infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ensure binary mode when opening files, whitespace fixes 

git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Joshua Drake 2010-07-01 23:33:07 +00:00
parent 1c9059eeb1
commit 0882838491
56 changed files with 124 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/auxiliary/admin/backupexec/dump.rb
View File

@ -79,7 +79,7 @@ class Metasploit3 < Msf::Auxiliary
def run
print_status("Attempting to retrieve #{datastore['RPATH']}...")
lfd = File.open(datastore['LPATH'], 'w')
lfd = File.open(datastore['LPATH'], 'wb')
connect
data = ndmp_recv()

2
modules/auxiliary/admin/motorola/wr850g_cred.rb
View File

@ -16,7 +16,7 @@ class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
super(update_info(info,
'Name' => 'Motorola WR850G v4.03 Credentials',
'Description' => %q{
Login credentials to the Motorola WR850G router with

2
modules/auxiliary/admin/mssql/mssql_exec.rb
View File

@ -15,7 +15,7 @@ require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::MSSQL
def initialize(info = {})
super(update_info(info,
'Name' => 'Microsoft SQL Server xp_cmdshell Command Execution',

2
modules/auxiliary/admin/oracle/oraenum.rb
View File

@ -415,7 +415,7 @@ class Metasploit3 < Msf::Auxiliary
user,pass = record.split(",")
accts["#{pass.chomp}"] = "#{user}"
end
::File.open(ordfltpss, "r").each_line do |l|
::File.open(ordfltpss, "rb").each_line do |l|
accrcrd = l.split(",")
if accts.has_key?(accrcrd[2])
print_status("\tDefault pass for account #{accrcrd[0]} is #{accrcrd[1]} ")

31
modules/auxiliary/admin/oracle/sid_brute.rb
View File

@ -48,27 +48,22 @@ class Metasploit3 < Msf::Auxiliary
print_status("Starting brute force on #{rhost}, using sids from #{list}...")
fd = File.open(list).each do |sid|
fd = File.open(list, 'rb').each do |sid|
login = "(DESCRIPTION=(CONNECT_DATA=(SID=#{sid})(CID=(PROGRAM=)(HOST=MSF)(USER=)))(ADDRESS=(PROTOCOL=tcp)(HOST=#{rhost})(PORT=#{rport})))"
pkt = tns_packet(login)
login = "(DESCRIPTION=(CONNECT_DATA=(SID=#{sid})(CID=(PROGRAM=)(HOST=MSF)(USER=)))(ADDRESS=(PROTOCOL=tcp)(HOST=#{rhost})(PORT=#{rport})))"
begin
connect
rescue => e
print_error("#{e}")
disconnect
return
end
pkt = tns_packet(login)
begin
connect
rescue => e
print_error("#{e}")
sock.put(pkt)
select(nil,nil,nil,s.to_i)
res = sock.get_once(-1,3)
disconnect
return
end
sock.put(pkt)
select(nil,nil,nil,s.to_i)
res = sock.get_once(-1,3)
disconnect
if ( res and res =~ /ERROR_STACK/ )
''

19
modules/auxiliary/client/smtp/emailer.rb
View File

@ -25,9 +25,9 @@ class Metasploit3 < Msf::Auxiliary
super(update_info(info,
'Name' => 'Generic Emailer (SMTP)',
'Description' => %q{
This module can be used to automate email delivery.
This code is based on Joshua Abraham's email script for social
engineering.
This module can be used to automate email delivery.
This code is based on Joshua Abraham's email script for social
engineering.
},
'License' => MSF_LICENSE,
'Version' => '$Revision$',
@ -50,7 +50,7 @@ class Metasploit3 < Msf::Auxiliary
def run
fileconf = File.open(datastore['YAML_CONFIG'])
fileconf = File.open(datastore['YAML_CONFIG'], "rb")
yamlconf = YAML::load(fileconf)
fileto = yamlconf['to']
@ -82,9 +82,8 @@ class Metasploit3 < Msf::Auxiliary
datastore['MAILFROM'] = from
msg = File.open(msg_file).read
email_sig = File.open(sig_file).read
msg = File.open(msg_file, 'rb').read
email_sig = File.open(sig_file, 'rb').read
if (type !~ /text/i and type !~ /text\/html/i)
print_error("YAML config: #{type}")
@ -136,7 +135,7 @@ class Metasploit3 < Msf::Auxiliary
end
File.open(fileto).each do |l|
File.open(fileto, 'rb').each do |l|
next if l !~ /\@/
nem = l.split(',')
@ -153,7 +152,7 @@ class Metasploit3 < Msf::Auxiliary
end
if sig
data_sig = File.open(sig_file).read
data_sig = File.open(sig_file, 'rb').read
email_msg_body = "#{email_msg_body}\n#{data_sig}"
end
@ -171,7 +170,7 @@ class Metasploit3 < Msf::Auxiliary
if attachment
if attachment_file_name
data_attachment = File.open(attachment_file).read
data_attachment = File.open(attachment_file, 'rb').read
mime_msg.add_part(Rex::Text.encode_base64(data_attachment, "\r\n"), attachment_file_type, "base64", "attachment; filename=\"#{attachment_file_name}\"")
end
end

2
modules/auxiliary/dos/windows/smb/vista_negotiate_stop.rb
View File

@ -26,7 +26,7 @@ class Metasploit3 < Msf::Auxiliary
'Author' => [ 'hdm' ],
'License' => MSF_LICENSE,
'Version' => '$Revision$',
'References' =>
'References' =>
[
[ 'OSVDB', '64341'],
]

2
modules/auxiliary/dos/windows/tftp/pt360_write.rb
View File

@ -27,7 +27,7 @@ class Metasploit3 < Msf::Auxiliary
'License' => MSF_LICENSE,
'Version' => '$Revision$',
'References' =>
[
[
[ 'CVE', '2008-1311'],
[ 'OSVDB', '42932'],
[ 'URL', 'http://milw0rm.com/exploits/6863']

2
modules/auxiliary/dos/windows/tftp/solarwinds.rb
View File

@ -27,7 +27,7 @@ class Metasploit3 < Msf::Auxiliary
'License' => MSF_LICENSE,
'Version' => '$Revision$',
'References' =>
[
[
[ 'CVE', '2010-2115' ],
[ 'OSVDB', '64845' ],
[ 'URL', 'http://www.exploit-db.com/exploits/12683' ]

2
modules/auxiliary/gather/search_email_collector.rb
View File

@ -113,7 +113,7 @@ class Metasploit3 < Msf::Auxiliary
#for writing file with all email's found
def write_output(data)
print_status("Writing email address list to #{datastore['OUTFILE']}...")
::File.open(datastore['OUTFILE'], "a") do |fd|
::File.open(datastore['OUTFILE'], "ab") do |fd|
fd.write(data)
end
end

2
modules/auxiliary/scanner/finger/finger_users.rb
View File

@ -149,7 +149,7 @@ class Metasploit3 < Msf::Auxiliary
def finger_user_common
if(! @common)
File.open(datastore['USERS_FILE'], "r") do |fd|
File.open(datastore['USERS_FILE'], "rb") do |fd|
data = fd.read(fd.stat.size)
@common = data.split(/\n/).compact.uniq
@common.delete("")

2
modules/auxiliary/scanner/http/brute_dirs.rb
View File

@ -97,7 +97,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404Sigs']).each do |str|
File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break

2
modules/auxiliary/scanner/http/copy_of_file.rb
View File

@ -92,7 +92,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404Sigs']).each do |str|
File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break

4
modules/auxiliary/scanner/http/dir_scanner.rb
View File

@ -90,7 +90,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404Sigs']).each do |str|
File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break
@ -121,7 +121,7 @@ class Metasploit3 < Msf::Auxiliary
dm = datastore['NoDetailMessages']
queue = []
File.open(datastore['DICTIONARY']).each_line do |testd|
File.open(datastore['DICTIONARY'], 'rb').each_line do |testd|
queue << testd.strip + '/'
end

4
modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb
View File

@ -98,7 +98,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404S']).each do |str|
File.open(datastore['HTTP404S'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break
@ -126,7 +126,7 @@ class Metasploit3 < Msf::Auxiliary
webdav_req = %q|<?xml version="1.0" encoding="utf-8"?><propfind xmlns="DAV:"><prop><getcontentlength xmlns="DAV:"/><getlastmodified xmlns="DAV:"/><executable xmlns="http://apache.org/dav/props/"/><resourcetype xmlns="DAV:"/><checked-in xmlns="DAV:"/><checked-out xmlns="DAV:"/></prop></propfind>|
File.open(datastore['DICTIONARY']).each do |testf|
File.open(datastore['DICTIONARY'], 'rb').each do |testf|
begin
testfdir = testf.chomp + '/'
res = send_request_cgi({

2
modules/auxiliary/scanner/http/enum_delicious.rb
View File

@ -77,7 +77,7 @@ class Metasploit3 < Msf::Auxiliary
print_status("OUTFILE did not exist, creating..")
end
File.open(file_name, 'a') do |fd|
File.open(file_name, 'ab') do |fd|
fd.write(data)
end

2
modules/auxiliary/scanner/http/enum_wayback.rb
View File

@ -69,7 +69,7 @@ class Metasploit3 < Msf::Auxiliary
print_status("OUTFILE did not exist, creating..")
end
File.open(file_name, 'a') do |fd|
File.open(file_name, 'ab') do |fd|
fd.write(data)
end

4
modules/auxiliary/scanner/http/files_dir.rb
View File

@ -69,7 +69,7 @@ class Metasploit3 < Msf::Auxiliary
queue = []
File.open(datastore['DICTIONARY']).each do |testf|
File.open(datastore['DICTIONARY'], 'rb').each do |testf|
queue << testf.strip
end
@ -92,7 +92,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404Sigs']).each do |str|
File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break

19
modules/auxiliary/scanner/http/nginx_source_disclosure.rb
View File

@ -17,34 +17,32 @@ class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
def initialize
super(
'Name' => 'Nginx Source Code Disclosure/Download',
'Version' => '$Revision$',
'Description' => 'This module exploits a nginx source code disclosure/download vulnerability.',
'Description' => %q{
This module exploits a source code disclosure/download vulnerability in
versions of the nginx web server between 0.7.56 and 0.8.40 (inclusive).
}
'References' =>
[
['CVE', '2010-2263'],
['OSVDB', '65531'],
['BID', '40760'],
[ 'CVE', '2010-2263' ],
[ 'OSVDB', '65531' ],
[ 'BID', '40760' ]
],
'Author' =>
[
'Alligator Security Team',
'Tiago Ferreira <tiago.ccna[at]gmail.com>',
],
'License' => MSF_LICENSE
)
'License' => MSF_LICENSE)
register_options(
[
Opt::RPORT(80),
OptString.new('URI', [true, 'Specify the path to download the file (ex: admin.php)', '/admin.php']),
OptString.new('PATH_SAVE', [true, 'The path to save the downloaded source code', '']),
], self.class)
end
def target_url
@ -113,4 +111,3 @@ class Metasploit3 < Msf::Auxiliary
end
end

2
modules/auxiliary/scanner/http/replace_ext.rb
View File

@ -100,7 +100,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404Sigs']).each do |str|
File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break

2
modules/auxiliary/scanner/http/svn_scanner.rb
View File

@ -81,7 +81,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404Sigs']).each do |str|
File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break

4
modules/auxiliary/scanner/http/web_vulndb.rb
View File

@ -65,7 +65,7 @@ class Metasploit3 < Msf::Auxiliary
queue = []
File.open(datastore['VULNCSV']).each do |testf|
File.open(datastore['VULNCSV'], 'rb').each do |testf|
queue << testf.strip
end
@ -88,7 +88,7 @@ class Metasploit3 < Msf::Auxiliary
# Look for a string we can signature on as well
if(tcode >= 200 and tcode <= 299)
File.open(datastore['HTTP404Sigs']).each do |str|
File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
if(res.body.index(str))
emesg = str
break

3
modules/auxiliary/scanner/ip/ipidseq.rb
View File

@ -99,7 +99,7 @@ class Metasploit3 < Msf::Auxiliary
return if ipids.empty?
print_status("#{ip}'s IPID sequence class: #{analyze(ipids)}")
#Add Report
report_note(
:host => ip,
@ -223,4 +223,3 @@ class Metasploit3 < Msf::Auxiliary
end
end

58
modules/auxiliary/scanner/lotus/lotus_domino_version.rb
View File

@ -1,5 +1,9 @@
##
# This file is part of the Metasploit Framework and may be subject to
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
@ -8,7 +12,7 @@
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::HttpClient
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::Report
@ -23,12 +27,12 @@ class Metasploit3 < Msf::Auxiliary
)
register_options(
[
OptString.new('PATH', [ true, "path", '/']),
OptString.new('PATH', [ true, "path", '/']),
] )
end
def run_host(ip)
path = datastore['PATH']
check1 = [
'iNotes/Forms5.nsf',
@ -50,11 +54,11 @@ class Metasploit3 < Msf::Auxiliary
baseversion = []
begin
check1.each do | check |
res = send_request_raw({
'uri' => path+check,
'uri' => path+check,
'method' => 'GET',
}, 10)
@ -77,18 +81,18 @@ class Metasploit3 < Msf::Auxiliary
''
else server1.strip != currentversion.last
puts "Different current version values" #this shouldnt happen,but just in case
currentversion << ' : ' + server1.strip
currentversion << ' : ' + server1.strip
end
else
else
''
end
elsif
end
elsif
if (res.code and res.headers['Location'])
print_error("#{ip}:#{rport} #{res.code} Redirect to #{res.headers['Location']}")
else
''
end
else
''
end
else
''
end
end
@ -101,7 +105,7 @@ class Metasploit3 < Msf::Auxiliary
check2.each do | check |
res = send_request_raw({
'uri' => path+check,
'uri' => path+check,
'method' => 'GET',
}, 10)
@ -119,24 +123,24 @@ class Metasploit3 < Msf::Auxiliary
:type => 'lotusdomino.version.releasenotes',
:data => server2.strip
)
else
else
''
end
elsif
end
elsif
if (res.code and res.headers['Location'])
print_error("#{ip}:#{rport} #{res.code} Redirect to #{res.headers['Location']}")
else
''
end
else
''
end
else
''
end
end
check3.each do | check |
res = send_request_raw({
'uri' => path+check,
'uri' => path+check,
'method' => 'GET',
}, 10)
@ -159,18 +163,18 @@ class Metasploit3 < Msf::Auxiliary
''
else server3.strip != baseversion.last #this shouldnt happen,but just in case
puts "Different base version values"
baseversion << ' : ' + server3.strip
baseversion << ' : ' + server3.strip
end
else
else
''
end
elsif
elsif
if (res.code and res.headers['Location'])
print_error("#{ip}:#{rport} #{res.code} Redirect to #{res.headers['Location']}")
else
''
end
else
end
else
''
end
end

2
modules/auxiliary/scanner/mysql/mysql_login.rb
View File

@ -33,7 +33,7 @@ class Metasploit3 < Msf::Auxiliary
def run_host(ip)
if mysql_version_check("4.1.1") # Pushing down to 4.1.1.
if mysql_version_check("4.1.1") # Pushing down to 4.1.1.
each_user_pass { |user, pass|
do_login(user, pass)
}

2
modules/auxiliary/scanner/rogue/rogue_send.rb
View File

@ -42,7 +42,7 @@ class Metasploit3 < Msf::Auxiliary
OptPort.new("CPORT", [true, "The source port for the TCP SYN packet", 13832]),
OptInt.new("ECHOID", [true, "The unique ICMP ECHO ID to embed into the packet", 7893]),
])
deregister_options('FILTER','PCAPFILE')
end

2
modules/auxiliary/scanner/smb/pipe_auditor.rb
View File

@ -21,7 +21,7 @@ class Metasploit3 < Msf::Auxiliary
# Scanner mixin should be near last
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::Report
def initialize
super(
'Name' => 'SMB Session Pipe Auditor',

2
modules/auxiliary/scanner/smb/pipe_dcerpc_auditor.rb
View File

@ -22,7 +22,7 @@ class Metasploit3 < Msf::Auxiliary
# Scanner mixin should be near last
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::Report
def initialize
super(
'Name' => 'SMB Session Pipe DCERPC Auditor',

2
modules/auxiliary/scanner/snmp/community.rb
View File

@ -47,7 +47,7 @@ class Metasploit3 < Msf::Auxiliary
def configure_wordlist
@comms = []
File.open(datastore['COMMUNITIES'], "r") do |fd|
File.open(datastore['COMMUNITIES'], "rb") do |fd|
buff = fd.read(fd.stat.size)
buff.split("\n").each do |line|
line.strip!

2
modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
View File

@ -179,7 +179,7 @@ class Metasploit3 < Msf::Auxiliary
)
rescue Rex::ConnectionError
return :connection_error
rescue Net::SSH::Disconnect, ::EOFError
rescue Net::SSH::Disconnect, ::EOFError
return :connection_disconnect
rescue Net::SSH::AuthenticationFailed
# Try, try, again

2
modules/auxiliary/scanner/telephony/wardial.rb
View File

@ -29,7 +29,7 @@ class Object
begin
file = Zlib::GzipReader.open(filename)
rescue Zlib::GzipFile::Error
file = File.open(filename, 'r')
file = File.open(filename, 'rb')
ensure
return nil if ! file
#obj = Marshal.load file.read

5
modules/auxiliary/scanner/tftp/tftpbrute.rb
View File

@ -16,7 +16,7 @@ class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::Report
def initialize
super(
'Name' => 'TFTP Brute Forcer',
@ -52,7 +52,7 @@ class Metasploit3 < Msf::Auxiliary
)
add_socket(udp_sock)
fd = File.open(datastore['DICTIONARY'], 'r')
fd = File.open(datastore['DICTIONARY'], 'rb')
fd.read(fd.stat.size).split("\n").each do |filename|
filename.strip!
pkt = "\x00\x01" + filename + "\x00" + "netascii" + "\x00"
@ -78,4 +78,3 @@ class Metasploit3 < Msf::Auxiliary
end
end

4
modules/auxiliary/server/capture/http_ntlm.rb
View File

@ -128,7 +128,7 @@ class Metasploit3 < Msf::Auxiliary
print_status("#{cli.peerhost}: #{domain}\\#{user} #{lm_hash}:#{ntlm_hash} on #{host}")
if(datastore['LOGFILE'])
fd = File.open(datastore['LOGFILE'], "a")
fd = File.open(datastore['LOGFILE'], "ab")
fd.puts(
[
Time.now.to_s,
@ -144,7 +144,7 @@ class Metasploit3 < Msf::Auxiliary
end
if(datastore['PWFILE'] and user and lm_hash)
fd = File.open(datastore['PWFILE'], "a+")
fd = File.open(datastore['PWFILE'], "ab+")
fd.puts(
[
user,

2
modules/auxiliary/server/capture/smb.rb
View File

@ -226,7 +226,7 @@ class Metasploit3 < Msf::Auxiliary
if(datastore['LOGFILE'])
fd = File.open(datastore['LOGFILE'], "a")
fd = File.open(datastore['LOGFILE'], "ab")
fd.puts(
[
smb[:nbsrc],

2
modules/auxiliary/spoof/wifi/airpwn.rb
View File

@ -93,7 +93,7 @@ class Metasploit3 < Msf::Auxiliary
else
r["txresponse"] = ""
begin
File.open r["file"], File::RDONLY do |io|
File.open(r["file"], "rb") do |io|
r["txresponse"] += io.read(4096)
end
rescue EOFError

2
modules/encoders/cmd/printf_util.rb
View File

@ -26,7 +26,7 @@ class Metasploit3 < Msf::Encoder
'Name' => 'Generic printf(1) Utility Command Encoder',
'Version' => '$Revision$',
'Description' => %q{
This encoder uses the printf(1) utility to avoid restricted
This encoder uses the printf(1) utility to avoid restricted
characters. Some shell variable substituion may also be used
\if needed symbols are blacklisted.
},

6
modules/encoders/php/base64.rb
View File

@ -82,10 +82,10 @@ class Metasploit3 < Msf::Encoder
# parse errors on the server side, so do the same for them.
b64.gsub!("+", ".chr(43).")
b64.gsub!("/", ".chr(47).")
state.badchars.each_byte do |byte|
# Last ditch effort, if any of the
if b64.include?(byte.chr)
# Last ditch effort, if any of the
if b64.include?(byte.chr)
b64.gsub!(byte.chr, ".chr(#{byte}).")
end
end

2
modules/exploits/aix/rpc_cmsd_opcode21.rb
View File

@ -27,7 +27,7 @@ class Metasploit3 < Msf::Exploit::Remote
rpc.cmsd on AIX. By making a request with a long string passed to the first
argument of the "rtable_create" RPC, a stack based buffer overflow occurs. This
leads to arbitrary code execution.
NOTE: Unsuccessful attempts may cause inetd/portmapper to enter a state where
further attempts are not possible.
},

2
modules/exploits/linux/misc/gld_postfix.rb
View File

@ -59,7 +59,7 @@ require 'msf/core'
self.class
)
end
def exploit
connect

2
modules/exploits/linux/misc/lprng_format_string.rb
View File

@ -134,7 +134,7 @@ class Metasploit3 < Msf::Exploit::Remote
}
=end
print_status("Trying target #{target.name} ..")
super
end

8
modules/exploits/multi/http/jboss_deploymentfilerepository.rb
View File

@ -21,8 +21,8 @@ class Metasploit3 < Msf::Exploit::Remote
super(update_info(info,
'Name' => 'JBoss Java Class DeploymentFileRepository WAR deployment',
'Description' => %q{
This module uses the DeploymentFileRepository class in
JBoss Application Server (jbossas) to deploy a JSP file
This module uses the DeploymentFileRepository class in
JBoss Application Server (jbossas) to deploy a JSP file
in a minimal WAR context.
},
'Author' => [ 'MC', 'Jacob Giannantonio', 'Patrick Hof' ],
@ -82,7 +82,7 @@ class Metasploit3 < Msf::Exploit::Remote
return if ((p = regenerate_payload(plat, target_arch)) == nil)
end
#
# UPLOAD
#
@ -140,7 +140,7 @@ class Metasploit3 < Msf::Exploit::Remote
select(nil,nil,nil,3)
elsif (res.code < 200 or res.code >= 300)
print_error("Execution failed on '#{uri}' [#{res.code} #{res.message}], retrying...")
select(nil,nil,nil,3)
select(nil,nil,nil,3)
elsif res.code == 200
print_status("Successfully triggered payload at '#{uri}'.")
break

2
modules/exploits/multi/http/jboss_maindeployer.rb
View File

@ -264,7 +264,7 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => '/' + app_base + '/' + jsp_name + '.jsp',
'method' => verb
}, 20)
msg = nil
if (! res)
msg = "Execution failed on #{app_base} [No Response]"

2
modules/exploits/multi/misc/wireshark_lwres_getaddrbyname_loop.rb
View File

@ -233,7 +233,7 @@ class Metasploit3 < Msf::Exploit::Remote
capture_sendto(pkt, rhost)
select(nil,nil,nil,datastore['DELAY'])
end
close_pcap
handler

2
modules/exploits/multi/realserver/describe.rb
View File

@ -61,7 +61,7 @@ class Metasploit3 < Msf::Exploit::Remote
'version' => '1.0',
'uri' => '/'
}, 5)
info = http_fingerprint({ :response => res })
if res and res['Server']
print_status("Found RTSP: #{res['Server']}")

2
modules/exploits/multi/samba/usermap_script.rb
View File

@ -78,7 +78,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_error("#{e}")
end
end
def exploit
connect

2
modules/exploits/solaris/sunrpc/ypupdated_exec.rb
View File

@ -17,7 +17,7 @@ class Metasploit3 < Msf::Exploit::Remote
include Msf::Exploit::Remote::SunRPC
def initialize(info = {})
super(update_info(info,
super(update_info(info,
'Name' => 'Solaris ypupdated Command Execution',
'Description' => %q{
This exploit targets a weakness in the way the ypupdated RPC

2
modules/exploits/unix/http/contentkeeperweb_mimencode.rb
View File

@ -46,7 +46,7 @@ class Metasploit3 < Msf::Exploit::Remote
'PayloadType' => 'cmd',
'RequiredCmd' => 'generic perl ruby telnet',
}
},
},
'Platform' => ['unix'],
'Targets' =>
[

2
modules/exploits/unix/webapp/google_proxystylesheet_exec.rb
View File

@ -97,7 +97,7 @@ class Metasploit3 < Msf::Exploit::Remote
# load the xml data
path = File.join(Msf::Config.install_root, "data", "exploits", "google_proxystylesheet.xml")
fd = File.open(path, "r")
fd = File.open(path, "rb")
@xml_data = fd.read(fd.stat.size)
fd.close

2
modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb
View File

@ -71,7 +71,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Connection' => 'Close',
}
}, 5)
http_fingerprint({ :response => res })
if (res and res.code == 200 and res.body.match(/TikiWiki v?([0-9\.]*)/))

2
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
View File

@ -72,7 +72,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Connection' => 'Close',
}
}, 25)
http_fingerprint({ :response => res })
if (res and res.code == 200 and res.body.match(/TikiWiki 1\.9\.4/))

2
modules/exploits/windows/browser/java_ws_arginject_altjvm.rb
View File

@ -185,7 +185,7 @@ class Metasploit3 < Msf::Exploit::Remote
# HTML requests sent by IE and Firefox
#
my_host = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
# Always prepare the UNC path, even if we dont use it for this request...
if (datastore['UNCPATH'])
unc = datastore['UNCPATH'].dup

2
modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb
View File

@ -29,7 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote
overflow occurs when an excessively long From field is specified.
The RawQueue is processed every 1 minute by default, to a maximum of 60 minutes.
Keep this in mind when choosing payloads or setting WfsDelay... You'll need to wait.
Furthermore, this exploit uses a direct memory jump into a nopsled (which isn't very
reliable). Once the payload is written into the Raw Queue by Form2Raw, MDaemon will
continue to crash/execute the payload until the CGI output is manually deleted

2
modules/exploits/windows/http/zenworks_uploadservlet.rb
View File

@ -21,7 +21,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Name' => 'Novell ZENworks Configuration Management Remote Execution',
'Description' => %q{
This module exploits a code execution flaw in Novell ZENworks Configuration Management 10.2.0.
By exploiting the UploadServlet, an attacker can upload a malicious file outside of the TEMP directory
By exploiting the UploadServlet, an attacker can upload a malicious file outside of the TEMP directory
and then make a secondary request that allows for arbitrary code execution.
},
'Author' => [ 'MC' ],

2
modules/exploits/windows/imap/eudora_list.rb
View File

@ -89,7 +89,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
end
end
# no target found
nil
end

2
modules/exploits/windows/smb/psexec.rb
View File

@ -82,7 +82,7 @@ class Metasploit3 < Msf::Exploit::Remote
OptString.new('SMBUser', [ true, 'The username to authenticate as', "Administrator"]),
OptString.new('SMBPass', [ false, 'The password for the specified username', ""])
], self.class)
register_advanced_options(
[
OptBool.new('DB_REPORT_AUTH', [true, "Report an auth_note upon a successful connection", true])

2
modules/payloads/stages/php/meterpreter.rb
View File

@ -32,7 +32,7 @@ module Metasploit3
def generate_stage
file = File.join(Msf::Config.data_directory, "meterpreter", "meterpreter.php")
met = File.open(file, "rb") {|f|
f.read(f.stat.size)
}