infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,836 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

363 Commits (925cd63171be5b9cf0afd00f81d34833b37e75a7)

Author SHA1 Message Date
Tod Beardsley c4d1a4c7dc
Revert #4022, as the solution is incomplete 
Revert "Land 4022, datastore should default TLS1 vs SSL3"

This reverts commit 4c8662c6c1, reversing
changes made to 0937f32ff9.
 2014-10-15 12:32:08 -05:00
Tod Beardsley 1754b23ffb
Datastore options should default to TLS1, not SSL3 
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)

Squashed commit of the following:

commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:19:04 2014 -0500

    Whoops missed one

commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:16:59 2014 -0500

    Other datastore options also want TLS1 as default

commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Wed Oct 15 10:12:06 2014 -0500

    TCP datastore opts default to TLS1

    Old encryption is old. See also: POODLE
 2014-10-15 10:28:53 -05:00
Jon Hart e86b18cdd4
Add sanity check for NUM_REQUESTS 2014-09-22 11:48:39 -07:00
Josh Abraham cd8b1318e0 send data based on input not @probe 2014-09-20 15:18:58 -04:00
Josh Abraham 3fb00ece9e refactored the code based on PR feedback 2014-09-20 14:10:00 -04:00
Josh Abraham c216cf8c53 added spoofing capabilities to udp_scanner 2014-09-19 10:29:05 -04:00
David Maloney ef748fdef7
check if database is connected first 
wooops
 2014-09-08 12:54:19 -05:00
David Maloney 093f488360
add db_all_cred methods to authbrute 
adds 3 methods to add db_all_creds functionality back to
the loginscanners
 2014-09-04 12:20:42 -05:00
Jon Hart 677d7804ae Fix bad merge 2014-08-26 10:49:54 -07:00
Jon Hart 162508f532 Update NAT-PMP modules to use new/updated mixins 2014-08-26 10:49:53 -07:00
Jon Hart 816404bb88 Move common NAT-PMP functionality into a central place 2014-08-26 10:49:53 -07:00
Jon Hart 337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification 2014-08-26 07:48:44 -07:00
Jon Hart 9749c78632
Add amplification multiplier for vulnerable proofs 2014-08-26 07:36:38 -07:00
William Vu 1ee83ff57e
Land #3696, pile of NTP DRDoS 0days 
Dr. DoS in da house?
 2014-08-25 11:47:28 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master 
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
 2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging" 
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
 2014-08-22 10:17:44 -05:00
Jon Hart 8fd4ee87ab
Allow singular NTP version and mode 7 implementation testing 2014-08-20 12:21:39 -07:00
HD Moore 5e123e024d Add 'coding: binary' to all msf/rex library files 
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
 2014-08-17 17:31:53 -05:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging 
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
 2014-08-15 11:33:31 -05:00
Jon Hart d6198c786d
Move rdoc for Msf::Auxiliary::DRDoS 2014-08-08 23:23:48 -07:00
Jon Hart ddcaa11216
Add new mixin for helping to detect DRDoS vulns 2014-08-08 23:15:09 -07:00
Jon Hart ed3ccdc9e0
Initial commit of modules for NTP vulns described in R7-2014-12 
Not entirely functional or polished, but mostly working
 2014-08-08 21:00:43 -07:00
sinn3r e432f3f442 Support all text-based ctypes 2014-08-07 11:10:32 -05:00
Luke Imhoff ceb8a0f5c2
Extract option require pattern to helper Module 
MSP-10905

`Metasplot::Framework::Require.optionally` can be used to optionally
require a library and then issue a warning if the require fails or run a
block when it succeeds.
 2014-07-30 10:07:53 -05:00
Luke Imhoff f5ff22eba4
msfconsole with bundle install --without db 
MSP-10905
 2014-07-29 14:46:44 -05:00
James Lee eee72a86ba
Fix the case when john cracks only half of LM 2014-07-23 15:25:32 -05:00
David Maloney 62f4054858
startring refactor on jtr_mssql 
started work on the mssql hash cracker
fixed some minor bugs with the underlying mixin
crackers now runs. still have to have the cred objects created
 2014-06-18 14:50:08 -05:00
David Maloney 34c0b00816
don't autload this mixin 
causes laod order problems when we try to
autoload this mixin. We will just explicitly require
 2014-06-17 16:10:09 -05:00
David Maloney 763f6f8d80
finish cleaning up jtr mixin 
finish cleaning up the module mixin for jtr
 2014-06-17 15:16:32 -05:00
David Maloney 432b88680b
start fixing jtr module mixin 2014-06-17 13:27:11 -05:00
Trevor Rosen dee4acdb2a Merge pull request #27 from rapid7/feature/MSP-9725/windows_hashdump 
Windows Hashdump post module refactor

MSP-9725 #land
 2014-05-30 14:04:31 -05:00
Trevor Rosen 8bcd763039 Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner 
Feature/msp 9685/telnet login scanner

MSP-9685 #land
 2014-05-30 13:40:18 -05:00
David Maloney 782c8bd172
Merge branch 'staging/electro-release' into feature/MSP-9725/windows_hashdump 2014-05-30 13:28:35 -05:00
David Maloney ba525c7b78
use metasploit-credential creation methods 2014-05-30 13:07:11 -05:00
David Maloney 98a23881ee
remove cred creation methods 
removed cred creation methods from framework
and include them from the metasploit-credential gem instead
 2014-05-30 11:28:53 -05:00
David Maloney e3c4745879
Windows Hashdump post module refactor 
refactor the Hashdump post module for window
to use the new cred creation methods.
Also some extra methods to do db safe checks
for record ids that we need
 2014-05-29 13:20:32 -05:00
David Maloney eb04a3774a
fixes for telnet wierdness 
had to work around the way the old
Auxiliary::Login mixin worked. Scanner
now works properly
 2014-05-29 10:43:00 -05:00
David Maloney deabd1c3b0
tidy the YARD 
some more cleanup, in the YARD
docs this time.
 2014-05-28 09:30:45 -05:00
David Maloney 32b88c2db6
final fixes to login creation 2014-05-23 10:58:21 -05:00
David Maloney ac9af000af
full cred creation rotuine done 
creating Logins as a seperate method, both
methods are done and fully documented.
 2014-05-22 13:53:26 -05:00
David Maloney 19e36cccb3
Credential Core creation now complete 2014-05-21 16:37:13 -05:00
David Maloney 3ea99a9d43
private creation w/ specs and docs 
the private creation method is now done
with specs and YARD docs
 2014-05-21 13:21:56 -05:00
David Maloney 2629549f6f
added realm creation 
added method for creating credential realm
creation.
 2014-05-21 11:22:22 -05:00
David Maloney ce69f742a4
add yarddocs to origin methods 
added YARD docs to the creation methods for
Credential::Origins
 2014-05-20 11:16:19 -05:00
David Maloney 9cdddb08d9
origin specs for realsies 
final specs and fixes for the origin creation
methods
 2014-05-20 10:19:03 -05:00
David Maloney b84aaaad19
specs and fixes for origin creation 2014-05-20 09:59:15 -05:00
David Maloney ddfa4f1ee7
some origin creation specs 
started getting working specs
for the origin creation methods. feel
into the weeds for a bit, but making progress at last.
 2014-05-19 15:16:02 -05:00
David Maloney 9efb97d465
origin creation method 
added base behaviour for creating generic
credential origin objects from report
 2014-05-19 10:00:19 -05:00
nstarke a71be33091 Adjusting status message to be based on time 
Previously the status message timing was determined by the number of
pairs left to process.  I have adjusted the code to rely on Time.now
in order to consistently print a message out every 60 seconds.
 2014-05-09 14:39:34 +00:00
nstarke ace9e797e1 Adding count-based print message 
This commit removes the creation of a separate, timed
thread for printing out status messages to the user
in the case of large PASS_FILEs.  This adjustment eliminates
the overheard of context switching associated with
spinning off separate threads, as well as the dangers
associated with the Thread#kill method.
 2014-04-29 22:10:08 +00:00