adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1940 Commits

Author SHA1 Message Date
sinn3r 61e58dc6d3 Yard doc 2014-09-02 20:48:07 -05:00
sinn3r 954475c0bf Add rspec and update about secure admin 2014-09-02 20:35:25 -05:00
David Maloney 928aeffcba add wordpress_rpc loginscanner and specs 2014-08-29 13:06:12 -05:00
Samuel Huckins fa77caa819 Merge branch 'bug/MSP-11153/database-config-overrides' 
MSP-11153 #land
 2014-08-28 17:12:37 -05:00
Luke Imhoff 20177c7c23 Restore backup database.yml when retesting after interrupt 
MSP-11153

Restore the config/database.yml backed up to
config/database.yml.cucumber.bak in the db:config:restore task, which is
made a dependency of the environment rake task so that
config/database.yml is restored before Rails tries to use it in the
environment task.  This specifically, allows for rake cucumber to be
interrupted when the config/database.yml has been moved to
config/database.yml.cucumber.bak and a subsequence rake cucumber to
succeed and restore config/database.yml, but any task that depends on
environment will restore the config/database.yml.
 2014-08-28 15:20:53 -05:00
sinn3r f097ef96e0 Use && 2014-08-28 12:13:03 -05:00
sinn3r d0d9949d91 Do SSL options correctly 2014-08-28 12:04:14 -05:00
Luke Imhoff 275fa5cb50 Remove unnecessary return 
MSP-11153

Leftover from earlier design.
 2014-08-27 16:58:45 -05:00
Luke Imhoff 83b6f268b4 Remove unnecessary realpath 
MSP-11153

Causes errors on machines that don't have ~/.msf4 like travis-ci.
 2014-08-27 16:58:05 -05:00
sinn3r df215a380d Do not send 2 content-length headers 2014-08-27 16:05:08 -05:00
sinn3r a32ffc4c26 Add the final portion for Glassfish login module 2014-08-27 15:09:11 -05:00
Luke Imhoff 951ce15b44 Move database.yml selection to Metasploit::Framework::Database 
MSP-11153

Test the following paths in order and only return them if the path
exists:

1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
 2014-08-27 12:01:43 -05:00
sinn3r 5d8cbe0544 Early version of Glassfish using LoginScanner 2014-08-27 01:23:02 -05:00
Tom Sellers 4a1b037af0 Remaining files.. 2014-08-26 18:15:58 -05:00
David Maloney c42517a14a missing exception rescue 
needed to also rescue Errno::ETIMEDOUT
 2014-08-26 13:58:34 -05:00
David Maloney 32b1a5ea23 add ipboard loginscanner 
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
 2014-08-25 13:58:30 -05:00
Joe Vennix 95fbb8f1b7 Land PR #3672, dmaloney-r7's login scanner credential rework. 2014-08-22 11:15:32 -05:00
Brandon Turner 05f0d09828 Merge branch staging/electro-release into master 
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
 2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3 Revert "Various merge resolutions from master <- staging" 
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
 2014-08-22 10:17:44 -05:00
James Lee c3e8bc8fa0 Fix a crash when we can't connect to PG, again 2014-08-20 11:02:46 -05:00
James Lee fa27def41f Revert "Fix a crash when we can't connect to PG" 
This reverts commit b6deb6a342.
 2014-08-20 11:01:29 -05:00
James Lee b6deb6a342 Fix a crash when we can't connect to PG 
MSP-11061

No Postgres, no cry
 2014-08-19 15:30:24 -05:00
David Maloney 473b92a060 Merge branch 'master' into feature/MSP-10992/scanner-dry 
Conflicts:
	Gemfile.lock
	lib/metasploit/framework/command/console.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/credential.rb
	lib/metasploit/framework/credential_collection.rb
	lib/metasploit/framework/login_scanner/afp.rb
	lib/metasploit/framework/login_scanner/axis2.rb
	lib/metasploit/framework/login_scanner/db2.rb
	lib/metasploit/framework/login_scanner/ftp.rb
	lib/metasploit/framework/login_scanner/http.rb
	lib/metasploit/framework/login_scanner/mssql.rb
	lib/metasploit/framework/login_scanner/mysql.rb
	lib/metasploit/framework/login_scanner/pop3.rb
	lib/metasploit/framework/login_scanner/postgres.rb
	lib/metasploit/framework/login_scanner/result.rb
	lib/metasploit/framework/login_scanner/smb.rb
	lib/metasploit/framework/login_scanner/snmp.rb
	lib/metasploit/framework/login_scanner/ssh.rb
	lib/metasploit/framework/login_scanner/telnet.rb
	lib/metasploit/framework/login_scanner/vnc.rb
	lib/metasploit/framework/parsed_options/console.rb
	lib/metasploit/framework/require.rb
	lib/metasploit/framework/version.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/afp/afp_login.rb
	modules/auxiliary/scanner/db2/db2_auth.rb
	modules/auxiliary/scanner/ftp/ftp_login.rb
	modules/auxiliary/scanner/http/axis_login.rb
	modules/auxiliary/scanner/http/http_login.rb
	modules/auxiliary/scanner/http/tomcat_mgr_login.rb
	modules/auxiliary/scanner/mssql/mssql_login.rb
	modules/auxiliary/scanner/mysql/mysql_login.rb
	modules/auxiliary/scanner/pop3/pop3_login.rb
	modules/auxiliary/scanner/postgres/postgres_login.rb
	modules/auxiliary/scanner/snmp/snmp_login.rb
	modules/auxiliary/scanner/ssh/ssh_login.rb
	modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
	modules/auxiliary/scanner/telnet/telnet_login.rb
	modules/auxiliary/scanner/vnc/vnc_login.rb
	modules/auxiliary/scanner/winrm/winrm_login.rb
	spec/lib/metasploit/framework/credential_spec.rb
	spec/lib/msf/core/framework_spec.rb
 2014-08-19 10:30:16 -05:00
James Lee b9e449f5e2 Fix crash when database.yml doesn't exist 2014-08-18 12:40:57 -05:00
Samuel Huckins 82760bf5b3 Deprecation warnings hidden for non-listeners 2014-08-15 12:33:44 -05:00
Samuel Huckins 149c3ecc63 Various merge resolutions from master <- staging 
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
 2014-08-15 11:33:31 -05:00
David Maloney 84374fe92c Merge branch 'staging/electro-release' into bug/MSP-11050/rails_root 2014-08-12 13:54:38 -05:00
David Maloney 12f1234296 always set our rails root to our root 
this works fine when calling any framework binaries
from their path as CWD. if you call tehm from another path
you will get an incorrect root which can cause certain things to load
incorrectly

Signed-off-by: David Maloney <DMaloney@rapid7.com>
 2014-08-12 13:53:28 -05:00
David Maloney fcfce9efec Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry 2014-08-12 11:22:51 -05:00
Luke Imhoff e051272a20 Fix typo 
MSP-11046

`ActiveSupport::OrderedOptions` automatically create an attribute for
any missing keys, so when `options.console.resource` was used it would
return `nil` instead of the erroring.  The correct option name was
`options.console.resources` (note the pluralization).
 2014-08-12 10:49:35 -05:00
Luke Imhoff 9096a8a1f5 Remove Msf::Framework::VersionAPI 
MSP-10998

It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
 2014-08-01 21:43:14 -05:00
Luke Imhoff 22db5aad8a Remove Msf::Framework::VersionCore 
MSP-10998

It can't handle 4.10.0 because it tries to compact the multiple part
version into one float using (1 / 10.0).
 2014-08-01 21:31:48 -05:00
darkbushido ceaffce727 Merge branch 'pr/3593' into staging/electro-release 2014-08-01 16:01:10 -05:00
David Maloney ab7111120b and all the rest 
finally!
 2014-08-01 14:54:18 -05:00
David Maloney 4821851ae4 telnet and ssh next 2014-08-01 14:47:08 -05:00
David Maloney 12902b0a6d the refactor continues! 2014-08-01 14:41:03 -05:00
David Maloney b74813b9a1 mysql and pop3 now 2014-08-01 14:30:33 -05:00
David Maloney 2e7738c788 http and mssql now 2014-08-01 14:22:58 -05:00
dmaloney-r7 e6a0e079b6 Merge pull request #3596 from darkbushido/bug/MSP-10937/adding-parent-to-cores-to-credential 
.to_credential now assigns a parent
 2014-08-01 13:13:48 -05:00
David Maloney 33f73a8af7 refactor db2 2014-08-01 13:00:27 -05:00
David Maloney 439b893fea refactor axislogin 2014-08-01 12:30:16 -05:00
David Maloney 0fffb179fa refactor afp_login 2014-08-01 12:10:52 -05:00
David Maloney db345fcb58 make credential_collection always set private_type 2014-08-01 11:57:35 -05:00
David Maloney a380646667 start refactoring ftp loginscanner 2014-08-01 11:47:13 -05:00
David Maloney 320f032dfe add to_h to result 2014-08-01 11:46:43 -05:00
David Maloney dbde046f44 use to_h instead of to_hash 
apparently ruby 2 adds this as a standard method so
we should stay compliant
 2014-08-01 09:45:51 -05:00
David Maloney 0e65792f43 Merge branch 'staging/electro-release' into feature/loginscanner-report-dry 2014-08-01 09:41:30 -05:00
Brandon Turner 0ad2a7c89b Bump version to 4.10.0 2014-07-31 23:43:46 -05:00
David Maloney 374c6532fa add to_hash to Credential 
begining of the chain to DRYing up
credential reporting in the loginscanner
 2014-07-31 18:10:48 -05:00
darkbushido ad6eed01a2 .to_credential now assigns a parent 
Metasploit::Credential::Core#to_credential will set the parent to the original core objext
Metasploit::Framework::Credential#to_credential also sets the parent to itself.
 2014-07-31 14:52:27 -05:00