18715d0367
Store the retrieved commands on the session
2012-04-05 13:18:26 -06:00
b752cb8b31
Retrieve the list of new commands
...
The client side doesn't do anything with them yet
2012-04-05 13:18:26 -06:00
354c754aa4
Whitespace at EOL
2012-04-05 13:18:26 -06:00
4afcb4cb9d
Create instance methods that return extensions
...
Before this change, meterpreter sessions would not #respond_to? their
extensions despite having a pseudo-accessor for them:
```
>> client.respond_to? :sys
=> false
>> client.sys
=> #<Rex::Post::Meterpreter::ObjectAliases:0x0000000e263488 @aliases={"config"=>#<Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Config:0x0000000e268dc8 @client=#<Session:meterpreter 192.168.99.1:55882 (192.168.99.1) "uid=1000, gid=1000, euid=1000, egid=1000, suid=1000, sgid=1000 @ wpad">>, "process"=>#<Class:0x0000000e268d20>, "registry"=>#<Class:0x0000000e266da0>, "eventlog"=>#<Class:0x0000000e2654e8>, "power"=>#<Class:0x0000000e263c30>}>
```
After:
```
>> client.respond_to? :sys
=> true
```
2012-04-05 13:18:26 -06:00
585245501a
Print an error when trying to open a dir as a file
...
Prevents unnecessary stack traces
2012-04-05 11:49:03 -06:00
2c992c976d
Cut session info at 80 columns
...
Prevents a long "id" line from destroying the layout
2012-04-05 11:07:42 -06:00
8628991b1d
Merge pull request #305 from jlee-r7/bap-refactor
...
Bap refactor
2012-04-05 08:02:43 -07:00
778fed9a19
Put things in the right namespace
2012-04-05 01:22:27 -06:00
0ddfa79a34
Move javascriptosdetect out to its own file
...
Allows editors to easily highlight correctly which makes editing a
little nicer. Also makes it easier to debug because line numbers are
only off by the length of the custom_js argument.
2012-04-04 17:07:17 -06:00
57c22a50fa
Merge pull request #296 from allfro/patch-1
...
rpc_loots method uses the wrong iteration variable ('n' instead of 'l')
2012-04-04 13:58:18 -07:00
32654b3578
Whitespace at EOL
2012-04-04 09:41:50 -06:00
e901f9cc50
Add a couple of fingerprints and sort some
...
This is in terrible need of some more crowd-sourced fingerprint
gathering.
2012-04-03 18:18:32 -06:00
bed6e06e0a
Error in tag. Should be :updated_at instead of :modified_at.
2012-04-03 14:52:45 -03:00
60fa58c9cf
rpc_loots method uses the wrong iteration variable ('n' instead of 'l') for service.port and service:
...
n.service.port should be l.service.port
n.service should be l.service
2012-04-03 13:10:10 -03:00
4a3d2a18de
hard tabs
2012-04-02 21:42:51 -05:00
a4d9e59934
silly registry typos
2012-04-02 21:33:01 -05:00
9dbd5e87fd
move the lab code to a gem, and make sure the plugin warns users to install the gem
2012-04-02 16:00:43 -05:00
afe3168a36
Enable additional migration-path parameters, use a temporary directory to bring the database online
...
Conflicts:
lib/msf/core/db_manager.rb
2012-03-31 12:05:54 -05:00
62a54e0ad6
Account for stagers that use Assembly
...
Since staged payloads end up with an array of architectures, this was
failing to find a cpu and causing uncaught exceptions that crashed
msfconsole at startup. This only occurred when a stager contained an
Assembly directive. None of the default paylaods do this, so users
should generally not have been affected.
2012-03-30 17:57:56 -06:00
11a1ae3a8d
Typo in a comment
2012-03-30 16:30:13 -06:00
bd4819e8f2
Merge pull request #238 from mak/linux-x64-find-port
...
linux/x64/shell_find_port payload
2012-03-29 05:54:54 -07:00
016ba1613d
fix generating war files for Java payloads from within msfconsole
...
This fixes this use case:
use payload/java/meterpreter/reverse_tcp
generate -t war -f filename.war
2012-03-28 14:02:46 -06:00
e522b40465
Make sure session.target_host gets resolved
...
Not sure why this isn't already resolved when we read it out of the
datastore. May have something to do with the recent options madness.
[Fixes #6567 ]
2012-03-28 13:44:23 -06:00
b1683c94ef
Merge pull request #281 from jlee-r7/module-tests
...
Module tests
2012-03-27 10:23:20 -07:00
812457fed0
Rename enum_user_dirs
2012-03-27 10:52:16 -06:00
a0f0aadad3
Fixing checksum uri generator again.
...
This time, it's ensured that generate_uri_checksum(sum) will succeed,
provided the sum is an even number between 80 and 100 (tested)
It's still not great for arbitrary checksum targets, but that's because
there are lots of strings that cannot satisfy the requirement. I kind of
think this is the fault of Rex.
2012-03-27 08:34:52 -05:00
ad92eff66c
Correct an issue where launched exploits only used saved configurations
2012-03-26 22:43:33 -05:00
eb9b92268e
Merge pull request #257 from ChrisJohnRiley/base32
...
Added a Rex library for encoding to/from Base32, based on Samuel Tesla's free Ruby implementation.
2012-03-26 17:34:19 -07:00
98882621c0
Allow empty values for OptRegexp options
2012-03-26 17:06:43 -06:00
84197a8903
Return a proper value instead of a silly print
2012-03-26 15:40:43 -06:00
5cacf5f8f6
A still cleaner checksummed URI generator
...
Now with http and https support.
2012-03-26 12:34:30 -05:00
899c6529c3
Revert "Precalculate some uri strings in case the 1000-round generation fails"
...
This reverts commit 7161a548f4
2012-03-26 12:34:30 -05:00
27d3f490f7
Precalculate some uri strings in case the 1000-round generation fails
2012-03-26 12:33:54 -05:00
9fad028d8a
A nicer checksum fixer
...
Just use a checksum digit like a cc#, no need for precalculated lists,
will be correct every time.
2012-03-26 11:59:29 -05:00
b2b2580dbf
Adding the correct url for exploit-db exploits.
2012-03-22 14:26:46 -05:00
c589420f42
Typo fix, missing comma
2012-03-21 16:43:21 -05:00
75785a8b9f
Got tired of writing out Exploit-DB identifiers
...
There are 143 modules with exploit-db references, may as well make them
easier to write and find. This change introduces the EDB identifier.
2012-03-21 16:43:21 -05:00
b49b947b9a
Added Base32 Support
2012-03-21 22:02:46 +01:00
bba98136b6
Clarify the driver situation a bit
...
Tell the user what's really going on instead of what was going on before
4.2 was released and we still supported databases other than postgres.
2012-03-19 21:13:49 -06:00
e938f24267
Update Spiceworks importer to use CSV, keep info
...
Instead of data.each, use the stdlib CSV importer. This will avoid
accidentally splitting on ',' characters at a minimum.
If the device has a serial number and/or a location, keep that and
reflect it in the info.
2012-03-19 12:45:25 -05:00
d25756976c
Add a binary-safe method for writing files on unix shell sessions
...
Also some tests for doing so, all of which pass on Linux, Windows, and
Java meterpreter, as well as shell sessions on Linux and Solaris. They
will fail miserably on Windows shell sessions.
2012-03-19 01:10:23 -06:00
66727043f9
Add an inspect method that doesn't print the entire buffer
...
Also cleans up some whitespace
2012-03-19 01:10:23 -06:00
14fdde67ab
Use a proper mode for appending
2012-03-16 17:18:44 -06:00
47ce05cc27
Add a couple methods and some tests for Post::File
2012-03-16 16:27:06 -06:00
6754bccf78
Use #session_compatible? instead of looping through #compatible_sessions
2012-03-16 12:12:08 -06:00
65b92efe8c
Fix an ancient syntax fail
2012-03-16 02:03:54 -06:00
9aaf6af072
Return network prefixes when available
...
Solves #6525 on Vista+. Win2k still works using the old MIB method
(which doesn't support ipv6). Win2k3 and XP are still busted for
unknown reasons.
2012-03-16 01:50:26 -06:00
916f23fe4e
Add IPv6 support for bit2netmask
2012-03-16 01:50:26 -06:00
a3db547c76
Justify TLVs to be a little easier to read
2012-03-16 01:50:26 -06:00
6011da7db8
More Virtualisation SSL fixes
2012-03-15 19:06:48 -05:00
James Lee