adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

7956 Commits

Author SHA1 Message Date
Erin Bleiweiss d18c6bd158 Land #11188, Correct authentication logic in host and event servlets 2019-01-10 13:09:26 -06:00
James Barnett 65f127a66f Land #11222, Display error when update operation has invalid fields 2019-01-10 11:33:22 -06:00
Erin Bleiweiss 0435d7e1d6 Return the updated objects 2019-01-10 11:04:42 -06:00
Erin Bleiweiss 5055e421f5 Add ! to cred update 2019-01-10 10:56:28 -06:00
Erin Bleiweiss 0ad89528ea Update pattern for creds 2019-01-10 10:55:36 -06:00
Brent Cook f125526e09 Land #11207, implement db_import for web service 2019-01-10 10:28:29 -06:00
Jeffrey Martin 24f5422db9 use analyze.host to reflect final location of util 2019-01-09 16:59:50 -06:00
Jeffrey Martin f93497de8f refactor to allow analyze via rpc 2019-01-09 16:48:54 -06:00
Matthew Kienow 84a8c9b638 Minor method comment change 2019-01-08 14:02:40 -05:00
Matthew Kienow d677eb16a9 Enhance session_events query 2019-01-08 14:02:32 -05:00
Matthew Kienow d117e6a1d1 Land #11142, use POST for API token generation 2019-01-08 11:59:30 -05:00
James Barnett 466b0004e1 Land #11163, add API endpoint for retrieving Mdm::Events 2019-01-08 09:26:53 -06:00
James Barnett 69ee3a4a26 Land #11187, Conform LoginServlet to API standards 2019-01-07 17:03:39 -06:00
James Barnett f23142c19c Land #11183, add authentication to LoginServlet endpoints 2019-01-07 17:02:31 -06:00
Erin Bleiweiss cfa22bb4ec Exclude key from VulnDetail update 2019-01-07 16:33:50 -06:00
Erin Bleiweiss 771469f4cd Update all Mdm::xx.update() instances 2019-01-07 16:24:13 -06:00
Erin Bleiweiss 6641c606b2 Add support for db import from remote data service 2019-01-07 14:32:27 -06:00
James Barnett 02fda8625a Address code review comments. 
- Fix CSS on submit button
- Dont generate a new token when logging in to web form
- Also added text to account page to send the user to the login page when not logged in
 2019-01-07 13:52:01 -06:00
James Barnett 101fbb7aa5 Address code review comments 2019-01-04 15:23:24 -06:00
James Barnett 83267d08e0 Update jquery version and use SRI 2019-01-04 15:23:24 -06:00
James Barnett 4bbf84b949 Update login test page to use POST for generate-token 2019-01-04 15:22:32 -06:00
James Barnett 60681e4385 Use POST for token generation 2019-01-04 15:22:32 -06:00
James Barnett 1b29e17827 Dont array wrap refs 2019-01-04 15:10:21 -06:00
James Barnett b875d391fc WIP: updating ref lookup based on code review comments 2019-01-04 15:10:20 -06:00
James Barnett 0281ddf78c Remove vuln_refs from Vuln JSON schema 
This object is just a pointer between Vulns and refs. We don't need to surface it
 2019-01-04 15:10:20 -06:00
James Barnett e9931fa70e Fix bug when updating Mdm::Vuln.refs 2019-01-04 15:10:19 -06:00
Matthew Kienow 4fc65b39a1 Make position of warden call the same as others 
Minor correction for consistent usage since a previous refactoring moved
the authenticate call into the begin block.
 2018-12-31 16:38:26 -05:00
Matthew Kienow 7b22527f8f Make error message use same language as others 2018-12-31 16:37:08 -05:00
Matthew Kienow 05d810ac23 Add support for GET with ID in the path 2018-12-31 15:46:00 -05:00
Matthew Kienow 0e56c30ab2 Use data object wrapper for JSON response 2018-12-31 15:43:16 -05:00
Matthew Kienow 12f4222b2e Fix to ensure authentication 2018-12-28 16:29:33 -05:00
Matthew Kienow 8361dab983 Minor method comment change 2018-12-27 21:57:31 -05:00
Brent Cook 66505790f9 Land #11179, Replace Sysrandom with Ruby default SecureRandom 2018-12-27 11:33:29 -06:00
Matthew Kienow 34e99c3857 Modify GET error message to match other servlets 2018-12-26 22:45:33 -05:00
Brent Cook 0d0356ccdd Land #11126, Update sessions through the DBManager 2018-12-26 13:15:43 -06:00
Matthew Kienow ebc7a3a315 Replace sysrandom with ruby default securerandom 2018-12-26 13:40:44 -05:00
Matthew Kienow b5bc65c3bd Add GET handler to query events 2018-12-21 22:18:10 -05:00
Matthew Kienow a448b26f73 Remove unnecessary argument default value 2018-12-21 22:13:52 -05:00
Matthew Kienow 5e971132f3 Enhance events method to fully query events 2018-12-21 22:07:43 -05:00
William Vu b4ff3b544f Add CMDSTAGER::SSL datastore option 
It has come to my attention that since I added the HTTP(S) command
stagers, no one has used HTTPS. This is probably why.

The CmdStager options hash takes precedence over any datastore options.
 2018-12-21 14:51:49 -06:00
William Vu 5cff330a38 Land #11128, Rex::Exploitation::CmdStagerFetch 2018-12-21 14:16:57 -06:00
Garvit Dewan 3021a05553 Fix typo in report.rb 2018-12-21 17:51:46 +05:30
Wei Chen f7eb3452be Land #11083, set user agent in Windows reverse_http(s) stagers 2018-12-19 11:38:12 -06:00
Brent Cook 09f9b887b9 don't bother handholding the empty string 2018-12-19 10:52:51 -06:00
Brendan Coles 8d93812c0a Add Rex::Exploitation::CmdStagerFetch 2018-12-15 03:30:00 +00:00
Matthew Kienow eec7a3dafc Remove debug code 2018-12-14 13:33:16 -05:00
Matthew Kienow a683cedcce Enhance race condition workaround in report_host 2018-12-14 12:28:16 -05:00
Matthew Kienow c2af36f405 Use update_session rather than Mdm save method 
The changes ensure that updates to an Mdm::Session are reflected on a
remote data service.
 2018-12-14 12:22:49 -05:00
Matthew Kienow b6cdf7aa9d Add update_session method 2018-12-14 12:04:55 -05:00
Matthew Kienow 3f9b2dadc8 Remove unnecessary single object selection 2018-12-14 11:20:19 -05:00