infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
37,429 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

177 Commits (05897f59dfc6edd9d0535dbee8ba5c0c5df2356d)

Author SHA1 Message Date
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
sinn3r 9500038695 Fix #3995 - Make negative messages less verbose 
As an user testing against a large network, I only want to see
good news, not bad news.
 2014-10-11 11:11:09 -05:00
Tod Beardsley 5dad73a28f
Explicitly require credential_collection 
Otherwise, you run into a require ordering problem on some platforms.
This is not a great way to fix this -- but it's a fast way, and possibly
even a good way, since you're being explicit about what your module
requirements are.
 2014-09-17 15:47:30 -05:00
James Lee 257f0fc93e
Quick fix for ssh_login_pubkey 
Fixes #3772, closes #3774
 2014-09-10 09:57:17 -05:00
David Maloney 00ec47fb83
call new prepend cred methods 
add method calls o all the lgoinscanner modules
so that they call the prepend_db_* methods as approrpiate
these methods automatically check to see if DB_ALL_CREDS was
selected
 2014-09-04 12:32:35 -05:00
David Maloney 4821851ae4
telnet and ssh next 2014-08-01 14:47:08 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-16 09:38:44 -05:00
David Maloney 674447c891
final cleanup steps 2014-07-15 15:31:51 -05:00
David Maloney 34635ab968
module login status cleanup 
cleanup several bruteforce module to
use the loginstatus constants for result status
 2014-07-15 14:55:41 -05:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
David Maloney aeda74f394
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-07 16:41:23 -05:00
James Lee 2a9ac0a007
Axe SSHKey in favor of a unified SSH 2014-07-07 13:35:17 -05:00
Meatballs 94c5a0b603
More verbose around connection errors 2014-06-30 18:56:30 +01:00
Meatballs 183d601aae
Small tidyup 2014-06-30 18:17:49 +01:00
attackdebris 004afa6e0c Clean commit of Cerberus FTP User Enumeration Module 2014-06-30 17:53:46 +01:00
David Maloney 4c3cc793ba
fix missing .present? 2014-06-18 10:52:27 -05:00
James Lee 5f176a56cb
Fix typo 2014-06-17 17:16:46 -05:00
James Lee d114dd1da2
Fix bugs. :fail != :failed 2014-06-17 17:12:50 -05:00
James Lee 6237d56398
Refactor ssh_login_pubkey 
* Fix a bug in LoginScanner::SSHKey (which was copy-pasted from SSH)
   where the ssh_socket accessor was not being set because of a
   shadowing local var
 * Fix a bug in the db command dispatcher where an extra column was
   added to the table, causing an unhandled exception when running the
   creds command
 * Add a big, ugly, untested class for imitating
   Metasploit::Framework::CredentialCollection for ssh keys. This class
   continues the current behavoir of silently ignoring files that are a)
   encrypted or b) not private keys.
 * Remove unnecessary proof gathering in the module (it's already
   handled by the LoginScanner class)
 2014-06-16 18:38:20 -05:00
James Lee fb8c1f4c4b
Refactor ssh_login to use LoginScanner stuffs 
Also, Metasploit::Credential::Creation stuffs.
 2014-06-10 17:30:06 -05:00
William Vu 7777202045
Deconflict #3310 and correct the description 2014-04-30 12:02:57 -05:00
Tod Beardsley a5983b5f57
Light touchup on FP checker 2014-04-29 16:14:41 +01:00
Tod Beardsley 88efeea378
Add a false positive check 2014-04-29 16:07:42 +01:00
Tod Beardsley 4d76128937
Merge upstream and deconflict #3310 whitespace 2014-04-29 15:32:32 +01:00
Tod Beardsley a6edd94c7f
Just fix refs and desc for release 2014-04-28 19:47:15 +01:00
Tod Beardsley a7e110be9e
Add a peer method, elaborate desc and prints 2014-04-28 19:41:44 +01:00
William Vu 0a108acea3
Fix missing comma 
Commas will be the death of me.
 2014-04-23 10:10:12 -05:00
William Vu 1a2899d57b
Fix up whitespace 'n' stuff 2014-04-23 10:00:34 -05:00
kenkeiras 96f042110f return is not needed when it's the last lifunction line 2014-04-22 22:33:47 +02:00
kenkeiras c9d8da991a Use Rex.sleep instead of select 2014-04-22 22:33:19 +02:00
kenkeiras d2a558dc85 Removed unused code 2014-04-22 22:33:02 +02:00
kenkeiras b8e0187647 Use OptPath for file path options 2014-04-18 21:56:17 +02:00
kenkeiras fb0af8a799 Remove unnecesary ssh_socket variable 2014-04-18 21:50:54 +02:00
kenkeiras c875bdadf5 Change THRESHOLD into a datastore option 2014-04-18 21:18:48 +02:00
kenkeiras 8a3329c891 Password made pseudo-random instead of a bunnch of A's 2014-04-18 21:10:34 +02:00
kenkeiras 47ff820a83 Remove unnecesary 'RHOST' deregister 2014-04-18 21:06:46 +02:00
kenkeiras cc2d4f9ed7 Remove unnecesary @good_credentials 2014-04-18 21:03:22 +02:00
kenkeiras 3a4f983a6f Add CVE 2006-5229 reference 2014-03-28 22:35:19 +01:00
kenkeiras bca0d603ef SSH user enumeration script 2014-03-28 16:23:52 +01:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat 
[SeeRM #8496]
 2013-10-15 13:51:57 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
HD Moore f72f334124 Fix an odd issue with search due to use of the builtin Proxies option 2012-08-12 23:22:38 -05:00
RageLtMan 33c74c97e2 Add Opt::Proxies and opthash[:proxies] to ssh mods 2012-08-12 16:23:22 -04:00
RageLtMan c9690033c7 This commit allows ssh_login to use socks proxies. Net::SSH::Transport::Session could take a :proxy option, 
but it expects a factory object not a string, when setting :proxy => datastore['Proxies'] user got:
"Auxiliary failed: NoMethodError private method `open' called for \"socks4:localhost:1080\":String."
VALID_OPTIONS in ssh.rb now takes :proxies option which is passed to the Rex socket in
Net::SSH::Transport::Session.new.

Testing: block all outgoing to SSH server, try to connect with a proxy. Try with :proxy option,
then merge this pull request and try again.
 2012-08-12 16:01:52 -04:00
HD Moore f5533c5298 Enforce a timeout in the ssh handshake (avoid hangs in some cases) 2012-06-12 15:19:01 -05:00
sinn3r 3f0431cf51 Massive whitespace destruction 
Remove whitespace found at the end of the line
 2012-06-06 00:36:17 -05:00
sinn3r c30af98b53 Massive whitespace destruction 
Remove all the lines that have nothing but whitespace
 2012-06-06 00:22:36 -05:00
HD Moore 2ad17299e2 Handle cisco devices better with ssh logins 2012-05-31 14:59:24 -05:00
David Maloney 9e7acf3a57 left debug statement in module 2012-05-29 20:23:56 -05:00
David Maloney df85e4f586 Remove trailing comma 2012-05-21 16:28:02 -05:00
David Maloney 17943c7a48 Makes it so we don't ever use local config files for Net::SSH 
Also makes sure that the :config =>false option keeps
Net:SSH from meddling with knowns_hosts too
 2012-05-21 16:09:08 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
James Lee 464cf7f65f Normalize service names 
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
 2012-02-21 22:59:20 -07:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners 
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
 2012-01-13 13:49:21 -06:00
Tod Beardsley a1668f2b23 Adds SSHKey gem and some other ssh goodies 
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.

Squashed commit of the following:

commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 22:23:32 2012 -0600

    Updates ssh credentials to easily find common keys

    Instead of making the modules do all the work of cross-checking keys,
    this introduces a few new methods to the Cred model to make this more
    universal.

    Also includes the long-overdue workspace() method for credentials.

    So far, nothing actually implements it, but it's nice that it's there
    now.

commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 20:10:40 2012 -0600

    Adding back cross-checking for privkeys.

    Needs to test to see if anything depends on order, but should
    be okay to mark up the privkey proof with this as well.

commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 16:49:56 2012 -0600

    Add SSHKey gem, convert PEM pubkeys to SSH pubkeys

commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 13:51:55 2012 -0600

    Store pubkeys as loot for reuse.

    Yanked cross checking for now, will drop back in before pushing.

commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 02:10:12 2012 -0600

    Fixes up a couple typos in ssh_identify_pubkeys

commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 7 17:18:33 2012 -0600

    Updates to ssh_identify_pubkeys and friends

    Switches reporting to cred-based rather than note-based, accurately deal
    with DSA keys, adds disable_agent option to other ssh modules, and
    reports successful ssh_login attempts pubkey fingerprints as well.

    This last thing Leads to some double accounting of creds, so I'm not
    super-thrilled, but it sure makes searching for ssh_pubkey types a lot
    easier.... maybe a better solution is to just have a special method for
    the cred model, though.
 2012-01-08 22:28:37 -06:00
HD Moore b12baccc49 Quick update, added a research option 2012-01-07 01:13:23 -06:00
HD Moore 7b26e33e19 Initial version 2012-01-06 00:53:50 -06:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
David Maloney c984ea41d1 Quick fix to cred sourcing to eliminate spaces in the source type 2011-11-10 20:39:13 -08:00
David Maloney a88f954640 More Cred Sourcing 
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 01:49:57 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs. 
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:42:01 +00:00
Carlos Perez 7ae1bbbb3f typo 
git-svn-id: file:///home/svn/framework3/trunk@13904 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 01:49:36 +00:00
Carlos Perez a0c34d1c73 Sets a session platform when using ssh_login 
git-svn-id: file:///home/svn/framework3/trunk@13903 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 01:48:42 +00:00
Tod Beardsley 486241cc99 SSH scanners shouldn't die just because they're on Windows and they try to talk to reserved addresses. 
git-svn-id: file:///home/svn/framework3/trunk@13407 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-29 15:51:11 +00:00
James Lee 39c20b2935 cosmetic 
git-svn-id: file:///home/svn/framework3/trunk@13174 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-14 20:27:25 +00:00
Tod Beardsley b9c5835b5e Touching up the ssh key login module to be smarter about duplicate user names, not be so chatty in its messaging to the console, deal with whitespace, and avoid storing duplicate keys when we don't need to. 
git-svn-id: file:///home/svn/framework3/trunk@13162 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-13 20:51:18 +00:00
Tod Beardsley dc84ee6aab More fixups for ssh_login_pubkey and special handlers for long strings of keys. 
git-svn-id: file:///home/svn/framework3/trunk@13156 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-12 20:58:25 +00:00
Tod Beardsley 04e2eb43ef Removing the load() line from ssh_login, just wanted it for dev. 
git-svn-id: file:///home/svn/framework3/trunk@12980 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 19:23:00 +00:00
Tod Beardsley 6827495d17 Adds a # of passwords per username limiter to authbrute. 
git-svn-id: file:///home/svn/framework3/trunk@12970 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-18 04:14:06 +00:00
Tod Beardsley db1619d035 Rejiggers the max credentials limiter a little, and adds a max time limiter per service. 
git-svn-id: file:///home/svn/framework3/trunk@12967 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 22:40:25 +00:00
Tod Beardsley ab37580056 Refactored the AuthBrute mixin some to make the each_user_pass function a little cleaner and easier to maintain. 
And maintain it I shall! Added in a standardized print_brute method to normalize the AuthBrute output to always include host, port, proto, and number of guesses over number remaining.

Also adds support for a MaxGuessesPerService datastore option for AuthBrute modules.

Currently, only ssh_login supports the new stuff, but now it's just a conversion matter. Will get to that in a bit.




git-svn-id: file:///home/svn/framework3/trunk@12958 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 22:08:45 +00:00
Joshua Drake 28ae2316a4 Fixes #4390, such a bute 
git-svn-id: file:///home/svn/framework3/trunk@12578 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-10 20:52:59 +00:00
Tod Beardsley 3829d2606b Removing the un-used USER_AS_PASS option for ssh_login_pubkey. 
git-svn-id: file:///home/svn/framework3/trunk@12411 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-22 21:05:27 +00:00
Tod Beardsley ea6b1bb626 Fixes #4190 by reseting self.ssh_socket after the connection is established. 
git-svn-id: file:///home/svn/framework3/trunk@12402 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-22 15:32:00 +00:00
Tod Beardsley b91c81a182 Fixes #4074 -- corrects the affected regexes. 
git-svn-id: file:///home/svn/framework3/trunk@12238 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-04 22:19:59 +00:00
Tod Beardsley 5f70c705c1 Committing the Kippo ssh honeypot detection as seen at AHA!. 
git-svn-id: file:///home/svn/framework3/trunk@11817 4d416f70-5f16-0410-b530-b9f4589650da
 2011-02-24 13:57:26 +00:00
Tod Beardsley 24388f3a38 Adding a CVE reference for weak/blank/guessable passwords. 
git-svn-id: file:///home/svn/framework3/trunk@11465 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-04 15:30:17 +00:00
Joshua Drake 9c668b8daf Super-duper rservices commit - 
1. Added rsh, rlogin, and rexec auth brute scanners
2. Login negotation moved into new Msf::Auxiliary::Login mixin
3. Centralized session registration for auth brute scanners
4. Telnet and SSH auth brute scanners updated to use new mixins
5. Previously committed rservices mixin (r11093)



git-svn-id: file:///home/svn/framework3/trunk@11106 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-23 01:23:24 +00:00
Jonathan Cran e295408327 typo! 
git-svn-id: file:///home/svn/framework3/trunk@11103 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-22 22:43:34 +00:00
Joshua Drake 04858c69fc style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-19 22:54:19 +00:00
Tod Beardsley c2938323cc Pretty much the same deal as r10592, but for SSH, which sometimes has similiar RST problems. 
git-svn-id: file:///home/svn/framework3/trunk@10593 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-08 02:11:06 +00:00
HD Moore e939379b1b Fix missing end, use explicit Timeout class 
git-svn-id: file:///home/svn/framework3/trunk@10366 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-18 04:15:32 +00:00
Tod Beardsley b023d89469 Wrap SSH and Telnet version checkers in a timeout, or else they sometimes hang forever. 
git-svn-id: file:///home/svn/framework3/trunk@10365 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-18 03:00:19 +00:00
Tod Beardsley 6d6a547b34 Fixes #2412. Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands. 
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-18 00:58:20 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention 
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 21:37:54 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes 
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 23:33:07 +00:00
Tod Beardsley 5f9680d902 Fixes #2133. This seems to handle many keyfiles pretty well, even if they're concatenated together. Calling it closed. 
git-svn-id: file:///home/svn/framework3/trunk@9602 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-24 01:00:08 +00:00
Tod Beardsley d0e7736b2e See #2133 Ack dropping ugly timestamp 
git-svn-id: file:///home/svn/framework3/trunk@9600 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-23 23:01:03 +00:00
Tod Beardsley dbdab1f282 See #2133. Needs more testing, but solves the immediate problem of dying in the face of MaxAuthTries. 
git-svn-id: file:///home/svn/framework3/trunk@9599 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-23 22:58:56 +00:00
Tod Beardsley 613f288226 Fix up ssh_login_pubkey's session management for more effective session reuse. 
git-svn-id: file:///home/svn/framework3/trunk@9563 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-19 15:03:27 +00:00
James Lee f440317225 store the name of the file we got the key from 
git-svn-id: file:///home/svn/framework3/trunk@9300 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-14 06:00:06 +00:00
HD Moore d1c3b71fd4 Fix a typo 
git-svn-id: file:///home/svn/framework3/trunk@9215 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 19:35:59 +00:00
Tod Beardsley 71a4ec6204 Pluralization. 
git-svn-id: file:///home/svn/framework3/trunk@9214 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 18:43:44 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass 
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 08:40:19 +00:00
Tod Beardsley 08117ca000 Forcing :critical => true for report_auth_info 
git-svn-id: file:///home/svn/framework3/trunk@9150 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-26 22:23:37 +00:00
Tod Beardsley a97e4c78bd Commit the key as :ssh_key, not :pass. 
git-svn-id: file:///home/svn/framework3/trunk@9065 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-13 21:26:21 +00:00
Tod Beardsley 2a3b8ea57a Adds a module for scanning hosts for valid login credentials using unencrypted SSH private keys. Also completes the commit for r9059 to record auth_info hashes on successes. 
git-svn-id: file:///home/svn/framework3/trunk@9062 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-13 19:21:48 +00:00