infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #6646, add SSL SNI and unify SSLVersion opts

bug/bundler_fix
Adam Cammack 2016-03-15 16:35:22 -05:00
parent 68274de4d3 eea8fa86dc
commit 05f585157d
No known key found for this signature in database
GPG Key ID: C9378BA088092D66
18 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/msf/core/auxiliary/crawler.rb
View File

@ -44,7 +44,7 @@ module Auxiliary::HttpCrawler
OptString.new('BasicAuthPass', [false, 'The HTTP password to specify for basic authentication']), OptString.new('BasicAuthPass', [false, 'The HTTP password to specify for basic authentication']),
OptString.new('HTTPAdditionalHeaders', [false, "A list of additional headers to send (separated by \\x01)"]), OptString.new('HTTPAdditionalHeaders', [false, "A list of additional headers to send (separated by \\x01)"]),
OptString.new('HTTPCookie', [false, "A HTTP cookie header to send with each request"]), OptString.new('HTTPCookie', [false, "A HTTP cookie header to send with each request"]),
OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL23', 'SSL3', 'TLS1']]), Opt::SSLVersion
], self.class ], self.class
) )

2
lib/msf/core/exploit/http/client.rb
View File

@ -50,7 +50,7 @@ module Exploit::Remote::HttpClient
OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', '']), OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', '']),
OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', '']), OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', '']),
OptBool.new('DigestAuthIIS', [false, 'Conform to IIS, should work for most servers. Only set to false for non-IIS servers', true]), OptBool.new('DigestAuthIIS', [false, 'Conform to IIS, should work for most servers. Only set to false for non-IIS servers', true]),
OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL3', 'TLS1']]), Opt::SSLVersion,
OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]), OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]),
OptString.new('DOMAIN', [ true, 'The domain to use for windows authentification', 'WORKSTATION']), OptString.new('DOMAIN', [ true, 'The domain to use for windows authentification', 'WORKSTATION']),
OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout']) OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout'])

2
lib/msf/core/exploit/tcp.rb
View File

@ -64,7 +64,7 @@ module Exploit::Remote::Tcp
register_advanced_options( register_advanced_options(
[ [
OptBool.new('SSL', [ false, 'Negotiate SSL/TLS for outgoing connections', false]), OptBool.new('SSL', [ false, 'Negotiate SSL/TLS for outgoing connections', false]),
OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL/TLS to be used (TLS and SSL23 are auto-negotiate)', 'TLS1', ['SSL2', 'SSL3', 'SSL23', 'TLS', 'TLS1', 'TLS1.1', 'TLS1.2']]), Opt::SSLVersion,
OptEnum.new('SSLVerifyMode', [ false, 'SSL verification method', 'PEER', %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}]), OptEnum.new('SSLVerifyMode', [ false, 'SSL verification method', 'PEER', %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}]),
OptString.new('SSLCipher', [ false, 'String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH"']), OptString.new('SSLCipher', [ false, 'String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH"']),
Opt::Proxies, Opt::Proxies,

1
lib/msf/core/exploit/tcp_server.rb
View File

@ -19,7 +19,6 @@ module Exploit::Remote::TcpServer
[ [
OptBool.new('SSL', [ false, 'Negotiate SSL for incoming connections', false]), OptBool.new('SSL', [ false, 'Negotiate SSL for incoming connections', false]),
# SSLVersion is currently unsupported for TCP servers (only supported by clients at the moment) # SSLVersion is currently unsupported for TCP servers (only supported by clients at the moment)
# OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'TLS1', ['SSL2', 'SSL3', 'TLS1']]),
OptPath.new('SSLCert', [ false, 'Path to a custom SSL certificate (default is randomly generated)']), OptPath.new('SSLCert', [ false, 'Path to a custom SSL certificate (default is randomly generated)']),
OptAddress.new('SRVHOST', [ true, "The local host to listen on. This must be an address on the local machine or 0.0.0.0", '0.0.0.0' ]), OptAddress.new('SRVHOST', [ true, "The local host to listen on. This must be an address on the local machine or 0.0.0.0", '0.0.0.0' ]),
OptPort.new('SRVPORT', [ true, "The local port to listen on.", 8080 ]), OptPort.new('SRVPORT', [ true, "The local port to listen on.", 8080 ]),

8
lib/msf/core/opt.rb
View File

@ -51,6 +51,13 @@ module Msf
Msf::OptPort.new(__method__.to_s, [ required, desc, default ]) Msf::OptPort.new(__method__.to_s, [ required, desc, default ])
end end
# @return [OptEnum]
def self.SSLVersion
Msf::OptEnum.new('SSLVersion', [ false,
'Specify the version of SSL/TLS to be used (Auto, TLS and SSL23 are auto-negotiate)', 'Auto',
['Auto', 'SSL2', 'SSL3', 'SSL23', 'TLS', 'TLS1', 'TLS1.1', 'TLS1.2']])
end
# These are unused but remain for historical reasons # These are unused but remain for historical reasons
class << self class << self
alias builtin_chost CHOST alias builtin_chost CHOST
@ -69,6 +76,7 @@ module Msf
Proxies = Proxies() Proxies = Proxies()
RHOST = RHOST() RHOST = RHOST()
RPORT = RPORT() RPORT = RPORT()
SSLVersion = SSLVersion()
end end
end end

7
lib/rex/socket/ssl_tcp.rb
View File

@ -65,7 +65,7 @@ begin
when 'SSL2', :SSLv2 when 'SSL2', :SSLv2
version = :SSLv2 version = :SSLv2
# 'TLS' will be the new name for autonegotation with newer versions of OpenSSL # 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
when 'SSL23', :SSLv23, 'TLS' when 'SSL23', :SSLv23, 'TLS', 'Auto'
version = :SSLv23 version = :SSLv23
when 'SSL3', :SSLv3 when 'SSL3', :SSLv3
version = :SSLv3 version = :SSLv3
@ -124,6 +124,11 @@ begin
# Tie the context to a socket # Tie the context to a socket
self.sslsock = OpenSSL::SSL::SSLSocket.new(self, self.sslctx) self.sslsock = OpenSSL::SSL::SSLSocket.new(self, self.sslctx)
# If peerhost looks like a hostname, set the undocumented 'hostname'
# attribute on sslsock, which enables the Server Name Indication (SNI)
# extension
self.sslsock.hostname = self.peerhost if !Rex::Socket.dotted_ip?(self.peerhost)
# Force a negotiation timeout # Force a negotiation timeout
begin begin
Timeout.timeout(params.timeout) do Timeout.timeout(params.timeout) do

1
modules/auxiliary/dos/http/f5_bigip_apm_max_sessions.rb
View File

@ -37,7 +37,6 @@ class MetasploitModule < Msf::Auxiliary
'DefaultOptions' => 'DefaultOptions' =>
{ {
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1',
'RPORT' => 443 'RPORT' => 443
} }
)) ))

1
modules/auxiliary/gather/f5_bigip_cookie_disclosure.rb
View File

@ -32,7 +32,6 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'DefaultOptions' => 'DefaultOptions' =>
{ {
'SSLVersion' => 'TLS1',
'SSL' => true 'SSL' => true
} }
)) ))

3
modules/auxiliary/gather/ssllabs_scan.rb
View File

@ -31,7 +31,7 @@ class MetasploitModule < Msf::Auxiliary
name = name.to_s.camelize(:lower) name = name.to_s.camelize(:lower)
uri = api_path + name uri = api_path + name
cli = Rex::Proto::Http::Client.new(api_host, api_port, {}, true, 'TLS1') cli = Rex::Proto::Http::Client.new(api_host, api_port, {}, true, 'TLS')
cli.connect cli.connect
req = cli.request_cgi({ req = cli.request_cgi({
'uri' => uri, 'uri' => uri,
@ -430,7 +430,6 @@ class MetasploitModule < Msf::Auxiliary
{ {
'RPORT' => 443, 'RPORT' => 443,
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1'
} }
)) ))
register_options( register_options(

1
modules/auxiliary/scanner/http/chef_webui_login.rb
View File

@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
'DefaultOptions' => 'DefaultOptions' =>
{ {
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1'
} }
) )

1
modules/auxiliary/scanner/http/f5_mgmt_scanner.rb
View File

@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
'DefaultOptions' => 'DefaultOptions' =>
{ {
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1',
'RPORT' => 443 'RPORT' => 443
} }
)) ))

3
modules/auxiliary/scanner/http/ssl_version.rb
View File

@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
{ {
'SSL' => true, 'SSL' => true,
'RPORT' => 443, 'RPORT' => 443,
'SSLVersion' => 'SSL3'
}, },
'References' => 'References' =>
[ [
@ -43,7 +42,7 @@ class MetasploitModule < Msf::Auxiliary
register_options( register_options(
[ [
OptEnum.new('SSLVersion', [true, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL3', 'TLS1']]) Opt::SSLVersion
] ]
) )

1
modules/auxiliary/scanner/http/symantec_web_gateway_login.rb
View File

@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
{ {
'RPORT' => 443, 'RPORT' => 443,
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1'
} }
)) ))
end end

1
modules/auxiliary/scanner/nessus/nessus_rest_login.rb
View File

@ -25,7 +25,6 @@ class MetasploitModule < Msf::Auxiliary
'DefaultOptions' => 'DefaultOptions' =>
{ {
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1'
} }
)) ))
register_options( register_options(

1
modules/exploits/linux/http/symantec_web_gateway_restore.rb
View File

@ -47,7 +47,6 @@ class MetasploitModule < Msf::Exploit::Remote
'DefaultOptions' => { 'DefaultOptions' => {
'RPORT' => 443, 'RPORT' => 443,
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1'
}, },
'Platform' => ['unix'], 'Platform' => ['unix'],
'Arch' => ARCH_CMD, 'Arch' => ARCH_CMD,

1
modules/exploits/windows/misc/hp_loadrunner_magentproc.rb
View File

@ -35,7 +35,6 @@ class MetasploitModule < Msf::Exploit::Remote
'DefaultOptions' => 'DefaultOptions' =>
{ {
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'SSL3',
'PrependMigrate' => true 'PrependMigrate' => true
}, },
'Payload' => 'Payload' =>

1
modules/exploits/windows/misc/hp_magentservice.rb
View File

@ -37,7 +37,6 @@ class MetasploitModule < Msf::Exploit::Remote
{ {
'EXITFUNC' => 'seh', 'EXITFUNC' => 'seh',
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'SSL3'
}, },
'Payload' => 'Payload' =>
{ {

1
modules/exploits/windows/misc/ibm_cognos_tm1admsd_bof.rb
View File

@ -38,7 +38,6 @@ class MetasploitModule < Msf::Exploit::Remote
'DefaultOptions' => 'DefaultOptions' =>
{ {
'SSL' => true, 'SSL' => true,
'SSLVersion' => 'TLS1'
}, },
'Payload' => 'Payload' =>
{ {