sinn3r
6b033fb1a8
Only store the password when there's one
2012-11-14 01:25:32 -06:00
jgor
212179b95e
change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password
2012-11-13 23:49:45 -06:00
jgor
721cf41f47
fix nil class error on non-lantronix hosts
2012-11-13 23:46:59 -06:00
Michael Schierl
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
sinn3r
0675a6171b
Cosmetic changes
2012-10-17 17:30:16 -05:00
jvazquez-r7
3bd84e255f
minor cleanup
2012-10-17 22:06:47 +02:00
jgor
9af727388f
deleted superfluous code and comments
2012-10-17 14:27:00 -05:00
jgor
79da6c7186
added Lantronix telnet password recovery module
2012-10-14 12:46:52 -05:00
David Maloney
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
sinn3r
9d97dc8327
Add Metasploit blogs as references, because they're useful.
2012-09-03 15:57:27 -05:00
HD Moore
073205a875
Merge branch 'master' into feature/vuln-info
2012-06-18 20:21:36 -05:00
RageLtMan
909614569a
Revert "Banner encoding fix when running against dd-wrt on ruby 1.9.3"
...
This reverts commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c.
Telnet banner parsing restored
2012-06-18 10:44:06 -04:00
HD Moore
c388cba421
Fix up modules calling report_vuln() to use new syntax
2012-06-17 23:39:20 -05:00
RageLtMan
77f95df1e9
Banner encoding fix when running against dd-wrt on ruby 1.9.3
2012-05-21 14:50:57 -05:00
Tod Beardsley
7a78c99c5e
Adding credit to original PoC guy for RuggedCom
...
Just added and commented. It'd be nice to have a real spot for this kind
of credit, because it comes up a lot and it's hard to parse out in a
machine way who 'wrote' the module and who came up with the exploit.
2012-05-16 13:47:15 -05:00
sinn3r
79a590ccf7
Merge pull request #380 from wchen-r7/bmerinofe-telnet_ruggedcom
...
Modified version of pull request #379 - RuggedCom Telnet Password Generator by bmerinofe
2012-05-13 11:13:27 -07:00
sinn3r
15fbb1e86c
This the modified version of pull request #379 . Changes include:
...
* Add more references
* Update description
* MSF license disclaimer
* Remove the to() function. Instead it's in run_host()
* Put 'info' in the :proof key
* Remove ::Exception handling, so we can see the original that's also logged in framework.log
2012-05-13 04:09:17 -05:00
HD Moore
1d2581ebf4
Cosmetic
2012-04-21 14:51:20 -05:00
Tod Beardsley
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
Tod Beardsley
4369f73c7a
Msftidy fixes on new modules
...
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
David Maloney
a6b10862bd
Adds a lantronix telnet discovery module
2012-02-23 17:22:32 -06:00
HD Moore
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
sinn3r
a758462a32
Remove some whitespace
2012-02-13 11:01:26 -06:00
David Maloney
bf425a6744
Fixed bug that prevented telnet sessions from opening with good creds
2012-01-06 16:59:08 -08:00
HD Moore
2ad5c56d48
Typo in comment
2011-12-27 19:11:09 -06:00
HD Moore
617f3250cf
Handle patched systems accurately (requires actually triggering the bug)
2011-12-27 19:04:34 -06:00
HD Moore
f8e3119215
Add references
2011-12-27 17:50:06 -06:00
David Maloney
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
David Maloney
c984ea41d1
Quick fix to cred sourcing to eliminate spaces in the source type
2011-11-10 20:39:13 -08:00
David Maloney
a88f954640
More Cred Sourcing
...
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
Tod Beardsley
24388f3a38
Adding a CVE reference for weak/blank/guessable passwords.
...
git-svn-id: file:///home/svn/framework3/trunk@11465 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 15:30:17 +00:00
Joshua Drake
9c668b8daf
Super-duper rservices commit -
...
1. Added rsh, rlogin, and rexec auth brute scanners
2. Login negotation moved into new Msf::Auxiliary::Login mixin
3. Centralized session registration for auth brute scanners
4. Telnet and SSH auth brute scanners updated to use new mixins
5. Previously committed rservices mixin (r11093)
git-svn-id: file:///home/svn/framework3/trunk@11106 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 01:23:24 +00:00
Joshua Drake
dbcb6d0dc4
use max instead of .sort.last
...
git-svn-id: file:///home/svn/framework3/trunk@11073 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:34:10 +00:00
Joshua Drake
04858c69fc
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:54:19 +00:00
Tod Beardsley
df48b11093
Makes telnet_login a more resistant to intermittant RSTs. If a machine gives us a reset, try again with a backoff. Only after 3 retries should we give up entirely. You'd be amazed how many devices this is required for.
...
git-svn-id: file:///home/svn/framework3/trunk@10592 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 01:54:56 +00:00
Tod Beardsley
b5fe64aca2
This works around a blocking problem encountered with recv_telnet(). Don't hang around trying to recv when we've already got a password prompt or a success/fail response.
...
git-svn-id: file:///home/svn/framework3/trunk@10590 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 00:48:24 +00:00
HD Moore
e939379b1b
Fix missing end, use explicit Timeout class
...
git-svn-id: file:///home/svn/framework3/trunk@10366 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 04:15:32 +00:00
Tod Beardsley
b023d89469
Wrap SSH and Telnet version checkers in a timeout, or else they sometimes hang forever.
...
git-svn-id: file:///home/svn/framework3/trunk@10365 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 03:00:19 +00:00
Tod Beardsley
6d6a547b34
Fixes #2412 . Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands.
...
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 00:58:20 +00:00
Tod Beardsley
e67e231659
Adds Rex::Text.to_hex_ascii(), replaces the gsub on the banner checks to use it.
...
git-svn-id: file:///home/svn/framework3/trunk@9804 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 18:52:27 +00:00
Tod Beardsley
cb69b0c134
Fixes #2101 . Introduces a proper :skip_user, and adds better comment docs to auth_brute to describe the intended use of each return code.
...
git-svn-id: file:///home/svn/framework3/trunk@9529 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 19:10:15 +00:00
Tod Beardsley
d9ffa9753e
Skip users that are explicitly disallowed from loggin in over telnet.
...
git-svn-id: file:///home/svn/framework3/trunk@9498 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 22:28:59 +00:00
HD Moore
ce12be8533
Dont let the session socket get cleaned up
...
git-svn-id: file:///home/svn/framework3/trunk@9315 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-17 20:34:20 +00:00
Joshua Drake
0e72894e58
more cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Tod Beardsley
08117ca000
Forcing :critical => true for report_auth_info
...
git-svn-id: file:///home/svn/framework3/trunk@9150 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 22:23:37 +00:00
HD Moore
9cc4cab9ec
Duplicate the datastore and manually set user/pass in the telnet/ssh modules
...
git-svn-id: file:///home/svn/framework3/trunk@8943 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 22:57:29 +00:00
Tod Beardsley
25ec5fa444
Do a little better password management for services that don't ask for usernames -- fingerprint them ahead of time, and resort the credentials list in a usernameless way. Also, this allows telnet RST's to be treated just as busy services, since sometimes telnet servers get persnickety about a lot of login attempts, but they do come back shortly.
...
git-svn-id: file:///home/svn/framework3/trunk@8920 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 21:32:32 +00:00
James Lee
fd97c89959
targ_host --> target_host for consistency with other modules
...
git-svn-id: file:///home/svn/framework3/trunk@8907 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 00:41:58 +00:00
Tod Beardsley
83d96d713c
Refactoring Auxiliary::AuthBrute. Now that several modules actually use it, the real use cases have become obvious. So, refactored for simplicity and readability. Also touched up all the authentication modules to behave consistently.
...
git-svn-id: file:///home/svn/framework3/trunk@8879 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-22 20:07:26 +00:00