Patrik Karlsson
ad4a4b2ae3
add module for capturing SIP authentication challenge and response pairs.
...
The module starts a fake SIP server listening for incoming REGISTER requests.
It then triggers an authentication request at the client and captures the
response for cracking in JtR or Cain.
2012-07-18 20:45:08 +02:00
James Lee
ebe48ecf16
Add Rank for schelevator, update sock_sendpage's
2012-07-18 11:16:29 -06:00
James Lee
c1cf71c4e9
Remove debugging load()
2012-07-18 11:02:21 -06:00
sinn3r
981ba60fee
Fix exception handlings
...
Two things:
1. Make msftidy happy
2. Exception handling shouldn't be used to shut errors up.
2012-07-18 12:05:14 -05:00
Rory McCune
464df4ed1d
Oraenum - added error handling
...
The oraenum module has errror handling to catch instances where the user used to run the checks doesn't have the appropriate rights, however in one place (The default password check) the error handling code isn't included. This patch just adds the same check for that code.
2012-07-18 09:22:22 +01:00
James Lee
5110aad0f3
Add better docs on some File methods
2012-07-17 17:32:27 -06:00
James Lee
c9ccb02aae
Clean up rdoc
2012-07-17 17:32:27 -06:00
sinn3r
5dd04c4c3f
Merge branch 'jlee-r7-omg-post-exploits'
2012-07-17 17:44:33 -05:00
sinn3r
f4547527a8
Merge branch 'omg-post-exploits' of https://github.com/jlee-r7/metasploit-framework
2012-07-17 17:43:40 -05:00
sinn3r
b3e11f2e6b
Merge branch 'zenworks_preboot_op6_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-zenworks_preboot_op6_bof
2012-07-17 17:42:58 -05:00
sinn3r
be2c0b027e
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-07-17 17:42:01 -05:00
James Lee
62fe00866d
Add comments about what the block is for
2012-07-17 16:09:17 -06:00
James Lee
6b0196eccc
Add a require for File in Common
2012-07-17 15:48:06 -06:00
jvazquez-r7
80bfd48535
Added module for ZDI-010-090 Opcode 0x6
2012-07-17 23:25:55 +02:00
jvazquez-r7
0514756e92
Added module for ZDI-010-090 Opcode 0x21
2012-07-17 23:25:04 +02:00
James Lee
a1cfb32f93
Fix a typo that breaks post param padding
...
Corner case and doesn't really *break* things, just means you end up
with one big param instead of multiple due to missing ampersands.
2012-07-17 12:29:28 -06:00
sinn3r
312854b892
Merge branch 'omg-post-exploits' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-omg-post-exploits
2012-07-17 11:46:49 -05:00
sinn3r
78edf15a86
Improve module
2012-07-17 08:39:56 -05:00
sinn3r
dde2254f29
rename file
2012-07-17 08:36:02 -05:00
sinn3r
d5711efd26
Merge branch 'master' of https://github.com/j0hnf/metasploit-framework into j0hnf-master
2012-07-17 08:35:49 -05:00
sinn3r
fbe0cb7471
Merge branch 'post_win_gather_creds_gpp_pass' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_win_gather_creds_gpp_pass
2012-07-17 08:28:19 -05:00
jvazquez-r7
6ac6e375a7
Changes according to hdm and sinn3r feedback
2012-07-17 12:02:24 +02:00
jvazquez-r7
7c2ea2ff23
Merge branch 'mysql-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-mysql-capture
2012-07-17 12:01:19 +02:00
sinn3r
3def2afb46
Correct e-mail format
2012-07-17 04:24:54 -05:00
HD Moore
b3eb7b1358
Clean up unicode names
2012-07-17 00:46:28 -05:00
HD Moore
c887e0aaff
Re-add AFP changes due to mangled merge
2012-07-17 00:42:49 -05:00
HD Moore
b6d05c77ca
No, really. Bump
2012-07-17 00:36:19 -05:00
HD Moore
f62e0b1cca
AFP fixes and JTR typo fix
2012-07-16 21:45:45 -05:00
HD Moore
7e50f91d59
Bump
2012-07-16 21:02:40 -05:00
HD Moore
bc2edeace2
Cleanup AFP module output
2012-07-16 21:02:40 -05:00
James Lee
926fd0c6e8
Merge the commandline options with the payload's datastore
...
Not sure why this wasn't happening before. Some output formats were
passing options to Msf::Simple::Payload#generate_simple, some weren't.
This probably fixes several latent bugs.
[FIXRM #7109 ]
2012-07-16 16:07:54 -05:00
James Lee
efe478f847
Merge branch 'master' into omg-post-exploits
2012-07-16 09:20:23 -06:00
HD Moore
428a98c1d1
Dont store files in /tmp with predictable names
2012-07-16 09:53:19 -05:00
Patrik Karlsson
88275620ab
removed JtR support due to bugs in cracking module.
2012-07-16 15:59:43 +02:00
Patrik Karlsson
25a78e6ab0
change so that both Cain and JTR hashes can be stored at the same time and
...
added username report_auth_info
2012-07-16 14:13:35 +02:00
Patrik Karlsson
4859e0809e
add missing username to john hash
2012-07-16 09:14:44 +02:00
HD Moore
8fef1479ed
Trim string fields at first null
2012-07-15 23:12:40 -05:00
HD Moore
a57e712630
Be less verbose
2012-07-15 22:19:12 -05:00
HD Moore
b133428bc1
Better error handling in two web app modules
2012-07-15 21:56:00 -05:00
HD Moore
10db74d480
Show the IP address in the output
2012-07-15 21:35:43 -05:00
HD Moore
7f3aeca501
Put lipstick on this pig for the time being
2012-07-15 21:35:29 -05:00
James Lee
7091d1c65b
Add an exploit for sock_sendpage
...
Unfortunately, adds a dep on bionic for runtime compilation.
Gets ring0, sets the (res)uid to 0 and jumps to the payload. Still some
payload issues because linux stagers don't mprotect(2) the buffer they
read(2) into. Single payloads work fine, though.
Also cleans up and improves local exploits' ability to compile C.
[SEERM #3038 ]
2012-07-15 20:29:48 -06:00
HD Moore
4509c11916
Fingerprint dd-wrt even when auth is required
2012-07-15 21:21:13 -05:00
HD Moore
6c058d9a9a
Skip blank usernames (corner case)
2012-07-15 21:14:55 -05:00
HD Moore
f111ae097e
Bail early if the user did not configure an injection parameter
2012-07-15 21:14:39 -05:00
HD Moore
44e56c87f1
Make super sure that blank creds are not reported
2012-07-15 20:56:31 -05:00
Patrik Karlsson
8889d89eea
msftidy cleanup
2012-07-16 02:07:45 +02:00
Patrik Karlsson
6331c33472
add MySQL password capturing module
...
This module provides a fake MySQL service that is designed to
capture authentication credentials. It captures challenge and
response pairs that can be supplied to Cain or JTR for
cracking.
2012-07-16 01:55:22 +02:00
HD Moore
0230ef60f6
Cosmetic
2012-07-15 15:46:54 -05:00
HD Moore
d6c6a3d0c5
Correct an issue with payload recalc during iteration
2012-07-15 15:45:25 -05:00