Commit Graph

5918 Commits (5ce7b4d1861ae5bd30439bfa0e30d5dbb6882c31)

Author SHA1 Message Date
Tod Beardsley 5ce7b4d186 Pass this_cred for tomcat_mgr_login
git-svn-id: file:///home/svn/framework3/trunk@8730 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 20:05:01 +00:00
Joshua Drake 35c4a1d123 handle missing targets more gracefully, stub out linux and x86_64 support detection
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake 28f4eb2fd9 handle failed logins - fixes #1014
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake 2f3b54efe3 use happy color printer functions for cmd_check
git-svn-id: file:///home/svn/framework3/trunk@8727 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:03:59 +00:00
Stephen Fewer 195d1ab4b8 Commit snojobs jpeg patch for espia with an x64 build and some minor changes on the ruby side (The 'screenshot' command is now 'screengrab' to avoid a future conflict with changes happening in stdapi).
git-svn-id: file:///home/svn/framework3/trunk@8726 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:50:24 +00:00
Stephen Fewer 4e73d95dac Commit the JPEG-8 lib code from snowjobs patch. Added an x64 build environment and the libs directory for x86/x64 projects to link against.
git-svn-id: file:///home/svn/framework3/trunk@8725 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:44:36 +00:00
James Lee 9fbf2c0c6e add platform aliases for newer versions of windows.
git-svn-id: file:///home/svn/framework3/trunk@8724 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 08:26:51 +00:00
Joshua Drake de9e944ad9 fix compile error
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
Tod Beardsley 3d1f773f18 Reimplementing DB2's auth checker to use the same methods as the other auth_brute modules.
git-svn-id: file:///home/svn/framework3/trunk@8722 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:44:39 +00:00
Joshua Drake 73da75a931 big update to cmd stager
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there

git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake d8818fc268 execute xp_cmdshell from master explicitly
git-svn-id: file:///home/svn/framework3/trunk@8720 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:55:04 +00:00
Tod Beardsley a5e187bd69 Add the ability to slow down brute force sessions.
git-svn-id: file:///home/svn/framework3/trunk@8719 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:29:26 +00:00
Joshua Drake d370ab62c6 don't wait for shell.run to finish
git-svn-id: file:///home/svn/framework3/trunk@8718 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:33:16 +00:00
Joshua Drake 8a2382ed1a don't wait for shell.run to finish
git-svn-id: file:///home/svn/framework3/trunk@8717 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:32:46 +00:00
Joshua Drake 1629bf7bf0 move http_send_cmd into cmdweb test exploit
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake 0ed5fc1af1 change VERBOSE option from OptString to OptBool
git-svn-id: file:///home/svn/framework3/trunk@8715 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 20:59:49 +00:00
Stephen Fewer a44358df67 Simple fix for #1013 and the migration permission error message.
git-svn-id: file:///home/svn/framework3/trunk@8714 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 19:31:36 +00:00
Joshua Drake 0900314a15 redirect requests without subdirectories
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake 4bd857b53e add exploit module for cve-2008-3558
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
James Lee bf2a64b3ac use new argument list for get_host
git-svn-id: file:///home/svn/framework3/trunk@8711 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:59:55 +00:00
James Lee c2612548c5 fix get_host, was breaking browser_autopwn, see #976
git-svn-id: file:///home/svn/framework3/trunk@8710 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:58:47 +00:00
James Lee 602395ead0 don't set the language if we don't have one
git-svn-id: file:///home/svn/framework3/trunk@8709 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:38:52 +00:00
James Lee 4f08e6fd25 treat the database as write-only and use the (improved) target cache, fixes 986
git-svn-id: file:///home/svn/framework3/trunk@8708 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:37:58 +00:00
James Lee f40a9a5c4b new ie fingerprint
git-svn-id: file:///home/svn/framework3/trunk@8707 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:17:10 +00:00
James Lee 37159d6b41 move this up so all database drivers have a bigger pool, see #976
git-svn-id: file:///home/svn/framework3/trunk@8706 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:10:20 +00:00
Joshua Drake e8f22a7136 add exploit module for cve-2008-3878
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
James Lee dea2ba3420 try a little harder not to break things by making sure there's a space in front of comments before removing them
git-svn-id: file:///home/svn/framework3/trunk@8704 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 03:20:52 +00:00
Joshua Drake 5aebed8fe7 add exploit module for cve-2008-5002
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
James Lee 506fdb63ff remove comments after obfuscating strings so things like 'http://example.com' in a string doesn't get mangled. will still have problems with a string like that and no string obfu
git-svn-id: file:///home/svn/framework3/trunk@8702 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 20:51:29 +00:00
James Lee b70b17b42a don't use undefined variables.
git-svn-id: file:///home/svn/framework3/trunk@8701 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:51:05 +00:00
James Lee 7392de4d3d don't use undefined variables.
git-svn-id: file:///home/svn/framework3/trunk@8700 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:50:22 +00:00
James Lee 7d348c3593 honor the SSL option in HttpServer, fixes #1001
git-svn-id: file:///home/svn/framework3/trunk@8699 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:47:04 +00:00
Joshua Drake fb5906385d add exploit module for cve-2009-1534
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake 9148068acc pass unlink_now flag to close for Tempfile instances
git-svn-id: file:///home/svn/framework3/trunk@8697 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 04:58:12 +00:00
Joshua Drake d86575701d added CVE, KB references
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
James Lee 467a7a5f3e merge mubix's patch to allow importing a simple list of ip addresses from a file, closes #999
git-svn-id: file:///home/svn/framework3/trunk@8695 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 00:34:16 +00:00
James Lee c07b47b30b explicitly rescue timeouts since they inherit from ::Interrupt on ruby 1.8
git-svn-id: file:///home/svn/framework3/trunk@8694 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 23:08:05 +00:00
Tod Beardsley 7d3ac25586 Adds Citrix-ICA to the UDP sweep discovery module.
git-svn-id: file:///home/svn/framework3/trunk@8693 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:48:28 +00:00
Joshua Drake 7a37934a01 process autorun scripts for telnet_login and ssh_login
1. create session.process_autoruns in Msf::Sessions::CommandShell
2. call process_autoruns from within the handler on_session code
4. set user_input and user_output in sessions base set_from_exploit method
5. remove on_session from Msf::Sessions::CommandShellOptions
6. include CommandShellOptions into telnet_login and ssh_login
7. call sess.process_autoruns from telnet_login and ssh_login
8. celebrate (while crossing fingers of course)!

git-svn-id: file:///home/svn/framework3/trunk@8692 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:07:50 +00:00
Tod Beardsley 09a669875c Bumping the minimum version of MySQL to try back to 4.1.20, no problems seen
on that build.



git-svn-id: file:///home/svn/framework3/trunk@8691 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 16:52:22 +00:00
James Lee 15b13d2472 make string obfuscation produce correct code more often (should be 100% now, but no guarantees). stops doing hex-encoding (more hassle than it's worth) and adds random split/concats (jduck's idea)
git-svn-id: file:///home/svn/framework3/trunk@8690 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 14:36:09 +00:00
James Lee 76745eed81 bump the connection pool up to 30 for sqlite; see #976. Not closing the bug, since I don't know how this will work in the long term
git-svn-id: file:///home/svn/framework3/trunk@8689 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 14:27:36 +00:00
Steve Tornio 074b4ada44 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
James Lee b16a08c4cd whitespace
git-svn-id: file:///home/svn/framework3/trunk@8687 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 11:10:23 +00:00
Joshua Drake 4b59410507 rename module per ms bulletin
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake d0153225a0 add exploit module for cve-2009-1612
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake e7a9391a76 minor tweaks, no functional changes
git-svn-id: file:///home/svn/framework3/trunk@8684 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:08 +00:00
Carlos Perez 5f0e0916f3 Improved Pidging Meterpreter Script by Ryan Hayward
git-svn-id: file:///home/svn/framework3/trunk@8683 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 01:54:14 +00:00
Joshua Drake cc9113397c add exploit for IE Windows Help vulnerability
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Tod Beardsley 453451a26d Check the version number of the remote MySQL server before attempting
to log in. Sadly, the library we're using right now doesn't know
how to correctly negotiate 4.x and 3.x versions of MySQL. Until that
gets resolved (by writing a new library for these old versions), 
this will at least prevent false positives/negatives from getting
reported.



git-svn-id: file:///home/svn/framework3/trunk@8681 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 22:56:00 +00:00