Commit Graph

81 Commits (6781dfa6eeaf1a5e02a9414fa63bbefa64e29c0c)

Author SHA1 Message Date
Christian Sanders 50074c4617 Fix typo .blank to .blank? 2015-07-22 09:05:16 -05:00
root 452ebcf9ad travis 2015-04-03 16:29:35 +05:00
root be829e77ba cravis error solve 2015-04-03 16:25:18 +05:00
root 4bd40fed7f yard doc and comment corrections for auxiliary 2015-04-03 16:12:23 +05:00
jvazquez-r7 0372b08d83 Fix mixin usage on modules 2015-02-13 17:17:59 -06:00
Tod Beardsley 7e649a919c
This version will actually work. 2015-02-05 21:00:54 -06:00
Tod Beardsley 3e0ce4a955
Fix datastore mangling with instance variables
See rapid7/metasploit-framework #4709
2015-02-05 20:37:18 -06:00
William Vu 9c1487c944
Fix dns_fuzzer datastore 2015-02-05 02:53:14 -06:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Tod Beardsley ffafd4c01f
Add NTP fuzzer from @jhart-r7
Looks good to me!
2014-07-21 12:38:12 -05:00
Jon Hart 06fd1ead9d Address more style issues 2014-07-17 09:37:27 -07:00
Jon Hart 9e5c24a97e Address some Ruby style issues 2014-07-15 16:55:54 -07:00
Jon Hart 1500f33e1b Default to only fuzzing versions 2-4 2014-07-03 07:32:44 -07:00
Jon Hart 1830bdc7a5 Add rspec coverage for Rex::Proto::NTP 2014-07-01 12:29:47 -07:00
Jon Hart bc274b358f Move NTP message code to Rex::Proto::NTP, simplify option handling 2014-06-30 23:57:47 -07:00
HD Moore 3868348045 Fix incorrect use of sock.get that leads to indefinite hang 2014-06-28 15:48:58 -05:00
Jon Hart b9925bb24c Minor option cleanup 2014-06-23 18:38:47 -07:00
Jon Hart 050091d0dd Fuzz all 255 possible mode 7 request codes 2014-06-23 11:38:30 -07:00
Jon Hart 6f03f6657f Support only fuzzing specific mode 6 operations 2014-06-19 11:10:11 -07:00
Jon Hart 8fa81de3bb Fuzz mode 7 more correctly. Cleanup.
Provide empty 188-byte payload for mode 7 messages, otherwise nothing
seems to response.  Provide more useful defaults for versions/modes.
Allow control over what mode 7 stuff is fuzzed.
2014-06-16 11:56:27 -07:00
Jon Hart 0352a5305c When fuzzing mode 6 (control) and 7 (private) messages, print out each version tested since these tend to take a long time 2014-06-16 10:31:08 -07:00
Jon Hart 28bf9f8d50 Correct order of mixins so RHOSTS works properly 2014-06-16 10:02:27 -07:00
Jon Hart 9e5281d0c6 Mixin Msf::Auxiliary::Scanner, switch to run_host to fix DNS lookup issues 2014-06-16 09:58:20 -07:00
Jon Hart c7c0528e44 Fuzz NTP private messages too 2014-06-15 20:23:33 -07:00
Jon Hart 7ce9114a1e Initial commit of an NTP fuzzer 2014-06-11 13:46:08 -07:00
William Vu de49241195
Land #3185, regex option validation 2014-05-14 01:27:18 -05:00
Christian Mehlmauer 3f3283ba06
Resolved some msftidy warnings (Set-Cookie) 2014-05-12 21:23:30 +02:00
Tod Beardsley 17ddbccc34
Remove the broken lorcon module set
None of the lorcon / lorcon2 modules have been functional for a long
time, due to the lack of a "Lorcon" gem. It's unclear where it went.

I'm happy to include it and get these working again, but until someone
comes up with some functional code (hint: 'gem install' doesn't work) I
don't see any reason to keep shipping these.

Is there some trick people are doing to make these work? As far as I can
see, they are broken by default.

````
msf auxiliary(wifun) > show options

Module options (auxiliary/dos/wifi/wifun):

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   CHANNEL    11               yes       The initial channel
   DRIVER     autodetect       yes       The name of the wireless driver
for lorcon
   INTERFACE  wlan0            yes       The name of the wireless
interface

msf auxiliary(wifun) > run

[*] The Lorcon2 module is not available: cannot load such file --
Lorcon2
[-] Auxiliary failed: RuntimeError Lorcon2 not available
[-] Call stack:
[-]
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/exploit/lorcon2.rb:67:in
`open_wifi'
[-]
/home/todb/git/rapid7/metasploit-framework/modules/auxiliary/dos/wifi/wifun.rb:29:in
`run'
[*] Auxiliary module execution completed
````
2014-04-07 16:37:10 -05:00
Christian Mehlmauer 4bf6481242
Added regex option to validate options 2014-04-02 23:51:33 +02:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Christian Mehlmauer 8cada447b2 msftidy: remove $Id$ 2013-01-03 10:21:10 +01:00
Christian Mehlmauer 4d8a2a0885 msftidy: remove $Revision$ 2013-01-03 01:01:18 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
HD Moore 69177105ab Handle a null reply properly, small bug fix 2012-12-07 10:54:08 -08:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
sinn3r 67c5c24f67 Fix multiple bugs
Bug fixes including:
* Unnecessary headers being manually added. Sometimes may cause
  a 400 Bad Request against specific web servers.  See issue 7165
  on Redmine for details.
* Regex fix
* URI path fix
2012-09-24 22:32:59 -05:00
Daniel Miller ed43418156 Fix unused ADDR_DST option in fuzz_beacon
auxiliary/fuzzers/wifi/fuzz_beacon offers ADDR_DST option, probably
copy-pasted from some other wifi modules, but does not use it, likely
because beacons are meant to be sent to broadcast address only. Since
this is a fuzzer, changing the destination address may be desirable.
Used the option in building the frame to be sent.
2012-08-10 16:14:50 -05:00
sinn3r b46fb260a6 Comply with msftidy
*Knock, knock!*  Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r 7c77fe20cc Some variables don't need to be in a double-quote. 2012-03-17 20:37:42 -05:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
sinn3r 974aea3521 Validate 'METHOD' using OptEnum 2012-02-17 18:46:56 -06:00
sinn3r 36bc31d677 Damn, the indent level is nuts in this thing 2012-02-17 18:43:47 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r 8eee54d1d0 Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb) 2012-01-09 14:23:37 -06:00