Commit Graph

6113 Commits (2d96570ce51af99bc833ec609dcb6644a6c54110)

Author SHA1 Message Date
HD Moore 2d96570ce5 Leftover change from the initialize() to prepare_http_client() move
git-svn-id: file:///home/svn/framework3/trunk@8925 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-26 01:08:22 +00:00
Mario Ceballos cae262e374 added cve reference. thanks Kurt.
git-svn-id: file:///home/svn/framework3/trunk@8924 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-26 00:47:13 +00:00
Mario Ceballos bcbfb5f900 added exploit module dbms_export_extension.rb
git-svn-id: file:///home/svn/framework3/trunk@8923 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 23:49:54 +00:00
HD Moore 091abc9c6b Some extra defaults
git-svn-id: file:///home/svn/framework3/trunk@8922 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 21:58:24 +00:00
HD Moore cd71cfbad1 Handle buggy HTTP servers better
git-svn-id: file:///home/svn/framework3/trunk@8921 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 21:35:37 +00:00
Tod Beardsley 25ec5fa444 Do a little better password management for services that don't ask for usernames -- fingerprint them ahead of time, and resort the credentials list in a usernameless way. Also, this allows telnet RST's to be treated just as busy services, since sometimes telnet servers get persnickety about a lot of login attempts, but they do come back shortly.
git-svn-id: file:///home/svn/framework3/trunk@8920 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 21:32:32 +00:00
HD Moore a560992c7f If a duplicate note is found, change the updated_at to indicate its fresh.
git-svn-id: file:///home/svn/framework3/trunk@8919 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 18:10:37 +00:00
HD Moore eb0e9fdc73 Always insert auth notes, dupe data doesnt make sense for long-running work
git-svn-id: file:///home/svn/framework3/trunk@8918 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 18:07:51 +00:00
HD Moore 3e29a2fd2f Adds bgrun, bglist, bgkill to run Meterpreter scripts in the background
git-svn-id: file:///home/svn/framework3/trunk@8917 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 15:54:43 +00:00
HD Moore 22cb5a6bea 1.9 compatibility fixes for lpd exploits, clarification in the print messages that we are *trying* to exploit something, not absolutely doing so
git-svn-id: file:///home/svn/framework3/trunk@8916 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 14:52:35 +00:00
Tod Beardsley 6d606a7587 Fixes #1304. Removes the this_cred bit since that got swapped out for the new auth_brute scheme.
git-svn-id: file:///home/svn/framework3/trunk@8915 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 13:27:29 +00:00
HD Moore dde2531194 Rename to match the class name
git-svn-id: file:///home/svn/framework3/trunk@8914 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 03:51:04 +00:00
HD Moore 1a53881e3b Add Kurt Grutzmacher's VNC password dumper
git-svn-id: file:///home/svn/framework3/trunk@8913 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 03:50:25 +00:00
Joshua Drake b069a43477 handle stopping the handler job in case of failure
git-svn-id: file:///home/svn/framework3/trunk@8912 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:45:10 +00:00
Joshua Drake f7f0f03a4a handle the user hitting ^D while interacting properly
git-svn-id: file:///home/svn/framework3/trunk@8911 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:38:47 +00:00
James Lee 79ac118f47 targ_host -> target_host
git-svn-id: file:///home/svn/framework3/trunk@8910 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:11:10 +00:00
James Lee a27c941714 targ_host -> target_host
git-svn-id: file:///home/svn/framework3/trunk@8909 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:09:04 +00:00
James Lee dd26a227ef targ_host -> target_host
git-svn-id: file:///home/svn/framework3/trunk@8908 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:05:23 +00:00
James Lee fd97c89959 targ_host --> target_host for consistency with other modules
git-svn-id: file:///home/svn/framework3/trunk@8907 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 00:41:58 +00:00
James Lee 282c2fb2b2 targ_host --> target_host for consistency with other modules
git-svn-id: file:///home/svn/framework3/trunk@8906 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 00:40:50 +00:00
HD Moore f16b1b5b7a Add CVE reference for open NFS shares
git-svn-id: file:///home/svn/framework3/trunk@8905 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 22:40:06 +00:00
HD Moore af3ab0a260 Handle situations where any user/pass is allowed
git-svn-id: file:///home/svn/framework3/trunk@8904 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 21:11:00 +00:00
HD Moore 3a88909c06 Rename for consistency
git-svn-id: file:///home/svn/framework3/trunk@8903 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 20:33:21 +00:00
Tod Beardsley dabe51f3c4 Converting credentials_tried and credentials_skipped to class variables so threads can access them and cut down on the repeats.
git-svn-id: file:///home/svn/framework3/trunk@8902 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 20:31:43 +00:00
HD Moore aa1c65f4e6 Add a quick and dirty HTTP scanner
git-svn-id: file:///home/svn/framework3/trunk@8901 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 20:28:09 +00:00
Joshua Drake 4f657ef868 add exploit module for cve-2009-1260
git-svn-id: file:///home/svn/framework3/trunk@8900 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 19:35:29 +00:00
James Lee 1dc7a4a21f i'm tired of support requests for oci libs not being installed
git-svn-id: file:///home/svn/framework3/trunk@8899 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 19:02:38 +00:00
James Lee 24d93655bb print the report results even if the db is not available. see #737
git-svn-id: file:///home/svn/framework3/trunk@8898 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 16:28:04 +00:00
James Lee 2a2682052b patch from Mark Fioravanti for detecting chrome vs safari
git-svn-id: file:///home/svn/framework3/trunk@8897 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 16:13:59 +00:00
HD Moore 2efa31cfec Closes #1244 with a caveat. If the template injected calls ExitProcess(), the payload will be killed. This means that -k is not compatible with our default executable
git-svn-id: file:///home/svn/framework3/trunk@8896 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 15:55:24 +00:00
HD Moore 756e00c3bb A little more work for each connection, but this should be slightly more robust
git-svn-id: file:///home/svn/framework3/trunk@8895 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 14:50:25 +00:00
HD Moore e28e4ac923 Document how the ssl verification (or lack of) should be implemented. Handle oddball connection errors gracefully with a retry
git-svn-id: file:///home/svn/framework3/trunk@8894 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 14:47:30 +00:00
HD Moore 4625e9b363 Catch Meterpreter-timeout errors for pivoted scanners
git-svn-id: file:///home/svn/framework3/trunk@8893 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 12:09:32 +00:00
HD Moore 2b419a421d Add default timeouts to autopwn, control with -T
git-svn-id: file:///home/svn/framework3/trunk@8892 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 00:11:21 +00:00
Stephen Fewer 75661291fa and the bins, tiny modification to the ruby side and update the README.
git-svn-id: file:///home/svn/framework3/trunk@8891 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 00:03:32 +00:00
Stephen Fewer 9a4293c445 In with the modified VNC payload which now supports an in memory breakout of session isolation for systems like Vista/2008/7 when the payload is run from a service in session 0 isolation.
git-svn-id: file:///home/svn/framework3/trunk@8890 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 00:00:05 +00:00
Joshua Drake 5c1cf6aefb correction to target descriptions
git-svn-id: file:///home/svn/framework3/trunk@8889 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:54:45 +00:00
Joshua Drake 39537bfc53 add an office xp sp0 target
git-svn-id: file:///home/svn/framework3/trunk@8888 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:00:54 +00:00
et 4a326135fc Fix condition
git-svn-id: file:///home/svn/framework3/trunk@8887 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 02:59:35 +00:00
James Lee 1265cccde7 override the command shell session interaction to use shell_read and shell_write instead of operating on rstream directly
git-svn-id: file:///home/svn/framework3/trunk@8886 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 00:33:18 +00:00
HD Moore 38e4a9c8a2 Store the tunnel_peer directly
git-svn-id: file:///home/svn/framework3/trunk@8885 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 23:24:08 +00:00
HD Moore 3dbfd0b8e3 A little too verbose
git-svn-id: file:///home/svn/framework3/trunk@8884 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 22:44:58 +00:00
Tod Beardsley 1458fbad54 Adds some fingerprinting to the tomcat manager login auxiliary module.
git-svn-id: file:///home/svn/framework3/trunk@8883 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 22:19:46 +00:00
James Lee e088d9ff68 change order of paths to src, dest in session up/download events
git-svn-id: file:///home/svn/framework3/trunk@8882 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 20:56:22 +00:00
Joshua Drake 210e241795 use exploit datastore instead of global datastore -- see #394
git-svn-id: file:///home/svn/framework3/trunk@8881 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 20:17:18 +00:00
Tod Beardsley 4f3c5fd44d Whoops, left a print_debug in there.
git-svn-id: file:///home/svn/framework3/trunk@8880 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 20:14:03 +00:00
Tod Beardsley 83d96d713c Refactoring Auxiliary::AuthBrute. Now that several modules actually use it, the real use cases have become obvious. So, refactored for simplicity and readability. Also touched up all the authentication modules to behave consistently.
git-svn-id: file:///home/svn/framework3/trunk@8879 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 20:07:26 +00:00
HD Moore 584a38d341 Add an example RC
git-svn-id: file:///home/svn/framework3/trunk@8878 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 16:10:23 +00:00
HD Moore 05bd6b816d Fix this for when users dont have msfconsole.rc
git-svn-id: file:///home/svn/framework3/trunk@8877 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 15:50:42 +00:00
HD Moore 0bea440dcb Add the ability to process ruby blocks in resource scripts. Fixes #1288
git-svn-id: file:///home/svn/framework3/trunk@8876 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 14:26:02 +00:00