I don't think the use of the constant is a show stopper since it is
identical to the existing Nessus plugin scheme as well. It doesn't make
it right but it's not a reason to block. Both should be fixed some time.
Made a handful of minor edits regarding file handle management, and also
noted that the act of saving nexpose credentials will always cause the
SSL nag screen to not display.
Thanks for the implementation, mboman!
[Closes#57] [Fixes#6156]
Squashed commit of the following:
commit 8d421ab8e3004bcb67e156b45f1355a608e0320c
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:55:35 2011 -0600
Adds a comment note about bypassing the SSL verify warning
commit fd956b380f14bbb394f36b0a3c565906f9aed869
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:53:29 2011 -0600
Changing file write mode from w+ to wb.
commit d884c87482b033b7200d5045ba5f9b2d910f4aa8
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:15:46 2011 -0600
::File instead of File throughout
commit 6d72f87e8f175f088ac7beeb80742d50ab01b38a
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:14:54 2011 -0600
Space change
commit f6f3527595379ba11b3be4341a0c620b06340fbb
Merge: a978d19 2335614
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:13:12 2011 -0600
Merge branch 'master' of github_r7:rapid7/metasploit-framework into mboman_nexpose
commit a978d1962f756f507fdabb988380a7ecf3ce76bb
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:12:51 2011 -0600
Minor fixups mostly around ::File handling.
commit bddd0249b956c3e2c960b0bd6028b88e6e99eac5
Merge: 2ddc161 bb2ea62
Author: Michael Boman <michael@michaelboman.org>
Date: Fri Dec 16 08:39:10 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit 2ddc1616714b37e89415195b2a9ef9c569e4065e
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 11:44:29 2011 +0100
msftidy cleanup (whitespace after EOL)
commit b202c7ff3a61ac450c181d4f60b01923bad9625f
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 11:28:13 2011 +0100
Removed a ncusage call
commit 45da9728d1867b04ce557521650abbc41753165e
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 09:19:58 2011 +0100
Fixed indenting, removed ncusage function until later...
commit e9f03aafba7db0d907c431eca3a3b55672437ea4
Merge: 41d3fae 8dc85f1
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 07:35:17 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit 41d3fae61b9501179d5b474de018ea370ae90192
Merge: 63b6f38 d87d8d5
Author: Michael Boman <michael@michaelboman.org>
Date: Tue Dec 13 20:07:34 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit 63b6f3873d466b7c6e4f3be5f0cea0a2a72e46f9
Merge: b3b7be4 cfa128a
Author: Michael Boman <michael@michaelboman.org>
Date: Tue Dec 13 17:01:06 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit b3b7be4594eedbb82424e89ad44372dd71a0c507
Author: Michael Boman <michael@michaelboman.org>
Date: Tue Dec 13 16:54:54 2011 +0100
Nexpose plugin can now save/load credentials
Also removes duplicated code between external/source/exploits/pxesploit
and external/source/pxesploit.
[Closes#63]
Squashed commit of the following:
commit 325f52527233ded1bf6506c366ec8cb9efdc2610
Author: scriptjunkie <scriptjunkie@scriptjunkie.us>
Date: Fri Dec 16 12:14:18 2011 -0600
Jetzt auf Deutsch! y español! 中國人!
[update pxexploit to resolve administrators' group name rather than assume the English 'Administrators']
Also remove duplicate/old pxexploit source code from the tree.
- Use 'Actions' to configure which OWA version to try
- Fix a bug where the USER_AS_PASS option might overwrite PASSWORD (and not restoring it) even though a password is already set.
- Increase timeout to 25
- Update description
Can't actually require FILENAME or REMOTE_FILENAME because I don't know
if you're going to upload or download. However, there shouldn't be a
stacktrace when you just try to go with neither.
get() should get get_once() (intent is to get 4 bytes,
not timeout after 4 seconds), no need to escape equals
signs in regexes, no need to newline the unexpected
responses.
Also refers to port 264/TCP as the SecuRemote service instead of the
Topology service (I believe this is correct)
Reporting is initially conservative -- if we don't get something for
fw_hostname, then don't bother reporting at all; assume we're
mis-identifying the target.
See #5291. Adds an option to mess with the block size in case someone
wants to write a fuzzer or exploit that leverages that. Adds a cleanup
method to the module (pretty much required, it turns out). Looking
nearly final, just need to rename the module and I think we're good to
push to master.
Commenting the tricksy parts a little better for general usage.
Adding the ability to set FILEDATA instead of FILENAME, in case
only short bits of data are desired and the user doesn't want
to go to the trouble of creating a source file to upload.
Still need to deal with the use case of not passing a block; blocks
should not be required, it should be okay to invoke and just wait for
the complete attribute to be true. You'll miss out on error messages but
eh, maybe those should be return values.
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.
Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
sinn3r
Michael Boman
Tod Beardsley
scriptjunkie
steponequit
Tod Beardsley
Jonathan Cran
Jonathan Cran
David Maloney
HD Moore
Joshua Smith
Marc Bevand
alhazred
Stephen Haywood