Commit Graph

65 Commits (66cc050876b04222f0923df1808d25cc9e6e21e8)

Author SHA1 Message Date
Tom Sellers 634a03a852 Update to openssl_heartbleed to deal with SMTP RFC
Added CR character in order to have the commands match SMTP RFC 5321 2.3.8 for line termination. Some SMTP services, such as the Symantec Mail Gateway, require strict compliance or the connection will be dropped with the response  '550 esmtp: protocol deviation'

Reference:
   http://www.symantec.com/business/support/index?page=content&id=TECH96829
   http://tools.ietf.org/html/rfc5321#section-2.3.8
2014-04-14 13:27:33 -05:00
Christian Mehlmauer f115a7f6e1
Fix intendation 2014-04-10 02:52:05 +02:00
gigstorm f1443c039e Updated hash value to SSLv3
Tested and working on server that has SSLv3 only enabled
2014-04-11 14:01:28 -07:00
gigstorm 6ab3478c7e Update to include SSL Version 3 protocol
SSL Version 3 will also respond to this and a server configured to respond to SSL version 3 but not TLS will show false negative without this option (proven).  May need to update cipher suites to include this option.
2014-04-11 12:41:17 -07:00
Sebastiano Di Paola a63f020a68 Fixing coding style 2014-04-11 19:39:57 +02:00
Sebastiano Di Paola 4acacb005d Fixed a bug...referring to wrong variable after filtering with regexp 2014-04-11 19:33:23 +02:00
Sebastiano Di Paola 83fe1cec65 Cleaned up Array.join call 2014-04-11 19:24:32 +02:00
Sebastiano Di Paola 55ec969bd9 Renamed FILTER -> DUMPFILTER, more intuitive and coherent 2014-04-11 19:07:57 +02:00
Sebastiano Di Paola 8268009b36 Renamed PATTERN_FILTER -> FILTER 2014-04-11 19:03:25 +02:00
Sebastiano Di Paola c378fe95c1 Added missing space in comment 2014-04-11 19:01:01 +02:00
Sebastiano Di Paola f8f710547c Fixed call to String.match with regexp pattern 2014-04-11 18:59:59 +02:00
Sebastiano Di Paola 638cb41a3f Remove Spaces at EOL, fixed if test on pattern variable 2014-04-11 18:58:05 +02:00
Sebastiano Di Paola 34fa4e29d9 Restored FTP option 2014-04-11 18:16:19 +02:00
Sebastiano Di Paola eb0e35bf25 Fixed store on file option 2014-04-11 18:07:14 +02:00
Sebastiano Di Paola 4315ad2987 Fixed conflict and used OptRegexp type for pattern 2014-04-11 17:15:39 +02:00
jvazquez-r7 813e0eab89
Land #3233, @wvu-r7's improvements fort heartbleed modules 2014-04-11 09:33:57 -05:00
jvazquez-r7 e2ec53272e Fix also negative numbers 2014-04-11 09:33:27 -05:00
jvazquez-r7 fb5881d8e2
Land #2324, @sensepost and @Firefart's sftp support for heartbleed 2014-04-11 08:47:22 -05:00
jvazquez-r7 2134d676b4 Use verbose by default 2014-04-11 07:58:56 -05:00
William Vu 6675464c20
Fix a few things in the Heartbleed modules 2014-04-10 16:06:40 -05:00
Sebastiano Di Paola 9adf629ee7 Added feature to dump to file leaked memory 2014-04-10 22:51:07 +02:00
Christian Mehlmauer 4fc272c0e9
Fix merge error 2014-04-10 00:53:14 +02:00
Christian Mehlmauer 98816c3a01
Added @sensepost FTP implemenation 2014-04-10 00:48:09 +02:00
singe ccfcf2cedb Added FTP STARTTLS support to heartbleed scanner. 2014-04-10 00:45:59 +02:00
jvazquez-r7 ccdc5bd281 Switch to get since @wvu-r7 also tested successfully with get 2014-04-09 17:30:00 -05:00
Christian Mehlmauer a86a8fed05
Changed heartbleed jabber implementation to match openssl s_client
see here for example implementation:
https://github.com/openssl/openssl/blob/master/apps/s_client.c#L1719
2014-04-09 22:20:32 +02:00
Christian Mehlmauer 856ad7e83d
heartbleed - Better output on wrong jabber domain and add. nil? check 2014-04-09 21:53:17 +02:00
sinn3r 2de210f1c3
Land #3216 - Update @Meatballs1 and @FireFart in authors.rb 2014-04-09 16:38:10 -05:00
Christian Mehlmauer fec089d88d
Land #3219, openssl_heartbleed XMPP fix from @natronkeltner 2014-04-09 20:42:55 +02:00
Jeff Jarmoc 7a424784f8 Change default TLS Version to 1.0
Canonical testing shows this to be more widely supported, and yielding far more vulnerable hosts.  Changing default to reflect that.

Experience of others in #metasploit seems similar.
2014-04-09 13:45:00 -05:00
Christian Mehlmauer e2b50d3709
fix openssl_heardbleed
-) XMPP Domain now configurable
-) Missing get_once to initiate the TLS connection
2014-04-09 20:39:33 +02:00
jvazquez-r7 5696e52fac Fix jabber to field 2014-04-09 13:48:45 -05:00
jvazquez-r7 28a471e446
Land #3221, @Firefart's fix for pop3 starttls 2014-04-09 13:31:45 -05:00
jvazquez-r7 bea810b5d6 Add jabber fix from @natronkeltner 2014-04-09 13:11:45 -05:00
Tod Beardsley 76a9381b2a
Make the title of the Heartbleed module searchable
Right now, the title does not actually tie the Heartbeat check to the
Heartbleed attack, so people searching strictly on module title are not
going to get a hit for this module.
2014-04-09 11:03:01 -05:00
Christian Mehlmauer 899a7c9ea4
heartbleed bugfix for pop3 2014-04-09 17:51:44 +02:00
Tod Beardsley 062175128b
Update @Meatballs and @FireFart in authors.rb 2014-04-09 10:46:10 -05:00
Tod Beardsley 3849d1517f
Restore author credit 2014-04-09 09:42:39 -05:00
jvazquez-r7 8d38087a10 Fix case / when indention 2014-04-09 09:12:55 -05:00
Christian Mehlmauer 0e0fd20f88
Added RFC link 2014-04-09 15:19:29 +02:00
Christian Mehlmauer a0a5b9faa1
Fix heartbleed module
-) incorrect length read
-) Parse TLS errors
2014-04-09 15:08:24 +02:00
jvazquez-r7 a93e22b5c0
Land #3209, @Firefart's heartbleed's module fix 2014-04-09 06:38:06 -05:00
julianvilas 4e7c675f3c Fix typo, extraquote in message 2014-04-09 10:22:15 +02:00
Christian Mehlmauer cdfe333572
updated heartbleed module
-) Heartbeat length was added twice
-) Use the current date for the TLS client_hello
2014-04-09 09:19:05 +02:00
William Vu 5e314f2a7c
Fix outstanding issues 2014-04-08 20:11:28 -05:00
jvazquez-r7 a4e1d866e1 Favor nil? 2014-04-08 18:21:49 -05:00
jvazquez-r7 153e003e23 Do small fixes 2014-04-08 18:21:09 -05:00
jvazquez-r7 39aecb140a Use the datastore option 2014-04-08 16:55:08 -05:00
jvazquez-r7 496dd944e6 Add support for datastore TLSVERSION 2014-04-08 16:51:50 -05:00
jvazquez-r7 d51aa34437 Use Random generation Time as pointed by @Firefart 2014-04-08 16:46:15 -05:00