d0d964d8ab
Adds an error message if the module couldn't conenct to the target.
...
Fixes #6278
2012-01-26 10:56:07 -06:00
31fb7e7b28
Fallback to writing a new file if resuming fails
2012-01-25 14:49:30 -06:00
49be9996bc
Merge remote-tracking branch 'upstream/master'
2012-01-24 20:23:58 -06:00
35de6a593b
Update modules/auxiliary/server/html_frame_payload.rb
2012-01-24 17:14:10 -06:00
2e2726c3c0
Update modules/auxiliary/server/html_frame_payload.rb
2012-01-24 17:06:49 -06:00
88b1cd6891
Update modules/auxiliary/server/html_frame_payload.rb
2012-01-24 17:03:33 -06:00
71648159a8
Update modules/auxiliary/server/html_frame_payload.rb
2012-01-24 17:00:47 -06:00
a20bd78f75
Adding html_frame_payload.rb
2012-01-24 16:56:32 -06:00
f6a6963726
Msftidy run over the recent changed+added modules
2012-01-24 15:52:41 -06:00
7ec5f98480
Adding jhart's natpimp libary and modules.
...
Made some minor corrections -- dropped the #vim splats, switched to msf
constants for service open etc, namely.
[See #106 ]
2012-01-24 10:32:30 -06:00
2f3e976173
Actually fix ruby loop syntax on d20pass
2012-01-24 10:08:19 -06:00
fc00398330
Yup, that's better
2012-01-23 16:02:35 -06:00
39a2a894ee
Fix fh, trailing comma, and ruby loop syntax
2012-01-23 15:15:49 -06:00
455bcda6e8
Print the port so we know which http service
2012-01-23 10:17:32 -07:00
34491970b3
Adds a new VMWare Authentication Daemon login scanner module.
2012-01-22 15:39:53 -06:00
bcb19ab0a3
Fixes an issue with smb_login not properly dealing with abritrary guest access
...
on Samba.
2012-01-22 01:35:36 -06:00
06b1bffcea
Addresses an issue with udp sweep module that recorded services
...
from non-specified hosts when they respond to broadcast probes.
2012-01-20 15:34:15 -06:00
be906023dc
one register_options() should be fine.
2012-01-20 13:02:54 -06:00
d6566aa818
Add CVE-2011-4050 7-Technologies IGSS 9 IGSSdataServer.exe DoS module (Feature #6267 )
2012-01-20 12:57:13 -06:00
bbb4205683
Set default maxpage to 1, because it's faster.
2012-01-20 11:09:38 -06:00
5631774d92
Fix bug: NoMethodError undefined method `each' for nil:NilClass (line 155)
2012-01-20 10:58:02 -06:00
a75b373d7a
Fixing e-mail format for antispam
2012-01-19 10:58:25 -06:00
ed3191bcfe
Adding d20pass module
2012-01-19 10:58:16 -06:00
bb035bfec2
Fix up API option names so they can be set globally
2012-01-18 15:05:39 -06:00
ad6f8257e1
MSFTidy fixes.
2012-01-18 15:01:32 -06:00
7d9ba6f5e9
Fix bug #6256 : uninitialized class variable error
2012-01-17 17:58:53 -06:00
d5443159d7
Merge pull request #110 from jhartftw/soap_xml_6249
...
Improvements to auxiiliary/scanner/http/soap_xml to (#6249 )
2012-01-16 18:19:33 -08:00
fe901b3fb2
Clean up error messages when LOCALSIP isn't defined. Remove
...
now-duplicated code is_ipv4?, clarify SMAC error messages.
2012-01-16 14:32:15 -08:00
6a057560fa
Improvements to auxiiliary/scanner/http/soap_xml to:
...
* Detect additional SOAP faults to reduce false positives
* More obviously support SSL
* Report http/https
* Make it obvious when a SOAP endpoint falls over mid-scan
* Add a few more nouns/verbs
* Add an optional SLEEP to play nice with old/slow SOAP endpoints
https://dev.metasploit.com/redmine/issues/6249
2012-01-16 12:27:17 -08:00
4ac6c0c3ee
A great big pile of fixes to the ssh scanners
...
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
2012-01-13 13:49:21 -06:00
d52df50a77
Drop a spurious print_error line from smtp_version
2012-01-13 11:46:56 -06:00
6234d13f7c
Added Schema Dump Module for Postgres
2012-01-12 15:20:46 -05:00
52be1c3a7a
Add schemadump module for MySql
2012-01-11 12:16:22 -08:00
8c594798d7
Fix to the AIX jtr module title.
2012-01-11 09:11:23 -08:00
13069990eb
Added module for dumping schema information from Microsoft SQL Server
...
and storing it as loot and notes.
2012-01-10 15:32:09 -08:00
7e25f9a6cc
Death to unicode
...
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.
Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
ed0dbad243
Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one.
...
Fixes #6066
2012-01-10 12:32:47 -08:00
b76767669c
Update Nenad's author name and e-mail
2012-01-09 20:14:47 -06:00
8eee54d1d0
Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb)
2012-01-09 14:23:37 -06:00
eeb3a442de
whitespace correctly smtp_version.rb
2012-01-09 14:11:10 -06:00
15990efd85
Removing useless (?) begin/rescue from smtp_version
...
Let the scanner mixin handle the exceptions.
2012-01-09 14:11:10 -06:00
e12d5588c6
Set data on webdav scanner notes to include webdav path.
...
'Enabled' in the data field was useless since the note existing
already tells you webdav is enabled.
The path that webdav was running on wasn't kept anywhere though.
2012-01-09 08:33:45 -08:00
a1668f2b23
Adds SSHKey gem and some other ssh goodies
...
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.
Squashed commit of the following:
commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Jan 8 22:23:32 2012 -0600
Updates ssh credentials to easily find common keys
Instead of making the modules do all the work of cross-checking keys,
this introduces a few new methods to the Cred model to make this more
universal.
Also includes the long-overdue workspace() method for credentials.
So far, nothing actually implements it, but it's nice that it's there
now.
commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Jan 8 20:10:40 2012 -0600
Adding back cross-checking for privkeys.
Needs to test to see if anything depends on order, but should
be okay to mark up the privkey proof with this as well.
commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Jan 8 16:49:56 2012 -0600
Add SSHKey gem, convert PEM pubkeys to SSH pubkeys
commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Jan 8 13:51:55 2012 -0600
Store pubkeys as loot for reuse.
Yanked cross checking for now, will drop back in before pushing.
commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Jan 8 02:10:12 2012 -0600
Fixes up a couple typos in ssh_identify_pubkeys
commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date: Sat Jan 7 17:18:33 2012 -0600
Updates to ssh_identify_pubkeys and friends
Switches reporting to cred-based rather than note-based, accurately deal
with DSA keys, adds disable_agent option to other ssh modules, and
reports successful ssh_login attempts pubkey fingerprints as well.
This last thing Leads to some double accounting of creds, so I'm not
super-thrilled, but it sure makes searching for ssh_pubkey types a lot
easier.... maybe a better solution is to just have a special method for
the cred model, though.
2012-01-08 22:28:37 -06:00
b12baccc49
Quick update, added a research option
2012-01-07 01:13:23 -06:00
6d401b48d1
Fix typo
2012-01-07 00:02:51 -06:00
b7e29191f5
Add Drupal 'Views' module username enumeration (Feature #6194 )
2012-01-06 23:51:32 -06:00
40a1d8bcc8
Fixed issue with a missing nil check in ftp_login
2012-01-06 20:51:58 -08:00
81acfd2126
Adds hashdump and cracking modules for AIX
2012-01-06 20:31:22 -08:00
8e017fd4db
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-01-06 20:30:25 -08:00
bf425a6744
Fixed bug that prevented telnet sessions from opening with good creds
2012-01-06 16:59:08 -08:00
6ceb2f04a3
Add CVE-2011-2474 Sybase EAServer directory traversal vulnerability
2012-01-06 14:24:49 -06:00
7b26e33e19
Initial version
2012-01-06 00:53:50 -06:00
ba86e8a04f
Added PROPFIND support to http_login
...
This allows http_login to test against WebDAV.
Also added XAMPP default usernames and passwords to default wordlists
2012-01-05 12:10:53 -08:00
bc22b7de99
MSFConsole should display hostless loot, also typo fix.
...
Fixes the console to display loot not associated with a host, as when
the CorpWatch modules save loot. Also fixes a typo on
corpwatch_lookup_id.rb
Fixes #6177
2011-12-29 15:11:15 -06:00
b202c29153
Correct e-mail format
2011-12-29 11:27:10 -06:00
a330a5c63a
Add e-mail for Brandon
2011-12-29 10:53:39 -06:00
c88b582f97
Add CorpWatch Name lookup module by bperry
2011-12-28 15:43:21 -06:00
d896f128e5
Add CorpWatch ID Lookup module by bperry
2011-12-28 15:41:28 -06:00
9e1e87508f
Fix to boundary validation for when no db is present
...
Fixes #6171
2011-12-28 08:47:22 -08:00
2ad5c56d48
Typo in comment
2011-12-27 19:11:09 -06:00
617f3250cf
Handle patched systems accurately (requires actually triggering the bug)
2011-12-27 19:04:34 -06:00
f8e3119215
Add references
2011-12-27 17:50:06 -06:00
9b995bc0a5
Adds boundary validation to the framework
...
enforces boudnary checking on netbios probes
2011-12-27 11:33:52 -08:00
ce6b1d6b8c
Improve:
...
- Use 'Actions' to configure which OWA version to try
- Fix a bug where the USER_AS_PASS option might overwrite PASSWORD (and not restoring it) even though a password is already set.
- Increase timeout to 25
- Update description
2011-12-22 16:26:02 -06:00
a03f5e32f8
Merge branch 'master' of github_r7:rapid7/metasploit-framework
2011-12-22 11:11:29 -06:00
2f55f08ebe
Actually describe the module in the title/description
2011-12-22 11:10:24 -06:00
5e1efdcd73
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-22 10:49:53 -05:00
30141f3008
Fix typo in the oracle enum aux module
...
The password grace time query was not checking the right value,
spotted by user bNull in the IRC channel.
2011-12-22 10:47:57 -05:00
743a0546f1
Don't blow up if the user doesn't set a filename
...
Can't actually require FILENAME or REMOTE_FILENAME because I don't know
if you're going to upload or download. However, there shouldn't be a
stacktrace when you just try to go with neither.
2011-12-21 16:26:29 -06:00
2db697cd7a
Fixup on checkpoint firewall module
...
get() should get get_once() (intent is to get 4 bytes,
not timeout after 4 seconds), no need to escape equals
signs in regexes, no need to newline the unexpected
responses.
2011-12-21 11:21:46 -06:00
c6297458e6
Adding ref/disclosure date to checkpoint module
...
Talked with patrick, this all looks correct now.
2011-12-21 10:59:02 -06:00
1128c3ec6b
Checkpoint error msg should use res.inspect
...
Otherwise your terminal will go all wonky.
2011-12-20 15:46:31 -06:00
a58ddcae1b
Adds reporting to Patrick's Checkpoint module
...
Also refers to port 264/TCP as the SecuRemote service instead of the
Topology service (I believe this is correct)
Reporting is initially conservative -- if we don't get something for
fw_hostname, then don't bother reporting at all; assume we're
mis-identifying the target.
2011-12-20 15:44:05 -06:00
d439390aa2
Fix typo
2011-12-20 12:19:34 -06:00
c2d59f0307
Fix issue #6133
2011-12-20 11:32:33 -06:00
c83c3d5128
TFTP forgot to commit my rename.
...
Fixes #5291 for real.
2011-12-20 10:45:29 -06:00
1a396ba955
Merge pull request #70 from rapid7/tftp_client
...
Tftp client
2011-12-20 08:42:42 -08:00
11a27a1e61
Renaming TFTP transfer util.
...
See #5291 . Just renaming the file.
2011-12-20 10:06:44 -06:00
24d53efa7c
Final touches on TFTP client
...
See #5291 . Adds an option to mess with the block size in case someone
wants to write a fuzzer or exploit that leverages that. Adds a cleanup
method to the module (pretty much required, it turns out). Looking
nearly final, just need to rename the module and I think we're good to
push to master.
2011-12-20 10:03:04 -06:00
0200b6367a
Add OKI Scanner (Feature #6125 )
2011-12-20 03:09:09 -06:00
677cb4b152
Handle empty data sends sanely for TFTP.
...
Don't just hang forever -- let the user know they just send empty data.
TFTP servers don't like this of course.
2011-12-19 21:56:03 -06:00
2b3e3725ac
TFTP adding comment docs, ability to send w/out a file.
...
Commenting the tricksy parts a little better for general usage.
Adding the ability to set FILEDATA instead of FILENAME, in case
only short bits of data are desired and the user doesn't want
to go to the trouble of creating a source file to upload.
2011-12-19 18:15:19 -06:00
431ef826c9
TFTP client now uses constants, preserves trailing spaces/nulls in data
...
See #5291 , just rediscovered the bug on this.
2011-12-19 16:33:25 -06:00
5eaf2e7535
Adding download and loot functionality.
...
Still need to deal with the use case of not passing a block; blocks
should not be required, it should be okay to invoke and just wait for
the complete attribute to be true. You'll miss out on error messages but
eh, maybe those should be return values.
2011-12-19 15:50:50 -06:00
aecde6fea4
Updating TFTP client. Now with grown-up thread handling.
...
No longer blocks on successful connections.
2011-12-19 12:14:40 -06:00
902d7f5ea7
Adding more to TFTP. Still need a read tho
...
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.
Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
2011-12-18 21:05:27 -06:00
23aadd04f7
Fixing merge conflict cruft
...
Dangit teach me to merge quickly. TFTP module now loads again.
2011-12-18 13:28:52 -06:00
1201d7fbf2
Merge branch 'tftp_client' of github_r7:rapid7/metasploit-framework into tftp_client
...
Conflicts:
modules/auxiliary/admin/tftp/tftp_upload_file.rb
2011-12-16 22:41:22 -06:00
0b8914021c
Switch to vprint_status, also add skeletal cleanup def.
2011-12-16 21:06:10 -06:00
50fa10679b
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:41:55 -06:00
a6867ef128
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:39:09 -06:00
205637892b
Added checkpoint_hostname aux module.
2011-12-16 10:54:34 -06:00
bb2ea62de8
Add CVE-2008-0926: Novell eDirectory eMBox Unauthenticated Access (Feature #2729 )
2011-12-15 23:09:26 -06:00
7b2a1dc791
Repair dead milw0rm link to exploit-db
2011-12-13 16:11:33 -06:00
a5189917da
Add CVE-2005-4832: Oracle Database Server DBMS_CDC_SUBSCRIBE SUBSCRIPTION_NAME SQL Injection (Feature #6094 )
2011-12-13 15:44:39 -06:00
f402b8598b
Whitespace and File.open binary mode cleanups.
...
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
2011-12-12 17:31:28 -06:00
b4f58ef8fd
Trailing commas kill 1.8. dangit.
...
Fixed dns_fuzzer to knock that off.
2011-12-12 10:26:53 -06:00
4736cb1cbe
Merge pull request #48 from swtornio/master
...
add osvdb ref
2011-12-11 20:37:43 -08:00
a9db05e53b
Fix regular expression
2011-12-10 13:24:58 -06:00
cd4d7d3c47
Handle IPv6 properly (host header parsing)
2011-12-10 13:24:58 -06:00
25685c4c74
add osvdb ref
2011-12-10 08:07:21 -06:00
8ccb68c9df
Adding an add_socket() to dhcp and rftp as lauched with a survice
...
when succesful.
Closing the related pull reuquest for this one.
2011-12-10 03:39:25 -06:00
e52436e7ad
Drop the incorrect Id keyword from h323_version
2011-12-09 14:29:55 -06:00
d6d9ac17d2
use store_loot() instead of store_local()
2011-12-08 11:10:31 -06:00
c366e652b9
Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()"
...
This reverts commit d37daa4934
2011-12-08 10:11:09 -06:00
d37daa4934
Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()
2011-12-07 19:08:24 -06:00
aa5c0c46b6
Fix indent level
2011-12-07 18:44:49 -06:00
feab7f5077
Add CVE-2011-4350
2011-12-07 18:42:52 -06:00
b7ccbcd6b5
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-07 12:23:23 -06:00
84682b3615
Apply patch #6072
2011-12-07 12:22:58 -06:00
b8767d5f57
Fix typo on 1.8.7
2011-12-07 10:45:23 -06:00
f1950c2fe1
Adding back bitstruct (current upstream) and dns_fuzzer module
...
Fixes #3289 .
This commit adds back the bit-struct library because in the end,
it is useful for some modules, especially pello's. It's small
and it has a nice license, so why not. After all, it /is/
useful for quicky application headers. Eventually, should
be replaced by StructFu, but that requires some doc work
on my part to get that transition in place.
This also adds pello's DNS fuzzer module which makes use of
BitStruct to create sometimes malformed-on-purpose DNS headers.
Tested against 3 different DNS servers, caused one to reboot,
so I'd say it works.
2011-12-06 17:03:36 -06:00
0bbbcd549d
Add port information, and allow search in data
2011-12-05 22:22:36 -06:00
84af4647db
Merge branch 'issue_1083_oracle'
2011-12-05 17:39:46 -06:00
4da2c32734
Minor update to xdb_side_brute, see #1083
...
Adds a typo fix and adds an explicit VERBOSE option.
2011-12-05 15:11:09 -06:00
dbd00efefe
Merge branch '4.3-schema'
2011-12-05 15:04:35 -06:00
37516134f0
FILTER shouldn't be case-sensitive
2011-12-05 13:19:04 -06:00
97087d88fa
Mark portscan modules as v6 incompatible
2011-12-05 13:07:36 -06:00
cf28713f9a
Mark specific modules as incompatible due to use of quad-dot code
2011-12-05 13:07:36 -06:00
fd2eb200fb
Add Shodan Search Module (Feature #5451 )
2011-12-05 12:50:21 -06:00
3cd2caca1a
Fix #6052
2011-12-04 13:49:13 -06:00
f63a616739
add osvdb ref
2011-12-04 07:48:48 -06:00
2720572a37
Add IPSwitch Whatsup Gold TFTP directory traversal module
2011-12-03 18:46:34 -06:00
dbe7e6aecf
Remove a leftover debugging statement
2011-12-02 00:06:04 -06:00
9f99cfc757
Convert the h323 module to MSF_LICENSE (backport from Pro)
2011-12-01 16:01:01 -06:00
3e5e9a910e
Add h323 scanner
2011-12-01 16:01:01 -06:00
40ab37fa10
Merge branch 'iss5979'
2011-11-30 12:16:33 -08:00
897731f3a5
Check creds (feature #6025 ). Also bringing the 'Inbox' regex back
2011-11-29 11:01:39 -06:00
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
3a84c31326
Using a better regex for a successful login. Thanks Borys.
2011-11-28 14:29:42 -06:00
bc541c118d
Apply patch #6020
2011-11-28 14:16:24 -06:00
5165865560
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-28 14:07:19 -06:00
59ab0c3a18
Fix bug #6021 , Thanks Borys
2011-11-28 14:06:56 -06:00
44a47f9913
Fixing up OWA bruteforce module to conform with the usual print_status
...
messages.
2011-11-28 13:31:54 -06:00
a578db7f56
Apply fix for #6019
2011-11-28 01:12:18 -06:00
ebfe269698
Apply patch for #5824
2011-11-26 16:52:12 -06:00
5e08c93ac9
Apply patch #5580
2011-11-26 15:32:43 -06:00
b7950a752e
Add feature #4929 (MS09-053)
2011-11-26 13:30:35 -06:00
c61d02686a
HTTP login scanners need to set duplicate_ok to true
...
or different web applications on the same server
may wipe eachother's creds out.
2011-11-22 13:04:10 -08:00
9d7f7b1f0e
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-22 11:53:14 -08:00
9e40fac8b1
Added a check to the Axis login scanner to ensure
...
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-22 11:52:06 -08:00
25f4b45bd1
Apply patch #6004
2011-11-22 13:07:46 -06:00
f81567fb6f
Fix to typo in the tables being pushed.
2011-11-21 15:49:57 -08:00
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
ff22246119
Attempt to fix #5979
2011-11-18 12:53:35 -08:00
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
96d2209ca2
Minor fixups for trace report_note patch
2011-11-14 10:40:11 -06:00
5d5c9464cc
Do some report_note while TRACE detection
2011-11-14 12:10:53 +01:00
71599f5ef9
Fix sqlmap aux to work with actual sqlmap.py
...
Commit relates to IssueID #5807
2011-11-13 09:18:33 +01:00
e4ebb890d8
Apply patch for bug #5963
2011-11-12 13:17:26 -06:00
62fdbd549c
no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder.
2011-11-11 15:37:47 -06:00
2d940e2c91
Apply patch #5952
2011-11-11 14:58:17 -06:00
35f84f5e42
yo, ruby 1.8 fix
2011-11-11 11:38:28 -06:00
fdef66f2bf
yo, ruby 1.8 fix
2011-11-11 11:38:08 -06:00
e972234629
yo, owa bruteforce utility in the house (Feature #4725 )
2011-11-11 11:23:35 -06:00
c30d98093f
Merge branch 'iss5426'
2011-11-10 20:39:48 -08:00
c984ea41d1
Quick fix to cred sourcing to eliminate spaces in the source type
2011-11-10 20:39:13 -08:00
43fa2c3d1b
Add a gitignore and delete the broken file_autopwn code. Fixes #4964
2011-11-10 20:11:53 -06:00
3a328e1a1c
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-10 16:09:35 -06:00
b761c6a9cc
Add feature #5933
2011-11-10 16:09:03 -06:00
d75e4aead3
Cosmetic changes
2011-11-10 15:45:02 -06:00
0c36915dae
add osvdb ref
2011-11-10 13:24:26 -06:00
453082678f
Add CVE-2010-1871 (Feature #5922 )
2011-11-10 10:21:17 -06:00
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
9ff5eabb4b
Fix #4915
...
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 08:51:47 +00:00
a88f954640
More Cred Sourcing
...
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
aa4f6c1cae
More cred sourcing fixes
...
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 18:45:47 +00:00
cdbe7bc587
Multiple fixes to cred reporting on this module
...
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 17:25:39 +00:00
16fc275853
whitespace cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 16:09:31 +00:00
77a3edbb4f
Added squiz_matrix_user_enum aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:14:39 +00:00
ad94bae78f
Fix bug #5923
...
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:52:02 +00:00
7ffcf62a2e
Add #5364
...
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:34:42 +00:00
12378b45d6
Fix #5502
...
git-svn-id: file:///home/svn/framework3/trunk@14180 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 07:44:02 +00:00
e4d540e031
Seplling
...
git-svn-id: file:///home/svn/framework3/trunk@14166 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 15:43:28 +00:00
f6cc9eade7
Replace my crufty old ASN.1 parser with OpenSSL::ASN1
...
git-svn-id: file:///home/svn/framework3/trunk@14165 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 05:12:28 +00:00
585a7cc4a2
Adding the HTTP Trace scanner from CG
...
Fixes #3390
git-svn-id: file:///home/svn/framework3/trunk@14150 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 20:09:11 +00:00
f25dc59371
spelling.
...
git-svn-id: file:///home/svn/framework3/trunk@14146 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 21:56:38 +00:00
2b00ace437
spelling.
...
git-svn-id: file:///home/svn/framework3/trunk@14145 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 21:47:27 +00:00
ae9e8b7821
Syntax fix for ruby 1.8
...
git-svn-id: file:///home/svn/framework3/trunk@14139 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 21:48:24 +00:00
d5cee2dedf
Apply patch #5411 to allow user-specified path
...
git-svn-id: file:///home/svn/framework3/trunk@14137 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 17:57:11 +00:00
8750c3aac5
Add feature #4849 (Redis module)
...
git-svn-id: file:///home/svn/framework3/trunk@14133 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 21:47:15 +00:00
d55dc551b6
syntax issue
...
git-svn-id: file:///home/svn/framework3/trunk@14131 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:22:02 +00:00
e1ffdfdb18
Fixes #3199 , jduck caught the funky behavior of seek and ruby's "ab" and "wb" file mode. See also http://pastie.org/2789573
...
git-svn-id: file:///home/svn/framework3/trunk@14128 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:06:09 +00:00
e14668ece9
Add ColdFusion version scanner - feature #4079
...
git-svn-id: file:///home/svn/framework3/trunk@14127 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 18:18:11 +00:00
fb56e23197
Apply fix for bug #5516 to correct a possible false positive on Apache Tomcat
...
(yup, tomcats are tricky like that)
git-svn-id: file:///home/svn/framework3/trunk@14124 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 16:39:03 +00:00
55e6672e6b
Revert a well-intentioned but design-violating change
...
git-svn-id: file:///home/svn/framework3/trunk@14116 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 18:40:49 +00:00
27c41e41f7
spaces/tabs cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@14115 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 17:41:38 +00:00
47cb10c70b
Added John the Ripper Linux module
...
Fixes #5513
git-svn-id: file:///home/svn/framework3/trunk@14114 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 17:27:21 +00:00
45d8c91929
Fixes #3199 . Note that hex notation (0x41) is okay for OptInt. Ruby integers can be 0x41, 0101, 0b01000001, which are all 65, so dropped that chunk and clarified the option instead of forcing a string and a conversion.
...
git-svn-id: file:///home/svn/framework3/trunk@14102 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 20:58:46 +00:00
467df77a50
Fixes #5170 . Enforces a max width, avoids negative widths. Thanks Oliver!
...
Related to r13769
git-svn-id: file:///home/svn/framework3/trunk@14093 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 22:07:41 +00:00
63a926a6ee
Do a report_host() on OS default name. Request #5865
...
git-svn-id: file:///home/svn/framework3/trunk@14090 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 04:50:01 +00:00
c0cca836c1
Ok, last svn propset, I swear
...
git-svn-id: file:///home/svn/framework3/trunk@14086 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:41:24 +00:00
baf9a816d5
damn it, I missed one
...
git-svn-id: file:///home/svn/framework3/trunk@14085 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:40:32 +00:00
7db499e71e
The svn propset police joins the party
...
git-svn-id: file:///home/svn/framework3/trunk@14084 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:38:18 +00:00
5d8c3e956e
Watch out, the style police is in da house
...
git-svn-id: file:///home/svn/framework3/trunk@14083 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:31:12 +00:00
6ba153c9f5
Fix to a typo, thanks Jabra
...
git-svn-id: file:///home/svn/framework3/trunk@14082 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:44:17 +00:00
abf37d7caf
Added John the Ripper Unshadow module. See #5437
...
git-svn-id: file:///home/svn/framework3/trunk@14081 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:40:38 +00:00
1f8e455eaa
Added Postgres MD5 Hashcrack module. See #5423
...
git-svn-id: file:///home/svn/framework3/trunk@14080 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:34:33 +00:00
23e50bf2b4
Added Oracle John the Ripper Module. See #5406
...
git-svn-id: file:///home/svn/framework3/trunk@14079 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:33:44 +00:00
afec4fd928
Added MySQL John the Ripper module. See #5408
...
git-svn-id: file:///home/svn/framework3/trunk@14078 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:33:12 +00:00
5c565d12fc
Added the MS SQL John the Ripper Module see #5407
...
git-svn-id: file:///home/svn/framework3/trunk@14077 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:32:08 +00:00
dd72e1ce9d
Longer timeout. #5851
...
git-svn-id: file:///home/svn/framework3/trunk@14074 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 19:35:03 +00:00
d98ab06464
This fixes the nil problem with arg. See bug #5848
...
git-svn-id: file:///home/svn/framework3/trunk@14070 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:48:17 +00:00
ab4f9d65c7
Add PATH option. Feature #5412
...
git-svn-id: file:///home/svn/framework3/trunk@14067 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 18:32:02 +00:00
82e1b87a21
#5541
...
git-svn-id: file:///home/svn/framework3/trunk@14064 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:43:58 +00:00
a5ef33305f
Fixes #5609 , thanks David!
...
git-svn-id: file:///home/svn/framework3/trunk@14052 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 21:57:42 +00:00
62c8c6ea9f
big msftidy pass, ping me if there are issues
...
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
14cf0deb29
Add feature #5398
...
git-svn-id: file:///home/svn/framework3/trunk@14032 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 22:20:55 +00:00
17f518897f
Moved from auxiliary/scanner/sap
...
git-svn-id: file:///home/svn/framework3/trunk@14030 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 21:33:53 +00:00
1e7c197d8e
git-svn-id: file:///home/svn/framework3/trunk@14029 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 21:32:36 +00:00
a62a236ad0
Add feature #5541
...
git-svn-id: file:///home/svn/framework3/trunk@14027 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 20:03:25 +00:00
2a3f430c8e
SAP ICM URLscan module (Feature #5620 ) by Chris
...
git-svn-id: file:///home/svn/framework3/trunk@14026 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 08:41:54 +00:00
389be65dff
Attempt number 2 to fix #5579
...
git-svn-id: file:///home/svn/framework3/trunk@14014 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 16:29:15 +00:00
dd2623dba9
For bug #5579
...
git-svn-id: file:///home/svn/framework3/trunk@14012 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 01:07:08 +00:00
1f698e09c9
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@14004 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 11:19:59 +00:00
4209431355
Follow a consistent naming convention
...
git-svn-id: file:///home/svn/framework3/trunk@13996 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 20:42:59 +00:00
973227933b
Add CVE-2011-1290 as an aux module
...
git-svn-id: file:///home/svn/framework3/trunk@13994 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 16:30:28 +00:00
63d3fe2e9c
Cosmetic
...
git-svn-id: file:///home/svn/framework3/trunk@13992 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:57:12 +00:00
0a661ec227
Add CVE-2011-3305 ( #5673 )
...
git-svn-id: file:///home/svn/framework3/trunk@13985 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 04:40:21 +00:00
975cc52bac
Fix spelling errors
...
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
c336d063da
Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
...
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
30ac88694f
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
...
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
e9461c766e
Msftidy run against a bunch of whitespace violations, a few line too longs.
...
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
ea2c9d1a46
Adding missing Id and Rev SVN keywords.
...
git-svn-id: file:///home/svn/framework3/trunk@13961 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 01:27:28 +00:00
cf8524b1b4
Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
...
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
f0ee05eece
Moving dos modules to manual ranking.
...
git-svn-id: file:///home/svn/framework3/trunk@13940 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:20:04 +00:00
c45add4199
Moving an old unnamed Microsoft exploit to the proper named exploit.
...
git-svn-id: file:///home/svn/framework3/trunk@13939 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:16:13 +00:00
3c73c3c2f8
Pile of small bug fixes for the FTP server and mixin
...
git-svn-id: file:///home/svn/framework3/trunk@13924 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 23:07:09 +00:00
0ff7f17cba
Cosmetic module and service name fixes
...
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 00:52:15 +00:00
7ae1bbbb3f
typo
...
git-svn-id: file:///home/svn/framework3/trunk@13904 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:49:36 +00:00
a0c34d1c73
Sets a session platform when using ssh_login
...
git-svn-id: file:///home/svn/framework3/trunk@13903 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:48:42 +00:00
cce4aafd9b
Tweak the snmp_login code to actually only poll response packets every 10 sent and break out of infinite loop in the case of a target going crazy and continuously replying
...
git-svn-id: file:///home/svn/framework3/trunk@13891 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 20:14:58 +00:00
53b807abee
Adding the "this file is part of" comment to the top of the module and proper comment formatting
...
git-svn-id: file:///home/svn/framework3/trunk@13886 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:36:55 +00:00
df56110dd9
Fixing $Id so that it is prefaced by a comment.
...
git-svn-id: file:///home/svn/framework3/trunk@13885 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:32:14 +00:00
667c00161d
Remembering to Propset and include $Id: $ this time. Also, switching from BSD_LICENSE to MSF_LICENSE.
...
git-svn-id: file:///home/svn/framework3/trunk@13884 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:30:25 +00:00
558894e100
Test cases don't live in the module directory
...
git-svn-id: file:///home/svn/framework3/trunk@13871 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 15:51:22 +00:00
9414747945
jruby was barfing on super(a, b, c,), so I changed the syntax and wrote a very simple unit test for rewrite_proxy_bypass.
...
git-svn-id: file:///home/svn/framework3/trunk@13870 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 13:52:39 +00:00
8f2c87fb5e
Add Beckhoff TwinCAT SCADA PLC dos module (Feature #5524 )
...
git-svn-id: file:///home/svn/framework3/trunk@13865 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 23:41:15 +00:00
dcb6de2b58
Fixes #5667 this module scans for reverse proxy servers that exhibit a misconfiguration like the one detailed in www.contextis.com/research/blog/reverseproxybypass/. By default it requests a URI of @... and checks for a 502
...
git-svn-id: file:///home/svn/framework3/trunk@13864 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 22:34:50 +00:00
568bde7aa4
Fixes #5404
...
See #5350
See #5246
See #5241
See #5173
Adds password hash dumping as loot for Postgres, MSSQL, MySQL, and several Oracle flavors of RDBMS. Thanks TheLightCosine!
git-svn-id: file:///home/svn/framework3/trunk@13854 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 17:05:01 +00:00
6ffa61b314
Apply patch for bug #5212
...
git-svn-id: file:///home/svn/framework3/trunk@13815 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 19:10:33 +00:00
612cdc8c73
No need to check if version is 'unknown' if nothing else (other than default) is assigned to it
...
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 19:12:31 +00:00
8d1763484d
Fix metadata format
...
git-svn-id: file:///home/svn/framework3/trunk@13792 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-26 03:21:37 +00:00
5d4b562e62
Add GlassFish BruteForce auxiliary module by Josh (See #5515 )
...
git-svn-id: file:///home/svn/framework3/trunk@13790 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-25 19:24:53 +00:00
d437c99919
Fixing what looks like a versioning mismatch for the XMAS scan (readreply vs probereply methods).
...
git-svn-id: file:///home/svn/framework3/trunk@13786 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-24 13:39:42 +00:00
2cb5dbdb10
fix a silly output bug, thanks mezzendo for noticing
...
git-svn-id: file:///home/svn/framework3/trunk@13785 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 22:28:11 +00:00
cdead3da54
whitespace cleanup and fix some ArgumentErrors when a field is wide, fixes #5518 , thanks Joshua Taylor
...
git-svn-id: file:///home/svn/framework3/trunk@13783 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 17:51:11 +00:00
4d850c1ee6
Adds Apache Range DoS aka Apache Killer
...
git-svn-id: file:///home/svn/framework3/trunk@13781 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 16:38:35 +00:00
5c41385284
Added aux module trendmicro_dlp_traversal.
...
git-svn-id: file:///home/svn/framework3/trunk@13772 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 07:34:53 +00:00
2d0d48a820
remove an Argument Error, Negative Number bug faced at Brucon
...
git-svn-id: file:///home/svn/framework3/trunk@13769 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-21 14:52:52 +00:00
7163710bcf
fix a typo and some whitespace, fixes #5480 . Thanks Kurt!
...
git-svn-id: file:///home/svn/framework3/trunk@13764 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 17:17:20 +00:00
f9d74b0701
Printing res code for DELETE should be optional. It's not like we can always trust it anyway.
...
git-svn-id: file:///home/svn/framework3/trunk@13763 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 00:41:42 +00:00
7c74954461
remove silly comma
...
git-svn-id: file:///home/svn/framework3/trunk@13762 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 23:06:35 +00:00
7f80ba939a
Apparently I can't speaks engrish
...
git-svn-id: file:///home/svn/framework3/trunk@13760 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 21:18:48 +00:00
ec530955ce
Checking response codes is a terrible way for HTTP modules. #5470 .
...
git-svn-id: file:///home/svn/framework3/trunk@13759 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 20:36:09 +00:00
a1675bfbc6
replaced by http_put
...
git-svn-id: file:///home/svn/framework3/trunk@13758 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 20:14:26 +00:00
8b1fd95f66
Add a module to check HTTP PUT / DELETE file access. Thanks CG! Resolves 5089.
...
git-svn-id: file:///home/svn/framework3/trunk@13755 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 01:18:23 +00:00
3dffd09875
Generic HTML data scraper
...
git-svn-id: file:///home/svn/framework3/trunk@13736 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 02:36:32 +00:00
85eb581c16
Quick fix to match service changes
...
git-svn-id: file:///home/svn/framework3/trunk@13726 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-13 06:48:07 +00:00
f8eb9e5dd4
extraneous space typo
...
git-svn-id: file:///home/svn/framework3/trunk@13722 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 19:21:21 +00:00
acae5dcdc8
Killing puts.
...
Die, puts, die!!
git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 02:42:39 +00:00
e31acef6e9
whitespace cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@13702 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-07 15:30:08 +00:00
835c5938d5
Fix typo. Thx mubix for spotting it.
...
git-svn-id: file:///home/svn/framework3/trunk@13687 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:39:47 +00:00
91c5a15eb4
Actually, this is the right fix for bug #5363
...
git-svn-id: file:///home/svn/framework3/trunk@13685 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 02:20:22 +00:00
14d2a45c5b
This fix is to make sure BLANK_PASSWORDS functions properly. See bug #5363 .
...
git-svn-id: file:///home/svn/framework3/trunk@13684 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 02:09:00 +00:00
400afbadf8
Fixes #5392 by closing the listener after accepting the connection. Fixes a number of formatting and api issues
...
git-svn-id: file:///home/svn/framework3/trunk@13682 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-02 16:19:28 +00:00
e4f74b75f8
Add a module for the rsyslog DoS (not triggerable on many platforms)
...
git-svn-id: file:///home/svn/framework3/trunk@13681 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-02 15:55:54 +00:00
5fa7ddf5f4
Move this aux module out of the exploits tree
...
git-svn-id: file:///home/svn/framework3/trunk@13657 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 15:30:13 +00:00
cacc3f237c
Added improvements to this module to use a wordlist of known sensitive files
...
git-svn-id: file:///home/svn/framework3/trunk@13654 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 03:13:22 +00:00
6853221762
Fixes #5313 by adding logging support to pivoted PXE attacks, and displaying results as the module runs.
...
git-svn-id: file:///home/svn/framework3/trunk@13646 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-27 15:46:49 +00:00
f9e651d382
Report to DB too.
...
git-svn-id: file:///home/svn/framework3/trunk@13640 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:56:22 +00:00
23b4f4ed98
Address #5313 for locally-launched PXE attacks.
...
git-svn-id: file:///home/svn/framework3/trunk@13639 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:48:33 +00:00
c8bb6a5fda
mke this module more automatic and reliable
...
git-svn-id: file:///home/svn/framework3/trunk@13632 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 00:11:20 +00:00
a38aed075c
correct some more packetfu migration bug
...
git-svn-id: file:///home/svn/framework3/trunk@13631 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 23:49:58 +00:00
5e1dd48c72
correct some bug left after packetfu migration and make this module compatible with windows
...
git-svn-id: file:///home/svn/framework3/trunk@13626 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 20:44:39 +00:00
6e2dfdee86
Oops, missing orequals.
...
git-svn-id: file:///home/svn/framework3/trunk@13620 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 19:47:37 +00:00
628d950d98
See #5029 . A reworked DTP spoofer module using PacketFu and some raw DTP bytes instead of Racket.
...
git-svn-id: file:///home/svn/framework3/trunk@13619 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 19:34:12 +00:00
98d474c875
Add BNAT Router module to properly establish and route connections to BNAT implementations
...
git-svn-id: file:///home/svn/framework3/trunk@13606 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-21 23:40:09 +00:00
adf5d7eb73
Adds the BNAT scan module for actively finding bad NAT implementations
...
git-svn-id: file:///home/svn/framework3/trunk@13602 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-21 04:46:57 +00:00
aef764de08
working on moving things referenced in Feature #653 . added different param for secure backup
...
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 18:35:29 +00:00
4c71b3f1fe
More minor touchups to nbns_response. Dropping the unused FILTER option, making SPOOFIP an OptAddress, spelling.
...
git-svn-id: file:///home/svn/framework3/trunk@13587 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 14:34:17 +00:00
392684736d
Added aux module check_dir_file.
...
git-svn-id: file:///home/svn/framework3/trunk@13578 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-18 04:10:17 +00:00
a746067089
add a reminder to deal with this and all these other unstoppable while true; do stuff; end endless run() options.
...
git-svn-id: file:///home/svn/framework3/trunk@13575 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-17 21:02:20 +00:00
7f45ed2f8d
Fixes #5109 .
...
Fixes #5198 .
Removes the not actually required rhost (as well as other pcap-provided options that don't appear useful), fixes up the debug mode to not stacktrace when parsing back the recv'ed NBNS request. Thx Brandon and Steve!
git-svn-id: file:///home/svn/framework3/trunk@13574 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-17 21:00:10 +00:00
41f4677dae
Convert the table to CSV
...
git-svn-id: file:///home/svn/framework3/trunk@13568 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 17:48:42 +00:00
83dd71c905
Add MySQL hashdump auxiliary module
...
git-svn-id: file:///home/svn/framework3/trunk@13567 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 16:28:31 +00:00
278cb5d46e
Fix indents, spaces, and stuff
...
git-svn-id: file:///home/svn/framework3/trunk@13564 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:21:11 +00:00
dd56f976f4
Fix indents
...
git-svn-id: file:///home/svn/framework3/trunk@13563 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:12:55 +00:00
1823f20a50
Add apache_userdir_enum aux module
...
git-svn-id: file:///home/svn/framework3/trunk@13562 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 05:56:55 +00:00
b39503343e
Add pop3_login aux module
...
git-svn-id: file:///home/svn/framework3/trunk@13561 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 05:51:59 +00:00
8b72de1af6
Cosmetic
...
git-svn-id: file:///home/svn/framework3/trunk@13557 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 16:51:49 +00:00
41c8f5c3a1
fix up the web_pii module
...
git-svn-id: file:///home/svn/framework3/trunk@13541 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 02:17:07 +00:00
d9bd7daed6
Add Wills Email PII module
...
git-svn-id: file:///home/svn/framework3/trunk@13540 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 02:14:30 +00:00
fe975d196f
add Web PII VSploit module
...
git-svn-id: file:///home/svn/framework3/trunk@13538 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 23:45:43 +00:00
ce9f5d8798
Fix a missing comma
...
git-svn-id: file:///home/svn/framework3/trunk@13528 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 18:14:13 +00:00
64d7721ae5
Add VSploit modules and general directory structure
...
git-svn-id: file:///home/svn/framework3/trunk@13527 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 17:43:51 +00:00
b6f845ee91
UserAgent is already an advanced option, and that's already the default
...
git-svn-id: file:///home/svn/framework3/trunk@13511 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:30:30 +00:00
4ba46cb565
get_once returns nil if the timeout hits, don't break in that case
...
git-svn-id: file:///home/svn/framework3/trunk@13510 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:28:18 +00:00
825a2747c1
remove unnecessary dup, unused var
...
git-svn-id: file:///home/svn/framework3/trunk@13509 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:27:09 +00:00
377c987c1d
report hashes captured by htp_ntlm server
...
git-svn-id: file:///home/svn/framework3/trunk@13496 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-06 14:50:15 +00:00
f8d50b7705
Applied and tested patch from Thomas Ring in bug 5206
...
git-svn-id: file:///home/svn/framework3/trunk@13490 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-04 22:55:06 +00:00
842bfdebe8
Lets just leave this here (insurance against my laptop melting down between now and tomorrow morning). Nothing to see here, move along ;)
...
git-svn-id: file:///home/svn/framework3/trunk@13483 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-03 22:58:55 +00:00
f3e4c860a7
Slow down a little bit to prevent packet loss
...
git-svn-id: file:///home/svn/framework3/trunk@13468 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-02 00:47:51 +00:00
021fa0d8cb
missed a line in the conversion to packetfu, see #5038
...
git-svn-id: file:///home/svn/framework3/trunk@13442 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-31 04:41:17 +00:00
a5e63c2ca9
Grab the instance from the query vs the ping (via TheLightCosine)
...
git-svn-id: file:///home/svn/framework3/trunk@13435 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:20:57 +00:00
c216219573
Add mssql_ping back in
...
git-svn-id: file:///home/svn/framework3/trunk@13434 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:11:53 +00:00
e916e06b6e
Closes #5142 by merging (with some small changes)
...
git-svn-id: file:///home/svn/framework3/trunk@13433 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:07:22 +00:00
486241cc99
SSH scanners shouldn't die just because they're on Windows and they try to talk to reserved addresses.
...
git-svn-id: file:///home/svn/framework3/trunk@13407 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 15:51:11 +00:00
d50577066f
remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious
...
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 22:57:47 +00:00
df52bfaa4f
Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway).
...
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:21:47 +00:00
78849b2837
check that pcaprub is loaded up front, before checking configuration options
...
git-svn-id: file:///home/svn/framework3/trunk@13376 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 18:53:59 +00:00
61645c03f2
psnuffle : apply some corrections from hdm
...
git-svn-id: file:///home/svn/framework3/trunk@13373 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:56:15 +00:00
08322fc7ea
smb capture: split creds.ptype from smb_net_hash to smb_netv1_hash and smb_netv2_hash
...
smb_netv1_hash correspond to netlmv1/netntlmv1 and netntlm2_session hash type
smb_netv2_hash correspond to netlmv2/netntlmv2 hash type
also removed the domain name from creds.user and added it to the pass column like this DOMAIN:NETLMHASH:NETNTLMHASH:CHALLENGE
git-svn-id: file:///home/svn/framework3/trunk@13372 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:53:09 +00:00
b22ca615c7
Fixes #5038 , missed a couple mentions of Racket. Excised now for sure.
...
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:44:36 +00:00
95577d3b1b
smb_net_hash instead of smb_hash
...
git-svn-id: file:///home/svn/framework3/trunk@13356 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 01:49:53 +00:00
2ed2bf59ed
don't need this option
...
git-svn-id: file:///home/svn/framework3/trunk@13355 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 01:33:35 +00:00
67a3f7bd75
same for http_ntlm capture
...
git-svn-id: file:///home/svn/framework3/trunk@13354 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 23:47:40 +00:00
8809182f62
smb capture : correct some minor bug and allow ntlm2_session hashes to be dumped in john and cain format has they can easily crack them too
...
git-svn-id: file:///home/svn/framework3/trunk@13353 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 23:36:45 +00:00
d5ce83e136
pcapreplay: use optpath
...
git-svn-id: file:///home/svn/framework3/trunk@13345 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 20:18:24 +00:00
c54e18d757
Fixes #5038 . Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
...
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
0797b585db
See #5029 . Moved these over to the unstable modules branch.
...
git-svn-id: file:///home/svn/framework3/trunk@13338 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-25 22:37:51 +00:00
5fdf482a8b
Add MSB reference
...
git-svn-id: file:///home/svn/framework3/trunk@13331 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:50:56 +00:00
067f9bf053
Fix URL reference
...
git-svn-id: file:///home/svn/framework3/trunk@13329 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:36:37 +00:00
e115e78f8d
Fix CVE
...
git-svn-id: file:///home/svn/framework3/trunk@13327 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:20:02 +00:00
410d124ec5
Change name for consistency
...
git-svn-id: file:///home/svn/framework3/trunk@13294 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 05:56:04 +00:00
465f3f2739
Update metadata
...
git-svn-id: file:///home/svn/framework3/trunk@13293 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 05:45:46 +00:00
b930b2622f
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13271 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 01:20:22 +00:00
46451acec5
add/fix some cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@13270 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 01:10:40 +00:00
88125b53b8
remove stray puts
...
git-svn-id: file:///home/svn/framework3/trunk@13268 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-20 17:11:04 +00:00
b96bf9754e
more logic fixes
...
git-svn-id: file:///home/svn/framework3/trunk@13240 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 21:19:34 +00:00
a934004a2b
Fix the loop
...
git-svn-id: file:///home/svn/framework3/trunk@13239 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 21:12:44 +00:00
bea802ea60
Fix the RPORT default
...
git-svn-id: file:///home/svn/framework3/trunk@13238 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 20:59:13 +00:00
1fda05f128
Added SIPDroid extension enumeration module - thanks nibu
...
git-svn-id: file:///home/svn/framework3/trunk@13237 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 20:42:02 +00:00
486ca773e4
unpack the bytes so that we can do proper math on them
...
git-svn-id: file:///home/svn/framework3/trunk@13226 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 17:33:02 +00:00
f3b404b971
Misspelled variable
...
git-svn-id: file:///home/svn/framework3/trunk@13196 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 14:30:06 +00:00
bd07523c35
send the fuzz case instead of a constant value. fixes #4939 , thanks Silent Dream for the patch
...
git-svn-id: file:///home/svn/framework3/trunk@13188 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 23:09:33 +00:00
c412a836ed
add VERBOSE option to all modules and vprint_* methods to use it
...
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 15:33:35 +00:00
39c20b2935
cosmetic
...
git-svn-id: file:///home/svn/framework3/trunk@13174 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 20:27:25 +00:00
ccf891c788
remove superfluous junk in print_* calls
...
git-svn-id: file:///home/svn/framework3/trunk@13171 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 19:24:07 +00:00
0318379ca8
These are not necessary options; the DHCP server has reasonably intelligent defaults. Mark them as such.
...
git-svn-id: file:///home/svn/framework3/trunk@13164 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 02:32:28 +00:00
b9c5835b5e
Touching up the ssh key login module to be smarter about duplicate user names, not be so chatty in its messaging to the console, deal with whitespace, and avoid storing duplicate keys when we don't need to.
...
git-svn-id: file:///home/svn/framework3/trunk@13162 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-13 20:51:18 +00:00
dc84ee6aab
More fixups for ssh_login_pubkey and special handlers for long strings of keys.
...
git-svn-id: file:///home/svn/framework3/trunk@13156 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-12 20:58:25 +00:00
90ced404b3
Updates to the jtr code, supports ruby 1.8.7 now, fixes #4908
...
git-svn-id: file:///home/svn/framework3/trunk@13149 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-11 01:07:46 +00:00
7754f0d8f2
This commit adds a basic "analyzer" module for creds
...
git-svn-id: file:///home/svn/framework3/trunk@13136 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-09 02:14:24 +00:00
a795dc7552
Added 2Wire Password Reset module by Travis
...
git-svn-id: file:///home/svn/framework3/trunk@13121 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 20:48:53 +00:00
0fd6c8880e
Added DoS module for kaillera, and a new 'games' folder under windows
...
git-svn-id: file:///home/svn/framework3/trunk@13118 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 19:33:55 +00:00
44d7503cc1
prefix most browser autopwn output with the address of the associated client
...
git-svn-id: file:///home/svn/framework3/trunk@13086 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-01 23:50:07 +00:00
7e02e7abd6
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13038 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 11:43:54 +00:00
2e4fd81740
add CVE-2011-0657 DoS module
...
git-svn-id: file:///home/svn/framework3/trunk@13037 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 01:17:07 +00:00
David Maloney
Joshua J. Drake
Marcus J. Carey
Marcus J. Carey
Tod Beardsley
Jon Hart
sinn3r
James Lee
HD Moore
sinn3r
Brandon Perry
Tod Beardsley
Patrick Webster
HD Moore
Steve Tornio
Rob Fuller
andurin
Matt Buck
Matt Weeks
Mario Ceballos
David Rude
Carlos Perez
Chao Mu
James Lee
amaloteaux
Jonathan Cran