infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,700 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

285 Commits (61b2ca6675e2aef769f9d5091cbf8c0d490d0384)

Author SHA1 Message Date
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-16 09:38:44 -05:00
David Maloney 674447c891
final cleanup steps 2014-07-15 15:31:51 -05:00
David Maloney 7ac6640cfd
Merge branch 'staging/electro-release' into feature/MSP-10711/login-status 
Conflicts:
	Gemfile
	Gemfile.lock
	modules/auxiliary/scanner/smb/smb_login.rb
 2014-07-15 15:12:33 -05:00
James Lee 51a9a763c0
Move error_name to InvalidPacket and check for nil 
MSP-10713
 2014-07-15 15:02:53 -05:00
David Maloney 34635ab968
module login status cleanup 
cleanup several bruteforce module to
use the loginstatus constants for result status
 2014-07-15 14:55:41 -05:00
Tod Beardsley b09fab13f0 Fix one flubbed author address 2014-07-11 13:50:37 -05:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
James Lee 62a2f1dc0a
Credential -> Model for realm key constants 2014-07-10 14:30:25 -05:00
James Lee c5226352de
Un-login-able should be print_status, not good 2014-07-09 17:45:41 -05:00
James Lee 7d9c0da691
Record correct creds with non-success status 2014-07-09 13:26:49 -05:00
HD Moore 43d65cc93a Merge branch 'master' into feature/recog 
Resolves conflicts:
	Gemfile
	data/js/detect/os.js
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-07-06 09:17:44 -05:00
James Lee 4e0bcc123d
More useful msg when domain is ignored 2014-06-25 10:01:07 -05:00
James Lee f225ac92ab
Refactor smb_login 
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
 2014-06-25 04:13:37 -05:00
James Lee 669779defb
SMB cred creation refactor 2014-06-20 15:17:40 -05:00
scriptjunkie 5fe8814af6
Land #3330 adding admin check to smb_login 2014-06-15 14:42:26 -05:00
HD Moore a844b5c30a Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
 2014-05-18 10:50:32 -05:00
Tom Sellers a47b883083 Remove redundant simple.connect 
Remove redundant simple.connect. Thanks @jlee-r7
 2014-05-02 12:46:50 -05:00
Tom Sellers b2eeaef475 Add admin check to smb_login 
The attached updates changes smb_login to detect if the newly discovered user is an administrator.  It is based on code from Brandon McCann "zeknox" submitted in PR #1373, the associated changes, and the newer PR #2656.
The changes should correct a few issues with PR #1373 and #2656 and address Redmine bug #8773.

Specifically it:

 - Fixes the admin detection code by using simple.disconnect(<share>) instead of disconnect()
 - Adds support for detecting if the remote host will allow connects using any domain name when one of the new status codes is returned
 - Dealt with the issue in PR #2656 where the username was prefixed with a '\'


Verification

Be connected to a database
Run this against a machine with a known user and admin user
See that the admin user is reported correctly
See that the non-admin user is reported correctly
Check the output of creds
Select a target that requires a domain in order to authenticate
In the stored credentials, with CHECK_ADMIN enabled, see that the domain name is, in fact, preserved in the reporting

To validate that the remote domain ignores domain value use the following command from a windows system:

net use \\<hostip>\admin$ /user:<random_value>\<username>   <password>
 2014-05-02 06:16:21 -05:00
Zinterax fb39e422aa Fix smb_login calling nonexistent method 
When a Rex::Proto::SMB::Exceptions::InvalidWordCount exception is thrown by this module, it attempts to call the nonexistent method error_reason and throws a NoMethodError:

Auxiliary failed: NoMethodError undefined method `error_reason' for #<Rex::Proto::SMB::Exceptions::InvalidWordCount:0x007f48fcda0e48>

This changes uses the built in method get_error to return an error code.

[-] x.x.x.x:445 SMB - [1/1] - \\Domain - FAILED LOGIN (xxxxxxxx) xxxx : xxxxx [STATUS_WAIT_0]
 2014-04-28 09:28:29 -04:00
James Lee ee413ac385
Remove previously deprecated modules 2014-04-20 22:15:44 -05:00
Tod Beardsley 062175128b
Update @Meatballs and @FireFart in authors.rb 2014-04-09 10:46:10 -05:00
HD Moore 20bbf7837c Refactor and integrate smb_fingerprint() for Recog support 2014-03-30 05:52:23 -07:00
William Vu b79920ba8f
Land #3089, InvalidWordCount fix for smb_login 
[FixRM #8730]
 2014-03-19 16:12:56 -05:00
David Maloney da0c37cee2
Land #2684, Meatballs PSExec refactor 2014-03-14 13:01:20 -05:00
Tod Beardsley 206660ddde
Recreate the intent of cfebdae from @parzamendi-r7 
The idea was to rescue on a NoReply instead of just fail, and was part
of a fix in #2656.

[SeeRM #8730]
 2014-03-11 14:30:01 -05:00
sho-luv f7af9780dc
Rescue InvalidWordCount error 
This is a cherry-pick of commit ea86da2 from PR #2656
 2014-03-11 14:17:36 -05:00
Royce Davis 0e7074c139 Modififed output for smb_enumshares module 2014-02-14 13:39:13 -06:00
Royce Davis 6dc9840064 Modified output for smb_enumshares 2014-02-14 13:12:52 -06:00
sinn3r f471f50092 ms08_067_check.rb is deprecated. 
[SeeRM #8755]
 2014-01-26 12:22:13 -06:00
William Vu 7c52f9b496 Update description to use %q{} 2014-01-13 14:42:25 -06:00
William Vu fc616c4413 Clean up formatting 2014-01-09 14:16:31 -06:00
sho-luv a8fcf13972 Added credits and clean initialize 
Added wvu to creds as he did most of work. ;)
 2014-01-08 21:16:09 -05:00
William Vu 8993c74083 Fix even moar outstanding issues 2014-01-08 19:38:54 -06:00
William Vu 1dd29d3b64 Fix moar outstanding issues 2014-01-08 18:11:18 -06:00
William Vu 945a2a296a Fix outstanding issues 2014-01-08 17:09:41 -06:00
sho-luv 35ac9712ab Added auxiliary check for MS08_067 
I simply copied the check from ms08_0867_netapi.rb and put them in
a auxiliary check so I could scan for it. This was done because
Nmap's check is not safe and this is more stable.
 2014-01-08 16:41:44 -05:00
Meatballs dd9bb459bf
PSEXEC Refactor 
Move peer into mixin
PSEXEC should use the psexec mixin
 2013-11-24 16:24:05 +00:00
Tod Beardsley c83262f4bd
Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat 
[SeeRM #8496]
 2013-10-15 13:51:57 -05:00
James Lee 813013fef5 Make defaults sane for the lockoutable smb_login 
See #2376
 2013-10-04 15:53:16 -05:00
James Lee f73c18ccd9 Store the Array, not human-readable version 
[SeeRM #8389]
 2013-09-09 16:44:47 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Rich Lundeen 9d032760ac changed description back 2013-07-24 11:51:06 -07:00
Rich Lundeen e89e2af9dc changed to chomp 2013-07-24 11:09:00 -07:00
Rich Lundeen 3854d08dd9 Fixed smb_enumshares to support dir list in SRVSVC 2013-07-23 21:36:26 -07:00
sinn3r 279787d942 Make this error less verbose too 2013-07-11 17:36:11 -05:00
sinn3r 0906345af4 Ah, typo 2013-07-11 16:53:39 -05:00
sinn3r eb1905025d I bet having ip:rport will make more sense 2013-07-11 16:45:52 -05:00
sinn3r 0a9c1bcfff Too verbose by default drives users nuts, go easy on that. 2013-07-11 13:41:22 -05:00
sinn3r 55dbfc9281 shares_info should only run if there's shares found 2013-07-11 13:36:26 -05:00
sinn3r 14b3e6440c Check nil 2013-07-11 13:31:30 -05:00
sinn3r ca0880428f Make sure module is awre of USE_SRVSVC_ONLY if that kicks in 2013-07-11 11:08:09 -05:00
sinn3r a6ce629c3c Capture a 0xC00000BB condition, plus some other fixes 2013-07-11 10:52:58 -05:00
sinn3r 3e229fe236 [SeeRM:#1233] - Upgrade smb_enumshares to show directories & files 
[SeeRM:#1233] - This is an upgrade based on ringt's code in PR #2017.
As a pentester, it's useful to obtain additional information such as
device type, access rights, folders, and files, etc when doing a share
enumeration.  I have also enhanced exception handling to avoid shutting
errors up, which is better for debugging purposes.
 2013-07-11 00:06:25 -05:00
James Lee 2160718250 Fix file header comment 
[See #1555]
 2013-03-07 17:53:19 -06:00
James Lee 49f00acc11 Fix nil deref when dnsdomain is empty 2013-02-19 11:24:05 -06:00
jvazquez-r7 e32bd8d4e0 Comma deleted 2013-01-25 11:44:08 +01:00
Rob Fuller a204f6fd1b variable typo 2013-01-25 02:18:20 -05:00
Rob Fuller 976e59954c update description 2013-01-25 02:14:42 -05:00
Rob Fuller a9821fce29 add action option for domain user enum 2013-01-25 02:08:30 -05:00
sinn3r 6e6e90d733 Cosmetic changes 2013-01-15 11:36:49 -06:00
sinn3r a06d49a8be Return symbols 
STOP_ON_SUCCESS is being ignored because the module's login function
doesn't pass a symbol to the mixin.  This addresses that.
 2013-01-15 11:25:02 -06:00
Joshua J. Drake 3ceb313752 Fixes format string issue in smb_login - FixRM #7657 2013-01-07 22:17:49 -06:00
Joshua J. Drake c74d258509 Revert "Fixes format string issue in smb_login - FixRM #7657" 
Will replay on separate branch.

This reverts commit a12b628ccc.
 2013-01-07 22:03:57 -06:00
Joshua J. Drake a12b628ccc Fixes format string issue in smb_login - FixRM #7657 2013-01-07 21:20:09 -06:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
sinn3r 0344c568fd Merge branch 'smb_fixes' of git://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-smb_fixes 2012-12-18 11:38:14 -06:00
Royce Davis 600121c36a Fixed issue involing static path to Windows directory 2012-12-06 16:28:59 -06:00
jvazquez-r7 232eb7bf2d Final cleanup plus name change 2012-12-05 00:32:42 +01:00
jvazquez-r7 9cff72af72 Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users 2012-12-05 00:31:24 +01:00
Royce Davis a1136be59e Fixed last ip changed it to peer 2012-12-02 19:17:59 -06:00
Royce Davis 2b171bb003 Added report_note functionality 2012-12-02 18:49:50 -06:00
Royce Davis e4e3ec8fdd Fixed module to use clean psexec method 2012-12-02 18:35:23 -06:00
Royce Davis 476a5dc58c Fixed return without disconnect 2012-12-02 18:27:27 -06:00
Royce Davis 4276279dd8 Fixed print_status to use peer instead of ip 2012-12-02 18:25:09 -06:00
Royce Davis 7d4982b47b Fixed description area and authoer section 2012-11-29 14:21:27 -06:00
Royce Davis d6a3f6666d Fixed simple return form get_output method 2012-11-29 14:15:57 -06:00
Royce Davis cf53588ab7 Removed Version 2012-11-29 14:14:41 -06:00
Royce Davis 3ebbee5b1f Removed generic URLs 2012-11-29 14:13:49 -06:00
Alexandre Maloteaux c0c3dff4e6 Several fixes for smb, mainly win 8 compatibility 2012-11-28 22:49:40 +01:00
Royce Davis 82dc8e8814 Added check for LOGONSERVER and HOMEPATH 2012-11-28 09:02:19 -06:00
Meatballs1 5c10bc11a8 Fix spacing before - 2012-11-12 23:20:40 +00:00
Tod Beardsley dd1da88ff7 Make domain part less stupid looking 2012-11-12 16:54:52 -06:00
Meatballs1 970869b3e4 Retry push 2012-11-12 22:28:44 +00:00
Meatballs1 e30ab85549 Fix some outputting issues 2012-11-12 22:25:08 +00:00
Tod Beardsley f6c565848e Resolving conflicted smb_login 2012-11-09 12:55:18 -06:00
Royce Davis a889c8ae99 error handling adjustments on loggedin_users.rb 2012-11-09 08:33:05 -06:00
Royce Davis 7ce3859e8c Fixed a bunch of bull crap in loggedin_users.rb 2012-11-08 09:49:53 -06:00
Royce Davis 0c0d5b10ec changes loggedin_users.rb 2012-11-08 09:26:17 -06:00
Royce Davis 3bf865456c Better error handling in loggedin_users 2012-11-08 09:13:33 -06:00
Royce Davis 43ebec22b4 Silly typos 2012-11-06 13:14:07 -06:00
Royce Davis 8c41aca091 Removed some non essential requires from loggedin_users.rb 2012-11-06 09:17:09 -06:00
Royce Davis 74745bdad6 New Module loggedin-users 2012-11-05 21:04:27 -06:00
Royce Davis 30088a410c fixed junky spacings 2012-11-05 16:59:56 -06:00
Royce Davis 1a4968e6a8 removed hashgrab.rb from this branch 2012-11-05 16:38:58 -06:00
Royce Davis d5b18114ac New module loggedin_users.rb 2012-11-05 16:37:13 -06:00
Royce Davis 3236b4c425 New module hashgrab.rb 2012-11-05 12:06:51 -06:00
zombieCraig 164321a5ed Add Domain notes to smb_version 2012-10-26 11:56:14 -04:00
Meatballs1 f07cd5235d Msftidy! 2012-10-16 13:59:49 +01:00