Commit Graph

6762 Commits (2cf99446815c9be6218f6504b91e19812b276feb)

Author SHA1 Message Date
Joshua Drake 6d1e7bdaa5 big commit - lots of cmdstager changes
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)


git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 22:39:56 +00:00
Joshua Drake ecba10c4fd switch to ::IO.select
git-svn-id: file:///home/svn/framework3/trunk@9374 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 22:11:42 +00:00
James Lee 1e47a49b7e match whitespace to the rbreadline standard instead of the msf standard
git-svn-id: file:///home/svn/framework3/trunk@9373 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 19:54:32 +00:00
James Lee 2555392fc8 tab complete OptPath options
git-svn-id: file:///home/svn/framework3/trunk@9372 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 17:02:58 +00:00
Joshua Drake 350ac4fb7c grammar!
git-svn-id: file:///home/svn/framework3/trunk@9371 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 15:40:12 +00:00
Joshua Drake 3ce61ca466 grammar!
git-svn-id: file:///home/svn/framework3/trunk@9370 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 15:38:13 +00:00
Joshua Drake def1af53ad remove executable property
git-svn-id: file:///home/svn/framework3/trunk@9369 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 01:14:46 +00:00
Tod Beardsley 110e0c8404 Allow for an IP range notation of "10.1.1.1-10.255.255.255" . This is equivalent to "10.1-255.1-255.1-255" but is more natural for some people not familiar with the nmap-style notation. Note that there must be no spaces around the hyphen. In the case of "10.1.1.1 - 10.255.255.255", this will merely fail normally. In the case of "10.1.1.1- 10.255.255.255," you will end up with a funny range of 10.1.1.1-255 and 10.255.255.255, since the space after the hyphen denotes "until the end of the octet space."
git-svn-id: file:///home/svn/framework3/trunk@9368 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 22:44:55 +00:00
Joshua Drake b44a2a169c delay framework load until after option parsing
git-svn-id: file:///home/svn/framework3/trunk@9367 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 22:29:01 +00:00
Tod Beardsley 563ab310dc Strengthening up the checks for valid formats for CIDR address ranges when passed to Rex::Socket::RangeWalker
git-svn-id: file:///home/svn/framework3/trunk@9366 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 20:46:00 +00:00
Joshua Drake 3a5d4792ee print_good for summary line too
git-svn-id: file:///home/svn/framework3/trunk@9365 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 18:14:27 +00:00
Tod Beardsley bf4cf3cc85 Gives the finger user enumeration module an overhaul -- more descriptive status messages, more friendly connect/disconnect, and if the target supports multiple usernames per request, do that.
git-svn-id: file:///home/svn/framework3/trunk@9364 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 18:04:06 +00:00
Steve Tornio cfb850b41b add osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@9363 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 02:09:42 +00:00
Joshua Drake 1be5df045f whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9362 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 01:52:59 +00:00
James Lee 6167fbe2a3 leave the database commands in all the time and warn if there's no connection, fixes #1923
git-svn-id: file:///home/svn/framework3/trunk@9361 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 01:32:30 +00:00
James Lee 7b7e2f6e0c add tab completion to db_import
git-svn-id: file:///home/svn/framework3/trunk@9360 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 23:38:45 +00:00
Mike Smith 8b9eb25664 Load rubygems before changing Encoding.default_internal (fixes #1914)
git-svn-id: file:///home/svn/framework3/trunk@9359 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 23:07:56 +00:00
Mike Smith d90656be0e Improve error logging when modules fail to load.
* Don't print module file path twice on the same line
* Use print_error instead of print
* Remove unnecessary newlines

git-svn-id: file:///home/svn/framework3/trunk@9358 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 23:07:52 +00:00
James Lee a6d39ca581 add tab completion for filenames. works fine with real readline, only does current directory in rbreadline, see #664
git-svn-id: file:///home/svn/framework3/trunk@9357 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 22:57:27 +00:00
Joshua Drake acf45118a2 add exploit module for communicrypt activex from dookie
git-svn-id: file:///home/svn/framework3/trunk@9356 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 22:37:59 +00:00
Joshua Drake c08041ed21 updated description, comments, call timeout
git-svn-id: file:///home/svn/framework3/trunk@9355 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 22:22:04 +00:00
Tod Beardsley f37d61922b Adding a case for Linux and friends for finger enumeration.
git-svn-id: file:///home/svn/framework3/trunk@9354 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 21:44:17 +00:00
Ramon de C Valle afd52bd798 Change the base value used for calculating the system call numbers and
arguments in aix.rb



git-svn-id: file:///home/svn/framework3/trunk@9353 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 18:07:15 +00:00
Joshua Drake be158fbcb3 whitespace tweaks
git-svn-id: file:///home/svn/framework3/trunk@9352 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 14:56:49 +00:00
Joshua Drake 14a6a1b95f another error message update, see #1994
git-svn-id: file:///home/svn/framework3/trunk@9351 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 14:56:23 +00:00
Ramon de C Valle db272ef7b5 Fix the aix/rpc_ttdbserverd_realpath.rb module to use @aixpayload instead of payload.encoded
git-svn-id: file:///home/svn/framework3/trunk@9350 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 02:06:14 +00:00
Ramon de C Valle d31dd35f62 Fixes #2004. Add back the timeout argument to sunrpc_call method.
git-svn-id: file:///home/svn/framework3/trunk@9349 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 00:57:18 +00:00
Ramon de C Valle 380ed580fb Update unixasm external source.
git-svn-id: file:///home/svn/framework3/trunk@9348 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-23 20:01:11 +00:00
Ramon de C Valle 34f12a38ec Change the base value used for calculating the system call numbers and
arguments to avoid null bytes in newer versions of AIX.



git-svn-id: file:///home/svn/framework3/trunk@9347 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-23 19:47:48 +00:00
Tod Beardsley 1a2be34a63 Fixes #2002. Needed to work with some pipelining to get this all to work right, but it seems to function now pretty well -- if the target takes Basic, do basic, if the target takes NTLM, do NTLM. Should implement Digest too, but I don't think hardly anyone uses that.
git-svn-id: file:///home/svn/framework3/trunk@9346 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-22 17:58:01 +00:00
Tod Beardsley df5ce05fa1 Whitespace for the tests.
git-svn-id: file:///home/svn/framework3/trunk@9345 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-22 15:48:02 +00:00
Tod Beardsley 3e80e6ce87 See #2002. Adds a standard, native NTLM library for Ruby that lends itself very well to HTTP authentication. (Ruby licensed by yrock and Minero Aoki)
Usage: See lib/net/ntlm.rb.ut.rb



git-svn-id: file:///home/svn/framework3/trunk@9344 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 21:37:45 +00:00
Tod Beardsley e02fd71de9 See #2002. Skip authentication schemes that we don't know how to do.
git-svn-id: file:///home/svn/framework3/trunk@9343 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 17:32:54 +00:00
Joshua Drake 793e6ddd52 tweak error message, see #1994
git-svn-id: file:///home/svn/framework3/trunk@9342 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 15:38:07 +00:00
James Lee 4f61fb6dc3 add a mini installer to the standard build. it can still use some more minification, it's at about 24MB and expands to 132MB
git-svn-id: file:///home/svn/framework3/trunk@9341 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 06:25:26 +00:00
Joshua Drake a6795c4714 add EXE exploit mixin
git-svn-id: file:///home/svn/framework3/trunk@9340 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 06:20:10 +00:00
Joshua Drake 83adc3f391 switch to ::IO.select
git-svn-id: file:///home/svn/framework3/trunk@9339 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 05:02:52 +00:00
HD Moore 872575209f Fix a corner case with udp send destinations already having a ::ffff: prefix
git-svn-id: file:///home/svn/framework3/trunk@9338 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 05:01:14 +00:00
James Lee 0615dac174 break the common stuff out into a function
git-svn-id: file:///home/svn/framework3/trunk@9337 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 04:53:46 +00:00
Joshua Drake e5d73387e6 guess at what this address is
git-svn-id: file:///home/svn/framework3/trunk@9336 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:38:27 +00:00
Joshua Drake 688c76f7a0 catch ConnectionError exception before it gets passed higher up, fixes #1994
git-svn-id: file:///home/svn/framework3/trunk@9335 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:33:12 +00:00
Joshua Drake 21130bc38a replace hardcoded numbers with friendly constants
git-svn-id: file:///home/svn/framework3/trunk@9334 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:15:10 +00:00
Joshua Drake 957b1432ed add simple tftp server
git-svn-id: file:///home/svn/framework3/trunk@9333 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:03:04 +00:00
James Lee 15cee53b41 move tab completion setup out of init_ui. fixes #1180
git-svn-id: file:///home/svn/framework3/trunk@9332 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 23:47:49 +00:00
James Lee 851b68d9ab make sure the session has ui handles before running the upexec, see #1982
git-svn-id: file:///home/svn/framework3/trunk@9331 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 23:30:03 +00:00
HD Moore dfa7fb7d0b Move away from Kernel.select in exchange for IO.select, solves some issues with windows compatibility
git-svn-id: file:///home/svn/framework3/trunk@9330 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 20:42:17 +00:00
James Lee a89db83513 use the BINPATH
git-svn-id: file:///home/svn/framework3/trunk@9329 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 20:39:55 +00:00
James Lee 088d501095 default to postgres
git-svn-id: file:///home/svn/framework3/trunk@9328 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 19:37:46 +00:00
Tod Beardsley 87ba4a9594 Fixes #1990. Turns out, we were counting on resolved hostnames, and skipping anything with an unresolved IP address.
git-svn-id: file:///home/svn/framework3/trunk@9327 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 14:08:29 +00:00
James Lee 8e648dc7e0 proto is not required, fixes #1976
git-svn-id: file:///home/svn/framework3/trunk@9326 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-19 19:08:08 +00:00