Commit Graph

7144 Commits (0ed3614576a2885dae07d4a5f35bbcf4a14547a9)

Author SHA1 Message Date
sinn3r 4e6b5393c5 Merge branch 'manage_engine_sqli' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-manage_engine_sqli 2012-10-27 18:53:47 -05:00
sinn3r 320a23286a Merge branch 'warnings' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-warnings 2012-10-27 18:52:34 -05:00
sinn3r 7db7f1bfdf Merge branch 'turboftp_update' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-turboftp_update 2012-10-27 18:51:41 -05:00
sinn3r 5c23e0af7b Merge branch 'smbversion-domain-notes' of git://github.com/zombieCraig/metasploit-framework into zombieCraig-smbversion-domain-notes 2012-10-27 18:48:48 -05:00
sinn3r c015372ce0 Merge branch 'hp_operations_agent_coda_8c' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_operations_agent_coda_8c 2012-10-27 18:45:36 -05:00
jvazquez-r7 73deeacd7e deleted unnecessary http headers according to my tests 2012-10-28 00:52:52 +02:00
jvazquez-r7 b4b1b77a77 deleted unnecessary http headers according to my tests 2012-10-28 00:51:18 +02:00
jvazquez-r7 51bc806014 Added module for CVE-2012-2019 2012-10-27 22:45:37 +02:00
jvazquez-r7 bcb80431d6 Added module for CVE-2012-2020 2012-10-27 22:43:16 +02:00
zombieCraig 164321a5ed Add Domain notes to smb_version 2012-10-26 11:56:14 -04:00
Zach Grace 3746a3ef64 adding pgpass_creds post module 2012-10-25 21:30:54 -05:00
David Maloney b15c38f819 Fix output to display ip:port 2012-10-25 19:57:29 -05:00
David Maloney fb7af536d5 wtf, bad metadata
Removed extraneous references section
2012-10-25 10:16:12 -05:00
David Maloney bfbae5fbb7 Merge branch 'upstream-master' into WinRM_piecemeal
Conflicts:
	lib/msf/core/exploit/winrm.rb
2012-10-24 14:12:28 -05:00
corelanc0d3r b48e355a6d fixed typo and defined badchars 2012-10-24 20:04:54 +02:00
David Maloney a15c35091d Add the WinRM login module 2012-10-24 11:25:39 -05:00
0a2940 2f0c2d76ea remove load statements 2012-10-24 11:01:26 +02:00
0a2940 32ddd981eb linux_kernel mixin not required 2012-10-24 10:58:09 +02:00
0a2940 6d5da1662b Update modules/post/multi/escalate/metasploit_pcaplog.rb
Stance is now passive
2012-10-24 10:55:48 +02:00
sinn3r ede5d0f46b This is meant to be a warning, so we use print_warning 2012-10-24 00:55:54 -05:00
sinn3r 799c22554e Warn user if a file/permission is being modified during new session 2012-10-24 00:54:17 -05:00
sinn3r f1423bf0b4 If a message is clearly a warning, then use print_warning 2012-10-24 00:44:53 -05:00
sinn3r b3e02f119c Merge branch 'payload_ambiguity' of git://github.com/bonsaiviking/metasploit-framework into bonsaiviking-payload_ambiguity 2012-10-23 22:30:47 -05:00
sinn3r 8eb790f62c Final touchup 2012-10-23 19:46:09 -05:00
sinn3r f9bb910c3b Make the check() try SQLI 2012-10-23 19:42:36 -05:00
sinn3r 8c5a73bb7f Change exception handling 2012-10-23 19:34:12 -05:00
sinn3r 90542547c6 Add auto-target, and some changes to cleanup 2012-10-23 19:07:13 -05:00
sinn3r 18fb30074a Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-10-23 16:33:38 -05:00
sinn3r 77c8548855 Merge branch 'dmaloney-r7-WinRM_piecemeal' 2012-10-23 16:33:16 -05:00
Tod Beardsley be9a954405 Merge remote branch 'jlee-r7/cleanup/post-requires' 2012-10-23 15:08:25 -05:00
Michael Schierl 910644400d References EDB cleanup
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
sinn3r 22223d5d81 Better cleanup abilities 2012-10-23 13:58:19 -05:00
Michael Schierl 21f6127e29 Platform windows cleanup
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
2012-10-23 20:33:01 +02:00
James Lee 9c95c7992b Require's for all the include's 2012-10-23 13:24:05 -05:00
sinn3r 4c41319c7c Remove unused vars 2012-10-23 12:55:43 -05:00
sinn3r bef4539915 Update description 2012-10-23 12:47:46 -05:00
sinn3r 3ff888a5c0 Move to 'multi' because it supports windows and linux 2012-10-23 12:41:51 -05:00
sinn3r 5f088fa718 Remove default platform 2012-10-23 12:41:17 -05:00
sinn3r e05d353e8a Add Linux support 2012-10-23 12:40:13 -05:00
Daniel Miller 8deead3bd2 Fix payload ambiguity with php/bind_tcp_ipv6 stager
Was seeing this in framework.log:

[w(0)] core: The module php/meterpreter/bind_tcp is ambiguous with
php/meterpreter/bind_tcp.

Added handler_type_alias based on windows/bind_ipv6_tcp stager.
2012-10-23 12:31:14 -05:00
sinn3r bc3472a9b9 Randomize variable names 2012-10-23 11:41:53 -05:00
sinn3r 923ffe277d Write EXE to JSP instead of using a TCPServer 2012-10-23 11:32:09 -05:00
sinn3r 33ce74fe8c Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1 2012-10-23 02:10:56 -05:00
sinn3r e5ec51a780 Rename file for consistency 2012-10-23 02:05:55 -05:00
sinn3r 669d22c917 Final improvements 2012-10-23 02:05:08 -05:00
David Maloney 2335c582c3 Null response handling 2012-10-23 00:25:31 -05:00
sinn3r 5072156df6 Designed specifically for Windows, so let's move to Windows
Plus additional fixes
2012-10-22 23:01:58 -05:00
sinn3r 2484bb02cf Add the initial version of the module
From EDB.
2012-10-22 22:41:30 -05:00
James Lee b2db3e133d Rescue when the service is crashed
Failed exploit attempts leave the service in a state where the port is
still open but login attmempts reset the connection. Rescue that and
give the user an indication of what's going on.
2012-10-22 17:57:30 -05:00
Tod Beardsley a9def564e7 Add a missing post require 2012-10-22 17:18:14 -05:00
David Maloney e08cedec2e Requested revisions/cleanup
minor fixes to spacing, some typos, and abse64 switched to Rex
2012-10-22 17:01:00 -05:00
Rob Fuller 7437d9844b standardizing author info 2012-10-22 17:01:58 -04:00
Michael Schierl 5b18a34ad4 References cleanup
Uppercase MSB, spaces in URLs.
2012-10-22 22:37:01 +02:00
Michael Schierl f9ac55c221 Infohash key cleanups
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
James Lee 12de87e682 Merge branch 'rapid7' into mubix-remove_delicious
[Closes #946]
2012-10-22 14:18:05 -05:00
Michael Schierl e9f7873afc Version cleanup
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Rob Fuller 49948faa9b remove non-functional enum_delicious module 2012-10-22 14:46:52 -04:00
Michael Schierl 04a6021631 Privileged cleanup: auxiliary modules can't 2012-10-22 20:36:49 +02:00
Michael Schierl 39e81d3e53 Arch/Platform cleanup: aux modules need neither 2012-10-22 20:28:02 +02:00
Michael Schierl e769abc868 Platform cleanup: platform should be lowercase 2012-10-22 20:14:39 +02:00
Michael Schierl 657d527f8d DisclosureDate cleanup: Try parsing all dates
Fix all dates unparsable by `Date.strptime(value, '%b %d %Y')`
2012-10-22 20:04:21 +02:00
Michael Schierl 70ac7c8345 Author cleanup: fix unmatched angle brackets 2012-10-22 19:45:27 +02:00
Michael Schierl d337d5204b Author cleanup: One module did not have an author 2012-10-22 18:38:18 +02:00
sinn3r 469f04d3c4 Merge branch 'mubix-dns_postmods' 2012-10-22 02:04:46 -05:00
sinn3r a3c86f386b Merge branch 'dns_postmods' of git://github.com/mubix/metasploit-framework into mubix-dns_postmods 2012-10-22 01:57:21 -05:00
Rob Fuller d5bb7b1e5b Fix all-inclusive rescue on resolve_hostname as well 2012-10-22 02:32:51 -04:00
Rob Fuller 6a281b22c4 Fix all-inclusive rescue per @wchen-r7 suggestion 2012-10-22 02:22:56 -04:00
sinn3r 997d5b9a22 Merge branch 'post_enum_proxy' of git://github.com/mubix/metasploit-framework into mubix-post_enum_proxy 2012-10-22 00:45:06 -05:00
sinn3r 716f4ab3d2 Merge branch 'post_clone_proxy' of git://github.com/mubix/metasploit-framework into mubix-post_clone_proxy 2012-10-22 00:41:36 -05:00
sinn3r e6df113a05 Merge branch 'dns_postmods' of git://github.com/mubix/metasploit-framework into mubix-dns_postmods 2012-10-21 23:44:50 -05:00
Rob Fuller 84d1c2315c change to OptPath 2012-10-21 22:27:20 -04:00
sinn3r ad9946689e Update description 2012-10-21 16:40:01 -05:00
sinn3r 1821c11369 Code cleanup 2012-10-21 16:40:01 -05:00
sinn3r c404b72d08 Doesn't make a lot of sense setting DefaultTarget to an older one 2012-10-21 16:40:01 -05:00
lincoln@corelan.be c7d12d94b7 turboftp exploit 2012-10-21 16:40:00 -05:00
Rob Fuller 5f99f27899 add proxy setting cloning module 2012-10-21 03:13:35 -04:00
Rob Fuller 86c73e92d4 Add ability to remotely start registry for read 2012-10-21 01:34:34 -04:00
Rob Fuller 431dc31eac proxy parsing post module 2012-10-20 23:25:40 -04:00
Rob Fuller a16e3704d8 fix HOSTFILE parsing issues 2012-10-20 18:10:51 -04:00
Rob Fuller fedef90937 Add PTR lookups and extend A to support list in file 2012-10-20 11:32:23 -04:00
sinn3r ae690f5fd3 Remove that extra "," that breaks Ruby 1.8 2012-10-20 02:11:49 -05:00
David Maloney 7866b61a7e Typo fix 2012-10-20 00:31:35 -05:00
David Maloney 56cbe6a67e Some minor fixups 2012-10-19 15:25:03 -05:00
David Maloney 3a8dd261ae WinRM mixin and basic discovery module 2012-10-19 15:08:58 -05:00
jvazquez-r7 4ad6fcc30e osvdb added 2012-10-19 17:04:47 +02:00
Ewerson Guimaraes (Crash) 4d80e37741 NTP Clock Variables Disclosure 2012-10-18 20:03:28 -03:00
jvazquez-r7 291ad27a69 Merge branch 'msftidy_police' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-msftidy_police 2012-10-18 11:32:55 +02:00
Tod Beardsley cbce2c0fd5 Loop management, timeouts, and verbosity
Add a todo for cred recording. Allow the user to determine when to give
up. Changes while true to simply loop. Clear up some of the boolean
checks. Inform the user what's going on.
2012-10-17 17:30:30 -05:00
sinn3r 0675a6171b Cosmetic changes 2012-10-17 17:30:16 -05:00
sinn3r 201518b66f msftidy corrections 2012-10-17 17:22:26 -05:00
jvazquez-r7 7b1c35624e Merge branch 'mssql_ntlm_stealer' of https://github.com/nullbind/metasploit-framework into nullbind-mssql_ntlm_stealer 2012-10-17 22:50:54 +02:00
jvazquez-r7 1f55e02535 minor cleanup 2012-10-17 22:21:28 +02:00
jvazquez-r7 4c6b331bdc Merge branch 'mssql_ntlm_stealer_sqli' of https://github.com/nullbind/metasploit-framework into nullbind-mssql_ntlm_stealer_sqli 2012-10-17 22:21:00 +02:00
jvazquez-r7 3bd84e255f minor cleanup 2012-10-17 22:06:47 +02:00
jvazquez-r7 848f0cd899 Merge branch 'module-lantronix_telnet_password' of https://github.com/jgor/metasploit-framework into jgor-module-lantronix_telnet_password 2012-10-17 22:06:25 +02:00
jgor 9af727388f deleted superfluous code and comments 2012-10-17 14:27:00 -05:00
jvazquez-r7 12e2ff9bb5 proposed cleanup 2012-10-17 19:03:28 +02:00
sinn3r e30b5b417a Merge branch 'master' of git://github.com/sput-nick/metasploit-framework into sput-nick-master 2012-10-17 10:35:11 -05:00
sput-nick 60dc83748c Update modules/exploits/windows/browser/mozilla_mchannel.rb 2012-10-17 12:25:44 -03:00
jvazquez-r7 16e2a2e050 fix title for the apache activemq source disclosure mod 2012-10-17 17:23:56 +02:00
James Lee 1a0e53dcbb Merge branch 'jvazquez-r7-osx_x86_exec_prepend' into rapid7
[Closes #919]
2012-10-16 16:50:15 -05:00
nullbind c52b834f50 updated name and description 2012-10-16 14:37:02 -05:00
nullbind d8c2aa9796 added mssql ntlm stealer for sqli 2012-10-16 14:26:10 -05:00
James Lee 9ee3a14a5a Merge branch 'rapid7' into wchen-r7-smb_login_smb_login_handling
[Closes #913]
2012-10-16 13:08:11 -05:00
nullbind fafa6e49ce address comments from jvazquez 2012-10-16 12:10:37 -05:00
jvazquez-r7 6f227dddff Related to #885 , allow Prepend* for osx/x86/exec payload 2012-10-16 16:26:18 +02:00
sinn3r e583847a31 I missed this sucker. 2012-10-15 22:02:26 -05:00
James Lee 52feae2dcd Add missing require
[FixRM #7345]
2012-10-15 17:18:04 -05:00
sinn3r 8e668e2808 Check STATUS_ACCESS_DENIED properly
When Samba throws STATUS_ACCESS_DENIED, the exception that's
throwin is actually Rex::Proto::SMB::Exception::ErrorCode, not
as LoginError.  It was handled correctly in try_user_pass(), but
not in other functions that also use smb_login().
2012-10-15 16:52:34 -05:00
Tod Beardsley 9192a01803 All exploits need a disclosure date. 2012-10-15 16:29:12 -05:00
nullbind 553ce82e79 added mssql ntlm stealer 2012-10-15 13:29:51 -05:00
jvazquez-r7 29299b29a5 Added modules for CVE-2012-4933 2012-10-15 16:03:19 +02:00
Tod Beardsley adfced8d0e Post require on gpg_creds 2012-10-15 06:58:35 -05:00
jvazquez-r7 2acfb0537c Merge branch 'ajaxplorer' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ajaxplorer 2012-10-15 08:30:08 +02:00
sinn3r 529f88c66d Some msftidy fixes 2012-10-14 19:16:54 -05:00
sinn3r 97ac7fa184 Merge branch 'module-wle-service-permissions' of git://github.com/zeroSteiner/metasploit-framework 2012-10-14 18:27:32 -05:00
sinn3r e00dbfcc0d You mean.. FILEPATH. 2012-10-14 18:18:11 -05:00
sinn3r 2f04fdd71a Merge branch 'apache_activemq_traversal' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-apache_activemq_traversal 2012-10-14 18:16:41 -05:00
jvazquez-r7 d971abaeb9 deleted extra comma 2012-10-14 22:39:07 +02:00
jvazquez-r7 14bd0373d3 deleted extra space 2012-10-14 22:38:14 +02:00
jvazquez-r7 ac6a4c9283 Added module for CVE-2010-1587 2012-10-14 22:36:02 +02:00
jvazquez-r7 2b644dbc45 added module for Apache ActiveMQ directory traversal 2012-10-14 22:30:38 +02:00
jgor 79da6c7186 added Lantronix telnet password recovery module 2012-10-14 12:46:52 -05:00
sinn3r cedcace1a7 Forgot to change the output variable
Because the original script used match()
2012-10-14 11:43:33 -05:00
sinn3r cc303665e8 Credit 2012-10-13 00:42:44 -05:00
sinn3r 5b2998a121 Add OSVDB-63552 AjaXplorer module (2010) 2012-10-13 00:35:48 -05:00
sinn3r 7196ca5b5e Fix bad indent 2012-10-12 18:35:05 -05:00
Raphael Mudge 7aa6776e4b let's not rejoin threads we've already joined. 2012-10-12 17:12:42 -04:00
Raphael Mudge 694eacfc4b performance fix for host discovery post modules 2012-10-12 16:43:42 -04:00
Spencer McIntyre f5302bfc49 add deprication warning to the original module 2012-10-12 13:49:25 -04:00
James Lee 90ae5c1178 Add PhpEXE support to RateMyPet module 2012-10-12 04:53:01 -05:00
James Lee db12413b09 Convert vcms_upload to use PhpEXE
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
James Lee 13a5892e95 Add a mixin for uploading/executing bins with PHP
And use it in three modules that had copy-paste versions of the same
idea.
2012-10-12 02:57:41 -05:00
Spencer McIntyre 3ab24cdbb9 added exploits/windows/local/service_permissions 2012-10-11 22:42:36 -04:00
James Lee 0adabb1e06 Merge branch 'wchen-r7-projectpier' into rapid7
[Closes #889]
2012-10-11 18:32:04 -05:00
sinn3r 55c0cda86c Merge branch 'fix_vprint_reduceright' of git://github.com/kernelsmith/metasploit-framework into kernelsmith-fix_vprint_reduceright 2012-10-11 16:55:52 -05:00
kernelsmith c911eeece2 change vprint_error to print_error
exploits/windows/browser/mozilla_reduceright does not tell you when an
incompatible browser connects like most other browser exploits do
(unless verbose is true).  This change just changes the vprint to print
to be more consistent w/other browser exploits
2012-10-11 16:51:17 -05:00
sinn3r 9ea208d129 Oops, overwrote egypt's changes by accident 2012-10-11 16:40:52 -05:00
sinn3r 82eaa322fe Make cleanup work better 2012-10-11 16:39:54 -05:00
James Lee 3a66a07844 Proposed re-wording of description
[See #889]
2012-10-11 15:48:04 -05:00
sinn3r 24980e735b I found an OSVDB ID 2012-10-11 15:28:07 -05:00
sinn3r 55128f5bb3 Make sure res has value before passing it on to exec_php 2012-10-11 14:43:38 -05:00
sinn3r 033a11eff5 Add Project Pier File Upload Vulnerability 2012-10-11 13:47:40 -05:00
sinn3r b8e880bf82 Merge branch 'post-module-sdel' of https://github.com/bmerinofe/metasploit-framework into bmerinofe-post-module-sdel 2012-10-10 13:42:20 -05:00
sinn3r 1ea73b7bd2 Small description change and favor the use of print_error 2012-10-10 13:37:23 -05:00
jvazquez-r7 f32ce87071 delete comment added by error 2012-10-10 19:32:25 +02:00
jvazquez-r7 13e914d65e added on_new_session handler to warn users about cleanup 2012-10-10 19:31:38 +02:00
jvazquez-r7 37dc19951b Added module for ZDI-12-169 2012-10-10 19:14:54 +02:00
Borja Merino 21d1a5857a Adding Iterations options 2012-10-10 12:32:30 +02:00
Borja Merino 7b45ef6038 Applying changes. Blocks -Begin .. End- deleted 2012-10-09 21:52:49 +02:00