a9a1146155
fix more ssh option hashes
2016-09-20 01:30:35 -05:00
e315ec4e73
Merge branch 'master' into bug/7321/fix-ssh-modules
2016-09-19 15:27:37 -05:00
06ff7303a6
make pubkey verifier work with old module
...
make the new pubkey verifier class and
the old identify_pubkeys aux module work
together
7321
2016-09-19 15:20:35 -05:00
4ba1ed2e00
Fix formatting in fortinet_backdoor
...
Also add :config and :use_agent options.
2016-09-16 12:32:30 -05:00
26491eed1a
pass the public key in as a file instead of data
...
when using key_data it seems to assume it is a private
key now. the initial key parsing error can be bypassed
by doing this
7321
2016-09-16 11:48:51 -05:00
dfcd5742c1
some more minor fixes
...
some more minor fixes around broken
ssh modules
7321
2016-09-15 14:25:17 -05:00
e10c133eef
fix the exagrid exploit module
...
split the exagrid exploit module up and
refactor to be able to easily tell if the
key or the password was used
7321
2016-09-15 11:44:19 -05:00
7352029497
first round of SSL damage fixes
2016-09-13 17:42:31 -05:00
20947cd6cd
remove old dependency on net-ssh moneykpatch
...
the ssh_login_pubkey scanner relied on functionality that
was monkeypatched into our vendored copy. this was an uneeded solution
in the first palce, and we now use a more sane method of accomplishing
the same thing
2016-08-22 10:54:09 -05:00
ff63e6e05a
Land #7018 , unvendor net-ssh
2016-07-19 17:06:35 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
b6b52952f4
set ssh to non-interactive
...
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password
MS-1688
2016-07-14 11:12:03 -05:00
01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-14 09:48:28 -05:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
3d93c55174
move sshfactory into a mixin method
...
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention
MS-1688
2016-06-28 15:23:12 -05:00
6c3871bd0c
update ssh modules to use new SSHFactory
...
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH
MS-1688
2016-06-24 13:55:28 -05:00
5bc513d6cd
get ssh sessions working properly
...
ssh sessions now working correctly
MD-1688
2016-06-24 12:14:48 -05:00
3e94abe555
put net:ssh::commandstream back
...
this was apparently our own creation for doing
ssh sessions
MD-1688
2016-06-22 15:02:36 -05:00
3dfdf1d936
Land #6528 , tilde expansion and more for OptPath
2016-05-24 16:01:59 -05:00
48c25dd863
Remove need for expand_path in this module; normalize handles it now
2016-05-24 13:30:12 -07:00
3df4c38e82
Use correct key file var
2016-05-24 13:28:08 -07:00
9c61490676
Fix some inconsistencies
...
Failed to catch these while editing. :(
2016-05-17 02:50:12 -05:00
92d07f74ff
Remove unnecessary double expand_path
2016-05-16 17:34:12 -07:00
8bccfef571
Fix merge conflict
2016-05-16 17:29:45 -07:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
41b802a8a2
Clean up module
2016-04-01 13:54:27 -05:00
7fc2c860e9
remove comment
2016-03-29 21:26:36 -04:00
d35b5e9c2a
First add of CVE-2015-7755
2016-03-29 21:20:12 -04:00
38153d227c
Move apache_karaf_command_execution to the SSH directory
...
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
6323f7f872
Fix a couple overlooked issues
2016-03-13 23:35:05 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
aa5b201427
Revert "revert ssl_login_pubkey for now"
...
This reverts commit 7d773b65b6
2016-03-07 13:19:33 -06:00
7d773b65b6
revert ssl_login_pubkey for now
2016-03-07 14:44:23 +01:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
c5a9d59455
Land #6612 , one final missing change
2016-02-29 15:08:42 -06:00
cb0493e5bb
Recreate Msf::Exploit::Remote::Fortinet
...
To match the path, even though it's kinda lame including it just for the
monkeypatch.
2016-02-29 15:04:02 -06:00
a6a37b3089
Land #6612 , missing commits included
2016-02-29 14:06:21 -06:00
300fdc87bb
Move Fortinet backdoor to module and library
2016-02-29 12:06:33 -06:00
2950996cb8
Land #6612 , Add aux module for Fortinet backdoor
2016-02-29 12:02:49 -06:00
53d703355f
Move Fortinet backdoor to module and library
2016-02-29 11:57:42 -06:00
2e268a25da
Land #6596 , Apache Karaf Login Utility
2016-02-25 14:39:51 -06:00
aa7c3f01a8
Update name and description
2016-02-25 14:39:19 -06:00
7e25c7b87b
Handle OpenSSL::Cipher::CipherError
...
Our current net/ssh is petty outdated, so it is possible not being
able to connect to certain SSH servers.
2016-02-25 14:35:37 -06:00
7d20e26a35
Move to aux/scanner/ssh
2016-02-25 11:22:50 -06:00
cd86db2734
Update ssh_identify_pubkeys to support symbolic path names
2016-02-03 14:21:54 -08:00
53d4e31844
Allow OptPath to valid symbolic paths that need expansion
2016-02-03 14:12:03 -08:00
49beca4e40
Fix ssh_identify_pubkeys to accept keyfiles with authorized commands
...
Previously, something like this would fail:
command="/some/script.sh" ssh-rsa adsfadfa root@whatever
This format is valid authorized_keys and should work here too. It does
now.
2016-02-03 13:50:17 -08:00
Brent Cook
David Maloney
William Vu
James Lee
Jon Hart
wchen-r7
h00die
Christian Mehlmauer