Tod Beardsley
5ce7b4d186
Pass this_cred for tomcat_mgr_login
...
git-svn-id: file:///home/svn/framework3/trunk@8730 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 20:05:01 +00:00
Joshua Drake
35c4a1d123
handle missing targets more gracefully, stub out linux and x86_64 support detection
...
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake
28f4eb2fd9
handle failed logins - fixes #1014
...
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake
2f3b54efe3
use happy color printer functions for cmd_check
...
git-svn-id: file:///home/svn/framework3/trunk@8727 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:03:59 +00:00
Stephen Fewer
195d1ab4b8
Commit snojobs jpeg patch for espia with an x64 build and some minor changes on the ruby side (The 'screenshot' command is now 'screengrab' to avoid a future conflict with changes happening in stdapi).
...
git-svn-id: file:///home/svn/framework3/trunk@8726 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:50:24 +00:00
Stephen Fewer
4e73d95dac
Commit the JPEG-8 lib code from snowjobs patch. Added an x64 build environment and the libs directory for x86/x64 projects to link against.
...
git-svn-id: file:///home/svn/framework3/trunk@8725 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:44:36 +00:00
James Lee
9fbf2c0c6e
add platform aliases for newer versions of windows.
...
git-svn-id: file:///home/svn/framework3/trunk@8724 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 08:26:51 +00:00
Joshua Drake
de9e944ad9
fix compile error
...
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
Tod Beardsley
3d1f773f18
Reimplementing DB2's auth checker to use the same methods as the other auth_brute modules.
...
git-svn-id: file:///home/svn/framework3/trunk@8722 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:44:39 +00:00
Joshua Drake
73da75a931
big update to cmd stager
...
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there
git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake
d8818fc268
execute xp_cmdshell from master explicitly
...
git-svn-id: file:///home/svn/framework3/trunk@8720 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:55:04 +00:00
Tod Beardsley
a5e187bd69
Add the ability to slow down brute force sessions.
...
git-svn-id: file:///home/svn/framework3/trunk@8719 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:29:26 +00:00
Joshua Drake
d370ab62c6
don't wait for shell.run to finish
...
git-svn-id: file:///home/svn/framework3/trunk@8718 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:33:16 +00:00
Joshua Drake
8a2382ed1a
don't wait for shell.run to finish
...
git-svn-id: file:///home/svn/framework3/trunk@8717 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:32:46 +00:00
Joshua Drake
1629bf7bf0
move http_send_cmd into cmdweb test exploit
...
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake
0ed5fc1af1
change VERBOSE option from OptString to OptBool
...
git-svn-id: file:///home/svn/framework3/trunk@8715 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 20:59:49 +00:00
Stephen Fewer
a44358df67
Simple fix for #1013 and the migration permission error message.
...
git-svn-id: file:///home/svn/framework3/trunk@8714 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 19:31:36 +00:00
Joshua Drake
0900314a15
redirect requests without subdirectories
...
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake
4bd857b53e
add exploit module for cve-2008-3558
...
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
James Lee
bf2a64b3ac
use new argument list for get_host
...
git-svn-id: file:///home/svn/framework3/trunk@8711 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:59:55 +00:00
James Lee
c2612548c5
fix get_host, was breaking browser_autopwn, see #976
...
git-svn-id: file:///home/svn/framework3/trunk@8710 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:58:47 +00:00
James Lee
602395ead0
don't set the language if we don't have one
...
git-svn-id: file:///home/svn/framework3/trunk@8709 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:38:52 +00:00
James Lee
4f08e6fd25
treat the database as write-only and use the (improved) target cache, fixes 986
...
git-svn-id: file:///home/svn/framework3/trunk@8708 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:37:58 +00:00
James Lee
f40a9a5c4b
new ie fingerprint
...
git-svn-id: file:///home/svn/framework3/trunk@8707 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:17:10 +00:00
James Lee
37159d6b41
move this up so all database drivers have a bigger pool, see #976
...
git-svn-id: file:///home/svn/framework3/trunk@8706 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:10:20 +00:00
Joshua Drake
e8f22a7136
add exploit module for cve-2008-3878
...
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
James Lee
dea2ba3420
try a little harder not to break things by making sure there's a space in front of comments before removing them
...
git-svn-id: file:///home/svn/framework3/trunk@8704 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 03:20:52 +00:00
Joshua Drake
5aebed8fe7
add exploit module for cve-2008-5002
...
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
James Lee
506fdb63ff
remove comments after obfuscating strings so things like ' http://example.com ' in a string doesn't get mangled. will still have problems with a string like that and no string obfu
...
git-svn-id: file:///home/svn/framework3/trunk@8702 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 20:51:29 +00:00
James Lee
b70b17b42a
don't use undefined variables.
...
git-svn-id: file:///home/svn/framework3/trunk@8701 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:51:05 +00:00
James Lee
7392de4d3d
don't use undefined variables.
...
git-svn-id: file:///home/svn/framework3/trunk@8700 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:50:22 +00:00
James Lee
7d348c3593
honor the SSL option in HttpServer, fixes #1001
...
git-svn-id: file:///home/svn/framework3/trunk@8699 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:47:04 +00:00
Joshua Drake
fb5906385d
add exploit module for cve-2009-1534
...
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake
9148068acc
pass unlink_now flag to close for Tempfile instances
...
git-svn-id: file:///home/svn/framework3/trunk@8697 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 04:58:12 +00:00
Joshua Drake
d86575701d
added CVE, KB references
...
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
James Lee
467a7a5f3e
merge mubix's patch to allow importing a simple list of ip addresses from a file, closes #999
...
git-svn-id: file:///home/svn/framework3/trunk@8695 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 00:34:16 +00:00
James Lee
c07b47b30b
explicitly rescue timeouts since they inherit from ::Interrupt on ruby 1.8
...
git-svn-id: file:///home/svn/framework3/trunk@8694 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 23:08:05 +00:00
Tod Beardsley
7d3ac25586
Adds Citrix-ICA to the UDP sweep discovery module.
...
git-svn-id: file:///home/svn/framework3/trunk@8693 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:48:28 +00:00
Joshua Drake
7a37934a01
process autorun scripts for telnet_login and ssh_login
...
1. create session.process_autoruns in Msf::Sessions::CommandShell
2. call process_autoruns from within the handler on_session code
4. set user_input and user_output in sessions base set_from_exploit method
5. remove on_session from Msf::Sessions::CommandShellOptions
6. include CommandShellOptions into telnet_login and ssh_login
7. call sess.process_autoruns from telnet_login and ssh_login
8. celebrate (while crossing fingers of course)!
git-svn-id: file:///home/svn/framework3/trunk@8692 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:07:50 +00:00
Tod Beardsley
09a669875c
Bumping the minimum version of MySQL to try back to 4.1.20, no problems seen
...
on that build.
git-svn-id: file:///home/svn/framework3/trunk@8691 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 16:52:22 +00:00
James Lee
15b13d2472
make string obfuscation produce correct code more often (should be 100% now, but no guarantees). stops doing hex-encoding (more hassle than it's worth) and adds random split/concats (jduck's idea)
...
git-svn-id: file:///home/svn/framework3/trunk@8690 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 14:36:09 +00:00
James Lee
76745eed81
bump the connection pool up to 30 for sqlite; see #976 . Not closing the bug, since I don't know how this will work in the long term
...
git-svn-id: file:///home/svn/framework3/trunk@8689 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 14:27:36 +00:00
Steve Tornio
074b4ada44
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
James Lee
b16a08c4cd
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@8687 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 11:10:23 +00:00
Joshua Drake
4b59410507
rename module per ms bulletin
...
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake
d0153225a0
add exploit module for cve-2009-1612
...
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake
e7a9391a76
minor tweaks, no functional changes
...
git-svn-id: file:///home/svn/framework3/trunk@8684 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:08 +00:00
Carlos Perez
5f0e0916f3
Improved Pidging Meterpreter Script by Ryan Hayward
...
git-svn-id: file:///home/svn/framework3/trunk@8683 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 01:54:14 +00:00
Joshua Drake
cc9113397c
add exploit for IE Windows Help vulnerability
...
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Tod Beardsley
453451a26d
Check the version number of the remote MySQL server before attempting
...
to log in. Sadly, the library we're using right now doesn't know
how to correctly negotiate 4.x and 3.x versions of MySQL. Until that
gets resolved (by writing a new library for these old versions),
this will at least prevent false positives/negatives from getting
reported.
git-svn-id: file:///home/svn/framework3/trunk@8681 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 22:56:00 +00:00