adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

138 Commits

Author SHA1 Message Date
William Vu 1a96fb03ae Allow start_service to specify a resource 
This overrides URIPATH and random_uri if opts['Path'] is specified.
 2017-03-09 02:33:02 -06:00
William Vu 1a0b342e68 Add srvport to HttpServer 
This allows URIPORT to override SRVPORT.
 2017-03-09 02:24:22 -06:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
Brent Cook 63d13f0f49 check if there is a stance set before checking the value 2016-10-02 19:48:49 -05:00
Brent Cook 5a611b0ec4 use the correct scope for the Stance names 2016-09-28 13:48:28 -05:00
Brent Cook 006c749e6a directly check to match the former definition of aggressive? 2016-09-25 23:57:13 -04:00
William Vu b7139da624 Clean up whitespace 2016-06-13 10:51:38 -05:00
Trenton Ivey 776dd57803 get_uri missing port fix 2016-06-12 19:27:34 -05:00
Adam Cammack fda4c62c1f Respect SSLCipher in server mixins 
This allows us to set a sane cipher spec for SSL-enabled server modules.
 2016-05-20 16:59:36 -05:00
James Lee c21bad78e8 Fix some more String defaults 2016-03-16 14:13:18 -05:00
Brent Cook 85acfabfca remove various library workarounds for the datastore not preserving types 2016-03-05 23:10:57 -06:00
RageLtMan d7ba37d2e6 Msf::Exploit::Remote::HttpServer print_* fix 
Exploit::Remote::HttpServer and every descendant utilizes the
print_prefix method which checks whether the module which mixes in
these modules is aggressive. This is done in a proc context most
of the time since its a callback on the underlying Rex HTTP server.

When modules do not define :aggressive? the resulting exceptions
are quietly swallowed, and requestors get an empty response as the
client object dies off.

Add check for response to :aggressive? in :print_prefix to address
this issue.
 2016-02-21 20:20:22 -05:00
James Lee 0f7e3e954e HttpServer's print prefix with... wait for it... 
print_prefix
 2016-01-20 13:44:18 -06:00
HD Moore 87e6325737 Revert BAPv2 changes to framework/libraries/handlers 2015-07-02 12:10:21 -05:00
wchen-r7 9da99a8265 Merge branch 'upstream-master' into bapv2 2015-06-19 11:36:27 -05:00
g0tmi1k 6dcc9b7dab More inconsistencies 2015-06-12 21:59:15 +01:00
wchen-r7 8e86a92210 Update 2015-05-08 00:25:34 -05:00
wchen-r7 ca32db3e23 Merge branch 'upstream-master' into BAPv2 2015-04-29 18:53:37 -05:00
wchen-r7 65b7659d27 Some progress 2015-04-29 01:01:36 -05:00
wchen-r7 43f5323e8d More progress 2015-04-28 21:26:31 -05:00
wchen-r7 43492b7c67 Some progress 2015-04-28 18:17:32 -05:00
jvazquez-r7 4224008709 Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
sinn3r 61b709b8c5 Extra space in message "Local IP:" 2015-04-14 01:34:07 -05:00
root 51dd88114b Fix grammer in comments 2015-04-13 13:21:41 +05:00
sinn3r e1adcfee1e No case sensitive 2015-04-01 16:14:54 -05:00
sinn3r c4def25e82 Resolve #4986, add support for IE11 for fingerprint_user_agent 
Resolve #4986
 2015-03-27 17:51:14 -05:00
James Lee 1fbed1dcfc Autoload instead of require 2015-01-30 15:42:16 -06:00
James Lee 062529ce3b Move HttpServer::HTML into its own file 2015-01-30 15:24:15 -06:00
James Lee 3572ce9a37 Break PHPInclude into its own file 2015-01-30 15:16:54 -06:00
William Vu 89a8d27602 Fix port 0 bug in URIPORT 2014-11-11 15:57:41 -06:00
jvazquez-r7 4e96833408 Check service before using it 2014-11-10 14:14:20 -06:00
jvazquez-r7 1064049729 Revert "Fix buggy calls to stop_service" 
This reverts commit 613f5309bb.
 2014-11-10 14:05:57 -06:00
Julio Auto 613f5309bb Fix buggy calls to stop_service 2014-11-09 02:15:30 -06:00
William Vu e3ed7905f1 Add tnftp_savefile exploit 
Also add URI{HOST,PORT} and {,v}print_good to HttpServer.
 2014-10-30 20:38:16 -05:00
jvazquez-r7 f30309fe81 Land #3919, @wchen-r7's Fixes #3914, Inconsistent unicode names 2014-10-08 14:46:14 -05:00
jvazquez-r7 dbc199ad77 space after commas 2014-10-08 13:56:59 -05:00
James Lee a65ee6cf30 Land #3373, recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-10-03 18:05:58 -05:00
sinn3r 1e2d860ae1 Fix #3914 - Inconsistent unicode names 2014-09-30 12:19:27 -05:00
Joe Vennix 37e6173d1f Make Metasploit::Concern a first-class dep. 
Also adds a Concern hook to HttpServer, so Pro can more
easily change its behavior.
 2014-09-11 13:28:45 -05:00
HD Moore a844b5c30a Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
 2014-05-18 10:50:32 -05:00
HD Moore 7e227581a7 Rework OS fingerprinting to match Recog changes 
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.

This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
 2014-04-01 08:14:58 -07:00
jvazquez-r7 da6a428bbf Modify libs to support explib2 2014-03-28 10:44:52 -05:00
sinn3r b431bf3da9 Land #3052 - Fix nil error in BES 2014-03-11 12:51:03 -05:00
Joe Vennix ad592fd114 Remove unnecessary method. 2014-03-05 23:36:43 -06:00
sinn3r ee1209b7fb This should work 2014-03-03 11:53:51 -06:00
Joe Vennix 46f27289ed Reorganizes form_post into separate file. 2014-03-02 19:55:21 -06:00
sinn3r 8cf5c3b97e Add heaplib2 
[SeeRM #8769] Add heapLib2 for browser exploitation
 2014-03-02 11:47:18 -06:00
Tod Beardsley 90207628cc Land #2666, SSLCompression option 
[SeeRM #823], where Stephen was asking for SSL compression for
Meterpreter -- this isn't that, but it's at least now possible for other
Metasploit functionality.
 2014-01-22 10:42:13 -06:00
Tod Beardsley 0b6e03df75 More comment docs on SSLCompression 2014-01-21 16:48:26 -06:00
Tod Beardsley b8219e3e91 Warn the user about SSLCompression 2014-01-21 16:41:45 -06:00