Commit Graph

707 Commits (370c42736c2bc9e557b3673a6708e09422cd44bf)

Author SHA1 Message Date
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake a758dfe37d style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10988 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 18:20:52 +00:00
Tod Beardsley a34096c845 For smb_login, preserve_domains is now default to true. I think it's less surprising that way.
git-svn-id: file:///home/svn/framework3/trunk@10982 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 14:03:02 +00:00
Tod Beardsley 9aa7db5bad More domain love for smb_login.
git-svn-id: file:///home/svn/framework3/trunk@10979 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 04:12:17 +00:00
Tod Beardsley 996cc49408 Be more accomodating for SMB domains when bruteforcing SMB hosts.
git-svn-id: file:///home/svn/framework3/trunk@10977 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 02:07:31 +00:00
Tod Beardsley 9e8a567dd3 See #3146. Don't try string ops on $1 and $2 -- drop these into a more clearly labeled temp variable first, and handle them safely.
Also, I don't think the match newline regex directive helps much. Also, print a more meaningful status message in the event of a lack of a Server: line fignerprint.

Thanks for the bug report!



git-svn-id: file:///home/svn/framework3/trunk@10962 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 18:48:07 +00:00
HD Moore 7a2e25fd28 Fixes #3146 by unbreaking this code
git-svn-id: file:///home/svn/framework3/trunk@10961 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 17:48:41 +00:00
Tod Beardsley 13b15c9a2c An incremental advance for this mighty UPnP probe module.
git-svn-id: file:///home/svn/framework3/trunk@10959 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 15:19:28 +00:00
Tod Beardsley fa962647f9 Adds an auxiliary module to probe the local gateway via UPnP. Kinda neat.
git-svn-id: file:///home/svn/framework3/trunk@10957 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 06:24:32 +00:00
cg b3713f9d46 handle 302's, print error codes since its important
git-svn-id: file:///home/svn/framework3/trunk@10928 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-06 14:45:22 +00:00
Joshua Drake dee671318e style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10895 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 02:54:16 +00:00
cg 5421be199a adobe xml inject aux module
git-svn-id: file:///home/svn/framework3/trunk@10894 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 02:11:31 +00:00
Joshua Drake 21f16f63a1 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10855 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-01 21:45:49 +00:00
Tod Beardsley 9c6f771252 Suppress the error when your @result is nil in smtp_enum.rb
git-svn-id: file:///home/svn/framework3/trunk@10853 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-01 13:56:42 +00:00
Tod Beardsley 730ec09464 Allow for blank FTP usernames. Just not nil ones.
git-svn-id: file:///home/svn/framework3/trunk@10834 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-27 20:12:51 +00:00
Joshua Drake e78aa83021 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10821 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:58:49 +00:00
Tod Beardsley 6f56086df9 See #2888. Editing the title and description to reflect the multitude of Barracuda products affected by this module. Only three are actually listed specifically, but users can always refer to the OSVDB listing to get the complete list.
git-svn-id: file:///home/svn/framework3/trunk@10772 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-21 01:18:38 +00:00
Joshua Drake 04858c69fc style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:54:19 +00:00
Joshua Drake 7c1d8c7d05 fix false negatives, slightly reworked, fixes #2888
git-svn-id: file:///home/svn/framework3/trunk@10751 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 21:55:19 +00:00
Joshua Drake 042e71c357 add ports/refs for ZDI-10-214
git-svn-id: file:///home/svn/framework3/trunk@10747 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 14:28:52 +00:00
HD Moore 21bd23b9e6 Fixes #2786
git-svn-id: file:///home/svn/framework3/trunk@10707 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-16 17:53:27 +00:00
Tod Beardsley 97ebcd30a9 Fixes #788 by (finally!) committing Daniele's IPv6 link-local IPv6 scanner. Note that the timing can be a little touchy for this module (as well as for the IPv4 ARP scanner) but seems to be reliable enough on normal networks when scanning a /24.
Sorry for the delay!


git-svn-id: file:///home/svn/framework3/trunk@10700 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-15 22:48:18 +00:00
Tod Beardsley 48bcc580b8 Fixes #2623. This solves the original problem with the SNMP community scanner not respecting the ShowProgress toggle. The other fixes proposed in this bug really kind of seem to be quibbles over what's useful for verbosity and what's not. Please open another ticket for that with a unified diff of the proposed changes.
Thanks for the report!



git-svn-id: file:///home/svn/framework3/trunk@10697 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-15 20:11:51 +00:00
Joshua Drake 9e6e29428a add disclosure date
git-svn-id: file:///home/svn/framework3/trunk@10638 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-11 04:00:57 +00:00
HD Moore 06291bb78e Clean up the barracuda module a bit (grammar and removal of the report_auth_info until its refactored)
git-svn-id: file:///home/svn/framework3/trunk@10631 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-10 17:45:30 +00:00
Joshua Drake 54133b79fd add barracuda module from Tiago
git-svn-id: file:///home/svn/framework3/trunk@10627 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-10 01:42:26 +00:00
Tod Beardsley 87d7368166 Next time, try a couple more test cases. :(
git-svn-id: file:///home/svn/framework3/trunk@10623 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 19:54:03 +00:00
Tod Beardsley fc755f7a7a Fixes a bug where the return was getting ignored by each_user_pass for FTP. As a result, all usernames would get tried, instead of retiring a username once a good password was found.
git-svn-id: file:///home/svn/framework3/trunk@10622 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 19:03:49 +00:00
Tod Beardsley c2938323cc Pretty much the same deal as r10592, but for SSH, which sometimes has similiar RST problems.
git-svn-id: file:///home/svn/framework3/trunk@10593 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 02:11:06 +00:00
Tod Beardsley df48b11093 Makes telnet_login a more resistant to intermittant RSTs. If a machine gives us a reset, try again with a backoff. Only after 3 retries should we give up entirely. You'd be amazed how many devices this is required for.
git-svn-id: file:///home/svn/framework3/trunk@10592 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 01:54:56 +00:00
Tod Beardsley b5fe64aca2 This works around a blocking problem encountered with recv_telnet(). Don't hang around trying to recv when we've already got a password prompt or a success/fail response.
git-svn-id: file:///home/svn/framework3/trunk@10590 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 00:48:24 +00:00
Tod Beardsley ea128c6404 Mention the port when bruteforcing SMB services. Handy for noticing when you're being direct or indirect.
git-svn-id: file:///home/svn/framework3/trunk@10498 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-27 17:11:40 +00:00
Joshua Drake 7c1dc98456 switch logic around, add some debug/verbose prints
git-svn-id: file:///home/svn/framework3/trunk@10478 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 18:14:54 +00:00
HD Moore 46db59c5af Treat access denied the same as logon failure
git-svn-id: file:///home/svn/framework3/trunk@10474 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 03:30:22 +00:00
James Lee a9c3628a2d make it more obvious that the connection failed, not the login. see #2682
git-svn-id: file:///home/svn/framework3/trunk@10467 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 21:45:36 +00:00
Tod Beardsley 09cab24dbf Report_note no longer tries to re-report a service name; it just re-reports port numbers and protocols. This is to avoid unidentifying identified services.
git-svn-id: file:///home/svn/framework3/trunk@10458 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 17:52:25 +00:00
Patrick Webster e6969ba30e Fixed spelling mistake.
git-svn-id: file:///home/svn/framework3/trunk@10445 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-23 05:48:07 +00:00
HD Moore 8d45915f8c Remove the buggy report_host
git-svn-id: file:///home/svn/framework3/trunk@10414 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 03:14:08 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
James Lee 5f0cc946b1 document report_note a little better, and modify several modules to use it correctly. fixes #2568
git-svn-id: file:///home/svn/framework3/trunk@10377 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-19 22:25:56 +00:00
Mario Ceballos 9975827d22 updated module from Thomas Ring.
git-svn-id: file:///home/svn/framework3/trunk@10371 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 23:59:28 +00:00
HD Moore e939379b1b Fix missing end, use explicit Timeout class
git-svn-id: file:///home/svn/framework3/trunk@10366 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 04:15:32 +00:00
Tod Beardsley b023d89469 Wrap SSH and Telnet version checkers in a timeout, or else they sometimes hang forever.
git-svn-id: file:///home/svn/framework3/trunk@10365 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 03:00:19 +00:00
Tod Beardsley 8cf8fe9436 Making postgres_version more subdued in its successful fingerprint reporting with print_status instead of print_good, since other fingerprinting modules use print_status for the most part.
git-svn-id: file:///home/svn/framework3/trunk@10313 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-14 14:43:56 +00:00
Joshua Drake 5de3146533 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10273 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-09 15:47:35 +00:00
cg 8cf89d7e05 fix a typo
git-svn-id: file:///home/svn/framework3/trunk@10211 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:57:22 +00:00
cg 6b1eb27ab5 put scanner modules in the scanner directory
git-svn-id: file:///home/svn/framework3/trunk@10210 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:49:06 +00:00
Tod Beardsley 21540e22ed Checking in missing reporting stuff for bruteforce. Namely, report_exploit, also changes ftp's pw type to just "password" and re-opens newly verified sessions.
git-svn-id: file:///home/svn/framework3/trunk@10205 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-31 20:33:16 +00:00
Tod Beardsley 6d6a547b34 Fixes #2412. Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands.
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 00:58:20 +00:00
Joshua Drake acb82fa857 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10010 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-13 23:11:14 +00:00
HD Moore 040a292181 Create a new mixin that changes SMBUser/SMBPass to normal options, include this mixin within SMB modules that more often than not require authentication
git-svn-id: file:///home/svn/framework3/trunk@9981 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-12 15:00:58 +00:00
HD Moore 929d7bd158 Patch from Robin Wood
git-svn-id: file:///home/svn/framework3/trunk@9980 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-12 14:45:24 +00:00
Joshua Drake 7a612cd6af fix up vuln version info, fixes #2353
git-svn-id: file:///home/svn/framework3/trunk@9974 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-09 17:34:59 +00:00
HD Moore e26d4ded08 Import the scanner and utility modules for the VxWorks WDB Agent service
git-svn-id: file:///home/svn/framework3/trunk@9945 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-02 05:56:26 +00:00
Tod Beardsley 8daeccafa6 Changing logic for the VRFY test.
git-svn-id: file:///home/svn/framework3/trunk@9940 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-27 22:12:18 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
Joshua Drake 2482a83526 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9927 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 19:14:00 +00:00
Tod Beardsley 19aab08526 Adding SMTP enumerator, provided by Heyder Andrade. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@9905 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 15:23:16 +00:00
Joshua Drake 8bbd1c3c7b adds updated cert scanner from Thomas Ring, fixes #1752
git-svn-id: file:///home/svn/framework3/trunk@9837 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-15 19:23:05 +00:00
James Lee b4634a98d7 whitspace
git-svn-id: file:///home/svn/framework3/trunk@9833 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 20:27:42 +00:00
HD Moore b44ba8e8bf Treat no-reply and general errors as indication to try the next port
git-svn-id: file:///home/svn/framework3/trunk@9827 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 17:08:08 +00:00
James Lee f2bbb368ea datastore values are always set to default during initialize(), do stuff like this in setup() instead
git-svn-id: file:///home/svn/framework3/trunk@9805 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 19:05:34 +00:00
Tod Beardsley e67e231659 Adds Rex::Text.to_hex_ascii(), replaces the gsub on the banner checks to use it.
git-svn-id: file:///home/svn/framework3/trunk@9804 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 18:52:27 +00:00
HD Moore 06e49b9287 Use a form of the socket create call that actually pivots
git-svn-id: file:///home/svn/framework3/trunk@9789 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-12 03:30:08 +00:00
HD Moore 55763051aa Enable threading of the tcp connect scan (per host)
git-svn-id: file:///home/svn/framework3/trunk@9760 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-09 22:21:34 +00:00
Joshua Drake c1f74794eb style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9744 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-08 23:34:50 +00:00
Tod Beardsley 64fb3624d6 Clean up UDP probe module a little, add an nbname_probe module that's nearly identical to nbname, but allows for pivot scans.
git-svn-id: file:///home/svn/framework3/trunk@9735 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-08 17:31:48 +00:00
Joshua Drake 4705998f6c do not access res.code if res is nil, fixes #2184
git-svn-id: file:///home/svn/framework3/trunk@9726 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 19:52:05 +00:00
Joshua Drake ea12f49bc7 fix type, thx xanda, fixes #2198
git-svn-id: file:///home/svn/framework3/trunk@9713 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 16:36:21 +00:00
Tod Beardsley 6c0c3c25ee Fixes #2191. Reports closed ports, and also alters the print_status messages to be consistent with other scan modules.
git-svn-id: file:///home/svn/framework3/trunk@9677 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 15:53:05 +00:00
HD Moore 1ab0237591 Adds a pivot friendly version of the sweeper
git-svn-id: file:///home/svn/framework3/trunk@9675 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 14:56:36 +00:00
Joshua Drake 9984b662e0 switch some URL references to US-CERT-VU type
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:09:32 +00:00
Carlos Perez 684f604448 small fix
git-svn-id: file:///home/svn/framework3/trunk@9657 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:50:47 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
Joshua Drake bcf61758d1 add scanner module from xanda, fixes #2164
git-svn-id: file:///home/svn/framework3/trunk@9645 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 20:09:08 +00:00
Joshua Drake 93b09648c7 add additional CVE reference, cleanup references
git-svn-id: file:///home/svn/framework3/trunk@9642 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 19:42:11 +00:00
Joshua Drake 2ddab423ce commit updates from Tyler Krpata
git-svn-id: file:///home/svn/framework3/trunk@9630 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-27 07:15:17 +00:00
cg 61bee576c2 updated version module
git-svn-id: file:///home/svn/framework3/trunk@9629 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-26 14:39:51 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
Joshua Drake 2ab5983e2a more whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9626 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 19:49:23 +00:00
Tod Beardsley 5f9680d902 Fixes #2133. This seems to handle many keyfiles pretty well, even if they're concatenated together. Calling it closed.
git-svn-id: file:///home/svn/framework3/trunk@9602 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-24 01:00:08 +00:00
Tod Beardsley d0e7736b2e See #2133 Ack dropping ugly timestamp
git-svn-id: file:///home/svn/framework3/trunk@9600 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 23:01:03 +00:00
Tod Beardsley dbdab1f282 See #2133. Needs more testing, but solves the immediate problem of dying in the face of MaxAuthTries.
git-svn-id: file:///home/svn/framework3/trunk@9599 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 22:58:56 +00:00
Tod Beardsley 2cf9944681 See #2134. Fixes all aux modules that uses sleep().
git-svn-id: file:///home/svn/framework3/trunk@9582 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 18:58:38 +00:00
James Lee f14b3221ca move http version reporting into the HttpClient mixin
git-svn-id: file:///home/svn/framework3/trunk@9579 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 01:39:43 +00:00
Tod Beardsley 1874ce3ac3 Fixes typo and a to_s problem in AXIS LFI module.
git-svn-id: file:///home/svn/framework3/trunk@9572 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 20:42:41 +00:00
Joshua Drake 752905a777 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9571 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 16:53:52 +00:00
Joshua Drake 71fd2152aa add jboss vuln scanner from Tyler Krpata
git-svn-id: file:///home/svn/framework3/trunk@9570 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 16:49:44 +00:00
Tod Beardsley 3bca9baa25 Login failures are verbose errors, not just verbose statuses, for DB2.
git-svn-id: file:///home/svn/framework3/trunk@9567 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 15:10:58 +00:00
Tod Beardsley 613f288226 Fix up ssh_login_pubkey's session management for more effective session reuse.
git-svn-id: file:///home/svn/framework3/trunk@9563 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-19 15:03:27 +00:00
Tod Beardsley 15bf5ff773 Handle RSTs specifically, manage the probe timeout better.
git-svn-id: file:///home/svn/framework3/trunk@9551 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 15:16:39 +00:00
Tod Beardsley be6e0b3393 Fixes #1493, applying patch provided by Vitor Moreira. Thanks a ton for the audit work!
git-svn-id: file:///home/svn/framework3/trunk@9550 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 14:03:53 +00:00
Steve Tornio 98b0de2c3f add osvd ref
git-svn-id: file:///home/svn/framework3/trunk@9549 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 11:00:04 +00:00
Tod Beardsley 19596276ab Adding nginx source disclosure aux module (CVE-2010-2263), contributed by Tiago Ferreira. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@9548 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 01:56:09 +00:00
Tod Beardsley 14706a17e8 Actually report the DAS port as an open service, not just a note.
git-svn-id: file:///home/svn/framework3/trunk@9533 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-16 16:20:30 +00:00
Tod Beardsley cb69b0c134 Fixes #2101. Introduces a proper :skip_user, and adds better comment docs to auth_brute to describe the intended use of each return code.
git-svn-id: file:///home/svn/framework3/trunk@9529 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 19:10:15 +00:00
Tod Beardsley 0e8bdca1e2 Allows mssql_login to bail on a host if it's unresponsive.
git-svn-id: file:///home/svn/framework3/trunk@9528 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 18:43:25 +00:00
HD Moore 35630e3c17 Fix CVE references and invalid author entries
git-svn-id: file:///home/svn/framework3/trunk@9511 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-13 16:01:01 +00:00
HD Moore 53acdcc98b Prevent constant replies from hanging the scan
git-svn-id: file:///home/svn/framework3/trunk@9509 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-13 12:16:30 +00:00
Joshua Drake 698da3bdea add CVE for cognos express
git-svn-id: file:///home/svn/framework3/trunk@9502 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-12 09:37:21 +00:00
Joshua Drake 5194476191 fix problem reported by Vitor Moreira, see #1493
git-svn-id: file:///home/svn/framework3/trunk@9501 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-12 09:15:50 +00:00
Tod Beardsley d9ffa9753e Skip users that are explicitly disallowed from loggin in over telnet.
git-svn-id: file:///home/svn/framework3/trunk@9498 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 22:28:59 +00:00
Jonathan Cran 33212ae5ba small typo fixed. Thanks to Craig Hand.
git-svn-id: file:///home/svn/framework3/trunk@9494 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 19:01:17 +00:00
Joshua Drake e32abab8dc a HTTP -> an HTTP (http://www.english-zone.com/grammar/a-anlessn.html)
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:12:05 +00:00
Joshua Drake c62b62d35d style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9486 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 15:17:23 +00:00
Joshua Drake d26ebfa365 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9476 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:31:21 +00:00
Steve Tornio bccd9a4b94 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9472 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 14:14:02 +00:00
Tod Beardsley 744dcf9616 Adding attribution tage to axis LFI.
git-svn-id: file:///home/svn/framework3/trunk@9471 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 13:36:03 +00:00
Tod Beardsley 468aa07f48 Adding Axis LFI module, submitted by Tiago Ferreira. Thanks!
Also normalizing auth info for DB reporting.



git-svn-id: file:///home/svn/framework3/trunk@9470 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 13:32:27 +00:00
Tod Beardsley 6e98191bdd Adding authentication brute forcer for Apache Axis2, submitted by Leandro Oliveira. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@9467 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 01:53:54 +00:00
Steve Tornio 3b8319a545 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9465 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 21:25:04 +00:00
Tod Beardsley 0e442ff74c Adding Tomcat user enumeration module for CVE-2009-0580, submitted by Heyder Andrade. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@9464 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 21:15:49 +00:00
Steve Tornio 922d362fdc add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9463 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 21:10:08 +00:00
Tod Beardsley 9d1ace25ce Adding BID and CVE to wordpress_login_enum
git-svn-id: file:///home/svn/framework3/trunk@9462 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 20:43:47 +00:00
Tod Beardsley 336a9bdb37 Adding Wordpress login brute forcer and account enumeration module, submitted by Tiago Ferreira. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@9461 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 20:37:56 +00:00
Joshua Drake d8609b85e3 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9460 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 18:41:58 +00:00
Tod Beardsley 7677bbedea Dealing with a hung quit state. oof.
git-svn-id: file:///home/svn/framework3/trunk@9458 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 17:27:32 +00:00
Tod Beardsley 1500858d2d Fixes #2043. Thanks Heyder!
git-svn-id: file:///home/svn/framework3/trunk@9453 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-08 21:14:19 +00:00
Tod Beardsley dd71e4ac58 Fixes #2034. Adds the SINGLE_SESSION option, adds an ftp_quit method to handle sending QUIT and disconnecting.
git-svn-id: file:///home/svn/framework3/trunk@9451 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-08 16:30:03 +00:00
Tod Beardsley a0e252ad75 See #2034. This adds a pretty decent reconnection handler -- keep trying until you're dropped, so this is handy for sites that greylist the banner display.
Also ensures that anonymous:somebrowserID is always checked.



git-svn-id: file:///home/svn/framework3/trunk@9447 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-07 21:37:29 +00:00
James Lee d655521c93 Clarify description for USER_FILE and PASS_FILE
git-svn-id: file:///home/svn/framework3/trunk@9433 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 23:30:33 +00:00
James Lee 36041419f9 Clarify description for USER_FILE and PASS_FILE
git-svn-id: file:///home/svn/framework3/trunk@9432 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 23:26:41 +00:00
Joshua Drake 4d0a64fcd8 add additional references
git-svn-id: file:///home/svn/framework3/trunk@9429 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 16:34:13 +00:00
Joshua Drake 7824ab661a style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9412 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-03 18:25:29 +00:00
Joshua Drake 55f82f0b09 add open proxy detection aux from Matteo Cantoni
git-svn-id: file:///home/svn/framework3/trunk@9411 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-03 18:18:00 +00:00
Tod Beardsley d41e94050e See #2034. This adds a basic FTP bruteforce module. It also makes some minor changes to auth_brute (allows for both SMB and FTP credentials to get mapped to the basic 'USERNAME' and 'PASSWORD' datastores), and touches up the other FTP modules slightly.
git-svn-id: file:///home/svn/framework3/trunk@9388 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-01 18:17:26 +00:00
Mario Ceballos ed79d649da didn't know the default accounts where added. add the cognoss port.
git-svn-id: file:///home/svn/framework3/trunk@9382 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-31 17:16:50 +00:00
HD Moore 6dc55df402 Add TCP versions of the udp enumerators
git-svn-id: file:///home/svn/framework3/trunk@9378 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-27 21:19:53 +00:00
Joshua Drake 3a5d4792ee print_good for summary line too
git-svn-id: file:///home/svn/framework3/trunk@9365 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 18:14:27 +00:00
Tod Beardsley bf4cf3cc85 Gives the finger user enumeration module an overhaul -- more descriptive status messages, more friendly connect/disconnect, and if the target supports multiple usernames per request, do that.
git-svn-id: file:///home/svn/framework3/trunk@9364 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 18:04:06 +00:00
Joshua Drake 1be5df045f whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9362 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 01:52:59 +00:00
Tod Beardsley f37d61922b Adding a case for Linux and friends for finger enumeration.
git-svn-id: file:///home/svn/framework3/trunk@9354 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 21:44:17 +00:00
Joshua Drake 14a6a1b95f another error message update, see #1994
git-svn-id: file:///home/svn/framework3/trunk@9351 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 14:56:23 +00:00
Tod Beardsley 1a2be34a63 Fixes #2002. Needed to work with some pipelining to get this all to work right, but it seems to function now pretty well -- if the target takes Basic, do basic, if the target takes NTLM, do NTLM. Should implement Digest too, but I don't think hardly anyone uses that.
git-svn-id: file:///home/svn/framework3/trunk@9346 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-22 17:58:01 +00:00
Tod Beardsley e02fd71de9 See #2002. Skip authentication schemes that we don't know how to do.
git-svn-id: file:///home/svn/framework3/trunk@9343 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 17:32:54 +00:00
Joshua Drake 793e6ddd52 tweak error message, see #1994
git-svn-id: file:///home/svn/framework3/trunk@9342 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 15:38:07 +00:00
Joshua Drake 688c76f7a0 catch ConnectionError exception before it gets passed higher up, fixes #1994
git-svn-id: file:///home/svn/framework3/trunk@9335 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:33:12 +00:00
HD Moore ce12be8533 Dont let the session socket get cleaned up
git-svn-id: file:///home/svn/framework3/trunk@9315 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-17 20:34:20 +00:00
James Lee f440317225 store the name of the file we got the key from
git-svn-id: file:///home/svn/framework3/trunk@9300 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-14 06:00:06 +00:00
Tod Beardsley 0c7f1a7449 Moving MySQL version requirements even farther back.
git-svn-id: file:///home/svn/framework3/trunk@9295 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 20:19:09 +00:00
Tod Beardsley ca3df5dd5e Give an error message, don't just quietly fail.
git-svn-id: file:///home/svn/framework3/trunk@9293 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 18:23:30 +00:00
Tod Beardsley f9aa3a0c70 Bumping acceptable MySQL scan target back to version 4.1.11
git-svn-id: file:///home/svn/framework3/trunk@9288 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 14:52:00 +00:00
HD Moore aedf63c063 Add Lotus Domino password hash dumper from Tiago Ferreira
git-svn-id: file:///home/svn/framework3/trunk@9253 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 00:44:23 +00:00
HD Moore ffd6dbfaab include the reporting mixin
git-svn-id: file:///home/svn/framework3/trunk@9234 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 23:39:12 +00:00
HD Moore d13adef38e Fix typo
git-svn-id: file:///home/svn/framework3/trunk@9233 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 23:21:47 +00:00
HD Moore 5b7cdc2350 Lotus Domino bruteforce module by Tiago Ferreira
git-svn-id: file:///home/svn/framework3/trunk@9232 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 23:07:00 +00:00
James Lee 62fbc0ad5b use empty strings instead of nil. fixes #1717
git-svn-id: file:///home/svn/framework3/trunk@9228 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 20:03:47 +00:00
Steve Tornio 0c63df8db5 reference updates
git-svn-id: file:///home/svn/framework3/trunk@9225 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 18:18:51 +00:00
HD Moore c71ca00efb Remove debugging line
git-svn-id: file:///home/svn/framework3/trunk@9224 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 16:17:36 +00:00