 19:15:06 -06:00
James Lee 741de34d92 Add a :method property for autopwn_info
Replaces the previous overloading of :vuln_test
2012-04-17 18:32:11 -06:00
James Lee eedf4520be Merge branch 'rapid7' into bap-refactor 2012-04-17 16:20:11 -06:00
James Lee c83f2460c5 Use framework's db wrapper instead of Mdm directly 2012-04-17 16:12:25 -06:00
Tod Beardsley 2aba65f82d Fixes importing metasploit.xml exports with tags.
New Rails3 magic now actually exercised.
2012-04-17 01:06:40 -05:00
James Lee c3a86eef66 Declare warn_about_rubies as a class method
Since that's how it's being called.  Also, define it before calling it.
2012-04-16 23:25:04 -06:00
James Lee 3116f66d4d MDM update
[Fixes #6649]
2012-04-16 23:22:57 -06:00
James Lee cdd130d7ad Fix an overzealous refactoring change
::Mdm::Export doesn't exist, Export is a utility class under
::Msf::DBManager.

[Fixes #6647]
2012-04-16 21:53:05 -06:00
HD Moore 12102b9adc Close any open connections if the thread happens to have one when it finishes.
Partial bandaid for new AR pool mgmt methods
2012-04-16 21:50:26 -05:00
Tod Beardsley 362e80dc41 Warn about incompatible Rubies.
Also encourage users to use RVM to upgrade, because RVM is the
awesomest.
2012-04-16 21:13:31 -05:00
Tod Beardsley 27ed06f8e0 Use an exponential function for session grabbing
Ensures that the retries have a backoff time, not just 10 half second
pauses. Makes for a more forgiving environment for post modules.

[See #6638]
2012-04-16 20:56:55 -05:00
James Lee bea5d04871 Whitespace and rdoc cleanup 2012-04-16 19:34:21 -06:00
HD Moore e0dcf85a0e Cleanup overall, fix issue with ambiguous id column in order clause 2012-04-16 17:41:39 -05:00
James Lee 4181fd9709 Add support for EXE::Custom in EncodedPayload#encoded_exe
Fixes an issue with java_signed_applet (and probably others) not
honoring EXE::Custom settings.
2012-04-16 12:09:25 -06:00
James Lee 57ecc29b31 Add a rand_guid method for generating GUIDs 2012-04-16 12:09:25 -06:00
Tod Beardsley ef762c5d57 Delete files locally, not over RPC.
In the event we're just msfconsole.
2012-04-16 11:39:59 -05:00
Tod Beardsley 4b943c8769 RPC calls in the models should be wrapped
Sometimes we're not talking RPC, and the model shouldn't stack trace in
those cases.
2012-04-16 11:03:23 -05:00
Tod Beardsley 4bcbdc54c9 Cutting over rails3 to master.
This switches the Metasploit Framework to a Rails 3 backend. If you run
into new problems (especially around Active Record or your postgresql
gem) you should try first updating your Ruby installation to 1.9.3 and
use a more recent 'pg' gem.

If that fails, we'd love to see your bug report (just drop all the
detail you can into an issue on GitHub). In the meantime, you can
checkout the rails2 branch, which was branched from master immediately
before this cutover.

Squashed commit of the following:

commit 5802ec851580341c6717dfea529027c12678d35f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:12 2012 -0500

    Enable MSF_BUNDLE_GEMS mode by default (set to N/F/0 to disable)

commit 8102f98dce9eb0c73c4374e40dce09af7b51d060
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:03 2012 -0500

    Add a method to expand win32 file paths

commit bda6479d154cf75572dd5de8b66bfde661a55de9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:53:44 2012 -0500

    Fix 1.8.x compatibility

commit 101ce4eb17bfdf755ef8c0a5198174668b6cd6fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:40:59 2012 -0500

    Use verbose instead of stringio

commit 5db467ffb593488285576d183b1662093e454b3e
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:30:06 2012 -0500

    Hide the iconv warning, were stuck with it due to EBCDIC support

commit 63b9cb20eb6a61daf4effb4c8d2761c16ff0c4e0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:29:58 2012 -0500

    Dont use GEM_HOME by default

commit ca49271c22c314a4465fff934334df18c704cbc0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:23:34 2012 -0500

    Move Gemfile to root (there be dragons, lets find them) and catch failed bundler loads

commit 34af04076a068e9f60c5526045ddbba5fca359fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:18:29 2012 -0500

    Fallback to bundler when not running inside of a installer env

commit ed1066a4f3f12fae7d4afc03eb1ab70ffe2f9cf3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 16:26:55 2012 -0500

    Remove a mess of gems that were not actually required

commit 21290a73926809e9049a59359449168f740d13d2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:59:10 2012 -0500

    Hack around a gem() call that is well-intentioned but an obstacle in this case

commit 8e414a8bfab9641c81088d22f73033be5b37a700
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 15:06:08 2012 -0500

    Ruby, come on. Ducktype this. Please.

    Use interpolated strings to get the to_s behavior you don't get with
    just plussing.

commit 0fa92c58750f8f84edbecfaab72cd2da5062743f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:05:42 2012 -0500

    Add new eventmachine/thin gems

commit 819d5e7d45e0a16741d3852df3ed110b4d7abc44
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:01:18 2012 -0500

    Purge (reimport in a second)

commit ea6f3f6c434537ca15b6c6674e31081e27ce7f86
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:54:42 2012 -0500

    Cleanup uncessary .so files (ext vs lib)

commit d219330a3cc563e9da9f01fade016c9ed8cda21c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:53:02 2012 -0500

    PG gems built against the older installation environment

commit d6e590cfa331ae7b25313ff1471c6148a6b36f3b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:06:35 2012 -0500

    Rename to include the version

commit a893de222b97ce1222a55324f1811b0262aae2d0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:56:47 2012 -0500

    Detect older installation environments and load the arch-lib directories into the search path

commit 6444bba0a421921e2ebe2df2323277a586f9736f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:49:25 2012 -0500

    Merge in windows gems

commit 95efbcfde220917bc7ee08e6083d7b383240d185
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 13:49:33 2012 -0500

    Report_vuln shouldn't use :include in finder

    find_or_create_by doesn't take :include as a param.

commit c5f99eb87f0874ef7d32fa42828841c9a714b787
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:44:09 2012 -0500

    One more msised Mdm namespace issue

commit 2184e2bbc3dd9b0993e8f21d2811a65a0c694d68
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:33:41 2012 -0500

    Fixes some mroe Mdm namespace confusion
    Fixes #6626

commit 10cee17f391f398bb2be3409137ff7348c7a66ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:40:44 2012 -0500

    Add robots gem (required by webscan)

commit 327e674c83850101364c9cca8f8d16da1de3dfb5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:39:05 2012 -0500

    Fix missing error checks

commit a5a24641866e47e611d7636a3f19ba3b3ed10ac5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 01:15:37 2012 -0500

    Reorder requires and add a method for injecting a new migration path

commit 250a5fa5ae8cb05807af022aa4168907772c15f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:56:09 2012 -0500

    Remove missing constant (use string) and add gemcache cleaner

commit 37ad6063fce0a41dddedb857fa49aa2c4834a508
Merge: d47ee82 4be0361
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 00:40:16 2012 -0500

    Merge branch 'master-clone' into rails3-clone

commit d47ee82ad7e66de53dd3d3a65649cc37299a2479
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:30:03 2012 -0500

    cleanup leftovers from gems

commit 6d883b5aa8a3a7ddbcde5bfd4521d57c5b30d3c2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:25:47 2012 -0500

    MDM update with purged DBSave module

commit 71e4f2d81f6da221b76150562a16c730888f5925
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:37 2012 -0500

    Add new mdm

commit 651cd5adac8211d65e0c8079371d8264e549533a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:13 2012 -0500

    Update mdm

commit 0191a8bd0acec30ddb2a9e9c291111a12378537f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 22:30:40 2012 -0500

    This fixes numerous cases of missed Mdm:: prefixes on db objects

commit a2a9bb3f2148622c135663dead80b3367b6f7695
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:30:18 2012 -0500

    Add eventmachine

commit 301ddeb12b906ed3c508613ca894347bedc3b499
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:18:12 2012 -0500

    A nicer error for folks who need to upgrade pg

commit fa6bde1e67b12e2d3d9978f59bbc98e0c1a1a707
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:54:55 2012 -0500

    Remove bundler requirements

commit 2e3ab9ed211303f1116e602b9a450141b71e56a4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:35:38 2012 -0500

    Pull in eventmachine with actual .so's this time

commit 901fb33ff6b754ce2c2cfd51e3b0b669f6ec600b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:19:12 2012 -0500

    Update deps, still need to add eventmachine

commit 6b0e17068e8caa0601f3ef81e8dbdb672758fcbe
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 13:07:06 2012 -0500

    Handle older installer environments and only allow binary gems when the
    environment specifically asks for it

commit b98eb7873a6342834840424699caa414a5cb172a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 04:05:13 2012 -0500

    Bump version to -testing

commit 6ac508c4ba3fdc278aaf8cfe2c58d01de3395431
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:25:09 2012 -0500

    Remove msf3 subdir

commit a27dac5067635a95b4cbb773df1985f2a2dc2c5a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:24:39 2012 -0500

    Remove the old busted external

commit 5fb5a0fc642b6c301934c319db854cc3145427a1
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:03:10 2012 -0500

    Add the gemcache loader

commit 09e2d89dfd09b9ac0c123fcc4e19816c86725627
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:02:23 2012 -0500

    Purge gemfile/bundler configure in exchange for new gemcache setup

commit 3cc0264e1cfb027b515d7f24b95a74b023bd905c
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Apr 12 14:11:45 2012 -0500

    Mode change on modicon_ladder.apx

commit c18b3d56efd639e461137acdc76b4b283fe978d4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Thu Apr 12 01:38:56 2012 -0500

    The go faster button

commit ca2a67d51d6d4c7c3ca2e745f8b018279aef668a
Merge: 674ee09 b8129f9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 15:50:33 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Picking up Packetfu upstream changes, all pretty minor

commit 674ee097ab8a6bc9608bf377479ccd0b87e7302b
Merge: e9513e5 a26e844
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 13:57:26 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Conflicts:
    	lib/msf/core/handler/reverse_http.rb
    	lib/msf/core/handler/reverse_https.rb
    	modules/auxiliary/scanner/discovery/udp_probe.rb
    	modules/auxiliary/scanner/discovery/udp_sweep.rb

    Resolved conflicts with the reverse_http handlers and the udp probe /
    scanners byt favoring the more recent changes (which happened to be the
    intent anyway). The reverse_http and reverse_https changes were mine so
    I know what the intent was, and @dmaloney-r7 changed udp_probe and
    udp_sweep to use pcAnywhere_stat instead of merely pcAnywhere, so the
    intent is clear there as well.

commit e9513e54f984fdb100c13b44a1724246779ccb76
Author: David Maloney <dmaloney@melodie.gateway.2wire.net>
Date:   Fri Apr 6 18:21:46 2012 -0500

    Some fixes to how services get reported to prevent issues with the web interface

commit adeb44e9aaf1a329a0e587d2b26e678398730422
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Apr 2 15:39:46 2012 -0500

    Some corrections to pcAnywhere discovery modules to distinguish between the two services

commit b13900176484fea8f5217a2ef925ae2ad9b7af47
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Mar 31 12:03:21 2012 -0500

    Enable additional migration-path parameters, use a temporary directory to bring the database online

commit 526b4c56883f461417f71269404faef38639917c
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Mar 28 23:24:56 2012 -0500

    A bunch of Mdsm fixes for .kind_of? calls, to make sure we ponit to the right place

commit 2cf3143370af808637d164ce59400605300f922c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 16:22:09 2012 -0500

    Check for ruby 2.0 as well as 1.9 for encoding override

commit 4d0f51b76d89f00f7acbce6b1f00dc6e4c4545ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:36:04 2012 -0500

    Remove debug statement

commit f5d2335e7745aa1a354f4d6c8fc9d0b3876c472a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:01:55 2012 -0500

    Be explicit about the Mdm namespace

commit bc8be225606d6ea38dd2a85ab4310c1c181a94ee
Author: hdm <hdm@hypo.(none)>
Date:   Mon Mar 26 11:49:51 2012 -0500

    Precalculate some uri strings in case the 1000-round generation fails

commit 4254f419723349ffb93e4aebdaeabbd7d66bf8c0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Sat Mar 24 14:03:44 2012 -0500

    Removed some non-namespaced calls to Host

commit c8190e1bb8ad365fb0d7a1c4a9173e6c739be85c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:37:00 2012 -0500

    Purge the rvmrc, this is causing major headaches

commit 76df18588917b7150a3bedf2569710a80bab51f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:31:52 2012 -0500

    Switch .rvmrc to the shipping 1.9.3 version

commit 7124971d0032b268f4ddf89aca125f15e284f345
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Mar 12 16:56:40 2012 -0500

    Adds mixin for looking up Mime Types by extension

commit b7ca8353164c43db6bacb2f3f16afa1269f66e43
Merge: a0b0c75 6b9a219
Author: Matt Buck <techpeace@gmail.com>
Date:   Tue Mar 6 19:38:53 2012 -0600

    Merge from develop.

commit a0b0c7528d2b8fabb76b2246a15004bc89239cf0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Mar 6 11:08:59 2012 -0600

    Somehow migration file is new?

commit 84d2b3cb1ad6290413c3ea3222ddf9932270b105
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Feb 29 16:38:55 2012 -0600

    Added ability to specify headers to redirects in http server

commit e50d27cda83872c616722adb03dc1a6a5e685405
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Feb 4 04:44:50 2012 -0600

    Tweak the event dispatcher to enable customer events without a category
    and trigger http request events from the main exploit mixin.
    Experimental

commit 0e4fd2040df49df2e6cb0e8d2c6240a03d108033
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Thu Feb 2 22:09:05 2012 -0600

    Change Msm -> Mdm in migrations. This is what was preventing migrations from finishing on first boot.

commit c94a2961d04eee84adfd42bb01ed7a3e3846b83a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:48:48 2012 -0600

    Changed Gemfile to use new gem name

commit 245c2063f06b4fddbfc607d243796669ef236136
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:47:42 2012 -0600

    Did find/replace for final namespace of Mdm

commit 6ed9bf8430b555dcbe62daeddb2f33bd400ab5bc
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 24 10:47:44 2012 -0600

    Fix a bunch of namespace issues

commit 2fe08d9e4226c27e78d07a00178c58f528cbc72e
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:37 2012 -0600

    Update Msm contstants in migrations for initial DB builds.

commit 4cc6b8fb0440c6258bf70de77a9153468fea4ea5
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:25 2012 -0600

    Update Gemfile.lock.

commit 1cc655b678f0a054a9a783da119237fe3f67faa4
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Thu Jan 19 11:48:29 2012 -0600

    Errant Workspaces needed namespace

commit 607a78285582c530a68985add33ccf4d899c467a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 15:44:02 2012 -0600

    Refactored all models to use the new namespace

    * Every model using DBManager::* namespace is now Msm namespace
    * Almost all of this in msf/base/core
    * Some in modules

commit a690cd959b3560fa2284975ca7ecca10c228fb05
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 13:41:44 2012 -0600

    Move bundler setup

commit dae115cc8f7619ca7a827123079cb67fb4d9354b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 15:51:07 2012 -0600

    Moved ActiveSupport dep to gem

commit d32f8edb6e7f82079b775ffbc2b9a405d1f32b3b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 14:40:05 2012 -0600

    Removed model require file

commit d0c74cff8c44771e566ec63b03eda10d03b25c42
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 16:06:10 2012 -0600

    Update some more finds

commit 4eb79ea6b58b74c309ab1f1bb0bd35fe9041de46
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 14:21:15 2012 -0600

    Yet another dumb commit

commit a75febcb593d52fdfe930306b4275829759d81d1
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Thu Dec 29 19:20:51 2011 -0600

    Fixing deletion

commit dc139ff2fdfc4e7cdee3901dfb863e70913d6b92
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Wed Dec 7 17:06:45 2011 -0600

    Fixed erroneous commit

commit 531c1e611cf4d23aeb9c48350dabf7630d662d25
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Mon Nov 21 16:11:35 2011 -0600

    Remove AR patch stuff; attempting to debug non-connection between MSF and Pro

commit 458611224189c7aa27e500aabd373d85dc2dc5c0
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Fri Nov 18 16:17:27 2011 -0600

    Drop ActiveRecord/ActiveSupport in preparation for upgrade
2012-04-15 23:35:38 -05:00
HD Moore 91e8c713f2 The go faster button 2012-04-12 01:39:18 -05:00
James Lee 8ee0a5533c Fix a NoMethodError on nil when cat'ing a file in meterpreter
Thanks, mihi for the report.
2012-04-11 11:46:52 -06:00
James Lee 627ae308b3 Couple of small rdoc cleanups 2012-04-11 11:45:48 -06:00
James Lee a86bdf883e Add defaults to the print_* method arguments
Fixes breakage with modules that use print_line() or similar.

This commit also includes some RDoc additions and markup fixes
2012-04-11 00:14:03 -06:00
James Lee 3ad3caf450 Save the connecting client in thread-local storage
Allows print_* overrides to show it when it's available.
2012-04-10 23:21:55 -06:00
James Lee 28534d5f6e Merge branch 'rapid7' into bap-refactor 2012-04-10 12:42:27 -06:00
James Lee e7809b1b3b Remove print_status line from db.rb
Not defined in that context, causes stack traces on db_import
2012-04-10 11:07:23 -06:00
Tod Beardsley 366cb2ff08 Merge branch 'egypt-packetwise'
Added in the upstream PacketFu changes and this all looks good for the
importer. Thanks!
2012-04-09 15:59:33 -05:00
Tod Beardsley b8129f9463 Updating PacketFu to match upstream 2012-04-09 15:47:21 -05:00
sinn3r 71d2ef71f8 Don't want to print vuln.info if it's nil 2012-04-09 15:38:02 -05:00
sinn3r ab5a4beb99 Merge branch 'andurin-5837' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-andurin-5837 2012-04-09 15:18:55 -05:00
James Lee c19a4d7a23 Put final detection results on window.os_detect object
Makes it easier to grab results from within a module without having to
run the detection again.  I thought I had committed something like this
before, I wonder what other code I've lost...
2012-04-09 14:08:35 -06:00
sinn3r bef12478fc Merge branch 'bap-refactor' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bap-refactor 2012-04-09 09:58:22 -05:00
James Lee b58a87b7a8 Skip ::1 as well as 127.0.0.1 for session_host
Thanks rsmudge for pointing this out.

[Fixes #6599]
2012-04-08 14:58:39 -06:00
James Lee 9ae9509cfe More fingerprints from browsershots 2012-04-08 11:12:32 -06:00
sinn3r c6162bbe08 I've changed my mind. Default to "/" anyway even if it's nil. 2012-04-07 19:47:28 -05:00
sinn3r cfb34739f9 Actually, let's default to "/" only if the TARGETURI option is empty. If it's nil, we prefer to throw the exception at the user. 2012-04-07 19:44:34 -05:00
sinn3r 9a229dfcff Make target_uri default to "/" in case the TARGETURI option is nil or empty 2012-04-07 19:43:19 -05:00
James Lee bac6bcd6f1 More fingerprints from browsershots 2012-04-06 18:41:14 -06:00
James Lee 31e3eb7d91 Merge branch 'rapid7' into bap-refactor 2012-04-06 18:12:49 -06:00
James Lee bb4e37b7aa Add a few fingerprints. Thanks browsershots.org! 2012-04-06 18:09:19 -06:00
andurin 274404716f Show vuln.info on db_vuln command
IssueID #5837
2012-04-06 14:47:36 +02:00
HD Moore 0f7b08781f Fix regular expression match number 2012-04-05 12:55:54 -05:00
James Lee 585245501a Print an error when trying to open a dir as a file
Prevents unnecessary stack traces
2012-04-05 11:49:03 -06:00
James Lee 2c992c976d Cut session info at 80 columns
Prevents a long "id" line from destroying the layout
2012-04-05 11:07:42 -06:00
sinn3r 8628991b1d Merge pull request #305 from jlee-r7/bap-refactor
Bap refactor
2012-04-05 08:02:43 -07:00
James Lee 778fed9a19 Put things in the right namespace 2012-04-05 01:22:27 -06:00
James Lee 0ddfa79a34 Move javascriptosdetect out to its own file
Allows editors to easily highlight correctly which makes editing a
little nicer. Also makes it easier to debug because line numbers are
only off by the length of the custom_js argument.
2012-04-04 17:07:17 -06:00
sinn3r 57c22a50fa Merge pull request #296 from allfro/patch-1
rpc_loots method uses the wrong iteration variable ('n' instead of 'l')
2012-04-04 13:58:18 -07:00
James Lee 32654b3578 Whitespace at EOL 2012-04-04 09:41:50 -06:00
James Lee e901f9cc50 Add a couple of fingerprints and sort some
This is in terrible need of some more crowd-sourced fingerprint
gathering.
2012-04-03 18:18:32 -06:00
allfro bed6e06e0a Error in tag. Should be :updated_at instead of :modified_at. 2012-04-03 14:52:45 -03:00
James Lee 32b1e22d25 Revert "Update packetfu to 1.1.4"
This reverts commit 24e6131ad7.
2012-04-03 10:28:22 -06:00
James Lee 04858220f2 Don't read in the whole pcap file when importing
Still not amazingly fast (about 500 packets per second in my tests), but
now it won't eat all your ram and start crashing things when given a
large file. Requires an upgrade to PacketFu containing pull request 5.
2012-04-03 10:22:36 -06:00
allfro 60fa58c9cf rpc_loots method uses the wrong iteration variable ('n' instead of 'l') for service.port and service:
n.service.port should be l.service.port
n.service should be l.service
2012-04-03 13:10:10 -03:00
Brandon Perry 4a3d2a18de hard tabs 2012-04-02 21:42:51 -05:00
Brandon Perry a4d9e59934 silly registry typos 2012-04-02 21:33:01 -05:00
Jonathan Cran 9dbd5e87fd move the lab code to a gem, and make sure the plugin warns users to install the gem 2012-04-02 16:00:43 -05:00
James Lee 24e6131ad7 Update packetfu to 1.1.4 2012-04-01 20:00:17 -06:00
HD Moore afe3168a36 Enable additional migration-path parameters, use a temporary directory to bring the database online
Conflicts:

	lib/msf/core/db_manager.rb
2012-03-31 12:05:54 -05:00
James Lee 62a54e0ad6 Account for stagers that use Assembly
Since staged payloads end up with an array of architectures, this was
failing to find a cpu and causing uncaught exceptions that crashed
msfconsole at startup. This only occurred when a stager contained an
Assembly directive. None of the default paylaods do this, so users
should generally not have been affected.
2012-03-30 17:57:56 -06:00
James Lee 11a1ae3a8d Typo in a comment 2012-03-30 16:30:13 -06:00
Tod Beardsley bd4819e8f2 Merge pull request #238 from mak/linux-x64-find-port
linux/x64/shell_find_port payload
2012-03-29 05:54:54 -07:00
Michael Schierl 016ba1613d fix generating war files for Java payloads from within msfconsole
This fixes this use case:
use payload/java/meterpreter/reverse_tcp
generate -t war -f filename.war
2012-03-28 14:02:46 -06:00
James Lee e522b40465 Make sure session.target_host gets resolved
Not sure why this isn't already resolved when we read it out of the
datastore.  May have something to do with the recent options madness.

[Fixes #6567]
2012-03-28 13:44:23 -06:00
Tod Beardsley b1683c94ef Merge pull request #281 from jlee-r7/module-tests
Module tests
2012-03-27 10:23:20 -07:00
James Lee 812457fed0 Rename enum_user_dirs 2012-03-27 10:52:16 -06:00
Tod Beardsley a0f0aadad3 Fixing checksum uri generator again.
This time, it's ensured that generate_uri_checksum(sum) will succeed,
provided the sum is an even number between 80 and 100 (tested)

It's still not great for arbitrary checksum targets, but that's because
there are lots of strings that cannot satisfy the requirement. I kind of
think this is the fault of Rex.
2012-03-27 08:34:52 -05:00
HD Moore ad92eff66c Correct an issue where launched exploits only used saved configurations 2012-03-26 22:43:33 -05:00
Tod Beardsley eb9b92268e Merge pull request #257 from ChrisJohnRiley/base32
Added a Rex library for encoding to/from Base32, based on Samuel Tesla's free Ruby implementation.
2012-03-26 17:34:19 -07:00
James Lee 98882621c0 Allow empty values for OptRegexp options 2012-03-26 17:06:43 -06:00
James Lee 84197a8903 Return a proper value instead of a silly print 2012-03-26 15:40:43 -06:00
Tod Beardsley 5cacf5f8f6 A still cleaner checksummed URI generator
Now with http and https support.
2012-03-26 12:34:30 -05:00
Tod Beardsley 899c6529c3 Revert "Precalculate some uri strings in case the 1000-round generation fails"
This reverts commit 7161a548f4.

Prepping for a more sane solution that doesn't change the URI sizes and
succeeds without fallingback to a pre-generated list.
2012-03-26 12:34:30 -05:00
hdm 27d3f490f7 Precalculate some uri strings in case the 1000-round generation fails 2012-03-26 12:33:54 -05:00
Tod Beardsley 9fad028d8a A nicer checksum fixer
Just use a checksum digit like a cc#, no need for precalculated lists,
will be correct every time.
2012-03-26 11:59:29 -05:00
Tod Beardsley b2b2580dbf Adding the correct url for exploit-db exploits. 2012-03-22 14:26:46 -05:00
Tod Beardsley c589420f42 Typo fix, missing comma 2012-03-21 16:43:21 -05:00
Tod Beardsley 75785a8b9f Got tired of writing out Exploit-DB identifiers
There are 143 modules with exploit-db references, may as well make them
easier to write and find. This change introduces the EDB identifier.
2012-03-21 16:43:21 -05:00
Chris John Riley b49b947b9a Added Base32 Support 2012-03-21 22:02:46 +01:00
James Lee bba98136b6 Clarify the driver situation a bit
Tell the user what's really going on instead of what was going on before
4.2 was released and we still supported databases other than postgres.
2012-03-19 21:13:49 -06:00
Tod Beardsley e938f24267 Update Spiceworks importer to use CSV, keep info
Instead of data.each, use the stdlib CSV importer. This will avoid
accidentally splitting on ',' characters at a minimum.

If the device has a serial number and/or a location, keep that and
reflect it in the info.
2012-03-19 12:45:25 -05:00
James Lee d25756976c Add a binary-safe method for writing files on unix shell sessions
Also some tests for doing so, all of which pass on Linux, Windows, and
Java meterpreter, as well as shell sessions on Linux and Solaris. They
will fail miserably on Windows shell sessions.
2012-03-19 01:10:23 -06:00
James Lee 66727043f9 Add an inspect method that doesn't print the entire buffer
Also cleans up some whitespace
2012-03-19 01:10:23 -06:00
James Lee 14fdde67ab Use a proper mode for appending 2012-03-16 17:18:44 -06:00
James Lee 47ce05cc27 Add a couple methods and some tests for Post::File 2012-03-16 16:27:06 -06:00
James Lee 6754bccf78 Use `#session_compatible?` instead of looping through `#compatible_sessions` 2012-03-16 12:12:08 -06:00
James Lee 65b92efe8c Fix an ancient syntax fail 2012-03-16 02:03:54 -06:00
James Lee 9aaf6af072 Return network prefixes when available
Solves #6525 on Vista+.  Win2k still works using the old MIB method
(which doesn't support ipv6).  Win2k3 and XP are still busted for
unknown reasons.
2012-03-16 01:50:26 -06:00
James Lee 916f23fe4e Add IPv6 support for bit2netmask 2012-03-16 01:50:26 -06:00
James Lee a3db547c76 Justify TLVs to be a little easier to read 2012-03-16 01:50:26 -06:00
David Maloney 6011da7db8 More Virtualisation SSL fixes 2012-03-15 19:06:48 -05:00
James Lee 6895ff9cbb Whitespace at EOL 2012-03-14 21:42:00 -06:00
James Lee 9d563d4d9e Pastographical error 2012-03-14 21:41:14 -06:00
Maciej Kotowicz f91b894375 added posibilities for generating payload from asm to more arch's
added linux/x64/shell_find_port payload
2012-03-14 22:39:56 +01:00
James Lee 2c34b7d599 Alias `ifconfig` to `ipconfig`
This has bugged me for *years*.
2012-03-14 11:07:31 -06:00
James Lee 40e1cafd6e Remove extraneous debug print 2012-03-14 11:07:31 -06:00
gaspmat@gmail.com 248a73a73c change sniffer behaviour when stopping capture. workaround if pcap_findalldev fails 2012-03-14 11:07:31 -06:00
sinn3r 46da36d3a0 Fix bug: undefined method `size' for nil:NilClass (Bug #6526) by Raphael 2012-03-14 11:49:49 -05:00
David Maloney 5a69c896fc Fixes #6465
Properly imports vulnerability titles from Qualys Scan Reports
2012-03-13 16:45:55 -05:00
James Lee 6cfb3ff4fc Comment out extension TLV types
I suspect this is a load order issue where sometimes the extension's TLV
types are defined before hitting this and sometimes aren't.
Nevertheless, pretty printing a TLV is not worth breaking all the
payloads.
2012-03-13 14:08:58 -06:00