95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
d2885d9045
Correct US Cert references
2012-12-13 14:19:53 -06:00
6b033fb1a8
Only store the password when there's one
2012-11-14 01:25:32 -06:00
212179b95e
change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password
2012-11-13 23:49:45 -06:00
721cf41f47
fix nil class error on non-lantronix hosts
2012-11-13 23:46:59 -06:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
0675a6171b
Cosmetic changes
2012-10-17 17:30:16 -05:00
3bd84e255f
minor cleanup
2012-10-17 22:06:47 +02:00
9af727388f
deleted superfluous code and comments
2012-10-17 14:27:00 -05:00
79da6c7186
added Lantronix telnet password recovery module
2012-10-14 12:46:52 -05:00
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
9d97dc8327
Add Metasploit blogs as references, because they're useful.
2012-09-03 15:57:27 -05:00
073205a875
Merge branch 'master' into feature/vuln-info
2012-06-18 20:21:36 -05:00
909614569a
Revert "Banner encoding fix when running against dd-wrt on ruby 1.9.3"
...
This reverts commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c.
Telnet banner parsing restored
2012-06-18 10:44:06 -04:00
c388cba421
Fix up modules calling report_vuln() to use new syntax
2012-06-17 23:39:20 -05:00
77f95df1e9
Banner encoding fix when running against dd-wrt on ruby 1.9.3
2012-05-21 14:50:57 -05:00
7a78c99c5e
Adding credit to original PoC guy for RuggedCom
...
Just added and commented. It'd be nice to have a real spot for this kind
of credit, because it comes up a lot and it's hard to parse out in a
machine way who 'wrote' the module and who came up with the exploit.
2012-05-16 13:47:15 -05:00
79a590ccf7
Merge pull request #380 from wchen-r7/bmerinofe-telnet_ruggedcom
...
Modified version of pull request #379 - RuggedCom Telnet Password Generator by bmerinofe
2012-05-13 11:13:27 -07:00
15fbb1e86c
This the modified version of pull request #379 . Changes include:
...
* Add more references
* Update description
* MSF license disclaimer
* Remove the to() function. Instead it's in run_host()
* Put 'info' in the :proof key
* Remove ::Exception handling, so we can see the original that's also logged in framework.log
2012-05-13 04:09:17 -05:00
1d2581ebf4
Cosmetic
2012-04-21 14:51:20 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
4369f73c7a
Msftidy fixes on new modules
...
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
a6b10862bd
Adds a lantronix telnet discovery module
2012-02-23 17:22:32 -06:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
a758462a32
Remove some whitespace
2012-02-13 11:01:26 -06:00
bf425a6744
Fixed bug that prevented telnet sessions from opening with good creds
2012-01-06 16:59:08 -08:00
2ad5c56d48
Typo in comment
2011-12-27 19:11:09 -06:00
617f3250cf
Handle patched systems accurately (requires actually triggering the bug)
2011-12-27 19:04:34 -06:00
f8e3119215
Add references
2011-12-27 17:50:06 -06:00
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
c984ea41d1
Quick fix to cred sourcing to eliminate spaces in the source type
2011-11-10 20:39:13 -08:00
a88f954640
More Cred Sourcing
...
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
24388f3a38
Adding a CVE reference for weak/blank/guessable passwords.
...
git-svn-id: file:///home/svn/framework3/trunk@11465 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 15:30:17 +00:00
9c668b8daf
Super-duper rservices commit -
...
1. Added rsh, rlogin, and rexec auth brute scanners
2. Login negotation moved into new Msf::Auxiliary::Login mixin
3. Centralized session registration for auth brute scanners
4. Telnet and SSH auth brute scanners updated to use new mixins
5. Previously committed rservices mixin (r11093)
git-svn-id: file:///home/svn/framework3/trunk@11106 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 01:23:24 +00:00
dbcb6d0dc4
use max instead of .sort.last
...
git-svn-id: file:///home/svn/framework3/trunk@11073 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:34:10 +00:00
04858c69fc
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:54:19 +00:00
df48b11093
Makes telnet_login a more resistant to intermittant RSTs. If a machine gives us a reset, try again with a backoff. Only after 3 retries should we give up entirely. You'd be amazed how many devices this is required for.
...
git-svn-id: file:///home/svn/framework3/trunk@10592 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 01:54:56 +00:00
b5fe64aca2
This works around a blocking problem encountered with recv_telnet(). Don't hang around trying to recv when we've already got a password prompt or a success/fail response.
...
git-svn-id: file:///home/svn/framework3/trunk@10590 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 00:48:24 +00:00
e939379b1b
Fix missing end, use explicit Timeout class
...
git-svn-id: file:///home/svn/framework3/trunk@10366 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 04:15:32 +00:00
b023d89469
Wrap SSH and Telnet version checkers in a timeout, or else they sometimes hang forever.
...
git-svn-id: file:///home/svn/framework3/trunk@10365 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 03:00:19 +00:00
6d6a547b34
Fixes #2412 . Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands.
...
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 00:58:20 +00:00
e67e231659
Adds Rex::Text.to_hex_ascii(), replaces the gsub on the banner checks to use it.
...
git-svn-id: file:///home/svn/framework3/trunk@9804 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 18:52:27 +00:00
cb69b0c134
Fixes #2101 . Introduces a proper :skip_user, and adds better comment docs to auth_brute to describe the intended use of each return code.
...
git-svn-id: file:///home/svn/framework3/trunk@9529 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 19:10:15 +00:00
d9ffa9753e
Skip users that are explicitly disallowed from loggin in over telnet.
...
git-svn-id: file:///home/svn/framework3/trunk@9498 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 22:28:59 +00:00
ce12be8533
Dont let the session socket get cleaned up
...
git-svn-id: file:///home/svn/framework3/trunk@9315 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-17 20:34:20 +00:00
0e72894e58
more cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
08117ca000
Forcing :critical => true for report_auth_info
...
git-svn-id: file:///home/svn/framework3/trunk@9150 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 22:23:37 +00:00
9cc4cab9ec
Duplicate the datastore and manually set user/pass in the telnet/ssh modules
...
git-svn-id: file:///home/svn/framework3/trunk@8943 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 22:57:29 +00:00
Christian Mehlmauer
sinn3r
jgor
Michael Schierl
jvazquez-r7
David Maloney
HD Moore
RageLtMan
Tod Beardsley
sinn3r
David Maloney
Tod Beardsley
Joshua Drake