Joshua Drake
3992eb7ef8
Mass RE-update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake
9fc6f2f3a3
Mass update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake
a758dfe37d
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10988 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 18:20:52 +00:00
Tod Beardsley
a34096c845
For smb_login, preserve_domains is now default to true. I think it's less surprising that way.
...
git-svn-id: file:///home/svn/framework3/trunk@10982 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 14:03:02 +00:00
Tod Beardsley
9aa7db5bad
More domain love for smb_login.
...
git-svn-id: file:///home/svn/framework3/trunk@10979 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 04:12:17 +00:00
Tod Beardsley
996cc49408
Be more accomodating for SMB domains when bruteforcing SMB hosts.
...
git-svn-id: file:///home/svn/framework3/trunk@10977 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 02:07:31 +00:00
Tod Beardsley
9e8a567dd3
See #3146 . Don't try string ops on $1 and $2 -- drop these into a more clearly labeled temp variable first, and handle them safely.
...
Also, I don't think the match newline regex directive helps much. Also, print a more meaningful status message in the event of a lack of a Server: line fignerprint.
Thanks for the bug report!
git-svn-id: file:///home/svn/framework3/trunk@10962 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 18:48:07 +00:00
HD Moore
7a2e25fd28
Fixes #3146 by unbreaking this code
...
git-svn-id: file:///home/svn/framework3/trunk@10961 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 17:48:41 +00:00
Tod Beardsley
13b15c9a2c
An incremental advance for this mighty UPnP probe module.
...
git-svn-id: file:///home/svn/framework3/trunk@10959 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 15:19:28 +00:00
Tod Beardsley
fa962647f9
Adds an auxiliary module to probe the local gateway via UPnP. Kinda neat.
...
git-svn-id: file:///home/svn/framework3/trunk@10957 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 06:24:32 +00:00
cg
b3713f9d46
handle 302's, print error codes since its important
...
git-svn-id: file:///home/svn/framework3/trunk@10928 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-06 14:45:22 +00:00
Joshua Drake
dee671318e
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10895 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 02:54:16 +00:00
cg
5421be199a
adobe xml inject aux module
...
git-svn-id: file:///home/svn/framework3/trunk@10894 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 02:11:31 +00:00
Joshua Drake
21f16f63a1
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10855 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-01 21:45:49 +00:00
Tod Beardsley
9c6f771252
Suppress the error when your @result is nil in smtp_enum.rb
...
git-svn-id: file:///home/svn/framework3/trunk@10853 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-01 13:56:42 +00:00
Tod Beardsley
730ec09464
Allow for blank FTP usernames. Just not nil ones.
...
git-svn-id: file:///home/svn/framework3/trunk@10834 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-27 20:12:51 +00:00
Joshua Drake
e78aa83021
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10821 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:58:49 +00:00
Tod Beardsley
6f56086df9
See #2888 . Editing the title and description to reflect the multitude of Barracuda products affected by this module. Only three are actually listed specifically, but users can always refer to the OSVDB listing to get the complete list.
...
git-svn-id: file:///home/svn/framework3/trunk@10772 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-21 01:18:38 +00:00
Joshua Drake
04858c69fc
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:54:19 +00:00
Joshua Drake
7c1d8c7d05
fix false negatives, slightly reworked, fixes #2888
...
git-svn-id: file:///home/svn/framework3/trunk@10751 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 21:55:19 +00:00
Joshua Drake
042e71c357
add ports/refs for ZDI-10-214
...
git-svn-id: file:///home/svn/framework3/trunk@10747 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 14:28:52 +00:00
HD Moore
21bd23b9e6
Fixes #2786
...
git-svn-id: file:///home/svn/framework3/trunk@10707 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-16 17:53:27 +00:00
Tod Beardsley
97ebcd30a9
Fixes #788 by (finally!) committing Daniele's IPv6 link-local IPv6 scanner. Note that the timing can be a little touchy for this module (as well as for the IPv4 ARP scanner) but seems to be reliable enough on normal networks when scanning a /24.
...
Sorry for the delay!
git-svn-id: file:///home/svn/framework3/trunk@10700 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-15 22:48:18 +00:00
Tod Beardsley
48bcc580b8
Fixes #2623 . This solves the original problem with the SNMP community scanner not respecting the ShowProgress toggle. The other fixes proposed in this bug really kind of seem to be quibbles over what's useful for verbosity and what's not. Please open another ticket for that with a unified diff of the proposed changes.
...
Thanks for the report!
git-svn-id: file:///home/svn/framework3/trunk@10697 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-15 20:11:51 +00:00
Joshua Drake
9e6e29428a
add disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@10638 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-11 04:00:57 +00:00
HD Moore
06291bb78e
Clean up the barracuda module a bit (grammar and removal of the report_auth_info until its refactored)
...
git-svn-id: file:///home/svn/framework3/trunk@10631 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-10 17:45:30 +00:00
Joshua Drake
54133b79fd
add barracuda module from Tiago
...
git-svn-id: file:///home/svn/framework3/trunk@10627 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-10 01:42:26 +00:00
Tod Beardsley
87d7368166
Next time, try a couple more test cases. :(
...
git-svn-id: file:///home/svn/framework3/trunk@10623 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 19:54:03 +00:00
Tod Beardsley
fc755f7a7a
Fixes a bug where the return was getting ignored by each_user_pass for FTP. As a result, all usernames would get tried, instead of retiring a username once a good password was found.
...
git-svn-id: file:///home/svn/framework3/trunk@10622 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 19:03:49 +00:00
Tod Beardsley
c2938323cc
Pretty much the same deal as r10592, but for SSH, which sometimes has similiar RST problems.
...
git-svn-id: file:///home/svn/framework3/trunk@10593 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 02:11:06 +00:00
Tod Beardsley
df48b11093
Makes telnet_login a more resistant to intermittant RSTs. If a machine gives us a reset, try again with a backoff. Only after 3 retries should we give up entirely. You'd be amazed how many devices this is required for.
...
git-svn-id: file:///home/svn/framework3/trunk@10592 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 01:54:56 +00:00
Tod Beardsley
b5fe64aca2
This works around a blocking problem encountered with recv_telnet(). Don't hang around trying to recv when we've already got a password prompt or a success/fail response.
...
git-svn-id: file:///home/svn/framework3/trunk@10590 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 00:48:24 +00:00
Tod Beardsley
ea128c6404
Mention the port when bruteforcing SMB services. Handy for noticing when you're being direct or indirect.
...
git-svn-id: file:///home/svn/framework3/trunk@10498 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-27 17:11:40 +00:00
Joshua Drake
7c1dc98456
switch logic around, add some debug/verbose prints
...
git-svn-id: file:///home/svn/framework3/trunk@10478 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 18:14:54 +00:00
HD Moore
46db59c5af
Treat access denied the same as logon failure
...
git-svn-id: file:///home/svn/framework3/trunk@10474 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 03:30:22 +00:00
James Lee
a9c3628a2d
make it more obvious that the connection failed, not the login. see #2682
...
git-svn-id: file:///home/svn/framework3/trunk@10467 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 21:45:36 +00:00
Tod Beardsley
09cab24dbf
Report_note no longer tries to re-report a service name; it just re-reports port numbers and protocols. This is to avoid unidentifying identified services.
...
git-svn-id: file:///home/svn/framework3/trunk@10458 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 17:52:25 +00:00
Patrick Webster
e6969ba30e
Fixed spelling mistake.
...
git-svn-id: file:///home/svn/framework3/trunk@10445 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-23 05:48:07 +00:00
HD Moore
8d45915f8c
Remove the buggy report_host
...
git-svn-id: file:///home/svn/framework3/trunk@10414 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 03:14:08 +00:00
Joshua Drake
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
James Lee
5f0cc946b1
document report_note a little better, and modify several modules to use it correctly. fixes #2568
...
git-svn-id: file:///home/svn/framework3/trunk@10377 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-19 22:25:56 +00:00
Mario Ceballos
9975827d22
updated module from Thomas Ring.
...
git-svn-id: file:///home/svn/framework3/trunk@10371 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 23:59:28 +00:00
HD Moore
e939379b1b
Fix missing end, use explicit Timeout class
...
git-svn-id: file:///home/svn/framework3/trunk@10366 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 04:15:32 +00:00
Tod Beardsley
b023d89469
Wrap SSH and Telnet version checkers in a timeout, or else they sometimes hang forever.
...
git-svn-id: file:///home/svn/framework3/trunk@10365 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 03:00:19 +00:00
Tod Beardsley
8cf8fe9436
Making postgres_version more subdued in its successful fingerprint reporting with print_status instead of print_good, since other fingerprinting modules use print_status for the most part.
...
git-svn-id: file:///home/svn/framework3/trunk@10313 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-14 14:43:56 +00:00
Joshua Drake
5de3146533
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10273 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-09 15:47:35 +00:00
cg
8cf89d7e05
fix a typo
...
git-svn-id: file:///home/svn/framework3/trunk@10211 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:57:22 +00:00
cg
6b1eb27ab5
put scanner modules in the scanner directory
...
git-svn-id: file:///home/svn/framework3/trunk@10210 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:49:06 +00:00
Tod Beardsley
21540e22ed
Checking in missing reporting stuff for bruteforce. Namely, report_exploit, also changes ftp's pw type to just "password" and re-opens newly verified sessions.
...
git-svn-id: file:///home/svn/framework3/trunk@10205 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-31 20:33:16 +00:00
Tod Beardsley
6d6a547b34
Fixes #2412 . Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands.
...
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 00:58:20 +00:00
Joshua Drake
acb82fa857
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10010 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-13 23:11:14 +00:00
HD Moore
040a292181
Create a new mixin that changes SMBUser/SMBPass to normal options, include this mixin within SMB modules that more often than not require authentication
...
git-svn-id: file:///home/svn/framework3/trunk@9981 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-12 15:00:58 +00:00
HD Moore
929d7bd158
Patch from Robin Wood
...
git-svn-id: file:///home/svn/framework3/trunk@9980 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-12 14:45:24 +00:00
Joshua Drake
7a612cd6af
fix up vuln version info, fixes #2353
...
git-svn-id: file:///home/svn/framework3/trunk@9974 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-09 17:34:59 +00:00
HD Moore
e26d4ded08
Import the scanner and utility modules for the VxWorks WDB Agent service
...
git-svn-id: file:///home/svn/framework3/trunk@9945 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-02 05:56:26 +00:00
Tod Beardsley
8daeccafa6
Changing logic for the VRFY test.
...
git-svn-id: file:///home/svn/framework3/trunk@9940 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-27 22:12:18 +00:00
Joshua Drake
f6033b9bd6
change some print_status to print_error, rename a few msft modules using msb convention
...
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
Joshua Drake
2482a83526
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9927 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 19:14:00 +00:00
Tod Beardsley
19aab08526
Adding SMTP enumerator, provided by Heyder Andrade. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@9905 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 15:23:16 +00:00
Joshua Drake
8bbd1c3c7b
adds updated cert scanner from Thomas Ring, fixes #1752
...
git-svn-id: file:///home/svn/framework3/trunk@9837 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-15 19:23:05 +00:00
James Lee
b4634a98d7
whitspace
...
git-svn-id: file:///home/svn/framework3/trunk@9833 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 20:27:42 +00:00
HD Moore
b44ba8e8bf
Treat no-reply and general errors as indication to try the next port
...
git-svn-id: file:///home/svn/framework3/trunk@9827 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 17:08:08 +00:00
James Lee
f2bbb368ea
datastore values are always set to default during initialize(), do stuff like this in setup() instead
...
git-svn-id: file:///home/svn/framework3/trunk@9805 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 19:05:34 +00:00
Tod Beardsley
e67e231659
Adds Rex::Text.to_hex_ascii(), replaces the gsub on the banner checks to use it.
...
git-svn-id: file:///home/svn/framework3/trunk@9804 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 18:52:27 +00:00
HD Moore
06e49b9287
Use a form of the socket create call that actually pivots
...
git-svn-id: file:///home/svn/framework3/trunk@9789 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-12 03:30:08 +00:00
HD Moore
55763051aa
Enable threading of the tcp connect scan (per host)
...
git-svn-id: file:///home/svn/framework3/trunk@9760 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-09 22:21:34 +00:00
Joshua Drake
c1f74794eb
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9744 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-08 23:34:50 +00:00
Tod Beardsley
64fb3624d6
Clean up UDP probe module a little, add an nbname_probe module that's nearly identical to nbname, but allows for pivot scans.
...
git-svn-id: file:///home/svn/framework3/trunk@9735 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-08 17:31:48 +00:00
Joshua Drake
4705998f6c
do not access res.code if res is nil, fixes #2184
...
git-svn-id: file:///home/svn/framework3/trunk@9726 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 19:52:05 +00:00
Joshua Drake
ea12f49bc7
fix type, thx xanda, fixes #2198
...
git-svn-id: file:///home/svn/framework3/trunk@9713 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 16:36:21 +00:00
Tod Beardsley
6c0c3c25ee
Fixes #2191 . Reports closed ports, and also alters the print_status messages to be consistent with other scan modules.
...
git-svn-id: file:///home/svn/framework3/trunk@9677 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 15:53:05 +00:00
HD Moore
1ab0237591
Adds a pivot friendly version of the sweeper
...
git-svn-id: file:///home/svn/framework3/trunk@9675 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 14:56:36 +00:00
Joshua Drake
9984b662e0
switch some URL references to US-CERT-VU type
...
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:09:32 +00:00
Carlos Perez
684f604448
small fix
...
git-svn-id: file:///home/svn/framework3/trunk@9657 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:50:47 +00:00
Joshua Drake
0882838491
ensure binary mode when opening files, whitespace fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
Joshua Drake
bcf61758d1
add scanner module from xanda, fixes #2164
...
git-svn-id: file:///home/svn/framework3/trunk@9645 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 20:09:08 +00:00
Joshua Drake
93b09648c7
add additional CVE reference, cleanup references
...
git-svn-id: file:///home/svn/framework3/trunk@9642 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 19:42:11 +00:00
Joshua Drake
2ddab423ce
commit updates from Tyler Krpata
...
git-svn-id: file:///home/svn/framework3/trunk@9630 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-27 07:15:17 +00:00
cg
61bee576c2
updated version module
...
git-svn-id: file:///home/svn/framework3/trunk@9629 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-26 14:39:51 +00:00
Joshua Drake
12fbdcd878
add http_fingerprint calls to modules that use various headers
...
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
Joshua Drake
2ab5983e2a
more whitespace fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9626 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 19:49:23 +00:00
Tod Beardsley
5f9680d902
Fixes #2133 . This seems to handle many keyfiles pretty well, even if they're concatenated together. Calling it closed.
...
git-svn-id: file:///home/svn/framework3/trunk@9602 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-24 01:00:08 +00:00
Tod Beardsley
d0e7736b2e
See #2133 Ack dropping ugly timestamp
...
git-svn-id: file:///home/svn/framework3/trunk@9600 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 23:01:03 +00:00
Tod Beardsley
dbdab1f282
See #2133 . Needs more testing, but solves the immediate problem of dying in the face of MaxAuthTries.
...
git-svn-id: file:///home/svn/framework3/trunk@9599 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 22:58:56 +00:00
Tod Beardsley
2cf9944681
See #2134 . Fixes all aux modules that uses sleep().
...
git-svn-id: file:///home/svn/framework3/trunk@9582 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 18:58:38 +00:00
James Lee
f14b3221ca
move http version reporting into the HttpClient mixin
...
git-svn-id: file:///home/svn/framework3/trunk@9579 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 01:39:43 +00:00
Tod Beardsley
1874ce3ac3
Fixes typo and a to_s problem in AXIS LFI module.
...
git-svn-id: file:///home/svn/framework3/trunk@9572 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 20:42:41 +00:00
Joshua Drake
752905a777
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9571 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 16:53:52 +00:00
Joshua Drake
71fd2152aa
add jboss vuln scanner from Tyler Krpata
...
git-svn-id: file:///home/svn/framework3/trunk@9570 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 16:49:44 +00:00
Tod Beardsley
3bca9baa25
Login failures are verbose errors, not just verbose statuses, for DB2.
...
git-svn-id: file:///home/svn/framework3/trunk@9567 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 15:10:58 +00:00
Tod Beardsley
613f288226
Fix up ssh_login_pubkey's session management for more effective session reuse.
...
git-svn-id: file:///home/svn/framework3/trunk@9563 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-19 15:03:27 +00:00
Tod Beardsley
15bf5ff773
Handle RSTs specifically, manage the probe timeout better.
...
git-svn-id: file:///home/svn/framework3/trunk@9551 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 15:16:39 +00:00
Tod Beardsley
be6e0b3393
Fixes #1493 , applying patch provided by Vitor Moreira. Thanks a ton for the audit work!
...
git-svn-id: file:///home/svn/framework3/trunk@9550 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 14:03:53 +00:00
Steve Tornio
98b0de2c3f
add osvd ref
...
git-svn-id: file:///home/svn/framework3/trunk@9549 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 11:00:04 +00:00
Tod Beardsley
19596276ab
Adding nginx source disclosure aux module (CVE-2010-2263), contributed by Tiago Ferreira. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@9548 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-17 01:56:09 +00:00
Tod Beardsley
14706a17e8
Actually report the DAS port as an open service, not just a note.
...
git-svn-id: file:///home/svn/framework3/trunk@9533 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-16 16:20:30 +00:00
Tod Beardsley
cb69b0c134
Fixes #2101 . Introduces a proper :skip_user, and adds better comment docs to auth_brute to describe the intended use of each return code.
...
git-svn-id: file:///home/svn/framework3/trunk@9529 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 19:10:15 +00:00
Tod Beardsley
0e8bdca1e2
Allows mssql_login to bail on a host if it's unresponsive.
...
git-svn-id: file:///home/svn/framework3/trunk@9528 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 18:43:25 +00:00
HD Moore
35630e3c17
Fix CVE references and invalid author entries
...
git-svn-id: file:///home/svn/framework3/trunk@9511 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-13 16:01:01 +00:00
HD Moore
53acdcc98b
Prevent constant replies from hanging the scan
...
git-svn-id: file:///home/svn/framework3/trunk@9509 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-13 12:16:30 +00:00
Joshua Drake
698da3bdea
add CVE for cognos express
...
git-svn-id: file:///home/svn/framework3/trunk@9502 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-12 09:37:21 +00:00
Joshua Drake
5194476191
fix problem reported by Vitor Moreira, see #1493
...
git-svn-id: file:///home/svn/framework3/trunk@9501 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-12 09:15:50 +00:00
Tod Beardsley
d9ffa9753e
Skip users that are explicitly disallowed from loggin in over telnet.
...
git-svn-id: file:///home/svn/framework3/trunk@9498 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 22:28:59 +00:00
Jonathan Cran
33212ae5ba
small typo fixed. Thanks to Craig Hand.
...
git-svn-id: file:///home/svn/framework3/trunk@9494 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 19:01:17 +00:00
Joshua Drake
e32abab8dc
a HTTP -> an HTTP ( http://www.english-zone.com/grammar/a-anlessn.html )
...
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:12:05 +00:00
Joshua Drake
c62b62d35d
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9486 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 15:17:23 +00:00
Joshua Drake
d26ebfa365
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9476 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:31:21 +00:00
Steve Tornio
bccd9a4b94
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9472 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 14:14:02 +00:00
Tod Beardsley
744dcf9616
Adding attribution tage to axis LFI.
...
git-svn-id: file:///home/svn/framework3/trunk@9471 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 13:36:03 +00:00
Tod Beardsley
468aa07f48
Adding Axis LFI module, submitted by Tiago Ferreira. Thanks!
...
Also normalizing auth info for DB reporting.
git-svn-id: file:///home/svn/framework3/trunk@9470 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 13:32:27 +00:00
Tod Beardsley
6e98191bdd
Adding authentication brute forcer for Apache Axis2, submitted by Leandro Oliveira. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@9467 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 01:53:54 +00:00
Steve Tornio
3b8319a545
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9465 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 21:25:04 +00:00
Tod Beardsley
0e442ff74c
Adding Tomcat user enumeration module for CVE-2009-0580, submitted by Heyder Andrade. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@9464 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 21:15:49 +00:00
Steve Tornio
922d362fdc
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9463 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 21:10:08 +00:00
Tod Beardsley
9d1ace25ce
Adding BID and CVE to wordpress_login_enum
...
git-svn-id: file:///home/svn/framework3/trunk@9462 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 20:43:47 +00:00
Tod Beardsley
336a9bdb37
Adding Wordpress login brute forcer and account enumeration module, submitted by Tiago Ferreira. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@9461 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 20:37:56 +00:00
Joshua Drake
d8609b85e3
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9460 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 18:41:58 +00:00
Tod Beardsley
7677bbedea
Dealing with a hung quit state. oof.
...
git-svn-id: file:///home/svn/framework3/trunk@9458 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-09 17:27:32 +00:00
Tod Beardsley
1500858d2d
Fixes #2043 . Thanks Heyder!
...
git-svn-id: file:///home/svn/framework3/trunk@9453 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-08 21:14:19 +00:00
Tod Beardsley
dd71e4ac58
Fixes #2034 . Adds the SINGLE_SESSION option, adds an ftp_quit method to handle sending QUIT and disconnecting.
...
git-svn-id: file:///home/svn/framework3/trunk@9451 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-08 16:30:03 +00:00
Tod Beardsley
a0e252ad75
See #2034 . This adds a pretty decent reconnection handler -- keep trying until you're dropped, so this is handy for sites that greylist the banner display.
...
Also ensures that anonymous:somebrowserID is always checked.
git-svn-id: file:///home/svn/framework3/trunk@9447 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-07 21:37:29 +00:00
James Lee
d655521c93
Clarify description for USER_FILE and PASS_FILE
...
git-svn-id: file:///home/svn/framework3/trunk@9433 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 23:30:33 +00:00
James Lee
36041419f9
Clarify description for USER_FILE and PASS_FILE
...
git-svn-id: file:///home/svn/framework3/trunk@9432 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 23:26:41 +00:00
Joshua Drake
4d0a64fcd8
add additional references
...
git-svn-id: file:///home/svn/framework3/trunk@9429 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 16:34:13 +00:00
Joshua Drake
7824ab661a
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9412 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-03 18:25:29 +00:00
Joshua Drake
55f82f0b09
add open proxy detection aux from Matteo Cantoni
...
git-svn-id: file:///home/svn/framework3/trunk@9411 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-03 18:18:00 +00:00
Tod Beardsley
d41e94050e
See #2034 . This adds a basic FTP bruteforce module. It also makes some minor changes to auth_brute (allows for both SMB and FTP credentials to get mapped to the basic 'USERNAME' and 'PASSWORD' datastores), and touches up the other FTP modules slightly.
...
git-svn-id: file:///home/svn/framework3/trunk@9388 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-01 18:17:26 +00:00
Mario Ceballos
ed79d649da
didn't know the default accounts where added. add the cognoss port.
...
git-svn-id: file:///home/svn/framework3/trunk@9382 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-31 17:16:50 +00:00
HD Moore
6dc55df402
Add TCP versions of the udp enumerators
...
git-svn-id: file:///home/svn/framework3/trunk@9378 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-27 21:19:53 +00:00
Joshua Drake
3a5d4792ee
print_good for summary line too
...
git-svn-id: file:///home/svn/framework3/trunk@9365 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 18:14:27 +00:00
Tod Beardsley
bf4cf3cc85
Gives the finger user enumeration module an overhaul -- more descriptive status messages, more friendly connect/disconnect, and if the target supports multiple usernames per request, do that.
...
git-svn-id: file:///home/svn/framework3/trunk@9364 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 18:04:06 +00:00
Joshua Drake
1be5df045f
whitespace fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9362 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 01:52:59 +00:00
Tod Beardsley
f37d61922b
Adding a case for Linux and friends for finger enumeration.
...
git-svn-id: file:///home/svn/framework3/trunk@9354 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 21:44:17 +00:00
Joshua Drake
14a6a1b95f
another error message update, see #1994
...
git-svn-id: file:///home/svn/framework3/trunk@9351 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 14:56:23 +00:00
Tod Beardsley
1a2be34a63
Fixes #2002 . Needed to work with some pipelining to get this all to work right, but it seems to function now pretty well -- if the target takes Basic, do basic, if the target takes NTLM, do NTLM. Should implement Digest too, but I don't think hardly anyone uses that.
...
git-svn-id: file:///home/svn/framework3/trunk@9346 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-22 17:58:01 +00:00
Tod Beardsley
e02fd71de9
See #2002 . Skip authentication schemes that we don't know how to do.
...
git-svn-id: file:///home/svn/framework3/trunk@9343 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 17:32:54 +00:00
Joshua Drake
793e6ddd52
tweak error message, see #1994
...
git-svn-id: file:///home/svn/framework3/trunk@9342 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 15:38:07 +00:00
Joshua Drake
688c76f7a0
catch ConnectionError exception before it gets passed higher up, fixes #1994
...
git-svn-id: file:///home/svn/framework3/trunk@9335 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:33:12 +00:00
HD Moore
ce12be8533
Dont let the session socket get cleaned up
...
git-svn-id: file:///home/svn/framework3/trunk@9315 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-17 20:34:20 +00:00
James Lee
f440317225
store the name of the file we got the key from
...
git-svn-id: file:///home/svn/framework3/trunk@9300 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-14 06:00:06 +00:00
Tod Beardsley
0c7f1a7449
Moving MySQL version requirements even farther back.
...
git-svn-id: file:///home/svn/framework3/trunk@9295 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 20:19:09 +00:00
Tod Beardsley
ca3df5dd5e
Give an error message, don't just quietly fail.
...
git-svn-id: file:///home/svn/framework3/trunk@9293 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 18:23:30 +00:00
Tod Beardsley
f9aa3a0c70
Bumping acceptable MySQL scan target back to version 4.1.11
...
git-svn-id: file:///home/svn/framework3/trunk@9288 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 14:52:00 +00:00
HD Moore
aedf63c063
Add Lotus Domino password hash dumper from Tiago Ferreira
...
git-svn-id: file:///home/svn/framework3/trunk@9253 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 00:44:23 +00:00
HD Moore
ffd6dbfaab
include the reporting mixin
...
git-svn-id: file:///home/svn/framework3/trunk@9234 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 23:39:12 +00:00
HD Moore
d13adef38e
Fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@9233 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 23:21:47 +00:00
HD Moore
5b7cdc2350
Lotus Domino bruteforce module by Tiago Ferreira
...
git-svn-id: file:///home/svn/framework3/trunk@9232 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 23:07:00 +00:00
James Lee
62fbc0ad5b
use empty strings instead of nil. fixes #1717
...
git-svn-id: file:///home/svn/framework3/trunk@9228 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 20:03:47 +00:00
Steve Tornio
0c63df8db5
reference updates
...
git-svn-id: file:///home/svn/framework3/trunk@9225 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 18:18:51 +00:00
HD Moore
c71ca00efb
Remove debugging line
...
git-svn-id: file:///home/svn/framework3/trunk@9224 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 16:17:36 +00:00