infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,078 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

25078 Commits (6e80481384ed124e3a16dde80a215a6660705a34)

Author SHA1 Message Date
HD Moore 6e80481384 Fix bad use of sock.get() and check() implementations 
Many of these modules uses sock.get() when they meant get_once()
and their HTTP-based checks were broken in some form. The response
to the sock.get() was not being checked against nil, which would
lead to stack traces when the service did not reply (a likely
case given how malformed the HTTP requests were).
 2014-06-28 16:05:05 -05:00
HD Moore 3868348045 Fix incorrect use of sock.get that leads to indefinite hang 2014-06-28 15:48:58 -05:00
HD Moore 3ae91410f5 Fix incorrect use of sock.get(), remove rundant return values 2014-06-28 15:24:02 -05:00
HD Moore 6d0d8a911d Fix incorrect use of sock.get() that could lead to indefinite hang 2014-06-28 15:22:16 -05:00
HD Moore a9cd9c584a Respect RPORT even if additional ports are specified 2014-06-28 15:21:54 -05:00
HD Moore 43420aa984 Fix incorrect use of sock.get that can lead to an indefinite timeout 
console1:
```
msf> use auxiliary/scanner/http/open_proxy
msf auxiliary(open_proxy) > set RHOSTS 192.168.0.4
msf auxiliary(open_proxy) > set RPORT 8888
msf auxiliary(open_proxy) > run
< the connection never times out >
```

console2:
```
$ nc -vlp 8888
Listening on [0.0.0.0] (family 0, port 8888)
Connection from [192.168.0.4] port 8888 [tcp/*] accepted (family 2, sport 43245)
GET http://209.85.148.147/ HTTP/1.1
Host: 209.85.148.147
Connection: close
User-Agent: user_agent
Accept-Encoding: *
Accept-Charset: ISO-8859-1,UTF-8;q=0.7,*;q=0.7
Cache-Control: no
Accept-Language: de,en;q=0.7,en-us;q=0.3
```

After the patch, requests timeout after 10 seconds:
```
msf auxiliary(open_proxy) > run
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
```
 2014-06-28 15:18:11 -05:00
HD Moore 3e1ac3fee1 This module was broken due to a hardcoded IP address for google.com 2014-06-28 15:14:29 -05:00
sinn3r a60dfdaacb
Land #3471 - HP AutoPass License Server File Upload 2014-06-26 14:34:32 -05:00
sinn3r ce5d3b12e7
Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape 2014-06-26 13:48:28 -05:00
sinn3r 0b6f7e4483
Land #3404 - MS14-009 .NET Deployment Service IE Sandbox Escape 2014-06-26 11:45:47 -05:00
sinn3r 6075c795e9
Land #3467 - failure message for nil payload 2014-06-26 11:12:37 -05:00
Matt Buck 27ef12bafe
Land #3478, disallow port 0 for portspec 
[Closes #3478]
 2014-06-25 15:46:30 -05:00
David Maloney 42bfe8ba4f
make portspec specs not insane 
the specs for the portspec_to_portlist method
need a lot of work. this gives us some btter minimum coverage
 2014-06-25 14:10:06 -05:00
Chris Doughty 9b35b0e13a Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures 
This reverts commit bba8bd3498, reversing
changes made to 002234993f.
 2014-06-25 13:24:07 -05:00
David Maloney 97d08a081a
reverting port 0 behaviour in portspec 
a change was made to protspec that allowed port 0
when we explicitly dissallowed port 0. This change caused
other code that depended on this behaviour to break
 2014-06-25 13:07:22 -05:00
Joshua Smith 3ed7050b67
Lands 3420 after wrapping most lines at 80 2014-06-24 17:37:43 -05:00
Joshua Smith 3fe162a8b1 wraps most lines at 80 2014-06-24 17:36:10 -05:00
OJ bba8bd3498
Land #3446 -- Meterpreter bins gem switch 2014-06-25 03:00:11 +10:00
HD Moore 002234993f
SMB lib fixes, unattend.xml cred gathering 2014-06-23 20:08:42 -05:00
Meatballs 615aeb66a5
Dont use or 2014-06-23 23:11:04 +01:00
Meatballs 752007848b
Tidy up code 
Dont rescue Exception
Remove eol spaces
Dont use and
More verbose path
 2014-06-23 23:08:33 +01:00
HD Moore b872fa0f0d Handle smb_recv corner case with a cache, clean up find_*, cosmetic 2014-06-23 16:14:18 -05:00
HD Moore 2772d84a18 Major rework of this module, please see the diff 2014-06-23 16:13:42 -05:00
HD Moore 94388e3931 Fix typo in the constant name 2014-06-23 12:51:26 -05:00
William Vu a0aca251f5
Land #3472, releae fixes 2014-06-23 11:41:35 -05:00
Tod Beardsley ac60696247
Land #3468, update for Chromecast wifi spying 2014-06-23 11:39:08 -05:00
Tod Beardsley 0219c4974a
Release fixups, word choice, refs, etc. 2014-06-23 11:17:00 -05:00
jvazquez-r7 267642aa4b Fix description 2014-06-23 09:20:47 -05:00
jvazquez-r7 cc3c06440f Add module for ZDI-14-195, HP AutoPass License Traversal 2014-06-23 09:19:56 -05:00
Tod Beardsley c71eb1aa4e
Add specs for changed object UI 2014-06-22 13:05:17 -05:00
Tod Beardsley 53d0aba305
Add some specs for changed object Priv 2014-06-22 12:54:10 -05:00
William Vu 40d1ec551e
Add WEP, PSK, and MGT 2014-06-21 23:15:20 -05:00
Spencer McIntyre 05d4a1ab2c
Land #3342, Support negation in portspec 2014-06-21 18:14:50 -04:00
Spencer McIntyre 61f4c769eb
Land #3461, Chromecast factory reset module 2014-06-21 17:43:31 -04:00
William Vu 79bf80e6bf
Add generic error handling 
Just in case a factory reset happens to fail.
 2014-06-21 15:35:03 -05:00
jvazquez-r7 469fae7058
Land #3465, @hmoore-r7's module for SMC IPMI Port 49152 file exposure vulnerability 2014-06-20 17:22:28 -05:00
jvazquez-r7 252d917bbb Fix msftidy and favor && over and 2014-06-20 17:21:10 -05:00
jvazquez-r7 e6e0de2b38
Land #3385, @m-1-k-3's DLink authentication.cgi buffer overflow module 2014-06-20 14:33:42 -05:00
jvazquez-r7 e8b914a62f Download rankings for reliable exploit, but depending on a specific version without autodetection 2014-06-20 14:33:02 -05:00
jvazquez-r7 191c871e9b [SeeRM #8815] Dont try to exploit when generate_payload_exe fails 2014-06-20 14:07:49 -05:00
m-1-k-3 afa52072e8 Merge pull request #12 from jvazquez-r7/solve_3385 
Solve conflicts in 3385
 2014-06-20 20:58:17 +02:00
Tod Beardsley f90e8f00e5
Add the first few specs 
Coverage for meterpreter and client core, just the bits I'm changing. I
intend to make liberal use of doubles, since they're easier than mocks
and all I care about is the changed behavior. I refuse to fall into a
trap where I need to first spec out aaaaaalllll of Metepreter just to
make this one change.
 2014-06-20 13:18:55 -05:00
Tod Beardsley 99d60b7d6c
Update .gitignore to avoid Meterpreter bins 2014-06-20 11:57:59 -05:00
Tod Beardsley 2626450c38
Fix indent per @jlee-r7'e eagle eye 2014-06-20 11:52:47 -05:00
jvazquez-r7 f0d04fe77e Do some randomizations 2014-06-20 11:38:10 -05:00
jvazquez-r7 f26f8ae5db Change module filename 2014-06-20 11:27:49 -05:00
jvazquez-r7 33eaf643aa Fix usage of :concat_operator operator 2014-06-20 11:27:23 -05:00
jvazquez-r7 06974701cf Use the old cmd_concat_operator 2014-06-20 11:26:22 -05:00
jvazquez-r7 5542f846d6 Merge to solve conflicts 2014-06-20 11:24:08 -05:00
jvazquez-r7 4203e75777
Land #3408, @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950 2014-06-20 10:27:32 -05:00