Commit Graph

44 Commits (6b97618fb2d9a4d5afadd8b54e376a00caf1ea14)

Author SHA1 Message Date
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Jon Hart 8c8ccc1d54
Update Authors 2014-10-06 11:30:39 -07:00
Jon Hart a341756e83
Support spoofing source IPs for NTP readvar, include status messages 2014-10-03 14:05:57 -07:00
Jon Hart fa4414155a
Only include the exact readvar payload, not any padding 2014-10-03 13:58:13 -07:00
Jon Hart 65c1a8230a
Address most Rubocop complaints 2014-10-03 13:47:29 -07:00
Jon Hart 0715c671c6
Update NTP readvar module to detect DRDoS, UDPScanner to be faster 2014-10-03 13:28:30 -07:00
Josh Abraham 3fb00ece9e refactored the code based on PR feedback 2014-09-20 14:10:00 -04:00
Josh Abraham 43171141da update for ntp modules 2014-09-19 11:14:11 -04:00
Jon Hart 337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification 2014-08-26 07:48:44 -07:00
Tod Beardsley 6d9833e32b
Minor pre-release updates with descriptions 2014-08-25 13:34:45 -05:00
Tod Beardsley 2f87c880df
Add link to blog post for NTP modules 2014-08-25 12:58:10 -05:00
William Vu 7a76efa7f7
Add reference and disclosure date 2014-08-25 11:46:47 -05:00
Jon Hart 9f9f28cc31
If a peer is 127.0.0.1, don't try to store it because we (currently...) can't 2014-08-20 15:48:54 -07:00
Jon Hart 9db3dc7ad8
Store peer data note in the same format as originally 2014-08-20 15:10:45 -07:00
Jon Hart 758c3fa518
Only discard monlist replies that are impossibly short
This fixes the case where if a monlist reply only includes one peer
2014-08-20 15:02:21 -07:00
Jon Hart 7ad9300d37
Update ntp_monlist to use UDPScanner, NTP and DRDoS mixins 2014-08-20 14:41:00 -07:00
Jon Hart 8fd4ee87ab
Allow singular NTP version and mode 7 implementation testing 2014-08-20 12:21:39 -07:00
Jon Hart a5e9abc227
Update R7-2014-12 NTP modules to use new DRDoS mixin 2014-08-08 23:15:54 -07:00
Jon Hart 00452b41c9
Gut admin functions from R7-2014-12 NTP modules
None of these are admin modules.  All of that stuff should eventually go
in auxiliary/admin
2014-08-08 21:22:11 -07:00
Jon Hart ed3ccdc9e0
Initial commit of modules for NTP vulns described in R7-2014-12
Not entirely functional or polished, but mostly working
2014-08-08 21:00:43 -07:00
William Vu 1c4797337f Clean up rapid7/metasploit-framework#3132 2014-03-25 14:04:43 -05:00
Matteo Cantoni 4b2a2d4dea Improve NTP monlist auxiliary module 2014-03-21 16:39:53 +01:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7 1331952515 up to date 2013-03-12 16:55:06 +01:00
jvazquez-r7 6bd995f37e up to date 2013-03-12 16:53:37 +01:00
jvazquez-r7 9891650c30 up to date 2013-03-12 16:51:00 +01:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
jvazquez-r7 a2fd377326 module cleanup 2012-10-31 09:20:00 +01:00
Ewerson Guimaraes (Crash) ffe8a980f4 NTP Module - Remove [WARNING] Carriage return EOL 2012-10-30 22:25:23 -02:00
Ewerson Guimaraes (Crash) b085e8ed73 Revert "Update NTP Module"
This reverts commit 8fd34a4475.
2012-10-30 21:43:21 -02:00
Ewerson Guimaraes (Crash) 8fd34a4475 Update NTP Module
Changed the branche and remove CR
2012-10-30 21:08:01 -02:00
Ewerson Guimaraes (Crash) 4d80e37741 NTP Clock Variables Disclosure 2012-10-18 20:03:28 -03:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
James Lee 464cf7f65f Normalize service names
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
2012-02-21 22:59:20 -07:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
HD Moore 42da9e899a Improvements to the cleanup process, close sockets properly for exploits and auxiliary
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 16:26:24 +00:00
Stephen Fewer a03b7c3feb Commit the modified auxiliary modules to include a CHOST option so the relevant modules can avail of the new UDP pivoting.
git-svn-id: file:///home/svn/framework3/trunk@8432 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:47:38 +00:00
HD Moore 214d624ddc Fix the report_host() code (broken by previous commit), add an advanced option to store db hosts from monlist
git-svn-id: file:///home/svn/framework3/trunk@8283 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:25:17 +00:00
HD Moore 393cf5becb Add the NTP monlist scanner
git-svn-id: file:///home/svn/framework3/trunk@8255 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 06:53:24 +00:00