117cd8bf3a
Add wildcards to gitignore for extensions
2014-06-25 03:19:59 +10:00
0fc4d10813
Fix indentation for case statements
2014-06-25 03:18:37 +10:00
bba8bd3498
Land #3446 -- Meterpreter bins gem switch
2014-06-25 03:00:11 +10:00
7615da7808
Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor
2014-06-24 00:12:56 -05:00
ffd05d9da9
Fix example Gemfile.local to work with existing
2014-06-24 00:00:47 -05:00
85611702f9
Merge branch 'upstream-master' into feature/MSP-9707/smb-bruteforce-refactor
2014-06-23 23:58:47 -05:00
002234993f
SMB lib fixes, unattend.xml cred gathering
2014-06-23 20:08:42 -05:00
615aeb66a5
Dont use or
2014-06-23 23:11:04 +01:00
752007848b
Tidy up code
...
Dont rescue Exception
Remove eol spaces
Dont use and
More verbose path
2014-06-23 23:08:33 +01:00
6651af2d9b
refactor jtr_linux cracker
2014-06-23 16:27:28 -05:00
b872fa0f0d
Handle smb_recv corner case with a cache, clean up find_*, cosmetic
2014-06-23 16:14:18 -05:00
2772d84a18
Major rework of this module, please see the diff
2014-06-23 16:13:42 -05:00
86869f0a81
remove extra parenthesis
2014-06-23 17:10:31 -04:00
8e37aea7c2
remove use of Q in packing and unpacking
2014-06-23 16:52:53 -04:00
57c4ed51e9
fix mssql incremental modes
2014-06-23 15:37:37 -05:00
1cbc324774
fix up incremental modes
...
those incrmenetal rules don't exist
in all versions. All and Alnum are too long
for a 'fast-mode' crack. We wwill do Digits though
which does all digits 0-8 and gets us blank passwords
for free.
2014-06-23 15:36:17 -05:00
520c82d7fc
deal with blank password in ntlm
2014-06-23 15:32:50 -05:00
c5f2efda18
fixed up casing
2014-06-23 15:26:12 -05:00
b246e66eb8
successfully cracking ntlm hashes
...
still need to handle casing for lm
2014-06-23 14:40:32 -05:00
a7d00f8144
simplify SHA1 code
2014-06-23 15:39:06 -04:00
77620193a1
remove character restriction on aes.final call
2014-06-23 15:37:19 -04:00
2d0b4b96ee
remove verbose exit if no salt found
2014-06-23 15:34:07 -04:00
275d8826bd
skype post module to extract password hash
2014-06-23 15:16:50 -04:00
94388e3931
Fix typo in the constant name
2014-06-23 12:51:26 -05:00
57cc390681
fix how we save mssql hashes
...
since the 0x prefix is neccisary, just save the hash that way in the first place
2014-06-23 12:38:36 -05:00
c61f59d8a9
make sure to report the realm
2014-06-23 12:08:49 -05:00
dadd959c6a
refactor postgres hash cracking
...
refactored postgres_hashdump to report the creds
it logged in with. added a new jtr module for
dealing with postgres hashes instead of the
crappy old md5 one we had before
2014-06-23 12:02:39 -05:00
a0aca251f5
Land #3472 , releae fixes
2014-06-23 11:41:35 -05:00
ac60696247
Land #3468 , update for Chromecast wifi spying
2014-06-23 11:39:08 -05:00
0219c4974a
Release fixups, word choice, refs, etc.
2014-06-23 11:17:00 -05:00
a0be142b33
Merge branch 'staging/electro-release' into feature/MSP-9717/mysql_crack
2014-06-23 11:03:29 -05:00
267642aa4b
Fix description
2014-06-23 09:20:47 -05:00
cc3c06440f
Add module for ZDI-14-195, HP AutoPass License Traversal
2014-06-23 09:19:56 -05:00
d6a263d538
Identify the hung host in the thread info
2014-06-22 16:01:03 -05:00
538a520445
Remove redundant option (threads are always used in reverse_tcp_double)
2014-06-22 16:00:44 -05:00
b3d83720ca
Add ReverseListenerThreaded option to prevent deadlocks
...
JodaZ reported that the handle_connection() sock.put call can
result in the entire reverse_tcp stager hanging if the client
stops receiving or is on a very slow link. The solution emulates
what ReverseTcpDouble already does, which is stage each connection
in a new thread. However, given that a high number of threads
can be a problem on some operating systems (*ahem* win32) this
option is not enabled by default.
We should look into thread pooling and handle_connection() timeouts
as well as event-based polling of multiple clients as alternatives,
but this option will improve the situation for our existing users.
2014-06-22 15:55:20 -05:00
6e5f528332
Prevent stager deadlock if inp/out detection hangs for some reason
...
Even though there are calls to has_read_data(), it doesn't prevent
the put() call from blocking in a dead client or slowaris-like
situation. By moving the inp/out detection into the thread, we
allow the main handler to keep processing connections even if
a single connection hangs.
2014-06-22 15:25:19 -05:00
c71eb1aa4e
Add specs for changed object UI
2014-06-22 13:05:17 -05:00
53d0aba305
Add some specs for changed object Priv
2014-06-22 12:54:10 -05:00
40d1ec551e
Add WEP, PSK, and MGT
2014-06-21 23:15:20 -05:00
05d4a1ab2c
Land #3342 , Support negation in portspec
2014-06-21 18:14:50 -04:00
61f4c769eb
Land #3461 , Chromecast factory reset module
2014-06-21 17:43:31 -04:00
79bf80e6bf
Add generic error handling
...
Just in case a factory reset happens to fail.
2014-06-21 15:35:03 -05:00
469fae7058
Land #3465 , @hmoore-r7's module for SMC IPMI Port 49152 file exposure vulnerability
2014-06-20 17:22:28 -05:00
252d917bbb
Fix msftidy and favor && over and
2014-06-20 17:21:10 -05:00
8cfba5770a
missing require
2014-06-20 15:22:37 -05:00
d80f4d9e67
refactor jtr_mysql_fast and mysql_hashdump
...
have mysql_hashdump report the cred it logged in with
refactor jtr_mysql to use the new jtr cracker
2014-06-20 15:21:35 -05:00
669779defb
SMB cred creation refactor
2014-06-20 15:17:40 -05:00
e6e0de2b38
Land #3385 , @m-1-k-3's DLink authentication.cgi buffer overflow module
2014-06-20 14:33:42 -05:00
e8b914a62f
Download rankings for reliable exploit, but depending on a specific version without autodetection
2014-06-20 14:33:02 -05:00
OJ
James Lee
HD Moore
Meatballs
David Maloney
Rob Fuller
William Vu
Tod Beardsley
jvazquez-r7
Spencer McIntyre