infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Msftidy run against a bunch of whitespace violations, a few line too longs. 

git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Tod Beardsley 2011-10-17 02:42:01 +00:00
parent ea2c9d1a46
commit e9461c766e
48 changed files with 990 additions and 892 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
modules/auxiliary/admin/oracle/oraenum.rb
View File

@ -108,10 +108,25 @@ class Metasploit3 < Msf::Auxiliary
end
print_status("\tUTL Directory Access is set to #{vparm["utl_file_dir"]}") if vparm["utl_file_dir"] != " "
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'TNS', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "UTL_DIR: #{ vparm["utl_file_dir"]}") if not vparm["utl_file_dir"]#.empty?
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'TNS',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "UTL_DIR: #{ vparm["utl_file_dir"]}"
) if not vparm["utl_file_dir"]#.empty?
print_status("\tAudit log is saved at #{vparm["audit_file_dest"]}")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'TNS', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Audit Log Location: #{ vparm["audit_file_dest"]}") if not vparm["audit_file_dest"]#.empty?
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'TNS',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Audit Log Location: #{ vparm["audit_file_dest"]}"
) if not vparm["audit_file_dest"]#.empty?
end
#-------------------------------------------------------
@ -419,7 +434,13 @@ class Metasploit3 < Msf::Auxiliary
accrcrd = l.split(",")
if accts.has_key?(accrcrd[2])
print_status("\tDefault pass for account #{accrcrd[0]} is #{accrcrd[1]} ")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'TNS', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Account with Default Password #{accrcrd[0]} is #{accrcrd[1]}")
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'TNS',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Account with Default Password #{accrcrd[0]} is #{accrcrd[1]}")
end
end
end

1
modules/auxiliary/bnat/bnat_router.rb
View File

@ -153,3 +153,4 @@ class Metasploit3 < Msf::Auxiliary
return target_mac
end
end

1
modules/auxiliary/bnat/bnat_scan.rb
View File

@ -99,3 +99,4 @@ class Metasploit3 < Msf::Auxiliary
end
end
end

5
modules/auxiliary/scanner/http/sap_businessobjects_user_brute.rb
View File

@ -24,7 +24,10 @@ class Metasploit3 < Msf::Auxiliary
super(
'Name' => 'SAP BusinessObjects User Bruteforcer',
'Version' => '$Revision$',
'Description' => 'This module simply attempts to bruteforce SAP BusinessObjects users. The dswsbobje interface is only used to verify valid credentials for CmcApp. Therefore, any valid credentials that have been identified can be leveraged by logging into CmcApp.',
'Description' => 'This module attempts to bruteforce SAP BusinessObjects users.
The dswsbobje interface is only used to verify valid credentials for CmcApp.
Therefore, any valid credentials that have been identified can be leveraged by
logging into CmcApp.',
'References' =>
[
# General

7
modules/auxiliary/scanner/http/vmware_server_dir_trav.rb
View File

@ -23,7 +23,12 @@ class Metasploit3 < Msf::Auxiliary
super(
'Name' => 'VMware Server Directory Transversal Vulnerability',
'Version' => '$Revision$',
'Description' => 'This modules exploits the VMware Server Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files. Common VMware server ports 80/8222 and 443/8333 SSL. If you want to download the entire VM, check out the gueststealer tool.',
'Description' => 'This modules exploits the VMware Server Directory traversal
vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before
2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5
allows remote attackers to read arbitrary files. Common VMware server ports
80/8222 and 443/8333 SSL. If you want to download the entire VM, check out
the gueststealer tool.',
'Author' => 'CG' ,
'License' => MSF_LICENSE,
'Version' => '$Revision$',

1
modules/auxiliary/scanner/mssql/mssql_hashdump.rb
View File

@ -137,7 +137,6 @@ class Metasploit3 < Msf::Auxiliary
end
filename= "#{datastore['RHOST']}-#{datastore['RPORT']}_sqlhashes.txt"
store_loot(hashtype, "text/plain", datastore['RHOST'], tbl.to_csv, filename, "MS SQL Hashes", this_service)
end
#Grabs the user tables depending on what Version of MSSQL

5
modules/auxiliary/scanner/oracle/isqlplus_login.rb
View File

@ -158,10 +158,7 @@ class Metasploit3 < Msf::Auxiliary
'uri' => uri,
'method' => 'POST',
'data' => postrequest,
'headers' =>
{
'Referer' => "http://#{rhost}:#{rport}#{uri}"
}
'headers' => { 'Referer' => "http://#{rhost}:#{rport}#{uri}" }
}, timeout)
unless (res.kind_of? Rex::Proto::Http::Response)
vprint_error("#{msg} Not responding")

3
modules/auxiliary/scanner/oracle/oracle_hashdump.rb
View File

@ -107,8 +107,6 @@ class Metasploit3 < Msf::Auxiliary
end
def get_schema
#Grabs the Database and table names for storage
#These names will be sued later to seed wordlists for cracking
@ -140,7 +138,6 @@ class Metasploit3 < Msf::Auxiliary
store_loot("oracle11g.hashes", "text/plain", ip, hash_loot, filename, "Oracle 11g Hashes", service)
print_status("Hash Table has been saved")
end
end
def report_other_data(oracle_schema,ip)

64
modules/auxiliary/scanner/oracle/xdb_sid_brute.rb
View File

@ -278,13 +278,63 @@ class Metasploit3 < Msf::Auxiliary
pgt = e.elements['LIMIT'].get_text
end
end
print_good("\tFailed Login Attempts: #{fla}\n\tPassword Life Time: #{plit}\n\tPassword Reuse Time: #{prt}\n\tPassword Reuse Max: #{prm}\n\tPassword Lock Time: #{plot}\n\tPassword Grace Time: #{pgt}")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'XDB', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Password Maximum Reuse Time: #{prm}")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'XDB', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Password Reuse Time: #{prt}")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'XDB', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Password Life Time: #{plit}")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'XDB', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Account Fail Logins Permitted: #{fla}")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'XDB', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Account Lockout Time: #{plot}")
report_note(:host => datastore['RHOST'], :proto => 'tcp', :sname => 'XDB', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "Account Password Grace Time: #{pgt}")
print_good(
"\tFailed Login Attempts: #{fla}\n\t" +
"Password Life Time: #{plit}\n\t" +
"Password Reuse Time: #{prt}\n\t" +
"Password Reuse Max: #{prm}\n\t" +
"Password Lock Time: #{plot}\n\t" +
"Password Grace Time: #{pgt}"
)
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'XDB',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Password Maximum Reuse Time: #{prm}"
)
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'XDB',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Password Reuse Time: #{prt}"
)
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'XDB',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Password Life Time: #{plit}"
)
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'XDB',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Account Fail Logins Permitted: #{fla}"
)
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'XDB',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Account Lockout Time: #{plot}"
)
report_note(
:host => datastore['RHOST'],
:proto => 'tcp',
:sname => 'XDB',
:port => datastore['RPORT'],
:type => 'ORA_ENUM',
:data => "Account Password Grace Time: #{pgt}"
)
end
break if good

10
modules/auxiliary/scanner/sap/sap_mgmt_con_getlogfiles.rb
View File

@ -143,8 +143,14 @@ class Metasploit3 < Msf::Auxiliary
if success
print_good("#{rhost}:#{rport} [SAP] #{datastore['FILETYPE'].downcase}:#{datastore['RFILE'].downcase} looted")
store_loot("sap.#{datastore['FILETYPE'].downcase}file", "text/xml", rhost, res.body, "sap_#{datastore['RFILE'].downcase}.xml",
"SAP Get Logfile")
store_loot(
"sap.#{datastore['FILETYPE'].downcase}file",
"text/xml",
rhost,
res.body,
"sap_#{datastore['RFILE'].downcase}.xml",
"SAP Get Logfile"
)
elsif fault
print_error("#{rhost}:#{rport} [SAP] Errorcode: #{faultcode}")
return

10
modules/auxiliary/scanner/sap/sap_mgmt_con_listlogfiles.rb
View File

@ -143,8 +143,14 @@ class Metasploit3 < Msf::Auxiliary
"Size",
"Timestamp"
])
store_loot("sap.#{datastore['FILETYPE'].downcase}file", "text/xml", rhost, saptbl.to_s, "sap_listlogfiles.xml",
"SAP #{datastore['FILETYPE'].downcase}")
store_loot(
"sap.#{datastore['FILETYPE'].downcase}file",
"text/xml",
rhost,
saptbl.to_s,
"sap_listlogfiles.xml",
"SAP #{datastore['FILETYPE'].downcase}"
)
env.each do |output|
saptbl << [ output[0], output[1], output[2] ]

3
modules/auxiliary/scanner/sap/sap_mgmt_con_startprofile.rb
View File

@ -51,8 +51,7 @@ class Metasploit3 < Msf::Auxiliary
res = send_request_cgi({
'uri' => "/#{datastore['URI']}",
'method' => 'GET',
'headers' =>
{
'headers' => {
'User-Agent' => datastore['UserAgent']
}
}, 25)

6
modules/auxiliary/scanner/sap/sap_service_discovery.rb
View File

@ -51,7 +51,8 @@ class Metasploit3 < Msf::Auxiliary
# Default ports based on SAP "TCP/IP Ports Used by SAP Applications" Document
# http://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/4e515a43-0e01-0010-2da1-9bcc452c280b
def_ports = ['32NN', '33NN', '48NN', '80NN', '36NN', '81NN', '5NN00', '5NN01', '5NN02',
def_ports = [
'32NN', '33NN', '48NN', '80NN', '36NN', '81NN', '5NN00', '5NN01', '5NN02',
'5NN03', '5NN04', '5NN05', '5NN06', '5NN07', '5NN08', '5NN10', '5NN16',
'5NN13', '5NN14', '5NN17', '5NN18', '5NN19', '21212', '21213', '59975',
'59976', '4238', '4239','4240', '4241', '3299', '3298', '515', '7200',
@ -60,7 +61,8 @@ class Metasploit3 < Msf::Auxiliary
'3NN03', '3NN04', '3NN05', '3NN06', '3NN07', '3NN08', '3NN11', '3NN17',
'20003', '20004', '20005', '20006', '20007', '31596', '31597', '31602',
'31601', '31604', '2000', '2001', '2002', '8355', '8357', '8351' ,'8352',
'8353', '8366', '1090', '1095', '20201', '1099', '1089']
'8353', '8366', '1090', '1095', '20201', '1099', '1089'
]
ports = []
# Build ports array from valid instance numbers

8
modules/auxiliary/scanner/smtp/smtp_enum.rb
View File

@ -22,7 +22,13 @@ class Metasploit3 < Msf::Auxiliary
super(
'Name' => 'SMTP User Enumeration Utility',
'Version' => '$Revision$',
'Description' => %q{The SMTP service has two internal commands that allow the enumeration of users: VRFY (confirming the names of valid users) and EXPN (which reveals the actual address of users aliases and lists of e-mail (mailing lists)). Through the implementation of these SMTP commands can reveal a list of valid users.},
'Description' => %q{
The SMTP service has two internal commands that allow the enumeration
of users: VRFY (confirming the names of valid users) and EXPN (which
reveals the actual address of users aliases and lists of e-mail
(mailing lists)). Through the implementation of these SMTP commands can
reveal a list of valid users.
},
'References' =>
[
['URL', 'http://www.ietf.org/rfc/rfc2821.txt'],

6
modules/auxiliary/scanner/snmp/snmp_login.rb
View File

@ -155,7 +155,11 @@ class Metasploit3 < Msf::Auxiliary
# Used to flag whether this version was compatible
finished = true
rescue ::SNMP::UnsupportedPduTag, ::SNMP::InvalidPduTag, ::SNMP::ParseError, ::SNMP::InvalidErrorStatus, ::SNMP::InvalidTrapVarbind, ::SNMP::InvalidGenericTrap, ::SNMP::BER::OutOfData, ::SNMP::BER::InvalidLength, ::SNMP::BER::InvalidTag, ::SNMP::BER::InvalidObjectId, ::SNMP::MIB::ModuleNotLoadedError, ::SNMP::UnsupportedValueTag
rescue ::SNMP::UnsupportedPduTag, ::SNMP::InvalidPduTag, ::SNMP::ParseError,
::SNMP::InvalidErrorStatus, ::SNMP::InvalidTrapVarbind, ::SNMP::InvalidGenericTrap,
::SNMP::BER::OutOfData, ::SNMP::BER::InvalidLength, ::SNMP::BER::InvalidTag,
::SNMP::BER::InvalidObjectId, ::SNMP::MIB::ModuleNotLoadedError,
::SNMP::UnsupportedValueTag
next
rescue ::SNMP::UnsupportedVersion

6
modules/auxiliary/server/capture/imap.rb
View File

@ -66,9 +66,11 @@ class Metasploit3 < Msf::Auxiliary
num,cmd,arg = data.strip.split(/\s+/, 3)
arg ||= ""
if(cmd.upcase == "CAPABILITY")
c.put "* CAPABILITY IMAP4 IMAP4rev1 IDLE LOGIN-REFERRALS MAILBOX-REFERRALS NAMESPACE LITERAL+ UIDPLUS CHILDREN UNSELECT QUOTA XLIST XYZZY LOGIN-REFERRALS AUTH=XYMCOOKIE AUTH=XYMCOOKIEB64 AUTH=XYMPKI AUTH=XYMECOOKIE ID\r\n"
c.put "* CAPABILITY IMAP4 IMAP4rev1 IDLE LOGIN-REFERRALS " +
"MAILBOX-REFERRALS NAMESPACE LITERAL+ UIDPLUS CHILDREN UNSELECT " +
"QUOTA XLIST XYZZY LOGIN-REFERRALS AUTH=XYMCOOKIE AUTH=XYMCOOKIEB64 " +
"AUTH=XYMPKI AUTH=XYMECOOKIE ID\r\n"
c.put "#{num} OK CAPABILITY completed.\r\n"
end

5
modules/auxiliary/vsploit/pii/web_pii.rb
View File

@ -44,8 +44,7 @@ class Metasploit3 < Msf::Auxiliary
def create_page
# Webpage Title
title = "vSploit PII Webserver"
sheep =
"
sheep =<<EOF
__________
< baaaaah! >
---------
@ -62,7 +61,7 @@ class Metasploit3 < Msf::Auxiliary
// ( // /
~~~~~ ~~~~
"
EOF
page = ""
page << "<html>\n<head>\n"