48f743a9f2
Change CVE reference to NVD and add AKB reference
2021-04-03 12:56:26 -05:00
12c5dd6f44
Fix db connection support for rpc service
2021-04-02 05:30:34 +01:00
309e39c45a
remove backtraces from ruby scripts
2021-03-24 14:52:19 -05:00
abd15f723c
Update dockerfile comments and pin jar versions
...
Pin the JAR versions so future travelers know what I was using today.
This should make the build deterministic. You're welcome.
2021-03-11 12:09:29 -06:00
3ecf0914e1
Use 'none' as the original ysoserial type, increase the size
...
Increasing the size to occupy two bytes seems to be helping stabilize
the generation for both the ROME and CommonsCollections1 payloads.
2021-03-11 12:09:29 -06:00
515d8fa853
Revert a subset of the changes from d39b1c911d which broke a payload
...
Adjusting the value used as a buffer offset in commit d39b1c911d
2021-03-11 12:09:29 -06:00
64387ff9c0
Fix multiple issues with find_ysoserial_offsets
...
1) The output of ysoserial changed so update the number of dropped lines.
2) Pin the diff-lcs gem to version 1.3 because 1.4 breaks the script
3) Generate all payloads by default
2021-03-11 12:09:29 -06:00
b06c5c12aa
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
260527076c
Require rubocop for new modules
2021-02-23 23:05:48 +00:00
275e9c5454
Land #14696 , Further Zeitwerk lands to improve boot speed
...
Zeitwerk rex folder
2021-02-19 10:33:37 +00:00
f4c37bd446
msftidy: Add info check for exploit module notes
2021-02-15 11:01:01 +00:00
a1c316c679
msftidy: Fix exploit module checks for author and stack buffer overflow
2021-02-13 04:10:13 +00:00
b95be3ed10
Zeitwerk `rex` folder
2021-02-08 12:24:12 +00:00
1af4aaeb91
update WPVDB link type
2021-02-06 12:20:03 +01:00
7cb8876e92
Ensure msftidy runs on ci
2021-01-29 12:29:15 +00:00
ffd59c3254
Land #14651 , msftidy: Add check for module description
2021-01-25 11:17:39 +00:00
b5d746cc44
msftidy: Add check for module description
2021-01-22 23:29:16 +00:00
d437a32374
remove `msf/util` requires
2021-01-18 14:21:54 +00:00
b816373b94
remove `msf/ui` requires
2021-01-18 14:21:54 +00:00
a19575d6bb
New lines and undoing debug changes
2021-01-06 12:48:16 +00:00
c11f6b61a3
Eagerly require `msf/core` for namespacing reasons
2021-01-06 10:22:51 +00:00
c0912b358c
Fix tests
2021-01-05 16:20:42 +00:00
bad5ccbc49
Remove `msf/base` requires
2021-01-05 14:59:46 +00:00
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
1151d3dcc7
Land #14419 , Update external dev scripts and wordpress wordlists
2020-11-24 17:48:05 -05:00
f8a51d0445
fix up joomla python code
2020-11-21 12:43:30 -05:00
4de58b8596
python 4 space not ruby 2
2020-11-21 12:43:06 -05:00
92a9d50ea9
add joomla component update script
2020-11-21 12:36:21 -05:00
e2e086ba6f
mention joomla
2020-11-21 11:56:33 -05:00
15b5a811e4
update check external scripts and wordpress files
2020-11-21 11:52:18 -05:00
b4b2ae44c1
add heredoc awareness to msftidy
2020-11-17 18:06:17 +08:00
b524e5676f
Apply RuboCop fixes to tools/dev/check_external_scripts.rb
2020-08-05 11:48:55 -05:00
38e116d5be
Add in fix to prevent us from having to clone the sqlmap project every time that we want to decloak another sqlmap file
2020-08-05 11:40:49 -05:00
5460e35e84
Add in additional checks to the decloak() function to check if python or python3 is installed and to try both options, to try ensure the git repo is cloned correctly, and to make sure that operations complete successfully before moving onto the next one. Also added in fixes from review notes for minor issues.
2020-08-05 11:10:39 -05:00
41058775b3
add sharphound exe, rubocop, and final update run
2020-08-04 09:06:45 -04:00
9663d3378f
add sqlmap decloak
2020-08-04 08:48:30 -04:00
42b2f306d1
adding udf and john to external scripts
2020-08-04 08:46:47 -04:00
73cace16a3
Add checks to msftidy_docs and update the template for them
2020-07-23 20:37:39 -04:00
1a2bf98222
creates standard elog & updates exisiting usages
2020-06-22 12:48:39 +01:00
437a056f67
Land #13364 , .NET deserialization tool
2020-05-05 11:02:31 -05:00
1134ac69a0
Add missing newline to the ysoserial/dot_net tool
2020-04-30 16:45:38 -04:00
09d2008c20
Show some serialized payload information in the output
2020-04-29 18:02:24 -04:00
197365b610
Finish up the .NET deserialization tool
2020-04-29 17:50:07 -04:00
0a12522445
Add the initial YSoSerial.NET tool
2020-04-28 20:46:07 -04:00
68c9cfb593
ZDI Public numbers should be limited to 4 digits
...
to avoid false negatives per the discussion at #13311
2020-04-28 18:48:10 -05:00
3e51730ae3
Land #11359 , Add the shiro_rememberme_v124_deserialize module
2020-04-28 15:35:06 -04:00
5f997ef814
Land #13340 , Fix broken PKS and update link
2020-04-27 15:44:52 -05:00
ab210f15f1
chmod +x find_ysoserial_offsets.rb
2020-04-27 12:19:27 -05:00
fb057a3016
fixed
...
Co-Authored-By: L-codes <20529064+L-codes@users.noreply.github.com>
2020-04-27 10:50:34 -05:00
d31882fe15
Modify unkown to unknown
2020-04-27 10:50:34 -05:00
884d0ca4a2
fixed tools/payloads/ysoserial/find_ysoserial_offsets.rb
...
Co-Authored-By: L-codes <20529064+L-codes@users.noreply.github.com>
2020-04-27 10:50:33 -05:00
645a4c6d26
Remove ysoserial JRMPClient && JRMPListener payload
2020-04-27 10:50:09 -05:00
d7768c3476
fixed tools/payloads/ysoserial/find_ysoserial_offsets.rb
2020-04-27 10:49:25 -05:00
7576a9d1c3
Support ysoserial alongside ysoserial-modified payload (including cmd, bash, powershell, none)
2020-04-27 10:48:53 -05:00
d39b1c911d
Fix bug of find_bysoserial_offsets
2020-04-27 10:48:04 -05:00
ec10216f6b
Fix broken link to broken PKS for key verification
2020-04-26 11:12:06 -05:00
21653f09c2
Fix bad regex in ZDI reference check for msftidy
2020-04-23 00:47:52 -05:00
2c80859564
ZDI Public Numbers can be 4 digits, ZDI-19-1045
...
Also, technically, ZDI Public Numbers will always have a min of 3 digits.
The number is essentially `"num_as_string".ljust(3, '0')`, so this should be {3,4}
or {3,5} if they ever get that high ;) I could find no ZDI- references or similar that
only had 2 digits in the last number part
references:
https://www.zerodayinitiative.com/advisories/ZDI-19-1045/
https://www.zerodayinitiative.com/advisories/ZDI-05-001/
2020-04-22 14:46:21 -05:00
62dd03c348
Land #13188 new msftidy_docs
...
Land #13188 new msftidy_docs. Change Options from bold to h3 instead.
2020-04-06 10:08:06 -05:00
8451c1345b
Land #10579 , add sharphound post module, upstream updating tool
2020-04-03 09:10:40 -05:00
b18a2fd463
Support inline transforms on tools, make some code snazzier
2020-04-02 21:32:10 -05:00
f2d3cdca4b
make check_external_scripts executable
2020-04-02 21:11:09 -05:00
f3ebd26e73
add rhosts
2020-04-02 19:19:10 -04:00
f9ecbc2179
new tidy_docs checks
2020-04-02 19:10:39 -04:00
556af54850
Land #13176 , issue_finder ignores bad python files
2020-03-31 13:19:41 +01:00
2c11ea84e7
remove bad python files from issue_finder
2020-03-30 22:48:10 -04:00
c000ced363
update nasm_shell.rb
2020-03-25 02:21:08 +05:30
e517948f11
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into patch-5
2020-03-25 02:15:56 +05:30
f5c4f593f5
check for more default instructional text
2020-03-24 09:51:21 -04:00
e7da6e77a5
remove and check for instruction text
2020-03-24 09:15:04 -04:00
b090bb53cf
make makeiplist and nasm_shell tools faster
2020-03-21 19:07:21 +05:30
ccfb1b92b6
make tools/exploit/pattern_* faster
2020-03-21 00:12:15 +05:30
e643afb681
Fix find_ysoserial_offsets.rb and prettify JSON
2020-03-13 14:22:32 -05:00
cda9fd2a08
lock license_finder at 5.11.1 due to bundler 2.x
2020-02-28 08:57:19 -06:00
c0e34581f2
add external script checker
2020-02-08 15:59:32 -05:00
793d5c3342
chmod +x tools/dev/msftidy_docs.rb
...
a099481f66
2020-02-06 19:21:07 -06:00
bd48588fd5
catch false positive spaces at eol from code indent
2020-01-28 14:28:18 -05:00
0c13102432
long lines ok in code blocks
2020-01-22 21:08:32 -05:00
a099481f66
fix logic bug and chmod +x
2020-01-22 19:24:01 -05:00
322b3f8a8b
msftidy_docs first add
2020-01-22 17:39:48 -05:00
ce991071e4
Land #12524 , update most python code with python 3 compatibility
2019-12-23 14:49:08 -06:00
20e6568f00
revert killerbee to python2
2019-12-20 09:44:29 -06:00
ddf9cf71ab
Add check_executable check to msftidy
2019-11-30 07:25:27 +00:00
311b03af93
Action remainder of code review changes.
...
- Revert files that will only run as python2.
- Remove superfluous calls to list()
- Other minor cleanup
2019-11-01 19:24:22 -07:00
8563a29003
Convert all python code to python3. Fixes #12506 .
2019-10-31 14:16:14 -07:00
42b251be01
generate random c within compile_random_c
2019-10-18 08:28:25 -05:00
3c50f3d54e
add generate_random_c method
2019-10-15 12:50:58 -05:00
5084e59ee5
add links
2019-10-06 18:13:52 -04:00
c9cde76842
additional cleanup
2019-10-02 21:03:00 -04:00
cbc7d1e6aa
add headings, run date, tab to space
2019-09-28 12:03:51 -04:00
98c9654d19
created a 'docs' directory in /tools. Added a tool to find missing documentations and/or modules
2019-09-18 16:09:53 +02:00
e3463d0cd8
Prefer Rex::Text.dehex over Rex::Text.hex_to_raw
2019-08-14 20:32:30 -05:00
760f4fc25d
Fix typo, full_name -> fullname
2019-08-12 19:30:43 -05:00
0308f80c0e
fix Failure scoping (needed for libraries)
2019-04-08 09:57:22 -05:00
c1758037b9
Include only common module types in Authors check
2019-03-29 10:44:22 -05:00
20f868c15c
Complain loudly if module has no 'Author' metadata.
2019-03-26 13:27:57 -05:00
8d069e4888
Land #11446 , add msftidy support for SideEffects Stability Reliability check
2019-02-25 11:25:04 -06:00
8cc3070cc8
don't require whitespace
2019-02-25 11:24:30 -06:00
5bd34e7d4c
cleaner read of JSON cache
2019-02-21 23:20:43 -06:00
98e95eeb18
remove unused imports and vars
2019-02-21 23:14:55 -06:00
William Vu