William Vu
48f743a9f2
Change CVE reference to NVD and add AKB reference
2021-04-03 12:56:26 -05:00
Alan Foster
12c5dd6f44
Fix db connection support for rpc service
2021-04-02 05:30:34 +01:00
pingport80
309e39c45a
remove backtraces from ruby scripts
2021-03-24 14:52:19 -05:00
Spencer McIntyre
abd15f723c
Update dockerfile comments and pin jar versions
...
Pin the JAR versions so future travelers know what I was using today.
This should make the build deterministic. You're welcome.
2021-03-11 12:09:29 -06:00
Spencer McIntyre
3ecf0914e1
Use 'none' as the original ysoserial type, increase the size
...
Increasing the size to occupy two bytes seems to be helping stabilize
the generation for both the ROME and CommonsCollections1 payloads.
2021-03-11 12:09:29 -06:00
Spencer McIntyre
515d8fa853
Revert a subset of the changes from d39b1c911d
which broke a payload
...
Adjusting the value used as a buffer offset in commit d39b1c911d
broke
the CommonsCollections1 YSoSerial payload chain.
2021-03-11 12:09:29 -06:00
Spencer McIntyre
64387ff9c0
Fix multiple issues with find_ysoserial_offsets
...
1) The output of ysoserial changed so update the number of dropped lines.
2) Pin the diff-lcs gem to version 1.3 because 1.4 breaks the script
3) Generate all payloads by default
2021-03-11 12:09:29 -06:00
Alan Foster
b06c5c12aa
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
Alan Foster
260527076c
Require rubocop for new modules
2021-02-23 23:05:48 +00:00
agalway-r7
275e9c5454
Land #14696 , Further Zeitwerk lands to improve boot speed
...
Zeitwerk rex folder
2021-02-19 10:33:37 +00:00
Brendan Coles
f4c37bd446
msftidy: Add info check for exploit module notes
2021-02-15 11:01:01 +00:00
Brendan Coles
a1c316c679
msftidy: Fix exploit module checks for author and stack buffer overflow
2021-02-13 04:10:13 +00:00
dwelch-r7
b95be3ed10
Zeitwerk `rex` folder
2021-02-08 12:24:12 +00:00
firefart
1af4aaeb91
update WPVDB link type
2021-02-06 12:20:03 +01:00
Alan Foster
7cb8876e92
Ensure msftidy runs on ci
2021-01-29 12:29:15 +00:00
adfoster-r7
ffd59c3254
Land #14651 , msftidy: Add check for module description
2021-01-25 11:17:39 +00:00
Brendan Coles
b5d746cc44
msftidy: Add check for module description
2021-01-22 23:29:16 +00:00
dwelch-r7
d437a32374
remove `msf/util` requires
2021-01-18 14:21:54 +00:00
dwelch-r7
b816373b94
remove `msf/ui` requires
2021-01-18 14:21:54 +00:00
dwelch-r7
a19575d6bb
New lines and undoing debug changes
2021-01-06 12:48:16 +00:00
dwelch-r7
c11f6b61a3
Eagerly require `msf/core` for namespacing reasons
2021-01-06 10:22:51 +00:00
dwelch-r7
c0912b358c
Fix tests
2021-01-05 16:20:42 +00:00
dwelch-r7
bad5ccbc49
Remove `msf/base` requires
2021-01-05 14:59:46 +00:00
dwelch-r7
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
Spencer McIntyre
1151d3dcc7
Land #14419 , Update external dev scripts and wordpress wordlists
2020-11-24 17:48:05 -05:00
h00die
f8a51d0445
fix up joomla python code
2020-11-21 12:43:30 -05:00
h00die
4de58b8596
python 4 space not ruby 2
2020-11-21 12:43:06 -05:00
h00die
92a9d50ea9
add joomla component update script
2020-11-21 12:36:21 -05:00
h00die
e2e086ba6f
mention joomla
2020-11-21 11:56:33 -05:00
h00die
15b5a811e4
update check external scripts and wordpress files
2020-11-21 11:52:18 -05:00
Tim W
b4b2ae44c1
add heredoc awareness to msftidy
2020-11-17 18:06:17 +08:00
gwillcox-r7
b524e5676f
Apply RuboCop fixes to tools/dev/check_external_scripts.rb
2020-08-05 11:48:55 -05:00
gwillcox-r7
38e116d5be
Add in fix to prevent us from having to clone the sqlmap project every time that we want to decloak another sqlmap file
2020-08-05 11:40:49 -05:00
gwillcox-r7
5460e35e84
Add in additional checks to the decloak() function to check if python or python3 is installed and to try both options, to try ensure the git repo is cloned correctly, and to make sure that operations complete successfully before moving onto the next one. Also added in fixes from review notes for minor issues.
2020-08-05 11:10:39 -05:00
h00die
41058775b3
add sharphound exe, rubocop, and final update run
2020-08-04 09:06:45 -04:00
h00die
9663d3378f
add sqlmap decloak
2020-08-04 08:48:30 -04:00
h00die
42b2f306d1
adding udf and john to external scripts
2020-08-04 08:46:47 -04:00
Spencer McIntyre
73cace16a3
Add checks to msftidy_docs and update the template for them
2020-07-23 20:37:39 -04:00
Adam Galway
1a2bf98222
creates standard elog & updates exisiting usages
2020-06-22 12:48:39 +01:00
William Vu
437a056f67
Land #13364 , .NET deserialization tool
2020-05-05 11:02:31 -05:00
Spencer McIntyre
1134ac69a0
Add missing newline to the ysoserial/dot_net tool
2020-04-30 16:45:38 -04:00
Spencer McIntyre
09d2008c20
Show some serialized payload information in the output
2020-04-29 18:02:24 -04:00
Spencer McIntyre
197365b610
Finish up the .NET deserialization tool
2020-04-29 17:50:07 -04:00
Spencer McIntyre
0a12522445
Add the initial YSoSerial.NET tool
2020-04-28 20:46:07 -04:00
Josh
68c9cfb593
ZDI Public numbers should be limited to 4 digits
...
to avoid false negatives per the discussion at #13311
2020-04-28 18:48:10 -05:00
Spencer McIntyre
3e51730ae3
Land #11359 , Add the shiro_rememberme_v124_deserialize module
2020-04-28 15:35:06 -04:00
gwillcox-r7
5f997ef814
Land #13340 , Fix broken PKS and update link
2020-04-27 15:44:52 -05:00
William Vu
ab210f15f1
chmod +x find_ysoserial_offsets.rb
2020-04-27 12:19:27 -05:00
bcoles
fb057a3016
fixed
...
Co-Authored-By: L-codes <20529064+L-codes@users.noreply.github.com>
2020-04-27 10:50:34 -05:00
L
d31882fe15
Modify unkown to unknown
2020-04-27 10:50:34 -05:00
bcoles
884d0ca4a2
fixed tools/payloads/ysoserial/find_ysoserial_offsets.rb
...
Co-Authored-By: L-codes <20529064+L-codes@users.noreply.github.com>
2020-04-27 10:50:33 -05:00
L
645a4c6d26
Remove ysoserial JRMPClient && JRMPListener payload
2020-04-27 10:50:09 -05:00
L
d7768c3476
fixed tools/payloads/ysoserial/find_ysoserial_offsets.rb
2020-04-27 10:49:25 -05:00
L
7576a9d1c3
Support ysoserial alongside ysoserial-modified payload (including cmd, bash, powershell, none)
2020-04-27 10:48:53 -05:00
L
d39b1c911d
Fix bug of find_bysoserial_offsets
2020-04-27 10:48:04 -05:00
Tod Beardsley
ec10216f6b
Fix broken link to broken PKS for key verification
2020-04-26 11:12:06 -05:00
William Vu
21653f09c2
Fix bad regex in ZDI reference check for msftidy
2020-04-23 00:47:52 -05:00
Josh
2c80859564
ZDI Public Numbers can be 4 digits, ZDI-19-1045
...
Also, technically, ZDI Public Numbers will always have a min of 3 digits.
The number is essentially `"num_as_string".ljust(3, '0')`, so this should be {3,4}
or {3,5} if they ever get that high ;) I could find no ZDI- references or similar that
only had 2 digits in the last number part
references:
https://www.zerodayinitiative.com/advisories/ZDI-19-1045/
https://www.zerodayinitiative.com/advisories/ZDI-05-001/
2020-04-22 14:46:21 -05:00
tperry-r7
62dd03c348
Land #13188 new msftidy_docs
...
Land #13188 new msftidy_docs. Change Options from bold to h3 instead.
2020-04-06 10:08:06 -05:00
Brent Cook
8451c1345b
Land #10579 , add sharphound post module, upstream updating tool
2020-04-03 09:10:40 -05:00
Brent Cook
b18a2fd463
Support inline transforms on tools, make some code snazzier
2020-04-02 21:32:10 -05:00
Brent Cook
f2d3cdca4b
make check_external_scripts executable
2020-04-02 21:11:09 -05:00
h00die
f3ebd26e73
add rhosts
2020-04-02 19:19:10 -04:00
h00die
f9ecbc2179
new tidy_docs checks
2020-04-02 19:10:39 -04:00
Adam Galway
556af54850
Land #13176 , issue_finder ignores bad python files
2020-03-31 13:19:41 +01:00
h00die
2c11ea84e7
remove bad python files from issue_finder
2020-03-30 22:48:10 -04:00
Auxilus
c000ced363
update nasm_shell.rb
2020-03-25 02:21:08 +05:30
Auxilus
e517948f11
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into patch-5
2020-03-25 02:15:56 +05:30
h00die
f5c4f593f5
check for more default instructional text
2020-03-24 09:51:21 -04:00
h00die
e7da6e77a5
remove and check for instruction text
2020-03-24 09:15:04 -04:00
Auxilus
b090bb53cf
make makeiplist and nasm_shell tools faster
2020-03-21 19:07:21 +05:30
Auxilus
ccfb1b92b6
make tools/exploit/pattern_* faster
2020-03-21 00:12:15 +05:30
William Vu
e643afb681
Fix find_ysoserial_offsets.rb and prettify JSON
2020-03-13 14:22:32 -05:00
Jeffrey Martin
cda9fd2a08
lock license_finder at 5.11.1 due to bundler 2.x
2020-02-28 08:57:19 -06:00
h00die
c0e34581f2
add external script checker
2020-02-08 15:59:32 -05:00
William Vu
793d5c3342
chmod +x tools/dev/msftidy_docs.rb
...
a099481f66
failed to do so.
2020-02-06 19:21:07 -06:00
h00die
bd48588fd5
catch false positive spaces at eol from code indent
2020-01-28 14:28:18 -05:00
h00die
0c13102432
long lines ok in code blocks
2020-01-22 21:08:32 -05:00
h00die
a099481f66
fix logic bug and chmod +x
2020-01-22 19:24:01 -05:00
h00die
322b3f8a8b
msftidy_docs first add
2020-01-22 17:39:48 -05:00
Brent Cook
ce991071e4
Land #12524 , update most python code with python 3 compatibility
2019-12-23 14:49:08 -06:00
Brent Cook
20e6568f00
revert killerbee to python2
2019-12-20 09:44:29 -06:00
Brendan Coles
ddf9cf71ab
Add check_executable check to msftidy
2019-11-30 07:25:27 +00:00
Cristina Muñoz
311b03af93
Action remainder of code review changes.
...
- Revert files that will only run as python2.
- Remove superfluous calls to list()
- Other minor cleanup
2019-11-01 19:24:22 -07:00
Cristina Muñoz
8563a29003
Convert all python code to python3. Fixes #12506 .
2019-10-31 14:16:14 -07:00
Shelby Pace
42b251be01
generate random c within compile_random_c
2019-10-18 08:28:25 -05:00
Shelby Pace
3c50f3d54e
add generate_random_c method
2019-10-15 12:50:58 -05:00
h00die
5084e59ee5
add links
2019-10-06 18:13:52 -04:00
h00die
c9cde76842
additional cleanup
2019-10-02 21:03:00 -04:00
h00die
cbc7d1e6aa
add headings, run date, tab to space
2019-09-28 12:03:51 -04:00
hkerma
98c9654d19
created a 'docs' directory in /tools. Added a tool to find missing documentations and/or modules
2019-09-18 16:09:53 +02:00
William Vu
e3463d0cd8
Prefer Rex::Text.dehex over Rex::Text.hex_to_raw
2019-08-14 20:32:30 -05:00
James Lee
760f4fc25d
Fix typo, full_name -> fullname
2019-08-12 19:30:43 -05:00
Brent Cook
0308f80c0e
fix Failure scoping (needed for libraries)
2019-04-08 09:57:22 -05:00
William Vu
c1758037b9
Include only common module types in Authors check
2019-03-29 10:44:22 -05:00
Pearce Barry
20f868c15c
Complain loudly if module has no 'Author' metadata.
2019-03-26 13:27:57 -05:00
Brent Cook
8d069e4888
Land #11446 , add msftidy support for SideEffects Stability Reliability check
2019-02-25 11:25:04 -06:00
Brent Cook
8cc3070cc8
don't require whitespace
2019-02-25 11:24:30 -06:00
Jeffrey Martin
5bd34e7d4c
cleaner read of JSON cache
2019-02-21 23:20:43 -06:00
Jeffrey Martin
98e95eeb18
remove unused imports and vars
2019-02-21 23:14:55 -06:00