6523600952
Add a rescue to catch method missing for stage_payload
...
This allows us to provide a friendlier message to users when they are
using a stageless listener with a staged payload.
2016-03-29 09:46:09 +10:00
57984706b8
Resolve merge conflict with Gemfile
2016-03-24 18:13:31 -05:00
0c19d89655
add more space for deprecation message
2016-03-23 11:39:42 -05:00
866c4718b0
Fix OptPort validation
...
Allow a port value of 0 and don't reject empty values if the option is
not required.
2016-03-22 23:01:18 -05:00
ec3a0a108d
Change OptPort to inherit from OptInt
...
Fixes the normalize and validate methods.
2016-03-22 19:25:51 -05:00
22df7c0071
Fix datastore to validate options w/o a default
...
Options without a default were not pulled into the `@options` hash and
therefore were not used to validate options on assignment.
I am not entirely sure how this fix works, since it would seem that
non-override options would not get pulled in if an option was first set
in the global datastore. However, a previous value does not get
overridden and new values are validated. Anything further is merely
speculation on my part.
2016-03-22 19:12:53 -05:00
5c163960ed
Fix datastore to not freeze options on the default
2016-03-22 19:07:58 -05:00
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
1790f039c3
Land #6684 , remove obsolete warn_about_rubies
2016-03-17 08:26:57 -05:00
59a55dec5b
Land #6676 , new Postgres fingerprints
2016-03-16 16:32:10 -05:00
32fe9ae55d
Remove dead version check in db_manager.rb
...
The check appears to have been orphaned in the db_manager refactor, but
I can't track down the exact commit.
2016-03-16 15:24:55 -05:00
79c36c4f53
RPORT should be an OptPort
2016-03-16 14:13:19 -05:00
c21bad78e8
Fix some more String defaults
2016-03-16 14:13:18 -05:00
a878926f31
Remove unused datastore option
2016-03-16 14:13:17 -05:00
44e1fefa2e
when normalizing a string type, ensure we have a string first
2016-03-16 06:44:36 -05:00
5a72f2df16
remove subversion support
2016-03-15 22:00:32 -05:00
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
3cbc5684e1
iadd some preuath fps for postgres 9.4
...
the preauth fingerprinting for postgres is somewhat
unmaintainable, but due to a specific customer request
i have added these two FPs for 9.4.1-5
MS-1102
2016-03-15 14:50:07 -05:00
654590911b
Enforce integrity of datastore options on assignment
2016-03-15 14:00:32 -05:00
4f09246c78
reenable module loader warnings
2016-03-13 20:04:05 +01:00
dabe5c8465
Land #6655 , use MetasploitModule as module class name
2016-03-13 13:48:31 -05:00
15ba85bac2
fix missed deprecations
...
missed some deprecation warnings
2016-03-09 13:29:35 -06:00
88697a5d3f
Merge branch 'master' into staging/rails-upgrade
2016-03-08 15:22:04 -06:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
5a0bec81cb
disable warnings for now, to be reenabled when the module base class is updated
2016-03-06 17:19:05 -06:00
a2c3b05416
Land #6405 , prefer default module base class of simply 'Metasploit'
2016-03-06 17:10:55 -06:00
85acfabfca
remove various library workarounds for the datastore not preserving types
2016-03-05 23:10:57 -06:00
694f7f0a65
stop turning all default options into strings
...
we need to adjust vprint* functions, since they now fallthrough to the
'framework.datastore' checks because the false case actually triggers.
2016-03-05 23:09:14 -06:00
5f510df2ab
Resolve merge conflict with upstream's Gemfile.lock
2016-03-01 22:06:17 -06:00
30043bc519
Changed .all to .load in workspace.rb in order to eager load the relation and fix the 4.0 rails deprecation
2016-03-01 11:48:55 -06:00
c5a9d59455
Land #6612 , one final missing change
2016-02-29 15:08:42 -06:00
cb0493e5bb
Recreate Msf::Exploit::Remote::Fortinet
...
To match the path, even though it's kinda lame including it just for the
monkeypatch.
2016-02-29 15:04:02 -06:00
300fdc87bb
Move Fortinet backdoor to module and library
2016-02-29 12:06:33 -06:00
2950996cb8
Land #6612 , Add aux module for Fortinet backdoor
2016-02-29 12:02:49 -06:00
53d703355f
Move Fortinet backdoor to module and library
2016-02-29 11:57:42 -06:00
a87cf02b50
Land #6524 , fix reverse_http to try binding to LHOST first
2016-02-25 20:25:02 -06:00
cbc5b296e4
implement engines method locally instead of adding refinement
2016-02-25 11:05:17 -06:00
d7ba37d2e6
Msf::Exploit::Remote::HttpServer print_* fix
...
Exploit::Remote::HttpServer and every descendant utilizes the
print_prefix method which checks whether the module which mixes in
these modules is aggressive. This is done in a proc context most
of the time since its a callback on the underlying Rex HTTP server.
When modules do not define :aggressive? the resulting exceptions
are quietly swallowed, and requestors get an empty response as the
client object dies off.
Add check for response to :aggressive? in :print_prefix to address
this issue.
2016-02-21 20:20:22 -05:00
3e22de116f
Changes to fix peer and style as recommended by jhart-r7.
2016-02-20 13:53:32 -08:00
b409b2237d
update to use the common bind_addresses method
2016-02-18 18:17:56 -06:00
b5ae4c0322
remove the sleep
2016-02-18 08:33:44 -06:00
a5f3bddfc8
Support RPC API
2016-02-18 00:39:12 -06:00
aff118a3a5
don't send a response on invalid UUID
2016-02-16 09:19:45 -06:00
95484c81fd
Land #6526 , fix browser exploit server spec
2016-02-15 16:23:04 -06:00
1f58ad15ac
Browser::Exploit::Server needs to have vprint*
2016-02-15 16:21:24 -06:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
4db2840af9
Land #6385 , add .apk template support for msfvenom
2016-02-15 14:27:08 -06:00
2386cb1344
Land #6527 , add support for importing Burp suite vuln exports
2016-02-10 13:19:21 -06:00
d5c3fcae04
Land #6511 , Bump Jsobfu version to support preserved_identifiers
2016-02-05 15:57:53 -06:00
OJ