Commit Graph

67 Commits (392ad18dba7f099c8129efa82464883f9a0fc3a5)

Author SHA1 Message Date
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
William Webb 47a659f554
Land #8185, Convert ntp modules to bindata 2017-06-22 09:37:58 -05:00
William Webb 652e237131
add missing .to_binary_s calls 2017-06-16 13:39:04 -05:00
Jeffrey Martin 1558db375d
update CVE reference in where modules report_vuln 2017-06-05 16:36:44 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
Brent Cook 5f88971ca9 convert NTP modules to bindata 2017-04-04 02:57:38 -05:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
Jon Hart fdbd3cfc11
Fix minor style problems, call check() from run_host 2015-12-02 15:46:35 -08:00
Jon Hart f84e9a88b0
Credit for original vuln discovery 2015-11-06 10:40:07 -08:00
Jon Hart dd91956c4a
ooops, puts 2015-11-02 15:07:26 -08:00
Jon Hart de959ed62b
Remove actions; check and run_* will suffice 2015-11-02 13:54:42 -08:00
Jon Hart 1c3e4d2cbf
Refactor to use Scanner; add check; add beginnings of actions 2015-11-02 13:39:09 -08:00
Jon Hart ced20ba51c
Refactor NTP symmetric packet creation; add vuln detection to NAK to the future 2015-11-02 12:46:58 -08:00
Jon Hart 17c4aa2348
Fill in description; style 2015-11-02 12:18:35 -08:00
Jon Hart 8fb0596888
Add more refs 2015-11-02 12:07:18 -08:00
Jon Hart 78ad9908d2 Doc 2015-10-27 18:10:18 -07:00
Jon Hart f2b6d37630 Add WIP module for Cisco Talos' NTP 'NAK to the future' 2015-10-27 18:10:07 -07:00
root 4bd40fed7f yard doc and comment corrections for auxiliary 2015-04-03 16:12:23 +05:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Jon Hart 8c8ccc1d54
Update Authors 2014-10-06 11:30:39 -07:00
Jon Hart a341756e83
Support spoofing source IPs for NTP readvar, include status messages 2014-10-03 14:05:57 -07:00
Jon Hart fa4414155a
Only include the exact readvar payload, not any padding 2014-10-03 13:58:13 -07:00
Jon Hart 65c1a8230a
Address most Rubocop complaints 2014-10-03 13:47:29 -07:00
Jon Hart 0715c671c6
Update NTP readvar module to detect DRDoS, UDPScanner to be faster 2014-10-03 13:28:30 -07:00
Josh Abraham 3fb00ece9e refactored the code based on PR feedback 2014-09-20 14:10:00 -04:00
Josh Abraham 43171141da update for ntp modules 2014-09-19 11:14:11 -04:00
Jon Hart 337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification 2014-08-26 07:48:44 -07:00
Tod Beardsley 6d9833e32b
Minor pre-release updates with descriptions 2014-08-25 13:34:45 -05:00
Tod Beardsley 2f87c880df
Add link to blog post for NTP modules 2014-08-25 12:58:10 -05:00
William Vu 7a76efa7f7
Add reference and disclosure date 2014-08-25 11:46:47 -05:00
Jon Hart 9f9f28cc31
If a peer is 127.0.0.1, don't try to store it because we (currently...) can't 2014-08-20 15:48:54 -07:00
Jon Hart 9db3dc7ad8
Store peer data note in the same format as originally 2014-08-20 15:10:45 -07:00
Jon Hart 758c3fa518
Only discard monlist replies that are impossibly short
This fixes the case where if a monlist reply only includes one peer
2014-08-20 15:02:21 -07:00
Jon Hart 7ad9300d37
Update ntp_monlist to use UDPScanner, NTP and DRDoS mixins 2014-08-20 14:41:00 -07:00
Jon Hart 8fd4ee87ab
Allow singular NTP version and mode 7 implementation testing 2014-08-20 12:21:39 -07:00
Jon Hart a5e9abc227
Update R7-2014-12 NTP modules to use new DRDoS mixin 2014-08-08 23:15:54 -07:00
Jon Hart 00452b41c9
Gut admin functions from R7-2014-12 NTP modules
None of these are admin modules.  All of that stuff should eventually go
in auxiliary/admin
2014-08-08 21:22:11 -07:00
Jon Hart ed3ccdc9e0
Initial commit of modules for NTP vulns described in R7-2014-12
Not entirely functional or polished, but mostly working
2014-08-08 21:00:43 -07:00
William Vu 1c4797337f Clean up rapid7/metasploit-framework#3132 2014-03-25 14:04:43 -05:00
Matteo Cantoni 4b2a2d4dea Improve NTP monlist auxiliary module 2014-03-21 16:39:53 +01:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7 1331952515 up to date 2013-03-12 16:55:06 +01:00
jvazquez-r7 6bd995f37e up to date 2013-03-12 16:53:37 +01:00