infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,764 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

305 Commits (eec01e79ff44a36b788ea37c8a85fde0fbb4f72c)

Author SHA1 Message Date
sinn3r eec01e79ff No explicit "return" 2014-01-26 16:25:30 -06:00
sinn3r 2d12c0a368 NoMethod check and stuff 2014-01-25 20:25:01 -06:00
sinn3r 93fa58ed45 aux scanner support 2014-01-24 17:54:40 -06:00
Tod Beardsley 8fc0a8199e DB_ALL_CREDS should be disabled by default 
[SeeRM #8699]
 2013-11-22 22:16:40 -06:00
Meatballs 9ca9b4ab29
Merge branch 'master' into data_dir 
Conflicts:
	lib/msf/core/auxiliary/jtr.rb
 2013-10-10 19:55:26 +01:00
Tod Beardsley 356263df56
Litter some more rescue nil's in there 
I hate them but they were there when I got there.

A more sane way to deal with this should happen someday.
 2013-10-09 12:17:13 -05:00
Tod Beardsley f95da649f8
Deal with missing bins, too. 
This could be way more DRY. At least there's a YARD-ish comment.

This fixes up https://github.com/rapid7/metasploit-framework/pull/2465
to be a more complete solution.

[SeeRM #8465]
 2013-10-09 12:13:44 -05:00
ZeroChaos 5f4e4de267 fix for bug 8456 
On systems without bundled johntheripper (either by removing the bundled version or by no compatible version shipped) the system john is used.  In this case, all of the checking for compatible bundled jtr makes no sense and as such we can shortcut out of this to not only reduce the size of msf (for embedded) but also to speed execution (saving multiple calls to some random bundled binary cpuinfo*.bin).

This patch makes it very easy to simply remove cpuinfo and msf will not try to run it when missing and default to running john from the path.
 2013-10-04 15:58:47 -04:00
Meatballs 7ba846ca24 Find and replace 2013-09-26 20:34:48 +01:00
HD Moore 72dff03426 FixRM #8396 change all lib use of regex to 8-bit pattern 2013-09-12 16:58:49 -05:00
Tab Assassin abb52a086c Retab changes for PR #2316 2013-09-05 13:33:59 -05:00
Tab Assassin 8665de0261 Merge for retab 2013-09-05 13:33:49 -05:00
jvazquez-r7 560d384633 Do first modification to Auxiliary::Login and Auxiliary::AuthBrute 2013-08-31 23:38:04 -05:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
jvazquez-r7 7e37130837 Patch for [SeeRM #8315] 2013-08-19 16:34:02 -05:00
William Vu 27a540e12f Land #1215, creds reuse for AuthBrute modules 2013-07-25 16:54:44 -05:00
William Vu e8294b4f02 Add tentative fixes 2013-07-12 07:12:07 -05:00
Daniele Martini c0fda81eb0 Removed options DB_ADD_ALL. Added options DB_ALL_PASS and DB_ALL_USERS 
to add already known user and passwords to the lists.
 2013-06-23 18:20:41 +02:00
Tod Beardsley d341b825d0 Rename dirbust option to conform to style 2013-06-14 12:58:08 -05:00
Tasos Laskos b509ac8504 Crawler mixin: Dirbusting opt moved to advanced 2013-06-13 00:04:31 +03:00
Tasos Laskos b474cda4aa Crawler/Anemone: Dirbusting now optional 
[FIXRM #8030]

Anemone updated to make dirbusting optional (on by default) and the Crawler core
module updated to provide an option to do so.
 2013-06-13 00:00:09 +03:00
David Maloney 6aa7c74fdd make anemone also rspect domain 2013-06-07 14:24:14 -05:00
David Maloney 78b2a0a2ac add domain support to web spider 2013-06-07 12:41:20 -05:00
Samuel Huckins e20385dd9e Merge pull request #1864 from dmaloney-r7/feature/task_associations/cred_service_host 
Passes specs and functional tests
 2013-05-28 12:11:57 -07:00
David Maloney 69dd7f5c58 Update Mdm and Add Task stuff to report 
make report_* methods aware of Tasks

[Story #49167601]
 2013-05-22 14:59:43 -05:00
James Lee f4498c3916 Remove $Id tags 
Also adds binary coding magic comment to a few files
 2013-05-20 16:21:03 -05:00
Tasos Laskos 0a55c7e4b6 Proofs can be omitted if they contain sensitive data 2013-05-14 20:46:17 +03:00
Tasos Laskos f4bc3096b2 #match_and_log_fingerprint: store match not fingerprint 2013-05-10 19:59:12 +03:00
Luke Imhoff c210260845 Fix Undocumentable method, missing name YARD warning 
[#46491831]

Comments at the start of the file with ## caused YARD to think the
comment was documenting the require call.  By removing the ##, the
warning disappeared.  I did not determine what is special about ## in
file comments.
 2013-03-30 15:32:38 -05:00
Tasos Laskos 380f5f56ae Auxiliary::Web::HTTP#_request: print_error => elog 
[SEERM #7839]

Reverted earlier commit.
 2013-03-27 16:36:50 +02:00
David Maloney 509ae76dc9 make sure we grab the workspace for store_local 
store_local calls report note from db.rb directly instead of going
through the report method. this means we might miss the workspace
causing a stack trace
 2013-03-22 16:52:38 -05:00
sinn3r 1ac31a3e12 Merge branch 'bug/web-path-api-update' of github.com:tasos-r7/metasploit-framework into tasos-r7-bug/web-path-api-update 2013-03-22 12:54:23 -05:00
Tasos Laskos 11c38d925b Auxiliary::Web::Path: Fuzzable API update 
[FIXRM #7817]

Path object was using an outdated fuzzable API which was causing
scan errors.
 2013-03-19 18:41:52 +02:00
Tasos Laskos ad39a5cdc3 Auxiliary::Web::HTTP#_request: elog => print_error 
[SEERM #7815]

Switched form elog to print_error to make reporting bugs easier on users.
 2013-03-19 17:18:44 +02:00
Tasos Laskos 5967991f6f Auxiliary::Web#log_*: details[:category] => #name 
Recent category updates to modules caused variations of vulns of the
same type to be ignored leading to a smaller exploitation surface.
Thus, use the #name of the module as the key instead of the category name.
 2013-03-12 19:43:47 +02:00
Tasos Laskos c641ca96c1 Auxiliary::Web::Path.from_model: inputs => form.inputs 
Fixed uninitialized variable error.
 2013-03-11 23:08:41 +02:00
Tasos Laskos 7e15788bb5 Auxiliary::Web: updated form of vuln storage in parent 
#log_fingerprint and #log_resource now create a key in the
parent's #vulns attribute with the name of the vuln type and
store the details of each such vuln under it.
 2013-03-08 22:38:23 +02:00
Tasos Laskos 3422a7c098 Auxiliary::Web: force vuln proof to_s 2013-03-08 21:50:01 +02:00
Tasos Laskos cf3df4b179 Auxiliary::Web::HTTP: added error output 
Instead of using elog when an HTTP request callback throws an
exception, use the HTTP class' parent #print_error.
 2013-03-07 20:14:38 +02:00
Tasos Laskos d9a6f5f0ca Merge remote-tracking branch 'upstream/master' into bug/web-vuln-logging 2013-03-06 18:26:18 +02:00
Tasos Laskos c497d5ffef Auxiliary::Web: log methods pass vuln info to parent 2013-03-06 18:25:25 +02:00
David Maloney f5c23e4b02 fix typo snaffu 2013-03-05 12:35:21 -06:00
David Maloney 1407886e83 Revert "fix a major typo snaffu" 
This reverts commit c639de7ccc.
 2013-03-05 12:34:51 -06:00
David Maloney c639de7ccc fix a major typo snaffu 2013-03-05 12:33:37 -06:00
James Lee c0689a7d43 Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7 2013-03-04 12:14:33 -06:00
Tasos Laskos 99a8ec593b Fixing merge conflicts 2013-03-01 20:21:02 +02:00
Samuel Huckins 7b8654a71d Revert "Merge pull request #1534 from tasos-r7/bugfix/web-vuln-confidence" 
This reverts commit 3840ddccbc, reversing
changes made to e1891f0836.
 2013-03-01 11:41:06 -06:00
Samuel Huckins 3840ddccbc Merge pull request #1534 from tasos-r7/bugfix/web-vuln-confidence 
Auxiliary::Web: fixed confidence calculation in log methods
 2013-03-01 09:25:07 -08:00
Tasos Laskos 862b813786 Auxiliary::Web: fixed confidence calc in log methods 2013-03-01 18:33:16 +02:00
David Maloney c290bc565e Merge branch 'master' into feature/http/authv2 2013-02-28 14:33:44 -06:00