Commit Graph

2163 Commits (2bfe5ee5a6ab12c922adaf8af2957d224d0b37f9)

Author SHA1 Message Date
Tod Beardsley 2edf4a676a Merge remote branch 'bonsaiviking/axfr' into bonsai-afxr 2012-09-04 16:16:41 -05:00
Tod Beardsley b8132cae5c Add the redistribution comment splat 2012-09-04 15:58:43 -05:00
Tod Beardsley 15f1dd8525 Moving greetz to Author fields 2012-09-04 15:58:43 -05:00
Tod Beardsley 6e7cbe793c Spamguard e-mail addresses, make auth name consistent 2012-09-04 15:58:43 -05:00
Tod Beardsley f80abaf0d1 Dropping trailing whitespace 2012-09-04 15:58:42 -05:00
nullbind 114ade6bea applied todb requested fixes, and added sql 2k support 2012-09-04 15:58:42 -05:00
nullbind 6cd6f9d5d1 minor comment updates 2012-09-04 15:58:42 -05:00
nullbind 7e168f2e5c Modified module to write query results to a file with report/loot options 2012-09-04 15:58:42 -05:00
nullbind 522fb401e9 Find data on a SQL Server, sample it, and write it to a CSV file. 2012-09-04 15:58:42 -05:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
sinn3r 53a9a8afce Awww, typo! Nice catch, @Agarri_FR! :-) 2012-08-31 14:23:51 -05:00
sinn3r 638d9d1095 Fix nil res bug, change action name, etc 2012-08-25 02:41:50 -05:00
Ewerson Guimaraes (Crash) cad590488d Update modules/auxiliary/scanner/http/http_traversal.rb 2012-08-24 15:47:07 -03:00
Rob Fuller d0558218ee Add non-authed OPTION response to support WebDAV 2012-08-23 15:11:10 -04:00
Tod Beardsley 8d187b272d Some error handling on ntlm relayer
Instead of a cryptic exception, let the user know if the HTTP target
isn't actually asking for WWW-Authenticate.

There are likely many more opportunities to catch errors, but this is
the most obvious.
2012-08-21 16:13:00 -05:00
Tod Beardsley 635710402b Removing bullet points from module description
Due to the vagaries of various Metasploit module description viewers, we
can't guarantee things like lists and bullet points render right.
Descriptions should avoid using these things.
2012-08-21 16:00:04 -05:00
Tod Beardsley b457289e01 Merge remote branch 'webstersprodigy/module-http-ntlmrelay' 2012-08-21 15:28:50 -05:00
webstersprodigy 65b29d149f Update to use OptEnum for RTYPE 2012-08-20 22:45:20 -04:00
sinn3r 8d4b4fc7be Some more changes before pushing to master 2012-08-20 15:43:39 -05:00
saint patrick e6bda752ee cleaned up and using HttpServer for handling requests and sending 401 2012-08-20 15:23:49 -05:00
saint patrick 10698e2f99 Updating HTTP Basic capture mod with edits based on MSF team suggestions 2012-08-19 19:47:01 -05:00
saint patrick de380cfb46 Adding aux mod for HTTP Basic Auth capture 2012-08-19 01:51:01 -05:00
Daniel Miller 6db09ba20c Key notes on nameserver IP, not discovered IP 2012-08-16 21:31:23 -05:00
Daniel Miller 7005216d1f Fix axfr support for auxiliary/gather/enum_dns
AXFR support in net-dns is broken. This fixes it, and makes the
requisite modifications to enum_dns module. Basic problem is that AXFR
responses consist of a chain of DNS replies, not a single reply with
multiple answers. Previously, only the first of these replies, the SOA
record, was returned. Also added some exception handling to avoid
problems like #483.
2012-08-16 20:40:24 -05:00
Daniel Miller 0311caf4df Alternate means of looking up NS IP
Sometimes a nameserver won't have an A record for its own name. Check
for this and fall back to using the system resolver via
Rex::Socket.gethostbyname. Example:

    $ dig +short zonetransfer.me NS
    ns12.zoneedit.com.
    ns16.zoneedit.com.
    $ dig +short @ns12.zoneedit.com ns12.zoneedit.com A
    $ dig +short @ns16.zoneedit.com ns12.zoneedit.com A
    $ dig +short @ns16.zoneedit.com ns16.zoneedit.com A
    $

Also removed an extra A lookup that was unnecessary.
2012-08-16 11:48:37 -05:00
Tod Beardsley 586d937161 Msftidy fix and adding OSVDB 2012-08-15 13:43:50 -05:00
sinn3r 7c6b6281d7 Merge branch 'beacon-addr' of https://github.com/bonsaiviking/metasploit-framework into bonsaiviking-beacon-addr 2012-08-13 11:57:22 -05:00
sinn3r e5666d70e2 Merge branch 'glassfish-uri' of https://github.com/bonsaiviking/metasploit-framework into bonsaiviking-glassfish-uri 2012-08-13 11:53:03 -05:00
HD Moore f72f334124 Fix an odd issue with search due to use of the builtin Proxies option 2012-08-12 23:22:38 -05:00
RageLtMan 33c74c97e2 Add Opt::Proxies and opthash[:proxies] to ssh mods 2012-08-12 16:23:22 -04:00
RageLtMan c9690033c7 This commit allows ssh_login to use socks proxies. Net::SSH::Transport::Session could take a :proxy option,
but it expects a factory object not a string, when setting :proxy => datastore['Proxies'] user got:
"Auxiliary failed: NoMethodError private method `open' called for \"socks4:localhost:1080\":String."
VALID_OPTIONS in ssh.rb now takes :proxies option which is passed to the Rex socket in
Net::SSH::Transport::Session.new.

Testing: block all outgoing to SSH server, try to connect with a proxy. Try with :proxy option,
then merge this pull request and try again.
2012-08-12 16:01:52 -04:00
Daniel Miller ed43418156 Fix unused ADDR_DST option in fuzz_beacon
auxiliary/fuzzers/wifi/fuzz_beacon offers ADDR_DST option, probably
copy-pasted from some other wifi modules, but does not use it, likely
because beacons are meant to be sent to broadcast address only. Since
this is a fuzzer, changing the destination address may be desirable.
Used the option in building the frame to be sent.
2012-08-10 16:14:50 -05:00
Daniel Miller db4f31de76 Fix use of URI option for glassfish_login
auxiliary/scanner/http/glassfish_login offers URI option to set the path
where Glassfish is installed, but it doesn't work. Replaced it with
TARGETURI and call target_uri.path to get a base path.
2012-08-10 15:44:53 -05:00
sinn3r b4b860f356 Correct MC's name 2012-08-08 14:16:02 -05:00
jvazquez-r7 d04fdc9382 Added aux module for CVE-2009-1730 2012-08-08 16:26:41 +02:00
sinn3r b46fb260a6 Comply with msftidy
*Knock, knock!*  Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r f26053c2c3 Add vendor's name in there for easier searching 2012-08-07 12:16:52 -05:00
sinn3r 614ae02a26 Add CVE-2012-2626 Scrutinizer add-user aux mod 2012-08-07 12:13:25 -05:00
jvazquez-r7 c2cc4b3b15 juan author name updated 2012-08-06 18:59:16 +02:00
sinn3r 99d3ee6fc4 Merge branch 'webpagetest_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-webpagetest_traversal 2012-08-06 03:15:16 -05:00
sinn3r f1e7ef06cc Add webpagetest dir traversal module
How did I forget this while writing the exploit?
2012-08-06 03:11:07 -05:00
Tod Beardsley d5b165abbb Msftidy.rb cleanup on recent modules.
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
Rob Fuller 76fee330ee Squashed commit of the following:
commit dadb717f5e17851a85183847f3fdb01e45e6caaa
Author: James Lee <egypt@metasploit.com>
Date:   Fri Aug 3 18:48:53 2012 -0600

    Rescue SMB errors

    Prevents backtraces and gives the user some idea of what happened.
    Specifically useful for STATUS_ACCESS_DENIED and STATUS_LOGON_FAILURE.

commit aba203ead75eec22606f52d7eb67f1581c44c4df
Author: Rob Fuller <jd.mubix@gmail.com>
Date:   Fri Jul 20 03:24:26 2012 -0400

    add SMB list directory module

[Closes #628]
2012-08-03 19:00:11 -06:00
David Maloney fa2b0c26bb Fixes password seeding for JtR modules 2012-08-01 14:15:51 -05:00
sinn3r 87aae548e6 Final cleanup 2012-07-24 13:11:04 -05:00
Bruno Morisson dbc779e02d implemented fixes requested by sinn3r
Implemented the fixes, and re-tested the modules
2012-07-24 11:02:49 +01:00
Bruno Morisson 397d708340 Added bulk file retrieval to sap_mgmt_con_getlogfiles, and new module to get SAP process list from remote host
* Added option to retrieve all available files from remote SAP host to
sap_mgmt_con_getlogfiles, based on the listing request provided in
sap_mgmt_con_listlogfiles module, if the variable GETALL is set to true.
Kept previous functionality of retrieving just one chosen file.

* Added new module sap_mgmt_con_getprocesslist to remotely list SAP
processes using SAP SOAP interface. Based on the other sap_mgmt_con_*
modules by Chris John Riley.
2012-07-23 16:26:33 +01:00
webstersprodigy 3c7ad96b45 Changing a string concat from + to << 2012-07-22 20:28:17 -04:00
webstersprodigy 6bb31280fb Took/tested all egypt's comments, other than the Actions one 2012-07-22 20:02:12 -04:00
sinn3r 33ee6ee699 Merge branch 'sip-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-sip-capture 2012-07-22 03:36:13 -05:00