f779f0f482
consolidate the config directory lookups
...
The user configuration directory can be overridden via environment
variables or configuration files.
In the current implementation `Msf::Config.config_directory` should be
utilized for consistent location reporting. `Msf::Config.get_config_root`
is reserved to generation of a default location and should be considered
`private` as it ignores some injected configuration options. Currently
autoloading does not allow application of the `private` keyword to this method,
requiring guidance during development that module writers should access the
full configured `user` value of `Msf::Config.config_directory`.
2022-07-25 15:27:21 -05:00
83bfc73e09
Update nessus.rb
2022-05-11 19:56:32 -04:00
33cfc7ce71
Update nessus.rb
...
Changed the line that parses the input for the nessus_connect password. It will now split the user input by the last occurrence of the at sign (@) instead of the first occurrence. This will prevent improperly parsed passwords due to an at sign (@) in the password.
2022-05-11 18:33:33 -04:00
e96abb1254
Rename the capture command
...
Multiple modules provide a "Capture" action that would collide with this
name. Rename it to `captureg` for Capture-Global.
2022-03-21 17:43:11 -04:00
0abdd55234
Use a file in .msf4, copying it from the data directory if it doesn't exist.
...
Fixes some bugs relating to pivoting through a session
2022-03-17 09:18:43 +11:00
9074d7b2bd
Reformatted yaml file to be more flexible in future
2022-03-17 08:47:10 +11:00
efaf21cbed
Show specific error message if module fails to load
2022-03-15 09:58:45 +11:00
8c35870a63
Make parsers instance variables to make rubocop happy
2022-03-11 16:56:10 +11:00
06cc16c4cb
Rubocop changes
2022-03-11 16:16:04 +11:00
538b680e79
Split tab completion into separate methods for each sub-command
2022-03-11 15:18:58 +11:00
b34189e24c
Take more parameters from a config file
2022-03-11 15:10:08 +11:00
1c84c1a314
More suggestions from code review
2022-03-10 17:29:17 +11:00
0c968cd38b
Apply suggestions from code review
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-03-10 17:17:45 +11:00
0733f1e00e
Force capture defaults to come from the data file
2022-03-08 11:30:59 +11:00
02bb5234a3
Update help, fix POP3S port and disable DNS (broken) and WPAD (not actually useful)
2022-03-07 21:40:31 +11:00
a212cd57e5
HTTPS modules should use encryption
2022-03-07 15:12:34 +11:00
9b7107a711
Close handle to log file once the capture has ended (or a new one has begun)
2022-03-07 11:34:36 +11:00
a31b2ff1d5
Rename capture module
2022-03-03 17:26:04 +11:00
d1567bf2a5
Add logging and recording hashes for later use
2022-03-03 14:51:53 +11:00
cc84b9038d
Don't require a spoofing IP if you're not using active poisoning
2022-03-02 15:05:10 +11:00
6bffa663a9
Don't try to launch UDP services remotely.
...
Use normal capitalisation when showing service names to users.
2022-03-02 14:00:41 +11:00
75c0951fc9
Track capture jobs by session, and support stopping captures per-session
2022-03-02 09:59:56 +11:00
7b78431913
Use remote sessions if configured
2022-03-02 06:29:44 +11:00
4f026aee84
Fix bug in two-step validation of parameters
2022-03-01 15:55:30 +11:00
8dd459edbb
Read some config in from a file
2022-03-01 15:29:50 +11:00
8af5c092dc
Add encrypted services and tab completion to capture plugin
2022-03-01 13:51:40 +11:00
3846e82a8a
Rudimentary argument parsing
2022-03-01 11:29:48 +11:00
6e5413057e
Initial work on configuring hash capture plugin
2022-03-01 10:48:47 +11:00
602a383f69
Combine hash capture functionality into one plugin (proof of concept)
2022-03-01 09:48:38 +11:00
5a8cf3ea95
Add corrections from review session
2022-02-15 18:49:46 -06:00
09ee54a152
Added interface ServerJang to send session information to Wechat
2022-02-15 02:46:41 -05:00
063c3936a9
Add support for long arguments to Rex Parser
2021-12-14 17:45:56 +00:00
cab04d33f5
Use existing Rex::UserAgent class; keep UA string consistent across an MSF session
2021-11-10 10:05:45 +11:00
839722720a
Updated the default metasploit user agent string to be more modern
...
Selected from a set of currently-modern browser UA strings
2021-11-09 18:20:41 +11:00
89ab189a87
Add quick fix for alias tab completion; Aliases most likely needs to be implemented differently
2021-08-25 19:58:54 +01:00
f71a6e914a
Update session_notifier.rb to change the SSL file checks to use .file? instead of .exists?
2021-05-12 17:19:12 -05:00
705e95308d
Fix up remaining review issues, and add in better verification for DingTalk as well as Gotify send functions.
2021-05-12 13:46:55 -05:00
a4e71372ca
Fix first set of issues from review
2021-05-12 12:35:51 -05:00
b7476c739f
Edit SSL function, load cert if user needs
2021-05-05 18:26:44 +08:00
e3d5e38513
add gotify function
...
now you can choose whether you will use SSL for your gotify webapi
2021-05-03 16:27:28 +08:00
5371461aa7
add gotify function
2021-05-03 15:57:44 +08:00
0a60045c0c
Update session_notifier.rb
...
Add Gotify notify function
2021-05-01 11:13:48 +08:00
4b8cdba8e6
Fixes nexpose_connect login failure when user or password contains @
2021-03-29 16:20:48 +01:00
b95be3ed10
Zeitwerk rex folder
2021-02-08 12:24:12 +00:00
7b31d332dc
Land #13234 , add beSECURE integration
2020-12-12 00:05:00 +00:00
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
78ab3b089b
Allow ignoring SSL, debug the requests
2020-12-06 04:37:51 -05:00
61fd7334b7
Land #13571 , add Session notified to DingTalk Bot
2020-09-11 18:13:47 -04:00
f26133bef0
add dingtalk's code
2020-08-25 12:06:57 +08:00
736511f930
remove dingtalk_plugins
2020-08-25 12:06:30 +08:00
Jeffrey Martin