infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
29,220 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

5427 Commits (4b063344556222b1820a9248a1483dfa96b762d6)

Author SHA1 Message Date
jvazquez-r7 4a169210ab Use vprint 2014-11-24 11:48:16 -06:00
jvazquez-r7 ecb74c543a Beautify description 2014-11-24 11:27:32 -06:00
jvazquez-r7 c52104e91d Beautify metadata 2014-11-24 11:24:41 -06:00
jvazquez-r7 fcb4bea3c1 Fix code comments 2014-11-24 11:23:27 -06:00
Tod Beardsley 77b1f2d2f0
Fixup for release 
Fixes the grammar on the SMTP enumeration module and the Cisco CDP
module, and adds a more informative description and reference for the
CDP module introduced on PR #4061.
 2014-11-24 10:50:43 -06:00
jvazquez-r7 10d0305cb2 Update from upstream master 2014-11-24 09:48:43 -06:00
Jon Hart e9750e2df8
Minor style/usability cleanups 2014-11-24 06:57:31 -08:00
sinn3r 57419bb0fc Fix #4253 - Print access level for snmp_login 
Fix #4253 - module should print the access level
 2014-11-22 23:09:15 -06:00
tate 9828598cb7 removing timeout method and option 2014-11-22 00:28:56 -07:00
tate 57b04f96a7 working with DLSw protocol check 2014-11-21 23:54:00 -07:00
tate b9a274f869 improving DLSw detection 2014-11-21 18:58:02 -07:00
jvazquez-r7 3ac1f7d4fb
Land #4242, @Meatballs1 fix for sap_service_discovery report_note 
* I cannot reproduce @Meatballs1 issue
* But I noticed report_note should :update with :unique_data
* Fixed the :update
 2014-11-21 10:16:08 -06:00
jvazquez-r7 e30ee9fee2 Update with :unique_data 2014-11-21 10:14:39 -06:00
HD Moore 99a23ada5c Module cleanup, error handling, and reporting 2014-11-20 16:18:20 -06:00
HD Moore 2f6c4a9ba4 Slight tweak to description/author email formatting 2014-11-20 14:53:52 -06:00
Meatballs ee15179441
Fix service discovery errors 2014-11-20 18:22:33 +00:00
Rich Whitcroft 8306d739e3 add scanner module to extract domain from NTLM challenge 2014-11-20 11:02:21 -05:00
tate a4a1048f95 modified to get data collection off sock working 2014-11-19 11:17:58 -07:00
Jon Hart 684975a315 Use correct target address for fake As 2014-11-19 08:28:56 -08:00
Jon Hart 3777e78a85 Sanitize creation of target host. Return minimal for SRV 2014-11-19 08:28:56 -08:00
Jon Hart 52e004d8ab Use less conflicting name for SRV record port 2014-11-19 08:28:56 -08:00
Jon Hart ee90e4353b Add more consistent logging for fakedns types that support fake vs bypass 2014-11-19 08:28:55 -08:00
Jon Hart 0910275fac Don't artificially insert additional records when BYPASS 2014-11-19 08:28:55 -08:00
Fatih Ozavci a38cb3ee53 @jhart-r7 commits are accepted and conflicts fixed. 2014-11-19 08:28:55 -08:00
Fatih Ozavci ab7f6866f5 FAKE and BYPASS actions are implemented for SRV queries 2014-11-19 08:28:55 -08:00
Fatih Ozavci f403d27fbd Author update for the fakedns module 2014-11-19 08:28:55 -08:00
Fatih Ozavci 47f7d8c4be IN:SRV expansion for Fake DNS server 2014-11-19 08:28:55 -08:00
Jon Hart 895bdd9c6f Remove unused options 2014-11-19 08:09:52 -08:00
Jon Hart 134046975e Remove report mixin which was not used 2014-11-19 08:09:52 -08:00
Jon Hart 4c112e71c1 Remove errant whitespace, unnecessary to_s 2014-11-19 08:09:52 -08:00
Jon Hart f54fc3da87 More CDP cleanup. Loop, cleaner packet construction, style 2014-11-19 08:09:52 -08:00
Jon Hart 0dac2de3fd Use PacketFu::EthHeader.mac2str for MAC formatting 2014-11-19 08:09:52 -08:00
Jon Hart 2d484a3e1a Remove sniffing capabilities from cdp -- use wireshark/tcpdump instead 2014-11-19 08:09:52 -08:00
Jon Hart 39d691086e First round of basic Ruby style cleanup in cdp 2014-11-19 08:09:52 -08:00
Fatih Ozavci 7e93d890ab Viproy is removed from names 
Author section is fixed
 2014-11-19 08:09:52 -08:00
Fatih Ozavci d78d57eaf4 Viproy VoIP Pen-Test Kit - Cisco CDP Testing Module 2014-11-19 08:09:52 -08:00
Jon Hart 7d6e7a6bfa
Minor Ruby style and module usability cleanup 2014-11-18 16:33:05 -08:00
tate 6b8b49ff98 improving metasploit module based on feedback 2014-11-18 15:03:18 -07:00
jvazquez-r7 fb4b6543e2 Handle other rex exceptions 2014-11-18 15:57:41 -06:00
jvazquez-r7 542eb6e301 Handle exception in brute force exploits 2014-11-18 12:17:10 -08:00
Jon Hart 500c4249fe Update solaris_kcms_readfile to gracefully handle RPC errors 2014-11-18 12:17:10 -08:00
Jon Hart 82f89e620b Clean up nfs mount scanner to *print_* better 2014-11-18 12:17:10 -08:00
Jon Hart b2f9307e0a vprint # of RPC programs, since the table comes right after 2014-11-18 12:17:10 -08:00
Jon Hart a9f9a8b116 Introduce new ::Rex::Proto::SunRPC::RPCError, making run_host cleaner 2014-11-18 12:17:10 -08:00
Jon Hart c7794a7ed9 Clean up Ruby style in sunrpc_portmapper 2014-11-18 12:17:09 -08:00
Jon Hart 059d84e4ca More consistent *print_* and Rex::Ui::Text::Table for sunrpc_portmapper 2014-11-18 12:17:09 -08:00
tate 703e0486fb Add DLSw leak capture module for CVE-2014-7992 2014-11-17 20:35:54 -07:00
jvazquez-r7 45d219c0d8 Land #4102, @jhart-r7's fix for nbns_response 
* Use request src_port instead of 137
 2014-11-17 15:46:38 -06:00
nullbind 8c34f35ca9 added mssql_enum_windows_domain_accounts.rb 2014-11-17 13:03:43 -06:00
William Vu fd53e969fd
Land #4217, browser_autopwn variable fix 2014-11-17 11:46:52 -06:00
William Vu 405eae4b6e
Remove EOL whitespace 2014-11-17 11:46:36 -06:00
jvazquez-r7 2c36f79934
Land #4165, @jhart-r7's check for datastore options on Cisco dtp 
* Fix modules/auxiliary/spoof/cisco/dtp
* Just one of the two options is required
 2014-11-17 11:23:31 -06:00
Joe Vennix fc1635e80a
Fix BAP JS ref error. 2014-11-17 10:06:15 -06:00
HD Moore 9fe4994492 Chris McNab has been working with MITRE to add these CVEs 
These CVEs are not live yet, but have been confirmed by cve-assign
t
 2014-11-16 18:42:53 -06:00
William Vu a521d469ed
Land #4194, Quake protocol support 2014-11-15 17:44:19 -06:00
Jon Hart 57aef9a6f5
Land #4177, @hmoore-r7's fix for #4169 2014-11-13 18:29:57 -08:00
Tod Beardsley e2dc862121
Fix newly introduced typo. 2014-11-13 14:53:57 -06:00
Tod Beardsley dd1920edd6
Minor typos and grammar fixes 2014-11-13 14:48:23 -06:00
jvazquez-r7 f081ede2aa Land #4155, @pedrib's module for CVE-2014-8499 
* Password Manager Pro privesc + password disclosure
 2014-11-12 23:56:26 -06:00
Jon Hart ebf6fe4e56
Minor style cleanup 2014-11-12 16:44:43 -08:00
Jon Hart 07a1653e57
Add gather module for Quake servers 2014-11-12 13:32:56 -08:00
Pedro Ribeiro 9df31e950f Add OSVDB id 2014-11-12 21:32:33 +00:00
Tod Beardsley 54158c8662
Land #4005, TNS poison checker 2014-11-12 13:29:59 -06:00
Tod Beardsley d242bc220b
Minor fixups and disclosure date for TNS module 2014-11-12 13:25:10 -06:00
Tod Beardsley 955a5142ca Edit e-mail address for antispam 2014-11-12 13:19:04 -06:00
jvazquez-r7 70589668c2 Really land the #4130 module 2014-11-12 09:39:01 -06:00
jvazquez-r7 ece8013d7a Use #empty? 2014-11-12 09:35:06 -06:00
jvazquez-r7 f048463ed6 Do minor fixupts 
* Delete peer method
* Make verifications more strict
 2014-11-12 09:33:49 -06:00
jvazquez-r7 a5c87db65e Do minor cleanup 
* Beautify description
* Use double quotes for interpolation
 2014-11-12 09:29:53 -06:00
jvazquez-r7 e1164d3e14 Use snake_case on filename 2014-11-12 09:26:47 -06:00
Tod Beardsley 7e05f88399
Reapply PR #4113 (removed via #4175) 2014-11-11 15:06:43 -06:00
HD Moore 6b4eb9a8e2 Differentiate failed binds from connects, closes #4169 
This change adds two new Rex exceptions and changes the local comm to raise the right one depending on the circumstances. The problem with the existing model is
that failed binds and failed connections both raised the same exception. This change is backwards compatible with modules that rescue Rex::AddressInUse in additi
on to Rex::ConnectionError. There were two corner cases that rescued Rex::AddressInUse specifically:

1. The 'r'-services mixin and modules caught the old exception when handling bind errors. These have been updated to use BindFailed
2. The meterpreter client had a catch for the old exception when the socket reports a bad destination (usually a network connection dropped). This has been updat
ed to use InvalidDestination as that was the intention prior to this change.

Since AddressInUse was part of ConnectionError, modules and mixins which caught both in the same rescue have been updated to just catch ConnectionError.
 2014-11-11 14:59:41 -06:00
Tod Beardsley 017a44c0ae
Revert errored merge of deea30d 
Revert "Merge branch 'master' of https://github.com/farias-r7/metasploit-framework into upstream-master"

This reverts commit deea30ddb4, reversing
changes made to 14514d7b8b.
 2014-11-11 14:38:47 -06:00
Jon Hart 9238d80a24 Use correct source port for NBNS spoofer 
137 is only correct for systems that use this as their source port.
Systems running Samba, for example, don't use this.  So use the port
taken from the original request, not 137 or 1337
 2014-11-11 10:33:27 -08:00
HD Moore 96ba6da697
Add the UDP scanner template, lands #4113. 
There is some additional work to do regarding CHOST/CPORT, but this is not tied to the udp template changes.
 2014-11-11 11:59:30 -06:00
jvazquez-r7 01fda27264 Fix title 2014-11-11 11:15:53 -06:00
jvazquez-r7 a588bfd31a Use single quotes 2014-11-11 09:56:46 -06:00
jvazquez-r7 77c8dc2b64 Dont return nil from 'run' 2014-11-11 09:39:08 -06:00
jvazquez-r7 fb309aae11 Use a Fixnum as FuzzInt default value 2014-11-11 09:36:53 -06:00
jvazquez-r7 f6762b41b6 Use random fake db name 2014-11-11 09:35:51 -06:00
jvazquez-r7 94c353222d Do small cosmetic changes 2014-11-11 09:31:57 -06:00
jvazquez-r7 e9e5869951 update from master 2014-11-11 09:24:33 -06:00
Nikita c0285067c9 Add new module to test TNS poison 
msf auxiliary(tnspoison_checker) > show options 

Module options (auxiliary/scanner/oracle/tnspoison_checker1):

   Name     Current Setting                          Required  Description
   ----     ---------------                          --------  -----------
   RHOSTS   172.16.2.100, 172.16.2.24, 172.16.2.101  yes       The target address range or CIDR identifier
   RPORT    1521                                     yes       The target port
   THREADS  1                                        yes       The number of concurrent threads

msf auxiliary(tnspoison_checker) > exploit 

[+] 172.16.2.100:1521 is vulnerable
[*] Scanned 1 of 3 hosts (033% complete)
[-] 172.16.2.24:1521 is not vulnerable 
[*] Scanned 2 of 3 hosts (066% complete)
[-] 172.16.2.101:1521 unable to connect to the server
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
 2014-11-11 17:29:27 +03:00
jvazquez-r7 091da05a86 update from master 2014-11-10 22:59:44 -06:00
jvazquez-r7 cac6494427 Use snake_case in filename 2014-11-10 16:58:46 -06:00
jvazquez-r7 2c33642de8 Do minor cleanup 2014-11-10 16:57:57 -06:00
jvazquez-r7 12ae8b3ec6 update from master 2014-11-10 16:19:26 -06:00
nullbind 493b81d874 cleanup 2014-11-10 15:22:21 -06:00
nullbind 31fa57fcb2 mssql_enum_sql_logins 2014-11-10 15:19:55 -06:00
Scott Sutherland d543b16cc1 Added mssql_enum_sql_logins.rb 2014-11-10 15:02:46 -06:00
Scott Sutherland ea226f7482 Update mssql_enum_sql_logins.rb 2014-11-10 15:02:14 -06:00
nullbind 74344e9295 added mssql_enum_sql_logins 2014-11-10 13:42:52 -06:00
jvazquez-r7 4b701700c1 Fix banner 2014-11-10 12:40:53 -06:00
Jon Hart 7ed11ffd52
Check for INTERFACE or SMAC in dtp setup 2014-11-10 10:14:47 -08:00
jvazquez-r7 65dbb1a83f Do print_status 2014-11-10 11:26:53 -06:00
jvazquez-r7 7aed1e9581 Create loot_passwords method 2014-11-10 11:21:44 -06:00
jvazquez-r7 92df11baa7 Create report_super_admin_creds method 2014-11-10 11:16:25 -06:00
jvazquez-r7 8f17011909 do run clean up 
* Reduce code complexity
* Don't report not valid administrator credentials
 2014-11-10 11:12:04 -06:00
jvazquez-r7 635df2f233 Fail with NoAccess 2014-11-10 09:50:26 -06:00
jvazquez-r7 9c033492d2 Fix indentation 2014-11-10 09:48:22 -06:00