infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,433 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

7879 Commits (520c82d7fc074adf73df35d3d4a5ca16e4084e2e)

Author SHA1 Message Date
James Lee 35c0ef0c68
Merge branch 'feature/MSP-9716/mssql_crack' into staging/electro-release 2014-06-20 12:39:07 -05:00
David Maloney 99b1702559
Merge branch 'master' into staging/electro-release 
Conflicts:
	lib/msfenv.rb
 2014-06-20 11:38:47 -05:00
jvazquez-r7 4203e75777
Land #3408, @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950 2014-06-20 10:27:32 -05:00
David Maloney 3c85601426
not every version has dupe supression 2014-06-19 16:28:23 -05:00
jvazquez-r7 a0386f0797 Fix cmd_concat_operator 2014-06-19 15:52:55 -05:00
David Maloney 4453dcdc8e
some minor fixes 2014-06-19 15:45:24 -05:00
David Maloney 8de2109f97
Merge branch 'staging/electro-release' into feature/MSP-9696/http-bruteforce-refactor 2014-06-19 15:38:05 -05:00
James Lee 9421beedb3
Refactor http_login 2014-06-19 14:12:21 -05:00
David Maloney 0ff8708e6d
some minor fixes 2014-06-19 13:08:43 -05:00
Matt Buck 5815ec96df Merge pull request #80 from rapid7/bug/MSP-10038/skip-ssh-passphrase 
Backported net-ssh ask_passphrase functionality

MSP-10038
 2014-06-19 12:53:43 -05:00
David Maloney 53352924d2
Merge branch 'staging/electro-release' into feature/MSP-9716/mssql_crack 
Conflicts:
	Gemfile
 2014-06-19 12:45:53 -05:00
James Lee b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release 2014-06-19 10:14:57 -05:00
James Lee 2d9c6f832a
Moar parens!!1!! 2014-06-19 10:07:21 -05:00
James Lee 594923c790
Don't overwrite ENV if it's set 2014-06-18 14:53:41 -05:00
David Maloney 62f4054858
startring refactor on jtr_mssql 
started work on the mssql hash cracker
fixed some minor bugs with the underlying mixin
crackers now runs. still have to have the cred objects created
 2014-06-18 14:50:08 -05:00
James Lee 5beb43d200
Land #3022, support Gemfile.local 2014-06-18 14:28:57 -05:00
David Maloney fd0e24cdb2
moar docs! 2014-06-18 11:38:07 -05:00
David Maloney 4b4d9796c5
more minor cleanup 
cleanup from code review
 2014-06-18 11:24:55 -05:00
Fernando Arias f24d665516 Backported net-ssh ask_passphrase functionality 
MSP-10038
 2014-06-18 11:21:17 -05:00
Michael Messner 86f523f00c concator handling 2014-06-18 18:15:58 +02:00
David Maloney 9f11170c3b
some minor cleanup on jtr stuff 
minor cleanup to code nstyling stuff
 2014-06-18 10:57:41 -05:00
David Maloney 58b016202b
Merge branch 'staging/electro-release' into feature/MSP-9709/ssh-pubkey 2014-06-18 10:50:29 -05:00
David Maloney 2b0bb608b1
Merge branch 'master' into staging/electro-release 2014-06-18 10:49:58 -05:00
OJ 5879ca3340
Merge branch 'upstream/master' into meatballs x64_injection 2014-06-18 10:24:33 +10:00
David Maloney 34c0b00816
don't autload this mixin 
causes laod order problems when we try to
autoload this mixin. We will just explicitly require
 2014-06-17 16:10:09 -05:00
David Maloney 763f6f8d80
finish cleaning up jtr mixin 
finish cleaning up the module mixin for jtr
 2014-06-17 15:16:32 -05:00
David Maloney 432b88680b
start fixing jtr module mixin 2014-06-17 13:27:11 -05:00
David Maloney d473d86ef0
use tr instead of gsub for mutation 
this should be another slight performance
increase as straight up string replacement
should require less overhead then multiple
runs of regex replacement.
 2014-06-17 10:29:09 -05:00
James Lee 6237d56398
Refactor ssh_login_pubkey 
* Fix a bug in LoginScanner::SSHKey (which was copy-pasted from SSH)
   where the ssh_socket accessor was not being set because of a
   shadowing local var
 * Fix a bug in the db command dispatcher where an extra column was
   added to the table, causing an unhandled exception when running the
   creds command
 * Add a big, ugly, untested class for imitating
   Metasploit::Framework::CredentialCollection for ssh keys. This class
   continues the current behavoir of silently ignoring files that are a)
   encrypted or b) not private keys.
 * Remove unnecessary proof gathering in the module (it's already
   handled by the LoginScanner class)
 2014-06-16 18:38:20 -05:00
David Maloney a81b0ed17b
rename method to_file 
change method name from write to to_file
as it makes more sense for what it is is doing
and what it returns
 2014-06-16 18:03:06 -05:00
David Maloney 95beaa4f7e
correct self-eating array nature 
we never noticed we were modifying the array in place
because we were reculaculating. now with a memoized
version we would get decreasing results
 2014-06-16 17:37:18 -05:00
David Maloney a92a58417f
memoize the mutation keys 
it was recalculating the mutation rules
everytime, and there is no reason to do this
 2014-06-16 17:18:52 -05:00
David Maloney f1a39ef973
enumerators all done with specs 
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
 2014-06-16 13:31:30 -05:00
David Maloney 9af811a2ed
we need to pass in a workspace 2014-06-15 15:52:57 -05:00
David Maloney 897b0b1ee5
wordlist enumerators with some specs 
started the enumerators on the wordlist class
and began adding the specs for them
 2014-06-15 13:37:50 -05:00
scriptjunkie d38a95a352 Merge branch 'bugfixes/post-module-execution-causing-duplicate-search-results' of github.com:nstarke/metasploit-framework into nstarke-bugfixes/post-module-execution-causing-duplicate-search-results 2014-06-15 13:15:57 -05:00
David Maloney a00ff5aeef
yield custom_wordlist words 2014-06-15 12:16:21 -05:00
David Maloney 41d6b326f2
specs for wordlist validations 
added specs to cover the validations on
the JtR wordlist class.
 2014-06-15 11:14:11 -05:00
David Maloney a5fb898904
actually set max run time 
make maxrutnime affect the crack command
 2014-06-14 20:03:56 -05:00
David Maloney 33519b1fcd
cracker validations and specs 
more validations and specs for the cracker class
 2014-06-14 19:59:59 -05:00
David Maloney 10f3531bbb
add exectuable validator 
like the filepath validator but also checks
to see if the file is exectuable by the current
users.
 2014-06-14 18:01:24 -05:00
David Maloney 21f29c4da9
more filepath validators 
added filepath validations to cracker
also made them all conditional validations
 2014-06-14 17:54:37 -05:00
David Maloney 1dd69a5228
wordlist validators 
added custom fielpath vaidator and
added validations to the wordlist class
 2014-06-14 17:49:47 -05:00
David Maloney 466576d03f
jtr wordlist validations started 
start adding validations and exceptions for the
JtR Wordlist class.
 2014-06-14 16:16:30 -05:00
David Maloney 19231b7c8f
starting skeleton on wordlist class 
start framing out JtR wordlist class that
will generate Wordlists to be passed to our
JtR cracker.
 2014-06-14 15:48:25 -05:00
David Maloney 41f7bc1372
add common root words wordlist 
this adds a new wordlist to the data directory.
This wordlist is compiled from statistical analysis of
common Numeric passwords and Common rootwords across
6 years of colleted password breach dumps. Every word in
this list has been seen thousands of times in password
breaches
 2014-06-14 14:13:59 -05:00
David Maloney 873d6e5b99
add all the specs 2014-06-14 12:28:17 -05:00
Tim Wright 9b43749916
Land #3418 - android adobe reader addjisf pdf exploit 
Merge branch 'landing-3418' into upstream-master
 2014-06-14 11:25:29 +01:00
David Maloney b784bea48e
slow roll of specs for jtr cracker 
slowly adding spec coverage for the JtR cracker
 2014-06-13 16:08:56 -05:00
David Maloney 7187138134
start injecting sanity 2014-06-13 14:53:56 -05:00