HD Moore
3dbfd0b8e3
A little too verbose
...
git-svn-id: file:///home/svn/framework3/trunk@8884 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 22:44:58 +00:00
Tod Beardsley
1458fbad54
Adds some fingerprinting to the tomcat manager login auxiliary module.
...
git-svn-id: file:///home/svn/framework3/trunk@8883 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 22:19:46 +00:00
Tod Beardsley
83d96d713c
Refactoring Auxiliary::AuthBrute. Now that several modules actually use it, the real use cases have become obvious. So, refactored for simplicity and readability. Also touched up all the authentication modules to behave consistently.
...
git-svn-id: file:///home/svn/framework3/trunk@8879 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 20:07:26 +00:00
HD Moore
4c913a576d
Remove OS reporting, this is handled better elsewhere
...
git-svn-id: file:///home/svn/framework3/trunk@8871 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 00:20:09 +00:00
HD Moore
9632f8251a
Move OS-level fingerprints out, report note-level fingerprints instead
...
git-svn-id: file:///home/svn/framework3/trunk@8869 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 00:09:04 +00:00
HD Moore
480380003c
Make verbose status printing standardized across login modules
...
git-svn-id: file:///home/svn/framework3/trunk@8866 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-21 18:42:47 +00:00
Tod Beardsley
c1976e22f3
Adding J Duenow's sport patch to synflood. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@8849 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 16:30:57 +00:00
Joshua Drake
9311253e32
<pre>revert stty -echo execution -- it breaks telnets to some devices</pre>
...
git-svn-id: file:///home/svn/framework3/trunk@8848 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 15:40:15 +00:00
Tod Beardsley
3f69bb8053
Fixes the handling for telnet services when the server is "busy" -- this is common wit HP JetDirect servers, where the server will respond with a busy message up to several seconds after the last connection logged off. While this does mean that credential tests will be skipped, they will at least not be scored incorrectly as false postives.
...
Also, this removes the disconnect() method in favor of self.sock.close(). Disconnect seems to have a tendency to leave sessions half-closed, which will cause a busy state to never clear. self.sock.close doesn't appear to have this effect if you use a slower bruteforce_speed option (3 seems to work all right).
git-svn-id: file:///home/svn/framework3/trunk@8835 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:45:50 +00:00
HD Moore
0f7a6cd1f2
Store the name and domain in the service info
...
git-svn-id: file:///home/svn/framework3/trunk@8826 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-15 21:35:21 +00:00
HD Moore
1b54c0e493
Closes #1129 . Merges in Thomas's xdb_sid_brute patch
...
git-svn-id: file:///home/svn/framework3/trunk@8825 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-15 20:31:53 +00:00
HD Moore
9f4ba25823
Add shiny new Oracle 0day (found by David Litchfield, ported to Metasploit by sid)
...
git-svn-id: file:///home/svn/framework3/trunk@8822 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-15 16:34:46 +00:00
Carlos Perez
5c7045e680
Applied Patch provided by Rob Fuller Mubix
...
git-svn-id: file:///home/svn/framework3/trunk@8819 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-15 00:37:26 +00:00
HD Moore
b1af1feb3f
Use double not single quotes
...
git-svn-id: file:///home/svn/framework3/trunk@8815 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-14 04:13:00 +00:00
HD Moore
821a0bcf37
SMB share enumeration
...
git-svn-id: file:///home/svn/framework3/trunk@8813 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-14 03:44:50 +00:00
HD Moore
84b7f4bb85
Store the nfs service and export information into the db
...
git-svn-id: file:///home/svn/framework3/trunk@8812 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-14 00:34:46 +00:00
Joshua Drake
a6377cc63b
turn off echo for telnet sessions
...
git-svn-id: file:///home/svn/framework3/trunk@8801 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 23:03:44 +00:00
Mario Ceballos
5b6442aa58
added a patch and added a new module from Thomas Ring.
...
git-svn-id: file:///home/svn/framework3/trunk@8800 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 22:55:37 +00:00
Mario Ceballos
b01f9ff233
adds a patch from Thomas Ring.
...
git-svn-id: file:///home/svn/framework3/trunk@8775 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:42:49 +00:00
Tod Beardsley
efbdaba298
Making telnet timeouts much less disasterous, since they can happen pretty commonly.
...
git-svn-id: file:///home/svn/framework3/trunk@8769 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 21:54:20 +00:00
Tod Beardsley
542a9a0617
Report MySQL application-level protocol errors (such as host not allowed messages).
...
git-svn-id: file:///home/svn/framework3/trunk@8767 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 17:56:03 +00:00
Joshua Drake
b419a40c45
finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
...
also some minor cleanups here and there
git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Tod Beardsley
4415e3fbbf
Fixing up ssh_login reporting.
...
git-svn-id: file:///home/svn/framework3/trunk@8759 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 22:07:04 +00:00
Joshua Drake
df395f3ff0
added Brett Gervasoni to authors
...
git-svn-id: file:///home/svn/framework3/trunk@8758 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 09:12:57 +00:00
HD Moore
a239963a7d
Handle wrapped TCP services better
...
git-svn-id: file:///home/svn/framework3/trunk@8756 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:38:28 +00:00
Joshua Drake
5543e4551f
add auxiliary dos module for apache mod_isapi bug
...
git-svn-id: file:///home/svn/framework3/trunk@8752 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:21:17 +00:00
HD Moore
b1973c6630
Adds detection and exploitation coverage for the Energizer Duo trojan
...
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
HD Moore
a35817f0cc
Store more information
...
git-svn-id: file:///home/svn/framework3/trunk@8742 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 13:52:39 +00:00
HD Moore
d5b85db27f
Fixes a false positive when the server always replies with 200 OK
...
git-svn-id: file:///home/svn/framework3/trunk@8740 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 05:26:33 +00:00
HD Moore
a5d05fc2fb
Fix up a typo
...
git-svn-id: file:///home/svn/framework3/trunk@8738 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:39:06 +00:00
HD Moore
5cc63cf983
Report the epm service as well
...
git-svn-id: file:///home/svn/framework3/trunk@8737 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:35:14 +00:00
Tod Beardsley
5ce7b4d186
Pass this_cred for tomcat_mgr_login
...
git-svn-id: file:///home/svn/framework3/trunk@8730 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 20:05:01 +00:00
Tod Beardsley
3d1f773f18
Reimplementing DB2's auth checker to use the same methods as the other auth_brute modules.
...
git-svn-id: file:///home/svn/framework3/trunk@8722 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:44:39 +00:00
Tod Beardsley
a5e187bd69
Add the ability to slow down brute force sessions.
...
git-svn-id: file:///home/svn/framework3/trunk@8719 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:29:26 +00:00
Joshua Drake
0ed5fc1af1
change VERBOSE option from OptString to OptBool
...
git-svn-id: file:///home/svn/framework3/trunk@8715 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 20:59:49 +00:00
James Lee
bf2a64b3ac
use new argument list for get_host
...
git-svn-id: file:///home/svn/framework3/trunk@8711 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:59:55 +00:00
James Lee
4f08e6fd25
treat the database as write-only and use the (improved) target cache, fixes 986
...
git-svn-id: file:///home/svn/framework3/trunk@8708 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:37:58 +00:00
James Lee
b70b17b42a
don't use undefined variables.
...
git-svn-id: file:///home/svn/framework3/trunk@8701 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:51:05 +00:00
James Lee
c07b47b30b
explicitly rescue timeouts since they inherit from ::Interrupt on ruby 1.8
...
git-svn-id: file:///home/svn/framework3/trunk@8694 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 23:08:05 +00:00
Tod Beardsley
7d3ac25586
Adds Citrix-ICA to the UDP sweep discovery module.
...
git-svn-id: file:///home/svn/framework3/trunk@8693 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:48:28 +00:00
Joshua Drake
7a37934a01
process autorun scripts for telnet_login and ssh_login
...
1. create session.process_autoruns in Msf::Sessions::CommandShell
2. call process_autoruns from within the handler on_session code
4. set user_input and user_output in sessions base set_from_exploit method
5. remove on_session from Msf::Sessions::CommandShellOptions
6. include CommandShellOptions into telnet_login and ssh_login
7. call sess.process_autoruns from telnet_login and ssh_login
8. celebrate (while crossing fingers of course)!
git-svn-id: file:///home/svn/framework3/trunk@8692 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:07:50 +00:00
Tod Beardsley
09a669875c
Bumping the minimum version of MySQL to try back to 4.1.20, no problems seen
...
on that build.
git-svn-id: file:///home/svn/framework3/trunk@8691 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 16:52:22 +00:00
Tod Beardsley
453451a26d
Check the version number of the remote MySQL server before attempting
...
to log in. Sadly, the library we're using right now doesn't know
how to correctly negotiate 4.x and 3.x versions of MySQL. Until that
gets resolved (by writing a new library for these old versions),
this will at least prevent false positives/negatives from getting
reported.
git-svn-id: file:///home/svn/framework3/trunk@8681 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 22:56:00 +00:00
Tod Beardsley
e2af2f9ab9
Again.
...
git-svn-id: file:///home/svn/framework3/trunk@8680 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 20:20:37 +00:00
Tod Beardsley
e1a02d602d
Fixing up the tomcat login scanner.
...
git-svn-id: file:///home/svn/framework3/trunk@8679 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 20:20:20 +00:00
HD Moore
304a238d3e
Add pop3/imap4 scanners
...
git-svn-id: file:///home/svn/framework3/trunk@8664 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 19:06:26 +00:00
HD Moore
0d87003497
Rename for consistency
...
git-svn-id: file:///home/svn/framework3/trunk@8662 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 18:48:09 +00:00
HD Moore
2cbf64b85a
Fix up the stored banner for SMTP
...
git-svn-id: file:///home/svn/framework3/trunk@8661 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 18:47:48 +00:00
Joshua Drake
e1c5334d56
add register_autofilter_ports
...
git-svn-id: file:///home/svn/framework3/trunk@8652 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 01:53:02 +00:00
HD Moore
d5e07a3ba9
Change info
...
git-svn-id: file:///home/svn/framework3/trunk@8650 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 01:09:09 +00:00