acf23e9c61
Sets config.eager_load to false for production envs
2023-03-21 12:31:33 +00:00
9dcaf93b29
Replace deprecated File.exists? with File.exist?
2023-03-05 14:30:47 +11:00
c143124344
Add feature to set the status of ticket/ccache via klist
2023-01-25 13:28:43 +00:00
760f5198ac
Add additional metasploit rpc documentation
2023-01-10 20:43:11 +00:00
cca49257c5
extend config due to warning
...
```
SECURITY WARNING: Your secret is not long enough. It must be at least
32 bytes long and securely random. To generate such a key for use
you can run the following command:
```
2022-10-20 14:39:05 -05:00
87e29b4599
Update thin kwargs usage
2021-08-10 15:40:19 +01:00
d240292253
move web service api code into library path
2021-08-09 12:22:43 -05:00
047a1eba07
Rails 6.1 upgrade
2021-08-09 12:16:08 -05:00
cfc7db8501
Update JSON RPC servlet helper to symbolize params object
2021-05-26 17:31:16 +01:00
7fe97cfda2
Add health check functionality
2021-04-16 01:59:22 +01:00
12c5dd6f44
Fix db connection support for rpc service
2021-04-02 05:30:34 +01:00
6f2ba26917
Fix missing constant error when accessing the api web service
2021-02-24 12:28:46 +00:00
b95be3ed10
Zeitwerk rex folder
2021-02-08 12:24:12 +00:00
bad5ccbc49
Remove msf/base requires
2021-01-05 14:59:46 +00:00
390b08d3d8
Fix namespacing for Route servlet
2020-12-18 11:00:55 +00:00
f4e0278125
Add remote data service support for autoroute
2020-12-18 11:00:55 +00:00
fb638e909a
Replace self with the explicit Module name
2020-12-11 11:44:39 +00:00
9e20bb5270
Add configurable logging to the console and support stdout sinks
2020-12-08 16:23:24 +00:00
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
03a30d80ef
creds need web service to support request by :id
2020-10-01 11:13:38 -05:00
4918ecf826
replaced get_service calls with services calls
2020-09-16 12:29:15 +01:00
1e348e0a90
add root path of endpoints that accept :id in path
...
When requesting all records of a type :id is not supplied. A behavior change
in `sinatra` now report a `param` of the missing object with value `nil`.
Since this parameter would be used as a search term further down the stack and
most objects cannot have `:id` = `nil` exposing the additional path is needed.
2020-07-31 11:56:52 -05:00
07cbe426e2
Rails 5, all models inherit from ApplicationRecord
...
ApplicationRecord is a new superclass for all app models, analogous to app controllers subclassing ApplicationController instead of ActionController::Base. This gives apps a single spot to configure app-wide model behavior.
https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#active-record-models-now-inherit-from-applicationrecord-by-default
Deprecated Relation#uniq use Relation#distinct instead.
https://edgeguides.rubyonrails.org/5_0_release_notes.html#active-record-deprecations
2020-07-31 11:56:49 -05:00
bc74900a41
🐛 fix #13781 set token from environment var
2020-06-29 15:07:33 +08:00
8e3add3f5f
simplifies get host id, renames endpoints & clean
2020-04-28 13:33:54 +01:00
0bd43096f1
PRC return tags for del & add, simplified DB call
2020-04-23 17:01:32 +01:00
789b5dec00
adds tag functionality for hosts
2020-04-22 16:47:23 +01:00
9f76f3ef08
Use rpc specific job status tracker and add default no op tracker
2020-03-13 13:32:57 +00:00
dd12e65828
adds middleware and application error handlers
2020-03-04 11:56:32 +00:00
dfaba0a98e
Add endpoints for report_web_*
2019-11-15 16:33:28 +00:00
d670e31e34
Remove unnecessary requirement
2019-10-15 15:18:41 +01:00
e0c86b2423
Remove references to file based token provision
2019-10-08 14:29:25 +01:00
fe3ec50239
Set API token in env instead of file
2019-10-08 13:46:07 +01:00
fcfc78acc5
Use consistent API auth failure error handling
2019-10-08 11:14:23 +01:00
8697b424b2
Use consistent environment variable name
2019-10-08 11:09:04 +01:00
6d74fa2586
Load token config from yml instead of json
2019-10-08 11:03:24 +01:00
1f4649a97c
Remove redundant begin block
2019-10-07 15:23:27 +01:00
6e3acd6e9b
Refactor nested else if to elsif
2019-10-07 15:23:01 +01:00
e1d44e2ae3
Remove redundant braces around hash param
2019-10-07 15:22:27 +01:00
8f33804fe0
Add file based API token authentication
...
Provides a mechanism to specify an API token from a json file.
If the DB is not enabled then the JSON RPC server will check for the
presence of an environment variable (MSF_API_TOKEN_FILE) which should
point to the path of a JSON file. The JSON file should contain a single
key "token". The value of this token is used as the API token which is
required for all JSON RPC API calls.
2019-10-07 14:57:40 +01:00
0a4932a61c
Remove swagger-ui css files
2019-03-21 12:52:30 -05:00
822f5357a2
Land #10675 , DB manager for payloads: Resolve conflicts, add 'create!' to trigger database write
2019-03-04 14:58:03 -06:00
b98133cded
Dont assign unique file name when theres no file on disk
2019-01-25 16:36:17 -06:00
fd6527bac8
Prepend loot filenames with unique string
...
This should help prevent accidentally overwriting files with the same name
2019-01-16 15:20:41 -06:00
705c269d27
Handle empty data values for loot
2019-01-16 10:59:07 -06:00
dc7d611780
Base64 encode the data field for each loot operation
2019-01-15 18:01:43 -06:00
5c308b1448
Remove nested loot object from host JSON
...
The code on the framework side that was utilizing this was removed
a while ago. It was never actually being used anywhere, and was causing
issues with getting host objects back when the loot contained
non-UTF-8 characters
2019-01-15 16:45:04 -06:00
d18c6bd158
Land #11188 , Correct authentication logic in host and event servlets
2019-01-10 13:09:26 -06:00
f125526e09
Land #11207 , implement db_import for web service
2019-01-10 10:28:29 -06:00
d117e6a1d1
Land #11142 , use POST for API token generation
2019-01-08 11:59:30 -05:00
Dean Welch