9e2a1b6d52
Allow channel -k as a synonym for -c
...
Makes it consistent with "jobs", "sessions", and "threads" commands in
msfconsole. Because I keep using the wrong thing and being confused
about why it doesn't work.
2012-03-02 15:11:00 -07:00
884550ce7c
Fix undefined constant bug in session.fs.seek
...
How did this ever work? Clearly nothing exercises this code.
2012-03-02 14:43:00 -07:00
4f2fd918e4
Only add a Content-Type when it's not nil
...
Makes it possible to create MIME parts for non-file POST parameters when
sending a file.
2012-03-01 16:28:55 -07:00
bde9a846b9
Default the index to -1
...
This prevents stack traces on Java which doesn't provide the index.
2012-02-29 20:27:10 -07:00
db88145294
Keep the order of iface attributes the same accross rubies
...
1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
end up with ~random order for the display with the previous technique.
Switch to an Array instead of a Hash so it's always the same.
2012-02-28 08:27:22 -07:00
2b8d16203a
Refactor Interfac#pretty to be more rubyish
2012-02-24 16:42:12 -07:00
f83a7f14ac
Switch to netlink for listing interfaces
...
* Adds support for listing IPv6 addresses on POSIX meterpreter
* Ensures crash logs are only created if debugging is enabled
* Fixes a bug in sniffer where a lock was not acquired correctly
Squashed commit of the following:
commit 955124b264a675c7d67187703bf23b58f0aba6d8
Author: MM <gaspmat@gmail.com>
Date: Thu Feb 23 23:42:26 2012 +0100
posix meterpreter - IPv6 support for route and ipconfig using netlink sockets
[Closes #196 ]
2012-02-24 16:42:12 -07:00
3857bef9f6
Adds help and tabs for commands in meterpreter core
2012-02-21 10:10:42 -07:00
85e644ed4c
Merge branch 'railgun_defs' of https://github.com/NoVAHA/metasploit-framework into NoVAHA-railgun_defs
2012-02-10 01:17:07 -06:00
3312a16708
Added a message when backgrounding a session
2012-02-09 05:49:40 +00:00
1f1e67cb16
Moved railgun function definitions into central storage and out of individual modules where possible
2012-02-09 04:56:13 +00:00
6685a65c39
Spend some time type-checking - no exploitable vulns we are aware of, but no reason to leave it to future chance
2012-02-07 17:17:45 -06:00
f89853d3bc
Squashed commit of the following:
...
commit 69bb41a8176fb814485225e0c3b0e1c44342e652
Author: matugm <matugm@gmail.com>
Date: Tue Jan 31 11:30:52 2012 +0100
indentation
commit 175d230a06dc58e2123f092d39f33063efdce83d
Author: matugm <matugm@gmail.com>
Date: Tue Jan 31 11:13:02 2012 +0100
Changed way of finding hive names so that it works with xp hives
2012-02-03 17:01:35 -06:00
6623988fc0
Remove duplicate interfaces call, fixes #6344
2012-02-03 09:46:08 -06:00
cd0a806a06
Sort by filename instead of the default first column
...
[Fixes 6336]
2012-02-02 12:13:52 -07:00
b347418f90
Add checks for numeric column data
...
[Fixes #6303 ]
2012-02-02 12:13:52 -07:00
eb795514b3
Add a SortIndex option to rex Table
...
Allows Table#to_s to do the right thing when the first column isn't the
one we want sorted.
2012-02-02 12:13:51 -07:00
7ec5f98480
Adding jhart's natpimp libary and modules.
...
Made some minor corrections -- dropped the #vim splats, switched to msf
constants for service open etc, namely.
[See #106 ]
2012-01-24 10:32:30 -06:00
26836cab47
Adds a default context for the TFTP Client lib.
...
For use with nonstandard routing.
2012-01-23 16:00:54 -06:00
d34a9f38a5
Adding bperry's various and sundry regex fixes
...
[Closes #109 ]
Squashed commit of the following:
commit 692568d02fbfd547ef2d05ad9887427fc53f8abb
Author: Brandon Perry <bperry.volatile@gmail.com>
Date: Mon Jan 16 12:34:35 2012 -0600
small get_everything fix
commit 5b29a310601b6658ffb74a4922b52bc5b3f864fb
Author: Brandon Perry <bperry.volatile@gmail.com>
Date: Mon Jan 16 12:31:31 2012 -0600
regex fixes
commit a565ade7f4fe42fb5d070d04ac1ba4e65c98d8b8
Author: Brandon Perry <bperry.volatile@gmail.com>
Date: Sun Jan 15 16:39:29 2012 -0600
registry.rb in lib/rex
commit 3609313ea357884480750948a9b0cc6514dcfcc2
Author: Brandon Perry <bperry.volatile@gmail.com>
Date: Sun Jan 15 16:32:06 2012 -0600
boot key fixed
commit e591ed1815b01b3e535b517c73470ad9984fe8c7
Author: Brandon Perry <bperry.volatile@gmail.com>
Date: Sun Jan 15 15:53:21 2012 -0600
fixes
commit 3598f3482eea2845baead71310d6192e105b6074
Author: Brandon Perry <bperry.volatile@gmail.com>
Date: Sat Jan 14 13:47:29 2012 -0600
stuff
commit 8a8d0dfda603d3697b54bd852f131795259f9c28
Author: Brandon Perry <bperry.volatile@gmail.com>
Date: Fri Jan 13 22:57:30 2012 -0600
reg fixes
commit fcfb51bb64b2d8ee6a28722bbf1998be47145b90
Merge: 2c7cfde 24aaf85
2012-01-16 17:54:33 -06:00
0236a6994f
registry stuff
2012-01-10 18:45:24 -06:00
d0fb9424b2
Updated to use "reject!" instead of "select!" so older versions of ruby are happy
2012-01-08 11:16:17 -05:00
6591bd3a45
Completed test coverage for pointer_util.rb and fixed the bugs I found
2012-01-08 11:05:24 -05:00
f9d123a8c8
Merge remote branch 'upstream/master'
2012-01-07 19:06:51 -05:00
7ea5f87960
Allow proper ruby types for evasion configuration
...
At some point in the distant past, the datastore was all strings and the
various option types got parsed out in the appropriate places. Then, in
the somewhat more recent past, the options started getting converted to
regular ruby types (such as TrueClass for a BOOL options, etc) earlier
in their life. Apparently, that change broke boolean http evasions.
This commit fixes them by ensuring that +true+ is just as acceptable as
"true".
Fixes #6198 , thanks Ashish for the report
2012-01-06 20:05:29 -07:00
c59e08ce7d
Moved utility codde and expanded railgun test suite runner
2012-01-06 21:07:16 -05:00
f41fc7a0ac
Moved platform_util.rb and added the tests for the new utilities to railgun.rb.ts.rb
2012-01-06 20:56:41 -05:00
3772f56260
Am making use of platform_util.rb's platform symbols for standardization across railgun. Ideally only platform_util.rb will need to know what platform strings look like and how they are represented in the railgun world. Corrected railgun.rb mixin's pointer_size function.
2012-01-04 22:28:20 -05:00
d995c3893b
Platform handling utilities. I want to protect railgun against changes to client.platform's general form
2012-01-04 21:56:34 -05:00
3d7d5d5f3d
Utility for working with pointers. Test coverage is incomplete
2012-01-04 19:30:30 -05:00
b9b5b1e66f
Merge remote branch 'upstream/master'
2012-01-02 20:07:50 -05:00
ba017773b2
Cleanup whitespace at EOL
2011-12-30 10:55:01 -07:00
0054fb5167
using select! instead of delete_if to avoid double negatives...
2011-12-28 20:05:54 -05:00
5560c6b17e
Moved and adapted code relating to looking up constant names by constant value
2011-12-28 00:40:08 -05:00
ffcf5af9b0
Merge remote branch 'upstream/master'
2011-12-27 22:06:51 -05:00
80603e03cb
grab the appropriate shell from mult-platform meterpreters and use /bin/sh instead of /bin/bash for linux to improve compatibility, fixes #5996
2011-12-26 14:41:24 -07:00
1604162ba3
A place to add railgun convenience code for use in modules
2011-12-24 15:59:46 -05:00
35e868f705
Merge pull request #67 from kernelsmith/railgun-add_const_reverse_lookup
...
Add const_reverse_lookup and error_lookup to railgun (redmine 6128)
2011-12-22 14:43:24 -08:00
743a0546f1
Don't blow up if the user doesn't set a filename
...
Can't actually require FILENAME or REMOTE_FILENAME because I don't know
if you're going to upload or download. However, there shouldn't be a
stacktrace when you just try to go with neither.
2011-12-21 16:26:29 -06:00
24d53efa7c
Final touches on TFTP client
...
See #5291 . Adds an option to mess with the block size in case someone
wants to write a fuzzer or exploit that leverages that. Adds a cleanup
method to the module (pretty much required, it turns out). Looking
nearly final, just need to rename the module and I think we're good to
push to master.
2011-12-20 10:03:04 -06:00
677cb4b152
Handle empty data sends sanely for TFTP.
...
Don't just hang forever -- let the user know they just send empty data.
TFTP servers don't like this of course.
2011-12-19 21:56:03 -06:00
2b3e3725ac
TFTP adding comment docs, ability to send w/out a file.
...
Commenting the tricksy parts a little better for general usage.
Adding the ability to set FILEDATA instead of FILENAME, in case
only short bits of data are desired and the user doesn't want
to go to the trouble of creating a source file to upload.
2011-12-19 18:15:19 -06:00
431ef826c9
TFTP client now uses constants, preserves trailing spaces/nulls in data
...
See #5291 , just rediscovered the bug on this.
2011-12-19 16:33:25 -06:00
5eaf2e7535
Adding download and loot functionality.
...
Still need to deal with the use case of not passing a block; blocks
should not be required, it should be okay to invoke and just wait for
the complete attribute to be true. You'll miss out on error messages but
eh, maybe those should be return values.
2011-12-19 15:50:50 -06:00
aecde6fea4
Updating TFTP client. Now with grown-up thread handling.
...
No longer blocks on successful connections.
2011-12-19 12:14:40 -06:00
902d7f5ea7
Adding more to TFTP. Still need a read tho
...
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.
Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
2011-12-18 21:05:27 -06:00
8bdf76a87b
Adds const_reverse_lookup and error_lookup methods to the railgun instance, also adds test/modules/post/test/railgun_reverse_lookups.rb, tested, working great
2011-12-17 16:19:32 -05:00
50fa10679b
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:41:55 -06:00
ec1dd8154e
When duplicating a DLL, duplicate everything underneath it to remain threadsafe. I wrote this patch months and months ago. The way I am deep copying produced much groaning in #metasploit when I put it in for code review. It was ultimately declared the lesser of two evils. If you have chat logs from months ago you may be able to find the discussion
2011-12-15 22:05:02 -05:00
2c538fe9c0
Rework RangeWalker and some of the socket API to fix bugs and generally
...
handle ranges the right way
2011-12-10 20:10:10 -06:00
dee053cd71
Try multiple scopes for link-local addresses, if necessary. Fix a small
...
typo
2011-12-10 15:24:10 -06:00
e46745b761
Add support for link-local scopes
2011-12-10 13:24:58 -06:00
1cc68d1ed5
Accept IPv6 addresses in getaddress() responses
2011-12-10 13:24:58 -06:00
49ff9f594a
Properly enclose IPv6 addresses with brackets inside of the Host header
2011-12-10 13:24:58 -06:00
72f64583e2
Add IPv6 range support, permission tweak
2011-12-06 00:43:11 -06:00
4344a5f92a
Fix up IPv6 resolution in DNS replies
2011-12-05 13:07:37 -06:00
bcebdb1893
Improve IPv6 handling
2011-12-05 13:07:37 -06:00
27974c4c27
Merge branch 'master' of github.com:rapid7/metasploit-framework into fastlib
...
Conflicts:
modules/auxiliary/scanner/http/axis_login.rb
modules/exploits/multi/http/axis2_deployer.rb
modules/post/multi/gather/thunderbird_creds.rb
modules/post/windows/gather/credentials/imvu.rb
msfopcode
2011-12-03 14:07:09 -06:00
6b06df0d7d
Merge pull request #38 from XeroHawk/alpha2_fix
...
Ported over the Issue 3190 SVN changes for unicode_mixed, an old bug that was hiding out in Redmine.
2011-12-02 12:51:47 -08:00
1db9177583
Revert "Merge pull request #22 from scriptjunkie/multithread"
...
This reverts commit 4f76f3bbb8e72dad4e81
2011-12-02 13:35:43 -05:00
4f76f3bbb8
Merge pull request #22 from scriptjunkie/multithread
...
RPC multithreading
2011-12-01 23:43:32 -08:00
e72dad4e81
Rescue the load error so rex will work outside of Metasploit. Fixes
2011-12-02 00:28:31 -06:00
2ac8cbaf66
Ported over the Issue 3190 SVN changes
2011-11-30 14:37:10 -05:00
e9c3e8ee50
Fix SMB_COM_NT_TRANSACT structure definition per specification. For more information see http://j.mp/t5zzku
2011-11-27 19:27:01 -06:00
f82c7e9bb4
Fixup requires to use sane paths
2011-11-21 14:37:26 -06:00
8f56dc1504
get rid of a bunch more spaces at EOL
2011-11-20 11:46:35 +11:00
70b463b257
msftidy run
2011-11-20 11:39:27 +11:00
60c3c44800
remove spaces at EOL
2011-11-20 11:30:15 +11:00
c4eb32d2ff
Add an optional multithreading to stream server, and enable multithreading (one thread per client) to the RPC server.
2011-11-17 08:07:34 -08:00
6715248047
Minor comment fixes
...
Removing patch comment
2011-11-17 08:42:30 -06:00
67c07165c6
Update lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
2011-11-17 08:26:57 -06:00
66621632f0
added linux shell functionality to meterpreter's shell command.
2011-11-17 08:26:57 -06:00
825c9f776c
Fixes #5980 by correcting the address match for IPv6. Clean up regex mapping in general
2011-11-16 14:35:23 -06:00
91e7e39fd9
Add definition for DeleteService
2011-11-13 21:04:35 -07:00
40614a3cf4
Merge branch 'iss5454'
2011-11-11 11:26:05 -06:00
7b7413d85e
Bash format for msfencode/msfvenom
...
This patch adds a Bash output format for msfencode and msfvenom. This is especially useful for local exploitation with shellcode in an environment variable.
Example output:
$ echo 'this is a test' | ./msfvenom -f bash
[-] Using X86 architecture and Windows platform for stdin payload to change use -a and --platform
export buf=\
$'\x74\x68\x69\x73\x20\x69\x73\x20\x61\x20\x74\x65\x73\x74'\
$'\x0a'
It adds unit tests for the new format and also fixes a unit test that was broken (assert_equal 'AAAAAAAAA', Rex::Text.pattern_create(9,['A'])) due to a bug in the shortcut in pattern_create.
2011-11-11 00:13:17 -08:00
30a86c9378
Merge patch to fix #5271
2011-11-10 20:01:50 -06:00
b689796678
msf*scan is busted with -i because of "uninitialized constant Rex::Socket". This addresses that issue.
...
git-svn-id: file:///home/svn/framework3/trunk@14117 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 18:54:24 +00:00
fed2e9a611
Fixes #2052 . The supplied patch wanted to do it in the to_s, but it seems to make more sense to do this kind of thing in the sort_rows() method.
...
Thanks for the patch, though. Note, it's slightly easier to locate which file you're diffing if you diff from the top of /trunk.
git-svn-id: file:///home/svn/framework3/trunk@14051 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 20:41:26 +00:00
437e2e79be
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@14043 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 04:54:03 +00:00
70bf92edae
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@14042 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 04:52:22 +00:00
5fec13a389
Propogate the timeout in send_recv() down to the TCP connect call as well
...
git-svn-id: file:///home/svn/framework3/trunk@14021 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-21 15:41:37 +00:00
3cfa3c25d3
Treat all input as strings, avoids some sloppy caller code that wasn't as strict before
...
git-svn-id: file:///home/svn/framework3/trunk@13995 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 19:16:48 +00:00
62740172e4
Officially remove support for the buggy/non-functional MySQL backend
...
git-svn-id: file:///home/svn/framework3/trunk@13948 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:42:04 +00:00
c532cfd2ef
Fixes a problem where vulns were sometimes given the reference of the one before it.
...
git-svn-id: file:///home/svn/framework3/trunk@13947 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 04:46:16 +00:00
643f2ab242
better fix for gsub() on non-String values in the table. Fixes cachedump brokenness
...
git-svn-id: file:///home/svn/framework3/trunk@13944 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 00:23:29 +00:00
8295bb0a4e
fix a nil.gsub() bug
...
git-svn-id: file:///home/svn/framework3/trunk@13943 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 00:18:30 +00:00
52767b3104
Fixes #5204 . Adding Windows Console2 color support from mihi. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@13913 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 17:35:31 +00:00
4d4b07db40
Winsock2 getaddrinfo definition for Railgun
...
git-svn-id: file:///home/svn/framework3/trunk@13894 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 23:14:10 +00:00
09423d89ef
Adding support for wlanapi in prep for thelightcosine's coming modules. Note, this will *not* break railgun on systems that don't support wlanapi.
...
git-svn-id: file:///home/svn/framework3/trunk@13888 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 02:58:45 +00:00
a75371c282
See #5660 . Well that broke other things. Rats.
...
git-svn-id: file:///home/svn/framework3/trunk@13861 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 21:20:45 +00:00
e9e4dc5d02
Fixes #5660 for real. Apparently I cannot tell the difference between 0 and 1. I would be a terrible robot. 0101100101.
...
git-svn-id: file:///home/svn/framework3/trunk@13857 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 19:03:18 +00:00
1f1cd87e87
Fixes #5660 . update_prompt('') is now equivalent to update_prompt(nil), which avoids the prompt stacking problem when setting an empty prompt.
...
git-svn-id: file:///home/svn/framework3/trunk@13855 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 18:42:44 +00:00
292aae8ab5
This small patch causes any input to RangeWalker that contains a host name to expand to all A records returned for that name. This allows RHOSTS to be set to a dns name that returns multiple addresses and for all addresses corresponding to the name to be tested.
...
git-svn-id: file:///home/svn/framework3/trunk@13837 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 01:07:51 +00:00
1649a6d47c
Add function for CredEnumerateA
...
git-svn-id: file:///home/svn/framework3/trunk@13833 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 21:01:35 +00:00
b21acdaaae
Rex shouldn't die when trying to Rex::Text.base64_encode(nil). It should return an empty string.
...
git-svn-id: file:///home/svn/framework3/trunk@13817 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-05 01:42:14 +00:00
b3e96add60
fix whitespace at eol
...
git-svn-id: file:///home/svn/framework3/trunk@13795 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-26 17:42:07 +00:00
de9e99bd3d
Fix some TOCTOU confusion and database errors.
...
git-svn-id: file:///home/svn/framework3/trunk@13779 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 15:12:19 +00:00
2481eac4be
remove extraneous relative load path addition, bad bad bad
...
git-svn-id: file:///home/svn/framework3/trunk@13761 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 23:01:26 +00:00
b72ca9dcc8
Fixes #5452 .
...
Fixes #5446 for real.
Breaks up the regex to more managable registers, ensures that nil is never returned.
git-svn-id: file:///home/svn/framework3/trunk@13729 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-14 16:41:30 +00:00
0413dc25c5
Fixes #5446 by ensuring the method is always sane.
...
git-svn-id: file:///home/svn/framework3/trunk@13723 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 19:59:29 +00:00
acae5dcdc8
Killing puts.
...
Die, puts, die!!
git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 02:42:39 +00:00
14f39a69a0
Show DllCharacteristics (see #5234 )
...
git-svn-id: file:///home/svn/framework3/trunk@13709 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-08 22:55:12 +00:00
e748b53a54
Modify the code for imported functions in order to display the addresses. See #5422 .
...
git-svn-id: file:///home/svn/framework3/trunk@13704 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-07 23:17:47 +00:00
047b1b4ee2
RopCollect needs to use print_status too
...
git-svn-id: file:///home/svn/framework3/trunk@13701 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 23:08:58 +00:00
7e0424e976
fixes some bugs with imports of rop gadgets
...
git-svn-id: file:///home/svn/framework3/trunk@13700 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 22:27:03 +00:00
5e4a3f5beb
Opps typo in the require
...
git-svn-id: file:///home/svn/framework3/trunk@13678 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 10:21:15 +00:00
525af4325d
Add the jsobfu require
...
git-svn-id: file:///home/svn/framework3/trunk@13677 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 09:11:23 +00:00
1e37649a4d
Add backwards compatability support for old obfuscation methods needed by older exploits
...
git-svn-id: file:///home/svn/framework3/trunk@13674 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 08:58:18 +00:00
aa5ad30805
Alters heaplib so it no longer obfuscates using the old method
...
git-svn-id: file:///home/svn/framework3/trunk@13665 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:08:51 +00:00
ee961b69ad
Add support for virtualalloc (see #5262 )
...
git-svn-id: file:///home/svn/framework3/trunk@13659 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 06:52:56 +00:00
6853221762
Fixes #5313 by adding logging support to pivoted PXE attacks, and displaying results as the module runs.
...
git-svn-id: file:///home/svn/framework3/trunk@13646 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-27 15:46:49 +00:00
23b4f4ed98
Address #5313 for locally-launched PXE attacks.
...
git-svn-id: file:///home/svn/framework3/trunk@13639 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:48:33 +00:00
2b340439e0
Fixes #5312 - auto boot from disk on second PXE boot (after payload delivery).
...
git-svn-id: file:///home/svn/framework3/trunk@13629 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 21:28:31 +00:00
3c7f25ff78
help help
...
git-svn-id: file:///home/svn/framework3/trunk@13579 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-18 20:29:49 +00:00
9e80c740b6
Also recognize PXE clients who do not set the PXE option in the DHCP request but do identify in client string.
...
git-svn-id: file:///home/svn/framework3/trunk@13577 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-18 00:18:43 +00:00
f99429138e
clean up some rdoc comments. odd that rdoc doesn't appear to pick up ApiConstants at all...
...
git-svn-id: file:///home/svn/framework3/trunk@13576 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-17 23:00:28 +00:00
0fc14a2164
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@13572 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-16 21:16:25 +00:00
79b7fb7c43
actually store the new Util object. how did this ever work before? fixes #5265
...
git-svn-id: file:///home/svn/framework3/trunk@13571 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-16 18:01:21 +00:00
f16e593628
report udp protocol correctly, see #5260 , r13569
...
git-svn-id: file:///home/svn/framework3/trunk@13570 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 22:39:41 +00:00
4779c039f0
protocol != proto. fixes #5260
...
git-svn-id: file:///home/svn/framework3/trunk@13569 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 22:29:57 +00:00
c77dfcc48e
fixes #5232 Add DLL definition for crypt32. I removed a custom add too
...
git-svn-id: file:///home/svn/framework3/trunk@13560 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-14 21:08:55 +00:00
4a7714e1b1
Fix #5244
...
git-svn-id: file:///home/svn/framework3/trunk@13551 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 20:26:03 +00:00
5966cf460e
Fixes #5240 : avoid crash when read fails
...
git-svn-id: file:///home/svn/framework3/trunk@13550 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:30:56 +00:00
15a9036dd9
add in the Buffer input class
...
git-svn-id: file:///home/svn/framework3/trunk@13516 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 21:05:12 +00:00
0bc44c4736
Expanding the range of mock dll/functions to allow for more thorough testing. Number of assertions when you run railgun tests are about to jump.
...
git-svn-id: file:///home/svn/framework3/trunk@13506 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 03:36:39 +00:00
a5b30b1964
sometimes windows raises EADDRNOTAVAIL which gets mapped to AddressInUse when using addresses it doesn't like, e.g. .0 and .255; make AddressInUse a ConnectionError so scanners handle it properly. makes scanners work on windows when an address range includes one of these. they won't be scanned (since windows is dumb) but at least it won't error out.
...
git-svn-id: file:///home/svn/framework3/trunk@13503 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 00:51:23 +00:00
b2733c04db
More PXE dust for extra magic!
...
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-05 17:10:27 +00:00
842bfdebe8
Lets just leave this here (insurance against my laptop melting down between now and tomorrow morning). Nothing to see here, move along ;)
...
git-svn-id: file:///home/svn/framework3/trunk@13483 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-03 22:58:55 +00:00
d7e775b74c
This speeds up shutdown for normal reverse_tcp meterpreters (avoids the penalization for http/https)
...
git-svn-id: file:///home/svn/framework3/trunk@13470 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-02 01:33:17 +00:00
7fa5795115
Cleanup session files. Wait a little longer for the session to receive the shutdown command
...
git-svn-id: file:///home/svn/framework3/trunk@13458 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-31 19:46:36 +00:00
f5862e87d0
guard against nil and false ranges
...
git-svn-id: file:///home/svn/framework3/trunk@13446 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-31 15:48:29 +00:00
7667e5aa74
More of the same.
...
git-svn-id: file:///home/svn/framework3/trunk@13439 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 23:50:04 +00:00
58f7618b78
Fixes #5144 . Repro's with nexpose-raw.xml in sample data -- before the fix, DNS on port 53 would be marked as "Postfix" which is the same as the service prior, 25/tcp. After the fix, it is appropriately blank. (Same with 80/tcp and 443/tcp both being Apache -- technically probably correct but the service fingerprint isn't there for 443 in the import).
...
Checking other service importers for the same kind of problem, but it looks unique to nexpose-raw.
git-svn-id: file:///home/svn/framework3/trunk@13438 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 23:35:13 +00:00
7f758e42e8
Fix up SSL behavior (correctly, this time). Update the msfrpc tools to support the new MessagePack code, fix various defaults in the plugin. Fixes #5116
...
git-svn-id: file:///home/svn/framework3/trunk@13416 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 23:58:05 +00:00
07df5f051f
Woops. Get the right variable name
...
git-svn-id: file:///home/svn/framework3/trunk@13412 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 19:26:43 +00:00
f57799943c
Rework this patch to only enable non-blocking openssl on Windows, as this has also reproduced on BT5 with 1.9.2
...
git-svn-id: file:///home/svn/framework3/trunk@13411 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 19:10:20 +00:00
ace9ca86a8
This commit abstracts the non-blocking SSL check so that it verifies existence of the non-blocking API and skips Mac OS X. This should fix some of the issues with meterpreter on MacOS X with Ruby 1.9.2
...
git-svn-id: file:///home/svn/framework3/trunk@13404 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 03:34:15 +00:00
d50577066f
remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious
...
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 22:57:47 +00:00
9f8cbc4145
First pass at an import, still missing a few items to call this done
...
git-svn-id: file:///home/svn/framework3/trunk@13390 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 21:17:30 +00:00
c7077f2551
Fix up the stop call
...
git-svn-id: file:///home/svn/framework3/trunk@13382 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:50:11 +00:00
aa2c025ce1
add a flush option to portfwd. thanks ipax for the patch!
...
git-svn-id: file:///home/svn/framework3/trunk@13359 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 04:59:06 +00:00
f1473c4cb3
Fixes #5062 - Use .length instead of .count (1.8 compat)
...
git-svn-id: file:///home/svn/framework3/trunk@13352 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 23:36:30 +00:00
fa4dbf6783
move the client accessor back to the top so it's available when needed, use the session-specific separator, fixes #4892 again
...
git-svn-id: file:///home/svn/framework3/trunk@13350 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 22:37:41 +00:00
2212afcf31
un-remove an important include...
...
git-svn-id: file:///home/svn/framework3/trunk@13348 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 20:58:23 +00:00
0f95070f3f
add a request type for grabbing the host's directory separator, fixes #4892
...
git-svn-id: file:///home/svn/framework3/trunk@13346 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 20:51:33 +00:00
25bdbe6568
More prompt bug fixes, back and use commands should work properly now
...
git-svn-id: file:///home/svn/framework3/trunk@13326 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 18:41:23 +00:00
d3836badc6
add a fingerprint for ie6 on xp sp2 korean
...
git-svn-id: file:///home/svn/framework3/trunk@13321 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-23 17:42:56 +00:00
d60524a3d4
Fixes #5009 by using the right client object
...
git-svn-id: file:///home/svn/framework3/trunk@13299 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 23:33:06 +00:00
a54b8c26c3
Fix prompt updates to show the last set prompt variable
...
git-svn-id: file:///home/svn/framework3/trunk@13291 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 01:49:29 +00:00
59b9dfd9eb
no need for the framework reference now
...
git-svn-id: file:///home/svn/framework3/trunk@13281 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 18:35:57 +00:00
2776669a51
reworked how the custom prompts work with different input streams
...
git-svn-id: file:///home/svn/framework3/trunk@13279 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 18:19:43 +00:00
3046896204
This commit makes the new unicode string encoding optional, it can be disabled by setting EnableUnicodeEncoding to false or through the 'disable_unicode_encoding' console command in the Meterpreter shell. Fixes #4986
...
git-svn-id: file:///home/svn/framework3/trunk@13278 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 15:44:54 +00:00
ce862cf999
Disable this until some bugs are sorted out
...
git-svn-id: file:///home/svn/framework3/trunk@13277 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 15:38:28 +00:00
8337c9e90a
Add the framework accessor, unbreak trunk
...
git-svn-id: file:///home/svn/framework3/trunk@13276 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 15:35:28 +00:00
7dfb74be10
See #4986 , make unicode encoding optional
...
git-svn-id: file:///home/svn/framework3/trunk@13275 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 15:26:15 +00:00
f6e3065a51
camel case the advanced options
...
git-svn-id: file:///home/svn/framework3/trunk@13274 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 14:35:02 +00:00
1902b92878
Merge custom prompt code
...
git-svn-id: file:///home/svn/framework3/trunk@13272 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 06:14:25 +00:00
bffc8088c3
don't just ignore the prefix. see r13244
...
git-svn-id: file:///home/svn/framework3/trunk@13250 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 23:27:37 +00:00
d4055e8697
to_s on table was appending to it self every time it was called
...
git-svn-id: file:///home/svn/framework3/trunk@13244 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 22:04:13 +00:00
93839922dd
fix method name in doc comment
...
git-svn-id: file:///home/svn/framework3/trunk@13235 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 19:52:52 +00:00
b877d3c639
Added memory_grep post module and updated the GetProcessHeaps definition in railgun
...
git-svn-id: file:///home/svn/framework3/trunk@13225 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 17:06:26 +00:00
628f29c551
Correctly throw a not-supported error on older ruby
...
git-svn-id: file:///home/svn/framework3/trunk@13223 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 14:49:34 +00:00
d23a5f6092
"The GetFileSecurityA and GetFileSecurityW functions have a "RequestedInformation" that is defined as a PBLOB and should be a DWORD." - Keith Faber. Thank you Keith! see #4364
...
git-svn-id: file:///home/svn/framework3/trunk@13201 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 17:48:09 +00:00
cccbdf9fab
This patch allows meterpreter to work with file paths and user names that are not of the US-ASCII character set.
...
git-svn-id: file:///home/svn/framework3/trunk@13200 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 17:32:52 +00:00
1e1d7c534d
"This is the first update to the Railgun Advapi32.dll Definitions. It adds some of the Windows CryptoAPI function calls." - David Maloney. see #4746
...
git-svn-id: file:///home/svn/framework3/trunk@13199 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 17:17:48 +00:00
572a5a5b8b
Added method "functions" to DLLWrapper that grabs the DLL's "functions" so that people can continue to test for function existence via .functions['blah'], evne though I hate this, I want to be backwards compatible. This will be deprecated eventually
...
git-svn-id: file:///home/svn/framework3/trunk@13198 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 15:15:26 +00:00
59015b2cbf
Closes Redmine issue 3073 (Railgun DLL cache/definition loader needs a rewrite). Major overhaul of how railgun handles DLLs and requests to them. def_*.rb files are now formed differently, this may break your code if you made changes to railgun/def/def_* or railgun.rb, see http://blog.minorcrash.com/2011/07/new-way-to-add-dlls-to-railgun.html
...
git-svn-id: file:///home/svn/framework3/trunk@13181 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 00:18:01 +00:00
d1cfa7560f
Update DHCP server for correctness, reliability, simplicity.
...
Actually keep track of which clients get which IP, only give PXE options to PXE clients, and provide more control over serving to PXE and/or normal clients.
git-svn-id: file:///home/svn/framework3/trunk@13165 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 02:34:25 +00:00
65702f64b6
Check to make sure we are running under Console2; all sorts of gremlins and threading bugs appear when running under a bare cmd.exe console, this should save us a few bug reports.
...
git-svn-id: file:///home/svn/framework3/trunk@13160 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-13 05:01:37 +00:00
687aaf5c71
Apply egghunter patch (by corelanc0d3r) for DEP bypass size calculation improvement.
...
Please see #4909
git-svn-id: file:///home/svn/framework3/trunk@13153 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-12 01:06:15 +00:00
7f743a5c1b
make meterpreter's File.basename() honor both kinds of directory seperators, use the remote basename as the dest when dest is implicit
...
git-svn-id: file:///home/svn/framework3/trunk@13124 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-08 00:08:42 +00:00
9c8605813e
don't wait for the session to send back a response after telling it to die
...
git-svn-id: file:///home/svn/framework3/trunk@13083 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-01 23:29:00 +00:00
56de119a0f
add a few opera fingerprints gathered from http://www.giac.org/paper/gwapt/1353/client-fingerprinting-analysis-browser-scripting-environment/115300
...
git-svn-id: file:///home/svn/framework3/trunk@13082 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-01 23:20:31 +00:00
0818a856b6
Some fixups for some new AuthBrute hotness.
...
git-svn-id: file:///home/svn/framework3/trunk@13075 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-30 06:52:52 +00:00
7d9f36d4b9
Adds support for the new regloadkey/regunloadkey operations.
...
git-svn-id: file:///home/svn/framework3/trunk@13072 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-30 05:35:18 +00:00
5f5c024193
supress a useless exception (trying to close a closed stream)
...
git-svn-id: file:///home/svn/framework3/trunk@13071 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-30 05:12:07 +00:00
92bb531af5
New bins, new functions, more info soon
...
git-svn-id: file:///home/svn/framework3/trunk@13059 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-29 06:12:03 +00:00
a98602ed8d
Shut down properly through session.kill
...
git-svn-id: file:///home/svn/framework3/trunk@13055 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-28 21:38:24 +00:00
9220506ba2
Merge in recent meterpreter work. These are not the commits you are looking for (more info on what all this is later this week).
...
git-svn-id: file:///home/svn/framework3/trunk@13053 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-28 21:26:43 +00:00
5bbf27bf5b
Woops, this may not have a prompt accessor, find another way
...
git-svn-id: file:///home/svn/framework3/trunk@13029 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 20:33:15 +00:00
da7cc53c38
Add the spool command for redirecting output to both the console and a file
...
git-svn-id: file:///home/svn/framework3/trunk@13028 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 18:51:07 +00:00
40b9b2467b
Remove the downgrade until we figure out the cause, getting different results for the same OS/SP/configuration
...
git-svn-id: file:///home/svn/framework3/trunk@12991 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 01:12:17 +00:00
c42ea1f896
Re-enable the workaround for now, see #4785
...
git-svn-id: file:///home/svn/framework3/trunk@12989 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 23:38:30 +00:00
ab615c1225
Reference the ticket in this comment: See #4785
...
git-svn-id: file:///home/svn/framework3/trunk@12987 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 23:32:29 +00:00
346018c321
Disable NTLMv2 Session for Windows 2000 servers
...
git-svn-id: file:///home/svn/framework3/trunk@12984 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 22:54:13 +00:00
092817d449
Finally merging Cachedump into the SVN tree. Thanks to everyone who helped and again for their patience
...
git-svn-id: file:///home/svn/framework3/trunk@12946 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-15 01:06:22 +00:00
cb98e40725
Add support for ignoring non-executable Mach-O binary segments
...
git-svn-id: file:///home/svn/framework3/trunk@12940 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-14 15:23:32 +00:00
db413592e9
This commit adds support for the -r (remote machine name) parameter to the reg command and extends the api to support a remote machine name. Closes #1894
...
git-svn-id: file:///home/svn/framework3/trunk@12924 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 00:01:29 +00:00
6dd65e56f2
All changes look good, merging
...
git-svn-id: file:///home/svn/framework3/trunk@12921 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 23:17:42 +00:00
c3307c80be
Fixes #1733 by merging in Danilo Nascimento's patch. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@12919 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 23:01:11 +00:00
a8d177ec35
Revert r12910, conflict-o oops-o
...
git-svn-id: file:///home/svn/framework3/trunk@12911 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 18:53:39 +00:00
3ac9854e88
Fixes #4703 : Change an assignment in the loop to append instead
...
git-svn-id: file:///home/svn/framework3/trunk@12910 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 18:50:33 +00:00
54f9ea7c0d
code clean ups, fixes a bug in gadget collection, adds gadget grouping
...
git-svn-id: file:///home/svn/framework3/trunk@12909 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 18:38:02 +00:00
8eaf46eca0
Add support to disable color
...
git-svn-id: file:///home/svn/framework3/trunk@12906 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-10 18:13:34 +00:00
a0c2321efc
Add msfrop, a tool for collecting and ROP gadgets, features include export and import in CSV format, powerful regex searching
...
git-svn-id: file:///home/svn/framework3/trunk@12904 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-10 12:54:01 +00:00
9d99b9de22
fix a logic error that results in sockets closing instead of resending data, really fixes #4642 ; also fixes a nil error when read() failed, makes logs actually useful
...
git-svn-id: file:///home/svn/framework3/trunk@12885 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-08 21:36:34 +00:00
96b568d65b
add a tool for list all modules by rank, fixes #4333 , fixes #4334 , thanks David Maloney!
...
git-svn-id: file:///home/svn/framework3/trunk@12876 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 22:47:55 +00:00
62826d3ff8
fix a bug in msfpescan and msfbinscan when handling disassembly
...
git-svn-id: file:///home/svn/framework3/trunk@12863 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-05 21:50:29 +00:00
7b4c7d44db
Adds a Burp Session XML parser and importer. Also includes fix to Rex's HTTP header parser to ensure that it uses only unencoded regexes.
...
git-svn-id: file:///home/svn/framework3/trunk@12846 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 21:17:57 +00:00
89a12add6f
always break strings into at least two pieces when splitting. Add better docs.
...
git-svn-id: file:///home/svn/framework3/trunk@12843 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 17:52:34 +00:00
bee19278d7
add a new javascript obfuscation engine using rkelly for parsing. use it in browser_autopwn and ms10_018_ie_behaviors. see #1003
...
git-svn-id: file:///home/svn/framework3/trunk@12839 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 00:36:26 +00:00
110f4df649
Adding a webapp vulnscanner parser for Appscan
...
git-svn-id: file:///home/svn/framework3/trunk@12826 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 22:16:08 +00:00
f03ffaf13d
Fixing a stack trace when the imported site cannot be resolved.
...
git-svn-id: file:///home/svn/framework3/trunk@12825 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 22:12:50 +00:00
0a7f6b8528
Adds support for importing Acunetix webvuln XML reports.
...
git-svn-id: file:///home/svn/framework3/trunk@12813 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 06:17:38 +00:00
1a466da015
Handle PE dissassemly the proper way, fixes a bug when handling regex searches
...
git-svn-id: file:///home/svn/framework3/trunk@12802 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-01 19:53:08 +00:00
d3f19d8777
Moving the character and cdata readers to the nokogiri mixin. They've all been the same so far.
...
git-svn-id: file:///home/svn/framework3/trunk@12800 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-01 17:37:54 +00:00
8600bc5bef
Foundstone registers a fingerprint instead of directly setting os_name. Also updates the Windows version regex for mbsa. Also adds a fall-through fingerprint parser (which foundstone uses).
...
git-svn-id: file:///home/svn/framework3/trunk@12798 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-01 16:31:27 +00:00
43b78a6b8f
Adds an import note for MBSA and Foundstone.
...
git-svn-id: file:///home/svn/framework3/trunk@12792 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-01 02:21:10 +00:00
2e0d399262
fixes some warnings.
...
git-svn-id: file:///home/svn/framework3/trunk@12791 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-01 01:14:47 +00:00
23e3d4274d
Adds a parser for MBSA XML files.
...
git-svn-id: file:///home/svn/framework3/trunk@12790 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-01 00:01:46 +00:00
c94577448e
Cleans up service name normalization.
...
git-svn-id: file:///home/svn/framework3/trunk@12787 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 19:27:22 +00:00
90bbacd75e
Fixes #4620 , attribute hashes are passed through a sanitizer now.
...
git-svn-id: file:///home/svn/framework3/trunk@12786 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 19:01:54 +00:00
f420b9c9e9
Adding an importer for Foundstone/Mcafee Network Inventory reports.
...
git-svn-id: file:///home/svn/framework3/trunk@12780 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 15:24:42 +00:00
e85a350257
Fixes #4605 -- only try to yield if we have a block to yield to.
...
git-svn-id: file:///home/svn/framework3/trunk@12762 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-29 03:00:13 +00:00
3a4b5a02fb
Force strings to be binary in Meterpreter requests, wrap server-side errors with a client-side wrapper
...
git-svn-id: file:///home/svn/framework3/trunk@12758 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-28 05:55:51 +00:00
b6f79ec070
Updating nmap's nokogiri state tracker as well.
...
git-svn-id: file:///home/svn/framework3/trunk@12744 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 18:15:49 +00:00
19f50d9b1d
Updates the nokogiri streaming document state machine to something a little more grown up.
...
git-svn-id: file:///home/svn/framework3/trunk@12742 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 17:53:56 +00:00
f92819e754
removed nasm calls inplace of metasm, cleaned up some formatting as well
...
git-svn-id: file:///home/svn/framework3/trunk@12741 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 17:34:31 +00:00
a891d53be4
Adding a Nokogiri stream parser for Nexpose raw XML files.
...
git-svn-id: file:///home/svn/framework3/trunk@12740 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 17:30:11 +00:00
3eabf41a67
Adds a Nokogiri parser for Nexpose vuln imports.
...
git-svn-id: file:///home/svn/framework3/trunk@12737 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 20:29:47 +00:00
8acfef8770
add support for providing a list of CA certs for the signature
...
git-svn-id: file:///home/svn/framework3/trunk@12734 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 17:50:56 +00:00
528e9e2b3a
update from chlee
...
git-svn-id: file:///home/svn/framework3/trunk@12723 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 19:26:41 +00:00
252830f3dd
See #4471 - Moving off some common methods to a mixin.
...
git-svn-id: file:///home/svn/framework3/trunk@12720 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 18:48:23 +00:00
11a1b5dcad
fix the requires for java signing.
...
git-svn-id: file:///home/svn/framework3/trunk@12719 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 18:02:02 +00:00
812bae9df9
add support for signing applets (or any other jar) with openssl. this removes the need for a dependency on RJB
...
git-svn-id: file:///home/svn/framework3/trunk@12718 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 16:45:20 +00:00
ecaeac1f6e
Only override the server header if the caller didn't already provide one.
...
git-svn-id: file:///home/svn/framework3/trunk@12709 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 01:51:09 +00:00
e09d4fb771
Patch from chlee for the nexpose XML parser. Adds "potential" as a vulnerable marker (so imports them), adds import cases for description and solution as well.
...
git-svn-id: file:///home/svn/framework3/trunk@12707 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 00:24:20 +00:00
38504b39a8
Warn the user if there's a truncated nmap file.
...
git-svn-id: file:///home/svn/framework3/trunk@12704 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 21:48:22 +00:00
81e1b41840
Fixes #4578 . If the user has Nokogiri of a reasonable version installed, use that to parse Nmap-created XML documents. Otherwise, fall back to the existing REXML parser.
...
git-svn-id: file:///home/svn/framework3/trunk@12702 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 19:40:50 +00:00
ad2880ce67
merge chao-mu's patches for railgun testing, fixes #4015 , thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@12697 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 22:20:45 +00:00
9311f5b198
add a unit test for ring buffer. all these tests pass on 1.8.7-p299, 1.9.1-p378, and 1.9.2-p180
...
git-svn-id: file:///home/svn/framework3/trunk@12694 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 19:15:00 +00:00
d1e2f274f9
add ability to use arbitrary certs with SSL server sockets.
...
git-svn-id: file:///home/svn/framework3/trunk@12675 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 23:12:35 +00:00
81eb15148f
add a new fingerprint for unpatched ie7 on vista
...
git-svn-id: file:///home/svn/framework3/trunk@12660 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 00:57:30 +00:00
0f9e7f640e
add a new fingerprint for latest ie8 on win7
...
git-svn-id: file:///home/svn/framework3/trunk@12659 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 22:42:46 +00:00
60dcac616e
Renames some nessus-imported vulnerabilities to drop the NSS identifier and just stick with the plugin name (if available). Also drops junk NSS-0 vulnerabilities.
...
git-svn-id: file:///home/svn/framework3/trunk@12653 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 22:18:43 +00:00
e823a885bc
avoid nil.downcase for old egghunter usage
...
git-svn-id: file:///home/svn/framework3/trunk@12652 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 21:55:48 +00:00
c5f79f1176
make parsing a little easier for obfuscation
...
git-svn-id: file:///home/svn/framework3/trunk@12650 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 20:35:18 +00:00
7c2455b704
un-revert the last of r12600's overzealousness. see #4378 and r12569
...
git-svn-id: file:///home/svn/framework3/trunk@12649 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 17:40:48 +00:00
f542bdbb84
Fixes r12634, should be a regex not a not-equal. Using unless instead of if to avoid negative matching.
...
git-svn-id: file:///home/svn/framework3/trunk@12648 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 17:37:04 +00:00
ad12dffe29
move help_to_s down into CommandDispatcher so each dispatcher will know how to print its own help. see #564
...
git-svn-id: file:///home/svn/framework3/trunk@12640 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 23:03:31 +00:00
db1684395f
Added VirtualProtect feature for egghunter
...
git-svn-id: file:///home/svn/framework3/trunk@12637 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 19:00:56 +00:00
5f3e451e4d
Fixes #4441 . I believe this will solve the empty element problem for the nmap parser, but I'm having trouble reproducing it. Basically it wraps tag_start in a begin/rescue, and will ignore bad calls to nil objects (and nil objects only).
...
git-svn-id: file:///home/svn/framework3/trunk@12634 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 13:49:35 +00:00
9f2ac9ae9f
Gracefully handle a failed socket write due to disconnect
...
git-svn-id: file:///home/svn/framework3/trunk@12626 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 02:00:47 +00:00
aadee8460d
Minor tweak helps syntax highlighters
...
git-svn-id: file:///home/svn/framework3/trunk@12620 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-15 18:23:40 +00:00
c5c4c929b8
Clarify that partial is handled in HTTP
...
git-svn-id: file:///home/svn/framework3/trunk@12619 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-15 18:23:14 +00:00
aa98667a77
Two performance fixes for HTTP Servers. The first reduces latency from 0.25s to near-zero for back-to-back connections by using the Queue class as a notify system. The second switches the slow socket.get for the much faster socket.read
...
git-svn-id: file:///home/svn/framework3/trunk@12615 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-14 18:34:06 +00:00
7f21eb8406
Allows for nessus imports to grab the plugin name as well as the plugin ID.
...
git-svn-id: file:///home/svn/framework3/trunk@12609 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-13 16:29:07 +00:00
4500d09c2f
Bubble up errors from socket.get_once() and trigger an EOFError when read() returns nil
...
git-svn-id: file:///home/svn/framework3/trunk@12607 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-13 06:37:15 +00:00
9ce47c01bd
Reverting the autoload changes until we can upgrade to a new ActiveSupport library or find a workaround
...
git-svn-id: file:///home/svn/framework3/trunk@12600 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 20:03:55 +00:00
7600f9110e
remove some more unecessary requires
...
git-svn-id: file:///home/svn/framework3/trunk@12595 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 18:33:49 +00:00
025c68244b
See #4371 , fix uninitialized constant Rex::Exploitation::Egghunter
...
git-svn-id: file:///home/svn/framework3/trunk@12592 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 15:03:20 +00:00
d0614a4be7
fix a few requires in rex in preparation of removing unneeded requires from msf
...
git-svn-id: file:///home/svn/framework3/trunk@12587 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 23:28:12 +00:00
7837e64b85
remove cruft leftover from the dawn of time
...
git-svn-id: file:///home/svn/framework3/trunk@12586 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 22:55:25 +00:00
af45f0166f
re-unbreak omelet code
...
git-svn-id: file:///home/svn/framework3/trunk@12572 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-09 22:42:41 +00:00
2de7f9eb30
fixes a stack trace in converting a char to hex in ruby 1.9.x
...
git-svn-id: file:///home/svn/framework3/trunk@12571 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-09 20:48:40 +00:00
2e1d25dad7
store some state so we can associate scripts with the right port/host. fixes #4378
...
git-svn-id: file:///home/svn/framework3/trunk@12569 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-09 18:10:56 +00:00
ce90282884
See #4378 -- this should limit the nmap parser to script tags that are associated only with ports. egyp7 may have a better way with dealing with this though, so not calling it fixed yet.
...
git-svn-id: file:///home/svn/framework3/trunk@12568 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-09 17:24:43 +00:00
05f107f466
Fixes #4371 , Converts many uses of require to autoload
...
git-svn-id: file:///home/svn/framework3/trunk@12554 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 18:47:10 +00:00
57b530ccf6
fix up test require path
...
git-svn-id: file:///home/svn/framework3/trunk@12553 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 18:41:38 +00:00
d638586d1f
fix up test require path
...
git-svn-id: file:///home/svn/framework3/trunk@12552 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 18:39:19 +00:00
3e59f77871
add require, get test running
...
git-svn-id: file:///home/svn/framework3/trunk@12551 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 18:17:41 +00:00
719576b7b9
fix a small bug in omelet hunter, test is now runnable
...
git-svn-id: file:///home/svn/framework3/trunk@12550 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 18:14:10 +00:00
849c2d682c
remove crufty require
...
git-svn-id: file:///home/svn/framework3/trunk@12549 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 18:12:38 +00:00
c3d66f276f
return the proper thing in add_route() and remove_route(), make sure each comm responds to :routes before trying to delete them. fixes several unit test failures.
...
git-svn-id: file:///home/svn/framework3/trunk@12548 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 17:30:25 +00:00
6e4049cb2c
add some error messages to this test
...
git-svn-id: file:///home/svn/framework3/trunk@12547 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 17:22:09 +00:00
e621828cac
check for a nil return value from write(), fixes #4329
...
git-svn-id: file:///home/svn/framework3/trunk@12528 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 06:55:15 +00:00
8d7e8620b2
Map write to syswrite for BufferSock
...
git-svn-id: file:///home/svn/framework3/trunk@12525 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 05:25:41 +00:00
1c86441f12
This removes the abortive_close code for stream sockets, it was leading to inconsistencies in how dead sessions were cleaned up
...
git-svn-id: file:///home/svn/framework3/trunk@12519 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 03:59:02 +00:00
b93e134195
Use shell_write vs ring.put
...
git-svn-id: file:///home/svn/framework3/trunk@12516 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 23:07:02 +00:00
d98f8dfd89
Make it clear that all Rex::IO::Stream implementations must accept a second parameter called opts for the read, write, and put methods
...
git-svn-id: file:///home/svn/framework3/trunk@12515 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 21:39:09 +00:00
366bc8979d
Only try to report to the database if the database driver is active. Fixes #4306
...
git-svn-id: file:///home/svn/framework3/trunk@12512 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 20:29:01 +00:00
c668534105
This normalizes openssl non-blocking support across both 1.8.x/1.9.1 and 1.9.2+
...
git-svn-id: file:///home/svn/framework3/trunk@12509 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 17:25:26 +00:00
eb78aac8dd
Only try to catch the non-blocking exceptions if they are defined
...
git-svn-id: file:///home/svn/framework3/trunk@12508 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 16:30:45 +00:00
d402ebf6fb
Fix #3498 by showing post module options in the info output
...
git-svn-id: file:///home/svn/framework3/trunk@12506 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 16:06:37 +00:00
1eee55b3cf
remove a crufty require
...
git-svn-id: file:///home/svn/framework3/trunk@12502 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 03:42:26 +00:00
e30d2bbdd4
revert r12476, as it breaks interactive meterpreter channels. r12495 and r12494 should deal with what it was it was trying to solve in the first place. fixes #4293 .
...
git-svn-id: file:///home/svn/framework3/trunk@12496 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 00:29:48 +00:00
a170d37c62
make it a little clearer what getprivs actually does
...
git-svn-id: file:///home/svn/framework3/trunk@12492 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-01 22:28:09 +00:00
39cab9b076
Correct use of select and expand the listen queue for TCP Servers
...
git-svn-id: file:///home/svn/framework3/trunk@12484 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 18:08:52 +00:00
140a304032
Specify IO::select for sleep directly.
...
git-svn-id: file:///home/svn/framework3/trunk@12483 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 17:56:38 +00:00
22537ffbde
A few more tweaks to non-blocking ssl mode
...
git-svn-id: file:///home/svn/framework3/trunk@12482 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 10:24:52 +00:00
96ac0fd51a
Swap out exceptions
...
git-svn-id: file:///home/svn/framework3/trunk@12481 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 08:47:32 +00:00
5758f2ab46
Add support for non-blocking OpenSSL sockets when the Ruby version supports them (1.9.2+ or with openssl-nonblock gem).
...
git-svn-id: file:///home/svn/framework3/trunk@12480 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 07:59:33 +00:00
6bdf2a4e2b
Proactively wrap each() in other Hash based classes to avoid situations that trigger modification during enumeration
...
git-svn-id: file:///home/svn/framework3/trunk@12479 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 04:59:27 +00:00
20c949d1fb
Fix some bad copypasta from non-blocking write commit. This should make stream sessions happy again.
...
git-svn-id: file:///home/svn/framework3/trunk@12476 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 04:25:42 +00:00
e99b5a4f35
Un-break DHCP server when not using served_over.
...
Variable must be initialized before use regardless of whether HOSTNAME is defined.
git-svn-id: file:///home/svn/framework3/trunk@12471 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 22:58:55 +00:00
0978047673
clean up help a little for several meterpreter file commands
...
git-svn-id: file:///home/svn/framework3/trunk@12451 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-27 00:38:15 +00:00
8ba356271f
Fixes #4223 on Windows by catching the specific exception class
...
git-svn-id: file:///home/svn/framework3/trunk@12450 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-27 00:20:32 +00:00
2031c0d288
Importing Nexpose reports should retain test keys (which are usually some kind of proof or expanded details about a vulnerability).
...
git-svn-id: file:///home/svn/framework3/trunk@12442 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-26 17:31:26 +00:00
b24b787e0a
Add the right class wrappers
...
git-svn-id: file:///home/svn/framework3/trunk@12426 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 19:35:25 +00:00
4426a1b7f2
Port of the python Manifest.mbdb parser
...
git-svn-id: file:///home/svn/framework3/trunk@12424 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 18:21:13 +00:00
9d715a1492
Switch from readpartial to read_nonblock, which works around an OpenSSL deadlock. This also adds support for the openssl-nonblock gem's specific exceptions
...
git-svn-id: file:///home/svn/framework3/trunk@12414 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-23 20:45:49 +00:00
56049012cb
remove my code out of the tree, tests all passing. thanks chao-mu!
...
git-svn-id: file:///home/svn/framework3/trunk@12413 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-23 02:49:14 +00:00
c9ab8f248d
commit the rest of chao's patch :/
...
git-svn-id: file:///home/svn/framework3/trunk@12412 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-23 01:10:49 +00:00
a61e7290b0
Do not modify the string passed to write() operations
...
git-svn-id: file:///home/svn/framework3/trunk@12394 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 17:29:11 +00:00
8b920a8f95
Dont modify the data buffer passed to write
...
git-svn-id: file:///home/svn/framework3/trunk@12393 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 17:17:26 +00:00
86bca6438f
add a routes table; delete each comm's routes when flushing
...
git-svn-id: file:///home/svn/framework3/trunk@12377 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 17:49:27 +00:00
78d3998854
Fixes #4125 , add hostname support to the Rex DHCP server & aux module
...
git-svn-id: file:///home/svn/framework3/trunk@12375 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 14:21:36 +00:00
0437d20f9d
Commit railgun tests from chao-mu: http://blog.minorcrash.com/2011/04/railgun-update-1st-milestone-almost.html
...
~/framework$ ruby lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb
Loaded suite lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts
Started
.............
Finished in 8.804126009 seconds.
13 tests, 30 assertions, 0 failures, 0 errors
git-svn-id: file:///home/svn/framework3/trunk@12366 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 14:15:45 +00:00
f1f15ba448
Allow socks4a to relay through meterpreter
...
git-svn-id: file:///home/svn/framework3/trunk@12353 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 18:17:49 +00:00
James Lee
MM
sinn3r
Rob Fuller
HD Moore
matugm
HD Moore
Jon Hart
Tod Beardsley
Brandon Perry
chao-mu
Tod Beardsley
Joshua Smith
chao
David Maloney
Xero Hawk
Joshua J. Drake
scriptjunkie
Dillon
Tom Samstag
Wei Chen
James Lee
Carlos Perez
David Rude
Jonathan Cran
Mario Ceballos