infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,491 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

620 Commits (926c11139e7343687a78bd2aaaa286132a4dbab6)

Author SHA1 Message Date
David Maloney 6011da7db8 More Virtualisation SSL fixes 2012-03-15 19:06:48 -05:00
Gregory Man b0ba10f79c Added afp_login module. 2012-03-13 10:01:42 +02:00
Gregory Man 5b13b7d1d9 Extracted common AFP functionality to mixin 2012-03-13 09:56:03 +02:00
HD Moore 7b32bc689f Swap URIPATH to TARGETURI for consistency 2012-03-12 13:58:33 -05:00
Tod Beardsley de888e50f0 Adding a cleaner RuntimeError to target_uri 
The purpose of re-raising an error from a library method like this is to
tell the user in no uncertain terms what all actually went wrong with the
module. This fix will cause a somewhat more pleasant error message than
the default message. Here's the raise from URI:

```
[-] Auxiliary failed: URI::InvalidURIError bad URI(is not URI?): what%ever
[-] Call stack:
[-]   /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:156:in `split'
[-]   /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:174:in `parse'
[-]   /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:626:in `parse'
[-]   /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:724:in `URI'
[-]   /home/todb/git/rapid7/metasploit-framework/lib/msf/core/exploit/http/client.rb:535:in `target_uri'
[-]   /home/todb/.msf4/modules/auxiliary/test_uri.rb:20:in `run'
[*] Auxiliary module execution completed
```

And here's the new, Metasploit-specific one:

```
[-] Invalid URI: "what%ever"
[-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: URIPATH.
[*] Auxiliary module execution completed
```

The user can now tell easily what's wrong with the module configuration,
and doesn't have to parse through a stack trace that leads down into
the Ruby stdlib.
 2012-03-10 10:58:16 -06:00
sinn3r cc87ed8428 Remove weird error handling unless someone explains to me why I need to raise errors when it does already 2012-03-09 18:42:06 -06:00
sinn3r 0530eb4b09 Add target_uri 2012-03-09 14:44:32 -06:00
James Lee f7e60cefed Add a fingerprint for pg on ubuntu 8.04.2 2012-02-23 16:11:52 -07:00
James Lee 89e0842b1e Add vim_soap to the mixins list. 
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
 2012-02-20 13:17:45 -07:00
David Maloney 36dc0fee50 Better dynamic soap generation for all the vmware stuff 2012-02-18 18:29:46 -06:00
David Maloney e9b2e060d6 Permissions scanner for vmware 
Fixed the way loot was getting stored to set a propper type
 2012-02-16 02:19:33 -06:00
David Maloney 8d7ddab2af Some minor bug fixes 
Added vm_tag module for 'flag planting'
 2012-02-16 00:45:48 -06:00
David Maloney c5ae56a147 Adding User Enumeration Scanner for vmware 2012-02-15 22:55:11 -06:00
David Maloney c9cf47bd4c Add Terminate Session module and some extra goodness to enum sessions 2012-02-15 16:39:13 -06:00
David Maloney 67ba39cc3e Adds a scanner to pull active login sessions off servers 2012-02-15 02:27:25 -06:00
David Maloney e0f11992af Gah screwed up that commit, accidentally chunked out the rescues. 2012-02-15 02:12:06 -06:00
David Maloney 6b539036c9 Fix fingerprinting in the vmware_http_login module 2012-02-15 01:54:34 -06:00
David Maloney e67e9ab34f Adds a power off vm aux module 2012-02-14 20:52:45 -06:00
David Maloney a256a6fb0b Adds a power on vm module 2012-02-14 20:44:11 -06:00
Tod Beardsley 727cde00c6 Taking David's version of vmware_http_login over mine 2012-02-13 14:54:47 -06:00
David Maloney 8c305e1a28 VMWare Web service finerprinting and OS detection. 
VMWare Screenshot stealer
Improvemenets to the mixin
fix to check method for the login scanner
 2012-02-13 12:05:32 -06:00
David Maloney f4d768ca64 Fix to use the Rex uri_encode method 2012-02-11 14:57:13 -06:00
David Maloney 676a0c53a0 Working Screenshot capability! 2012-02-11 03:51:18 -06:00
HD Moore 7524d5e75d Tweak the event dispatcher to enable customer events without a category 
and trigger http request events from the main exploit mixin.
Experimental
 2012-02-04 04:44:50 -06:00
HD Moore 6f54f0637b Dont run ifconfig on windows 2012-02-04 01:18:32 -06:00
David Maloney 668e5f8c52 More fixes to the vim soa[p libs 
Added the SoapAction header as this turns out to be pretty
important for the screenshot task creation method.
 2012-02-03 22:11:21 -06:00
David Maloney df401f4c94 more fixes to backend stuff, plus updated vmware http login module to use 
the correct mixin method now.
 2012-02-03 15:44:41 -06:00
Tod Beardsley 148dddba2f http_fingerprint should use the ssl() function 
Instead of re-declaring ssl as a variable, just use the library's SSL
function, since it's there and it's incidentally more accurate.
 2012-02-03 15:31:20 -06:00
James Lee c0e9825565 Whitespace and a typo 2012-02-03 14:10:17 -07:00
David Maloney b914a97359 Fixes to a bunch of fucntions to work on more complex vmware setups 
VM Enuemration now appears to work against VCenter
 2012-02-03 14:17:35 -06:00
Tod Beardsley af506240cf http_fingerprint reports service info 
Service info once again is reported when http_fingerprint is run against
a target, along with http status codes.
 2012-02-03 12:15:11 -06:00
Tod Beardsley 786d75493c Fix up VMWware webscan to not false positive 
Checks to see if a target is actually vmware based on the provided
cookie, using the http_fingerprint() function from HttpClient.

[Fixes #6340]
 2012-02-02 22:19:57 -06:00
David Maloney 3f48e626a2 Adding a bunch of new VIM API auxiliary stuff 
Work in progress.
 2012-02-01 12:05:20 -06:00
HD Moore 46d40b89a5 Make sure at least one character is returned 2012-02-01 02:08:26 -06:00
HD Moore 77c986948c Proper fix for IPv6 postgresql connections 2012-01-31 02:08:02 -06:00
HD Moore a74cf1ee10 Missing argument 2012-01-31 01:49:42 -06:00
HD Moore 52004b1e33 A little more cleanup for IPv6 in HTTP mixins 2012-01-31 01:44:03 -06:00
HD Moore 32f2d6754c Handle ipv6 addresses, choose more obvious 'bad' password for 
fingerprinting
 2012-01-31 00:32:54 -06:00
David Maloney 31f6c4dfff http_fingerprint now reports website isntead of just a service 
fixes #6277
 2012-01-26 11:05:06 -06:00
David Maloney ed0dbad243 Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one. 
Fixes #6066
 2012-01-10 12:32:47 -08:00
James Lee 753ddb27c5 Make all the EXE options OptPath 2012-01-10 03:36:47 -07:00
James Lee 1eb4900102 Make EXE::Custom an OptPath so it can be tab'd 2012-01-10 03:25:13 -07:00
David Maloney 54bca49ef9 Slightly better fix to the digest request header issue 2012-01-05 12:25:32 -08:00
David Maloney e61b4ed65c Fixed issue with send_digest_request_cgi not keeping user supplied headers. 2012-01-05 12:02:21 -08:00
HD Moore fcaef55faa Change the encapsulation method to allow multiple methods without 
conflict
 2011-12-02 13:18:37 -05:00
James Lee bf105f48cb massive removal of spaces at EOL and some bad tabs 2011-11-20 12:32:06 +11:00
Matt Weeks fdf13e5e0e Fixes #5927 
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 21:45:17 +00:00
Tod Beardsley 4b4ef45e33 Fixes #3538, adds store_local, changes the dest directory of all fileformat exploits, allows "save" to be passed to db_nmap to save scan results. 
git-svn-id: file:///home/svn/framework3/trunk@14091 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 17:01:51 +00:00
James Lee 07b402f29b more whitespace, in HttpClient 
git-svn-id: file:///home/svn/framework3/trunk@14044 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 04:58:59 +00:00
HD Moore 3c73c3c2f8 Pile of small bug fixes for the FTP server and mixin 
git-svn-id: file:///home/svn/framework3/trunk@13924 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-14 23:07:09 +00:00