Commit Graph

70 Commits (616bb8399f914985e6321b97bf9438bfeea5347d)

Author SHA1 Message Date
Brent Cook 40cb13609a update SSLVersion to support all options for rex TCP sockets, add 'TLS' alias 2015-10-02 15:26:49 -05:00
jvazquez-r7 4a9ef30e9e
Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp mixin 2015-09-28 10:31:17 -05:00
Tod Beardsley 7d34452448
TCP and TCPServer should use TLS1 by default 2014-10-27 15:55:50 -05:00
sinn3r 79d393c5aa Resolve merge conflicts
Conflicts:
	lib/msf/core/exploit/smb.rb
	lib/msf/core/exploit/tcp.rb
	modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
Tod Beardsley 62be638258
Add 'Auto' to tcp.rb as well. 2014-10-15 16:01:42 -05:00
HD Moore a762d871bf Autonegotiate SSL/TLS versions when not explicit 2014-10-15 13:26:40 -05:00
Tod Beardsley c4d1a4c7dc
Revert #4022, as the solution is incomplete
Revert "Land 4022, datastore should default TLS1 vs SSL3"

This reverts commit 4c8662c6c1, reversing
changes made to 0937f32ff9.
2014-10-15 12:32:08 -05:00
Tod Beardsley 1754b23ffb
Datastore options should default to TLS1, not SSL3
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)

Squashed commit of the following:

commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:19:04 2014 -0500

    Whoops missed one

commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:16:59 2014 -0500

    Other datastore options also want TLS1 as default

commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:12:06 2014 -0500

    TCP datastore opts default to TLS1

    Old encryption is old. See also: POODLE
2014-10-15 10:28:53 -05:00
James Lee 5434996969
Move TcpServer into its own file 2014-10-14 18:43:40 -05:00
James Lee fab8e16a87
Unbreak server exploits 2014-02-10 10:54:14 -06:00
Joe Vennix 739c7b4ca2 More dead code and tweaks. 2013-11-20 14:44:53 -06:00
Joe Vennix 3ff9da5643 Remove compression options from client sockets.
I couldn't verify that it was working, as it always sends 1 compression type of NULL.
2013-11-20 14:41:45 -06:00
Joe Vennix 109fc5a834 Add SSLCompression datastore option.
Also disables the compression by default. TLS-level compression is almost
never used by browsers, and openssl seems to be the only one that enables
it by default.

This also kills some ruby < 1.9.3 code.
2013-11-19 22:34:39 -06:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
James Lee 3827b14103 Land #1726, ssl verify mode
Conflicts:
	lib/rex/socket/parameters.rb
Fix doc strings
2013-08-12 17:57:10 -05:00
RageLtMan 6eb33ae5ed Rex::Socket::SslTcp set cipher and verify_mode
Update Rex::Socket::SslTcp to accept verification mode string from
Rex::Socket::Parameters, which has been modified accordingly.
Add SSLVerifyMode and SSLCipher options (params and socket work
were done before, but the option was not exposed) to
Msf::Exploit::Tcp.

Testing:
```
>> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort'
=>443,'SSL' => true, 'SSLVerifyMode' => 'NONE')
>> sock.sslctx.verify_mode
=> 0
>> sock.close
=> nil
>> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort'
=>443,'SSL' => true, 'SSLVerifyMode' => 'PEER')
=> #<Socket:fd 13>
>> sock.sslctx.verify_mode
=> 1
```

Note: this should be able to resolve the recent SSL socket hackery
of exploit/linux/misc/nagios_nrpe_arguments.
2013-04-11 18:00:33 -04:00
James Lee 6a0b240d10 Add some better docs for Rex::Socket 2013-04-10 12:41:41 -05:00
HD Moore d656e3185f Mark all libraries as defaulting to 8-bit strings 2012-06-29 00:18:28 -05:00
James Lee bf105f48cb massive removal of spaces at EOL and some bad tabs 2011-11-20 12:32:06 +11:00
James Lee d1e2f274f9 add ability to use arbitrary certs with SSL server sockets.
git-svn-id: file:///home/svn/framework3/trunk@12675 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-20 23:12:35 +00:00
James Lee 3b3bb4d874 clarify SRVHOST description
git-svn-id: file:///home/svn/framework3/trunk@11671 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-29 17:59:46 +00:00
Matt Weeks 0b2f68aa3b Fix error with TcpServer modules not properly cleaning up after job is killed.
Stops StreamServerListener and ClientMonitor threads from remaining after the job is killed and preventing rerunning such modules.



git-svn-id: file:///home/svn/framework3/trunk@11460 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-02 22:30:14 +00:00
HD Moore 1b4190df38 This commit brings configurability to TCP Servers as to which Comm they use. The ReverseListenerComm and ListenerComm advanced options can be used to prevent a given listener from trying to bind a listener over the pivoted routed. This is useful for a number of situations and not possible to configure explicitly before.
git-svn-id: file:///home/svn/framework3/trunk@10534 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 02:11:22 +00:00
HD Moore dfa7fb7d0b Move away from Kernel.select in exchange for IO.select, solves some issues with windows compatibility
git-svn-id: file:///home/svn/framework3/trunk@9330 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 20:42:17 +00:00
HD Moore 42da9e899a Improvements to the cleanup process, close sockets properly for exploits and auxiliary
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 16:26:24 +00:00
HD Moore 6a10d6b6ca Cleanup for tcp mixin, report smb version better, downcase service names
git-svn-id: file:///home/svn/framework3/trunk@8074 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 18:47:04 +00:00
HD Moore 737dc327a3 Fixes #435. Resolves a long-standing issue where datastore entries with a default of 'false' were being ignored.
git-svn-id: file:///home/svn/framework3/trunk@7334 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-03 18:09:05 +00:00
HD Moore 5e137e92fd Fixes #381. To scan for TLSv1 only services, set SSLVersion TLS1
git-svn-id: file:///home/svn/framework3/trunk@7282 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 19:48:15 +00:00
kris 09eb53be5b Use the {add|remove}_socket methods in the IP, TCP and UDP mixins instead doing
the same things individually in each



git-svn-id: file:///home/svn/framework3/trunk@6757 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-09 06:58:11 +00:00
HD Moore e841228ea5 allow the SSL option to be overridden
git-svn-id: file:///home/svn/framework3/trunk@6635 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-09 21:12:15 +00:00
HD Moore ccbf88f5a3 Fixes TCP socket evasion (max_send_size and send_delay)
git-svn-id: file:///home/svn/framework3/trunk@6340 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-14 05:06:13 +00:00
kris 248f1e9fc3 Remove "#{xxx.to_s}" redundancies ('s/\(#{[^}]*\)\.to_s}/\1}/g')
git-svn-id: file:///home/svn/framework3/trunk@6022 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-19 07:11:08 +00:00
HD Moore a7595fce6c Fixes #250. Solves an old bug with background jobs not working right, fixes the 'background modules dont work' bug as well.
git-svn-id: file:///home/svn/framework3/trunk@5926 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-16 20:54:41 +00:00
druid a07a3af2d6 Adds a method hook for any primer code needed to execute immediately after server startup.
git-svn-id: file:///home/svn/framework3/trunk@5792 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 20:31:40 +00:00
Ramon de C Valle f124597a56 Code cleanups
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
HD Moore 5ec3509103 egypt found a bug, regenerate payload was overwriting datastore entries and not setting them back
git-svn-id: file:///home/svn/framework3/trunk@5504 4d416f70-5f16-0410-b530-b9f4589650da
2008-05-16 21:20:43 +00:00
HD Moore 1ea29ba8f0 Fixes #218. Updates the http password capture module. Removes a bogus makefile from the tree
git-svn-id: file:///home/svn/framework3/trunk@5452 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-22 06:34:52 +00:00
HD Moore 1f2791494b General cleanups, bug fixes, removal of debugging statements.
git-svn-id: file:///home/svn/framework3/trunk@5051 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-16 02:17:32 +00:00
HD Moore 30bf0667d8 cosmetic
git-svn-id: file:///home/svn/framework3/trunk@5023 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-03 04:39:18 +00:00
HD Moore ddadf74a85 Fix a typo that could break regenerate_payload
git-svn-id: file:///home/svn/framework3/trunk@5022 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-03 04:38:56 +00:00
HD Moore d0b15d3d72 Lots of SMB fun, all preparation for Black Hat talk :-) More to come...
git-svn-id: file:///home/svn/framework3/trunk@5015 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-03 04:20:50 +00:00
HD Moore 4d1c274387 Merging all of the auxilliary/scanner related features
git-svn-id: file:///home/svn/framework3/trunk@4749 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-24 06:27:39 +00:00
HD Moore 1bb398de59 Adding the Microsoft DNS service exploit, targetting Windows 2000
git-svn-id: file:///home/svn/framework3/trunk@4677 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-14 07:16:33 +00:00
HD Moore 1d1f55f9e9 Added CHOST/CPORT as advanced options. Split out uncommon SMB options as advanced
git-svn-id: file:///home/svn/framework3/trunk@4429 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-18 07:02:47 +00:00
Matt Miller ddd40907d5 fix for service management issue with tcp server/http server mixins
git-svn-id: file:///home/svn/framework3/trunk@4213 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 07:12:04 +00:00
Matt Miller d16a368ea2 fix for tcp server/http server compat
git-svn-id: file:///home/svn/framework3/trunk@4210 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 06:49:04 +00:00
Matt Miller fb161fc3dd ported putty exploit, untested
git-svn-id: file:///home/svn/framework3/trunk@4198 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 02:20:21 +00:00
HD Moore 845f80af59 Bug fix to AddressRange option
Reworked TCP/UDP exploit mixins to allow the source of rhost/rport/etc to be overloaded
Reworked Scanner mixin to deregister RHOST and overflow self.rhost



git-svn-id: file:///home/svn/framework3/trunk@3823 4d416f70-5f16-0410-b530-b9f4589650da
2006-08-12 23:08:20 +00:00
HD Moore 868d7bf561 Working findtag + samba
Removed call to evasions that didnt have corresponding definition


git-svn-id: file:///home/svn/incoming/trunk@3501 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-04 21:04:50 +00:00
bmc 3adb2211b8 * add tcp segment size evasion
* add tcp write delay evasion


git-svn-id: file:///home/svn/incoming/trunk@3497 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-03 19:55:56 +00:00