Commit Graph

7650 Commits (7145078e63d98a9dbe695804fca33c06341c98d1)

Author SHA1 Message Date
jvazquez-r7 3573d31d08 final cleanup 2012-11-18 21:37:24 +01:00
jvazquez-r7 eddea29568 Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login 2012-11-18 21:36:54 +01:00
jvazquez-r7 9fa8204152 datastore parameters cleanup 2012-11-18 11:53:17 +01:00
jvazquez-r7 5b55049610 module cleanup 2012-11-18 11:45:12 +01:00
jvazquez-r7 ea6c3e9b69 Merge branch 'sap_soap_rfc_susr_user_interface' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_susr_user_interface 2012-11-18 11:44:26 +01:00
jvazquez-r7 8a1a811844 Final cleanup 2012-11-18 01:41:10 +01:00
jvazquez-r7 482526e978 Merge branch 'sap_soap_bapi_user_create1' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_bapi_user_create1 2012-11-18 01:40:11 +01:00
jvazquez-r7 889124a439 final cleanup 2012-11-18 00:59:49 +01:00
jvazquez-r7 eed0f92829 Merge branch 'sap_soap_rfc_ping' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_ping 2012-11-18 00:59:35 +01:00
jvazquez-r7 22d4ccadea description updated 2012-11-18 00:35:25 +01:00
jvazquez-r7 a35c640acf final cleanup 2012-11-18 00:32:20 +01:00
jvazquez-r7 e72946303e Merge branch 'sap_soap_rfc_system_info' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_system_info 2012-11-18 00:31:53 +01:00
sinn3r f4aa84956c Add technet reference 2012-11-17 01:24:12 -06:00
sinn3r d4749ff009 Merge branch 'feature/automatic-fs-cleanup' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/automatic-fs-cleanup 2012-11-16 19:02:46 -06:00
jvazquez-r7 59e96e5850 fix typo 2012-11-17 00:35:53 +01:00
jvazquez-r7 8c0e4705f1 final cleanup 2012-11-17 00:18:35 +01:00
jvazquez-r7 c511e58971 Merge branch 'sap_soap_rfc_read_table' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_read_table 2012-11-17 00:18:04 +01:00
James Lee 591b085858 Add support for shell sessions in FileDropper 2012-11-16 15:51:54 -06:00
James Lee c65f37782d Merge branch 'rapid7' into tasos-r7-web-modules 2012-11-16 13:52:18 -06:00
jvazquez-r7 0ef41ffcd4 added reporting to the module 2012-11-16 20:05:26 +01:00
jvazquez-r7 d8d2bee6fb Final cleanup 2012-11-16 19:20:58 +01:00
jvazquez-r7 65c741b539 Merge branch 'sap_soap_th_saprel' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_th_saprel 2012-11-16 19:19:21 +01:00
sinn3r f784ea65af Merge branch 'master' into ms12-005_mod 2012-11-16 11:59:41 -06:00
sinn3r 8648d21b3c Merge branch 'dns_txt_query_exe' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-dns_txt_query_exe 2012-11-16 11:52:57 -06:00
sinn3r 8375bb8390 Merge branch 'bypassuac_admincheck' of git://github.com/mubix/metasploit-framework into mubix-bypassuac_admincheck 2012-11-16 11:29:09 -06:00
sinn3r 8930d618e3 Merge branch 'invision_pboard_cleanup' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_cleanup 2012-11-16 11:24:04 -06:00
jvazquez-r7 e8fe6031e9 Let default timeout for send_request_cgi 2012-11-16 18:09:47 +01:00
jvazquez-r7 51f238ec38 up to date 2012-11-16 16:03:09 +01:00
James Lee 83708a5a48 Add a FileDropper mixin for recording cleanup targets
Doesn't cover shell sessions yet, so needs a bit more work
2012-11-15 17:52:10 -06:00
Vlatko Kosturjak c0df3a0407 Remove curly braces 2012-11-15 23:27:25 +01:00
Vlatko Kosturjak eea85cf2ca Remove curly braces 2012-11-15 23:26:28 +01:00
Vlatko Kosturjak 836d83a253 Remove curly braces 2012-11-15 23:25:10 +01:00
Vlatko Kosturjak 854bfe09e2 remove curly braces 2012-11-15 23:23:46 +01:00
Vlatko Kosturjak 73d43beff3 Remove EOL spaces 2012-11-15 22:46:22 +01:00
Vlatko Kosturjak afced2278d Remove EOL spaces 2012-11-15 22:43:47 +01:00
Vlatko Kosturjak e479399b5d Initial import of OpenVAS aux scripts 2012-11-15 22:39:56 +01:00
Vlatko Kosturjak f7f7c451d3 Initial import of Nexpose aux scripts 2012-11-15 22:35:35 +01:00
Vlatko Kosturjak 1956af7dc1 Initial import of Metasploit RPC aux scripts 2012-11-15 22:32:22 +01:00
Vlatko Kosturjak bd03a2dcfd Initial import of Nessus basic aux scripts 2012-11-15 22:28:56 +01:00
David Maloney de016780b8 Rename the PAYLOAD_TYPE datastore option
This datastore option conflicts with a reserved option in Pro causing
this module to fail in Pro.
2012-11-15 14:42:31 -06:00
Rob Fuller e18acf2103 remove debugging code 2012-11-14 23:56:32 -05:00
Rob Fuller 7d41f1f9a0 add admin already and admin group checks 2012-11-14 23:54:01 -05:00
jvazquez-r7 09ec7dea95 fix check function after speak with egix 2012-11-15 01:34:17 +01:00
jvazquez-r7 3ba3e906d7 added improvements by egix 2012-11-15 01:20:32 +01:00
nmonkee 62f9766e63 made requested changes 2012-11-15 00:00:31 +00:00
James Lee 35a7999b4e Merge branch 'rapid7' into tasos-r7-web-modules 2012-11-14 17:41:27 -06:00
nmonkee b9a8791b87 made requested changes 2012-11-14 23:40:20 +00:00
nmonkee 047d6d350a looks like I committed the wrong file first time round :( 2012-11-14 23:34:21 +00:00
nmonkee a252dbc5d7 made requested changes 2012-11-14 23:25:25 +00:00
nmonkee 91b81bee4a made requested changes 2012-11-14 23:19:09 +00:00
nmonkee 308eee7c4f made requested changes 2012-11-14 23:00:45 +00:00
nmonkee aa3cd500bb made requested changes 2012-11-14 22:49:34 +00:00
nmonkee 83215edd8c made requested changes 2012-11-14 22:38:32 +00:00
nmonkee c5a017d054 made requested changes 2012-11-14 22:25:10 +00:00
nmonkee 833af3a347 made requested changes 2012-11-14 22:13:06 +00:00
nmonkee e55e5d2796 made requested changes 2012-11-14 20:12:37 +00:00
sinn3r af8ac2fbf6 There's a bug here, can you tell?
Need to be aware of what happens when no version is captured.
2012-11-14 11:54:59 -06:00
sinn3r fcad2c3e26 Merge branch 'invision_pboard_cookie_prefix' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_cookie_prefix 2012-11-14 11:52:58 -06:00
Tod Beardsley 4d633016aa Merge remote branch 'Meatballs1/smb_login_update'
Thus ends our long national nightmare.
2012-11-14 10:13:34 -06:00
Tasos Laskos 8a9f0a0890 Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-14 18:10:41 +02:00
jvazquez-r7 88ea347e40 added cookie prefix check 2012-11-14 16:20:40 +01:00
sinn3r 6b033fb1a8 Only store the password when there's one 2012-11-14 01:25:32 -06:00
jgor 212179b95e change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password 2012-11-13 23:49:45 -06:00
jgor 721cf41f47 fix nil class error on non-lantronix hosts 2012-11-13 23:46:59 -06:00
sinn3r 1546aa6a10 No need to repeat the default values 2012-11-13 18:38:17 -06:00
sinn3r 9054fafb15 Not sure why paths were repeated, but no more. 2012-11-13 18:32:32 -06:00
sinn3r 4675cd873b Merge branch 'client_system_analyzer_upload' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-client_system_analyzer_upload 2012-11-13 11:21:23 -06:00
Royce Davis f9b4971fc3 Fixed hard coded paths in psexec on command.rb 2012-11-13 10:28:16 -06:00
jvazquez-r7 fc571b1688 Merge branch 'enum_dirperms_default_path' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_dirperms_default_path 2012-11-13 17:24:53 +01:00
James Lee bbb2f69b55 Add missing require for PhpExe 2012-11-13 10:17:42 -06:00
sinn3r ee7e502e89 Merge branch 'impersonate_ssl_tweak' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-impersonate_ssl_tweak 2012-11-13 09:36:28 -06:00
sinn3r cd257f6cd4 Merge branch 'download_exec' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-download_exec 2012-11-13 01:48:19 -06:00
sinn3r 7d317e7863 Use PhpEXE, and a check() function
Uses the PhpEXE mixin for the payload. And then in the future
we can modify PhpEXE again to allow it to be space-free (problem
being a space is required when you use a function).  Also, this
commit has a new check function.
2012-11-13 01:41:26 -06:00
sinn3r 162b5a391a Merge branch 'invision_pboard_unserialize_exec' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_unserialize_exec 2012-11-13 00:40:30 -06:00
sinn3r f707a4774d Merge branch 'esmnemon-modbus-aux' 2012-11-12 23:42:00 -06:00
sinn3r aa6ac36abd Cosmetic changes, mostly 2012-11-12 23:41:31 -06:00
sinn3r 66fe8ade52 Merge branch 'modbus-aux' of git://github.com/esmnemon/metasploit-framework into esmnemon-modbus-aux 2012-11-12 22:40:34 -06:00
sinn3r e235aadcc0 Sometimes we might not be able to access a dir, be aware of that 2012-11-12 18:59:44 -06:00
sinn3r 862dd18b1c Merge remote-tracking branch 'upstream/master' into enum_dirperms_default_path
Conflicts:
	modules/post/windows/gather/enum_dirperms.rb
2012-11-12 18:54:47 -06:00
sinn3r 5270487d81 Add credit 2012-11-12 18:35:32 -06:00
sinn3r be36083097 Make PATH optional, also correct a filtering bug
If the PATH option is not specified, the module will try to
enumerate from %PATH%.  Also, this commit fixes a bug in the
filtering routine (basically the filtering routine didn't
really work).
2012-11-12 18:29:56 -06:00
corelanc0d3r 0bf92b5d97 improved payload dns_txt_query_exec 2012-11-13 00:55:32 +01:00
Meatballs1 5c10bc11a8 Fix spacing before - 2012-11-12 23:20:40 +00:00
corelanc0d3r cad7eb0130 renamed and optimized download_exec payload 2012-11-13 00:02:49 +01:00
Tod Beardsley dd1da88ff7 Make domain part less stupid looking 2012-11-12 16:54:52 -06:00
Meatballs1 970869b3e4 Retry push 2012-11-12 22:28:44 +00:00
sinn3r 222af8c91d Fix NoMethodError when check_dir fails to enum the permission
See the following for more info:
http://dev.metasploit.com/redmine/issues/7452
2012-11-12 16:27:32 -06:00
Meatballs1 e30ab85549 Fix some outputting issues 2012-11-12 22:25:08 +00:00
sinn3r 72f0a5613f Add more improvements 2012-11-12 15:40:12 -06:00
sinn3r 8fe3f289bf Merge branch 'drupal_views_user_enum.rb' of git://github.com/zeknox/metasploit-framework into zeknox-drupal_views_user_enum.rb 2012-11-12 14:48:13 -06:00
Royce Davis 683bcd4b82 Added disconnect method to command.rb 2012-11-12 11:25:12 -06:00
Royce Davis e57275d3f6 added check cleanup method to command.rb 2012-11-12 09:46:02 -06:00
jvazquez-r7 8e7a748805 thins in place... 2012-11-11 20:19:20 +01:00
jvazquez-r7 5076198ba2 fixing bperry comments 2012-11-11 20:18:19 +01:00
jvazquez-r7 c4f10a1d53 added bid reference 2012-11-11 17:48:57 +01:00
jvazquez-r7 9d3c068da0 added linux target 2012-11-11 17:28:48 +01:00
jvazquez-r7 8619c5291b Added module for CVE-2012-5076 2012-11-11 17:05:51 +01:00
Chris John Riley 38b25f01f7 Corrected bad coding (sorry)
Added OptEnum and OptPath
Checks for nil and empty
Added reference
Made AlterSerial an advanced option instead of always on
2012-11-10 20:24:50 +01:00
Chris John Riley 6482de44e4 Added checks for Extension and Domain
Altered error handling on no response
2012-11-10 13:21:41 +01:00
jvazquez-r7 42dd1ee3ff added module for CVE-2012-5692 2012-11-10 11:35:21 +01:00
Tod Beardsley 1b9d45e106 Test for subdom_list existence first
Otherwise, you get

````
[11/09/2012 14:50:38] [e(0)] core: Error running against host
173.236.237.136: can't convert nil into String
````

Other than that, looks good.

[Fixes #851]
2012-11-09 15:01:36 -06:00
Tod Beardsley 171ebe13cd Whitespace fix for vhost_scanner 2012-11-09 14:48:46 -06:00
Tod Beardsley b1c35fdb24 Merge remote branch 'sempervictus/http_vhost_scanner_from_file' 2012-11-09 14:46:54 -06:00
Tod Beardsley 9a94fef8d0 Merge branch 'llmnr-spoof' 2012-11-09 14:36:04 -06:00
Tod Beardsley a6fd0fee1c Fix up notification to not spam or hide
Instead of hiding the success notification in vprint, it should print,
but not every time. This fix thottles the notification to ten seconds
per host.

[Fixes #731]
2012-11-09 14:31:28 -06:00
Tod Beardsley 6cd5b79b60 Getting rid of Id and Revision 2012-11-09 13:30:14 -06:00
Tod Beardsley f6c565848e Resolving conflicted smb_login 2012-11-09 12:55:18 -06:00
Royce Davis 6e257d5f57 Simplify main method 2012-11-09 08:50:09 -06:00
Royce Davis a889c8ae99 error handling adjustments on loggedin_users.rb 2012-11-09 08:33:05 -06:00
Tasos Laskos 7032ef0f6f Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-09 00:21:38 +02:00
Chris John Riley 08d56e31e1 recreated in new branch
removed space at EOL
2012-11-08 22:38:21 +01:00
Chris John Riley b75ade746c Removed EOL spaces
Removed unrequired udp_sock.close
2012-11-08 22:26:37 +01:00
jvazquez-r7 21693831ae Added module for ZDI-11-018 2012-11-08 17:32:42 +01:00
Royce Davis 7ce3859e8c Fixed a bunch of bull crap in loggedin_users.rb 2012-11-08 09:49:53 -06:00
Royce Davis 0c0d5b10ec changes loggedin_users.rb 2012-11-08 09:26:17 -06:00
Royce Davis 3bf865456c Better error handling in loggedin_users 2012-11-08 09:13:33 -06:00
HD Moore 36066f8c78 Catch a few stragglers for double slash 2012-11-08 07:21:37 -06:00
HD Moore 4d2147f392 Adds normalize_uri() and fixes double-slash typos 2012-11-08 07:16:51 -06:00
HD Moore 5ad2749cee Rework ADDP modules to use the new mixin 2012-11-08 06:40:32 -06:00
HD Moore 0e8a3f0ea6 Merge branch 'master' into feature/udp-scanner-mixin 2012-11-08 06:09:22 -06:00
HD Moore e008120c11 Bug fixes to the SSDP discovery module 2012-11-08 06:08:49 -06:00
Chris John Riley da6bf29699 Display message when no response received 2012-11-08 11:59:13 +01:00
James Lee ac1b60e6db Remove debug load 2012-11-07 20:00:41 -06:00
Royce Davis 22ecd6afa9 Edit command.rb 2012-11-07 15:17:13 -06:00
Royce Davis 18aab8bcc7 Remove extrat comment lines from command.rb 2012-11-07 15:09:57 -06:00
Royce Davis d159aa6f9f Changed error handeling of command.rb module 2012-11-07 15:03:31 -06:00
David Maloney 04a80e0648 Fixes to the WMI setup 2012-11-07 11:26:48 -06:00
David Maloney 208e706307 Module title fixes 2012-11-07 10:33:14 -06:00
nmonkee 92679cd1c8 SAP Web GUI Brute Force 2012-11-07 16:18:00 +00:00
nmonkee c13f8d8eba SAP RFC TH_SAPREL 2012-11-07 16:10:09 +00:00
nmonkee f618000d0d SAP SOAP RFC SUSR_RFC_USER_INTERFACE (user creation) 2012-11-07 16:04:07 +00:00
nmonkee 2b973263b7 SAP SOAP RFC_Info 2012-11-07 15:17:56 +00:00
nmonkee 509e63268b SAP SOAP RFC SXPG_CALL_SYSTEM 2012-11-07 15:06:28 +00:00
Royce Davis ac518f7091 Removed double lines in Author field and general URLs 2012-11-07 08:22:09 -06:00
nmonkee ddcc0a9592 This module makes use of the SXPG_CALL_SYSTEM Remote Function Call (via SOAP) to execute OS commands as configured in SM69. 2012-11-07 12:48:08 +00:00
nmonkee e053c4a0ad This module makes use of the RFC_READ_TABLE Remote Function Call (via SOAP) to read data from tables. 2012-11-07 12:37:01 +00:00
Chris John Riley fc03fbe881 Initial sip_deregister.rb 2012-11-07 13:35:33 +01:00
nmonkee 3be7ad06c4 Calls the RFC_PING RFC module via SOAP to test the availability of the function. The function simply tests connectivity to remote RFC destinations. 2012-11-07 11:35:53 +00:00
nmonkee b86bc9f365 SAP SOAP RFC DBMCLI Command Injection (via SXPG_CALL_SYSTEM) 2012-11-07 11:29:16 +00:00
nmonkee f82b51b2c4 This module calls the RFC BAPI_USER_CREATE1 module (via SOAP). The module can be used for creating/modifying users. 2012-11-07 11:16:31 +00:00
nmonkee 6b7b8f7265 Flipping OptString for OptEnum 2012-11-07 11:00:43 +00:00
nmonkee d19be3024f Flipping OptEnum for OptString 2012-11-07 10:58:07 +00:00
nmonkee 51a3aa514d This module attempts to brute force the username | password via an RFC interface (over SOAP) 2012-11-07 10:45:25 +00:00
Royce Davis aec4d99549 ran msftidy on command.rb 2012-11-06 16:33:47 -06:00
Royce Davis 9f87b7b674 Removed smb_exec from this branch 2012-11-06 16:18:38 -06:00
Brandon McCann c4f35def81 fixed vprint_line 2012-11-06 14:58:14 -06:00
Brandon McCann d835a046ed fixed drupal_views_user_enum.rb so it displays to stdout and stores to loot 2012-11-06 14:53:11 -06:00
Royce Davis 43ebec22b4 Silly typos 2012-11-06 13:14:07 -06:00
Royce Davis 8c41aca091 Removed some non essential requires from loggedin_users.rb 2012-11-06 09:17:09 -06:00
Royce Davis e40ab4367a removed other modules 2012-11-05 21:07:09 -06:00
Royce Davis 74745bdad6 New Module loggedin-users 2012-11-05 21:04:27 -06:00
Royce Davis 30088a410c fixed junky spacings 2012-11-05 16:59:56 -06:00
Royce Davis 1a4968e6a8 removed hashgrab.rb from this branch 2012-11-05 16:38:58 -06:00
Royce Davis d5b18114ac New module loggedin_users.rb 2012-11-05 16:37:13 -06:00
Tod Beardsley b973927ab2 Msftidy on digi_addp_reboot and pgpass_creds 2012-11-05 16:19:38 -06:00
jvazquez-r7 9166d12179 Merge branch 'WinRM_piecemeal' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal 2012-11-05 23:08:59 +01:00
Tod Beardsley 70d53b4e2d Merge remote branch 'jvazquez-r7/emc_networker_format_string' 2012-11-05 16:03:56 -06:00
jvazquez-r7 77b1e9e648 added comment about ropdb 2012-11-05 23:02:23 +01:00
Tod Beardsley e385aad9e5 Merge remote branch 'jvazquez-r7/emc_networker_format_string' 2012-11-05 16:02:18 -06:00
HD Moore aa8549fb6b Correct use of rport. 2012-11-05 15:57:59 -06:00
Tod Beardsley 23cc2bd1a1 Merge remote branch 'origin/master' 2012-11-05 15:56:21 -06:00
Tod Beardsley 6a4d398b5d Merge remote branch 'origin/feature/addp-modules' 2012-11-05 15:55:30 -06:00
jvazquez-r7 0f5f5f966b Merge branch 'master' into feature/realport-modules 2012-11-05 22:52:38 +01:00
David Maloney 9d5ab5a66f Stupid typing error 2012-11-05 15:41:47 -06:00
David Maloney 314026ed0e Some error checking and fixups 2012-11-05 13:29:57 -06:00
Royce Davis 3236b4c425 New module hashgrab.rb 2012-11-05 12:06:51 -06:00
Royce Davis a31606e196 New module ntdsgrab.rb 2012-11-05 12:05:16 -06:00
Royce Davis 0b940d8087 New module command.rb 2012-11-05 12:03:51 -06:00
Royce Davis aa6e8c7437 smb_exec 2012-11-05 11:46:39 -06:00
Royce Davis a9db705b60 New module for submission smb_exec 2012-11-05 11:45:03 -06:00
Royce Davis b4872c1c48 Submiting module smb_exec to MSF 2012-11-05 11:37:10 -06:00
David Maloney 7c141e11c4 Hopefully final touches
Some smftidy cleanup, and added a method to check that the payload is
the correct arch when using the powershell method
2012-11-05 10:06:57 -06:00
jvazquez-r7 04668c7d61 fix response codes check to avoid second tries to fail 2012-11-05 09:26:26 +01:00
HD Moore dccfb63bd6 Cleanup based on PR #1008 feedback 2012-11-04 22:47:56 -06:00
HD Moore 36f82fba09 Remove unused version fields from template 2012-11-04 22:38:31 -06:00
David Maloney 25a6e983a1 Remove the older modules 2012-11-04 14:48:34 -06:00
David Maloney fca8208171 Some minor code cleanup 2012-11-04 14:45:15 -06:00
David Maloney f69ccc779f Unified smarter module 2012-11-04 13:14:02 -06:00
David Maloney c30ada5eac Adds temp vbs mod and tweaked decoder stub 2012-11-04 12:49:15 -06:00
HD Moore 910a91a0f6 First commit of a udp_mixin and modified scanners 2012-11-04 01:13:38 -05:00
HD Moore 963fdd6430 Initial commit for Digi RealPort modules 2012-11-03 17:44:53 -05:00
jvazquez-r7 88c99161b4 added universal target 2012-11-03 18:52:07 +01:00
jvazquez-r7 9576d26299 Merge branch 'bitweaver_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-bitweaver_traversal 2012-11-03 18:25:46 +01:00
jvazquez-r7 b8eea1007f Added module for CVE-2012-2288 EMC Networker Format String 2012-11-03 18:17:12 +01:00
sinn3r 10cccb34d8 Uh... I don't want that print_line(). Forgot to remove it. 2012-11-03 05:18:17 -05:00
sinn3r 4415849009 Another attempt to fix the regex 2012-11-03 05:17:32 -05:00
HD Moore 80ebcf212a See PR #981.Only real change is to retry on ENOBUF 2012-11-02 23:05:16 -05:00
sinn3r d449052472 Make <br /> tag optional 2012-11-02 18:25:48 -05:00
sinn3r 45dce9ff76 Modify regex 2012-11-02 16:44:27 -05:00
HD Moore 0d6acad1a0 Updates for PR #981 (cleanup) 2012-11-02 15:47:52 -05:00
HD Moore 0bf5f63d67 Merge branch 'master' into feature/addp-modules 2012-11-02 15:41:03 -05:00
sinn3r d4fc99e40c Merge branch 'ms10_104_100_continue_support' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ms10_104_100_continue_support 2012-11-02 15:16:35 -05:00
sinn3r 1d26491b77 Ok... last fix, really 2012-11-02 15:09:30 -05:00
sinn3r a161c1faa0 Final changes 2012-11-02 15:06:51 -05:00
sinn3r ea5dc940d2 Move module to the correct directory 2012-11-02 14:52:28 -05:00
sinn3r a9db59feb7 Cosmetic changes, mostly 2012-11-02 14:52:02 -05:00
sinn3r 51b15d8c09 Merge branch 'concrete5_member_list' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-concrete5_member_list 2012-11-02 14:43:49 -05:00
sinn3r 00d0dc3e4d Add CVE-2012-5192 - Bitweaver overlay_type module 2012-11-02 14:20:20 -05:00
sinn3r 38518478bd Format/msftidy fixes 2012-11-02 11:24:34 -05:00
Chris John Riley 891ad4685c $Id and $Revision 2012-11-02 11:24:34 -05:00
Chris John Riley 954ccf1ca1 Added ability to set extension on target 2012-11-02 11:24:33 -05:00
Chris John Riley 01b13480cb Added concrete5.org references 2012-11-02 16:45:41 +01:00
Chris John Riley f3e03ddb42 Concrete5 CMS member list scanner 2012-11-02 16:32:34 +01:00
David Maloney ffca972075 Opps mispalced line 2012-11-02 09:34:32 -05:00
David Maloney 355bdbfa39 Add check for propper powershell version 2012-11-02 09:33:28 -05:00
sinn3r 4f47865636 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-11-02 01:16:54 -05:00
sinn3r 42b285c7f6 Merge branch '403labs-post-pgpass_creds' 2012-11-02 01:16:37 -05:00
sinn3r 1a162d7dd9 Use Rex table, fix 1.8 syntax issues, format fixes 2012-11-02 01:15:47 -05:00
sinn3r c11779a144 Merge branch 'post-pgpass_creds' of git://github.com/403labs/metasploit-framework into 403labs-post-pgpass_creds 2012-11-01 22:50:17 -05:00
Tod Beardsley b1b85bee44 Actually require PhpEXE mixin. 2012-11-01 14:53:18 -05:00
Tasos Laskos 37a9c13c34 updated auxiliary/scanner/http/crawler to accept a callback for each page 2012-11-01 21:20:56 +02:00
David Maloney f843740fcb more fixes 2012-11-01 11:59:18 -05:00
jvazquez-r7 22fbfb3601 cleanup 2012-11-01 17:38:04 +01:00
jvazquez-r7 e720769747 Added module for ZDI-12-171 2012-11-01 17:17:45 +01:00
David Maloney aeb837838f typo 2012-11-01 11:03:50 -05:00
David Maloney 84c8660c96 Fix targets to be more specific 2012-11-01 11:00:45 -05:00
David Maloney 0eccfaf1bb Add a disclosure date 2012-11-01 10:24:28 -05:00
David Maloney 59f5d9bc5d Man i'm rusty at writing for framework
Fixes up all sinn3r's findings so far
2012-11-01 08:37:21 -05:00
David Maloney 00b9fb3c90 Switc smart mgirate to post mod as it should be 2012-10-31 17:03:49 -05:00
David Maloney dd7ab11e38 Minor cleanup 2012-10-31 16:14:34 -05:00
David Maloney 86f6d59d2e Adding the winrm powershell exploit
also adds the smart_migrate meterp script for autorun purposes
2012-10-31 15:46:11 -05:00
David Maloney 86bf3d63b7 Updated Encryption comments 2012-10-31 15:25:33 -05:00
David Maloney 7cf7563a87 Merge branch 'upstream-master' into WinRM_piecemeal 2012-10-31 15:23:32 -05:00
sinn3r 9736d35230 Fix syntax error 2012-10-31 15:14:46 -05:00
sinn3r 98c1272b92 Update the description about AllowUnencrypted 2012-10-31 15:14:46 -05:00
David Maloney 8711484438 minor fixups 2012-10-31 15:14:46 -05:00
David Maloney 09195ad9a7 Adds the WQL execution module 2012-10-31 15:14:46 -05:00
David Maloney d2d137ce68 adds the WinRM CMD execution module 2012-10-31 15:10:45 -05:00
m m e170c1e3e3 typo in centos5 range 2012-10-31 18:28:26 +01:00
m m f7481b160c add centos5 target 2012-10-31 18:21:41 +01:00
jvazquez-r7 ef0f415c51 related to #980 adds support for HttpClient 2012-10-31 17:46:57 +01:00
jvazquez-r7 91e6b7cd28 added ie8 target 2012-10-31 11:57:38 +01:00
jvazquez-r7 a3358a471f Merge branch 'aladdin_bof' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-aladdin_bof 2012-10-31 11:57:20 +01:00
esmnemon 81e56663fd a few ruby cleanups 2012-10-31 09:59:47 +01:00
sinn3r ec8a2955e1 Add OSVDB-86723 Aladdin Knowledge System ChooseFilePath Bof 2012-10-31 03:32:43 -05:00
jvazquez-r7 a2fd377326 module cleanup 2012-10-31 09:20:00 +01:00
jvazquez-r7 38a9761d6e Merge branch 'ntp_readvars' of https://github.com/crashbrz/metasploit-framework into crashbrz-ntp_readvars 2012-10-31 09:06:31 +01:00
Ewerson Guimaraes (Crash) ffe8a980f4 NTP Module - Remove [WARNING] Carriage return EOL 2012-10-30 22:25:23 -02:00
Ewerson Guimaraes (Crash) b085e8ed73 Revert "Update NTP Module"
This reverts commit 8fd34a4475.
2012-10-30 21:43:21 -02:00
Ewerson Guimaraes (Crash) 8fd34a4475 Update NTP Module
Changed the branche and remove CR
2012-10-30 21:08:01 -02:00
jvazquez-r7 357fd1b955 add peer info to print_error message 2012-10-30 17:47:17 +01:00
jvazquez-r7 201f7766d8 Merge branch 'clansphere_lfi_read' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-clansphere_lfi_read 2012-10-30 17:45:45 +01:00
sinn3r a636971b71 Change error message 2012-10-30 11:39:25 -05:00
m m 3e3c518753 remove SessionTypes as per egypt 2012-10-30 17:13:57 +01:00
David Maloney d3bb2b4891 minor fixups 2012-10-30 11:08:57 -05:00
sinn3r 3f3e6814a3 Make sure no extra '/' in there 2012-10-30 10:40:56 -05:00
jvazquez-r7 26808093d8 Merge branch 'nil_res_bug_fixes' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-nil_res_bug_fixes 2012-10-30 16:18:05 +01:00
David Maloney 736b8354d8 Merge branch 'upstream-master' into WinRM_piecemeal 2012-10-30 09:15:36 -05:00
David Maloney c91f0ca535 Adds the WQL execution module 2012-10-30 09:13:55 -05:00
jvazquez-r7 5e873d0697 adding peer information to error message 2012-10-30 12:15:01 +01:00
jvazquez-r7 196d53aee4 Merge branch 'manageengine_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-manageengine_traversal 2012-10-30 12:12:04 +01:00
Zach Grace 5c27c9c953 Added a print_good from the results of store_loot 2012-10-29 15:18:13 -05:00
Zach Grace eda5e8a12f Changed platform type from windows to win and fixed an indentation error. 2012-10-29 14:23:50 -05:00
sagishahar 53c7479d70 Add Windows 8 support
Verified with Windows 8 Enterprise Evaluation
2012-10-29 20:12:47 +02:00
sagishahar 8c46c59142 Add support to Windows 8
Verified with Windows 8 Enterprise Evaluation
2012-10-29 20:11:27 +02:00
sinn3r c878b9077b Rename the DeviceExpert module to avoid confusion 2012-10-29 12:25:07 -05:00
sinn3r 2a202e9035 Add OSVDB-86563 ManageEngine SecurityManager dir traversal 2012-10-29 12:23:48 -05:00
m m 3855ba88b1 add meterpreter/command support to samba exploit using ROP 2012-10-29 17:33:00 +01:00
Tod Beardsley 5c0fb2789f Merge branch 'module-metasploit-pcaplog-privesc' into rapid7-master 2012-10-29 11:32:32 -05:00
Tod Beardsley 65e27ff38a Warn about the potential to jack up /etc/passwd
This needs to be underlined. It's too easy to wang up /etc/passwd by
accident.

This closes PR #632
[Fixes #38593685]
2012-10-29 11:28:27 -05:00
Tod Beardsley 5e80e19a4e Msftidy complaint about EOL spaces 2012-10-29 11:08:03 -05:00
jvazquez-r7 0e3bc7d060 hp operations agent mods: fix use of pattern_create, use ropdb 2012-10-29 15:45:40 +01:00
sinn3r 2c4273e478 Correct some modules with res nil 2012-10-29 04:41:30 -05:00
sinn3r 34731c3e0a Add OSVDB-86720 - Clansphere dir traversarl 2012-10-29 03:44:22 -05:00
HD Moore 3a42eb3f73 New modules and library for the ADDP protocol 2012-10-28 23:04:18 -05:00
sinn3r 9f9ee8a29e Merge branch 'post-pgpass_creds' of git://github.com/403labs/metasploit-framework into 403labs-post-pgpass_creds 2012-10-28 18:18:15 -05:00
Vlatko Kosturjak ce82b37289 Few removals of unneccessary zero bytes in sc 2012-10-28 21:22:33 +01:00
esmnemon b44ec34bfd renamed modbusFindunitID.rb to modbus_findunitid.rb 2012-10-28 15:11:10 +01:00
jvazquez-r7 19920b3275 update module titles for hp operation agent vulns 2012-10-28 02:38:39 +01:00
sinn3r 675e5c0bb5 Merge branch 'modbus-aux' of git://github.com/esmnemon/metasploit-framework into esmnemon-modbus-aux 2012-10-27 18:55:55 -05:00
sinn3r 7a1c3e7cf6 Merge branch 'dmaloney-r7-WinRM_piecemeal' 2012-10-27 18:55:24 -05:00
sinn3r 4e6b5393c5 Merge branch 'manage_engine_sqli' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-manage_engine_sqli 2012-10-27 18:53:47 -05:00
sinn3r 320a23286a Merge branch 'warnings' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-warnings 2012-10-27 18:52:34 -05:00
sinn3r 7db7f1bfdf Merge branch 'turboftp_update' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-turboftp_update 2012-10-27 18:51:41 -05:00
sinn3r 5c23e0af7b Merge branch 'smbversion-domain-notes' of git://github.com/zombieCraig/metasploit-framework into zombieCraig-smbversion-domain-notes 2012-10-27 18:48:48 -05:00
sinn3r c015372ce0 Merge branch 'hp_operations_agent_coda_8c' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_operations_agent_coda_8c 2012-10-27 18:45:36 -05:00
jvazquez-r7 73deeacd7e deleted unnecessary http headers according to my tests 2012-10-28 00:52:52 +02:00
jvazquez-r7 b4b1b77a77 deleted unnecessary http headers according to my tests 2012-10-28 00:51:18 +02:00
jvazquez-r7 51bc806014 Added module for CVE-2012-2019 2012-10-27 22:45:37 +02:00
jvazquez-r7 bcb80431d6 Added module for CVE-2012-2020 2012-10-27 22:43:16 +02:00
zombieCraig 164321a5ed Add Domain notes to smb_version 2012-10-26 11:56:14 -04:00
Zach Grace 3746a3ef64 adding pgpass_creds post module 2012-10-25 21:30:54 -05:00
David Maloney b15c38f819 Fix output to display ip:port 2012-10-25 19:57:29 -05:00
David Maloney fb7af536d5 wtf, bad metadata
Removed extraneous references section
2012-10-25 10:16:12 -05:00
esmnemon 4ae482b71c added a fix for modbusdetect.rb and a new utility modbusFindunitID.rb 2012-10-25 13:17:17 +02:00
David Maloney bfbae5fbb7 Merge branch 'upstream-master' into WinRM_piecemeal
Conflicts:
	lib/msf/core/exploit/winrm.rb
2012-10-24 14:12:28 -05:00
corelanc0d3r b48e355a6d fixed typo and defined badchars 2012-10-24 20:04:54 +02:00
David Maloney a15c35091d Add the WinRM login module 2012-10-24 11:25:39 -05:00
0a2940 2f0c2d76ea remove load statements 2012-10-24 11:01:26 +02:00
0a2940 32ddd981eb linux_kernel mixin not required 2012-10-24 10:58:09 +02:00
0a2940 6d5da1662b Update modules/post/multi/escalate/metasploit_pcaplog.rb
Stance is now passive
2012-10-24 10:55:48 +02:00
sinn3r ede5d0f46b This is meant to be a warning, so we use print_warning 2012-10-24 00:55:54 -05:00
sinn3r 799c22554e Warn user if a file/permission is being modified during new session 2012-10-24 00:54:17 -05:00
sinn3r f1423bf0b4 If a message is clearly a warning, then use print_warning 2012-10-24 00:44:53 -05:00
sinn3r b3e02f119c Merge branch 'payload_ambiguity' of git://github.com/bonsaiviking/metasploit-framework into bonsaiviking-payload_ambiguity 2012-10-23 22:30:47 -05:00
sinn3r 8eb790f62c Final touchup 2012-10-23 19:46:09 -05:00
sinn3r f9bb910c3b Make the check() try SQLI 2012-10-23 19:42:36 -05:00
sinn3r 8c5a73bb7f Change exception handling 2012-10-23 19:34:12 -05:00
sinn3r 90542547c6 Add auto-target, and some changes to cleanup 2012-10-23 19:07:13 -05:00
sinn3r 18fb30074a Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-10-23 16:33:38 -05:00
sinn3r 77c8548855 Merge branch 'dmaloney-r7-WinRM_piecemeal' 2012-10-23 16:33:16 -05:00
Tod Beardsley be9a954405 Merge remote branch 'jlee-r7/cleanup/post-requires' 2012-10-23 15:08:25 -05:00
Michael Schierl 910644400d References EDB cleanup
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
sinn3r 22223d5d81 Better cleanup abilities 2012-10-23 13:58:19 -05:00
Michael Schierl 21f6127e29 Platform windows cleanup
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
2012-10-23 20:33:01 +02:00
James Lee 9c95c7992b Require's for all the include's 2012-10-23 13:24:05 -05:00
sinn3r 4c41319c7c Remove unused vars 2012-10-23 12:55:43 -05:00
sinn3r bef4539915 Update description 2012-10-23 12:47:46 -05:00
sinn3r 3ff888a5c0 Move to 'multi' because it supports windows and linux 2012-10-23 12:41:51 -05:00
sinn3r 5f088fa718 Remove default platform 2012-10-23 12:41:17 -05:00
sinn3r e05d353e8a Add Linux support 2012-10-23 12:40:13 -05:00
Daniel Miller 8deead3bd2 Fix payload ambiguity with php/bind_tcp_ipv6 stager
Was seeing this in framework.log:

[w(0)] core: The module php/meterpreter/bind_tcp is ambiguous with
php/meterpreter/bind_tcp.

Added handler_type_alias based on windows/bind_ipv6_tcp stager.
2012-10-23 12:31:14 -05:00
sinn3r bc3472a9b9 Randomize variable names 2012-10-23 11:41:53 -05:00
sinn3r 923ffe277d Write EXE to JSP instead of using a TCPServer 2012-10-23 11:32:09 -05:00
sinn3r 33ce74fe8c Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1 2012-10-23 02:10:56 -05:00
sinn3r e5ec51a780 Rename file for consistency 2012-10-23 02:05:55 -05:00
sinn3r 669d22c917 Final improvements 2012-10-23 02:05:08 -05:00
David Maloney 2335c582c3 Null response handling 2012-10-23 00:25:31 -05:00
sinn3r 5072156df6 Designed specifically for Windows, so let's move to Windows
Plus additional fixes
2012-10-22 23:01:58 -05:00
sinn3r 2484bb02cf Add the initial version of the module
From EDB.
2012-10-22 22:41:30 -05:00
James Lee b2db3e133d Rescue when the service is crashed
Failed exploit attempts leave the service in a state where the port is
still open but login attmempts reset the connection. Rescue that and
give the user an indication of what's going on.
2012-10-22 17:57:30 -05:00
Tod Beardsley a9def564e7 Add a missing post require 2012-10-22 17:18:14 -05:00
David Maloney e08cedec2e Requested revisions/cleanup
minor fixes to spacing, some typos, and abse64 switched to Rex
2012-10-22 17:01:00 -05:00
Rob Fuller 7437d9844b standardizing author info 2012-10-22 17:01:58 -04:00
Michael Schierl 5b18a34ad4 References cleanup
Uppercase MSB, spaces in URLs.
2012-10-22 22:37:01 +02:00
Michael Schierl f9ac55c221 Infohash key cleanups
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
James Lee 12de87e682 Merge branch 'rapid7' into mubix-remove_delicious
[Closes #946]
2012-10-22 14:18:05 -05:00
Michael Schierl e9f7873afc Version cleanup
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Rob Fuller 49948faa9b remove non-functional enum_delicious module 2012-10-22 14:46:52 -04:00
Michael Schierl 04a6021631 Privileged cleanup: auxiliary modules can't 2012-10-22 20:36:49 +02:00
Michael Schierl 39e81d3e53 Arch/Platform cleanup: aux modules need neither 2012-10-22 20:28:02 +02:00
Michael Schierl e769abc868 Platform cleanup: platform should be lowercase 2012-10-22 20:14:39 +02:00
Michael Schierl 657d527f8d DisclosureDate cleanup: Try parsing all dates
Fix all dates unparsable by `Date.strptime(value, '%b %d %Y')`
2012-10-22 20:04:21 +02:00
Michael Schierl 70ac7c8345 Author cleanup: fix unmatched angle brackets 2012-10-22 19:45:27 +02:00
Michael Schierl d337d5204b Author cleanup: One module did not have an author 2012-10-22 18:38:18 +02:00
sinn3r 469f04d3c4 Merge branch 'mubix-dns_postmods' 2012-10-22 02:04:46 -05:00
sinn3r a3c86f386b Merge branch 'dns_postmods' of git://github.com/mubix/metasploit-framework into mubix-dns_postmods 2012-10-22 01:57:21 -05:00
Rob Fuller d5bb7b1e5b Fix all-inclusive rescue on resolve_hostname as well 2012-10-22 02:32:51 -04:00
Rob Fuller 6a281b22c4 Fix all-inclusive rescue per @wchen-r7 suggestion 2012-10-22 02:22:56 -04:00
sinn3r 997d5b9a22 Merge branch 'post_enum_proxy' of git://github.com/mubix/metasploit-framework into mubix-post_enum_proxy 2012-10-22 00:45:06 -05:00
sinn3r 716f4ab3d2 Merge branch 'post_clone_proxy' of git://github.com/mubix/metasploit-framework into mubix-post_clone_proxy 2012-10-22 00:41:36 -05:00
sinn3r e6df113a05 Merge branch 'dns_postmods' of git://github.com/mubix/metasploit-framework into mubix-dns_postmods 2012-10-21 23:44:50 -05:00
Rob Fuller 84d1c2315c change to OptPath 2012-10-21 22:27:20 -04:00
sinn3r ad9946689e Update description 2012-10-21 16:40:01 -05:00
sinn3r 1821c11369 Code cleanup 2012-10-21 16:40:01 -05:00
sinn3r c404b72d08 Doesn't make a lot of sense setting DefaultTarget to an older one 2012-10-21 16:40:01 -05:00
lincoln@corelan.be c7d12d94b7 turboftp exploit 2012-10-21 16:40:00 -05:00
Rob Fuller 5f99f27899 add proxy setting cloning module 2012-10-21 03:13:35 -04:00
Rob Fuller 86c73e92d4 Add ability to remotely start registry for read 2012-10-21 01:34:34 -04:00
Rob Fuller 431dc31eac proxy parsing post module 2012-10-20 23:25:40 -04:00