adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

174 Commits

Author SHA1 Message Date
Grant Willcox cd00585e12 Support properly handling tagging multiple hosts and then deleting those tags. 
This involves updating add_host_tag and delete_host_tag and performing some refactoring.
 2023-06-21 09:31:55 -05:00
Dean Welch c143124344 Add feature to set the status of ticket/ccache via klist 2023-01-25 13:28:43 +00:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
dwelch-r7 f4e0278125 Add remote data service support for autoroute 2020-12-18 11:00:55 +00:00
cgranleese-r7 aecc15c776 Fix for store_loot bug 2020-10-30 16:51:18 +00:00
Christophe De La Fuente 3728df544e base64-encode data for string and array 2020-09-16 16:49:44 +02:00
Jeffrey Martin dee523f9e7 load to mitigate first missing db connection 
When calling `first` in Rails 5.2 the connection is not found
however by forcing the records to load with `to_a` which happens to
function correctly the call is then sent to `Array.first`
 2020-08-03 10:51:18 -05:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
Adam Galway 8e3add3f5f simplifies get host id, renames endpoints & clean 2020-04-28 13:33:54 +01:00
Adam Galway 34d4835eb9 PRC: improved error handling 2020-04-24 11:27:50 +01:00
Adam Galway 789b5dec00 adds tag functionality for hosts 2020-04-22 16:47:23 +01:00
Francesco Soncina 64c4fec0d0 accept both array or string in report_loot() 2020-02-13 16:12:40 +01:00
Jeffrey Martin 10770b40a3 less code same result 2019-12-13 14:09:03 -06:00
Jeffrey Martin 9d89fc2eba clone options & return login object not core 2019-12-12 12:47:45 -06:00
Jeffrey Martin ba06624e57 consistent usage of :workspace key 2019-11-22 11:16:22 -06:00
dwelch-r7 191cbcdd12 Add some missing remote data calls 
Also adds some extra verification for the specified workspace in incoming requests
 2019-11-16 00:04:44 +00:00
Adam Cammack bd6a0c872f Remove workspace reqs from remote db payloads 
The requirements had already been removed from local payloads in
865f214a85
 2019-07-26 17:55:57 -05:00
bwatters-r7 93f8d94154 Changes to venom to handle pingbacks and really delete extra files, this time. 2019-07-25 19:45:10 -05:00
bwatters-r7 e710c93363 Remove async callback stuff for later work and change db checks 2019-07-25 19:45:10 -05:00
asoto-r7 b0d602e0df Added autoload entries for AsyncCallback 2019-07-25 19:45:10 -05:00
Aaron Soto 353e8e6be9 WIP: Remove PUT and DELETE endpoints 2019-07-25 19:42:25 -05:00
Aaron Soto a1b51361b0 Bring pingback-payload changes into public framework 2019-07-25 19:42:25 -05:00
Jacob Robles 7c29c56880 Bubble error 
Raise Validation error that is checked for
 2019-05-31 14:57:33 -05:00
William Vu 8e8763df5b Update invalidate_login to remove regex creds 2019-04-17 13:24:59 -05:00
Matthew Kienow 1b86c41dcc Add add_opts_workspace call to query and create 2019-03-25 19:39:25 -04:00
Matthew Kienow 6709780817 Add entry to autoload PayloadDataProxy 2019-03-25 13:43:16 -04:00
Matthew Kienow 98401072e5 Remove duplicate autoload for WebDataProxy 2019-03-25 13:38:32 -04:00
Brent Cook 656ef8f970 Land #11533, Fix credential reporting service lookups 2019-03-06 20:13:41 -06:00
Brent Cook 841c07a42c restore rescue for now 2019-03-06 19:35:12 -06:00
Brent Cook 4f08d1e864 Fix credential reporting service lookups. 
Noted by @actuated, auxiliary/scanner/ipmi/ipmi_dumphashes was displaying an error when run against an IPMI endpoint that had a common hash. This was due to the services lookup in the database not extracting the first element of the results array.

```
[-] Auxiliary failed: NoMethodError undefined method `id' for #<Array:0x000055615614b970>
[-] Call stack:
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:27:in `block (2 levels) in create_cracked_credential'
[-]   /home/bcook/.rvm/gems/ruby-2.6.1@metasploit-framework/gems/activerecord-4.2.11/lib/active_record/relation/delegation.rb:46:in `each'
[-]   /home/bcook/.rvm/gems/ruby-2.6.1@metasploit-framework/gems/activerecord-4.2.11/lib/active_record/relation/delegation.rb:46:in `each'
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:25:in `block in create_cracked_credential'
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/core.rb:166:in `data_service_operation'
[-]   /home/bcook/projects/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:15:in `create_cracked_credential'
[-]   /home/bcook/projects/metasploit-framework/lib/msf/core/auxiliary/report.rb:26:in `create_cracked_credential'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:317:in `report_cracked_cred'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:244:in `block (2 levels) in run_host'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:237:in `each'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:237:in `block in run_host'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:100:in `each'
[-]   /home/bcook/projects/metasploit-framework/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb:100:in `run_host'
[-]   /home/bcook/projects/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:111:in `block (2 levels) in run'
[-]   /home/bcook/projects/metasploit-framework/lib/msf/core/thread_manager.rb:106:in `block in spawn'
[*] Auxiliary module execution completed
```
 2019-03-06 17:08:34 -06:00
Matthew Kienow b658cf5d76 Use data_service_operation block to perform work 2019-03-06 12:11:27 -05:00
Aaron Soto 822f5357a2 Land #10675, DB manager for payloads: Resolve conflicts, add 'create!' to trigger database write 2019-03-04 14:58:03 -06:00
Matthew Kienow 8c29319b25 Add session_events method 2019-01-08 14:02:40 -05:00
James Barnett 466b0004e1 Land #11163, add API endpoint for retrieving Mdm::Events 2019-01-08 09:26:53 -06:00
Matthew Kienow 7e10b38421 Add events method 2018-12-21 21:37:42 -05:00
Matthew Kienow eec7a3dafc Remove debug code 2018-12-14 13:33:16 -05:00
Matthew Kienow b6cdf7aa9d Add update_session method 2018-12-14 12:04:55 -05:00
Matthew Kienow a8ed971f12 Move convert_msf_session_to_hash to data proxy 2018-12-14 11:46:12 -05:00
Jeffrey Martin 1eb4a79410 adjust error message on impart 2018-11-21 14:42:48 -06:00
Matthew Kienow 2571c8cd86 Use data_service_operation block to perform work 2018-11-12 23:45:29 -05:00
Matthew Kienow eb9dd311ce Add check that data service is active 2018-10-25 23:07:31 -04:00
Matthew Kienow 2f8aacbf8d Remove debug output 2018-10-25 14:44:11 -04:00
Matthew Kienow 64f8852797 Use data_service_operation block to perform work 
This fixes the session report issue when the database is disabled,
because no exceptions are thrown from the DataProxy under these
conditions.
 2018-10-25 14:38:13 -04:00
Matthew Kienow 7f8aeeb498 Raise RuntimeError rather than Exception 2018-10-25 14:29:24 -04:00
Matthew Kienow 8e2d6a62b1 Add block process data service operation method 2018-10-25 14:24:47 -04:00
Green-m 3c5aa93a0d Fix for style consistency. 2018-10-24 15:17:37 +08:00
Green-m 129425ca94 Fix session report bug when database disabled. 2018-10-24 14:48:03 +08:00
Erin Bleiweiss 9b5326994f Add remote data endpoint support for searching payloads 2018-09-18 15:50:55 -05:00
Erin Bleiweiss c8f48d4272 Add stubs for remote data payload 2018-09-14 10:21:24 -05:00
Erin Bleiweiss 1ec1b3b493 Save payloads and urls in database when running a module 2018-09-07 17:02:54 -05:00