Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.

unstable
Tod Beardsley 2011-11-28 17:52:34 -06:00
parent c411c216c0
commit f503bd9488
12 changed files with 472 additions and 453 deletions

View File

@ -55,7 +55,7 @@ class Metasploit3 < Msf::Auxiliary
unless myloots.nil? or myloots.empty? unless myloots.nil? or myloots.empty?
myloots.each do |myloot| myloots.each do |myloot|
begin begin
usf = File.open(myloot.path) usf = File.open(myloot.path, "rb")
rescue Exception => e rescue Exception => e
print_error("Unable to read #{myloot.path} \n #{e}") print_error("Unable to read #{myloot.path} \n #{e}")
end end
@ -157,7 +157,7 @@ class Metasploit3 < Msf::Auxiliary
john_cracked_passwords.values {|v| seed << v } john_cracked_passwords.values {|v| seed << v }
#Grab the default John Wordlist #Grab the default John Wordlist
john = File.open(john_wordlist_path, "r") john = File.open(john_wordlist_path, "rb")
john.each_line{|line| seed << line.chomp} john.each_line{|line| seed << line.chomp}
unless seed.empty? unless seed.empty?

View File

@ -80,7 +80,7 @@ class Metasploit3 < Msf::Auxiliary
john_cracked_passwords.values {|v| seed << v } john_cracked_passwords.values {|v| seed << v }
#Grab the default John Wordlist #Grab the default John Wordlist
john = File.open(john_wordlist_path, "r") john = File.open(john_wordlist_path, "rb")
john.each_line{|line| seed << line.chomp} john.each_line{|line| seed << line.chomp}
return seed return seed

View File

@ -146,7 +146,7 @@ class Metasploit3 < Msf::Auxiliary
john_cracked_passwords.values {|v| seed << v } john_cracked_passwords.values {|v| seed << v }
#Grab the default John Wordlist #Grab the default John Wordlist
john = File.open(john_wordlist_path, "r") john = File.open(john_wordlist_path, "rb")
john.each_line{|line| seed << line.chomp} john.each_line{|line| seed << line.chomp}
return seed return seed

View File

@ -78,7 +78,7 @@ class Metasploit3 < Msf::Auxiliary
john_cracked_passwords.values {|v| seed << v } john_cracked_passwords.values {|v| seed << v }
#Grab the default John Wordlist #Grab the default John Wordlist
john = File.open(john_wordlist_path, "r") john = File.open(john_wordlist_path, "rb")
john.each_line{|line| seed << line.chomp} john.each_line{|line| seed << line.chomp}
return seed return seed

View File

@ -124,11 +124,11 @@ class Metasploit3 < Msf::Auxiliary
john_cracked_passwords.values {|v| seed << v } john_cracked_passwords.values {|v| seed << v }
#Grab the default John Wordlist #Grab the default John Wordlist
john = File.open(john_wordlist_path, "r") john = File.open(john_wordlist_path, "rb")
john.each_line{|line| seed << line.chomp} john.each_line{|line| seed << line.chomp}
if datastore['Wordlist'] if datastore['Wordlist']
wordlist= File.open(datastore['Wordlist'], "r") wordlist= File.open(datastore['Wordlist'], "rb")
wordlist.each_line{|line| seed << line.chomp} wordlist.each_line{|line| seed << line.chomp}
end end

View File

@ -330,6 +330,7 @@ class Metasploit3 < Msf::Auxiliary
end end
#copy paste from rex::socket cause we need only ipv4 #copy paste from rex::socket cause we need only ipv4
#NOTE: Breaks msftidy's rule on long lines, should be refactored for readability.
def is_ipv4?(addr) def is_ipv4?(addr)
(addr =~ /^(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))$/) ? true : false (addr =~ /^(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))$/) ? true : false
end end

View File

@ -16,6 +16,7 @@ class Metasploit3 < Msf::Exploit::Remote
# #
# This module does basically nothing # This module does basically nothing
# NOTE: Because of this it's missing a disclosure date that makes msftidy angry.
# #
def initialize(info = {}) def initialize(info = {})

View File

@ -143,3 +143,4 @@ AbsoluteFTP 1.9.6
Does not work on: Does not work on:
AbsoluteFTP 1.8 AbsoluteFTP 1.8
=end =end

View File

@ -202,3 +202,4 @@ Invalid exception stack at 41414141
00ccffe0 d8 9a 83 7c 30 b7 80 7c-00 00 00 00 00 00 00 00 ...|0..|........ 00ccffe0 d8 9a 83 7c 30 b7 80 7c-00 00 00 00 00 00 00 00 ...|0..|........
=end =end

View File

@ -92,3 +92,4 @@ class Metasploit3 < Msf::Post
end end
end end

View File

@ -92,8 +92,22 @@ client.railgun.add_function( 'netapi32', 'NetUserEnum', 'DWORD',[
=end =end
client.railgun.add_function( 'netapi32', 'NetServerEnum', 'DWORD',[["PBLOB","servername","in"],["DWORD","level","in"],["PDWORD","bufptr","out"],["DWORD","prefmaxlen","in"],["PDWORD","entriesread","out"],["PDWORD","totalentries","out"],["DWORD","servertype","in"],["PWCHAR","domain","in"],["DWORD","resume_handle","inout"]]) client.railgun.add_function(
client.railgun.add_function( 'ws2_32', 'getaddrinfo', 'DWORD',[["PCHAR","pNodeName","in"],["PCHAR","pServiceName","in"],["PDWORD","pHints","in"],["PDWORD","ppResult","out"]]) 'netapi32', 'NetServerEnum', 'DWORD',
[
["PBLOB","servername","in"], ["DWORD","level","in"], ["PDWORD","bufptr","out"],
["DWORD","prefmaxlen","in"], ["PDWORD","entriesread","out"], ["PDWORD","totalentries","out"],
["DWORD","servertype","in"], ["PWCHAR","domain","in"], ["DWORD","resume_handle","inout"]
]
)
client.railgun.add_function(
'ws2_32', 'getaddrinfo', 'DWORD',
[
["PCHAR","pNodeName","in"], ["PCHAR","pServiceName","in"],
["PDWORD","pHints","in"], ["PDWORD","ppResult","out"]
]
)
domain = nil domain = nil

View File

@ -103,7 +103,7 @@ def check_single_file(dparts, fparts, f_rel)
cr += 1 if ln =~ /\r$/ cr += 1 if ln =~ /\r$/
url_ok = false if ln =~ /\.com\/projects\/Framework/ url_ok = false if ln =~ /\.com\/projects\/Framework/
if ln =~ /File\.open/ and ln =~ /[\"\'][arw]/ if ln =~ /File\.open/ and ln =~ /[\"\'][arw]/
if not ln =~ /[\"\'][wra]b\+?[\"\']/ if not ln =~ /[\"\'][wra]\+?b\+?[\"\']/
nbo += 1 nbo += 1
end end
end end