adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
28,759 Commits 27 Branches 1,043 Tags
73ce4cbeaa60e71e9bc63476cfab2c19306de49e
Commit Graph

8881 Commits

Author SHA1 Message Date
Matt Buck 651beb9acb Land #4192, enable specifying mode for Rex output file 2014-11-13 14:57:48 -06:00
Trevor Rosen 0959ef3d13 Fixes lack of support for MetasploitV5 tag 
#4184

* Appears to have been overlooked somehow in the pre-BlackHat crunch
* V5 will not support credentials
* We are implementing full-workspace zip import/export for credentials
 2014-11-13 13:01:55 -06:00
Trevor Rosen f658efe144 Add the ability to specify mode in Rex output file 
* Because sometimes you might want to append
* Preserves original hardcoded 'wb' as default
* http://pubs.opengroup.org/onlinepubs/009695399/functions/fopen.html
 2014-11-12 16:08:03 -06:00
Luke Imhoff ad4ee3cffd Merge branch 'master' of rapid7.github.com:/rapid7/metasploit-framework 2014-11-12 11:10:48 -06:00
Luke Imhoff 1fd8fe57df Merge staging/great-backport to master 
Conflicts:
	spec/lib/msf/core/module_spec.rb
 2014-11-12 11:08:18 -06:00
sinn3r ac4b2bee4d Land #4181 - Fix nil URIPORT in get_uri (HttpServer) 2014-11-12 10:54:16 -06:00
William Vu 89a8d27602 Fix port 0 bug in URIPORT 2014-11-11 15:57:41 -06:00
Tod Beardsley 7e05f88399 Reapply PR #4113 (removed via #4175) 2014-11-11 15:06:43 -06:00
Tod Beardsley 017a44c0ae Revert errored merge of deea30d 
Revert "Merge branch 'master' of https://github.com/farias-r7/metasploit-framework into upstream-master"

This reverts commit deea30ddb4, reversing
changes made to 14514d7b8b.
 2014-11-11 14:38:47 -06:00
HD Moore dbd5937dc7 Limit threads to 1 when CPORT is set, closes #4170 
This issue also applies to TCP scanner modules.
 2014-11-11 13:21:09 -06:00
HD Moore 96ba6da697 Add the UDP scanner template, lands #4113. 
There is some additional work to do regarding CHOST/CPORT, but this is not tied to the udp template changes.
 2014-11-11 11:59:30 -06:00
jvazquez-r7 0a68171bab Land #4166, @wchen-r7's fix for undefined method `rank' 
* Fixes #4047
* undefined method `rank' due to an invalid encoder name
 2014-11-10 15:00:17 -06:00
jvazquez-r7 86ff5f93eb Land #4158, Fix for null dereference on Exploit::Remote::HttpServer#remove_resource 2014-11-10 14:14:48 -06:00
jvazquez-r7 4e96833408 Check service before using it 2014-11-10 14:14:20 -06:00
jvazquez-r7 1064049729 Revert "Fix buggy calls to stop_service" 
This reverts commit 613f5309bb.
 2014-11-10 14:05:57 -06:00
sinn3r 0b51741779 Fix #4047 - undefined method `rank' due to an invalid encoder name 
Fix #4047 caused by an invalid encoder name. Also added elog() to
avoid shutting everything up in msfvenom
 2014-11-10 13:25:53 -06:00
Trevor Rosen 8511dc4131 Merge branch 'landing/4135' into upstream-master 
Land #4135

* Improve Bundle management:
* Option to install w/out DB group
* Option to install w/out pcap support
 2014-11-10 09:26:42 -06:00
Joshua Smith 1844b3956d Land #4063 allow session lists 
Note: the parsing for cmd_sessions  needs to be revamped and DRYd up in
a separate PR.
 2014-11-09 22:40:53 -06:00
Joshua Smith 03a988b5dc Land #4150, adds getsid command 
Fixes #3787
 2014-11-09 22:10:22 -06:00
OJ eb830cb361 Idiomaticise the rubies 2014-11-10 07:44:36 +10:00
sinn3r 8f3b1e71b3 Fix #4156 - NoMethodError undefined method `stop' 
This will fix #4156. It also fixes NoMethodError payload_exe
when I was trying to fix the undef 'stop' one
 2014-11-09 14:07:02 -06:00
sinn3r cd0dbc0e24 Missed another 2014-11-09 14:06:39 -06:00
Julio Auto 613f5309bb Fix buggy calls to stop_service 2014-11-09 02:15:30 -06:00
sinn3r e54442af36 Fix #4089 - undefined method `downcase' for nil:NilClass 2014-11-07 02:45:22 -06:00
Joshua Smith 7b25e3be75 Land #4139, Visual Mining NetCharts 
landed after some touch up
 2014-11-06 22:52:41 -06:00
Joshua Smith 709ff1bbdb touch up lib/rex/mime/message.rb 2014-11-06 22:48:34 -06:00
OJ 08e707225c Add support for the getsid command 
There has been Meterpreter work done as well to support this. But this
commit allows for a new 'getsid' command which tells you the sid of the
current process/thread. This can be used for things like determining
whether the current process is running as system. It could also be used
for golden ticket creation, among other things.
 2014-11-07 10:38:22 +10:00
jvazquez-r7 64fe2dd7d6 Land #4143, @kernelsmith's get_custom_exe fix 
* Initializes the exe variable
* Fixes #4131
 2014-11-06 14:39:57 -06:00
Joshua Smith b199820d23 init exe as nil instead of '' 2014-11-06 13:31:37 -06:00
jvazquez-r7 6e51d84371 Land #4138, @wchen-r7's reference cheking for module_reference.rb 
* Fixes #4039
 2014-11-06 10:51:29 -06:00
Tom Sellers 9295d9077e Remove debugging output 2014-11-06 09:27:44 -06:00
Tom Sellers 8bf6a34d6c Fix empty session ID and cleanup 
- Fixed handling of empty session IDs for those commands that required them
- Added help text for ranges with examples
 2014-11-06 07:18:55 -06:00
Joshua Smith 265c178c52 fixes #4131, EXE::Custom NameError 2014-11-05 22:10:54 -06:00
jvazquez-r7 c833888c32 Just randomize 2014-11-05 15:53:06 -06:00
jvazquez-r7 7ba705f23a Add some randomized variables to JSP Payloads 
Because the JASPER engine with Tomcat has been found
complaining about the out variable.
 2014-11-05 12:16:33 -06:00
jvazquez-r7 741f99f118 Delete starting empty line 
When header is empty it shouldn't add an starting empty
new line
 2014-11-05 11:42:42 -06:00
sinn3r f34ad57199 Check module references 2014-11-05 09:57:13 -06:00
Luke Imhoff 3093ba8394 Explicitly require 'metasploit/credential' and 'metasploit_data_models' 
By putting the db group into the metasploit-framework-db.gemspec,
bundler no longer automatically required 'metasploit/credential' and
'metasploit_data_models' because gems, such as metasploit-framework-db,
are expected to explictly require their dependencies.
 2014-11-05 09:25:50 -06:00
Tom Sellers 2bec646393 rolling back a change 2014-11-05 06:49:06 -06:00
Tom Sellers 8aa6fca760 Minor fixes and status update 
Minor tweaks after the PR from @kernelsmith

Remaining items:

1. Handle empty session IDs correctly, for example 'sessions -d' or 'sessions -k'
2. Find a method of explaining the range options in the help text
3. Retest all changed code areas
4. Edit PR Summary to reflect changes to the scope
 2014-11-05 06:46:55 -06:00
Joshua Smith 78a4ee686b modernizes & DRYs session/job ranges 2014-11-04 23:33:31 -06:00
Tod Beardsley f8593ca1b5 Land #4109, tnftp savefile exploit from @wvu-r7 2014-11-04 15:44:13 -06:00
Jon Hart b0e388f4c3 Land #3516, @midnitesnake's snmp_enumusers fix for Solaris, OS X 2014-11-04 08:23:16 -08:00
agix 333d420c94 Fix refactoring bug from 23 october in util/exe 
23 October, {} instead of #{} totally break windows service generation
https://github.com/rapid7/metasploit-framework/commit/f19b093529f3b3aacefb69f8133ab788859445d1#diff-0f5729034d8b0b321e738f2fc047854fL578
 2014-11-04 11:59:36 +01:00
Tod Beardsley 0199e4d658 Land #3770, resolve random stager bugs 2014-11-03 14:15:14 -06:00
Tod Beardsley 0b39c2ed85 Land #4084, prep for Ruby 2.1 2014-11-03 13:43:50 -06:00
HD Moore 8aecd5e4a5 Address the two open comments from @jlee-r7 2014-11-03 12:33:11 -06:00
Jon Hart 8f197d4918 Move to build_probe 2014-11-03 08:41:51 -08:00
Jon Hart 05dd3fa4ba rport, not datastore['RPORT'] 2014-11-03 08:26:11 -08:00
Tom Sellers 0b8b0499f3 - Added range support to sessions -c and sessions -s 
- Added check for un-detach-able sessions
- Added back the check for session.interactive? when detaching sessions
- Collapse build_jobs_array and build_sessions_array to build_range_array
- Added check for empty or invalid parameters to detach and kill [session | job]
- Reworked session id sanity check around line 1660
- RuboCop/Style guide change: Array.new -> []
- Misc RuboCop/Style guide spacing changes
 2014-10-31 15:02:17 -05:00