infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,350 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

24350 Commits (6a41697955384b3257570fcecf9a457fda784a21)

Author SHA1 Message Date
James Lee 6a41697955
Add require 2014-04-30 15:03:49 -05:00
James Lee ea8dc4db5d
Handle connection errors 
Also fix up some yardoc issues
 2014-04-30 13:33:39 -05:00
James Lee b617be3dda
Move doc to the right place 2014-04-30 13:30:42 -05:00
James Lee e8e5a7f72b
Add initial stab at LoginScanner::HTTP 2014-04-30 00:55:45 -05:00
Lance Sanchez ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release 
MSP-9684 #land
 2014-04-29 15:21:56 -05:00
Lance Sanchez 53a212a790
Merge branch 'feature/login_scanner/ftp' into staging/electro_release 
MSP-9669 #land
 2014-04-29 15:04:26 -05:00
David Maloney 00b9c99c89
fix class documentation copypasta 2014-04-29 10:13:11 -05:00
David Maloney 08b2974454
fix class documentation 2014-04-29 10:12:26 -05:00
David Maloney cea12c9d0c
remove metasploit-credential dep 
remove from the Gemfile for now. we don't need it
just yet, and there are dependency resolution issues
 2014-04-28 11:09:31 -05:00
David Maloney c02fb21c3b
Finalized specs for sshkey 
shkey loginscanner now compelte along
with specs
 2014-04-25 15:20:33 -05:00
David Maloney e2d6a57db1
fix spec filename 
had an extra underscore
 2014-04-25 14:27:10 -05:00
David Maloney 8430851a98
Add metasploit-credential to gemfile 
add a temp reference to the metasploit-credential
gem to the gemfile. Need this for access to ssh key
factories for tests
 2014-04-25 14:22:52 -05:00
David Maloney 0fcfb9d655
add proxies to ssh scanner 
allow the SSH LoginScanner
to accept a proxy directive
 2014-04-25 14:22:21 -05:00
David Maloney 35a039848c
add sshkey loginscanner 
added the loginscanner class for SSHKey and
the base specs
 2014-04-25 14:21:08 -05:00
David Maloney 19ba4cc859
Merge branch 'master' into staging/electro_release 2014-04-25 11:38:36 -05:00
David Maloney 2346d583ed
touchups and specsfor FTP Scanner 
add some final touchups and specs to the FTP
Loginscanner object. now fully working.
 2014-04-25 11:02:15 -05:00
David Maloney 838a444b23
first pass of FTP LoginScanner 
made the first pass at the ftp
LoginScanner, with base specs.
Need to still tierate, add more new
specs and clean it up
 2014-04-25 10:14:48 -05:00
William Vu c2bb26590c
Land #3250, version handling for Heartbleed server 2014-04-25 00:17:26 -05:00
Ramon de C Valle fd232b1acd Use the protocol version from the handshake 
I used the protocol version from the record layer thinking I was using
the protocol version from the handshake. This commit fix this and uses
the protocol version from the handshake instead of from the record layer
as in https://gist.github.com/rcvalle/10335282, which is how it should
have been initially.

Thanks to @wvu-r7 for finding this out!
 2014-04-25 01:48:17 -03:00
Tod Beardsley fb3b6f577d
Land #3279, upper bound check for AR 2014-04-24 15:09:07 -05:00
sinn3r 1353c62967
Land #3295 - Fix NoMethodError undefined method `body' for nil:NilClass 2014-04-24 13:53:58 -05:00
sinn3r ba4b507cc7
Land #3280 - Multiplatform WLAN Enumeration and Geolocation 2014-04-24 13:52:32 -05:00
sinn3r 5c0664fb3b
Land #3292 - Mac OS X NFS Mount Privilege Escalation Exploit 2014-04-24 13:43:20 -05:00
David Maloney 1f9cf8c68f
add the mixins for tcp and ftp 
skimmed down, non-module dependent mixins
for TCP client and Ftp client. neccesary for
loginscanner work
 2014-04-24 13:39:04 -05:00
sinn3r 656e60c35c
Land #3254 - Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack BoF 2014-04-24 13:20:50 -05:00
sinn3r cde9080a6a Move module to fileformat 2014-04-24 13:17:08 -05:00
sinn3r a39855e20d Works for XP SP3 too 2014-04-24 13:16:24 -05:00
sinn3r ba8d7801f4 Remove default target because there is no auto-select 2014-04-24 13:15:49 -05:00
sinn3r 2e76db01d7 Try to stick to the 100 columns per line rule 2014-04-24 13:15:12 -05:00
Tom Sellers 8f47edb899 JBoss_Maindeployer: improve feedback against CVE-2010-0738 
The exploit against CVE-2010-0738 won't work when using GET or POST.  In the existing code the request would fail and the function would return a nil.  This would be passed to detect_platform without being checked and cause the module to crash ungracefully with the error:

Exploit failed: NoMethodError undefined method `body' for nil:NilClass

The first changes detect a 401 authentication message and provide useful feedback.  Given that if, in any case, 'res' is not a valid or useful response the second change just terminates processing.

I've stayed with the module's coding style for consistency.
 2014-04-24 12:37:14 -05:00
Christian Mehlmauer ef815ca992
Land #3288, Postgres support for Heartbleed scanner 2014-04-24 18:03:13 +02:00
David Maloney 087bcbdce1
Merge branch 'master' into staging/electro_release 2014-04-24 09:50:18 -05:00
David Maloney 83a9f37241 Merge branch 'feature/ssh_login_scanner' into staging/electro_release 2014-04-24 09:48:09 -05:00
David Maloney 3a66723741
nake scan! more generic 
scan! can now be reused for each scanner and
only attempt_login is specific for each thing.
 2014-04-24 09:43:39 -05:00
Trevor Rosen 5904aa45e6 Merge pull request #1 from rapid7/feature/ssh_login_scanner 
SSH LoginScanner class
 2014-04-24 09:39:28 -05:00
Trevor Rosen e556997bf7
Land #3269 (Pro) fix report import issue 2014-04-24 08:27:06 -05:00
Tom Sellers d4c0d015c1 Update wlan_geolocate.rb 
Updated based on feedback.  Also added enumeration only support for BSD and Solaris.
 2014-04-24 07:04:50 -05:00
Spencer McIntyre 9ccb9397e3
Land #3264, throttl and csv output support for module 2014-04-23 19:00:28 -04:00
Spencer McIntyre e2b92a824f Change white space for authors in dns_reverse_lookup 2014-04-23 18:56:27 -04:00
David Maloney ed8f87d3cf
allow scan! to take a blcok 
by allowing scan! to take block
and yield the result of each attempt
we can do things like have a module print out
status messages
 2014-04-23 12:41:10 -05:00
JoseMi fd95d9ef38 Added english windows xp sp2 target 2014-04-23 17:32:56 +01:00
William Vu 15bd92dd50
Fix OpenSSH timing attack module 2014-04-23 10:10:37 -05:00
William Vu 0a108acea3
Fix missing comma 
Commas will be the death of me.
 2014-04-23 10:10:12 -05:00
William Vu 6d7fde4302
Land #3157, OpenSSH user enumeration timing attack 2014-04-23 10:01:10 -05:00
William Vu 1a2899d57b
Fix up whitespace 'n' stuff 2014-04-23 10:00:34 -05:00
Thanat0s 457c48b89b Error on sleep 2014-04-23 11:38:23 +02:00
Joe Vennix 143aede19c
Add osx nfs_mount module. 2014-04-23 02:32:42 -05:00
David Maloney d25f0d8f6c
cash host resolution 
if we successfuly resolve the host during
the validation, then alter host to the resolved
address to avoid the overhead of subsequent
DNS requests.
 2014-04-22 15:34:16 -05:00
kenkeiras 96f042110f return is not needed when it's the last lifunction line 2014-04-22 22:33:47 +02:00
kenkeiras c9d8da991a Use Rex.sleep instead of select 2014-04-22 22:33:19 +02:00