b533f74024
Add a bruteforce_speed option to all LoginScanners
2014-12-11 11:06:32 -06:00
09617f990b
Implement BRUTEFORCE_SPEED respect (telnet)
...
This implements just for telnet, but assuming this strategy is kosher,
it's not too painful to add for the rest of the LoginScanner using the
old defaults used by `AuthBrute`.
See #3904 , @dmaloney-r7 or @jlee-r7
2014-12-09 15:40:43 -06:00
46acf08e2d
Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions
2014-10-22 09:09:34 -05:00
e76ee294a1
Restore tcp evasions to telnet
2014-10-21 09:44:55 -05:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
9500038695
Fix #3995 - Make negative messages less verbose
...
As an user testing against a large network, I only want to see
good news, not bad news.
2014-10-11 11:11:09 -05:00
00ec47fb83
call new prepend cred methods
...
add method calls o all the lgoinscanner modules
so that they call the prepend_db_* methods as approrpiate
these methods automatically check to see if DB_ALL_CREDS was
selected
2014-09-04 12:32:35 -05:00
4821851ae4
telnet and ssh next
2014-08-01 14:47:08 -05:00
bebf11c969
Resolves some Login::Status migration issues
...
MSP-10730
2014-07-16 21:52:08 -05:00
a5d88fd2ab
Space in arg list, because I don't hate feedom.
2014-06-12 10:29:14 -05:00
c074ebda7b
refactor telnet_login
2014-06-11 17:46:42 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
abb52a086c
Retab changes for PR #2316
2013-09-05 13:33:59 -05:00
8665de0261
Merge for retab
2013-09-05 13:33:49 -05:00
560d384633
Do first modification to Auxiliary::Login and Auxiliary::AuthBrute
2013-08-31 23:38:04 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
d2885d9045
Correct US Cert references
2012-12-13 14:19:53 -06:00
6b033fb1a8
Only store the password when there's one
2012-11-14 01:25:32 -06:00
212179b95e
change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password
2012-11-13 23:49:45 -06:00
721cf41f47
fix nil class error on non-lantronix hosts
2012-11-13 23:46:59 -06:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
0675a6171b
Cosmetic changes
2012-10-17 17:30:16 -05:00
3bd84e255f
minor cleanup
2012-10-17 22:06:47 +02:00
9af727388f
deleted superfluous code and comments
2012-10-17 14:27:00 -05:00
79da6c7186
added Lantronix telnet password recovery module
2012-10-14 12:46:52 -05:00
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
9d97dc8327
Add Metasploit blogs as references, because they're useful.
2012-09-03 15:57:27 -05:00
073205a875
Merge branch 'master' into feature/vuln-info
2012-06-18 20:21:36 -05:00
909614569a
Revert "Banner encoding fix when running against dd-wrt on ruby 1.9.3"
...
This reverts commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c.
Telnet banner parsing restored
2012-06-18 10:44:06 -04:00
c388cba421
Fix up modules calling report_vuln() to use new syntax
2012-06-17 23:39:20 -05:00
77f95df1e9
Banner encoding fix when running against dd-wrt on ruby 1.9.3
2012-05-21 14:50:57 -05:00
7a78c99c5e
Adding credit to original PoC guy for RuggedCom
...
Just added and commented. It'd be nice to have a real spot for this kind
of credit, because it comes up a lot and it's hard to parse out in a
machine way who 'wrote' the module and who came up with the exploit.
2012-05-16 13:47:15 -05:00
79a590ccf7
Merge pull request #380 from wchen-r7/bmerinofe-telnet_ruggedcom
...
Modified version of pull request #379 - RuggedCom Telnet Password Generator by bmerinofe
2012-05-13 11:13:27 -07:00
15fbb1e86c
This the modified version of pull request #379 . Changes include:
...
* Add more references
* Update description
* MSF license disclaimer
* Remove the to() function. Instead it's in run_host()
* Put 'info' in the :proof key
* Remove ::Exception handling, so we can see the original that's also logged in framework.log
2012-05-13 04:09:17 -05:00
1d2581ebf4
Cosmetic
2012-04-21 14:51:20 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
4369f73c7a
Msftidy fixes on new modules
...
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
a6b10862bd
Adds a lantronix telnet discovery module
2012-02-23 17:22:32 -06:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
a758462a32
Remove some whitespace
2012-02-13 11:01:26 -06:00
bf425a6744
Fixed bug that prevented telnet sessions from opening with good creds
2012-01-06 16:59:08 -08:00
2ad5c56d48
Typo in comment
2011-12-27 19:11:09 -06:00
617f3250cf
Handle patched systems accurately (requires actually triggering the bug)
2011-12-27 19:04:34 -06:00
f8e3119215
Add references
2011-12-27 17:50:06 -06:00
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
c984ea41d1
Quick fix to cred sourcing to eliminate spaces in the source type
2011-11-10 20:39:13 -08:00
Tod Beardsley
James Lee
URI Assassin
sinn3r
David Maloney
Trevor Rosen
Samuel Huckins
jvazquez-r7
Christian Mehlmauer
sinn3r
jgor
Michael Schierl
HD Moore
RageLtMan
Tod Beardsley
David Maloney