infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,815 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

2725 Commits (0ae489b37b34abe3f2fabeeb65deb83922d1c800)

Author SHA1 Message Date
David Maloney ac6fdf24a2 Fix winrm mixin from revert merge 2013-02-19 22:01:43 -06:00
David Maloney b2563dd6c2 trying to clean up the mess from the revert 2013-02-19 21:25:37 -06:00
James Lee aea76a56de Add some docs to FtpServer 2013-02-13 14:39:19 -06:00
Tod Beardsley 8ddc19e842 Unmerge #1476 and #1444 
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.

First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.

FixRM #7752
 2013-02-11 20:49:55 -06:00
James Lee 5b3b0a8b6d Merge branch 'dmaloney-r7-http/auth_methods' into rapid7 2013-02-08 12:45:35 -06:00
James Lee 2b3c8a68ad Merge remote-tracking branch 'tasos-r7/feature/web_http_request_opts_override' into rapid7 2013-02-08 12:45:02 -06:00
James Lee d2c7dbe160 Merge remote-tracking branch 'wchen-r7/type_error_dir_scanner' into rapid7 2013-02-08 12:39:08 -06:00
sinn3r 8798567d79 Fix bug: TypeError can't convert Fixnum into String 
wmap_target_port is retrieved from datastore['RPORT'], and that's a
Fixnum. But wmap_base_url is treating that like a String, so when a
module uses that function, it's doomed.

See:
http://dev.metasploit.com/redmine/issues/7748
 2013-02-08 12:05:27 -06:00
James Lee 071df7241b Merge branch 'rapid7' into sonicwall_gms 
Conflicts:
	modules/exploits/multi/http/sonicwall_gms_upload.rb

Adds a loop around triggering the WAR payload, which was causing some
unreliability with the Java target.
 2013-02-07 21:53:49 -06:00
James Lee e535a3e93f Guard against running broken method on non-windows 
This just puts a bandaid around the issue and makes it so FileDropper
doesn't completely break java and posix meterpreter sessions.

[SeeRM #7721]
 2013-02-07 21:10:27 -06:00
James Lee 16a0ab1933 Fix comment link and some whitespace 2013-02-07 18:37:11 -06:00
James Lee 13d1045989 Works for java and native linux targets 2013-02-07 16:56:38 -06:00
Tasos Laskos b3e828359d Web::HTTP#_request: allow Rex opt level overrides 
Allow overriding options at the Rex level when performing requests
via the Auxiliary::Web::HTTP wrapper.
 2013-02-06 01:02:46 +02:00
David Maloney 877fb017b6 remove negotiate requirements 
winrm can support basic, and now these modules can too, for free
 2013-02-04 16:50:43 -06:00
David Maloney 44d4e298dc Attempting to cleanup winrm auth 2013-02-04 15:48:31 -06:00
David Maloney c71b803413 Add invisible auth to web crawler 
the anemone web crawler now properly supports our invisible auth scheme
for rex http.
 2013-02-04 14:38:08 -06:00
David Maloney 413c37e506 Add invisible auth to Web::HTTP 
add the invisible auth support to tasos' http class
 2013-02-04 13:39:40 -06:00
David Maloney 0c57026065 Remove junk added earlier 
i added junk to tasos' class when we were going to attempt this a
different way. housekeeping to clean it up
 2013-02-04 13:13:08 -06:00
David Maloney 8d013d1034 Merge branch 'master' into http/auth_methods 2013-02-04 13:11:57 -06:00
David Maloney 9497e38ef7 Fix http login scanner 
Fix the http_login scanner to use new buitin auth
 2013-02-04 12:31:19 -06:00
HD Moore 797e2604a0 Fix missing require in reverse_tcp_ssl 2013-02-03 17:41:45 -06:00
RageLtMan ffb88baf4a initial module import from SV rev_ssl branch 2013-02-03 15:06:24 -05:00
HD Moore c3801ad083 This adds an openssl CMD payload and handler 2013-02-03 04:44:25 -06:00
David Maloney 61969d575b remove mixin require, more datastore clenaup 2013-02-01 15:12:11 -06:00
David Maloney efe0947286 Start fixing datastore options 2013-02-01 15:12:11 -06:00
David Maloney ef1fc58e5e Remove mixin, start moving into Rex 
move auth awareness into rex itself
 2013-02-01 15:12:11 -06:00
David Maloney c407fa9e74 add mixjn 2013-02-01 15:12:11 -06:00
David Maloney 5814c59620 move httpauth to mixin 
HttpAuth stuff gets it's own little mixin
mix it in to Exploit::Http::Client
mix in it to Auxiliary::Web::HTTP
 2013-02-01 15:12:10 -06:00
David Maloney 8e870f3654 merge in sinn3r's changes 2013-02-01 15:12:10 -06:00
sinn3r 95cc84f5e8 Updates normalize_uri() 
This function should not remove the trailing slash, because you may
end up getting a different HTTP response.  The new function also
allows multiple URIs as argument, and will just merge & normalize
them together. [SeeRM #7733]
 2013-01-30 15:42:21 -06:00
Tod Beardsley 6002e35460 Merge pull request #1397 from wchen-r7/target_uri_fix 
normalize_uri fixes (double slashes and trailing slash)
 2013-01-29 11:26:30 -08:00
Tod Beardsley c42d4a6617 Merge for CVE-2013-0156 RoR Exploit 
Also massages the RUBY payload.
 2013-01-28 23:06:05 -06:00
James Lee 92c736a6a9 Move fork stuff out of exploit into payload mixin 
Tested xml against 3.2.10 and json against 3.0.19
 2013-01-28 21:34:39 -06:00
sinn3r 9a58b7b732 Fix normalize_uri() function 
This will make sure all the double slashes are gone.  Also, the
function description is updated to clarify its purpose.
 2013-01-28 12:10:21 -06:00
James Lee 3fc9b5d636 Doc cleanup 2013-01-28 00:01:45 -06:00
Tod Beardsley 2965fa480e Some errant spaces 2013-01-25 05:41:28 -06:00
Tasos Laskos a081389f86 Auxiliary::Web, Exploit::Remote::Web: style updates 2013-01-29 03:08:53 +02:00
Tasos Laskos 76e0305dcf Merge remote-tracking branch 'upstream/master' into web-modules 2013-01-29 01:06:26 +02:00
Tasos Laskos 9aaca2eae9 Auxiliary::Web::HTTP: updated exception handling 
[FIXRM #7724]

Updated #run and #_requestto rescue and elog all exception.
 2013-01-24 22:07:17 +02:00
Tasos Laskos 477ab65d55 Exploit::Remote::Web: added #tries method 
#tries method indicates how many times we should run a module until
we establish a session.
 2013-01-23 23:05:22 +02:00
Tasos Laskos 33e9f182bd Merge remote-tracking branch 'upstream/master' into web-modules 2013-01-22 23:43:25 +02:00
Tasos Laskos 6b5c6c3a0c Auxiliary::Web::Analysis::Differential 
Removed payload option from #process_vulnerability call
 2013-01-22 23:41:36 +02:00
Tasos Laskos 0d564c1ce8 Auxiliary::Web::Analysis::Timing 
Updated to pick the largest matching payload from the payload list.
 2013-01-22 23:40:30 +02:00
Tasos Laskos f2beb5bf19 Auxiliary::Web#process_vulnerability: payload fix 
Updated to pick the largest matching payload from the payload list.
 2013-01-22 23:39:16 +02:00
Tasos Laskos fed4a836c6 Updated proof string for Web Differential Analysis 
Manipulatable responses => Boolean manipulation
 2013-01-22 20:29:57 +02:00
Raphael Mudge 4740cb09a1 Fix NoMethodError if handler has no ParentModule 
db.rb assumes that multi/handler sessions have a ParentModule defined
in their datastore. This assumption breaks when a user sets up a
multi/handler by hand to receive a session from another user (e.g.,
via multi_meter_inject).

When db.rb tries to access a member of a nil ParentModule, a
stacktrace is dumped to framework.log.
 2013-01-22 02:56:43 -05:00
jvazquez-r7 b2c7223108 Cleanup for mysql_file_enum.rb 2013-01-21 12:26:35 +01:00
Robin Wood 23d1eb7a80 File/dir brute forcer using MySQL 2013-01-20 21:23:58 +00:00
kernelsmith 6e8e7a407d adds a .nil? check as well 2013-01-17 00:30:58 -06:00
kernelsmith 7090a4a82f adds check for empty data b4 sending to parser [RM7269] 
[fixes RM7269]
we discussed the solution to this bug a lot on IRC and in the ticket
itself, the consensus was to fix it as far upstream as possible before
sending to the parsers so as to avoid any future bugs of the same
nature, so this commit adds a check to import_nmap_xml to see if the
data is empty before passing it on to the parser, whether that parser
is nokogiri or the legacy parser.
db_nmap -h now produces the expected output and db_nmap still works as
expected.
 2013-01-17 00:18:13 -06:00