HD Moore
7fcf5b3dc2
Lots of new targets merged in for MS08-067 including Brett Moore's 2003 SP2 DEP bypass
...
git-svn-id: file:///home/svn/framework3/trunk@5812 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 05:16:02 +00:00
HD Moore
08d296240a
Add the license to the actual .[ch] files and remove the inaccurate readme
...
git-svn-id: file:///home/svn/framework3/trunk@5811 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 22:30:32 +00:00
HD Moore
675e03c272
Clarify the licensing between reflective and vnc
...
git-svn-id: file:///home/svn/framework3/trunk@5810 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 22:22:58 +00:00
HD Moore
ac70cc88eb
Remove the giant program database
...
git-svn-id: file:///home/svn/framework3/trunk@5809 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 22:21:46 +00:00
HD Moore
345837485f
Remove the Release object directory
...
git-svn-id: file:///home/svn/framework3/trunk@5808 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 22:21:01 +00:00
HD Moore
835ce24792
Add the modified VNC DLL from Stephen Fewer
...
git-svn-id: file:///home/svn/framework3/trunk@5807 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 22:20:37 +00:00
HD Moore
56a413d803
Reflective DLL injection payloads from Stephen Fewer
...
git-svn-id: file:///home/svn/framework3/trunk@5806 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 22:17:32 +00:00
HD Moore
dfbc35da3c
Patch for ms08-067 from antoine, fixes braindead bug on my part, should increase reliability
...
git-svn-id: file:///home/svn/framework3/trunk@5805 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 17:21:07 +00:00
HD Moore
a4d53893ac
Improvements to opty2 from vlad902:
...
1) Fixed a minor bug, sometimes Opty2 would generate C1 /6 instructions which most processors will execute but which are not technically valid (they would exist for SAL but SAL is an alias for SHL so it is defined as C1 /4).
2) I changed the 0x90 nop instruction so that it is no longer considered that 0x90 changes the eax register.
3) Removed o16/0x66 prepend byte from 0x0f, this is currently unused anyways but might prevent some poor person from debugging it in the future.
4) Previously short jumps would only make positive jumps, I added the capability for them to make a "-1" jump which would basically just start executing at the offset byte. For example it could generate something like EB FF XX YY ... where EB FF jumps to FF XX YY ...
5) I added support for the instructions mov reg, segreg (8C), mov reg, imm8/imm32 (C6/C7), and lea reg, mem (8D). I implemented LEA so that it only allows memory references to be in ModR/M form and not be in SIB form (I don't think it's possible to allow SIB in the way Opty2 works at the moment).
git-svn-id: file:///home/svn/framework3/trunk@5804 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 07:30:52 +00:00
HD Moore
e9d133e9aa
Remove the while(true) which snuck into this module
...
git-svn-id: file:///home/svn/framework3/trunk@5803 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 07:21:53 +00:00
kris
330bd2ef5b
Update some of my aux modules that require a successful login to not continue
...
running without it
git-svn-id: file:///home/svn/framework3/trunk@5802 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 00:52:38 +00:00
kris
4740e6e452
Adding DoS aux module for the Victory FTP Server v5.0
...
git-svn-id: file:///home/svn/framework3/trunk@5801 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-29 21:57:31 +00:00
kris
3c4aec43d5
Adding DoS aux module for the PacketTrap TFTP server
...
git-svn-id: file:///home/svn/framework3/trunk@5800 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-29 17:28:34 +00:00
kris
025b7410a0
Remove spurious ] from db_services output for consistency with other db output
...
git-svn-id: file:///home/svn/framework3/trunk@5799 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-29 13:10:22 +00:00
HD Moore
f9f6c8d3e6
Adds an initial exploit for MS08-067, support for XP SP2/SP3 DEP, 2003 SP0/SP2 no-DEP.
...
git-svn-id: file:///home/svn/framework3/trunk@5798 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-28 07:35:17 +00:00
kris
aec269616a
Ignore EACCES from connect in TCP portscanner aux module. This can be caused
...
by (at least) ICMPv6 Administratively Prohibited messages, on at least Linux.
I got these by scanning ports 21-23 on ipv6.google.com, for example.
git-svn-id: file:///home/svn/framework3/trunk@5797 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-28 02:55:10 +00:00
kris
71885912b8
Allow more flexible (Nmap-esque) port specifications in TCP portscan aux module,
...
so things like "21-25,80,443", "1024-" and "-" behave like you expect. This
replaces the PORTSTART and PORTSTOP options with a single PORTS option.
git-svn-id: file:///home/svn/framework3/trunk@5796 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 23:33:34 +00:00
kris
3e8c5ecebc
Fix db_add_host (undefined variable)
...
git-svn-id: file:///home/svn/framework3/trunk@5795 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 22:47:09 +00:00
kris
9d565f9a51
Fix CERT ref numbers in bailiwicked DNS aux modules
...
git-svn-id: file:///home/svn/framework3/trunk@5794 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 22:26:48 +00:00
Mario Ceballos
e700980288
update the return. thanks jacop.
...
git-svn-id: file:///home/svn/framework3/trunk@5793 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 20:50:44 +00:00
druid
a07a3af2d6
Adds a method hook for any primer code needed to execute immediately after server startup.
...
git-svn-id: file:///home/svn/framework3/trunk@5792 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 20:31:40 +00:00
HD Moore
c0ffd16629
Patch from antoine, corrected description and pre-calculated hashes
...
git-svn-id: file:///home/svn/framework3/trunk@5791 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 17:58:56 +00:00
et
ae3ea1280c
Wmap documentation updated with reporting
...
git-svn-id: file:///home/svn/framework3/trunk@5790 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 02:50:55 +00:00
et
75be2e33ad
Added module reporting and wmap_reports command
...
git-svn-id: file:///home/svn/framework3/trunk@5789 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 02:22:30 +00:00
HD Moore
ce58c15d6e
Switch to cain&abel / halflm tables compatible challenge
...
git-svn-id: file:///home/svn/framework3/trunk@5788 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-26 21:53:36 +00:00
et
ebc5294574
Added new wmap sqlmap module
...
git-svn-id: file:///home/svn/framework3/trunk@5787 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-25 03:26:50 +00:00
Ramon de C Valle
8d19ba7bbf
Changed AIX_VERSION to AIXLEVEL
...
git-svn-id: file:///home/svn/framework3/trunk@5786 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 13:22:12 +00:00
et
29e983567e
removed reports_exist check
...
git-svn-id: file:///home/svn/framework3/trunk@5785 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 04:23:54 +00:00
et
c4dc77c15b
fixed ip handling and CN parsing
...
git-svn-id: file:///home/svn/framework3/trunk@5784 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 03:19:24 +00:00
Ramon de C Valle
c66d6c4e46
Set property 'svn:keywords'
...
git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 02:43:21 +00:00
Ramon de C Valle
eb0c6d1a65
Added missing Linux x86 payload modules from unixasm
...
git-svn-id: file:///home/svn/framework3/trunk@5782 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 02:19:50 +00:00
Ramon de C Valle
693202fd4b
Updated AIX POWER/PowerPC payload modules
...
git-svn-id: file:///home/svn/framework3/trunk@5781 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 02:04:18 +00:00
HD Moore
1df0612f61
Adds a case-sensitivity permutation routine
...
git-svn-id: file:///home/svn/framework3/trunk@5780 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 22:43:13 +00:00
HD Moore
65419ad206
Adds routines/tools for cracking the NTLM hash from the plaintext case-insensive LANMAN password
...
git-svn-id: file:///home/svn/framework3/trunk@5779 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 22:42:52 +00:00
pusscat
16612cacba
Rename
...
git-svn-id: file:///home/svn/framework3/trunk@5778 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 17:51:12 +00:00
pusscat
822234771f
Initial import of the bea oracle weblogic apache plugin
...
git-svn-id: file:///home/svn/framework3/trunk@5777 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 17:44:57 +00:00
et
13ab6ed2d8
added ssl host name detection module
...
git-svn-id: file:///home/svn/framework3/trunk@5776 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 05:31:55 +00:00
et
f98c87ff22
added directory scanner
...
git-svn-id: file:///home/svn/framework3/trunk@5775 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 02:31:52 +00:00
Ramon de C Valle
e6127313c9
Updated AIX POWER/PowerPC payload modules
...
git-svn-id: file:///home/svn/framework3/trunk@5774 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:41:12 +00:00
Ramon de C Valle
f124597a56
Code cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
Ramon de C Valle
4c847e0d44
Fixed typo
...
git-svn-id: file:///home/svn/framework3/trunk@5772 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 20:38:07 +00:00
et
7e73ed8c15
first attempt of reporting implementation.
...
git-svn-id: file:///home/svn/framework3/trunk@5771 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 20:32:14 +00:00
Ramon de C Valle
c34bbae344
Added payload advanced packing types for 16/16 and 22/10 bits substitution
...
git-svn-id: file:///home/svn/framework3/trunk@5770 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 20:32:14 +00:00
Mario Ceballos
3de5bab19b
added exploit module zenturiprogramchecker_unsafe.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5769 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 13:15:53 +00:00
HD Moore
deea354fbb
Wrap the modulation setting as well
...
git-svn-id: file:///home/svn/framework3/trunk@5768 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-17 18:31:09 +00:00
HD Moore
4a3b540685
Handle the txrate error better
...
git-svn-id: file:///home/svn/framework3/trunk@5767 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-17 17:46:05 +00:00
HD Moore
7d98de2fed
Handle cases where lorcon cant change the txrate (zdw driver)
...
git-svn-id: file:///home/svn/framework3/trunk@5766 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-17 17:35:35 +00:00
HD Moore
4eac2506b8
Add TXRATE and TXMOD options
...
git-svn-id: file:///home/svn/framework3/trunk@5765 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-17 15:58:33 +00:00
Ramon de C Valle
fbed757aa5
Added webrick_regex.rb module from Kris Katterjohn
...
git-svn-id: file:///home/svn/framework3/trunk@5764 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-17 15:40:20 +00:00
et
ff546b3c0a
added reports table
...
git-svn-id: file:///home/svn/framework3/trunk@5763 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-17 13:40:11 +00:00