Commit Graph

7929 Commits (297ca2595351ccfdffb9087b766ca757bb973986)

Author SHA1 Message Date
h00die a63c947768 gopher proto 2017-10-12 21:32:01 -04:00
bwatters-r7 579342c4f6
Land #8955, Fix error messages on telnet_encrypt_overflow.rb 2017-09-26 16:08:58 -05:00
bwatters-r7 66d6ac418a
Land #8978, Add smb1 scanner 2017-09-26 16:06:41 -05:00
Brent Cook 7924667e51 appease alignists 2017-09-25 09:10:10 -05:00
Brent Cook 62ee4ed708 update modules to use inherited SSLVersion option 2017-09-25 09:03:22 -05:00
h00die 273d49bffd
Land #8891 login scanner for Inedo BuildMaster 2017-09-24 13:30:17 -04:00
bwatters-r7 5a62e779aa
Land #8954, fix internal usage of bindata objects when generating NTP messages 2017-09-19 09:01:49 -05:00
loftwing c953842c96 Added docs and additional dialects 2017-09-18 15:02:38 -05:00
loftwing 7d07f7054d Merge remote-tracking branch 'origin/master' into add_smb1_scanner 2017-09-18 13:16:06 -05:00
loftwing d07fe2f1e7 Added reporting back, removed wfw dialect 2017-09-18 13:15:19 -05:00
loftwing 6f5eb5a18f update 2017-09-15 12:07:28 -05:00
james 4e81a68108 Simplify saving valid credentials by calling store_valid_credential 2017-09-15 00:18:33 -05:00
loftwing 646dda7958 Add initial smbv1 scanner code 2017-09-14 16:59:39 -05:00
Pearce Barry 200a1b400a
Remove spaces to appease msftidy. 2017-09-14 09:28:38 -05:00
Erik Lenoir 27a517e0f6 Fix #8060, cf #8061 2017-09-12 18:41:51 +02:00
Brent Cook a7a17c677c fix internal usage of bindata objects when generating NTP messages 2017-09-12 09:54:09 -04:00
Craig Smith e4465c9350 Fixed a bug where flowcontrol caused the first packet to get lost 2017-09-11 19:00:53 -07:00
Craig Smith b218cc3c7f Merge branch 'master' into hw_auto_padding_fix 2017-09-11 18:30:34 -07:00
Craig Smith ad9329993d Added better padding and flowcontrol support. 2017-09-11 18:20:57 -07:00
james 861f4a6201 Changes to buildmaster_login from code review
Use peer property in messages instead of rhost rport combination for consistency.
Documentation updated accordingly.
2017-09-09 18:00:04 -05:00
james 47adfb9956 Fixes from code review to buildmaster_login
Per bcoles, the most important fixes are:
- Removing `self.class` from call to `register_options`
- Adding rescue to login_succeeded to handle bad json
2017-09-09 16:26:01 -05:00
Brent Cook c67e407c9c
Land #8880, added Cisco Smart Install (SMI) scanner 2017-09-07 08:06:03 -05:00
Adam Cammack b0dc44fb86
Land #8909, Avoid saving some invalid creds 2017-09-05 12:43:03 -05:00
Tod Beardsley 86db2a5771
Land #8888 from @h00die, with two extra fixes
Fixes spelling and grammar in a bunch of modules. More to come!
2017-08-31 14:37:02 -05:00
Tod Beardsley 8a045e65aa Spaces between commas 2017-08-31 14:29:23 -05:00
Pearce Barry 2bbba9c500
Avoid some ActiveRecord validation errors.
Per discussion with @bcoles in [PR 8759](https://github.com/rapid7/metasploit-framework/pull/8759#issuecomment-325028479), setting a login data's last_attempted_at value while also setting the status to UNTRIED will cause a validation error when there's a running+connected MSF DB.

This PR removes the handful of existing cases we're doing this (thx, @bcoles!).
2017-08-30 15:31:36 -05:00
Jon Hart eec5d2ada9
Update description and add link to SIET 2017-08-30 11:52:11 -07:00
Pearce Barry d5124fdc94
Land #8759, Add TeamTalk Gather Credentials auxiliary module 2017-08-29 13:17:28 -05:00
Brendan Coles c9e32fbb18 Remove last_attempted_at 2017-08-29 05:05:04 +00:00
h00die a40429158f 40% done 2017-08-28 20:17:58 -04:00
h00die bd7ea1f90d more updates, 465 more pages to go 2017-08-26 21:01:10 -04:00
james 7dfde651ea Add login scanner module for Inedo BuildMaster
This module attempts to log into BuildMaster. BuildMaster is an application release automation tool.

More information about BuildMaster:
http://inedo.com/
2017-08-26 17:56:53 -05:00
William Vu 924c3de9f3
Land #7382, BIND TSIG DoS 2017-08-26 10:42:35 -05:00
William Vu f9a2c3406f Clean up module 2017-08-26 10:41:10 -05:00
h00die 3420633f29 @NickTyrer corrected my correction 2017-08-26 08:43:10 -04:00
h00die 32a4436ecd first round of spelling/grammar fixes 2017-08-24 21:38:44 -04:00
Jon Hart 7b18c17445
Appease rubocop 2017-08-22 14:53:21 -07:00
Jon Hart 2969da3d70
Merge branch 'upstream-master' into feature/cisco-smi-scanner 2017-08-22 14:39:44 -07:00
Brent Cook cbd7790e95
Land #8751, Add Asterisk Gather Credentials auxiliary module 2017-08-20 18:34:27 -05:00
Brent Cook aa797588e8
Land #8847, Look for sp_execute_external_script in mssql_enum 2017-08-20 14:32:35 -05:00
h00die dc358dd087 unknow to unknown 2017-08-18 11:33:48 -04:00
james e642789674 Look for sp_execute_external_script in mssql_enum
sp_execute_external_script can be used to execute code in MSSQL.
MSSQL 2016+ can be configured to execute R code. MSSQL 2017 can
be configured to execute Python code.

Documentation:
https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql
https://docs.microsoft.com/en-us/sql/advanced-analytics/tutorials/rtsql-using-r-code-in-transact-sql-quickstart

Interesting uses of sp_execute_external_script:
R - https://pastebin.com/zBDnzELT
Python - https://gist.github.com/james-otten/63389189ee73376268c5eb676946ada5
2017-08-16 21:40:03 -05:00
Brent Cook e3265c4b1b
Land #8697, fix oracle_hashdump and jtr_oracle_fast modules 2017-08-14 17:36:18 -04:00
Brent Cook 69c4ae99a7
Land #8811, fix peer printing with bruteforce modules 2017-08-14 17:31:48 -04:00
William Vu 1a4db844c0 Refactor build_brute_message for legacy printing 2017-08-14 11:17:34 -05:00
Brent Cook 9fdf2ca1f4
Land #8830, Cleanup auxiliary/scanner/msf/msf_rpc_login 2017-08-14 02:47:08 -04:00
Brendan Coles fa4fae3436 Cleanup auxiliary/scanner/msf/msf_rpc_login 2017-08-14 06:34:04 +00:00
Brent Cook 26193216d1
Land #8686, add 'download' and simplified URI request methods to http client mixin
Updated PDF author metadata downloader to support the new methods.
2017-08-14 01:40:17 -04:00
Brent Cook 5d05ca154a added http client 'download' method and updates to pdf author module from @bcoles 2017-08-14 01:08:53 -04:00
zerosum0x0 ecfe3d0235 added optional DoublePulsar check 2017-08-11 11:36:59 -06:00