infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,495 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

3156 Commits (0373156ccefb27b9cbf0589957480e8cb7f3da27)

Author SHA1 Message Date
Tod Beardsley cca30b536f
Land #4094, fixes for OWA brute forcer 
Fixes #4083

Thanks TONS to @jhart-r7 for doing most of the work on this!
 2014-11-05 14:00:26 -06:00
Jon Hart ff8d481eec Update description to remove comments about defaults. Default to 2013 2014-11-04 21:21:19 -08:00
Jon Hart 2c028ca7a6 Move redirect check before body check -- a redirect won't have a body 2014-11-04 14:19:21 -08:00
Jon Hart 7855ede2de Move userpass emptiness checking into setup 2014-11-04 14:07:39 -08:00
Tod Beardsley 5fb268bbdf
Updates to better OWA fix 2014-11-04 14:32:54 -06:00
Jon Hart b0e388f4c3
Land #3516, @midnitesnake's snmp_enumusers fix for Solaris, OS X 2014-11-04 08:23:16 -08:00
Tod Beardsley 51b96cb85b
Cosmetic title/desc updates 2014-11-03 13:37:45 -06:00
Jon Hart 15e1c253fa Numerous cleanups for snmp_enumusers 
* Bring in line with Ruby standards
* More sane format for adding new OSs
* Better logging for use on larger networks
* Better error handling
 2014-10-29 23:54:32 -07:00
Jon Hart ba5035c7ef
Prevent calling match when there is no WWW-auth header 2014-10-28 17:13:57 -07:00
Jon Hart a5d883563d
Abort if 2013 desired but redirect didn't happen 2014-10-28 15:59:22 -07:00
Jon Hart 7ca4ba26b0
Show more helpful vprint messages when login fails 2014-10-28 15:48:04 -07:00
Jon Hart bce8f34a71
Set proper Cookie header from built cookie string 2014-10-28 15:41:36 -07:00
Jon Hart a3e1e11987
Ensure necessary cookies are present in OWA 2010 login response 2014-10-28 15:40:15 -07:00
Tod Beardsley 9c028c1435
Fixes #4083, make the split nil-safe 
In the reported case, the expected cookies were not present on the
response, thus, the second split was trying to split a `nil`. This
solves the immediately problem by a) splitting up the splits into
discrete sections, and b) `NilClass#to_s`'ing the result of the first
split.

This makes the split safe. Now, there may be a larger issue here where
you're not getting the expected cookies -- it sounds like the target in
this case is responding differently, which implies that the module isn't
going to be effective against that particular target. But, at least it
won't crash. It may merely try fruitlessly the entire run, though. I
can't know without looking at a pcap, and in the reported case, a pcap
seems unlikely since this was a bug found in the field.
 2014-10-28 14:59:20 -05:00
sinn3r e31c9f579d
Land #3987 - Buffalo Linkstation NAS Login Scanner 2014-10-28 01:45:57 -05:00
Jon Hart b8c9ef96ca
Land #4003, @nstarke's Login Scanner for WD MyBook Live NAS 2014-10-27 09:57:43 -07:00
Jon Hart 83df08aaa7 Properly encode body and catch invalid configs 2014-10-22 22:43:06 -07:00
sinn3r 0ea03c00a5 Use print_brute instead of print_good for format consistency 2014-10-22 16:14:45 -05:00
Jon Hart ce8a9941ea Cleanup. Sanity check in setup. vprint 2014-10-22 10:36:24 -07:00
James Lee 46acf08e2d Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions 2014-10-22 09:09:34 -05:00
nstarke ee3dd3a2ac More Fixes for WD MyBook Live Scanner 
Fixes include removing deregistered options
from credentials collection object and adding proof
 when there is no response
 2014-10-22 03:06:21 +00:00
James Lee 0fcd1ac4f6
Restore tcp evasions to smb_login 2014-10-21 18:59:11 -05:00
James Lee e1a7e902d6
Re-enable tcp evasions for more LoginScanners 
Untested since I don't have targets for these.
 2014-10-21 18:58:28 -05:00
sinn3r 6d11ec8477 These mods support Proxies, so make the option visible for the user 2014-10-21 15:39:24 -05:00
sinn3r db7c420d8d Merge the latest changes 2014-10-21 13:49:42 -05:00
James Lee f9f8c413a8
Derp, ssh modules don't include Tcp for #proxies 2014-10-21 13:28:13 -05:00
sinn3r 79d393c5aa Resolve merge conflicts 
Conflicts:
	lib/msf/core/exploit/smb.rb
	lib/msf/core/exploit/tcp.rb
	modules/auxiliary/scanner/http/axis_login.rb
 2014-10-21 13:06:35 -05:00
James Lee 4705aeb762
Restore tcp evasions to ftp, pop3, vnc 2014-10-21 11:06:55 -05:00
James Lee 7d150ce0dd
Add tcp evasions to mysql 2014-10-21 10:05:18 -05:00
James Lee e76ee294a1
Restore tcp evasions to telnet 2014-10-21 09:44:55 -05:00
nstarke 82b74d5f3c Fixes to MyBook Live Module 
This commit contains three fixes as requested on PR
#4003.  Those include:

+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
 2014-10-21 00:50:40 +00:00
nstarke 70b13819d9 Adding Login Scanner for MyBook Live 
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
 2014-10-21 00:50:40 +00:00
jvazquez-r7 d6f4c02c2a
Land #3979, @wchen-r7 fixes #3976, http_login not using TARGETURI, neither uri normalization 2014-10-20 18:10:57 -05:00
jvazquez-r7 74ac16081f
Land #3981, @wchen-r7 Fixes #3974, axis_login.rb does not normalize URI 2014-10-20 17:51:13 -05:00
HD Moore 935a23296d
Updates to NAT-PMP, lands #4041 2014-10-20 11:26:26 -05:00
James Lee 3051b6c5ba
Clean up exceptions 
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
 2014-10-20 10:27:02 -05:00
James Lee b7d69bec83
Restore proxies to ssh scanners 2014-10-20 10:19:06 -05:00
Jon Hart 2985b39267
Land #3980, @wchen-r7 fixed #3975 2014-10-19 17:11:06 -07:00
ikkini c2174c7910 return if no version response received 2014-10-19 00:29:36 +02:00
James Lee 329a600b84
Add tcp evasion options to mssql_login 2014-10-17 17:40:21 -05:00
William Vu 10f3969079
Land #4043, s/http/http:/ splat 
What is a splat?
 2014-10-17 13:41:07 -05:00
William Vu 367ea5d3db
Add disclosure date 2014-10-17 12:35:28 -05:00
Tod Beardsley ccdaf2b576
Fix the banner 
Turns out these will be broken in outstanding PRs for a while. At least
they won't be merge conflicts.
 2014-10-17 12:23:23 -05:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
Tod Beardsley ad501b25e4
Filename move to be less redundant 2014-10-17 11:25:14 -05:00
Jon Hart 8fdae8fbfb Move protocol and lifetime to mixin, use correct map_target if CHOST 2014-10-16 13:24:17 -07:00
James Lee 40b360555f
Make the error message a little more useful 2014-10-16 12:47:13 -05:00
Tod Beardsley 8cf10be779
Don't assume SSLv3 is set (kill FP+s) 2014-10-16 10:43:58 -05:00
Tod Beardsley 0b67efd51e
Add a POODLE scanner and general SSL version scan 2014-10-16 10:27:37 -05:00
James Lee 41a57b7ba5
Re-enable proxies for HTTP-based login scanners 2014-10-15 17:00:44 -05:00