David Maloney
15ba85bac2
fix missed deprecations
...
missed some deprecation warnings
2016-03-09 13:29:35 -06:00
David Maloney
88697a5d3f
Merge branch 'master' into staging/rails-upgrade
2016-03-08 15:22:04 -06:00
William Vu
3e0f8d67c9
Use #strip to more correctly simulate #blank?
...
See f900d9cf26
.
2016-03-07 13:14:37 -06:00
Brent Cook
289f43bb80
Land #4848 , remove some reliance on rails libraries from rex
2016-03-07 07:38:30 -06:00
Brent Cook
5a0bec81cb
disable warnings for now, to be reenabled when the module base class is updated
2016-03-06 17:19:05 -06:00
Brent Cook
a2c3b05416
Land #6405 , prefer default module base class of simply 'Metasploit'
2016-03-06 17:10:55 -06:00
Brent Cook
0fc4ebf4ab
Land #6618 , Improve Content-Length behavior in Rex HTTP
2016-03-06 16:38:44 -06:00
Brent Cook
a1190f4344
Land #6598 , add post module for setting wallpaper
2016-03-06 15:00:10 -06:00
Spencer McIntyre
a8ac078586
Land #6636 , fix met finalizers to not double close
2016-03-06 12:55:39 -05:00
Metasploit
a5cdd7e17f
Bump version of framework to 4.11.15
2016-03-04 16:56:02 -08:00
Metasploit
ce675330c0
Bump version of framework to 4.11.14
2016-03-04 14:49:55 -08:00
Gregory Mikeska
7f2400dd1b
Merge branch 'jbarnett-r7-feature/MS-833/ms08-067-automation' into upstream-master
2016-03-04 12:34:00 -06:00
Brent Cook
dcba20ff60
only cleanup processes once too
2016-03-04 12:08:19 -06:00
Brent Cook
c250740a81
Fixup finalizers to not double-close Meterpreter objects
...
We add finalizers to an assortment of Meterpreter-managed objects in order to
clean things up in the event that a post module crashes and does not clean
things up. However, this also means that even a properly-written post module
can lead to an object getting double-closed on the Meterpreter session when the
garbage collector kicks in. This can lead to quite non-deterministic behavior
and crashes.
This change modifies the instance close methods to unregister the finalizer on
close, ensuring we cannot do a double-close automatically if one is requested
explicitly first. As an additional measure, we check an instance variable to
see if we called close directly twice as well. This is not sufficient in
itself, since we do not have a reference to 'self' in the finalizer proc to
check the close state.
This also removes a couple of references to 'self' in the finalizer proc
itself, which may cure some memory leaks as well due to circular references.
2016-03-02 21:43:51 -06:00
Brian Patterson
30043bc519
Changed .all to .load in workspace.rb in order to eager load the relation and fix the 4.0 rails deprecation
2016-03-01 11:48:55 -06:00
William Vu
c5a9d59455
Land #6612 , one final missing change
2016-02-29 15:08:42 -06:00
William Vu
cb0493e5bb
Recreate Msf::Exploit::Remote::Fortinet
...
To match the path, even though it's kinda lame including it just for the
monkeypatch.
2016-02-29 15:04:02 -06:00
William Vu
300fdc87bb
Move Fortinet backdoor to module and library
2016-02-29 12:06:33 -06:00
wchen-r7
2950996cb8
Land #6612 , Add aux module for Fortinet backdoor
2016-02-29 12:02:49 -06:00
William Vu
53d703355f
Move Fortinet backdoor to module and library
2016-02-29 11:57:42 -06:00
wchen-r7
bff4b4d5fc
Fix #6609 and #6587 - Change Content-Length behavior in Rex HTTP
...
This patches changes two things:
1. If a module has a custom Content-Length, it will respect that
instead of forcing its own.
2. If a request does not have anything in the body, the
Content-Length header will not be set.
Fix #6609
Fix #6587
2016-02-29 10:50:21 -06:00
Fernando Arias
c4c5944b25
Merge branch 'staging/rails-upgrade' into staging/MS-888/engines-is-deprecated
...
Conflicts:
Gemfile.lock
metasploit-framework.gemspec
2016-02-26 15:35:34 -06:00
Brent Cook
7acba69e37
Land #6577 , add controls for Android ringer
2016-02-26 07:02:49 -06:00
Brent Cook
5899b8afc8
make help show up when things are not specified correctly
2016-02-26 06:09:05 -06:00
Brent Cook
d891e27cdd
Land #6597 , prefer Timeout.timeout since Object#timeout is deprecated
2016-02-25 22:17:49 -06:00
William Vu
83fad3e328
Add Fortinet backdoor
2016-02-25 21:29:08 -06:00
Brent Cook
a87cf02b50
Land #6524 , fix reverse_http to try binding to LHOST first
2016-02-25 20:25:02 -06:00
wchen-r7
2e268a25da
Land #6596 , Apache Karaf Login Utility
2016-02-25 14:39:51 -06:00
wchen-r7
7e25c7b87b
Handle OpenSSL::Cipher::CipherError
...
Our current net/ssh is petty outdated, so it is possible not being
able to connect to certain SSH servers.
2016-02-25 14:35:37 -06:00
Gregory Mikeska
cbc5b296e4
implement engines method locally instead of adding refinement
2016-02-25 11:05:17 -06:00
darkbushido
2ec7149ae7
Logging deprecations to STDERR
2016-02-25 10:59:50 -06:00
Metasploit
b32f474e99
Bump version of framework to 4.11.13
2016-02-24 11:37:42 -08:00
RageLtMan
d7ba37d2e6
Msf::Exploit::Remote::HttpServer print_* fix
...
Exploit::Remote::HttpServer and every descendant utilizes the
print_prefix method which checks whether the module which mixes in
these modules is aggressive. This is done in a proc context most
of the time since its a callback on the underlying Rex HTTP server.
When modules do not define :aggressive? the resulting exceptions
are quietly swallowed, and requestors get an empty response as the
client object dies off.
Add check for response to :aggressive? in :print_prefix to address
this issue.
2016-02-21 20:20:22 -05:00
Tim
cef1b77e26
fixes for android set_audio_mode
2016-02-20 12:01:10 +00:00
Metasploit
b868f7cc89
Bump version of framework to 4.11.12
2016-02-19 20:19:43 -08:00
RubenRocha
72a69fcd16
Fixed timeout warning
2016-02-19 21:14:54 +00:00
Louis Sato
9ba82453f8
Land #6584 , cidr notation addition for route command
2016-02-19 12:20:00 -06:00
Brent Cook
b409b2237d
update to use the common bind_addresses method
2016-02-18 18:17:56 -06:00
Brent Cook
1e58b1574a
Land #6502 , add -x flag for showing extended sessions info
2016-02-18 15:37:41 -06:00
Brent Cook
d316609fef
put extra columns under the -x flag
2016-02-18 15:36:43 -06:00
James Lee
28e6d8ef9e
Allow CIDR notation for the route command
2016-02-17 09:44:32 -06:00
James Lee
35e0a433ea
Make error output more useful
2016-02-16 14:45:00 -06:00
Brent Cook
95484c81fd
Land #6526 , fix browser exploit server spec
2016-02-15 16:23:04 -06:00
Brent Cook
1f58ad15ac
Browser::Exploit::Server needs to have vprint*
2016-02-15 16:21:24 -06:00
Brent Cook
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
Artem
c5469be59e
Add Android ringer change mode command
2016-02-15 15:07:48 -06:00
Brent Cook
2fddf333ed
add TLV entry
2016-02-15 15:04:15 -06:00
Artem
59bf850bb0
Update android.rb
...
Add request for Ringer Mode Changer
2016-02-15 14:59:15 -06:00
Brent Cook
4db2840af9
Land #6385 , add .apk template support for msfvenom
2016-02-15 14:27:08 -06:00
Metasploit
93cc7d58ba
Bump version of framework to 4.11.11
2016-02-12 15:38:50 -08:00