1c1103f9da
Land #11400 , Add --sec-name to msfvenom, update generate command
2019-02-19 21:11:01 -06:00
d2775c02f8
Land #11393 , If an option alias is deregistered, also deregister the original option
2019-02-19 20:57:23 -06:00
d15095f452
Land #11191 , add analyze command
2019-02-19 21:50:20 -05:00
25743e1346
one more missing doc
2019-02-19 10:03:20 -06:00
5e8d33483e
update docs to clarify workspace rewuirements
2019-02-15 17:32:49 -06:00
6460180423
guard for unknown host, fix processing of modules
2019-02-15 17:19:23 -06:00
5151473e09
Implement sec-name and pad-nops for command dispatcher
2019-02-13 13:35:42 -06:00
a5ae7c491d
Fixup line alignment.
2019-02-13 13:35:36 -06:00
1487ca8923
Fixed line alignment. New section name is made lowercase to comply with naming standard.
2019-02-13 13:35:26 -06:00
484329f6a0
Issue #6637 : Adds msfvenom option --sec-name to specify custom new section header name
2019-02-13 13:34:38 -06:00
16e800a7c4
Implement deregistering an option by alias
...
Rather than having to 'unregister' both 'RHOST' and 'RHOSTS' for modules using a network-connecting mixin, this allows just unregistering one option by exposing the alias key lookup to the module options library and allowing it to remove the datastore options for the module from validation.
Noted while testing #11108 that the module's unregister options were incomplete, and there were a few more like it. This allows modules operating in this style to work without modifications.
2019-02-13 05:07:20 -06:00
930d1fb78a
Land #11351 , many new John the Ripper module improvements
2019-02-13 03:05:14 -06:00
4a4717c3db
Land #10937 , remove server/client from module cache
2019-02-12 21:28:14 -06:00
7bad1eefd7
Land #11335 , Update hash parsing formats for JTR
2019-02-12 08:32:47 -06:00
5fc7167beb
Merge remote-tracking branch 'upstream/master' into land-10812-
2019-02-07 09:31:02 -06:00
0e838da56b
Land #11333 , Add initial scaffolding for external evasion module tools
2019-02-06 22:51:42 -06:00
08817d9c7e
Land #11342 , Modify Post read_file to check if file is readable
2019-02-06 22:48:13 -06:00
733f784472
add bcoles suggestions
2019-02-04 21:55:40 -06:00
748e1468b3
creds upgrade and apply_pot
2019-02-03 10:17:25 -05:00
0908d5a2d2
Rename default_options to describe_payload_options
2019-02-02 15:01:05 -05:00
47a13ea0e8
Modify Post read_file to check if file is readable
2019-02-01 19:44:18 +00:00
6343280364
Clean up external evasion module options
2019-02-01 11:54:22 -05:00
62560f9581
Add rudimentary Windows support to command_exists?
2019-01-31 22:07:30 -06:00
d0d383c8db
Move command_exists? to Msf::Post::Common
2019-01-31 22:04:29 -06:00
5cf97fd09b
remove nolonger used variable
2019-01-31 13:05:02 -06:00
162139ee1d
Keep advanced options in the same list
2019-01-31 13:41:18 -05:00
35ec947c17
remove is_server/is_client and `app` search term
2019-01-31 12:14:25 -06:00
a4d413348b
improve definition of `server/client` modules
...
update the cached data to define server vs client base on the
type of exploit module instead of the module stance.
2019-01-31 11:52:22 -06:00
9f6b9d586b
updating jtr formats in hashdumpers
2019-01-30 20:16:08 -05:00
da27c3eeae
centralize hash to jtr formatting
2019-01-30 16:24:05 -05:00
2e7a71ee9b
Add support for mettle debug
2019-01-29 15:13:44 -06:00
acded21f0c
Support default options for external modules
2019-01-29 11:29:18 -05:00
548185747f
Add support for advanced options for ext evasions
2019-01-29 09:09:58 -05:00
accdd791f7
Fix a args generation issue for external evasions
2019-01-28 16:10:44 -05:00
28370b7f29
Add support for external evasion modules
2019-01-28 13:22:22 -05:00
32c090868c
adjustments for analyze
2019-01-28 10:11:40 -06:00
56de74b3d6
db cisco hostname and version
2019-01-27 20:33:19 -05:00
d078fcd87c
Land #11270 , fix miscellaneous loot issues
2019-01-25 19:15:14 -05:00
b98133cded
Dont assign unique file name when theres no file on disk
2019-01-25 16:36:17 -06:00
27a0cbfcab
Rename file on disk when updating path attribute
2019-01-25 13:34:14 -06:00
f0aa002009
Land #10119 , Linux post-exploitation metashell
2019-01-24 11:24:12 -06:00
8b6807254b
Fix whoami
2019-01-24 10:57:53 -06:00
c09515da82
Update nuuo.rb
2019-01-24 07:52:56 +07:00
9ecd22e63c
Add Msf::Post::Linux::Kernel.cpu_flags
2019-01-23 11:35:38 +00:00
b5dbacc42f
Update lib/msf/core/exploit/remote/nuuo.rb
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-23 16:09:43 +07:00
08aa1c3ed0
Update lib/msf/core/exploit/remote/nuuo.rb
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-23 15:32:15 +07:00
d8f9e41686
Update lib/msf/core/exploit/remote/nuuo.rb
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-23 14:13:31 +07:00
3b98add519
Update nuuo.rb
2019-01-23 11:16:41 +07:00
9375ee2ffc
Change only the last methods to private
2019-01-23 11:00:42 +07:00
2a9b65e845
Land #11268 , set AndroidWakelock=true by default
2019-01-22 11:56:37 -06:00
0562aa50b4
Update nuuo.rb
2019-01-22 12:45:18 +07:00
94f5b4081f
Fix file download / upload bug
2019-01-22 11:17:47 +07:00
459598b91b
Update mixins to include new nuuo file
2019-01-21 16:40:37 +07:00
72a55fe0fc
Add nuuo NUCS core lib
2019-01-21 16:39:16 +07:00
444555d3be
Land #11261 , Add maximum word length to JtR wordlist generation
2019-01-20 04:14:57 +00:00
4b87d54430
Add comment explaining why we prevent loot.data update
2019-01-16 15:29:27 -06:00
fd6527bac8
Prepend loot filenames with unique string
...
This should help prevent accidentally overwriting files with the same name
2019-01-16 15:20:41 -06:00
705c269d27
Handle empty data values for loot
2019-01-16 10:59:07 -06:00
d6462fed63
Dont allow users to update loot.data
2019-01-16 10:01:22 -06:00
06de16a36f
Merge remote-tracking branch 'upstream/master' into pr/10119
2019-01-15 18:33:48 -06:00
dc7d611780
Base64 encode the data field for each loot operation
2019-01-15 18:01:43 -06:00
5c308b1448
Remove nested loot object from host JSON
...
The code on the framework side that was utilizing this was removed
a while ago. It was never actually being used anywhere, and was causing
issues with getting host objects back when the loot contained
non-UTF-8 characters
2019-01-15 16:45:04 -06:00
3bf4726b15
Fix pid_uid
2019-01-15 14:34:29 -06:00
923a4ba098
Land #11263 , uppercase KoreLogic in JTR modules
2019-01-15 08:50:11 -06:00
93f66a1f22
uppercase
2019-01-15 08:04:11 -05:00
2c02dbc8a6
add max_length to wordlist generation
2019-01-14 22:20:33 -05:00
2543d60465
Use 'to_s.strip' for Msf::Post::File.pwd output
2019-01-12 08:47:23 +00:00
e9a8d5708a
Land #11234 , @bcoles revisionism
2019-01-11 20:15:34 -06:00
a575c6d7c3
revisionism
2019-01-11 16:52:26 +00:00
d18c6bd158
Land #11188 , Correct authentication logic in host and event servlets
2019-01-10 13:09:26 -06:00
65f127a66f
Land #11222 , Display error when update operation has invalid fields
2019-01-10 11:33:22 -06:00
0435d7e1d6
Return the updated objects
2019-01-10 11:04:42 -06:00
5055e421f5
Add ! to cred update
2019-01-10 10:56:28 -06:00
0ad89528ea
Update pattern for creds
2019-01-10 10:55:36 -06:00
f125526e09
Land #11207 , implement db_import for web service
2019-01-10 10:28:29 -06:00
24f5422db9
use analyze.host to reflect final location of util
2019-01-09 16:59:50 -06:00
f93497de8f
refactor to allow analyze via rpc
2019-01-09 16:48:54 -06:00
84a8c9b638
Minor method comment change
2019-01-08 14:02:40 -05:00
d677eb16a9
Enhance session_events query
2019-01-08 14:02:32 -05:00
d117e6a1d1
Land #11142 , use POST for API token generation
2019-01-08 11:59:30 -05:00
466b0004e1
Land #11163 , add API endpoint for retrieving Mdm::Events
2019-01-08 09:26:53 -06:00
69ee3a4a26
Land #11187 , Conform LoginServlet to API standards
2019-01-07 17:03:39 -06:00
f23142c19c
Land #11183 , add authentication to LoginServlet endpoints
2019-01-07 17:02:31 -06:00
cfa22bb4ec
Exclude key from VulnDetail update
2019-01-07 16:33:50 -06:00
771469f4cd
Update all Mdm::xx.update() instances
2019-01-07 16:24:13 -06:00
6641c606b2
Add support for db import from remote data service
2019-01-07 14:32:27 -06:00
02fda8625a
Address code review comments.
...
- Fix CSS on submit button
- Dont generate a new token when logging in to web form
- Also added text to account page to send the user to the login page when not logged in
2019-01-07 13:52:01 -06:00
101fbb7aa5
Address code review comments
2019-01-04 15:23:24 -06:00
83267d08e0
Update jquery version and use SRI
2019-01-04 15:23:24 -06:00
4bbf84b949
Update login test page to use POST for generate-token
2019-01-04 15:22:32 -06:00
60681e4385
Use POST for token generation
2019-01-04 15:22:32 -06:00
1b29e17827
Dont array wrap refs
2019-01-04 15:10:21 -06:00
b875d391fc
WIP: updating ref lookup based on code review comments
2019-01-04 15:10:20 -06:00
0281ddf78c
Remove vuln_refs from Vuln JSON schema
...
This object is just a pointer between Vulns and refs. We don't need to surface it
2019-01-04 15:10:20 -06:00
e9931fa70e
Fix bug when updating Mdm::Vuln.refs
2019-01-04 15:10:19 -06:00
4fc65b39a1
Make position of warden call the same as others
...
Minor correction for consistent usage since a previous refactoring moved
the authenticate call into the begin block.
2018-12-31 16:38:26 -05:00
7b22527f8f
Make error message use same language as others
2018-12-31 16:37:08 -05:00
05d810ac23
Add support for GET with ID in the path
2018-12-31 15:46:00 -05:00
0e56c30ab2
Use data object wrapper for JSON response
2018-12-31 15:43:16 -05:00
12f4222b2e
Fix to ensure authentication
2018-12-28 16:29:33 -05:00
Brent Cook
Matthew Kienow
Jeffrey Martin
Patrick
Pedro Ribeiro
h00die
Spencer McIntyre
Brendan Coles
William Vu
bwatters
James Barnett
Wei Chen
Jacob Robles
Erin Bleiweiss