adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,470 Commits 27 Branches 1,043 Tags
8b324c19d881cbbd56babd151cfe4e5ffd8a010d
Commit Graph

9473 Commits

Author SHA1 Message Date
Brent Cook 08290b81c0 Land #10282, Add support for running external modules outside of msfconsole 2018-07-18 17:38:40 -05:00
James Barnett 612959d9ab Land #10323, add authentication to REST API 2018-07-18 17:29:22 -05:00
Matthew Kienow ee6de3da39 Make endpoint plural and uniform with the others 2018-07-18 17:35:47 -04:00
Matthew Kienow 257a05d5d7 Add long port option for data_services cmd 2018-07-18 14:29:32 -04:00
Matthew Kienow 3147b8307b Fix issue when adding authenticated data service 
Add authentication to MsfServlet as a simple workaround to an issue
that occurs when data_services cmd is used to add a remote service
that requires an API token and no token or an invalid token are
provided.
 2018-07-18 14:08:30 -04:00
Matthew Kienow 4ff39e3799 Fix error code returned by authentication failure 
Previously an authentication failure message would indicate that the
error was permissions related yet the error code remained 401. The fix
allows the Authentication::Strategies classes to specify an error code
that is returned to the user.
 2018-07-18 14:04:09 -04:00
William Vu 9d2bed2596 Fix grep's prompt rewriting 
Missed in #9261.
 2018-07-17 21:08:21 -05:00
William Vu 94297de256 Add grep -C to msfconsole 2018-07-17 20:52:46 -05:00
William Vu 38daeb1b9f Fix #10283, SOUNDTRACK and LOGO refs 
Some dupe code came in from master. Fixing and refactoring.
 2018-07-17 19:36:35 -05:00
William Vu 6a38b36a45 Land #10283, SOUNDTRACK and LOGO refs 
:'(
 2018-07-17 19:11:52 -05:00
William Vu 07203dccc6 Clean up some things 2018-07-17 19:11:26 -05:00
William Vu 39e381049a Remove unnecessary include 2018-07-17 15:36:23 -05:00
William Vu 59278aef99 Add command dispatcher for developer commands 2018-07-17 15:07:50 -05:00
Matthew Kienow 5d048a6eb2 Use a class variable for auth initialized flag 2018-07-16 18:22:47 -04:00
Matthew Kienow 65c290fa39 Make API token optional on data_services cmd 2018-07-16 16:44:44 -04:00
James Barnett d5814ae9f6 Use the unpkg hosted versions of SwaggerUI 2018-07-16 15:16:27 -05:00
Matthew Kienow 70104ab25e Rename request env variables to conform with Rack 2018-07-16 15:04:05 -04:00
Matthew Kienow f7a4c577d6 Add UserServlet and admin_api scope 2018-07-16 12:56:43 -04:00
Matthew Kienow 4680455041 Implement report_user and password hashing 2018-07-16 12:55:00 -04:00
Matthew Kienow 67721bc616 Refactor strategies to support admin token role 2018-07-16 12:51:41 -04:00
Brent Cook 4e5ad576b2 Land #10267, defer bind payload connections until exploit has run 2018-07-13 17:35:27 -05:00
William Vu c8891206af Add vprint_status back to bind_named_pipe 
I thought it was redundant with the improved handler start message, but
it broke consistency with the other print statements. Fixing.
 2018-07-13 17:29:52 -05:00
William Vu 2c9d85606c Refactor and add error messages 2018-07-13 16:29:09 -05:00
Brendan Coles bf53896aa7 Rex::Compat.getenv 2018-07-14 06:24:04 +10:00
William Vu 3cec9026ae Add janky console command to display framework.log 
Works best with alternate screen enabled...
 2018-07-13 06:11:32 -05:00
Brendan Coles 104e4cee2e Merge branch 'master' into soundtrack_logo_module_refs 2018-07-13 03:01:33 +10:00
William Vu 147f59836a Fuel the hype machine 2018-07-12 11:34:09 -05:00
William Vu e72b873f56 Fire off bind handlers when session_created? runs 
Also refactor because bind handlers don't use setup_handler.
 2018-07-12 10:45:59 -05:00
Adam Cammack adff986908 Land #10287, Add advanced option to skip WP checks 2018-07-11 14:25:19 -05:00
Brendan Coles df2f58fb08 Add WPCHECK (Bool) advanced option to Exploit::Remote::HTTP::Wordpress 2018-07-11 07:09:28 +00:00
Wei Chen 6aa5349513 Add a link explaining the message 2018-07-10 13:25:09 -05:00
Brendan Coles f9daabcee3 Add support for SOUNDTRACK and LOGO to module refs 2018-07-10 17:23:07 +00:00
Adam Cammack 4f3cdd22f0 Allow Python modules to run independently 2018-07-10 10:24:07 -05:00
Adam Cammack 0dd89bf428 Add standalone runner for external modules 2018-07-10 10:24:07 -05:00
Adam Cammack 64c38ec6b8 Only elog when run inside of Framework 2018-07-10 10:24:07 -05:00
Adam Cammack 22167eba5c Make the Python login scanner API more sane 2018-07-10 10:24:07 -05:00
Adam Cammack 1fddbdb8ef Specify the command option external modules 2018-07-10 10:24:07 -05:00
Wei Chen 95e54f497b Be explicit when there is no CVE assigned to a vulnerability 2018-07-09 18:42:36 -05:00
William Vu 8d135aec39 Implement first pass at deferred payload handling 
This is most useful for bind payloads, and I initially did just that,
but I've migrated the code to be more generic.
 2018-07-06 14:26:31 -05:00
asoto-r7 ef78d70a00 Land #9356. Remove ring buffers from command dispatcher. 2018-07-06 13:12:13 -05:00
Matthew Kienow 77a0b74f76 Add delete option to data_services cmd 2018-07-05 16:40:55 -04:00
Brent Cook 8680379875 fix logic bug in handler thread for bind_named_pipe 2018-07-05 10:39:20 -05:00
William Vu f0b9b1c113 Add more verbose printing to bind handlers 2018-07-03 19:41:08 -05:00
Matthew Kienow 514c0c76d5 Add API token to RemoteHTTPDataService 2018-07-02 18:34:35 -04:00
Brent Cook 0543dfc95c Land #10217, keep bind_named_pipe with SMBv1 2018-07-02 14:54:00 -05:00
Brent Cook 85dc81a58b Land #10185, add SMBv1/2 support in psexec 2018-06-29 17:49:27 -05:00
Jacob Robles 5e02e7a2c8 smb_file_exist check for rubysmb 2018-06-28 18:10:39 -05:00
William Vu 40ac79ced0 Land #10218, MS17-010 Windows Embedded Standard 7 2018-06-28 16:11:56 -05:00
Brent Cook c06f13b33e remove superfluous sleeps, simplify logic 2018-06-28 12:15:42 -05:00
Brent Cook b01bd060ee remove unneeded slashes 2018-06-28 12:15:42 -05:00