infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,172 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

647 Commits (176204d62d77838234c12a23de03bf5294bd6e7a)

Author SHA1 Message Date
Royce Davis ff9ef80cc6 Fixed terrible tab issues that occured because of an evil vimrc filegit add ntdsgrab.rb 2013-01-07 12:49:58 -06:00
Royce Davis e4546b13f3 Creating new pull request to beat Travis build strange errors... 2013-01-07 12:21:59 -06:00
Royce Davis c1f0e1172b Still fighing with Travis build errors 2013-01-07 11:52:37 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
Royce Davis ac2182c69b Edited to fix Travis build process 2013-01-07 11:10:21 -06:00
Royce Davis 44e07c8577 Created psexec mixin to get rid of ugly copy-paste 2013-01-04 09:58:48 -06:00
Christian Mehlmauer 4d8a2a0885 msftidy: remove $Revision$ 2013-01-03 01:01:18 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
Royce Davis 321a4ecb74 Escaped quotes in windows command 2012-12-29 13:46:22 -06:00
Royce Davis 02bbcb5803 surrounded ntdspath in a space 2012-12-29 13:33:32 -06:00
Royce Davis 174e6e8f17 Fixed array instantiation 2012-12-29 13:31:54 -06:00
sinn3r 0344c568fd Merge branch 'smb_fixes' of git://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-smb_fixes 2012-12-18 11:38:14 -06:00
Tod Beardsley 10511e8281 Merge remote branch 'origin/bug/fix-double-slashes' 
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
 2012-12-17 13:29:19 -06:00
Royce Davis 2eb01168c8 Cleaned build junk 2012-12-14 10:44:53 -06:00
Royce Davis 82a6519dc4 cleaned up print_status and print_errors 2012-12-14 10:41:40 -06:00
Royce Davis 1b26036028 removed junk 2012-12-14 09:23:26 -06:00
Royce Davis ae663b2a08 removed | from author section 2012-12-14 09:02:19 -06:00
Royce Davis 27ca43c915 Added to create new pull request 2012-12-14 08:53:22 -06:00
sinn3r d2885d9045 Correct US Cert references 2012-12-13 14:19:53 -06:00
sinn3r c66777d028 Merge branch 'command' of git://github.com/R3dy/metasploit-framework into R3dy-command 2012-12-06 16:08:04 -06:00
Royce Davis 205276c38f Update modules/auxiliary/admin/smb/psexec_command.rb 
Fixed static path to Windows directory.  This causes problems with directory is 'WINNT' for example.
 2012-12-06 16:03:44 -06:00
jvazquez-r7 3dada00f43 fix typo accor ding to redmine 7550 2012-12-04 22:37:08 +01:00
Alexandre Maloteaux c0c3dff4e6 Several fixes for smb, mainly win 8 compatibility 2012-11-28 22:49:40 +01:00
sinn3r 319fa04c16 Fix Ruby 1.8 comma of death 2012-11-26 16:45:43 -06:00
jvazquez-r7 414fd052c1 final cleanup 2012-11-24 15:03:14 +01:00
jvazquez-r7 f7fb8bb862 change module filename 2012-11-23 11:43:34 +01:00
jvazquez-r7 cb7e98ea29 Cleanup for command module 2012-11-23 11:42:59 +01:00
Royce Davis e16cea6db8 Fixed execerror, redundant if statement, and poor exception handling 2012-11-20 18:46:07 -06:00
Royce Davis 795ea5bec2 Fix randomize of dislayname and removed filename from command.rb 2012-11-19 14:34:06 -06:00
Royce Davis 7fa8717860 Fixed cleanup method to report an Error on command.rb 2012-11-19 13:59:58 -06:00
Royce Davis f9b4971fc3 Fixed hard coded paths in psexec on command.rb 2012-11-13 10:28:16 -06:00
Royce Davis 683bcd4b82 Added disconnect method to command.rb 2012-11-12 11:25:12 -06:00
Royce Davis e57275d3f6 added check cleanup method to command.rb 2012-11-12 09:46:02 -06:00
Chris John Riley cffedd0c97 Set back to target_uri.path 2012-11-11 12:04:31 +01:00
Royce Davis 6e257d5f57 Simplify main method 2012-11-09 08:50:09 -06:00
Chris John Riley 0dd4f4d03d Formatting 2012-11-08 17:51:06 +01:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have 
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
 2012-11-08 17:42:48 +01:00
HD Moore 4d2147f392 Adds normalize_uri() and fixes double-slash typos 2012-11-08 07:16:51 -06:00
Royce Davis 22ecd6afa9 Edit command.rb 2012-11-07 15:17:13 -06:00
Royce Davis 18aab8bcc7 Remove extrat comment lines from command.rb 2012-11-07 15:09:57 -06:00
Royce Davis d159aa6f9f Changed error handeling of command.rb module 2012-11-07 15:03:31 -06:00
Royce Davis ac518f7091 Removed double lines in Author field and general URLs 2012-11-07 08:22:09 -06:00
Royce Davis aec4d99549 ran msftidy on command.rb 2012-11-06 16:33:47 -06:00
Royce Davis 9f87b7b674 Removed smb_exec from this branch 2012-11-06 16:18:38 -06:00
Royce Davis 0b940d8087 New module command.rb 2012-11-05 12:03:51 -06:00
Royce Davis aa6e8c7437 smb_exec 2012-11-05 11:46:39 -06:00
Royce Davis a9db705b60 New module for submission smb_exec 2012-11-05 11:45:03 -06:00
sinn3r 2c4273e478 Correct some modules with res nil 2012-10-29 04:41:30 -05:00
sinn3r f1423bf0b4 If a message is clearly a warning, then use print_warning 2012-10-24 00:44:53 -05:00
Michael Schierl 910644400d References EDB cleanup 
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
 2012-10-23 21:02:09 +02:00
Michael Schierl 04a6021631 Privileged cleanup: auxiliary modules can't 2012-10-22 20:36:49 +02:00
Michael Schierl 39e81d3e53 Arch/Platform cleanup: aux modules need neither 2012-10-22 20:28:02 +02:00
sinn3r ae690f5fd3 Remove that extra "," that breaks Ruby 1.8 2012-10-20 02:11:49 -05:00
jvazquez-r7 7b1c35624e Merge branch 'mssql_ntlm_stealer' of https://github.com/nullbind/metasploit-framework into nullbind-mssql_ntlm_stealer 2012-10-17 22:50:54 +02:00
jvazquez-r7 1f55e02535 minor cleanup 2012-10-17 22:21:28 +02:00
jvazquez-r7 12e2ff9bb5 proposed cleanup 2012-10-17 19:03:28 +02:00
nullbind c52b834f50 updated name and description 2012-10-16 14:37:02 -05:00
nullbind d8c2aa9796 added mssql ntlm stealer for sqli 2012-10-16 14:26:10 -05:00
nullbind fafa6e49ce address comments from jvazquez 2012-10-16 12:10:37 -05:00
nullbind 553ce82e79 added mssql ntlm stealer 2012-10-15 13:29:51 -05:00
sinn3r 54ed60e24e Forgot to remove the second require 2012-09-24 18:50:53 -05:00
sinn3r 6bd450e114 Make Ruby 1.8 happy 2012-09-24 18:49:41 -05:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
Tod Beardsley c83b49ad58 Unix linefeeds, not windows 
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.

Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
 2012-09-16 18:10:35 -05:00
Tod Beardsley 2fc34e0073 Auth successful, not successfully 
Just fixing up some adverb versus adjective grammar.
 2012-09-16 17:51:00 -05:00
jvazquez-r7 63d2d60c68 delete don't needed line 2012-09-15 23:56:38 +02:00
jvazquez-r7 ff2e9fc157 add changes proposed by sinn3r 2012-09-15 23:55:55 +02:00
jvazquez-r7 70ff7621d6 added module for CVE-2012-2983 2012-09-15 15:11:12 +02:00
jvazquez-r7 6771466cb7 Added module for CVE-2011-2750 2012-09-13 17:24:16 +02:00
Tod Beardsley 32e2232de3 Disambiguating hkm from hdm 
Having an author name of "hkm" really looks like a typo for "hdm," but
it's not.
 2012-09-11 11:13:20 -05:00
Tod Beardsley aaf7fcd5e9 Closing bracket doh 2012-09-07 08:57:27 -05:00
Tod Beardsley 53e4818c2e Humble-desser, not humble-dresser 2012-09-07 08:49:27 -05:00
Tod Beardsley ff97b1da00 Whitespace EOL 2012-09-05 14:04:20 -05:00
Tod Beardsley b8132cae5c Add the redistribution comment splat 2012-09-04 15:58:43 -05:00
Tod Beardsley 15f1dd8525 Moving greetz to Author fields 2012-09-04 15:58:43 -05:00
Tod Beardsley 6e7cbe793c Spamguard e-mail addresses, make auth name consistent 2012-09-04 15:58:43 -05:00
Tod Beardsley f80abaf0d1 Dropping trailing whitespace 2012-09-04 15:58:42 -05:00
nullbind 114ade6bea applied todb requested fixes, and added sql 2k support 2012-09-04 15:58:42 -05:00
nullbind 6cd6f9d5d1 minor comment updates 2012-09-04 15:58:42 -05:00
nullbind 7e168f2e5c Modified module to write query results to a file with report/loot options 2012-09-04 15:58:42 -05:00
nullbind 522fb401e9 Find data on a SQL Server, sample it, and write it to a CSV file. 2012-09-04 15:58:42 -05:00
sinn3r b4b860f356 Correct MC's name 2012-08-08 14:16:02 -05:00
sinn3r b46fb260a6 Comply with msftidy 
*Knock, knock!*  Who's there? Me, the msftidy nazi!
 2012-08-07 15:59:01 -05:00
sinn3r f26053c2c3 Add vendor's name in there for easier searching 2012-08-07 12:16:52 -05:00
sinn3r 614ae02a26 Add CVE-2012-2626 Scrutinizer add-user aux mod 2012-08-07 12:13:25 -05:00
Tod Beardsley d5b165abbb Msftidy.rb cleanup on recent modules. 
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
 2012-08-04 12:18:00 -05:00
Rob Fuller 76fee330ee Squashed commit of the following: 
commit dadb717f5e17851a85183847f3fdb01e45e6caaa
Author: James Lee <egypt@metasploit.com>
Date:   Fri Aug 3 18:48:53 2012 -0600

    Rescue SMB errors

    Prevents backtraces and gives the user some idea of what happened.
    Specifically useful for STATUS_ACCESS_DENIED and STATUS_LOGON_FAILURE.

commit aba203ead75eec22606f52d7eb67f1581c44c4df
Author: Rob Fuller <jd.mubix@gmail.com>
Date:   Fri Jul 20 03:24:26 2012 -0400

    add SMB list directory module

[Closes #628]
 2012-08-03 19:00:11 -06:00
sinn3r 981ba60fee Fix exception handlings 
Two things:
1. Make msftidy happy
2. Exception handling shouldn't be used to shut errors up.
 2012-07-18 12:05:14 -05:00
Rory McCune 464df4ed1d Oraenum - added error handling 
The oraenum module has errror handling to catch instances where the user used to run the checks doesn't have the appropriate rights, however in one place (The default password check) the error handling code isn't included.  This patch just adds the same check for that code.
 2012-07-18 09:22:22 +01:00
sinn3r 78edf15a86 Improve module 2012-07-17 08:39:56 -05:00
sinn3r dde2254f29 rename file 2012-07-17 08:36:02 -05:00
sinn3r d5711efd26 Merge branch 'master' of https://github.com/j0hnf/metasploit-framework into j0hnf-master 2012-07-17 08:35:49 -05:00
sinn3r e5dd6fc672 Update milw0rm references. 
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links.  Change to exploit-db instead.
 2012-06-28 14:27:12 -05:00
Tod Beardsley 97974d9241 Shorten title for display 2012-06-27 10:19:46 -05:00
j0hn__f 7d20f14525 exec SQL from file 2012-06-26 12:40:34 +01:00
j0hn__f 83260c9c89 module to exe SQL queries from a file 2012-06-26 12:15:30 +01:00
sinn3r f93658b37a Minor name change 2012-06-25 15:51:02 -05:00
sinn3r 637edc21ce Add CVE-2010-2731 2012-06-25 15:48:36 -05:00
Tod Beardsley 302ab963d1 Adding ref for intersil module 2012-06-20 15:05:56 -05:00
James Lee 7c417fa977 Add a select command for the various SQL modules 2012-06-18 23:59:57 -06:00
sinn3r e72303a922 Add Intersil HTTP Basic auth pass reset (originally #453) 
The modified version of pull request #453. This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
  The advisory focuses the problem as an auth bypass, not DoS,
  although it can end up dosing the server.
* The title and filename are changed as a result of matching that
  advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
  401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
 2012-06-16 21:14:57 -05:00
sinn3r 72cdd67cd0 Remove function cleanup() 
There is no point of having this function, because there's nothing
in it.
 2012-06-06 00:54:04 -05:00
sinn3r 3f0431cf51 Massive whitespace destruction 
Remove whitespace found at the end of the line
 2012-06-06 00:36:17 -05:00
sinn3r c30af98b53 Massive whitespace destruction 
Remove all the lines that have nothing but whitespace
 2012-06-06 00:22:36 -05:00
sinn3r 0fcc53b0a2 Handle nil for get_once 2012-06-04 15:31:10 -05:00
sinn3r 01803c4a33 Fix possible nil res. Bug #6939. Part 1. 2012-06-04 13:11:47 -05:00
Christian Mehlmauer 3752c10ccf Adding FireFart's RPORT(80) cleanup 
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
 2012-06-02 09:53:19 -05:00
sinn3r 86ba759c07 Oops, I left one more anonymous out. 2012-05-26 15:30:20 -05:00
sinn3r c606896122 Multiple fixes and improvements: 
* Make session ID configurable based on feature #6894's suggestion.
* Fix a potential bug when res is nil.
* Use print_error() to make the error message more readable.
 2012-05-24 02:16:29 -05:00
James Lee 22601180f3 Save the pilfered file as loot 2012-05-23 18:07:13 -06:00
Tod Beardsley 336a00bc54 Fixing CVE reference 2012-05-16 14:34:04 -05:00
Tod Beardsley 82885cc6e5 Fixing author tags 
Ensuring a space between name and email.
 2012-05-15 15:45:07 -05:00
James Lee bc6ec537f9 Fix a ruby 1.8 compat error 
Can't have commas at the end of argument lists.
 2012-05-15 11:53:49 -06:00
sinn3r 8b06835109 Make changes to proper API usage, whitespace, and extra characters. 2012-05-15 01:26:42 -05:00
pyoor a8b534ddec Cisco Secure ACS Module - Updated error handling 2012-05-14 20:03:26 -04:00
pyoor 2e49e56126 Made suggested changes 2012-05-14 19:50:34 -04:00
pyoor 6b6dc60b25 Cisco Secure ACS Auth Bypass Module 2012-05-13 16:16:18 -04:00
Tod Beardsley aa3930fcb9 Typo on fixed tftp module 2012-05-10 21:42:33 -05:00
Tod Beardsley 36c805c5ff Move the context setting to the module 
Apparently you can't hit the framework object before running the module
any more. Bummer.

[Fixes #6843]
 2012-05-10 21:21:32 -05:00
HD Moore 5151a4c530 Cosmetic 2012-05-03 00:33:09 -05:00
HD Moore 99d7b2601c Cosmetic 2012-05-03 00:31:50 -05:00
sinn3r 91763dd063 Fix 1.8 compatibility 2012-04-25 15:54:42 -05:00
sinn3r b0a76a1aa1 Add wake-on-lan module 2012-04-21 03:29:49 -05:00
Tod Beardsley dfe2bbc958 Use rport for modicon_password recovery, not 21. 2012-04-07 13:03:43 -05:00
Tod Beardsley 461352f24f Don't need to require net/ftp anymore 
Nothing actually used it anyway.
 2012-04-06 10:35:28 -05:00
Tod Beardsley 9c8e6ac9da Ruby 1.8 compat for the SCADA modules. 
But really, you should be using Ruby 1.9 by now.
 2012-04-05 17:05:03 -05:00
Tod Beardsley 14d9953634 Adding DigitalBond SCADA modules 2012-04-05 12:35:48 -05:00
Tod Beardsley 0df4a8a63d Rogue period, DELETED. 2012-03-28 14:29:31 -06:00
Jonathan Cran 2c3e296b36 remove trailing comma, thanks troulouliou 2012-03-28 14:29:31 -06:00
Tod Beardsley 47493af103 Merge pull request #259 from todb-r7/edb-2 
Convert Exploit-DB references to first-tier "EDB-12345" references
 2012-03-23 12:09:07 -07:00
sinn3r 10733f6a1c Update description 2012-03-23 13:05:40 -05:00
sinn3r 41bc8ded3d Add HP Data Protector aux module for executing commands on Windows 2012-03-23 07:57:13 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs 
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
 2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r 7c77fe20cc Some variables don't need to be in a double-quote. 2012-03-17 20:37:42 -05:00
David Maloney 6011da7db8 More Virtualisation SSL fixes 2012-03-15 19:06:48 -05:00
James Lee 2b9acb61ad Clean up some incosistent verbosity 
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
 2012-03-06 12:01:20 -07:00
James Lee 3a33434867 Fix a couple of typos that throw off module authors 2012-03-05 13:28:46 -07:00
Tod Beardsley 302853f5a4 Unpolluting SVN Revision keyword 
Sometimes Revision keywords get expanded, too. Fix those.
 2012-03-02 10:18:32 -06:00
Tod Beardsley 3626d48db2 Un-polluting SVN Id keyword 
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
 2012-03-02 10:18:32 -06:00
Efrain Torres b608aeeeb7 Migrating modules to use report_web_vulns and minor fixes 2012-03-02 10:18:32 -06:00
Efrain Torres a2e5a4d9d5 New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention 2012-03-02 10:18:31 -06:00
James Lee 464cf7f65f Normalize service names 
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
 2012-02-21 22:59:20 -07:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
James Lee 89e0842b1e Add vim_soap to the mixins list. 
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
 2012-02-20 13:17:45 -07:00
sinn3r a8d56afda6 Use store_loot() to save data to local disk 2012-02-20 01:30:11 -06:00
Matt Buck e0a75c1b2c Merge branch 'release/4.2-stable' 
Conflicts:
	lib/msf/core/model/host.rb
 2012-02-19 22:57:22 -06:00
David Maloney 36dc0fee50 Better dynamic soap generation for all the vmware stuff 2012-02-18 18:29:46 -06:00
sinn3r bb5e4a1600 Modules don't need to register VERBOSE, because it's already there 2012-02-17 21:07:44 -06:00
David Maloney 8d7ddab2af Some minor bug fixes 
Added vm_tag module for 'flag planting'
 2012-02-16 00:45:48 -06:00
David Maloney a2778ea297 minor fixes to multi-session terminate 2012-02-15 16:50:12 -06:00
David Maloney 082b4acca8 Changed terminate session module to handle multiple sessions per run 2012-02-15 16:47:02 -06:00
David Maloney c9cf47bd4c Add Terminate Session module and some extra goodness to enum sessions 2012-02-15 16:39:13 -06:00
David Maloney e67e9ab34f Adds a power off vm aux module 2012-02-14 20:52:45 -06:00
David Maloney a256a6fb0b Adds a power on vm module 2012-02-14 20:44:11 -06:00
HD Moore 29b99aa7b4 Fix up titles/add boundary check for reporting external host 2012-02-08 12:23:46 -06:00
Tod Beardsley fe22090a12 Correct e-mail format 2012-01-26 13:04:38 -06:00
Joshua J. Drake 31fb7e7b28 Fallback to writing a new file if resuming fails 2012-01-25 14:49:30 -06:00
Jon Hart 7ec5f98480 Adding jhart's natpimp libary and modules. 
Made some minor corrections -- dropped the #vim splats, switched to msf
constants for service open etc, namely.

[See #106]
 2012-01-24 10:32:30 -06:00
sinn3r b202c29153 Correct e-mail format 2011-12-29 11:27:10 -06:00
David Maloney 5e1efdcd73 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-22 10:49:53 -05:00
David Maloney 30141f3008 Fix typo in the oracle enum aux module 
The password grace time query was not checking the right value,
spotted by user bNull in the IRC channel.
 2011-12-22 10:47:57 -05:00
Tod Beardsley 743a0546f1 Don't blow up if the user doesn't set a filename 
Can't actually require FILENAME or REMOTE_FILENAME because I don't know
if you're going to upload or download. However, there shouldn't be a
stacktrace when you just try to go with neither.
 2011-12-21 16:26:29 -06:00
Tod Beardsley 11a27a1e61 Renaming TFTP transfer util. 
See #5291. Just renaming the file.
 2011-12-20 10:06:44 -06:00
Tod Beardsley 24d53efa7c Final touches on TFTP client 
See #5291. Adds an option to mess with the block size in case someone
wants to write a fuzzer or exploit that leverages that. Adds a cleanup
method to the module (pretty much required, it turns out). Looking
nearly final, just need to rename the module and I think we're good to
push to master.
 2011-12-20 10:03:04 -06:00
Tod Beardsley 677cb4b152 Handle empty data sends sanely for TFTP. 
Don't just hang forever -- let the user know they just send empty data.
TFTP servers don't like this of course.
 2011-12-19 21:56:03 -06:00
Tod Beardsley 2b3e3725ac TFTP adding comment docs, ability to send w/out a file. 
Commenting the tricksy parts a little better for general usage.

Adding the ability to set FILEDATA instead of FILENAME, in case
only short bits of data are desired and the user doesn't want
to go to the trouble of creating a source file to upload.
 2011-12-19 18:15:19 -06:00
Tod Beardsley 431ef826c9 TFTP client now uses constants, preserves trailing spaces/nulls in data 
See #5291, just rediscovered the bug on this.
 2011-12-19 16:33:25 -06:00
Tod Beardsley 5eaf2e7535 Adding download and loot functionality. 
Still need to deal with the use case of not passing a block; blocks
should not be required, it should be okay to invoke and just wait for
the complete attribute to be true. You'll miss out on error messages but
eh, maybe those should be return values.
 2011-12-19 15:50:50 -06:00
Tod Beardsley aecde6fea4 Updating TFTP client. Now with grown-up thread handling. 
No longer blocks on successful connections.
 2011-12-19 12:14:40 -06:00
Tod Beardsley 902d7f5ea7 Adding more to TFTP. Still need a read tho 
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.

Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
 2011-12-18 21:05:27 -06:00
Tod Beardsley 23aadd04f7 Fixing merge conflict cruft 
Dangit teach me to merge quickly. TFTP module now loads again.
 2011-12-18 13:28:52 -06:00
Tod Beardsley 1201d7fbf2 Merge branch 'tftp_client' of github_r7:rapid7/metasploit-framework into tftp_client 
Conflicts:
	modules/auxiliary/admin/tftp/tftp_upload_file.rb
 2011-12-16 22:41:22 -06:00
Tod Beardsley 0b8914021c Switch to vprint_status, also add skeletal cleanup def. 2011-12-16 21:06:10 -06:00
Tod Beardsley 50fa10679b First draft of a TFTP client. 
Could use some actual error checking and also needs to expose
more options.
 2011-12-16 18:41:55 -06:00
Tod Beardsley a6867ef128 First draft of a TFTP client. 
Could use some actual error checking and also needs to expose
more options.
 2011-12-16 18:39:09 -06:00
sinn3r bb2ea62de8 Add CVE-2008-0926: Novell eDirectory eMBox Unauthenticated Access (Feature #2729) 2011-12-15 23:09:26 -06:00
sinn3r 7b2a1dc791 Repair dead milw0rm link to exploit-db 2011-12-13 16:11:33 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
HD Moore d75e4aead3 Cosmetic changes 2011-11-10 15:45:02 -06:00
Steve Tornio 0c36915dae add osvdb ref 2011-11-10 13:24:26 -06:00
wchen-r7 453082678f Add CVE-2010-1871 (Feature #5922) 2011-11-10 10:21:17 -06:00
Wei Chen 9ff5eabb4b Fix #4915 
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 08:51:47 +00:00
Wei Chen 7ffcf62a2e Add #5364 
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 17:34:42 +00:00
Tod Beardsley e1ffdfdb18 Fixes #3199, jduck caught the funky behavior of seek and ruby's "ab" and "wb" file mode. See also http://pastie.org/2789573 
git-svn-id: file:///home/svn/framework3/trunk@14128 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 19:06:09 +00:00
Tod Beardsley 45d8c91929 Fixes #3199. Note that hex notation (0x41) is okay for OptInt. Ruby integers can be 0x41, 0101, 0b01000001, which are all 65, so dropped that chunk and clarified the option instead of forcing a string and a conversion. 
git-svn-id: file:///home/svn/framework3/trunk@14102 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-28 20:58:46 +00:00
Wei Chen 82e1b87a21 #5541 
git-svn-id: file:///home/svn/framework3/trunk@14064 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 16:43:58 +00:00
Wei Chen 17f518897f Moved from auxiliary/scanner/sap 
git-svn-id: file:///home/svn/framework3/trunk@14030 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-22 21:33:53 +00:00
Wei Chen 975cc52bac Fix spelling errors 
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 00:54:05 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs. 
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:42:01 +00:00
Wei Chen 6ffa61b314 Apply patch for bug #5212 
git-svn-id: file:///home/svn/framework3/trunk@13815 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-04 19:10:33 +00:00
Patrick Webster 5c41385284 Added aux module trendmicro_dlp_traversal. 
git-svn-id: file:///home/svn/framework3/trunk@13772 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-22 07:34:53 +00:00
Matt Weeks acae5dcdc8 Killing puts. 
Die, puts, die!!



git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-11 02:42:39 +00:00
HD Moore 400afbadf8 Fixes #5392 by closing the listener after accepting the connection. Fixes a number of formatting and api issues 
git-svn-id: file:///home/svn/framework3/trunk@13682 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-02 16:19:28 +00:00
HD Moore 5fa7ddf5f4 Move this aux module out of the exploits tree 
git-svn-id: file:///home/svn/framework3/trunk@13657 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-29 15:30:13 +00:00
David Rude cacc3f237c Added improvements to this module to use a wordlist of known sensitive files 
git-svn-id: file:///home/svn/framework3/trunk@13654 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-29 03:13:22 +00:00
Mario Ceballos aef764de08 working on moving things referenced in Feature #653. added different param for secure backup 
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 18:35:29 +00:00
Patrick Webster 392684736d Added aux module check_dir_file. 
git-svn-id: file:///home/svn/framework3/trunk@13578 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-18 04:10:17 +00:00
James Lee d50577066f remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious 
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-28 22:57:47 +00:00
Wei Chen 067f9bf053 Fix URL reference 
git-svn-id: file:///home/svn/framework3/trunk@13329 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-24 19:36:37 +00:00
Wei Chen e115e78f8d Fix CVE 
git-svn-id: file:///home/svn/framework3/trunk@13327 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-24 19:20:02 +00:00
Steve Tornio 46451acec5 add/fix some cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13270 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-21 01:10:40 +00:00
Carlos Perez f3b404b971 Misspelled variable 
git-svn-id: file:///home/svn/framework3/trunk@13196 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-17 14:30:06 +00:00
Wei Chen a795dc7552 Added 2Wire Password Reset module by Travis 
git-svn-id: file:///home/svn/framework3/trunk@13121 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 20:48:53 +00:00
HD Moore 6ccbaedd57 Add the CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@12972 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-18 17:52:21 +00:00
Carlos Perez 0ea7516e09 forgot to cover some checks for when no rows where returned. 
git-svn-id: file:///home/svn/framework3/trunk@12864 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-06 01:45:55 +00:00
Mario Ceballos 3fedad5715 add matteo's patch. 
git-svn-id: file:///home/svn/framework3/trunk@12666 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-19 19:02:58 +00:00
Patrick Webster fb33b0cbfd Added contentkeeper_fileaccess aux traversal module. 
git-svn-id: file:///home/svn/framework3/trunk@12288 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-10 15:27:17 +00:00
Steve Tornio 8aff852f5a add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12218 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-02 13:41:19 +00:00
Mario Ceballos cab7a1b3e4 added auxiliary module zend/java_bridge.rb 
git-svn-id: file:///home/svn/framework3/trunk@12212 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-01 22:01:46 +00:00
Mario Ceballos 3f7e3ee93f added auxiliary module igss_exec_17.rb 
git-svn-id: file:///home/svn/framework3/trunk@12077 4d416f70-5f16-0410-b530-b9f4589650da
 2011-03-23 01:58:09 +00:00
Tod Beardsley 3f1ceea349 Fixes #3655. Subbed out all the :proto's that were really :snames for all the note reporting. This was getting caught anyway in most cases, but it's better to have the modules themselves actually be correct for future copy-pasters. 
git-svn-id: file:///home/svn/framework3/trunk@11707 4d416f70-5f16-0410-b530-b9f4589650da
 2011-02-04 01:54:32 +00:00
HD Moore 26aca9d6ba Swap some module locations, add loot and cred reporting 
git-svn-id: file:///home/svn/framework3/trunk@11271 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 05:47:33 +00:00
Joshua Drake 8f55c83ed0 clean up some oracle titles 
git-svn-id: file:///home/svn/framework3/trunk@11128 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-24 19:43:49 +00:00
Joshua Drake e9faf75503 fix some more titles with periods 
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-24 19:35:38 +00:00
Joshua Drake 3bd3ea5724 carlos, plz use the ./tools/msftidy.rb script, see #3198 
git-svn-id: file:///home/svn/framework3/trunk@11091 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-22 09:11:25 +00:00
Carlos Perez a4e77c13cc Applied patch by Manuel Schilt 
git-svn-id: file:///home/svn/framework3/trunk@11059 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-18 01:58:46 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references 
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references 
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 22:25:13 +00:00
James Lee 1384ba6620 fix a typo. see #2578 
git-svn-id: file:///home/svn/framework3/trunk@10680 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-14 18:24:56 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks 
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 08:06:27 +00:00
HD Moore e59ec467af Quick SMB upload module for when you need to upload a file via PTH 
git-svn-id: file:///home/svn/framework3/trunk@10387 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 04:03:26 +00:00
HD Moore 9b5d613563 Additional D-Link target from John Sawyer 
git-svn-id: file:///home/svn/framework3/trunk@10219 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-02 14:34:18 +00:00
HD Moore 800812a1d0 This commit adds functional exploits for retrieving the Apple Airport Extreme password through the VxWorks debugger service and for setting the auto-answer flag to true for the D-Link i2Eye video conferencing system. 
git-svn-id: file:///home/svn/framework3/trunk@10218 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-02 14:32:39 +00:00
cg 6b1eb27ab5 put scanner modules in the scanner directory 
git-svn-id: file:///home/svn/framework3/trunk@10210 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-01 01:49:06 +00:00
cg 36bbd6e8b6 coldfusion directory traversal module 
git-svn-id: file:///home/svn/framework3/trunk@10209 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-01 01:43:48 +00:00
Joshua Drake aac956db50 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-24 18:22:48 +00:00
Patrick Webster bb9be48739 Added tomcat utf8 traversal aux module. 
git-svn-id: file:///home/svn/framework3/trunk@10104 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 16:17:43 +00:00
Tod Beardsley 6d6a547b34 Fixes #2412. Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands. 
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-18 00:58:20 +00:00
Steve Tornio 6f309d0351 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9957 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-04 21:21:31 +00:00
Joshua Drake b473cda7d9 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9953 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-03 16:17:43 +00:00
HD Moore e26d4ded08 Import the scanner and utility modules for the VxWorks WDB Agent service 
git-svn-id: file:///home/svn/framework3/trunk@9945 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-02 05:56:26 +00:00
Steve Tornio c8ee0d0e1b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9944 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-02 00:06:21 +00:00
Mario Ceballos a42f49481e renamed one, add coverage for hndlrsvc issue. 
git-svn-id: file:///home/svn/framework3/trunk@9943 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-01 19:50:40 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention 
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 21:37:54 +00:00
Steve Tornio ad04fd4f3f add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9903 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 11:05:07 +00:00
Joshua Drake 1ca054ba53 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9893 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 23:28:47 +00:00
Mario Ceballos a5590b4115 added auxiliary module osb_execqr3.rb 
git-svn-id: file:///home/svn/framework3/trunk@9891 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 21:57:54 +00:00
Joshua Drake 0c2c35cc47 fix disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@9748 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-09 16:54:25 +00:00
Joshua Drake c1f74794eb style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9744 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-08 23:34:50 +00:00
Joshua Drake ba76698b5a remove extraneous parenthesis 
git-svn-id: file:///home/svn/framework3/trunk@9718 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 17:38:26 +00:00
HD Moore bfcd09c982 Fix up the data printer 
git-svn-id: file:///home/svn/framework3/trunk@9708 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 14:57:50 +00:00
HD Moore ea0129ff35 Add Robin Wood's MSSQL Interesting Data Finder 
git-svn-id: file:///home/svn/framework3/trunk@9706 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 14:48:08 +00:00
Joshua Drake 9984b662e0 switch some URL references to US-CERT-VU type 
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 01:09:32 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes 
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 23:33:07 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers 
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 20:53:12 +00:00
Joshua Drake 2712ebb23f add aux module for cve-2003-0027, closes #655 
git-svn-id: file:///home/svn/framework3/trunk@9605 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-24 05:03:12 +00:00
Tod Beardsley 2cf9944681 See #2134. Fixes all aux modules that uses sleep(). 
git-svn-id: file:///home/svn/framework3/trunk@9582 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-22 18:58:38 +00:00
Steve Tornio 806a3bfcab add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9556 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-18 11:10:42 +00:00
Joshua Drake 5474b89cb7 add exploit for titanftp XCRC traversal, cute one 
git-svn-id: file:///home/svn/framework3/trunk@9555 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-18 04:33:53 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates 
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:18:08 +00:00
Joshua Drake e32abab8dc a HTTP -> an HTTP (http://www.english-zone.com/grammar/a-anlessn.html) 
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 16:12:05 +00:00
Mario Ceballos 2444978286 remove it 
git-svn-id: file:///home/svn/framework3/trunk@9423 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 14:46:22 +00:00
Joshua Drake 0e72894e58 more cleanups 
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 17:13:09 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass 
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 08:40:19 +00:00
Joshua Drake fe250cda25 minor tweaks, add commnted out debug statements 
git-svn-id: file:///home/svn/framework3/trunk@9105 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-19 22:46:52 +00:00
Joshua Drake 5aea21fcb8 speel more godoer 
git-svn-id: file:///home/svn/framework3/trunk@9080 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 02:09:08 +00:00
Mario Ceballos fd62a6e9a7 updated to use report_auth_info() since user_pass is needed to authenticate. 
git-svn-id: file:///home/svn/framework3/trunk@9051 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-11 16:45:50 +00:00
Mario Ceballos 426e0b5b24 updated to use report_auth_info() since the sid is needed to authenticate. 
git-svn-id: file:///home/svn/framework3/trunk@9049 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-11 13:56:56 +00:00
HD Moore ee4528ed86 Fix negative timeouts 
git-svn-id: file:///home/svn/framework3/trunk@9048 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-11 13:26:50 +00:00
HD Moore 54b276d5e5 Cosmetic 
git-svn-id: file:///home/svn/framework3/trunk@9009 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-04 16:35:43 +00:00
Joshua Drake 61b4500ffd remove svn:executable from various files 
git-svn-id: file:///home/svn/framework3/trunk@8974 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-01 16:20:34 +00:00
Joshua Drake aaee658c3c fix 1.8/1.9 compat issue 
git-svn-id: file:///home/svn/framework3/trunk@8960 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-30 17:00:39 +00:00
James Lee 1dc7a4a21f i'm tired of support requests for oci libs not being installed 
git-svn-id: file:///home/svn/framework3/trunk@8899 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-24 19:02:38 +00:00
Steve Tornio a71a24b6d3 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8538 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 18:56:05 +00:00
Steve Tornio ed395fcda4 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@8537 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 18:48:34 +00:00
Steve Tornio b17fc35986 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8536 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 18:35:01 +00:00
Steve Tornio 3314e6a10b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8535 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 17:25:47 +00:00
Steve Tornio fa877eb567 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8534 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 17:11:45 +00:00
Steve Tornio e5609bbf82 add cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@8533 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 17:07:54 +00:00
Steve Tornio ceb65d7dc0 Add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8519 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-16 16:38:58 +00:00
Steve Tornio df55aee06f add osvdb and cve refs 
git-svn-id: file:///home/svn/framework3/trunk@8444 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-10 19:35:28 +00:00
Steve Tornio a1ec895cee add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8443 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-10 19:26:18 +00:00
Steve Tornio b37b409c3e update osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@8441 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-10 18:46:03 +00:00
Tod Beardsley c763052c57 See #816. This came up while learning how to perform various postgre tasks via Metasploit. 
This module in particular reads a text file on the remote machine, copies it to a temporary table, and then selects the table.

Looks like this:

http://pastie.org/private/uoxgaw7ibjpvuepolr1fuw



git-svn-id: file:///home/svn/framework3/trunk@8417 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 22:34:09 +00:00
Tod Beardsley 67bb7a1926 Cleaning up print_status messages for Postgres SQL module and Postgres library. 
git-svn-id: file:///home/svn/framework3/trunk@8407 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 16:43:44 +00:00
HD Moore c28f15d02c Quote the share name 
git-svn-id: file:///home/svn/framework3/trunk@8405 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 13:36:35 +00:00
HD Moore 715e2c4c2e Add a link to the vendor response 
git-svn-id: file:///home/svn/framework3/trunk@8389 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 21:54:57 +00:00
James Lee c48fe399f7 references have to be strings. fixes 815 
git-svn-id: file:///home/svn/framework3/trunk@8387 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 21:41:06 +00:00
HD Moore 4c8dc37435 Add the OSVDB reference 
git-svn-id: file:///home/svn/framework3/trunk@8382 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 14:51:56 +00:00
HD Moore 2c6b9c2800 Use the full \\host\share syntax to work with all versions of Samba. Thanks Eren! 
git-svn-id: file:///home/svn/framework3/trunk@8381 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 14:45:43 +00:00
HD Moore b3a588b8cc Adds a module for kcope's samba filesystem traversal 
git-svn-id: file:///home/svn/framework3/trunk@8369 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-05 06:38:24 +00:00
Tod Beardsley 6e8e6ef16a Fixes #769 by implementing a brute force module for Postgres. A couple notes: If you guess wrong at the database name, you still can try to login with a username and password -- you'll get a successful auth, but then get disconnected. So, that's pretty neat. 
Also, since Postgres-PR uses the stock TCPSocket object, connection timeouts and other errors take forever. This is avoided in the brute forcer by pre-validating the connection with Rex::Socket, but this is a hack -- it would be better to convert Postgres-PR to a Rex::Socket flavor, so you also get nicer error messages and what all. I did fork it off the main distribute it already anyway, so may as well will open a feature bug on this, but it's pretty low priority.




git-svn-id: file:///home/svn/framework3/trunk@8366 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-03 21:45:13 +00:00
Tod Beardsley 2ffe4abb5d Fixes #730 by fixing up the Postgres query module and nicifying the output. 
git-svn-id: file:///home/svn/framework3/trunk@8352 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-02 21:02:12 +00:00
Tod Beardsley 01adf60550 See #730. First pass at a Postgres Query module. Doesn't handle errors very well yet (still need to work all that out and create some test cases). 
git-svn-id: file:///home/svn/framework3/trunk@8344 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-02 01:40:48 +00:00
Joshua Drake 31949c4343 svn keywords fixups 
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 20:12:13 +00:00
Joshua Drake 40be42676b new tomcat_mgr_login aux module 
- uses auth_brute mixin
- has old and new default users/passes/pairs
- replaces older modules/auxiliary/admin/http/tomcat_manager.rb


git-svn-id: file:///home/svn/framework3/trunk@8201 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 20:31:51 +00:00
Joshua Drake 5ebb0c4b38 add CVE, two default users & passwords, see #711 
git-svn-id: file:///home/svn/framework3/trunk@8194 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 16:22:12 +00:00
James Lee d4c42806f6 can't really be a scanner since a sid is needed for each host 
git-svn-id: file:///home/svn/framework3/trunk@8141 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-17 17:56:05 +00:00
James Lee 6c572466fa make the oracle login a scanner for consistency. see 757 
git-svn-id: file:///home/svn/framework3/trunk@8139 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-16 00:59:06 +00:00
Carlos Perez f9f4f31fdd Changed to checking the size and not the line count on queries 
git-svn-id: file:///home/svn/framework3/trunk@8083 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-07 17:52:40 +00:00
Joshua Drake 2283e029db crossing fingers, big cr removal batch 
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 22:24:22 +00:00
Carlos Perez 33bb229207 Keywords 
git-svn-id: file:///home/svn/framework3/trunk@7995 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-27 14:10:54 +00:00
Carlos Perez 83296f8b23 MySQL simple enumeration module using the new MySQL mixin 
git-svn-id: file:///home/svn/framework3/trunk@7994 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-27 14:03:39 +00:00
HD Moore 9ec132d86f Fixes #720. Adds inquis's mysql brute forcer using the new mixin 
git-svn-id: file:///home/svn/framework3/trunk@7978 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-26 05:22:34 +00:00
HD Moore d0969746a4 Mostly cosmetic changes from local tree 
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-26 03:31:20 +00:00
Mario Ceballos c1c06d6ea1 adds ranking.. more aux. modules need this to be listed. 
git-svn-id: file:///home/svn/framework3/trunk@7789 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-09 23:29:53 +00:00
Joshua Drake ed70daf9b1 update references 
git-svn-id: file:///home/svn/framework3/trunk@7746 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 21:30:11 +00:00