infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Metasploit Framework
30,529 Commits
7 Branches
556 Tags
419 MiB
Ruby 97.9%
C 0.8%
Python 0.4%
HTML 0.2%
JavaScript 0.2%
Other 0.1%
 
 
 
 
 
 
Go to file
Brent Cook 8b3a0a0bb1 really fix the cmdweb test 
this test to include the CmdStager module, not the CmdStagerVbs class

Before:
```
msf > loadpath test/modules
Loaded 32 modules:
    8 posts
    12 auxiliarys
    12 exploits
```

After:
```
msf > loadpath test/modules
Loaded 33 modules:
    8 posts
    12 auxiliarys
    13 exploits
msf > use exploit/test/cmdweb
msf exploit(cmdweb) > info

       Name: Command Stager Web Test
     Module: exploit/test/cmdweb
   Platform: Windows
 Privileged: Yes
    License: Metasploit Framework License (BSD)
       Rank: Manual
  Disclosed: 2010-02-03

Provided by:
  bannedit <bannedit@metasploit.com>

Available targets:
  Id  Name
  --  ----
  0   Automatic Targeting

Basic options:
  Name     Current Setting  Required  Description
  ----     ---------------  --------  -----------
  Proxies                   no        A proxy chain of format type:host:port[,type:host:port][...]
  RHOST                     yes       The target address
  RPORT    8080             yes       The target port
  VHOST                     no        HTTP server virtual host

Payload information:

Description:
  This module tests the command stager mixin against a shell.jsp
  application installed on an Apache Tomcat server.

msf exploit(cmdweb) > set RHOST 127.0.0.1
RHOST => 127.0.0.1
msf exploit(cmdweb) > run

[*] Started reverse handler on 127.0.0.1:4444
[*] Command Stager progress -   2.01% done (2046/101881 bytes)
[*] Command Stager progress -   4.02% done (4092/101881 bytes)
[*] Command Stager progress -   6.02% done (6138/101881 bytes)
[*] Command Stager progress -   8.03% done (8184/101881 bytes)
[*] Command Stager progress -  10.04% done (10230/101881 bytes)
[*] Command Stager progress -  12.05% done (12276/101881 bytes)
[*] Command Stager progress -  14.06% done (14322/101881 bytes)
[*] Command Stager progress -  16.07% done (16368/101881 bytes)
[*] Command Stager progress -  18.07% done (18414/101881 bytes)
...
```
 		2015-01-27 11:44:34 -06:00
app turn nil publics and privates into blanks 2014-09-05 16:06:58 -05:00
config Ensure logging in ~/.msf4/log 2015-01-07 09:37:07 -06:00
data Land #4624, Firefox 33-35 os.js support 2015-01-22 13:35:47 -06:00
db structure.sql update 2015-01-16 12:19:41 -06:00
documentation Restore the hallowed developer's guide 2014-12-03 16:50:18 -06:00
external Land #4562, wchen-r7's Win8 NtApphelpCacheControl privilege escalation 2015-01-15 13:52:07 -06:00
features Land #4504, @disenchant's get/getg improvement 2015-01-26 12:49:34 -08:00
lib Squash commit for blank creds search and test 2015-01-26 16:26:30 -06:00
modules Fix bugs and make final changes 2015-01-26 23:29:10 -06:00
plugins One more http// fix 2015-01-03 02:32:08 -06:00
script rails generate cucumber:install 2014-08-27 14:10:04 -05:00
scripts patch metsvc to use MeterpreterBinaries.path 2014-12-29 11:21:21 -06:00
spec Also test for nonmatching passwords 2015-01-26 17:02:58 -06:00
test really fix the cmdweb test 2015-01-27 11:44:34 -06:00
tools Revert #4593, msftidy extraneous comma check 2015-01-22 14:28:27 -06:00
.gitignore Also .gitignore the source directory for metakitty 2014-12-03 16:12:30 -06:00
.gitmodules Add RDI submodule, port Kitrap0d 2013-11-27 16:04:41 +10:00
.mailmap Okay last dupe I swear 2014-12-31 14:29:59 -06:00
.rspec Add modern --require to .rspec 2014-10-08 10:55:40 -05:00
.rubocop.yml Reapply PR #4113 (removed via #4175) 2014-11-11 15:06:43 -06:00
.ruby-gemset Restoring ruby and gemset files 2014-05-20 10:17:00 -05:00
.ruby-version Default Ruby 2.1.5 for everyone 2015-01-02 11:33:36 -06:00
.simplecov Remove fastlib 2014-09-18 15:24:21 -05:00
.travis.yml Cache bundle 2014-12-31 14:00:11 -06:00
.yardopts update .yardopts 2014-07-24 13:59:04 -05:00
CONTRIBUTING.md Missed one in CONTRIBUTING.md 2014-12-19 17:32:28 -06:00
COPYING Happy new year! 2014-12-31 12:12:45 -06:00
Gemfile Disable simplecov on travis-ci 2014-12-05 11:58:09 -06:00
Gemfile.local.example Fix example Gemfile.local to work with existing 2014-06-24 00:00:47 -05:00
Gemfile.lock resolve lockfile conflict Merge branch 'master' into bug/MSP-11643/service-uniqueness-validation 2015-01-16 12:11:05 -06:00
HACKING Update link for The Metasploit Development Environment 2014-07-15 10:16:47 -05:00
LICENSE Happy new year! 2014-12-31 12:12:45 -06:00
README.md Normalize links to metakitty, unleashed, and wiki 2014-12-20 12:53:34 -06:00
Rakefile Merge branch 'feature/MSP-11130/metasploit-framework-spec-constants' into feature/MSP-11147/thread-leak-detection 2014-11-05 15:47:59 -06:00
metasploit-framework-db.gemspec updated gemfile and lock file 2015-01-16 12:07:29 -06:00
metasploit-framework-full.gemspec Make the version constraint a range 2014-12-19 13:54:13 -06:00
metasploit-framework-pcap.gemspec Depend on metasloit-framework in optional gemspecs 2014-11-05 12:33:44 -06:00
metasploit-framework.gemspec Update to the latest meterpreter_bins 2015-01-09 16:57:10 -06:00
msfbinscan Fix typo in msfbinscan 2014-12-18 02:43:24 +01:00
msfcli Add deprecation warning to msfcli, 6 months 2014-12-18 09:39:50 -06:00
msfconsole Use Rex::Compat.open_file to open profiling report 2014-09-19 11:13:28 -05:00
msfd Remove fastlib 2014-09-18 15:24:21 -05:00
msfelfscan Remove fastlib 2014-09-18 15:24:21 -05:00
msfencode Add a link to PR #4333 in the message 2014-12-09 13:04:35 -06:00
msfmachscan Remove fastlib 2014-09-18 15:24:21 -05:00
msfpayload Add a link to PR #4333 in the message 2014-12-09 13:04:35 -06:00
msfpescan Remove fastlib 2014-09-18 15:24:21 -05:00
msfrop Remove fastlib 2014-09-18 15:24:21 -05:00
msfrpc Remove fastlib 2014-09-18 15:24:21 -05:00
msfrpcd Remove call to legacy db.sink queue, closes #4244 2014-11-22 17:19:12 -06:00
msfupdate
msfvenom Well, should be -1 2014-12-19 16:36:05 -06:00

README.md

Metasploit Build Status Code Climate

The Metasploit Framework is released under a BSD-style license. See COPYING for more details.

The latest version of this software is available from https://metasploit.com/

Bug tracking and development information can be found at: https://github.com/rapid7/metasploit-framework

API documentation for writing modules can be found at: https://rapid7.github.io/metasploit-framework/api

Questions and suggestions can be sent to: https://lists.sourceforge.net/lists/listinfo/metasploit-hackers

Installing

Generally, you should use the free installer which contains all dependencies and will get you up and running with a few clicks. See the Dev Environment Setup if you'd like to deal with dependencies on your own.

Using Metasploit

Metasploit can do all sorts of things. The first thing you'll want to do is start msfconsole, but after that, you'll probably be best served by reading Metasploit Unleashed, the great community resources, or the wiki.

Contributing

See the Dev Environment Setup guide on GitHub which will walk you through the whole process starting from installing all the dependencies, to cloning the repository, and finally to submitting a pull request. For slightly more info, see Contributing.