infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,507 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1654 Commits (13069990eb5ee5da8b749bf629b4e34c488fa749)

Author SHA1 Message Date
Tod Beardsley aecde6fea4 Updating TFTP client. Now with grown-up thread handling. 
No longer blocks on successful connections.
 2011-12-19 12:14:40 -06:00
Tod Beardsley 902d7f5ea7 Adding more to TFTP. Still need a read tho 
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.

Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
 2011-12-18 21:05:27 -06:00
Tod Beardsley 23aadd04f7 Fixing merge conflict cruft 
Dangit teach me to merge quickly. TFTP module now loads again.
 2011-12-18 13:28:52 -06:00
Tod Beardsley 1201d7fbf2 Merge branch 'tftp_client' of github_r7:rapid7/metasploit-framework into tftp_client 
Conflicts:
	modules/auxiliary/admin/tftp/tftp_upload_file.rb
 2011-12-16 22:41:22 -06:00
Tod Beardsley 0b8914021c Switch to vprint_status, also add skeletal cleanup def. 2011-12-16 21:06:10 -06:00
Tod Beardsley 50fa10679b First draft of a TFTP client. 
Could use some actual error checking and also needs to expose
more options.
 2011-12-16 18:41:55 -06:00
Tod Beardsley a6867ef128 First draft of a TFTP client. 
Could use some actual error checking and also needs to expose
more options.
 2011-12-16 18:39:09 -06:00
Patrick Webster 205637892b Added checkpoint_hostname aux module. 2011-12-16 10:54:34 -06:00
sinn3r bb2ea62de8 Add CVE-2008-0926: Novell eDirectory eMBox Unauthenticated Access (Feature #2729) 2011-12-15 23:09:26 -06:00
sinn3r 7b2a1dc791 Repair dead milw0rm link to exploit-db 2011-12-13 16:11:33 -06:00
sinn3r a5189917da Add CVE-2005-4832: Oracle Database Server DBMS_CDC_SUBSCRIBE SUBSCRIPTION_NAME SQL Injection (Feature #6094) 2011-12-13 15:44:39 -06:00
Tod Beardsley f402b8598b Whitespace and File.open binary mode cleanups. 
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
 2011-12-12 17:31:28 -06:00
Tod Beardsley b4f58ef8fd Trailing commas kill 1.8. dangit. 
Fixed dns_fuzzer to knock that off.
 2011-12-12 10:26:53 -06:00
HD Moore 4736cb1cbe Merge pull request #48 from swtornio/master 
add osvdb ref
 2011-12-11 20:37:43 -08:00
HD Moore a9db05e53b Fix regular expression 2011-12-10 13:24:58 -06:00
HD Moore cd4d7d3c47 Handle IPv6 properly (host header parsing) 2011-12-10 13:24:58 -06:00
Steve Tornio 25685c4c74 add osvdb ref 2011-12-10 08:07:21 -06:00
Tod Beardsley 8ccb68c9df Adding an add_socket() to dhcp and rftp as lauched with a survice 
when succesful.

Closing the related pull reuquest for this one.
 2011-12-10 03:39:25 -06:00
Tod Beardsley e52436e7ad Drop the incorrect Id keyword from h323_version 2011-12-09 14:29:55 -06:00
sinn3r d6d9ac17d2 use store_loot() instead of store_local() 2011-12-08 11:10:31 -06:00
sinn3r c366e652b9 Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()" 
This reverts commit d37daa4934.
 2011-12-08 10:11:09 -06:00
sinn3r d37daa4934 Using store_local() to store stuff for dir traversal bugs feels much better than store_loot() 2011-12-07 19:08:24 -06:00
sinn3r aa5c0c46b6 Fix indent level 2011-12-07 18:44:49 -06:00
sinn3r feab7f5077 Add CVE-2011-4350 2011-12-07 18:42:52 -06:00
sinn3r b7ccbcd6b5 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-07 12:23:23 -06:00
sinn3r 84682b3615 Apply patch #6072 2011-12-07 12:22:58 -06:00
HD Moore b8767d5f57 Fix typo on 1.8.7 2011-12-07 10:45:23 -06:00
Tod Beardsley f1950c2fe1 Adding back bitstruct (current upstream) and dns_fuzzer module 
Fixes #3289.

This commit adds back the bit-struct library because in the end,
it is useful for some modules, especially pello's. It's small
and it has a nice license, so why not. After all, it /is/
useful for quicky application headers. Eventually, should
be replaced by StructFu, but that requires some doc work
on my part to get that transition in place.

This also adds pello's DNS fuzzer module which makes use of
BitStruct to create sometimes malformed-on-purpose DNS headers.

Tested against 3 different DNS servers, caused one to reboot,
so I'd say it works.
 2011-12-06 17:03:36 -06:00
sinn3r 0bbbcd549d Add port information, and allow search in data 2011-12-05 22:22:36 -06:00
Tod Beardsley 84af4647db Merge branch 'issue_1083_oracle' 2011-12-05 17:39:46 -06:00
Tod Beardsley 4da2c32734 Minor update to xdb_side_brute, see #1083 
Adds a typo fix and adds an explicit VERBOSE option.
 2011-12-05 15:11:09 -06:00
HD Moore dbd00efefe Merge branch '4.3-schema' 2011-12-05 15:04:35 -06:00
sinn3r 37516134f0 FILTER shouldn't be case-sensitive 2011-12-05 13:19:04 -06:00
HD Moore 97087d88fa Mark portscan modules as v6 incompatible 2011-12-05 13:07:36 -06:00
HD Moore cf28713f9a Mark specific modules as incompatible due to use of quad-dot code 2011-12-05 13:07:36 -06:00
sinn3r fd2eb200fb Add Shodan Search Module (Feature #5451) 2011-12-05 12:50:21 -06:00
sinn3r 3cd2caca1a Fix #6052 2011-12-04 13:49:13 -06:00
Steve Tornio f63a616739 add osvdb ref 2011-12-04 07:48:48 -06:00
sinn3r 2720572a37 Add IPSwitch Whatsup Gold TFTP directory traversal module 2011-12-03 18:46:34 -06:00
HD Moore dbe7e6aecf Remove a leftover debugging statement 2011-12-02 00:06:04 -06:00
HD Moore 9f99cfc757 Convert the h323 module to MSF_LICENSE (backport from Pro) 2011-12-01 16:01:01 -06:00
HD Moore 3e5e9a910e Add h323 scanner 2011-12-01 16:01:01 -06:00
David Maloney 40ab37fa10 Merge branch 'iss5979' 2011-11-30 12:16:33 -08:00
sinn3r 897731f3a5 Check creds (feature #6025). Also bringing the 'Inbox' regex back 2011-11-29 11:01:39 -06:00
Tod Beardsley f503bd9488 Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append. 2011-11-28 17:52:34 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
sinn3r 3a84c31326 Using a better regex for a successful login. Thanks Borys. 2011-11-28 14:29:42 -06:00
sinn3r bc541c118d Apply patch #6020 2011-11-28 14:16:24 -06:00
sinn3r 5165865560 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-28 14:07:19 -06:00
sinn3r 59ab0c3a18 Fix bug #6021, Thanks Borys 2011-11-28 14:06:56 -06:00
Tod Beardsley 44a47f9913 Fixing up OWA bruteforce module to conform with the usual print_status 
messages.
 2011-11-28 13:31:54 -06:00
sinn3r a578db7f56 Apply fix for #6019 2011-11-28 01:12:18 -06:00
sinn3r ebfe269698 Apply patch for #5824 2011-11-26 16:52:12 -06:00
sinn3r 5e08c93ac9 Apply patch #5580 2011-11-26 15:32:43 -06:00
sinn3r b7950a752e Add feature #4929 (MS09-053) 2011-11-26 13:30:35 -06:00
David Maloney c61d02686a HTTP login scanners need to set duplicate_ok to true 
or different web applications on the same server
may wipe eachother's creds out.
 2011-11-22 13:04:10 -08:00
David Maloney 9d7f7b1f0e Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-22 11:53:14 -08:00
David Maloney 9e40fac8b1 Added a check to the Axis login scanner to ensure 
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
 2011-11-22 11:52:06 -08:00
sinn3r 25f4b45bd1 Apply patch #6004 2011-11-22 13:07:46 -06:00
David Maloney f81567fb6f Fix to typo in the tables being pushed. 2011-11-21 15:49:57 -08:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
David Maloney ff22246119 Attempt to fix #5979 2011-11-18 12:53:35 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive. 
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
 2011-11-14 22:50:52 -08:00
Tod Beardsley 96d2209ca2 Minor fixups for trace report_note patch 2011-11-14 10:40:11 -06:00
andurin 5d5c9464cc Do some report_note while TRACE detection 2011-11-14 12:10:53 +01:00
Andurin 71599f5ef9 Fix sqlmap aux to work with actual sqlmap.py 
Commit relates to IssueID #5807
 2011-11-13 09:18:33 +01:00
sinn3r e4ebb890d8 Apply patch for bug #5963 2011-11-12 13:17:26 -06:00
sinn3r 62fdbd549c no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder. 2011-11-11 15:37:47 -06:00
sinn3r 2d940e2c91 Apply patch #5952 2011-11-11 14:58:17 -06:00
sinn3r 35f84f5e42 yo, ruby 1.8 fix 2011-11-11 11:38:28 -06:00
sinn3r fdef66f2bf yo, ruby 1.8 fix 2011-11-11 11:38:08 -06:00
sinn3r e972234629 yo, owa bruteforce utility in the house (Feature #4725) 2011-11-11 11:23:35 -06:00
David Maloney c30d98093f Merge branch 'iss5426' 2011-11-10 20:39:48 -08:00
David Maloney c984ea41d1 Quick fix to cred sourcing to eliminate spaces in the source type 2011-11-10 20:39:13 -08:00
HD Moore 43fa2c3d1b Add a gitignore and delete the broken file_autopwn code. Fixes #4964 2011-11-10 20:11:53 -06:00
wchen-r7 3a328e1a1c Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-10 16:09:35 -06:00
wchen-r7 b761c6a9cc Add feature #5933 2011-11-10 16:09:03 -06:00
HD Moore d75e4aead3 Cosmetic changes 2011-11-10 15:45:02 -06:00
Steve Tornio 0c36915dae add osvdb ref 2011-11-10 13:24:26 -06:00
wchen-r7 453082678f Add CVE-2010-1871 (Feature #5922) 2011-11-10 10:21:17 -06:00
Matt Buck 16f45fc894 Add empty directories from svn repo. 2011-11-09 18:41:40 -06:00
Wei Chen 9ff5eabb4b Fix #4915 
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 08:51:47 +00:00
David Maloney a88f954640 More Cred Sourcing 
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 01:49:57 +00:00
David Maloney aa4f6c1cae More cred sourcing fixes 
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 18:45:47 +00:00
David Maloney cdbe7bc587 Multiple fixes to cred reporting on this module 
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 17:25:39 +00:00
Wei Chen 16fc275853 whitespace cleanup 
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 16:09:31 +00:00
Patrick Webster 77a3edbb4f Added squiz_matrix_user_enum aux module. 
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 03:14:39 +00:00
Wei Chen ad94bae78f Fix bug #5923 
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 17:52:02 +00:00
Wei Chen 7ffcf62a2e Add #5364 
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 17:34:42 +00:00
Wei Chen 12378b45d6 Fix #5502 
git-svn-id: file:///home/svn/framework3/trunk@14180 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 07:44:02 +00:00
Matt Weeks e4d540e031 Seplling 
git-svn-id: file:///home/svn/framework3/trunk@14166 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-05 15:43:28 +00:00
HD Moore f6cc9eade7 Replace my crufty old ASN.1 parser with OpenSSL::ASN1 
git-svn-id: file:///home/svn/framework3/trunk@14165 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-05 05:12:28 +00:00
David Maloney 585a7cc4a2 Adding the HTTP Trace scanner from CG 
Fixes #3390


git-svn-id: file:///home/svn/framework3/trunk@14150 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-03 20:09:11 +00:00
Mario Ceballos f25dc59371 spelling. 
git-svn-id: file:///home/svn/framework3/trunk@14146 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-02 21:56:38 +00:00
Mario Ceballos 2b00ace437 spelling. 
git-svn-id: file:///home/svn/framework3/trunk@14145 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-02 21:47:27 +00:00
Wei Chen ae9e8b7821 Syntax fix for ruby 1.8 
git-svn-id: file:///home/svn/framework3/trunk@14139 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-01 21:48:24 +00:00
Wei Chen d5cee2dedf Apply patch #5411 to allow user-specified path 
git-svn-id: file:///home/svn/framework3/trunk@14137 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-01 17:57:11 +00:00
Wei Chen 8750c3aac5 Add feature #4849 (Redis module) 
git-svn-id: file:///home/svn/framework3/trunk@14133 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 21:47:15 +00:00
Mario Ceballos d55dc551b6 syntax issue 
git-svn-id: file:///home/svn/framework3/trunk@14131 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 20:22:02 +00:00
Tod Beardsley e1ffdfdb18 Fixes #3199, jduck caught the funky behavior of seek and ruby's "ab" and "wb" file mode. See also http://pastie.org/2789573 
git-svn-id: file:///home/svn/framework3/trunk@14128 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 19:06:09 +00:00