Older versions of OpenSSL did not export the OP_NO_COMPRESSION constant,
so users running metasploit on systems with old copies of openssl
would throw a NameError since the constant did not exist.
[SeeRM #823], where Stephen was asking for SSL compression for
Meterpreter -- this isn't that, but it's at least now possible for other
Metasploit functionality.
So Metasploit uses the term "exploit" to describe something, a module
or an action, that results popping a shell. A check normally doesn't
pop a shell, so avoid that language.
An example of the biggest confusion module developers face is not
actually knowing the difference between Detected vs Appears vs
Vulnerable. For example: a module might flag something as a
vulnerable by simply doing a banner check, but this is often
unreliable because either 1) that banner can be fooled, or 2)
the patch does not actually update the banner. More reasons may
apply. Just because the banner LOOKS vulnearble doesn't mean it is.
Added targets for 8 specific targets that I've tested: Cisco WAP4410N,
Honeywell WAP-PL2 IP Camera, Netgear DG834, Netgear DG834G, Netgear
DG834PN, Netgear DGN1000, Netgear DSG835, Netgear WPNT834
Added functionality to the CmdStagerEcho mix-in to support encoding via
octal instead of hex based on the :enc_type option. This is because many
devices would not output hex encoded values properly.
Added options on a per-target basis for the PackFormat (endian pack()
values for communication), UploadPath (because /tmp wasn't always
writable), and PayloadEncode (previously mentioned octal encoding
option)
Note for some reason, some devices communicate over one endianness, but
then require a payload for the other endianess. I'm not sure what's
causing this, but if those specific combinations are not used, the
exploit fails. More research may be required for this.
Tod Beardsley
sinn3r
Meatballs
Joe Vennix
jvazquez-r7
lsanchez-r7
William Vu
OJ
HD Moore
Matt Andreko
David Maloney
James Lee