adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

7956 Commits

Author SHA1 Message Date
Erin Bleiweiss dd4279fc2a add more robust searching to reflect all metadata values 2018-07-19 13:07:16 -05:00
James Barnett 59962c5273 Merge branch 'master' into conform_to_api_standards 2018-07-19 09:26:17 -05:00
Brent Cook 08290b81c0 Land #10282, Add support for running external modules outside of msfconsole 2018-07-18 17:38:40 -05:00
Erin Bleiweiss 8010c58220 add module documentation to swagger (WIP) 2018-07-18 17:36:31 -05:00
James Barnett 612959d9ab Land #10323, add authentication to REST API 2018-07-18 17:29:22 -05:00
William Vu 1371fc6daf Fix regexed integer RPORT for module search 2018-07-18 17:24:05 -05:00
William Vu de23559491 Add check for check to module cache 2018-07-18 16:40:52 -05:00
Matthew Kienow ee6de3da39 Make endpoint plural and uniform with the others 2018-07-18 17:35:47 -04:00
William Vu 5fa1ddf4eb Remove default check method 2018-07-18 16:25:46 -05:00
Erin Bleiweiss 93ce09cbd2 indicate private methods 2018-07-18 15:55:25 -05:00
Erin Bleiweiss 6955a9a58b filter search result using comma delimited fields 2018-07-18 15:52:47 -05:00
James Barnett 4da27d2bff Enable GET for /endpoint/ID for each model 2018-07-18 15:18:22 -05:00
Erin Bleiweiss 389b015047 fix typo (reference -> references) 2018-07-18 15:10:11 -05:00
Matthew Kienow 3147b8307b Fix issue when adding authenticated data service 
Add authentication to MsfServlet as a simple workaround to an issue
that occurs when data_services cmd is used to add a remote service
that requires an API token and no token or an invalid token are
provided.
 2018-07-18 14:08:30 -04:00
Matthew Kienow 4ff39e3799 Fix error code returned by authentication failure 
Previously an authentication failure message would indicate that the
error was permissions related yet the error code remained 401. The fix
allows the Authentication::Strategies classes to specify an error code
that is returned to the user.
 2018-07-18 14:04:09 -04:00
James Barnett 08b53a1ef7 Homogenize GET requests 2018-07-18 12:43:48 -05:00
Erin Bleiweiss a2da40a104 refactor endpoint under /v1/modules/ 2018-07-18 12:06:25 -05:00
Erin Bleiweiss 64fff449f8 refactor platform/target search 2018-07-18 10:59:46 -05:00
William Vu 38daeb1b9f Fix #10283, SOUNDTRACK and LOGO refs 
Some dupe code came in from master. Fixing and refactoring.
 2018-07-17 19:36:35 -05:00
William Vu 6a38b36a45 Land #10283, SOUNDTRACK and LOGO refs 
:'(
 2018-07-17 19:11:52 -05:00
William Vu 07203dccc6 Clean up some things 2018-07-17 19:11:26 -05:00
UserExistsError d5ed70417b bind_named_pipe payload for ruby_smb 2018-07-17 17:46:10 -06:00
Erin Bleiweiss ad74ab7cf9 proof of concept searching with query params 2018-07-17 17:29:12 -05:00
Matthew Kienow 5d048a6eb2 Use a class variable for auth initialized flag 2018-07-16 18:22:47 -04:00
James Barnett d5814ae9f6 Use the unpkg hosted versions of SwaggerUI 2018-07-16 15:16:27 -05:00
Matthew Kienow 70104ab25e Rename request env variables to conform with Rack 2018-07-16 15:04:05 -04:00
Matthew Kienow f7a4c577d6 Add UserServlet and admin_api scope 2018-07-16 12:56:43 -04:00
Matthew Kienow 4680455041 Implement report_user and password hashing 2018-07-16 12:55:00 -04:00
Matthew Kienow 67721bc616 Refactor strategies to support admin token role 2018-07-16 12:51:41 -04:00
Brent Cook 4e5ad576b2 Land #10267, defer bind payload connections until exploit has run 2018-07-13 17:35:27 -05:00
William Vu c8891206af Add vprint_status back to bind_named_pipe 
I thought it was redundant with the improved handler start message, but
it broke consistency with the other print statements. Fixing.
 2018-07-13 17:29:52 -05:00
Green-m f5b8b4dd7c Update send_request_cgi/raw 2018-07-12 23:51:41 -04:00
Green-m 65627e06e2 Update send_request_cgi/raw 2018-07-12 23:51:18 -04:00
Brendan Coles 104e4cee2e Merge branch 'master' into soundtrack_logo_module_refs 2018-07-13 03:01:33 +10:00
William Vu e72b873f56 Fire off bind handlers when session_created? runs 
Also refactor because bind handlers don't use setup_handler.
 2018-07-12 10:45:59 -05:00
AlbertoCoding 5b60a91b66 Style and code optimization changes 2018-07-12 13:54:47 +02:00
AlbertoCoding 5b36515947 Merge remote-tracking branch 'origin/master' into vpef 2018-07-12 13:23:44 +02:00
Brendan Coles df2f58fb08 Add WPCHECK (Bool) advanced option to Exploit::Remote::HTTP::Wordpress 2018-07-11 07:09:28 +00:00
James Barnett e7ddb6fdf5 Add API docs for logins endpoints 2018-07-10 14:21:19 -05:00
Brendan Coles f9daabcee3 Add support for SOUNDTRACK and LOGO to module refs 2018-07-10 17:23:07 +00:00
James Barnett 8456c25fff Add delete endpoint for logins 2018-07-10 11:00:08 -05:00
James Barnett 35f52a129c Use create_credential when importing XML files 2018-07-10 10:37:46 -05:00
Adam Cammack 4f3cdd22f0 Allow Python modules to run independently 2018-07-10 10:24:07 -05:00
Adam Cammack 0dd89bf428 Add standalone runner for external modules 2018-07-10 10:24:07 -05:00
Adam Cammack 64c38ec6b8 Only elog when run inside of Framework 2018-07-10 10:24:07 -05:00
Adam Cammack 22167eba5c Make the Python login scanner API more sane 2018-07-10 10:24:07 -05:00
Adam Cammack 1fddbdb8ef Specify the command option external modules 2018-07-10 10:24:07 -05:00
James Barnett d3eb71e8e5 Implement invalidate_login 2018-07-09 16:15:40 -05:00
James Barnett bbc16e1873 Merge branch 'master' into remote_creds_data 2018-07-09 09:49:14 -05:00
William Vu 8d135aec39 Implement first pass at deferred payload handling 
This is most useful for bind payloads, and I initially did just that,
but I've migrated the code to be more generic.
 2018-07-06 14:26:31 -05:00