infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,367 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

1187 Commits (3c73133a44c312ce44d95da8b70b124f3bd34691)

Author SHA1 Message Date
Tod Beardsley af506240cf http_fingerprint reports service info 
Service info once again is reported when http_fingerprint is run against
a target, along with http status codes.
 2012-02-03 12:15:11 -06:00
Tod Beardsley 786d75493c Fix up VMWware webscan to not false positive 
Checks to see if a target is actually vmware based on the provided
cookie, using the http_fingerprint() function from HttpClient.

[Fixes #6340]
 2012-02-02 22:19:57 -06:00
David Maloney 3f48e626a2 Adding a bunch of new VIM API auxiliary stuff 
Work in progress.
 2012-02-01 12:05:20 -06:00
Tod Beardsley e371f0f64c MSFTidy commits 
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.
 2012-02-01 10:59:58 -06:00
HD Moore 0b8987f2af Merge results initialization fix 2012-01-31 01:29:44 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r a0ac4125cd Add aux module CMS400 default pass scanner (feature #6301) 2012-01-30 10:40:59 -06:00
HD Moore dda3453ac7 Correct a typo 2012-01-28 23:33:26 -06:00
HD Moore 774862508e Handle another common error type 2012-01-28 23:31:20 -06:00
Jonathan Cran 54ffb01080 This module should use the default list of tomcat users 2012-01-28 18:13:34 -06:00
David Maloney ca7aa21202 Removed schema features from database hashdump modules 
now that there are dedicated schemadump modules.
 2012-01-28 16:55:39 -06:00
HD Moore 5a095e8ef5 Fixes for PCA modules 2012-01-28 14:35:07 -06:00
HD Moore c63c7393e3 Print status output 2012-01-28 13:52:38 -06:00
HD Moore f3eb78199b Add TCP-based PCA probe 2012-01-28 13:52:38 -06:00
HD Moore 2d7852ddef Merge PCA scans into udp_sweep/udp_probe 2012-01-28 13:05:24 -06:00
David Maloney 4cd38c5555 Adds login scanner module for VMware Server and ESX 2012-01-27 16:23:56 -06:00
HD Moore a2d20e25d3 Fix a regression in the workspace inclusion code (only affected 
non-DB-connected instances). Add a PCA UDP scanner
 2012-01-27 12:36:13 -06:00
Tod Beardsley fe22090a12 Correct e-mail format 2012-01-26 13:04:38 -06:00
David Maloney d0d964d8ab Adds an error message if the module couldn't conenct to the target. 
Fixes #6278
 2012-01-26 10:56:07 -06:00
Tod Beardsley f6a6963726 Msftidy run over the recent changed+added modules 2012-01-24 15:52:41 -06:00
Jon Hart 7ec5f98480 Adding jhart's natpimp libary and modules. 
Made some minor corrections -- dropped the #vim splats, switched to msf
constants for service open etc, namely.

[See #106]
 2012-01-24 10:32:30 -06:00
James Lee 455bcda6e8 Print the port so we know which http service 2012-01-23 10:17:32 -07:00
David Maloney 34491970b3 Adds a new VMWare Authentication Daemon login scanner module. 2012-01-22 15:39:53 -06:00
David Maloney bcb19ab0a3 Fixes an issue with smb_login not properly dealing with abritrary guest access 
on Samba.
 2012-01-22 01:35:36 -06:00
David Maloney 06b1bffcea Addresses an issue with udp sweep module that recorded services 
from non-specified hosts when they respond to broadcast probes.
 2012-01-20 15:34:15 -06:00
HD Moore bb035bfec2 Fix up API option names so they can be set globally 2012-01-18 15:05:39 -06:00
Tod Beardsley ad6f8257e1 MSFTidy fixes. 2012-01-18 15:01:32 -06:00
sinn3r 7d9ba6f5e9 Fix bug #6256: uninitialized class variable error 2012-01-17 17:58:53 -06:00
Jon Hart 6a057560fa Improvements to auxiiliary/scanner/http/soap_xml to: 
* Detect additional SOAP faults to reduce false positives
* More obviously support SSL
* Report http/https
* Make it obvious when a SOAP endpoint falls over mid-scan
* Add a few more nouns/verbs
* Add an optional SLEEP to play nice with old/slow SOAP endpoints

https://dev.metasploit.com/redmine/issues/6249
 2012-01-16 12:27:17 -08:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners 
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
 2012-01-13 13:49:21 -06:00
Tod Beardsley d52df50a77 Drop a spurious print_error line from smtp_version 2012-01-13 11:46:56 -06:00
David Maloney 6234d13f7c Added Schema Dump Module for Postgres 2012-01-12 15:20:46 -05:00
David Maloney 52be1c3a7a Add schemadump module for MySql 2012-01-11 12:16:22 -08:00
David Maloney 13069990eb Added module for dumping schema information from Microsoft SQL Server 
and storing it as loot and notes.
 2012-01-10 15:32:09 -08:00
Tod Beardsley 7e25f9a6cc Death to unicode 
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
 2012-01-10 14:54:55 -06:00
David Maloney ed0dbad243 Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one. 
Fixes #6066
 2012-01-10 12:32:47 -08:00
sinn3r b76767669c Update Nenad's author name and e-mail 2012-01-09 20:14:47 -06:00
Tod Beardsley eeb3a442de whitespace correctly smtp_version.rb 2012-01-09 14:11:10 -06:00
Tod Beardsley 15990efd85 Removing useless (?) begin/rescue from smtp_version 
Let the scanner mixin handle the exceptions.
 2012-01-09 14:11:10 -06:00
David Maloney e12d5588c6 Set data on webdav scanner notes to include webdav path. 
'Enabled' in the data field was useless since the note existing
already tells you webdav is enabled.
The path that webdav was running on wasn't kept anywhere though.
 2012-01-09 08:33:45 -08:00
Tod Beardsley a1668f2b23 Adds SSHKey gem and some other ssh goodies 
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.

Squashed commit of the following:

commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 22:23:32 2012 -0600

    Updates ssh credentials to easily find common keys

    Instead of making the modules do all the work of cross-checking keys,
    this introduces a few new methods to the Cred model to make this more
    universal.

    Also includes the long-overdue workspace() method for credentials.

    So far, nothing actually implements it, but it's nice that it's there
    now.

commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 20:10:40 2012 -0600

    Adding back cross-checking for privkeys.

    Needs to test to see if anything depends on order, but should
    be okay to mark up the privkey proof with this as well.

commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 16:49:56 2012 -0600

    Add SSHKey gem, convert PEM pubkeys to SSH pubkeys

commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 13:51:55 2012 -0600

    Store pubkeys as loot for reuse.

    Yanked cross checking for now, will drop back in before pushing.

commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 02:10:12 2012 -0600

    Fixes up a couple typos in ssh_identify_pubkeys

commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 7 17:18:33 2012 -0600

    Updates to ssh_identify_pubkeys and friends

    Switches reporting to cred-based rather than note-based, accurately deal
    with DSA keys, adds disable_agent option to other ssh modules, and
    reports successful ssh_login attempts pubkey fingerprints as well.

    This last thing Leads to some double accounting of creds, so I'm not
    super-thrilled, but it sure makes searching for ssh_pubkey types a lot
    easier.... maybe a better solution is to just have a special method for
    the cred model, though.
 2012-01-08 22:28:37 -06:00
HD Moore b12baccc49 Quick update, added a research option 2012-01-07 01:13:23 -06:00
sinn3r 6d401b48d1 Fix typo 2012-01-07 00:02:51 -06:00
sinn3r b7e29191f5 Add Drupal 'Views' module username enumeration (Feature #6194) 2012-01-06 23:51:32 -06:00
David Maloney 40a1d8bcc8 Fixed issue with a missing nil check in ftp_login 2012-01-06 20:51:58 -08:00
David Maloney 8e017fd4db Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-01-06 20:30:25 -08:00
David Maloney bf425a6744 Fixed bug that prevented telnet sessions from opening with good creds 2012-01-06 16:59:08 -08:00
sinn3r 6ceb2f04a3 Add CVE-2011-2474 Sybase EAServer directory traversal vulnerability 2012-01-06 14:24:49 -06:00
HD Moore 7b26e33e19 Initial version 2012-01-06 00:53:50 -06:00
David Maloney ba86e8a04f Added PROPFIND support to http_login 
This allows http_login to test against WebDAV.
Also added XAMPP default usernames and passwords to default wordlists
 2012-01-05 12:10:53 -08:00
sinn3r b202c29153 Correct e-mail format 2011-12-29 11:27:10 -06:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present 
Fixes #6171
 2011-12-28 08:47:22 -08:00
HD Moore 2ad5c56d48 Typo in comment 2011-12-27 19:11:09 -06:00
HD Moore 617f3250cf Handle patched systems accurately (requires actually triggering the bug) 2011-12-27 19:04:34 -06:00
HD Moore f8e3119215 Add references 2011-12-27 17:50:06 -06:00
David Maloney 9b995bc0a5 Adds boundary validation to the framework 
enforces boudnary checking on netbios probes
 2011-12-27 11:33:52 -08:00
sinn3r ce6b1d6b8c Improve: 
- Use 'Actions' to configure which OWA version to try
- Fix a bug where the USER_AS_PASS option might overwrite PASSWORD (and not restoring it) even though a password is already set.
- Increase timeout to 25
- Update description
 2011-12-22 16:26:02 -06:00
Tod Beardsley 2f55f08ebe Actually describe the module in the title/description 2011-12-22 11:10:24 -06:00
sinn3r d439390aa2 Fix typo 2011-12-20 12:19:34 -06:00
sinn3r c2d59f0307 Fix issue #6133 2011-12-20 11:32:33 -06:00
sinn3r 0200b6367a Add OKI Scanner (Feature #6125) 2011-12-20 03:09:09 -06:00
HD Moore 4736cb1cbe Merge pull request #48 from swtornio/master 
add osvdb ref
 2011-12-11 20:37:43 -08:00
HD Moore a9db05e53b Fix regular expression 2011-12-10 13:24:58 -06:00
Steve Tornio 25685c4c74 add osvdb ref 2011-12-10 08:07:21 -06:00
Tod Beardsley e52436e7ad Drop the incorrect Id keyword from h323_version 2011-12-09 14:29:55 -06:00
sinn3r d6d9ac17d2 use store_loot() instead of store_local() 2011-12-08 11:10:31 -06:00
sinn3r c366e652b9 Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()" 
This reverts commit d37daa4934.
 2011-12-08 10:11:09 -06:00
sinn3r d37daa4934 Using store_local() to store stuff for dir traversal bugs feels much better than store_loot() 2011-12-07 19:08:24 -06:00
sinn3r aa5c0c46b6 Fix indent level 2011-12-07 18:44:49 -06:00
sinn3r feab7f5077 Add CVE-2011-4350 2011-12-07 18:42:52 -06:00
sinn3r b7ccbcd6b5 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-07 12:23:23 -06:00
sinn3r 84682b3615 Apply patch #6072 2011-12-07 12:22:58 -06:00
HD Moore b8767d5f57 Fix typo on 1.8.7 2011-12-07 10:45:23 -06:00
Tod Beardsley 84af4647db Merge branch 'issue_1083_oracle' 2011-12-05 17:39:46 -06:00
Tod Beardsley 4da2c32734 Minor update to xdb_side_brute, see #1083 
Adds a typo fix and adds an explicit VERBOSE option.
 2011-12-05 15:11:09 -06:00
HD Moore 97087d88fa Mark portscan modules as v6 incompatible 2011-12-05 13:07:36 -06:00
HD Moore cf28713f9a Mark specific modules as incompatible due to use of quad-dot code 2011-12-05 13:07:36 -06:00
sinn3r 3cd2caca1a Fix #6052 2011-12-04 13:49:13 -06:00
Steve Tornio f63a616739 add osvdb ref 2011-12-04 07:48:48 -06:00
sinn3r 2720572a37 Add IPSwitch Whatsup Gold TFTP directory traversal module 2011-12-03 18:46:34 -06:00
HD Moore dbe7e6aecf Remove a leftover debugging statement 2011-12-02 00:06:04 -06:00
HD Moore 9f99cfc757 Convert the h323 module to MSF_LICENSE (backport from Pro) 2011-12-01 16:01:01 -06:00
HD Moore 3e5e9a910e Add h323 scanner 2011-12-01 16:01:01 -06:00
David Maloney 40ab37fa10 Merge branch 'iss5979' 2011-11-30 12:16:33 -08:00
sinn3r 897731f3a5 Check creds (feature #6025). Also bringing the 'Inbox' regex back 2011-11-29 11:01:39 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
sinn3r 3a84c31326 Using a better regex for a successful login. Thanks Borys. 2011-11-28 14:29:42 -06:00
sinn3r bc541c118d Apply patch #6020 2011-11-28 14:16:24 -06:00
sinn3r 5165865560 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-28 14:07:19 -06:00
sinn3r 59ab0c3a18 Fix bug #6021, Thanks Borys 2011-11-28 14:06:56 -06:00
Tod Beardsley 44a47f9913 Fixing up OWA bruteforce module to conform with the usual print_status 
messages.
 2011-11-28 13:31:54 -06:00
sinn3r a578db7f56 Apply fix for #6019 2011-11-28 01:12:18 -06:00
sinn3r ebfe269698 Apply patch for #5824 2011-11-26 16:52:12 -06:00
sinn3r 5e08c93ac9 Apply patch #5580 2011-11-26 15:32:43 -06:00
David Maloney c61d02686a HTTP login scanners need to set duplicate_ok to true 
or different web applications on the same server
may wipe eachother's creds out.
 2011-11-22 13:04:10 -08:00
David Maloney 9d7f7b1f0e Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-22 11:53:14 -08:00
David Maloney 9e40fac8b1 Added a check to the Axis login scanner to ensure 
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
 2011-11-22 11:52:06 -08:00
sinn3r 25f4b45bd1 Apply patch #6004 2011-11-22 13:07:46 -06:00
David Maloney f81567fb6f Fix to typo in the tables being pushed. 2011-11-21 15:49:57 -08:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
David Maloney ff22246119 Attempt to fix #5979 2011-11-18 12:53:35 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive. 
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
 2011-11-14 22:50:52 -08:00
Tod Beardsley 96d2209ca2 Minor fixups for trace report_note patch 2011-11-14 10:40:11 -06:00
andurin 5d5c9464cc Do some report_note while TRACE detection 2011-11-14 12:10:53 +01:00
Andurin 71599f5ef9 Fix sqlmap aux to work with actual sqlmap.py 
Commit relates to IssueID #5807
 2011-11-13 09:18:33 +01:00
sinn3r e4ebb890d8 Apply patch for bug #5963 2011-11-12 13:17:26 -06:00
sinn3r 62fdbd549c no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder. 2011-11-11 15:37:47 -06:00
sinn3r 2d940e2c91 Apply patch #5952 2011-11-11 14:58:17 -06:00
sinn3r 35f84f5e42 yo, ruby 1.8 fix 2011-11-11 11:38:28 -06:00
sinn3r e972234629 yo, owa bruteforce utility in the house (Feature #4725) 2011-11-11 11:23:35 -06:00
David Maloney c984ea41d1 Quick fix to cred sourcing to eliminate spaces in the source type 2011-11-10 20:39:13 -08:00
Wei Chen 9ff5eabb4b Fix #4915 
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 08:51:47 +00:00
David Maloney a88f954640 More Cred Sourcing 
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 01:49:57 +00:00
David Maloney aa4f6c1cae More cred sourcing fixes 
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 18:45:47 +00:00
David Maloney cdbe7bc587 Multiple fixes to cred reporting on this module 
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 17:25:39 +00:00
Wei Chen 16fc275853 whitespace cleanup 
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 16:09:31 +00:00
Patrick Webster 77a3edbb4f Added squiz_matrix_user_enum aux module. 
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 03:14:39 +00:00
Wei Chen ad94bae78f Fix bug #5923 
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 17:52:02 +00:00
Wei Chen 12378b45d6 Fix #5502 
git-svn-id: file:///home/svn/framework3/trunk@14180 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 07:44:02 +00:00
HD Moore f6cc9eade7 Replace my crufty old ASN.1 parser with OpenSSL::ASN1 
git-svn-id: file:///home/svn/framework3/trunk@14165 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-05 05:12:28 +00:00
David Maloney 585a7cc4a2 Adding the HTTP Trace scanner from CG 
Fixes #3390


git-svn-id: file:///home/svn/framework3/trunk@14150 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-03 20:09:11 +00:00
Wei Chen ae9e8b7821 Syntax fix for ruby 1.8 
git-svn-id: file:///home/svn/framework3/trunk@14139 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-01 21:48:24 +00:00
Wei Chen d5cee2dedf Apply patch #5411 to allow user-specified path 
git-svn-id: file:///home/svn/framework3/trunk@14137 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-01 17:57:11 +00:00
Wei Chen 8750c3aac5 Add feature #4849 (Redis module) 
git-svn-id: file:///home/svn/framework3/trunk@14133 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 21:47:15 +00:00
Mario Ceballos d55dc551b6 syntax issue 
git-svn-id: file:///home/svn/framework3/trunk@14131 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 20:22:02 +00:00
Wei Chen e14668ece9 Add ColdFusion version scanner - feature #4079 
git-svn-id: file:///home/svn/framework3/trunk@14127 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 18:18:11 +00:00
Wei Chen fb56e23197 Apply fix for bug #5516 to correct a possible false positive on Apache Tomcat 
(yup, tomcats are tricky like that)


git-svn-id: file:///home/svn/framework3/trunk@14124 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 16:39:03 +00:00
HD Moore 55e6672e6b Revert a well-intentioned but design-violating change 
git-svn-id: file:///home/svn/framework3/trunk@14116 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-29 18:40:49 +00:00
Tod Beardsley 467df77a50 Fixes #5170. Enforces a max width, avoids negative widths. Thanks Oliver! 
Related to r13769



git-svn-id: file:///home/svn/framework3/trunk@14093 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 22:07:41 +00:00
Wei Chen 63a926a6ee Do a report_host() on OS default name. Request #5865 
git-svn-id: file:///home/svn/framework3/trunk@14090 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 04:50:01 +00:00
Wei Chen dd72e1ce9d Longer timeout. #5851 
git-svn-id: file:///home/svn/framework3/trunk@14074 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-26 19:35:03 +00:00
Wei Chen ab4f9d65c7 Add PATH option. Feature #5412 
git-svn-id: file:///home/svn/framework3/trunk@14067 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 18:32:02 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues 
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-23 11:56:13 +00:00
Wei Chen 14cf0deb29 Add feature #5398 
git-svn-id: file:///home/svn/framework3/trunk@14032 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-22 22:20:55 +00:00
Wei Chen 1e7c197d8e git-svn-id: file:///home/svn/framework3/trunk@14029 4d416f70-5f16-0410-b530-b9f4589650da 2011-10-22 21:32:36 +00:00
Wei Chen a62a236ad0 Add feature #5541 
git-svn-id: file:///home/svn/framework3/trunk@14027 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-22 20:03:25 +00:00
Wei Chen 2a3f430c8e SAP ICM URLscan module (Feature #5620) by Chris 
git-svn-id: file:///home/svn/framework3/trunk@14026 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-22 08:41:54 +00:00
Wei Chen 389be65dff Attempt number 2 to fix #5579 
git-svn-id: file:///home/svn/framework3/trunk@14014 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 16:29:15 +00:00
Wei Chen dd2623dba9 For bug #5579 
git-svn-id: file:///home/svn/framework3/trunk@14012 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 01:07:08 +00:00
Steve Tornio 1f698e09c9 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@14004 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-19 11:19:59 +00:00
Wei Chen 0a661ec227 Add CVE-2011-3305 (#5673) 
git-svn-id: file:///home/svn/framework3/trunk@13985 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 04:40:21 +00:00
Wei Chen 975cc52bac Fix spelling errors 
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 00:54:05 +00:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster. 
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:58:53 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs. 
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:42:01 +00:00
Tod Beardsley ea2c9d1a46 Adding missing Id and Rev SVN keywords. 
git-svn-id: file:///home/svn/framework3/trunk@13961 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 01:27:28 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:53:53 +00:00
Carlos Perez 7ae1bbbb3f typo 
git-svn-id: file:///home/svn/framework3/trunk@13904 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 01:49:36 +00:00
Carlos Perez a0c34d1c73 Sets a session platform when using ssh_login 
git-svn-id: file:///home/svn/framework3/trunk@13903 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 01:48:42 +00:00
HD Moore cce4aafd9b Tweak the snmp_login code to actually only poll response packets every 10 sent and break out of infinite loop in the case of a target going crazy and continuously replying 
git-svn-id: file:///home/svn/framework3/trunk@13891 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 20:14:58 +00:00
Chao Mu 53b807abee Adding the "this file is part of" comment to the top of the module and proper comment formatting 
git-svn-id: file:///home/svn/framework3/trunk@13886 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 00:36:55 +00:00
Chao Mu df56110dd9 Fixing $Id so that it is prefaced by a comment. 
git-svn-id: file:///home/svn/framework3/trunk@13885 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 00:32:14 +00:00
Chao Mu 667c00161d Remembering to Propset and include $Id: $ this time. Also, switching from BSD_LICENSE to MSF_LICENSE. 
git-svn-id: file:///home/svn/framework3/trunk@13884 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 00:30:25 +00:00
HD Moore 558894e100 Test cases don't live in the module directory 
git-svn-id: file:///home/svn/framework3/trunk@13871 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 15:51:22 +00:00
Chao Mu 9414747945 jruby was barfing on super(a, b, c,), so I changed the syntax and wrote a very simple unit test for rewrite_proxy_bypass. 
git-svn-id: file:///home/svn/framework3/trunk@13870 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 13:52:39 +00:00
Chao Mu dcb6de2b58 Fixes #5667 this module scans for reverse proxy servers that exhibit a misconfiguration like the one detailed in www.contextis.com/research/blog/reverseproxybypass/. By default it requests a URI of @... and checks for a 502 
git-svn-id: file:///home/svn/framework3/trunk@13864 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 22:34:50 +00:00
Tod Beardsley 568bde7aa4 Fixes #5404 
See #5350
See #5246
See #5241
See #5173

Adds password hash dumping as loot for Postgres, MSSQL, MySQL, and several Oracle flavors of RDBMS. Thanks TheLightCosine!



git-svn-id: file:///home/svn/framework3/trunk@13854 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 17:05:01 +00:00
Wei Chen 612cdc8c73 No need to check if version is 'unknown' if nothing else (other than default) is assigned to it 
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-27 19:12:31 +00:00
Wei Chen 8d1763484d Fix metadata format 
git-svn-id: file:///home/svn/framework3/trunk@13792 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-26 03:21:37 +00:00
Wei Chen 5d4b562e62 Add GlassFish BruteForce auxiliary module by Josh (See #5515) 
git-svn-id: file:///home/svn/framework3/trunk@13790 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-25 19:24:53 +00:00
Tod Beardsley d437c99919 Fixing what looks like a versioning mismatch for the XMAS scan (readreply vs probereply methods). 
git-svn-id: file:///home/svn/framework3/trunk@13786 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-24 13:39:42 +00:00
James Lee 2cb5dbdb10 fix a silly output bug, thanks mezzendo for noticing 
git-svn-id: file:///home/svn/framework3/trunk@13785 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 22:28:11 +00:00
James Lee cdead3da54 whitespace cleanup and fix some ArgumentErrors when a field is wide, fixes #5518, thanks Joshua Taylor 
git-svn-id: file:///home/svn/framework3/trunk@13783 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 17:51:11 +00:00
amaloteaux 2d0d48a820 remove an Argument Error, Negative Number bug faced at Brucon 
git-svn-id: file:///home/svn/framework3/trunk@13769 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-21 14:52:52 +00:00
James Lee 7163710bcf fix a typo and some whitespace, fixes #5480. Thanks Kurt! 
git-svn-id: file:///home/svn/framework3/trunk@13764 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 17:17:20 +00:00
Wei Chen f9d74b0701 Printing res code for DELETE should be optional. It's not like we can always trust it anyway. 
git-svn-id: file:///home/svn/framework3/trunk@13763 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 00:41:42 +00:00
Joshua Drake 7c74954461 remove silly comma 
git-svn-id: file:///home/svn/framework3/trunk@13762 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 23:06:35 +00:00
Wei Chen 7f80ba939a Apparently I can't speaks engrish 
git-svn-id: file:///home/svn/framework3/trunk@13760 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 21:18:48 +00:00
Wei Chen ec530955ce Checking response codes is a terrible way for HTTP modules. #5470. 
git-svn-id: file:///home/svn/framework3/trunk@13759 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 20:36:09 +00:00
Jonathan Cran a1675bfbc6 replaced by http_put 
git-svn-id: file:///home/svn/framework3/trunk@13758 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 20:14:26 +00:00
Jonathan Cran 8b1fd95f66 Add a module to check HTTP PUT / DELETE file access. Thanks CG! Resolves 5089. 
git-svn-id: file:///home/svn/framework3/trunk@13755 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 01:18:23 +00:00
et 3dffd09875 Generic HTML data scraper 
git-svn-id: file:///home/svn/framework3/trunk@13736 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 02:36:32 +00:00
HD Moore 85eb581c16 Quick fix to match service changes 
git-svn-id: file:///home/svn/framework3/trunk@13726 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-13 06:48:07 +00:00
Joshua Drake f8eb9e5dd4 extraneous space typo 
git-svn-id: file:///home/svn/framework3/trunk@13722 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-12 19:21:21 +00:00
Matt Weeks acae5dcdc8 Killing puts. 
Die, puts, die!!



git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-11 02:42:39 +00:00
James Lee e31acef6e9 whitespace cleanup 
git-svn-id: file:///home/svn/framework3/trunk@13702 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-07 15:30:08 +00:00
Wei Chen 91c5a15eb4 Actually, this is the right fix for bug #5363 
git-svn-id: file:///home/svn/framework3/trunk@13685 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-03 02:20:22 +00:00
Wei Chen 14d2a45c5b This fix is to make sure BLANK_PASSWORDS functions properly. See bug #5363. 
git-svn-id: file:///home/svn/framework3/trunk@13684 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-03 02:09:00 +00:00
amaloteaux c8bb6a5fda mke this module more automatic and reliable 
git-svn-id: file:///home/svn/framework3/trunk@13632 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 00:11:20 +00:00
David Rude 41f4677dae Convert the table to CSV 
git-svn-id: file:///home/svn/framework3/trunk@13568 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 17:48:42 +00:00
Wei Chen 83dd71c905 Add MySQL hashdump auxiliary module 
git-svn-id: file:///home/svn/framework3/trunk@13567 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 16:28:31 +00:00
Wei Chen 278cb5d46e Fix indents, spaces, and stuff 
git-svn-id: file:///home/svn/framework3/trunk@13564 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 15:21:11 +00:00
Wei Chen dd56f976f4 Fix indents 
git-svn-id: file:///home/svn/framework3/trunk@13563 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 15:12:55 +00:00
David Rude 1823f20a50 Add apache_userdir_enum aux module 
git-svn-id: file:///home/svn/framework3/trunk@13562 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 05:56:55 +00:00
David Rude b39503343e Add pop3_login aux module 
git-svn-id: file:///home/svn/framework3/trunk@13561 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 05:51:59 +00:00
James Lee b6f845ee91 UserAgent is already an advanced option, and that's already the default 
git-svn-id: file:///home/svn/framework3/trunk@13511 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 17:30:30 +00:00
James Lee 4ba46cb565 get_once returns nil if the timeout hits, don't break in that case 
git-svn-id: file:///home/svn/framework3/trunk@13510 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 17:28:18 +00:00
James Lee 825a2747c1 remove unnecessary dup, unused var 
git-svn-id: file:///home/svn/framework3/trunk@13509 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 17:27:09 +00:00
Carlos Perez f8d50b7705 Applied and tested patch from Thomas Ring in bug 5206 
git-svn-id: file:///home/svn/framework3/trunk@13490 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-04 22:55:06 +00:00
HD Moore 842bfdebe8 Lets just leave this here (insurance against my laptop melting down between now and tomorrow morning). Nothing to see here, move along ;) 
git-svn-id: file:///home/svn/framework3/trunk@13483 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-03 22:58:55 +00:00
HD Moore f3e4c860a7 Slow down a little bit to prevent packet loss 
git-svn-id: file:///home/svn/framework3/trunk@13468 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-02 00:47:51 +00:00
James Lee 021fa0d8cb missed a line in the conversion to packetfu, see #5038 
git-svn-id: file:///home/svn/framework3/trunk@13442 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-31 04:41:17 +00:00
HD Moore a5e63c2ca9 Grab the instance from the query vs the ping (via TheLightCosine) 
git-svn-id: file:///home/svn/framework3/trunk@13435 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 21:20:57 +00:00
HD Moore c216219573 Add mssql_ping back in 
git-svn-id: file:///home/svn/framework3/trunk@13434 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 21:11:53 +00:00
HD Moore e916e06b6e Closes #5142 by merging (with some small changes) 
git-svn-id: file:///home/svn/framework3/trunk@13433 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 21:07:22 +00:00
Tod Beardsley 486241cc99 SSH scanners shouldn't die just because they're on Windows and they try to talk to reserved addresses. 
git-svn-id: file:///home/svn/framework3/trunk@13407 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-29 15:51:11 +00:00
James Lee d50577066f remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious 
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-28 22:57:47 +00:00
Tod Beardsley df52bfaa4f Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway). 
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 20:21:47 +00:00
Jonathan Cran 78849b2837 check that pcaprub is loaded up front, before checking configuration options 
git-svn-id: file:///home/svn/framework3/trunk@13376 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 18:53:59 +00:00
Tod Beardsley b22ca615c7 Fixes #5038, missed a couple mentions of Racket. Excised now for sure. 
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 17:44:36 +00:00
Tod Beardsley c54e18d757 Fixes #5038. Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen! 
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-26 01:29:21 +00:00
Wei Chen 067f9bf053 Fix URL reference 
git-svn-id: file:///home/svn/framework3/trunk@13329 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-24 19:36:37 +00:00
Steve Tornio b930b2622f add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13271 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-21 01:20:22 +00:00
David Rude 88125b53b8 remove stray puts 
git-svn-id: file:///home/svn/framework3/trunk@13268 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-20 17:11:04 +00:00
David Rude b96bf9754e more logic fixes 
git-svn-id: file:///home/svn/framework3/trunk@13240 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 21:19:34 +00:00
David Rude a934004a2b Fix the loop 
git-svn-id: file:///home/svn/framework3/trunk@13239 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 21:12:44 +00:00
David Rude bea802ea60 Fix the RPORT default 
git-svn-id: file:///home/svn/framework3/trunk@13238 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 20:59:13 +00:00
David Rude 1fda05f128 Added SIPDroid extension enumeration module - thanks nibu 
git-svn-id: file:///home/svn/framework3/trunk@13237 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 20:42:02 +00:00
Joshua Drake 486ca773e4 unpack the bytes so that we can do proper math on them 
git-svn-id: file:///home/svn/framework3/trunk@13226 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 17:33:02 +00:00
James Lee c412a836ed add VERBOSE option to all modules and vprint_* methods to use it 
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-15 15:33:35 +00:00
James Lee 39c20b2935 cosmetic 
git-svn-id: file:///home/svn/framework3/trunk@13174 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-14 20:27:25 +00:00
Tod Beardsley b9c5835b5e Touching up the ssh key login module to be smarter about duplicate user names, not be so chatty in its messaging to the console, deal with whitespace, and avoid storing duplicate keys when we don't need to. 
git-svn-id: file:///home/svn/framework3/trunk@13162 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-13 20:51:18 +00:00
Tod Beardsley dc84ee6aab More fixups for ssh_login_pubkey and special handlers for long strings of keys. 
git-svn-id: file:///home/svn/framework3/trunk@13156 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-12 20:58:25 +00:00
David Rude ac61cd0427 Changed from web.archive.org to classic-web.archive.org 
git-svn-id: file:///home/svn/framework3/trunk@13018 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-24 14:43:59 +00:00
Tod Beardsley 824022fde3 Adds a more universal print_error message for :abort in auth_brute.rb 
git-svn-id: file:///home/svn/framework3/trunk@13005 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-22 20:53:51 +00:00
HD Moore e223931a46 Commit a bug fix from Yori Kvitchko 
git-svn-id: file:///home/svn/framework3/trunk@12994 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 03:56:47 +00:00
Tod Beardsley 04e2eb43ef Removing the load() line from ssh_login, just wanted it for dev. 
git-svn-id: file:///home/svn/framework3/trunk@12980 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 19:23:00 +00:00
Tod Beardsley 6827495d17 Adds a # of passwords per username limiter to authbrute. 
git-svn-id: file:///home/svn/framework3/trunk@12970 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-18 04:14:06 +00:00
Tod Beardsley db1619d035 Rejiggers the max credentials limiter a little, and adds a max time limiter per service. 
git-svn-id: file:///home/svn/framework3/trunk@12967 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 22:40:25 +00:00
Tod Beardsley ab37580056 Refactored the AuthBrute mixin some to make the each_user_pass function a little cleaner and easier to maintain. 
And maintain it I shall! Added in a standardized print_brute method to normalize the AuthBrute output to always include host, port, proto, and number of guesses over number remaining.

Also adds support for a MaxGuessesPerService datastore option for AuthBrute modules.

Currently, only ssh_login supports the new stuff, but now it's just a conversion matter. Will get to that in a bit.




git-svn-id: file:///home/svn/framework3/trunk@12958 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 22:08:45 +00:00
Tod Beardsley 78703400c4 Sourcing the ineffective bruteforce error message on smb_login. 
git-svn-id: file:///home/svn/framework3/trunk@12953 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 14:56:07 +00:00
HD Moore d11e1f3294 Make all keywords consistent for modules. 
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-13 03:38:31 +00:00
Jonathan Cran 68d8a68a36 apply mubix's patch, fixes #4640 
git-svn-id: file:///home/svn/framework3/trunk@12857 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-05 07:11:22 +00:00
HD Moore 911583930b Add the missing note type 
git-svn-id: file:///home/svn/framework3/trunk@12840 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-03 00:49:45 +00:00
amaloteaux b1bb7116ed arp_sweep : automatically detect SHOST and SMAC and do not request localhost 
git-svn-id: file:///home/svn/framework3/trunk@12823 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-02 21:31:36 +00:00
HD Moore f20adabf8c Fixes #4626 by checking for an out of bounds value before using the type as an array index 
git-svn-id: file:///home/svn/framework3/trunk@12809 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-01 23:47:16 +00:00
Wei Chen d54f632ea0 Add print_status() as requested by author 
git-svn-id: file:///home/svn/framework3/trunk@12726 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 23:50:05 +00:00
Wei Chen eb72982751 Fixed a typo for variable res 
git-svn-id: file:///home/svn/framework3/trunk@12725 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 23:46:16 +00:00
Wei Chen 869a6dbbe5 Added Rosewill RXS-3211 IP Camera Password Retriever 
git-svn-id: file:///home/svn/framework3/trunk@12724 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 22:06:51 +00:00
Tod Beardsley 81e1b41840 Fixes #4578. If the user has Nokogiri of a reasonable version installed, use that to parse Nmap-created XML documents. Otherwise, fall back to the existing REXML parser. 
git-svn-id: file:///home/svn/framework3/trunk@12702 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-24 19:40:50 +00:00
James Lee f7178bf4de somehow typo'd this between testing and commit... fixes #4510 
git-svn-id: file:///home/svn/framework3/trunk@12642 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-17 04:46:52 +00:00
James Lee 158e196e20 don't bail when we get a '550 user unknown' error, try harder for domain checks. fixes #4031, thanks Lonnie Benavides for the patch 
git-svn-id: file:///home/svn/framework3/trunk@12641 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-16 23:45:28 +00:00
Tod Beardsley 056cde292f Deprecate the exploited_host table. Vulns that indicate a successful exploit without opening a session should set the :exploited_at timestamp. 
git-svn-id: file:///home/svn/framework3/trunk@12623 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-15 22:19:00 +00:00
Joshua Drake 28ae2316a4 Fixes #4390, such a bute 
git-svn-id: file:///home/svn/framework3/trunk@12578 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-10 20:52:59 +00:00
Tod Beardsley 98831c3285 Clean up an SNMP rescue clause that makes Windows Ruby builds sad. 
git-svn-id: file:///home/svn/framework3/trunk@12530 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-03 07:51:09 +00:00
HD Moore 23c355ba2c Just use :mac not :host_mac 
git-svn-id: file:///home/svn/framework3/trunk@12517 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-03 03:03:38 +00:00
HD Moore 9f53aa15a5 Catch other error types from SNMP 
git-svn-id: file:///home/svn/framework3/trunk@12504 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-02 05:38:13 +00:00
HD Moore 77328e7327 Fix report calls, thanks Minga! 
git-svn-id: file:///home/svn/framework3/trunk@12457 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-27 19:39:28 +00:00
Wei Chen e39739231d Added CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@12431 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-25 05:37:41 +00:00
Tod Beardsley 3829d2606b Removing the un-used USER_AS_PASS option for ssh_login_pubkey. 
git-svn-id: file:///home/svn/framework3/trunk@12411 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-22 21:05:27 +00:00
Tod Beardsley ea6b1bb626 Fixes #4190 by reseting self.ssh_socket after the connection is established. 
git-svn-id: file:///home/svn/framework3/trunk@12402 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-22 15:32:00 +00:00
Tod Beardsley 794dfc502f Avoid trying duplicate SNMP community strings against the same host. 
git-svn-id: file:///home/svn/framework3/trunk@12396 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-21 19:25:50 +00:00
Tod Beardsley 8b5d004997 Adding an nmap version checker so NSE modules can tell if it's okay to run or not. 
git-svn-id: file:///home/svn/framework3/trunk@12357 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-18 19:52:13 +00:00
amaloteaux d9e68141e0 arp sweep: correct a bug on the timeout to better detect the latest reply 
git-svn-id: file:///home/svn/framework3/trunk@12316 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-14 16:29:56 +00:00
Tod Beardsley e07147142f See #3781. smb_login implements the special keyword of <BLANK> (but also needs to be nil safe, which this fixes) 
git-svn-id: file:///home/svn/framework3/trunk@12257 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-06 21:26:46 +00:00
Tod Beardsley 30fb75c676 In smb_login, work around an odd error where you get an InvalidPacket for ACCESS_DENIED rather than a login failure. 
git-svn-id: file:///home/svn/framework3/trunk@12256 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-06 21:15:08 +00:00
Tod Beardsley b91c81a182 Fixes #4074 -- corrects the affected regexes. 
git-svn-id: file:///home/svn/framework3/trunk@12238 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-04 22:19:59 +00:00
HD Moore 86fac4ef95 This module does not meet standards for inclusion: 
1) GPLv3 license is not compatible with BSD
2) Hardcoded path to a Windows file system for the shoretel users listing
3) The shortel users file was not included (it would live in data/)
4) Name should be _login not _brute for consistency
5) Incorrect use of the reporting APIs




git-svn-id: file:///home/svn/framework3/trunk@12221 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-02 16:11:59 +00:00
Carlos Perez 8c96711c6c shroretel user login brute force module by Keith Lee 
git-svn-id: file:///home/svn/framework3/trunk@12219 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-02 14:13:15 +00:00
James Lee 792bb4da7a allow a user-supplied URI instead of hardcoded "/manager/html", fixes #4038, thanks mubix! 
git-svn-id: file:///home/svn/framework3/trunk@12178 4d416f70-5f16-0410-b530-b9f4589650da
 2011-03-29 05:42:33 +00:00
Tod Beardsley 64c3c86e1f Adding carnal0wnage's iSQL*Plus SID and login brute forcers. 
git-svn-id: file:///home/svn/framework3/trunk@12163 4d416f70-5f16-0410-b530-b9f4589650da
 2011-03-28 01:20:51 +00:00