adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37,996 Commits 27 Branches 1,043 Tags
66ec0011105ba65b4d15c6cfb76f4acc565eaf21
Commit Graph

7667 Commits

Author SHA1 Message Date
William Vu feb1394630 Land #6752, compact table for advanced options 2016-04-09 21:25:43 -05:00
wchen-r7 ae46b5a688 Bring #6417 up to date with upstream-master 2016-04-08 13:41:40 -05:00
James Lee 2563634dce Fix inverted logic introduced by #6734 
MS-385
 2016-04-06 22:03:31 -05:00
James Lee 8cc1d2ec89 Make advanced and evasion options readable 2016-04-05 15:05:58 -05:00
wchen-r7 4d5695f7fc Land #6743, reimplement HD's session interrupt handler 
MS-385
 2016-04-05 11:16:32 -05:00
David Maloney cde89b90cd Land #6744, Deprecation on host eager load 
Lands SemperVictus' pr for fixing a deprecation warning
on eager loading the hosts table
 2016-04-05 09:19:16 -05:00
Justin Steven 3bcac49c21 Fix: badchars.present? is false for whitespace 
badchars.present? is false in the case of badchars containing only whitespace.

Instead check for is not empty and is not nil.
 2016-04-05 10:09:56 +10:00
greg.mikeska@rapid7.com 5e8ed09b66 Merge branch 'task/MS-1354/OpenVAS-Nessus-Importer' of https://github.com/bpatterson-r7/metasploit-framework into bpatterson-r7-task/MS-1354/OpenVAS-Nessus-Importer 2016-04-04 17:07:05 -05:00
RageLtMan 992df12fa7 Address ActiveRecord deprecation warning 
AR will start to complain about eager loading in command_dispatcher
/db.rb:519 because it references hosts as string without explicitly
stating that the table is being referenced.

Add a call .references in the AR call chain after the where clause
to silence this abysmal warning.
 2016-04-02 00:22:26 -04:00
David Maloney 64b94dfe3b reimplement HD's session interrupt handler 
reimplement HD's work on a session interrupt handler
so that if an exploit fails the handler does not continue
waiting for a session that will never come

MS-385
 2016-04-01 14:43:16 -05:00
wchen-r7 618f379488 Update auxiliary/scanner/redis/redis_server and mixin 2016-03-31 17:14:49 -05:00
wchen-r7 2e7d07ff53 Fix PASSWORD datastore option 2016-03-31 17:12:00 -05:00
Brian Patterson 8f0d664a38 Modify the open_vas importer to support both results.xml and reports.xml open_vas exports and modify the nessus importer to import what it can when it can't find a properly formatted port number 2016-03-30 17:44:26 -05:00
wchen-r7 a2a522be07 Land #6716, Add a rescue to catch method missing for stage_payload 2016-03-30 13:08:52 -05:00
wchen-r7 280aeb0b59 Land #6727, Show handler URI so we know which job's responding 2016-03-30 12:22:18 -05:00
James Lee ead6e6b6b6 Use a print_prefix instead 2016-03-30 11:50:45 -05:00
James Lee 0a239742f5 Show handler URI so we know which job's responding 2016-03-30 11:35:04 -05:00
wchen-r7 797acd625d Land #6714, Kill defanged mode 2016-03-30 10:54:56 -05:00
thao doan 587f1ee7b3 Land #6708, module documentation for msfconsole 2016-03-29 11:30:55 -07:00
Brent Cook e25525b4a7 avoid validating file-based datastore options on assignment 
file:/ strings are special with some datastore options, causing them to read a
file rather than emitting the exact string. This causes a couple of problems.

1. the valid? check needs to be special on assignment, since normalization
   really means normalizing the path, not playing with the value as we would do
   for other types

2. there are races or simply out-of-order assignments when running commands
   like 'services -p 80 -R', where the datastore option is assigned before the
   file is actually written.

This is the 'easy' fix of disabling assignment validation (which we didn't have
before anyway) for types that can expect a file:/ prefix.
 2016-03-28 23:03:17 -05:00
OJ 6523600952 Add a rescue to catch method missing for stage_payload 
This allows us to provide a friendlier message to users when they are
using a stageless listener with a staged payload.
 2016-03-29 09:46:09 +10:00
James Lee f1857d6350 Kill defanged mode 2016-03-28 09:02:07 -05:00
Brendan Watters 18604c3d44 Land #6705, Rectify MSF_CFGROOT_CONFIG comment 2016-03-24 18:21:05 -05:00
wchen-r7 57984706b8 Resolve merge conflict with Gemfile 2016-03-24 18:13:31 -05:00
Till Maas 7f002128ad Rectify MSF_CFGROOT_CONFIG comment 
Also remove reference to feature request that does not seem to be
available anymore.
 2016-03-23 22:23:30 +01:00
Louis Sato 0c19d89655 add more space for deprecation message 2016-03-23 11:39:42 -05:00
Adam Cammack 866c4718b0 Fix OptPort validation 
Allow a port value of 0 and don't reject empty values if the option is
not required.
 2016-03-22 23:01:18 -05:00
Adam Cammack ec3a0a108d Change OptPort to inherit from OptInt 
Fixes the normalize and validate methods.
 2016-03-22 19:25:51 -05:00
Adam Cammack 22df7c0071 Fix datastore to validate options w/o a default 
Options without a default were not pulled into the `@options` hash and
therefore were not used to validate options on assignment.

I am not entirely sure how this fix works, since it would seem that
non-override options would not get pulled in if an option was first set
in the global datastore. However, a previous value does not get
overridden and new values are validated. Anything further is merely
speculation on my part.
 2016-03-22 19:12:53 -05:00
Adam Cammack 5c163960ed Fix datastore to not freeze options on the default 2016-03-22 19:07:58 -05:00
Adam Cammack 67b9d053ec Land #6679, remove unreachable sanity checks 2016-03-18 11:25:51 -05:00
Brent Cook 9219efa512 remove unreachable ruby 1.x check 2016-03-18 11:16:44 -05:00
James Lee 1375600780 Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Brent Cook 1790f039c3 Land #6684, remove obsolete warn_about_rubies 2016-03-17 08:26:57 -05:00
William Vu 59a55dec5b Land #6676, new Postgres fingerprints 2016-03-16 16:32:10 -05:00
Adam Cammack 32fe9ae55d Remove dead version check in db_manager.rb 
The check appears to have been orphaned in the db_manager refactor, but
I can't track down the exact commit.
 2016-03-16 15:24:55 -05:00
James Lee 79c36c4f53 RPORT should be an OptPort 2016-03-16 14:13:19 -05:00
James Lee c21bad78e8 Fix some more String defaults 2016-03-16 14:13:18 -05:00
James Lee a878926f31 Remove unused datastore option 2016-03-16 14:13:17 -05:00
Brent Cook 44e1fefa2e when normalizing a string type, ensure we have a string first 2016-03-16 06:44:36 -05:00
Brent Cook 5a72f2df16 remove subversion support 2016-03-15 22:00:32 -05:00
Brent Cook 63263773d1 simplify sanity checks for Ruby 1.x 2016-03-15 21:55:25 -05:00
Brent Cook 3b6a3374ae prefer explicit defaults to implicit 2016-03-15 20:58:14 -05:00
Adam Cammack 05f585157d Land #6646, add SSL SNI and unify SSLVersion opts 2016-03-15 16:35:22 -05:00
David Maloney 3cbc5684e1 iadd some preuath fps for postgres 9.4 
the preauth fingerprinting for postgres is somewhat
unmaintainable, but due to a specific customer request
i have added these two FPs for 9.4.1-5

MS-1102
 2016-03-15 14:50:07 -05:00
Brent Cook 654590911b Enforce integrity of datastore options on assignment 2016-03-15 14:00:32 -05:00
HD Moore 42689df6b3 Fix a stack trace with `set PAYLOAD in msf>` context 2016-03-13 14:56:54 -05:00
Christian Mehlmauer 4f09246c78 reenable module loader warnings 2016-03-13 20:04:05 +01:00
Brent Cook dabe5c8465 Land #6655, use MetasploitModule as module class name 2016-03-13 13:48:31 -05:00
David Maloney 15ba85bac2 fix missed deprecations 
missed some deprecation warnings
 2016-03-09 13:29:35 -06:00