HD Moore
d148c95c84
The ssh login code can now create sessions
...
git-svn-id: file:///home/svn/framework3/trunk@8598 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 07:12:54 +00:00
HD Moore
80f1f48b2d
Merge in loot and user, fix up telnet to handle eof better
...
git-svn-id: file:///home/svn/framework3/trunk@8594 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 23:45:43 +00:00
Joshua Drake
b810e9665f
add comment about autofilter mapping
...
git-svn-id: file:///home/svn/framework3/trunk@8592 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:30:38 +00:00
Joshua Drake
b818536e46
corrected comment text
...
git-svn-id: file:///home/svn/framework3/trunk@8590 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:27:15 +00:00
Joshua Drake
e3b009471b
move code in autofilter into check
...
git-svn-id: file:///home/svn/framework3/trunk@8589 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:26:28 +00:00
Joshua Drake
f8ca490b98
move meterpreter on_session functionality into a mixin
...
git-svn-id: file:///home/svn/framework3/trunk@8586 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 21:05:08 +00:00
HD Moore
479f2939fc
Track the target host/workspace through the entire tree, expose to RPC, and use this telnet_login
...
git-svn-id: file:///home/svn/framework3/trunk@8583 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:54:44 +00:00
Joshua Drake
1faec528de
fix InitAutoRunScript -> InitialAutoRunScript
...
git-svn-id: file:///home/svn/framework3/trunk@8582 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:52:19 +00:00
Steve Tornio
6e9a992396
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8580 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:26:09 +00:00
Joshua Drake
6414821ea8
add exploit modules for CVEs 2005-2877 and 2004-1037
...
git-svn-id: file:///home/svn/framework3/trunk@8578 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 20:31:09 +00:00
HD Moore
c9973be2d7
make the smb_login module smarted about lockouts, disabled accounts, and samba
...
git-svn-id: file:///home/svn/framework3/trunk@8577 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 19:31:20 +00:00
HD Moore
a2383611c2
Fix single user/pass usage
...
git-svn-id: file:///home/svn/framework3/trunk@8576 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 19:08:36 +00:00
Joshua Drake
865969e059
whitespace adjustments - finally closes #773
...
git-svn-id: file:///home/svn/framework3/trunk@8575 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:44:34 +00:00
Joshua Drake
32bf50c627
add exploit module to get code exec from jboss.system:MainDeployer access
...
git-svn-id: file:///home/svn/framework3/trunk@8574 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:41:24 +00:00
HD Moore
9fc58c1e1f
Collect command output and report it
...
git-svn-id: file:///home/svn/framework3/trunk@8569 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 16:06:01 +00:00
HD Moore
0ba3d18032
Updated the report format to match new syntax
...
git-svn-id: file:///home/svn/framework3/trunk@8566 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 05:50:05 +00:00
HD Moore
0a8696436e
Fix up the telnet login code to handle varied responses better
...
git-svn-id: file:///home/svn/framework3/trunk@8565 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 05:49:40 +00:00
Joshua Drake
8446a0c305
add auto-targeting to tomcat_mgr_deploy, fixes #887
...
git-svn-id: file:///home/svn/framework3/trunk@8564 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 01:14:39 +00:00
Steve Tornio
93acc977fe
fix osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8563 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 19:42:08 +00:00
Joshua Drake
6e8eddcf5e
add exploit module for cve-2008-0506
...
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:31:12 +00:00
Joshua Drake
007930c784
add svn keywords property
...
git-svn-id: file:///home/svn/framework3/trunk@8561 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:13:31 +00:00
HD Moore
1a53411282
Filter out the other test modules from automation
...
git-svn-id: file:///home/svn/framework3/trunk@8559 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:18:43 +00:00
HD Moore
0db3ada840
Filter this from automation
...
git-svn-id: file:///home/svn/framework3/trunk@8558 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:15:03 +00:00
natron
5b3c87c9c5
Add option to save java code to file.
...
git-svn-id: file:///home/svn/framework3/trunk@8557 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:11:56 +00:00
Tod Beardsley
ab3b173040
So, funny story with net-ssh. Turns out, there's insufficient housekeeping on closing out connections in the event of authentication failures, which means you can start sucking up connections pretty good when you fail authentication a whole bunch of times. Fixed in the library, so now, if you pass a block to Net::SSH.start, and the authentication fails, the connection will still close out correctly, just as it would when the authentication succeeds.
...
Protip: If you don't pass a block, it's *still on the caller* to deal with the connection somehow. You'll want to basically always assign the connection to someplace you control, like so: sock = Net::SSH.start(whatever); sock.close). Otherwise, if you just Net::SSH.start without a block /or/ without assignment, you'll be stuck with all these useless connections hanging around.
git-svn-id: file:///home/svn/framework3/trunk@8556 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 03:02:25 +00:00
Tod Beardsley
78aa6f5ba4
Added DB2 remote administration scan to udp_sweep
...
git-svn-id: file:///home/svn/framework3/trunk@8554 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 21:21:17 +00:00
Tod Beardsley
f58558f605
Updated all the brute force login modules to record successful logins and avoid duplicating credentials.
...
git-svn-id: file:///home/svn/framework3/trunk@8553 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 19:04:51 +00:00
Joshua Drake
2e77c76824
add exploit module to get code exec on a tomcat manager instance, closes #772
...
git-svn-id: file:///home/svn/framework3/trunk@8552 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:18:43 +00:00
Tod Beardsley
38a3b8203e
Properly checking for credential duplication.
...
git-svn-id: file:///home/svn/framework3/trunk@8551 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:11:18 +00:00
Joshua Drake
534d56cdd8
adjust text wrap
...
git-svn-id: file:///home/svn/framework3/trunk@8550 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:04:11 +00:00
Tod Beardsley
c24a708db6
See #859 . Adds keyboard-interactive as an acceptable method of authentication.
...
git-svn-id: file:///home/svn/framework3/trunk@8548 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 16:11:58 +00:00
Patrick Webster
350c189a34
Added exploit module qbik_wingate_wwwproxy.
...
git-svn-id: file:///home/svn/framework3/trunk@8547 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 15:58:26 +00:00
Tod Beardsley
27c3266c0a
Serializes telnet brute forcing so it's a little bit faster (as it happens) and
...
about a zillion times more reliable.
git-svn-id: file:///home/svn/framework3/trunk@8543 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 00:22:02 +00:00
Tod Beardsley
4197f00701
Moves @credentials_tried and @credentials_good into auth_brute proper, though modules still
...
need to handle them themselves... which telnet and ssh both do now.
git-svn-id: file:///home/svn/framework3/trunk@8542 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 21:55:02 +00:00
Joshua Drake
797ab55f52
add exploit module for cve-2009-2011
...
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:14:40 +00:00
Tod Beardsley
443e82bc75
Reworked ssh_login to a) handle all SSH errors, b) cease trying users if we already guessed a password and c) cease trying the same user:pass combo more than once.
...
git-svn-id: file:///home/svn/framework3/trunk@8540 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:12:02 +00:00
Steve Tornio
a71a24b6d3
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8538 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 18:56:05 +00:00
Steve Tornio
ed395fcda4
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@8537 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 18:48:34 +00:00
Steve Tornio
b17fc35986
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8536 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 18:35:01 +00:00
Steve Tornio
3314e6a10b
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8535 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 17:25:47 +00:00
Steve Tornio
fa877eb567
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8534 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 17:11:45 +00:00
Steve Tornio
e5609bbf82
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@8533 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 17:07:54 +00:00
HD Moore
1686931efe
More SSH versions
...
git-svn-id: file:///home/svn/framework3/trunk@8532 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 14:42:11 +00:00
Joshua Drake
b4ead057f6
add exploit module for cve-2000-0917
...
git-svn-id: file:///home/svn/framework3/trunk@8530 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 00:56:28 +00:00
Tod Beardsley
5fce04ce22
See #843 , but this really just masks the problem. Investigate more thoroughly.
...
git-svn-id: file:///home/svn/framework3/trunk@8529 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 23:35:22 +00:00
Tod Beardsley
25ec6e8021
Removing the require rescues for SSH, now that it's shipping in lib directly.
...
git-svn-id: file:///home/svn/framework3/trunk@8528 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 23:21:51 +00:00
Tod Beardsley
206b70ace7
Indentation fixes (wrapping everything in a begin;rescue;end, didn't want
...
to obfuscate that with the last change).
git-svn-id: file:///home/svn/framework3/trunk@8522 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 18:09:51 +00:00
Tod Beardsley
b45cfb8793
Fixes #808 . Removes the pre-connect test from login and version.
...
git-svn-id: file:///home/svn/framework3/trunk@8521 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 18:05:51 +00:00
Steve Tornio
ceb65d7dc0
Add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8519 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 16:38:58 +00:00
Joshua Drake
4800d6841c
commit cmd stager stuff from bannedit
...
git-svn-id: file:///home/svn/framework3/trunk@8518 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 16:38:19 +00:00