HD Moore
9fc58c1e1f
Collect command output and report it
...
git-svn-id: file:///home/svn/framework3/trunk@8569 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 16:06:01 +00:00
HD Moore
94befada32
Wrap the transport connection in a mutex, this works around a deadlock in multi-threaded situations. See #894
...
git-svn-id: file:///home/svn/framework3/trunk@8568 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 15:19:24 +00:00
HD Moore
445676b932
Merge in the current workspace name
...
git-svn-id: file:///home/svn/framework3/trunk@8567 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 05:50:38 +00:00
HD Moore
0ba3d18032
Updated the report format to match new syntax
...
git-svn-id: file:///home/svn/framework3/trunk@8566 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 05:50:05 +00:00
HD Moore
0a8696436e
Fix up the telnet login code to handle varied responses better
...
git-svn-id: file:///home/svn/framework3/trunk@8565 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 05:49:40 +00:00
Joshua Drake
8446a0c305
add auto-targeting to tomcat_mgr_deploy, fixes #887
...
git-svn-id: file:///home/svn/framework3/trunk@8564 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 01:14:39 +00:00
Steve Tornio
93acc977fe
fix osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8563 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 19:42:08 +00:00
Joshua Drake
6e8eddcf5e
add exploit module for cve-2008-0506
...
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:31:12 +00:00
Joshua Drake
007930c784
add svn keywords property
...
git-svn-id: file:///home/svn/framework3/trunk@8561 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:13:31 +00:00
natron
474228a132
Woops, forgot to push the updated mixin.
...
git-svn-id: file:///home/svn/framework3/trunk@8560 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 06:06:30 +00:00
HD Moore
1a53411282
Filter out the other test modules from automation
...
git-svn-id: file:///home/svn/framework3/trunk@8559 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:18:43 +00:00
HD Moore
0db3ada840
Filter this from automation
...
git-svn-id: file:///home/svn/framework3/trunk@8558 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:15:03 +00:00
natron
5b3c87c9c5
Add option to save java code to file.
...
git-svn-id: file:///home/svn/framework3/trunk@8557 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:11:56 +00:00
Tod Beardsley
ab3b173040
So, funny story with net-ssh. Turns out, there's insufficient housekeeping on closing out connections in the event of authentication failures, which means you can start sucking up connections pretty good when you fail authentication a whole bunch of times. Fixed in the library, so now, if you pass a block to Net::SSH.start, and the authentication fails, the connection will still close out correctly, just as it would when the authentication succeeds.
...
Protip: If you don't pass a block, it's *still on the caller* to deal with the connection somehow. You'll want to basically always assign the connection to someplace you control, like so: sock = Net::SSH.start(whatever); sock.close). Otherwise, if you just Net::SSH.start without a block /or/ without assignment, you'll be stuck with all these useless connections hanging around.
git-svn-id: file:///home/svn/framework3/trunk@8556 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 03:02:25 +00:00
Mike Smith
e59082f6b5
Added "created_at" and "updated_at" timestamps all primary tables ( fixes #838 )
...
git-svn-id: file:///home/svn/framework3/trunk@8555 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 21:57:01 +00:00
Tod Beardsley
78aa6f5ba4
Added DB2 remote administration scan to udp_sweep
...
git-svn-id: file:///home/svn/framework3/trunk@8554 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 21:21:17 +00:00
Tod Beardsley
f58558f605
Updated all the brute force login modules to record successful logins and avoid duplicating credentials.
...
git-svn-id: file:///home/svn/framework3/trunk@8553 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 19:04:51 +00:00
Joshua Drake
2e77c76824
add exploit module to get code exec on a tomcat manager instance, closes #772
...
git-svn-id: file:///home/svn/framework3/trunk@8552 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:18:43 +00:00
Tod Beardsley
38a3b8203e
Properly checking for credential duplication.
...
git-svn-id: file:///home/svn/framework3/trunk@8551 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:11:18 +00:00
Joshua Drake
534d56cdd8
adjust text wrap
...
git-svn-id: file:///home/svn/framework3/trunk@8550 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:04:11 +00:00
Joshua Drake
0071a5532b
allow caller to specify jsp name via :jsp_name opt
...
git-svn-id: file:///home/svn/framework3/trunk@8549 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:03:22 +00:00
Tod Beardsley
c24a708db6
See #859 . Adds keyboard-interactive as an acceptable method of authentication.
...
git-svn-id: file:///home/svn/framework3/trunk@8548 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 16:11:58 +00:00
Patrick Webster
350c189a34
Added exploit module qbik_wingate_wwwproxy.
...
git-svn-id: file:///home/svn/framework3/trunk@8547 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 15:58:26 +00:00
HD Moore
4c4c747caf
Update all db methods to have a workspace parameter, default to the db.workspace where possible, updated the command dispatchers.
...
git-svn-id: file:///home/svn/framework3/trunk@8546 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 06:40:38 +00:00
Joshua Drake
44a7775d3d
add support for WAR archives to msfencode, closes #774
...
git-svn-id: file:///home/svn/framework3/trunk@8545 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 03:29:14 +00:00
Joshua Drake
bf05fdefe3
whitespace adjustments
...
git-svn-id: file:///home/svn/framework3/trunk@8544 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 03:27:29 +00:00
Tod Beardsley
27c3266c0a
Serializes telnet brute forcing so it's a little bit faster (as it happens) and
...
about a zillion times more reliable.
git-svn-id: file:///home/svn/framework3/trunk@8543 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 00:22:02 +00:00
Tod Beardsley
4197f00701
Moves @credentials_tried and @credentials_good into auth_brute proper, though modules still
...
need to handle them themselves... which telnet and ssh both do now.
git-svn-id: file:///home/svn/framework3/trunk@8542 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 21:55:02 +00:00
Joshua Drake
797ab55f52
add exploit module for cve-2009-2011
...
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:14:40 +00:00
Tod Beardsley
443e82bc75
Reworked ssh_login to a) handle all SSH errors, b) cease trying users if we already guessed a password and c) cease trying the same user:pass combo more than once.
...
git-svn-id: file:///home/svn/framework3/trunk@8540 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:12:02 +00:00
Joshua Drake
089a522df0
various fixes
...
1. allow passing payload to generate_cmdstager (needed for html server sploits)
2. cleanup whitespace here and there
3. removed rendundant pattern match
4. removed use of sleep in favor of select idiom
git-svn-id: file:///home/svn/framework3/trunk@8539 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:04:54 +00:00
Steve Tornio
a71a24b6d3
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8538 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 18:56:05 +00:00
Steve Tornio
ed395fcda4
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@8537 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 18:48:34 +00:00
Steve Tornio
b17fc35986
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8536 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 18:35:01 +00:00
Steve Tornio
3314e6a10b
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8535 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 17:25:47 +00:00
Steve Tornio
fa877eb567
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8534 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 17:11:45 +00:00
Steve Tornio
e5609bbf82
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@8533 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 17:07:54 +00:00
HD Moore
1686931efe
More SSH versions
...
git-svn-id: file:///home/svn/framework3/trunk@8532 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 14:42:11 +00:00
HD Moore
9f1009b401
Import the service and OS fingerprints from NeXpose
...
git-svn-id: file:///home/svn/framework3/trunk@8531 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 06:01:53 +00:00
Joshua Drake
b4ead057f6
add exploit module for cve-2000-0917
...
git-svn-id: file:///home/svn/framework3/trunk@8530 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 00:56:28 +00:00
Tod Beardsley
5fce04ce22
See #843 , but this really just masks the problem. Investigate more thoroughly.
...
git-svn-id: file:///home/svn/framework3/trunk@8529 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 23:35:22 +00:00
Tod Beardsley
25ec6e8021
Removing the require rescues for SSH, now that it's shipping in lib directly.
...
git-svn-id: file:///home/svn/framework3/trunk@8528 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 23:21:51 +00:00
Tod Beardsley
627478d88b
See #842 . Convering TCPSocket calls to Rex::Socket::Tcp calls.
...
git-svn-id: file:///home/svn/framework3/trunk@8527 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 22:49:27 +00:00
Joshua Drake
0d526a26af
add cmdstager to mixins, oops
...
git-svn-id: file:///home/svn/framework3/trunk@8526 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 20:26:31 +00:00
Tod Beardsley
59eeec83a0
See #841 . Simple test cases for ssh.
...
git-svn-id: file:///home/svn/framework3/trunk@8525 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 20:21:57 +00:00
Tod Beardsley
fdae07d861
Adding a msf3 method to net-ssh, in case we need to ever distinguish between our native fork and anyone else's.
...
git-svn-id: file:///home/svn/framework3/trunk@8524 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 19:25:01 +00:00
Tod Beardsley
810133acc2
Fixes #841 . Initial commit for net-ssh by Jamis Buck. http://github.com/jamis/net-ssh
...
Note that net-ssh is no longer actively maintained: http://weblog.jamisbuck.org/2009/2/25/net-ssh-capistrano-and-saying-goodbye
git-svn-id: file:///home/svn/framework3/trunk@8523 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 19:18:19 +00:00
Tod Beardsley
206b70ace7
Indentation fixes (wrapping everything in a begin;rescue;end, didn't want
...
to obfuscate that with the last change).
git-svn-id: file:///home/svn/framework3/trunk@8522 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 18:09:51 +00:00
Tod Beardsley
b45cfb8793
Fixes #808 . Removes the pre-connect test from login and version.
...
git-svn-id: file:///home/svn/framework3/trunk@8521 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 18:05:51 +00:00
Tod Beardsley
a74b67d73f
See #808 . Converts the metasploit fork of postgres-pr to use Rex::Socket instead of
...
TCPSocket. Now we need to remove the connection test hacks from the postgres modules.
git-svn-id: file:///home/svn/framework3/trunk@8520 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 17:42:38 +00:00