856ad7e83d
heartbleed - Better output on wrong jabber domain and add. nil? check
2014-04-09 21:53:17 +02:00
2de210f1c3
Land #3216 - Update @Meatballs1 and @FireFart in authors.rb
2014-04-09 16:38:10 -05:00
fec089d88d
Land #3219 , openssl_heartbleed XMPP fix from @natronkeltner
2014-04-09 20:42:55 +02:00
7a424784f8
Change default TLS Version to 1.0
...
Canonical testing shows this to be more widely supported, and yielding far more vulnerable hosts. Changing default to reflect that.
Experience of others in #metasploit seems similar.
2014-04-09 13:45:00 -05:00
e2b50d3709
fix openssl_heardbleed
...
-) XMPP Domain now configurable
-) Missing get_once to initiate the TLS connection
2014-04-09 20:39:33 +02:00
5696e52fac
Fix jabber to field
2014-04-09 13:48:45 -05:00
28a471e446
Land #3221 , @Firefart's fix for pop3 starttls
2014-04-09 13:31:45 -05:00
bea810b5d6
Add jabber fix from @natronkeltner
2014-04-09 13:11:45 -05:00
76a9381b2a
Make the title of the Heartbleed module searchable
...
Right now, the title does not actually tie the Heartbeat check to the
Heartbleed attack, so people searching strictly on module title are not
going to get a hit for this module.
2014-04-09 11:03:01 -05:00
899a7c9ea4
heartbleed bugfix for pop3
2014-04-09 17:51:44 +02:00
062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
3849d1517f
Restore author credit
2014-04-09 09:42:39 -05:00
8d38087a10
Fix case / when indention
2014-04-09 09:12:55 -05:00
0e0fd20f88
Added RFC link
2014-04-09 15:19:29 +02:00
a0a5b9faa1
Fix heartbleed module
...
-) incorrect length read
-) Parse TLS errors
2014-04-09 15:08:24 +02:00
a93e22b5c0
Land #3209 , @Firefart's heartbleed's module fix
2014-04-09 06:38:06 -05:00
4e7c675f3c
Fix typo, extraquote in message
2014-04-09 10:22:15 +02:00
cdfe333572
updated heartbleed module
...
-) Heartbeat length was added twice
-) Use the current date for the TLS client_hello
2014-04-09 09:19:05 +02:00
5e314f2a7c
Fix outstanding issues
2014-04-08 20:11:28 -05:00
a4e1d866e1
Favor nil?
2014-04-08 18:21:49 -05:00
153e003e23
Do small fixes
2014-04-08 18:21:09 -05:00
39aecb140a
Use the datastore option
2014-04-08 16:55:08 -05:00
496dd944e6
Add support for datastore TLSVERSION
2014-04-08 16:51:50 -05:00
d51aa34437
Use Random generation Time as pointed by @Firefart
2014-04-08 16:46:15 -05:00
d964243cc4
Move heartbeat length to a variable
2014-04-08 16:33:05 -05:00
3d6c553efd
Fix endianess
2014-04-08 16:29:31 -05:00
373b05c5aa
Minimize extensions in the Hello
2014-04-08 16:21:38 -05:00
3254cce832
Align comment
2014-04-08 16:04:38 -05:00
c20b71e7b6
Switch to vprint unless success
2014-04-08 16:03:38 -05:00
7dbd690c99
Add new references
2014-04-08 16:01:06 -05:00
a55579dd4a
Fix references
2014-04-08 15:56:56 -05:00
4004cd8f9a
Allow hello data to grow dinamically
2014-04-08 15:52:39 -05:00
b8e2c9fe42
Clean and fix @Firefart's code
2014-04-08 15:32:13 -05:00
80bdbbed92
Solve conflict
2014-04-08 15:18:38 -05:00
8c7debb81d
Added some comments and modified JABBER
2014-04-08 22:13:02 +02:00
021da84459
Add authors and switch and's format
2014-04-08 15:10:27 -05:00
9c053a5b91
Added additional protocols
2014-04-08 21:56:05 +02:00
5f29026cb2
Complete @Firefart's module
2014-04-08 14:13:56 -05:00
ac0cafcca6
Initial commit for openssl Heartbleed bug
2014-04-07 21:15:54 +02:00
Christian Mehlmauer
sinn3r
Jeff Jarmoc
jvazquez-r7
Tod Beardsley
julianvilas
William Vu