Commit Graph

8568 Commits (22aabc780599ae18157ef6a61edcfd8abadb5f1c)

Author SHA1 Message Date
b00stfr3ak 391e2bb99b Fixed some style changes
Removed upload var, it really served no purpose.
2014-07-30 22:42:07 -07:00
Meatballs 53b66f3b4a Land #2075, Powershell Improvements 2014-07-31 00:49:39 +01:00
James Lee 77d99b7374
Land #3586, fix msfconsole when running without db
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
2014-07-30 17:24:21 -05:00
Tod Beardsley 3320a1ef77 Revert PR #3574
This reverts commit 96945442ff.

With this PR, the following now appears in framework.log:

````
[07/30/2014 14:01:37] [e(0)] core: Error updating module details for
auxiliary/fuzzers/http/http_form_field: NoMethodError undefined method
`name' for []:Array
````
2014-07-30 14:06:46 -05:00
Trevor Rosen 3e915e5059
Merge branch 'staging/electro-release' into bug/MSP-10715/import-security-issues
Update deps

Conflicts:
	Gemfile
	Gemfile.lock
2014-07-30 12:49:15 -05:00
Trevor Rosen ea72a7e5c3 Merge pull request #3583 from jlee-r7/feature/MSP-9932/creds-add-subcommands
Add `creds` subcommands

MSP-9932 #land
2014-07-30 12:01:36 -05:00
James Lee 85b00eede6
Add #present? checks 2014-07-30 11:52:59 -05:00
Luke Imhoff ceb8a0f5c2
Extract option require pattern to helper Module
MSP-10905

`Metasplot::Framework::Require.optionally` can be used to optionally
require a library and then issue a warning if the require fails or run a
block when it succeeds.
2014-07-30 10:07:53 -05:00
Trevor Rosen d863ff907e Merge pull request #3576 from dmaloney-r7/feature/MSP-9641/cred-rpc-calls
Feature/msp 9641/cred roc calls

MSP-9641 #land
2014-07-30 09:40:38 -05:00
Joe Vennix ed6594ddb8
Change filename to calllog_dump. 2014-07-30 00:16:23 -07:00
Joe Vennix ece3b5583a
Revert to file-based solution. 2014-07-30 00:13:44 -07:00
Luke Imhoff 1a6d4843c7
Merge branch 'staging/electro-release' into bug/MSP-10905/msfconsole-database
MSP-10905
2014-07-29 15:52:11 -05:00
Luke Imhoff ba4891bca0
Restore Rails.groups arguments
MSP-10905

They don't cause a problem.
2014-07-29 15:50:52 -05:00
Trevor Rosen 8fda4ee239
Fix fd leak and blind IO#gets in pwdump import
MSP-10715
2014-07-29 15:15:47 -05:00
Luke Imhoff f5ff22eba4
msfconsole with bundle install --without db
MSP-10905
2014-07-29 14:46:44 -05:00
Luke Imhoff 38da44c26b
Fix arity difference between rails and msfconsole options
MSP-10905
2014-07-29 14:32:42 -05:00
Luke Imhoff 04541ac724
Parse msfconsole options before initializing Rails
MSP-10905
2014-07-29 14:07:14 -05:00
Luke Imhoff 8e7dd1b658
Add missing require
MSP-10905
2014-07-29 14:06:27 -05:00
Luke Imhoff 9a5085cbba
Prevent circular dependency
MSP-10905

Use Metasploit::Framework::Version directly instead of
Msf::Framework to prevent circular dependency when starting msfconsole.
2014-07-29 14:04:15 -05:00
Luke Imhoff 24a5a155f4
Require gems
MSP-10905
2014-07-29 14:02:56 -05:00
David Maloney 78a3263cfe
have Credentials remember their aprents
a Credential object can be created from several
other types of objects. Keep a reference to the originating
'parent' so we can find our way back
2014-07-29 11:20:52 -05:00
AnwarMohamed c2be3d6875 fixing autoload bug 2014-07-29 17:51:56 +02:00
James Lee ef7f5fe967 Make metasploit-model a direct dep
Needed for all the scanners that use Metasploit::Model::Realm::Key
constants.
2014-07-29 10:30:46 -05:00
AnwarMohamed b02dbcc2e7 remove extra whitespace 2014-07-29 16:23:27 +02:00
AnwarMohamed 7512e04894 fixing autoload 2014-07-29 16:21:31 +02:00
us3r777 d6c7eb8850 Fixed a typo introduced in commit 9e92448 2014-07-29 09:04:12 +02:00
us3r777 9e9244830a Added spec for lib/msf/http/jboss
Also renamed get_undeploy_bsh and get_undeploy_stager to
gen_undeploy_bsh and gen_undeploy_stager to be consistent
with the other functions
2014-07-29 01:57:04 +02:00
Christian Mehlmauer d334797116
Updated foxpress module 2014-07-28 22:23:22 +02:00
David Maloney 3870b59873
remove rpg_get_auth_info
this is an rpc call that calls a method that
does not even exist...
WAT?!
2014-07-28 15:13:03 -05:00
David Maloney c9d231b48b
remove old rpc methods
added rpc methods to create new creds
removing the old methods for
the obsolete cred models
2014-07-28 14:52:53 -05:00
David Maloney e29b2aed9b
add credential rpc calls 2014-07-28 14:49:35 -05:00
James Lee 49d0fc37c2
Add support for different realm_key 2014-07-28 14:39:24 -05:00
William Vu ba7d8efb07
Land #3574, has_actions.rb cleanup 2014-07-28 12:59:33 -05:00
David Maloney 1e32574768
Merge branch 'staging/electro-release' into feature/MSP-9641/cred-rpc-calls 2014-07-28 11:10:59 -05:00
jvazquez-r7 79fe342688
Land #3558, @FireFart's improvements to wordpress mixin 2014-07-28 09:52:20 -05:00
jvazquez-r7 2d5fd5e0d5 Use constant for WORDPRESS_VERSION_PATTERN 2014-07-28 09:22:50 -05:00
James Lee c65db18090
Add rudimentary specs and fix some help wording 2014-07-28 09:19:09 -05:00
jvazquez-r7 b061d24b84 Favor & over and 2014-07-28 09:05:53 -05:00
AnwarMohamed 283046b25d fixing auto load on new session 2014-07-28 10:49:50 +02:00
AnwarMohamed 9f0bf67521 fixing minor bugs 2014-07-28 07:49:46 +02:00
Joshua Smith 96945442ff removes unnec. retruns & uses of 'not' - has_actions.rb 2014-07-27 18:20:12 -05:00
James Lee a35e7371bb Add simple tabbing for creds command 2014-07-27 14:08:38 -05:00
James Lee b8bb4c7bc0
Add add-ssh-key to help output, fix some warnings 2014-07-27 13:46:38 -05:00
James Lee a38a627b94 Merge branch 'staging/electro-release' into feature/MSP-9932/creds-add-subcommands 2014-07-27 13:38:33 -05:00
sinn3r faee2c7026
Land #3492 - sqlmap plugin for sqlmap API 2014-07-25 16:30:30 -05:00
Tod Beardsley 3e304536ea
Land #3554, Typo3 mixin specs 2014-07-25 16:06:40 -05:00
James Lee a0a2fddee8
Land #3562, yardoc cleanup 2014-07-24 17:25:12 -05:00
James Lee bc836f3606
Add a little easter egg in the NTLM hash 2014-07-24 16:37:24 -05:00
us3r777 cd2ec0a863 Refactored jboss mixin and modules
Moved fail_with() from mixin to modules. Added PACKAGE datastore to
lib/msf/http/jboss/bsh.rb.
2014-07-24 22:58:58 +02:00
James Lee b8b3509c96
Re-add the ability to delete creds 2014-07-24 15:44:52 -05:00
James Lee 18ce342e2a
Refactor a bit for readability 2014-07-24 15:42:36 -05:00
James Lee 1470f3de30
Fix padding when a cell value is nil 2014-07-24 14:00:09 -05:00
James Lee 8a279d202c
Whitespace 2014-07-24 13:56:57 -05:00
James Lee 1a4e59e547
Add add-ssh-key subcommand 2014-07-23 17:09:02 -05:00
darkbushido 064d624322
changing Credential == operator
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
2014-07-23 16:17:09 -05:00
Samuel Huckins 6c1a3f4992 Merge pull request #3555 from jlee-r7/bug/MSP-10817/jtr-typo
Now able to complete without error.

MSP-10817 #land
2014-07-23 15:55:42 -05:00
James Lee eee72a86ba
Fix the case when john cracks only half of LM 2014-07-23 15:25:32 -05:00
Samuel Huckins ffd7d28bc6 Merge pull request #3559 from dmaloney-r7/feature/MSP-10230/snmp_login
MSP-10230 #land
2014-07-23 13:59:37 -05:00
David Maloney b7d15d0b08
simple fix to mysql loginscanner
typo caused connection_timeout default to not get set
2014-07-23 12:07:57 -05:00
James Lee 4f19a1defa
Add an origin type and actually honor realm
Also adds better help text
2014-07-22 19:52:10 -05:00
Christian Mehlmauer 57839e0f4b
Fix some yardoc issues 2014-07-22 23:26:50 +02:00
us3r777 b526fc50f8 Refactored jboss mixin and modules
Moved VERB option to the mixin. Replaced "if datastore['VERBOSE']"
by vprint_status().
2014-07-22 23:08:42 +02:00
David Maloney 1f007bf3c9 start adding new rpc calls
Signed-off-by: David Maloney <DMaloney@rapid7.com>
2014-07-22 15:46:27 -05:00
Christian Mehlmauer c1a0f707ef
typos 2014-07-22 22:29:01 +02:00
Christian Mehlmauer 073a8c5233
redirection returns an URI 2014-07-22 19:55:26 +02:00
Christian Mehlmauer a6479a77d6
Implented feedback from @jhart-r7 2014-07-22 19:49:58 +02:00
David Maloney e54f5e8ee7
working snmp_login module 2014-07-22 12:44:21 -05:00
David Maloney c553fcac73
start refacotirng snmp_login 2014-07-22 11:46:22 -05:00
David Maloney 0eb4fc0ed1
community string collection
add community string collection to handle snmp loginscanner
credentials
2014-07-22 11:44:31 -05:00
Christian Mehlmauer baff003ecc
extracted check version to module
also added some wordpress specs and applied
rubocop
2014-07-22 17:02:35 +02:00
James Lee 2013e28608
WIP: First stab at creds add-* subcommands 2014-07-22 02:05:55 -05:00
James Lee addecb6311
Fix running shipped bins by using a config file
This should get everything working again.

MSP-10817
2014-07-21 18:26:50 -05:00
Brandon Perry d62b24744c Moar " -> ' 2014-07-21 18:04:36 -05:00
James Lee a2a75ffb03
Fix typo and full path issue
Previously, the JtR library was prepending the path to data/john/ for
shipped bins; without it, modules weren't finding the executables.
2014-07-21 17:58:27 -05:00
jvazquez-r7 47d9a30af0 Add specs for Typo3 mixin 2014-07-21 17:39:07 -05:00
us3r777 ae2cd63391 Refactored Jboss mixin
Moved TARGETURI option to the JBoss mixin. The mixin now includes
Msf::Exploit::Remote::HttpClient which provides USERNAME and PASSWORD
2014-07-21 23:41:58 +02:00
Joe Vennix 9db951cadc
Add sane defaults for HTTP method and path. 2014-07-21 14:57:28 -05:00
sinn3r 6048f21875
Land #3552 - Correct DbVisualizer title name 2014-07-21 13:07:33 -05:00
Tod Beardsley a62ee99d1d
Actually require NetAPI 2014-07-21 12:48:34 -05:00
Tod Beardsley ffafd4c01f
Add NTP fuzzer from @jhart-r7
Looks good to me!
2014-07-21 12:38:12 -05:00
HD Moore b3c7fff32a Land #3551, fix inconsistent pack/unpack usage 2014-07-20 17:11:49 -05:00
HD Moore eea0b24aec Land #3550, fix railgun use of pack/unpack Q 2014-07-20 17:09:53 -05:00
Meatballs 3daf78777b
Use native unpack for PDWORDs 2014-07-20 22:57:19 +01:00
Meatballs 4fecae084b
Q (native) to Q< (le) 2014-07-20 22:38:30 +01:00
Meatballs 5f0533677e
Cheat/Rubycop all the things 2014-07-20 21:07:59 +01:00
Meatballs 474ee81807
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-20 21:01:54 +01:00
Meatballs b28343842f Address @jhart-r7's comments 2014-07-20 21:00:34 +01:00
scriptjunkie 8fe508207c Merge Meatballs' gpp_again pull into new branch 2014-07-19 11:10:14 -05:00
Samuel Huckins ed1ed5d5a4 Merge pull request #117 from rapid7/feature/MSP-9943/db-import-creds
Deprecation warning exorcised, specs passing, export/import accuracy confirmed.

MSP-9943 #land
2014-07-18 11:56:59 -05:00
James Lee 175d857611
Fix empty message and don't lie in yardoc 2014-07-18 11:36:31 -05:00
us3r777 088f208c7c Added auxiliary module jboss_bshdeployer
The module allows to deploy a WAR (a webshell for instance) using the
BSHDeployer.
Also refactored modules/exploits/multi/http/jboss_bshdeployer.rb to
use the new Mixin (lib/msf/http/jboss).
2014-07-18 11:51:46 +02:00
us3r777 58adc350b5 Refactor: Creation of a JBoss mixin
The jboss_bsheployer as is does not allow to deploy a custom WAR file.
It is convenient when ports are blocked to be able to deploy a webshell
instead of just launching a payload. This will require a auxiliary
module which will use the JBoss mixin methods.
2014-07-18 00:56:32 +02:00
James Lee 2dab69d67c
Use constant instead of hardcoded filename 2014-07-17 16:04:25 -05:00
James Lee 7d1cd22aca
Quick and dirty import of cred zip 2014-07-17 15:59:16 -05:00
Kyle Gray 08cd2690f9
Merge branch 'bug/MSP-10724/fix-import-failure' into staging/electro-release MSP-10724 #land 2014-07-17 13:37:13 -05:00
Jon Hart 17b0560dff Add rubygems check to msftidy. remove rubygems. 2014-07-17 09:29:13 -07:00
Trevor Rosen e789d5350b
No idea why this didn't fail before
MSP-10724
2014-07-17 10:15:22 -05:00
Trevor Rosen bebf11c969
Resolves some Login::Status migration issues
MSP-10730
2014-07-16 21:52:08 -05:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
Meatballs 7583ed4950
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-16 20:34:34 +01:00
sinn3r 4fb58202fa
Land #3529 - Handle Rex::AddressInUse exception 2014-07-16 13:57:41 -05:00
cdoughty-r7 1ad04eb2d9 Merge pull request #111 from rapid7/bug/MSP-10714-gem-version
Fix gem version to support rubygems < 2.1
2014-07-16 13:23:33 -05:00
Brandon Turner e637237574
Use the Rubygems 2.2 version convention
Substitute version dashes with ".pre.".

MSP-10714
2014-07-16 11:13:14 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-16 09:38:44 -05:00
Brandon Turner 044fdb8c55
Fix gem version to support rubygems < 2.1
MSP-10714
2014-07-15 19:02:39 -05:00
sinn3r f8e47a5c61
Land #3524 - WPTouch fileupload exploit 2014-07-15 16:29:59 -05:00
David Maloney ea57ad0126
fix connection error on base
missed a reference to connection_error on the
loginscanner base. this would prevent us from
bailing out early if we have too many connection errors
2014-07-15 16:21:13 -05:00
David Maloney 7ac6640cfd
Merge branch 'staging/electro-release' into feature/MSP-10711/login-status
Conflicts:
	Gemfile
	Gemfile.lock
	modules/auxiliary/scanner/smb/smb_login.rb
2014-07-15 15:12:33 -05:00
dmaloney-r7 4d3bfcf9d0 Merge pull request #109 from rapid7/bug/MSP-10713/smb-error-code
Move error_name to InvalidPacket and check for nil
2014-07-15 15:10:37 -05:00
James Lee 51a9a763c0
Move error_name to InvalidPacket and check for nil
MSP-10713
2014-07-15 15:02:53 -05:00
David Maloney 34635ab968
module login status cleanup
cleanup several bruteforce module to
use the loginstatus constants for result status
2014-07-15 14:55:41 -05:00
David Maloney 9857bac6b1
add NO_AUTH_REQUIRED 2014-07-15 14:38:41 -05:00
Trevor Rosen 6a1149c1ed
Add missing origin
MSP-9948
2014-07-15 13:27:08 -05:00
David Maloney 939e585658
refactor all loginscanners
loginscanners now use LoginStatus constants
for the result statuses
2014-07-15 13:17:56 -05:00
David Maloney 846679bef9
change Result status
result bojects now use Login::status constants
for their status
2014-07-15 11:39:38 -05:00
jvazquez-r7 09619abe79 Catch AddressInUse when running commands from the meterpreter console 2014-07-15 11:15:10 -05:00
Christian Mehlmauer 29bb788d96
Better login detection for wordpress 2014-07-15 07:04:14 +02:00
Trevor Rosen 0966949203
Merge branch 'staging/electro-release' into feature/MSP-9948/update-db-import
Upstream merge

Conflicts:
	Gemfile
	Gemfile.lock
2014-07-14 17:59:54 -05:00
Trevor Rosen aca627489e
Pass workspace down in import of creds dump
MSP-9948
2014-07-14 16:40:41 -05:00
James Lee de22aeba41
Land #3481, meterpreter bins 2014-07-14 15:57:52 -05:00
dmaloney-r7 f3ec386240 Merge pull request #106 from rapid7/feature/MSP-10686/stop-after-user-success
Feature/msp 10686/stop after user success
2014-07-14 14:56:23 -05:00
Christian Mehlmauer 144c6aecba
Added WPTouch fileupload exploit 2014-07-14 21:35:18 +02:00
dmaloney-r7 7184d2ed5e Merge pull request #107 from rapid7/feature/MSP-9704/pop3-module-refactor
Refactor pop3_login
2014-07-14 13:27:11 -05:00
Tod Beardsley 96554a4967
Remove this errant test::unit test 2014-07-14 10:57:32 -05:00
Trevor Rosen b05b2657bc
Now importing creds dumps inside msf zips
MSP-9948
2014-07-13 11:07:01 -05:00
James Lee e68dcdbb06
Refactor pop3_login
Also adjusts timeout in the scanner class to account for Dovecot's
default "Authentication Penalty" delay.

See http://wiki2.dovecot.org/Authentication/Penalty
2014-07-11 17:26:49 -05:00
William Vu 79603c9a73
Land #3505, a bunch o' Linux post module fixes 2014-07-11 12:39:31 -05:00
Trevor Rosen cc93dbbe29 Merge pull request #102 from rapid7/feature/MSP-9707/smb-bruteforce-refactor
Feature/msp 9707/smb bruteforce refactor

MSP-9707 #land
2014-07-11 11:33:12 -05:00
James Lee 4b16985eb8
Stop trying more creds for a user after success
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
2014-07-10 17:48:58 -05:00
Joshua Smith dbe9b47937
lands 3469, fixes handler deadlock in corner cases
May affect the following RM issues which need to be retested:
  https://dev.metasploit.com/redmine/issues/8407
  https://dev.metasploit.com/redmine/issues/4314
  https://dev.metasploit.com/redmine/issues/6829
2014-07-10 16:20:33 -05:00
James Lee 097d5d68ce
Display 'realm\user' for AD instead of 'user@realm' 2014-07-10 14:31:42 -05:00
James Lee e4039c2382
Merge branch 'staging/electro-release' into feature/MSP-10679/refactor-invalidate-login 2014-07-10 14:00:28 -05:00
Tod Beardsley 688c31cc44
Switch to a space. It gets eaten anyway. 2014-07-10 13:59:30 -05:00
James Lee 147c6d8160
Merge branch 'feature/MSP-10660/realm_adjustments' into staging/electro-release 2014-07-10 13:52:21 -05:00
Tod Beardsley 5bb3c8a581
Make merged module descriptions more grammar. 2014-07-10 13:31:57 -05:00
David Maloney 818bd1946d
final tweak for the http case
the only scenario in our final else that
would have a realm in the credential is the
http case in which case we want the realm to be there
still. otherwise the credential in this case has no
realm anyways so there is no need to strip one off
2014-07-10 12:39:01 -05:00
David Maloney 7dc58d060e
make only one each method
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
2014-07-10 12:35:09 -05:00
Samuel Huckins 5b1dc39caf
Filler task dropped, login results in task assoc
MSP-10683

* Task constraint now optional, so no need for filler
* Task ID now in service_data so it's passed to the core and the login
creation methods
2014-07-10 12:32:40 -05:00
David Maloney a319d5270e
set default connection tiemouts
loginscanners should have a default connection timeout
2014-07-10 11:35:10 -05:00
David Maloney 87e6ede123
Merge branch 'master' into staging/electro-release 2014-07-10 08:44:12 -05:00
David Maloney 1a0200f711
one more strip 2014-07-09 17:50:28 -05:00
David Maloney 25ee278097
strip vestigial realms
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
2014-07-09 17:46:56 -05:00
James Lee bb3525419e
Rescue the right thing
MSP-9707
2014-07-09 17:44:53 -05:00
Tod Beardsley 038d1e210a
Merge upstream/master to deconflict.
Conflicts:
	Gemfile.lock
2014-07-09 17:43:42 -05:00
Joshua Smith 3a41bd983e changes 'module' back to 'script', makes more sense 2014-07-09 17:25:39 -05:00
Joshua Smith a9e43c308e removes lingering debug lines, changes word script to module 2014-07-09 17:05:35 -05:00
Joshua Smith 8bbaecc726 adds some additional protection against capilization issues 2014-07-09 16:46:28 -05:00
Joshua Smith 172bc450b3 adds TARGET to 'to_neuter' list 2014-07-09 16:46:28 -05:00
Joshua Smith f4942eccd4 cleans up comments, line lengths, dup/clone 2014-07-09 16:46:28 -05:00
Joshua Smith 51db859432 uses exploit_type vs category, thx egypt 2014-07-09 16:46:28 -05:00
linuxchuck ee56828bf7 New updates to scriptable.rb for payload/target
Additional w00t for your pwning pleasure.
2014-07-09 16:46:27 -05:00
Joshua Smith 62785784c6 adds explicit TARGET setting 2014-07-09 16:46:27 -05:00
Joshua Smith cf595d6a10 fixes alias_method call 2014-07-09 16:46:27 -05:00
Joshua Smith 13f5450e53 uses clone instead of dup 2014-07-09 16:46:27 -05:00
Joshua Smith bb13590f02 first shot at letting scriptable.rb handle local exploits 2014-07-09 16:46:27 -05:00
Joshua Smith c957d0a1e7 adds category to msf/core/module.rb 2014-07-09 16:46:27 -05:00
David Maloney 0c4e53ce5a
fix up specs
a whole bunch of spec changes needed for
these changes.

alos the axis2 spec was actually testing the winrm
class due to copypasta error.
2014-07-09 16:32:59 -05:00
David Maloney c7b37743ef
working realm coercion
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
2014-07-09 15:56:39 -05:00
David Maloney 24fced822e
coerce realm_key when it exists
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
2014-07-09 14:58:20 -05:00
David Maloney 766b50b5e0
REALM_KEY not _TYPE
arg typos
2014-07-09 14:01:41 -05:00
James Lee 7d9c0da691
Record correct creds with non-success status 2014-07-09 13:26:49 -05:00
James Lee afe36ab6ad
Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor
Conflicts:
	lib/metasploit/framework/login_scanner/smb.rb
2014-07-09 12:50:24 -05:00
David Maloney 7325cfec64
add default realm values
for the scanners that take a realm
we know what the default realm to try is
so the Scanner should hold that info
2014-07-09 11:19:25 -05:00
David Maloney bc18ca5762
add REALM_KEY to each LoginScanner
each LoginScanner should now know
what kind of REALM it takes
2014-07-09 10:53:37 -05:00
Trevor Rosen a27c1d7dcc
Importing old export, making new models
MSP-9948
2014-07-08 19:14:26 -05:00
jvazquez-r7 c19deddfb1 Delete debug messages 2014-07-08 16:24:45 -05:00
jvazquez-r7 c25c5f6806 Make linux gather post modules compatible with meterpreter 2014-07-08 16:23:57 -05:00
dmaloney-r7 b65989ff0c Merge pull request #100 from rapid7/bug/MSP-10661/glob-rb-files
Use glob instead of entries
2014-07-08 14:29:24 -05:00
Trevor Rosen 79054fae20
Remove credentials exportation from XML
MSP-9948
2014-07-08 12:03:32 -05:00
William Vu 4eeab66ebe
Land #3497, comma-separated get_cookies 2014-07-08 11:00:40 -05:00
James Lee 567435f508
Use glob instead of entries
Fixes the case where a non-ruby file exists in the login_scanner/
directory
2014-07-08 11:00:33 -05:00
Trevor Rosen 8436adb5f8
Make XML export work with new backend
MSP-9948

* XML data looks ok in spot check
2014-07-08 09:40:15 -05:00
AnwarMohamed a513f403ba fixing bugs 2014-07-08 10:58:48 +02:00
AnwarMohamed ead7b35aa9 formating 2014-07-08 10:48:24 +02:00
AnwarMohamed 6e0bc763ff formating 2014-07-08 10:46:16 +02:00
AnwarMohamed 656da8a63b android extension 2014-07-08 04:56:04 +02:00
AnwarMohamed 34dcb609e2 android extension 2014-07-08 04:52:06 +02:00
David Maloney 38419dae83
fix to_credential on core
the Metasploit::Credential::Core to_credential
method now seats private_type and realm_key correctly
2014-07-07 18:05:04 -05:00
David Maloney aeda74f394
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-07 16:41:23 -05:00
David Maloney 2c13ff4038
Merge branch 'staging/electro-release' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 16:32:39 -05:00
dmaloney-r7 db8b0c907b Merge pull request #94 from rapid7/feature/MSP-10648/login-scanner-creation
Feature/msp 10648/login scanner creation
2014-07-07 16:04:09 -05:00
Trevor Rosen 1d7de8fef9
Mid-work commit
MSP-9848
2014-07-07 15:44:29 -05:00
dmaloney-r7 c4c7ff519f Merge pull request #96 from rapid7/feature/MSP-10657/add-private-type
Add private_type and realm_key accessors to Framework::Credential
2014-07-07 15:43:18 -05:00
David Maloney b52c13228c
make private_type validation conditional
there are times when this won't be filled in
but the credential is still valid
2014-07-07 15:40:52 -05:00
James Lee 2a9ac0a007
Axe SSHKey in favor of a unified SSH 2014-07-07 13:35:17 -05:00
James Lee 71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 13:19:34 -05:00
James Lee b7cfc927c4
Add private_type and realm_key accessors 2014-07-07 13:07:28 -05:00
James Lee 5c406a2aa5
Remove successes and failures
No reason to store them and they could fill a ton of unnecessary memory.
2014-07-07 12:33:15 -05:00
James Lee 7035064f3d
Assignment alignment for Dave 2014-07-07 12:30:04 -05:00
OJ bdf27b1834 Fix up the TLVs that are now QWORD values in MSF
Various values were adjusted to become QWORD values in MSF an windows
meterpreter, but the changes were not ported over to python, php and
java. This commit fixes this inconsistency.
2014-07-07 10:42:58 -05:00
James Lee 8df3ada087
Better docs 2014-07-07 10:18:42 -05:00
James Lee 325d2d25b9
Fix requires and derp typos 2014-07-07 10:09:45 -05:00
HD Moore ab7848a895
Merge master for testing of #2809 2014-07-06 22:27:58 -05:00
jvazquez-r7 f51feb7f52 Modify get_cookies regular expression 2014-07-06 13:22:31 -05:00
HD Moore 43d65cc93a Merge branch 'master' into feature/recog
Resolves conflicts:
	Gemfile
	data/js/detect/os.js
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-07-06 09:17:44 -05:00
Brandon Perry 68a0e7c16e Create sqlmap_session.rb 2014-07-04 10:53:37 -05:00
Brandon Perry 88c44bf4f5 Create sqlmap_manager.rb 2014-07-04 10:53:14 -05:00
Tod Beardsley a471f298a5
Merge #3476 into #3481 for meterpreter smilies
This incoporates @OJ's fixes as a result of gemification.
2014-07-03 22:54:56 -05:00
James Lee 311f43f1e4
Constpocalypse 2014-07-03 18:49:46 -05:00
Trevor Rosen c1fc68e1b1
Replace to_pwdump internals
MSP-9948
2014-07-03 15:41:26 -05:00
jvazquez-r7 405de05e4b Add specs for module_flavors 2014-07-03 10:31:39 -05:00
Jon Hart bc3ac1ee36 Correct private message format, update tests 2014-07-03 08:27:27 -07:00
Spencer McIntyre d93bf55435 Add a module_flavors method for all available flavors 2014-07-03 11:01:21 -04:00
James Lee b7a55d402d
Add likely service ports and names for HTTP 2014-07-02 23:41:31 -05:00
James Lee 9dde47a0bc
Add a simple classes_for_service method 2014-07-02 23:31:56 -05:00
Jon Hart 1830bdc7a5 Add rspec coverage for Rex::Proto::NTP 2014-07-01 12:29:47 -07:00
Jon Hart bc274b358f Move NTP message code to Rex::Proto::NTP, simplify option handling 2014-06-30 23:57:47 -07:00
Trevor Rosen 2da890810a
Make db_import use Metasploit Credential
MSP-9948

* Special-case the pwdump file to be IO
* Had to use lotsa shims
2014-06-30 13:32:59 -05:00
HD Moore 84c0504b1b MSI sections actually need to be signed after all 2014-06-30 13:08:28 -05:00
Trevor Rosen cf9c3caea3 Get the latest
Merge branch 'staging/electro-release' into feature/MSP-9848/db-export-refactor
2014-06-30 11:14:11 -05:00
HD Moore c9b6c05eab Fix improper use of host-endian or signed pack/unpack
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.

When in doubt, please use:

```
ri pack
```
2014-06-30 02:50:10 -05:00
HD Moore 255e792ed3 Fix host-endian related pack errors. See below for details.
Ruby treats endianess in pack operators in the opposite way
of python. For example, using pack('<I') actually ignores the
endianess specifier. These need to be 'I<' or better yet, 'V'.
The endian specify must occur after the pack specifier and
multiple instances in meterpreter and exe generation were
broken in thier usage.

The summary:

Instead of I/L or I< use V
Instead of I/L or I> use N
For Q, you need to always use Q< (LE) or Q> (BE)
For c/s/l/i and other lowercase variants, you probably dont
need or want a *signed* value, so stick with vV nN and cC.
2014-06-30 02:46:36 -05:00
Tod Beardsley 8b63d3d467 Revert the revert of #3446
This reverts commit 9b35b0e13a.

This should not land on master until the Metasploit Pro folks (@trosen-r7
and friends) get their Meterpreter path specifications working the
same way as Framework's does.
2014-06-29 17:22:21 -05:00
dmaloney-r7 0a6a5a0a12 Merge pull request #92 from rapid7/feature/MSP-9912/metamodule-refactor-ssh-key
Feature/msp 9912/metamodule refactor ssh key
2014-06-27 11:48:57 -05:00
Spencer McIntyre ea077b2f12 Improve the guess_flavor logic to pull from module info 2014-06-27 08:34:57 -04:00
Spencer McIntyre 952c935730 Use a semi-intelligent OptEnum for CMDSTAGER::FLAVOR 2014-06-27 08:34:57 -04:00
Spencer McIntyre 219153c887 Raise NotImplementedError and let :flavor be guessed 2014-06-27 08:34:56 -04:00
jvazquez-r7 dcd0e77f9e Change #compatible? method name because it's used by Module 2014-06-27 08:34:56 -04:00
jvazquez-r7 31acc4a528 Fix #compatible? method 2014-06-27 08:34:56 -04:00
jvazquez-r7 ddd1dd5155 The check for required decoder hasn't a lot of sense 2014-06-27 08:34:56 -04:00
jvazquez-r7 9c6a521b94 Fix select_decoder 2014-06-27 08:34:56 -04:00
jvazquez-r7 dad2c75592 Initialize opts arguments 2014-06-27 08:34:56 -04:00
jvazquez-r7 381dea94d0 Fix typo 2014-06-27 08:34:56 -04:00
jvazquez-r7 cbc1bd9966 Redesign constants 2014-06-27 08:34:56 -04:00
jvazquez-r7 160147b370 Make some methods not dependant of the instance flavor 2014-06-27 08:34:56 -04:00
jvazquez-r7 45248dcdec Add YARD documentation for methods 2014-06-27 08:34:56 -04:00
jvazquez-r7 68938e3d7a Add select_cmdstager 2014-06-27 08:34:56 -04:00
jvazquez-r7 35d035fa4e Add YARD docu for execute_cmdstager 2014-06-27 08:34:56 -04:00
jvazquez-r7 e8f9dde50f Allow datastore options and opts to use strings instead of sym 2014-06-27 08:34:56 -04:00
jvazquez-r7 870fa96bd4 Allow quotes in CmdStagerFlavor metadata 2014-06-27 08:34:56 -04:00
jvazquez-r7 37d0dd59e8 Clean up a little CMDStager methods 2014-06-27 08:34:56 -04:00
jvazquez-r7 8db7ec683f Fix setup and teardown stager methods 2014-06-27 08:34:55 -04:00
jvazquez-r7 dd7b2fc541 Use constants 2014-06-27 08:34:55 -04:00
jvazquez-r7 778f34bab6 Allow targets and modules to define compatible stagers 2014-06-27 08:34:55 -04:00
jvazquez-r7 74a6de828a Cannot delete @cmd_list, is used at least by one module 2014-06-27 08:34:55 -04:00
jvazquez-r7 7ced5927d8 Use One CMDStagermixin 2014-06-27 08:34:55 -04:00
jvazquez-r7 0a99b549d6 Change filenames 2014-06-27 08:34:55 -04:00
jvazquez-r7 cff580162b Move stagers 2014-06-27 08:34:55 -04:00
Spencer McIntyre 9991316ae6 Minor code cleanup and honor the datastore decoder. 2014-06-27 08:34:55 -04:00
Spencer McIntyre 80bdf750e9 Multi-fy the new printf stager and add to sshexec. 2014-06-27 08:34:55 -04:00
Spencer McIntyre ae25c300e5 Initial attempt to unify the command stagers. 2014-06-27 08:34:55 -04:00
Trevor Rosen a86610dad5
Gut and delegate import_msf_pwdump
MSP-9848
2014-06-26 16:47:42 -05:00
David Maloney 56b94fea4f
pcap import now creates creds
refactored cred creation to use Metasploit::Credential
for captured HTTP basic auth credentials gatehered on the wire
2014-06-26 15:34:40 -05:00
Lance Sanchez b5351eec2b
adding .to_credential
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential

MSP-9912
2014-06-26 11:05:59 -05:00
David Maloney 9cec330f05
Merge branch 'master' into staging/electro-release 2014-06-26 10:22:30 -05:00
Matt Buck 27ef12bafe
Land #3478, disallow port 0 for portspec
[Closes #3478]
2014-06-25 15:46:30 -05:00
Chris Doughty 9b35b0e13a Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures
This reverts commit bba8bd3498, reversing
changes made to 002234993f.
2014-06-25 13:24:07 -05:00
David Maloney 97d08a081a
reverting port 0 behaviour in portspec
a change was made to protspec that allowed port 0
when we explicitly dissallowed port 0. This change caused
other code that depended on this behaviour to break
2014-06-25 13:07:22 -05:00
James Lee f225ac92ab
Refactor smb_login
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
2014-06-25 04:13:37 -05:00
OJ 769f2e4936 Change elevator to 'elevator'
This would have made lots of people uhnappy.
2014-06-25 07:47:47 +10:00
OJ ac03b7c96a Use sorted sets extension lists 2014-06-25 03:26:25 +10:00
OJ 0fc4d10813 Fix indentation for case statements 2014-06-25 03:18:37 +10:00
OJ bba8bd3498
Land #3446 -- Meterpreter bins gem switch 2014-06-25 03:00:11 +10:00
James Lee 85611702f9 Merge branch 'upstream-master' into feature/MSP-9707/smb-bruteforce-refactor 2014-06-23 23:58:47 -05:00
HD Moore 002234993f
SMB lib fixes, unattend.xml cred gathering 2014-06-23 20:08:42 -05:00
HD Moore b872fa0f0d Handle smb_recv corner case with a cache, clean up find_*, cosmetic 2014-06-23 16:14:18 -05:00
HD Moore 94388e3931 Fix typo in the constant name 2014-06-23 12:51:26 -05:00
HD Moore d6a263d538 Identify the hung host in the thread info 2014-06-22 16:01:03 -05:00
HD Moore 538a520445 Remove redundant option (threads are always used in reverse_tcp_double) 2014-06-22 16:00:44 -05:00
HD Moore b3d83720ca Add ReverseListenerThreaded option to prevent deadlocks
JodaZ reported that the handle_connection() sock.put call can
result in the entire reverse_tcp stager hanging if the client
stops receiving or is on a very slow link. The solution emulates
what ReverseTcpDouble already does, which is stage each connection
in a new thread. However, given that a high number of threads
can be a problem on some operating systems (*ahem* win32) this
option is not enabled by default.

We should look into thread pooling and handle_connection() timeouts
as well as event-based polling of multiple clients as alternatives,
but this option will improve the situation for our existing users.
2014-06-22 15:55:20 -05:00
HD Moore 6e5f528332 Prevent stager deadlock if inp/out detection hangs for some reason
Even though there are calls to has_read_data(), it doesn't prevent
the put() call from blocking in a dead client or slowaris-like
situation. By moving the inp/out detection into the thread, we
allow the main handler to keep processing connections even if
a single connection hangs.
2014-06-22 15:25:19 -05:00
Spencer McIntyre 05d4a1ab2c
Land #3342, Support negation in portspec 2014-06-21 18:14:50 -04:00
James Lee 35c0ef0c68
Merge branch 'feature/MSP-9716/mssql_crack' into staging/electro-release 2014-06-20 12:39:07 -05:00
Tod Beardsley 2626450c38
Fix indent per @jlee-r7'e eagle eye 2014-06-20 11:52:47 -05:00
David Maloney 99b1702559
Merge branch 'master' into staging/electro-release
Conflicts:
	lib/msfenv.rb
2014-06-20 11:38:47 -05:00
jvazquez-r7 4203e75777
Land #3408, @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950 2014-06-20 10:27:32 -05:00
Tod Beardsley 2a4ed0e651
Replace all the obvious path calls to Meterpreter
Unfortunately, though, there seems to be a stealthy set, somewhere, of
datastore['DLL']. Not sure where yet. The stack trace in the
framework.log is:

````
[06/19/2014 17:53:34] [i(0)] core: windows/meterpreter/reverse_http: iteration 1: Successfully encoded with encoder x86/fnstenv_mov (size is
366)
[06/19/2014 17:53:35] [e(0)] rex: Proc::on_request: Errno::ENOENT: No such file or directory -
/home/todb/git/rapid7/metasploit-framework/data/meterpreter/metsrv.x86.dll

/home/todb/git/rapid7/metasploit-framework/lib/msf/core/reflective_dll_loader.rb:26:in `initialize'
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/reflective_dll_loader.rb:26:in `open'
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/reflective_dll_loader.rb:26:in `load_rdi_dll'
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/payload/windows/reflectivedllinject.rb:56:in `stage_payload'
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/handler/reverse_http.rb:212:in `on_request'
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/handler/reverse_http.rb:129:in `block in setup_handler'
/home/todb/git/rapid7/metasploit-framework/lib/rex/proto/http/handler/proc.rb:38:in `call'
/home/todb/git/rapid7/metasploit-framework/lib/rex/proto/http/handler/proc.rb:38:in `on_request'
/home/todb/git/rapid7/metasploit-framework/lib/rex/proto/http/server.rb:365:in `dispatch_request'
/home/todb/git/rapid7/metasploit-framework/lib/rex/proto/http/server.rb:299:in `on_client_data'
/home/todb/git/rapid7/metasploit-framework/lib/rex/proto/http/server.rb:158:in `block in start'
/home/todb/git/rapid7/metasploit-framework/lib/rex/io/stream_server.rb:48:in `call'
/home/todb/git/rapid7/metasploit-framework/lib/rex/io/stream_server.rb:48:in `on_client_data'
/home/todb/git/rapid7/metasploit-framework/lib/rex/io/stream_server.rb:192:in `block in monitor_clients'
/home/todb/git/rapid7/metasploit-framework/lib/rex/io/stream_server.rb:190:in `each'
/home/todb/git/rapid7/metasploit-framework/lib/rex/io/stream_server.rb:190:in `monitor_clients'
/home/todb/git/rapid7/metasploit-framework/lib/rex/io/stream_server.rb:73:in `block in start'
/home/todb/git/rapid7/metasploit-framework/lib/rex/thread_factory.rb:22:in `call'
/home/todb/git/rapid7/metasploit-framework/lib/rex/thread_factory.rb:22:in `block in spawn'
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/thread_manager.rb💯in `call'
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/thread_manager.rb💯in `block in spawn'

````

Still tracking this down.
2014-06-19 18:03:11 -05:00
David Maloney 3c85601426
not every version has dupe supression 2014-06-19 16:28:23 -05:00
jvazquez-r7 a0386f0797 Fix cmd_concat_operator 2014-06-19 15:52:55 -05:00
David Maloney 4453dcdc8e
some minor fixes 2014-06-19 15:45:24 -05:00
David Maloney 8de2109f97
Merge branch 'staging/electro-release' into feature/MSP-9696/http-bruteforce-refactor 2014-06-19 15:38:05 -05:00
James Lee 9421beedb3
Refactor http_login 2014-06-19 14:12:21 -05:00
David Maloney 0ff8708e6d
some minor fixes 2014-06-19 13:08:43 -05:00
Matt Buck 5815ec96df Merge pull request #80 from rapid7/bug/MSP-10038/skip-ssh-passphrase
Backported net-ssh ask_passphrase functionality

MSP-10038
2014-06-19 12:53:43 -05:00
David Maloney 53352924d2
Merge branch 'staging/electro-release' into feature/MSP-9716/mssql_crack
Conflicts:
	Gemfile
2014-06-19 12:45:53 -05:00
James Lee b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release 2014-06-19 10:14:57 -05:00
James Lee 2d9c6f832a
Moar parens!!1!! 2014-06-19 10:07:21 -05:00
James Lee 594923c790
Don't overwrite ENV if it's set 2014-06-18 14:53:41 -05:00
David Maloney 62f4054858
startring refactor on jtr_mssql
started work on the mssql hash cracker
fixed some minor bugs with the underlying mixin
crackers now runs. still have to have the cred objects created
2014-06-18 14:50:08 -05:00
James Lee 5beb43d200
Land #3022, support Gemfile.local 2014-06-18 14:28:57 -05:00
David Maloney fd0e24cdb2
moar docs! 2014-06-18 11:38:07 -05:00
David Maloney 4b4d9796c5
more minor cleanup
cleanup from code review
2014-06-18 11:24:55 -05:00
Fernando Arias f24d665516 Backported net-ssh ask_passphrase functionality
MSP-10038
2014-06-18 11:21:17 -05:00
Michael Messner 86f523f00c concator handling 2014-06-18 18:15:58 +02:00
David Maloney 9f11170c3b
some minor cleanup on jtr stuff
minor cleanup to code nstyling stuff
2014-06-18 10:57:41 -05:00
David Maloney 58b016202b
Merge branch 'staging/electro-release' into feature/MSP-9709/ssh-pubkey 2014-06-18 10:50:29 -05:00
David Maloney 2b0bb608b1
Merge branch 'master' into staging/electro-release 2014-06-18 10:49:58 -05:00
OJ 5879ca3340
Merge branch 'upstream/master' into meatballs x64_injection 2014-06-18 10:24:33 +10:00
David Maloney 34c0b00816
don't autload this mixin
causes laod order problems when we try to
autoload this mixin. We will just explicitly require
2014-06-17 16:10:09 -05:00
David Maloney 763f6f8d80
finish cleaning up jtr mixin
finish cleaning up the module mixin for jtr
2014-06-17 15:16:32 -05:00
David Maloney 432b88680b
start fixing jtr module mixin 2014-06-17 13:27:11 -05:00
David Maloney d473d86ef0
use tr instead of gsub for mutation
this should be another slight performance
increase as straight up string replacement
should require less overhead then multiple
runs of regex replacement.
2014-06-17 10:29:09 -05:00
James Lee 6237d56398
Refactor ssh_login_pubkey
* Fix a bug in LoginScanner::SSHKey (which was copy-pasted from SSH)
   where the ssh_socket accessor was not being set because of a
   shadowing local var
 * Fix a bug in the db command dispatcher where an extra column was
   added to the table, causing an unhandled exception when running the
   creds command
 * Add a big, ugly, untested class for imitating
   Metasploit::Framework::CredentialCollection for ssh keys. This class
   continues the current behavoir of silently ignoring files that are a)
   encrypted or b) not private keys.
 * Remove unnecessary proof gathering in the module (it's already
   handled by the LoginScanner class)
2014-06-16 18:38:20 -05:00
David Maloney a81b0ed17b
rename method to_file
change method name from write to to_file
as it makes more sense for what it is is doing
and what it returns
2014-06-16 18:03:06 -05:00
David Maloney 95beaa4f7e
correct self-eating array nature
we never noticed we were modifying the array in place
because we were reculaculating. now with a memoized
version we would get decreasing results
2014-06-16 17:37:18 -05:00
David Maloney a92a58417f
memoize the mutation keys
it was recalculating the mutation rules
everytime, and there is no reason to do this
2014-06-16 17:18:52 -05:00
David Maloney f1a39ef973
enumerators all done with specs
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
2014-06-16 13:31:30 -05:00
David Maloney 9af811a2ed
we need to pass in a workspace 2014-06-15 15:52:57 -05:00
David Maloney 897b0b1ee5
wordlist enumerators with some specs
started the enumerators on the wordlist class
and began adding the specs for them
2014-06-15 13:37:50 -05:00
scriptjunkie d38a95a352 Merge branch 'bugfixes/post-module-execution-causing-duplicate-search-results' of github.com:nstarke/metasploit-framework into nstarke-bugfixes/post-module-execution-causing-duplicate-search-results 2014-06-15 13:15:57 -05:00
David Maloney a00ff5aeef
yield custom_wordlist words 2014-06-15 12:16:21 -05:00
David Maloney 41d6b326f2
specs for wordlist validations
added specs to cover the validations on
the JtR wordlist class.
2014-06-15 11:14:11 -05:00
David Maloney a5fb898904
actually set max run time
make maxrutnime affect the crack command
2014-06-14 20:03:56 -05:00
David Maloney 33519b1fcd
cracker validations and specs
more validations and specs for the cracker class
2014-06-14 19:59:59 -05:00
David Maloney 10f3531bbb
add exectuable validator
like the filepath validator but also checks
to see if the file is exectuable by the current
users.
2014-06-14 18:01:24 -05:00
David Maloney 21f29c4da9
more filepath validators
added filepath validations to cracker
also made them all conditional validations
2014-06-14 17:54:37 -05:00
David Maloney 1dd69a5228
wordlist validators
added custom fielpath vaidator and
added validations to the wordlist class
2014-06-14 17:49:47 -05:00
David Maloney 466576d03f
jtr wordlist validations started
start adding validations and exceptions for the
JtR Wordlist class.
2014-06-14 16:16:30 -05:00
David Maloney 19231b7c8f
starting skeleton on wordlist class
start framing out JtR wordlist class that
will generate Wordlists to be passed to our
JtR cracker.
2014-06-14 15:48:25 -05:00
David Maloney 41f7bc1372
add common root words wordlist
this adds a new wordlist to the data directory.
This wordlist is compiled from statistical analysis of
common Numeric passwords and Common rootwords across
6 years of colleted password breach dumps. Every word in
this list has been seen thousands of times in password
breaches
2014-06-14 14:13:59 -05:00
David Maloney 873d6e5b99
add all the specs 2014-06-14 12:28:17 -05:00
Tim Wright 9b43749916
Land #3418 - android adobe reader addjisf pdf exploit
Merge branch 'landing-3418' into upstream-master
2014-06-14 11:25:29 +01:00
David Maloney b784bea48e
slow roll of specs for jtr cracker
slowly adding spec coverage for the JtR cracker
2014-06-13 16:08:56 -05:00
David Maloney 7187138134
start injecting sanity 2014-06-13 14:53:56 -05:00
David Maloney a9bcb8b3bd
add skeleton for JtR Cracker
starting work on creating the JtR Cracker class
2014-06-13 11:10:12 -05:00
Michael Messner 894af92b22 echo stager, arch_cmd 2014-06-13 11:40:50 +02:00
Samuel Huckins f452652f54 Merge pull request #61 from rapid7/feature/MSP-9708/ssh-bruteforce
Functional steps updated and passing, along with specs. Proof being maintained seemed off, but it's not persisted, just used for setting platform.

MSP-9708 #land
2014-06-12 18:37:44 -05:00
Samuel Huckins d215b8e5b2 Merge pull request #47 from rapid7/feature/MSP-9712/winrm-bruteforce
45 merged, steps passing.

MSP-9712 #land
2014-06-12 16:04:17 -05:00
Samuel Huckins df705c2edc
Gotta keep 'em sepArated.
MSP-9712
2014-06-12 16:03:02 -05:00
Tod Beardsley cbedea222f
Land #3416 again, now that the bins are available
This reverts commit 3d73414530.
2014-06-12 14:53:03 -05:00
Tod Beardsley 3d73414530 Revert #3416, needs the correct bins first
This was a whoops on my part. I will reland this when I have the
Meterpreter bins all sorted.

This reverts commit 40b5405053, reversing
changes made to 86e4eaaaed.
2014-06-12 14:20:06 -05:00
David Maloney 96e492f572
Merge branch 'master' into staging/electro-release 2014-06-12 14:02:27 -05:00
Tod Beardsley 40b5405053
Land #3416, fix DWORD/QWORD bug 2014-06-12 13:59:34 -05:00
Samuel Huckins fe33444858 Merge pull request #58 from rapid7/feature/MSP-9693/db2_auth
Errors resolved, cred created

MSP-9693 #land
2014-06-12 12:49:54 -05:00
David Maloney 5fd117a015
fix userpass file stack trace
if an improperly formated userpass file was
supplied it could cause a stack trace. add some guarding around it
2014-06-12 12:39:36 -05:00
dmaloney-r7 ed84336149 Merge pull request #60 from rapid7/feature/MSP-9992/creds-command
Refactor the creds command
2014-06-12 12:24:09 -05:00
joev 289bae88de
Remove lie in comment. 2014-06-12 10:02:29 -05:00
sinn3r 2a7227f443
Land #3427 - Adds webcam module for firefox privileged sessions on OSX 2014-06-11 22:27:25 -05:00
David Maloney c074ebda7b
refactor telnet_login 2014-06-11 17:46:42 -05:00
James Lee c8e1fab6ec
Merge branch 'staging/electro-release' into feature/MSP-9708/ssh-bruteforce
Conflicts:
	lib/metasploit/framework/credential.rb
2014-06-11 16:28:01 -05:00
James Lee b756395eaa
Merge branch 'staging/electro-release' into feature/MSP-9712/winrm-bruteforce
Conflicts:
	lib/metasploit/framework/credential_collection.rb
	spec/lib/metasploit/framework/credential_collection_spec.rb
2014-06-11 16:21:59 -05:00
dmaloney-r7 9affc753c0 Merge pull request #66 from rapid7/feature/cred-collection-prepend
Add ability to prepend creds to a collection
2014-06-11 14:34:54 -05:00
James Lee 3a8f6236ad
Add ability to prepend creds to a collection 2014-06-11 14:30:45 -05:00
Samuel Huckins 84aa0d42ed Merge pull request #57 from rapid7/bug/MSP-10004/rubyzip
Trevor added a 0.4.1 tag right before this PR landed, making this unmergable. Pulled in staging/electro-release, specs passing.
2014-06-11 13:48:03 -05:00
Samuel Huckins 1903542683
Merge branch 'staging/electro-release' into bug/MSP-10004/rubyzip
Conflicts:
	Gemfile
	Gemfile.lock
2014-06-11 13:42:26 -05:00
Trevor Rosen e8752f9c56 Point to correct creds version 2014-06-11 13:38:35 -05:00
David Maloney 9593422f9c
Merge branch 'master' into staging/electro-release 2014-06-11 10:23:56 -05:00
Tod Beardsley 4b8961a464
Land #3428, deprecation warns for payloads 2014-06-11 09:57:07 -05:00
James Lee fb8c1f4c4b
Refactor ssh_login to use LoginScanner stuffs
Also, Metasploit::Credential::Creation stuffs.
2014-06-10 17:30:06 -05:00
James Lee c0c1bd40a9
Fix help spec 2014-06-10 17:28:55 -05:00
James Lee 82b2c1deae
Make creds command show Metasploit::Credentials
This attempts to change the output of the command as little as possible,
but removes the ability to add and delete for now. At some point, we'll
need to add that back in.
2014-06-10 15:03:03 -05:00
Tod Beardsley b379dc014a
Avoid double-printing with setup and init_ui 2014-06-10 13:57:25 -05:00
Luke Imhoff 4d923a4809
Update to Rubyzip 1.X API
MSP-10004

`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
2014-06-10 13:41:42 -05:00
Luke Imhoff f37ce795a1
Remove lib/zip
MSP-10004
2014-06-10 13:39:05 -05:00
David Maloney e9d9806408
invalidate_login
added invalidate_login call
also made to_s on credential drop the @
if there is no realm present
2014-06-10 11:07:15 -05:00
jvennix-r7 92414d3688 Merge pull request #53 from rapid7/bug/MSP-9994/framework-db-driver
Set `framework.db.driver` when connection already established.
2014-06-10 10:49:00 -05:00
Luke Imhoff 2cbbaad6b4
Set drivers and driver when connection already established
MSP-9994

3 database commands in msfconsole check for framework.db.driver to be
set, so driver must be set when the connection is already established by
the Rails initialization.
2014-06-09 14:26:59 -05:00
Luke Imhoff 1ee35ec68a
Handle unconnected config in connection_established?
MSP-9994

Rescue `ActiveRecord::ConnectionNotEstablished` in
`Msf::DBManager#connection_established?` in addition to
`PG::ConnectionBad` to handle when the connection has been removed.
2014-06-09 14:26:45 -05:00
David Maloney 482aa2ea08
Merge branch 'master' into staging/electro-release 2014-06-09 10:27:22 -05:00
Meatballs bf1a665259
Land #2657, Dynamic generation of windows service executable functions
Allows a user to specify non service executables as EXE::Template as
long as the file has enough size to store the payload.
2014-06-07 13:28:20 +01:00