metasploit-framework

Commit Graph

Author	SHA1	Message	Date
Brent Cook	eea8fa86dc	unify the SSLVersion fields between modules and mixins Also actually handle the 'Auto' option that we had in the crawler and remove hardcoded defaults in modules that do not need them.	2016-03-06 22:06:27 -06:00
Brent Cook	3d1861b3f4	Land #6526 , integrate {peer} string into logging by default	2016-02-15 15:19:26 -06:00
James Lee	ad026b3a7a	Add #peer to Tcp	2016-01-28 13:58:24 -06:00
Christian Mehlmauer	0871fe25e8	change text	2016-01-22 07:38:44 +01:00
James Lee	1f61eb50be	Sort methods	2016-01-14 09:09:29 -06:00
wchen-r7	cea3bc27b9	Fix #6362 , avoid overriding def peer repeatedly def peer is a method that gets repeated a lot in modules, so we should have it in the tcp mixin. This commit also clears a few modules that use the HttpClient mixin with def peer.	2015-12-23 11:44:55 -06:00
Brent Cook	40cb13609a	update SSLVersion to support all options for rex TCP sockets, add 'TLS' alias	2015-10-02 15:26:49 -05:00
jvazquez-r7	4a9ef30e9e	Use SSLVerifyMode and SSLCipher from the Exploit::Remote::Tcp mixin	2015-09-28 10:31:17 -05:00
Tod Beardsley	7d34452448	TCP and TCPServer should use TLS1 by default	2014-10-27 15:55:50 -05:00
sinn3r	79d393c5aa	Resolve merge conflicts Conflicts: lib/msf/core/exploit/smb.rb lib/msf/core/exploit/tcp.rb modules/auxiliary/scanner/http/axis_login.rb	2014-10-21 13:06:35 -05:00
Tod Beardsley	62be638258	Add 'Auto' to tcp.rb as well.	2014-10-15 16:01:42 -05:00
HD Moore	a762d871bf	Autonegotiate SSL/TLS versions when not explicit	2014-10-15 13:26:40 -05:00
Tod Beardsley	c4d1a4c7dc	Revert #4022 , as the solution is incomplete Revert "Land 4022, datastore should default TLS1 vs SSL3" This reverts commit `4c8662c6c1`, reversing changes made to `0937f32ff9`.	2014-10-15 12:32:08 -05:00
Tod Beardsley	1754b23ffb	Datastore options should default to TLS1, not SSL3 Otherwise, we risk getting our connections killed by particularly aggressive DPI devices (IPS, firewalls, etc) Squashed commit of the following: commit 5e203851d5c9dce1fe984b106ce3031a3653e54b Author: Tod Beardsley <tod_beardsley@rapid7.com> Date: Wed Oct 15 10:19:04 2014 -0500 Whoops missed one commit 477b15a08e06e74d725f1c45486b37e4b403e3c2 Author: Tod Beardsley <tod_beardsley@rapid7.com> Date: Wed Oct 15 10:16:59 2014 -0500 Other datastore options also want TLS1 as default commit 8d397bd9b500ff6a8462170b4c39849228494795 Author: Tod Beardsley <tod_beardsley@rapid7.com> Date: Wed Oct 15 10:12:06 2014 -0500 TCP datastore opts default to TLS1 Old encryption is old. See also: POODLE	2014-10-15 10:28:53 -05:00
James Lee	5434996969	Move TcpServer into its own file	2014-10-14 18:43:40 -05:00
James Lee	fab8e16a87	Unbreak server exploits	2014-02-10 10:54:14 -06:00
Joe Vennix	739c7b4ca2	More dead code and tweaks.	2013-11-20 14:44:53 -06:00
Joe Vennix	3ff9da5643	Remove compression options from client sockets. I couldn't verify that it was working, as it always sends 1 compression type of NULL.	2013-11-20 14:41:45 -06:00
Joe Vennix	109fc5a834	Add SSLCompression datastore option. Also disables the compression by default. TLS-level compression is almost never used by browsers, and openssl seems to be the only one that enables it by default. This also kills some ruby < 1.9.3 code.	2013-11-19 22:34:39 -06:00
Tab Assassin	7e5e0f7fc8	Retab lib	2013-08-30 16:28:33 -05:00
James Lee	3827b14103	Land #1726 , ssl verify mode Conflicts: lib/rex/socket/parameters.rb Fix doc strings	2013-08-12 17:57:10 -05:00
RageLtMan	6eb33ae5ed	Rex::Socket::SslTcp set cipher and verify_mode Update Rex::Socket::SslTcp to accept verification mode string from Rex::Socket::Parameters, which has been modified accordingly. Add SSLVerifyMode and SSLCipher options (params and socket work were done before, but the option was not exposed) to Msf::Exploit::Tcp. Testing: ``` >> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort' =>443,'SSL' => true, 'SSLVerifyMode' => 'NONE') >> sock.sslctx.verify_mode => 0 >> sock.close => nil >> sock = Rex::Socket::Tcp.create('PeerHost'=>'10.1.1.1','PeerPort' =>443,'SSL' => true, 'SSLVerifyMode' => 'PEER') => #<Socket:fd 13> >> sock.sslctx.verify_mode => 1 ``` Note: this should be able to resolve the recent SSL socket hackery of exploit/linux/misc/nagios_nrpe_arguments.	2013-04-11 18:00:33 -04:00
James Lee	6a0b240d10	Add some better docs for Rex::Socket	2013-04-10 12:41:41 -05:00
HD Moore	d656e3185f	Mark all libraries as defaulting to 8-bit strings	2012-06-29 00:18:28 -05:00
James Lee	bf105f48cb	massive removal of spaces at EOL and some bad tabs	2011-11-20 12:32:06 +11:00
James Lee	d1e2f274f9	add ability to use arbitrary certs with SSL server sockets. git-svn-id: file:///home/svn/framework3/trunk@12675 4d416f70-5f16-0410-b530-b9f4589650da	2011-05-20 23:12:35 +00:00
James Lee	3b3bb4d874	clarify SRVHOST description git-svn-id: file:///home/svn/framework3/trunk@11671 4d416f70-5f16-0410-b530-b9f4589650da	2011-01-29 17:59:46 +00:00
Matt Weeks	0b2f68aa3b	Fix error with TcpServer modules not properly cleaning up after job is killed. Stops StreamServerListener and ClientMonitor threads from remaining after the job is killed and preventing rerunning such modules. git-svn-id: file:///home/svn/framework3/trunk@11460 4d416f70-5f16-0410-b530-b9f4589650da	2011-01-02 22:30:14 +00:00
HD Moore	1b4190df38	This commit brings configurability to TCP Servers as to which Comm they use. The ReverseListenerComm and ListenerComm advanced options can be used to prevent a given listener from trying to bind a listener over the pivoted routed. This is useful for a number of situations and not possible to configure explicitly before. git-svn-id: file:///home/svn/framework3/trunk@10534 4d416f70-5f16-0410-b530-b9f4589650da	2010-10-04 02:11:22 +00:00
HD Moore	dfa7fb7d0b	Move away from Kernel.select in exchange for IO.select, solves some issues with windows compatibility git-svn-id: file:///home/svn/framework3/trunk@9330 4d416f70-5f16-0410-b530-b9f4589650da	2010-05-20 20:42:17 +00:00
HD Moore	42da9e899a	Improvements to the cleanup process, close sockets properly for exploits and auxiliary git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da	2010-05-01 16:26:24 +00:00
HD Moore	6a10d6b6ca	Cleanup for tcp mixin, report smb version better, downcase service names git-svn-id: file:///home/svn/framework3/trunk@8074 4d416f70-5f16-0410-b530-b9f4589650da	2010-01-05 18:47:04 +00:00
HD Moore	737dc327a3	Fixes #435 . Resolves a long-standing issue where datastore entries with a default of 'false' were being ignored. git-svn-id: file:///home/svn/framework3/trunk@7334 4d416f70-5f16-0410-b530-b9f4589650da	2009-11-03 18:09:05 +00:00
HD Moore	5e137e92fd	Fixes #381 . To scan for TLSv1 only services, set SSLVersion TLS1 git-svn-id: file:///home/svn/framework3/trunk@7282 4d416f70-5f16-0410-b530-b9f4589650da	2009-10-26 19:48:15 +00:00
kris	09eb53be5b	Use the {add\|remove}_socket methods in the IP, TCP and UDP mixins instead doing the same things individually in each git-svn-id: file:///home/svn/framework3/trunk@6757 4d416f70-5f16-0410-b530-b9f4589650da	2009-07-09 06:58:11 +00:00
HD Moore	e841228ea5	allow the SSL option to be overridden git-svn-id: file:///home/svn/framework3/trunk@6635 4d416f70-5f16-0410-b530-b9f4589650da	2009-06-09 21:12:15 +00:00
HD Moore	ccbf88f5a3	Fixes TCP socket evasion (max_send_size and send_delay) git-svn-id: file:///home/svn/framework3/trunk@6340 4d416f70-5f16-0410-b530-b9f4589650da	2009-03-14 05:06:13 +00:00
kris	248f1e9fc3	Remove "#{xxx.to_s}" redundancies ('s/\(#{[^}]*\)\.to_s}/\1}/g') git-svn-id: file:///home/svn/framework3/trunk@6022 4d416f70-5f16-0410-b530-b9f4589650da	2008-12-19 07:11:08 +00:00
HD Moore	a7595fce6c	Fixes #250 . Solves an old bug with background jobs not working right, fixes the 'background modules dont work' bug as well. git-svn-id: file:///home/svn/framework3/trunk@5926 4d416f70-5f16-0410-b530-b9f4589650da	2008-11-16 20:54:41 +00:00
druid	a07a3af2d6	Adds a method hook for any primer code needed to execute immediately after server startup. git-svn-id: file:///home/svn/framework3/trunk@5792 4d416f70-5f16-0410-b530-b9f4589650da	2008-10-27 20:31:40 +00:00
Ramon de C Valle	f124597a56	Code cleanups git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da	2008-10-19 21:03:39 +00:00
HD Moore	5ec3509103	egypt found a bug, regenerate payload was overwriting datastore entries and not setting them back git-svn-id: file:///home/svn/framework3/trunk@5504 4d416f70-5f16-0410-b530-b9f4589650da	2008-05-16 21:20:43 +00:00
HD Moore	1ea29ba8f0	Fixes #218 . Updates the http password capture module. Removes a bogus makefile from the tree git-svn-id: file:///home/svn/framework3/trunk@5452 4d416f70-5f16-0410-b530-b9f4589650da	2008-03-22 06:34:52 +00:00
HD Moore	1f2791494b	General cleanups, bug fixes, removal of debugging statements. git-svn-id: file:///home/svn/framework3/trunk@5051 4d416f70-5f16-0410-b530-b9f4589650da	2007-07-16 02:17:32 +00:00
HD Moore	30bf0667d8	cosmetic git-svn-id: file:///home/svn/framework3/trunk@5023 4d416f70-5f16-0410-b530-b9f4589650da	2007-07-03 04:39:18 +00:00
HD Moore	ddadf74a85	Fix a typo that could break regenerate_payload git-svn-id: file:///home/svn/framework3/trunk@5022 4d416f70-5f16-0410-b530-b9f4589650da	2007-07-03 04:38:56 +00:00
HD Moore	d0b15d3d72	Lots of SMB fun, all preparation for Black Hat talk :-) More to come... git-svn-id: file:///home/svn/framework3/trunk@5015 4d416f70-5f16-0410-b530-b9f4589650da	2007-07-03 04:20:50 +00:00
HD Moore	4d1c274387	Merging all of the auxilliary/scanner related features git-svn-id: file:///home/svn/framework3/trunk@4749 4d416f70-5f16-0410-b530-b9f4589650da	2007-04-24 06:27:39 +00:00
HD Moore	1bb398de59	Adding the Microsoft DNS service exploit, targetting Windows 2000 git-svn-id: file:///home/svn/framework3/trunk@4677 4d416f70-5f16-0410-b530-b9f4589650da	2007-04-14 07:16:33 +00:00
HD Moore	1d1f55f9e9	Added CHOST/CPORT as advanced options. Split out uncommon SMB options as advanced git-svn-id: file:///home/svn/framework3/trunk@4429 4d416f70-5f16-0410-b530-b9f4589650da	2007-02-18 07:02:47 +00:00

1 2

76 Commits (6cb93f2af2116a3f2aa959f2aa94be7a02f62c36)