Spencer McIntyre
9ccb9397e3
Land #3264 , throttl and csv output support for module
2014-04-23 19:00:28 -04:00
Spencer McIntyre
e2b92a824f
Change white space for authors in dns_reverse_lookup
2014-04-23 18:56:27 -04:00
William Vu
15bd92dd50
Fix OpenSSH timing attack module
2014-04-23 10:10:37 -05:00
William Vu
0a108acea3
Fix missing comma
...
Commas will be the death of me.
2014-04-23 10:10:12 -05:00
William Vu
6d7fde4302
Land #3157 , OpenSSH user enumeration timing attack
2014-04-23 10:01:10 -05:00
William Vu
1a2899d57b
Fix up whitespace 'n' stuff
2014-04-23 10:00:34 -05:00
Thanat0s
457c48b89b
Error on sleep
2014-04-23 11:38:23 +02:00
kenkeiras
96f042110f
return is not needed when it's the last lifunction line
2014-04-22 22:33:47 +02:00
kenkeiras
c9d8da991a
Use Rex.sleep instead of select
2014-04-22 22:33:19 +02:00
kenkeiras
d2a558dc85
Removed unused code
2014-04-22 22:33:02 +02:00
William Vu
39a7a049c4
Land #3283 , msftidy vars_get check update
...
Now with more cyan.
2014-04-22 12:27:44 -05:00
Christian Mehlmauer
3f4e9ab18d
msftidy: only check send_request_cgi for vars_get
2014-04-22 19:24:06 +02:00
William Vu
284b474591
Land #3286 , release fixes
2014-04-21 14:03:00 -05:00
Tod Beardsley
e514ff3607
Description and print_status fixes for release
...
@cdoughty-r7, I choose you! Or @wvu-r7.
2014-04-21 14:00:03 -05:00
Christian Mehlmauer
b864c4619d
msftidy - added info messages
...
this commit adds info messages to msftidy to show some info,
but stil exit with status 0 if there are not errors.
2014-04-21 18:04:14 +02:00
William Vu
1faf069130
Land #3284 , deprecated module cleanup
2014-04-20 23:10:55 -05:00
James Lee
ee413ac385
Remove previously deprecated modules
2014-04-20 22:15:44 -05:00
Christian Mehlmauer
fc803ae277
Changed msftidy check
...
send_request_raw does not support vars_get so change
the message to switch to send_request_cgi.
See #3272 for more info
2014-04-20 22:41:32 +02:00
Brandon Turner
fda6ed39f2
Land #3278 , use renamed bcrypt gem instead of bcrypt-ruby
2014-04-18 16:33:51 -05:00
Tod Beardsley
af19efbd71
Use the new bcrypt gem, not bcrypt-ruby
...
See the change upstream at:
273946f2ba
Reported by @ZeroChaos
2014-04-18 15:02:42 -05:00
kenkeiras
b8e0187647
Use OptPath for file path options
2014-04-18 21:56:17 +02:00
kenkeiras
fb0af8a799
Remove unnecesary ssh_socket variable
2014-04-18 21:50:54 +02:00
kenkeiras
c875bdadf5
Change THRESHOLD into a datastore option
2014-04-18 21:18:48 +02:00
kenkeiras
8a3329c891
Password made pseudo-random instead of a bunnch of A's
2014-04-18 21:10:34 +02:00
kenkeiras
47ff820a83
Remove unnecesary 'RHOST' deregister
2014-04-18 21:06:46 +02:00
kenkeiras
cc2d4f9ed7
Remove unnecesary @good_credentials
2014-04-18 21:03:22 +02:00
William Vu
7d801e3acc
Land #3200 , goodbye LORCON modules :(
2014-04-18 12:32:22 -05:00
sinn3r
32293dfdab
Land #3277 - Be very clear about Redmine's existence
2014-04-18 10:31:16 -05:00
Tod Beardsley
fe86886c29
Be very clear about Redmine's existence.
2014-04-18 10:01:54 -05:00
jvazquez-r7
c4d4af031c
Land #3276 , @todb-r7's "make msftidy happy"'s fix
2014-04-18 09:54:52 -05:00
jvazquez-r7
5083143971
Land #3238 , @Zinterax's timeout addition in openssl_heartbleed
2014-04-18 09:28:04 -05:00
Tod Beardsley
2a729c84f6
Fix disclosure date
2014-04-18 09:27:41 -05:00
jvazquez-r7
8a011ec9f6
Land #3197 , @0x3fcoma's module for CVE-2013-5795 and CVE-2013-5880
2014-04-18 08:58:54 -05:00
jvazquez-r7
f3299e3ced
Do minor code cleanup
2014-04-18 08:58:11 -05:00
Zinterax
c68b7aa18f
Merge pull request #1 from jvazquez-r7/review_3238
...
Clean timeout handling code
2014-04-18 09:50:33 -04:00
jvazquez-r7
2366f77226
Clean timeout handling code
2014-04-18 08:16:28 -05:00
Zinterax
e38f4cbfa0
Apply response_timeout to get_once, code cleanup
...
Add response_timeout to get_once
Change timeout output in establish_connect()
Add disconnect ater timeout output
Made establish_connect timeout check more readable
2014-04-18 07:57:33 -04:00
Zinterax
fab091ca88
Fix Action => DUMP
...
Fix for when Action is set to DUMP. Modifed the check to use action.name.
Console output:
msf auxiliary(openssl_heartbleed) > set action DUMP
action => DUMP
msf auxiliary(openssl_heartbleed) > run
[*] 192.168.1.3:443 - Sending Client Hello...
[*] 192.168.1.3:443 - Sending Heartbeat...
[*] 192.168.1.3:443 - Heartbeat response, 17403 bytes
[+] 192.168.1.3:443 - Heartbeat response with leak
[*] 192.168.1.3:443 - Heartbeat data stored in /root/.msf4/loot/20140418070745_default_192.168.1.3_openssl.heartble_135938.bin
[*] 192.168.1.3:443 - Printable info leaked: STUFF STUFF STUFF
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
2014-04-18 07:08:12 -04:00
Zinterax
1cf1616341
Rebase. Add timeout option support
...
Rebase to account for the KEYS merge.
Modify bleed() to work with timeout option.
Modify establish_connect() to work with timeout option.
Modify loot_and_report() to work with timeout option.
---Test Console Output---
Client Hello Timeout:
msf auxiliary(openssl_heartbleed) > run
[*] 127.0.0.1:443 - Sending Client Hello...
[-] 127.0.0.1:443 - No Client Hello response after 10 seconds...
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
Patched Apache:
msf auxiliary(openssl_heartbleed) > run
[*] 127.0.0.1:443 - Sending Client Hello...
[*] 127.0.0.1:443 - Sending Heartbeat...
[-] 127.0.0.1:443 - No Heartbeat response...
[-] 127.0.0.1:443 - Looks like there isn't leaked information...
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
Vulnerable Server:
msf auxiliary(openssl_heartbleed) > run
[*] 192.168.1.3:443 - Sending Client Hello...
[*] 192.168.1.3:443 - Sending Heartbeat...
[*] 192.168.1.3:443 - Heartbeat response, 17403 bytes
[+] 192.168.1.3:443 - Heartbeat response with leak
[*] 192.168.1.3:443 - Printable info leaked: STUFF STUFF STUFF
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
2014-04-18 07:04:05 -04:00
Zinterax
021ac53911
remove me
2014-04-18 07:03:36 -04:00
Christian Mehlmauer
bbed9f4c66
Land #3274 , @jjarmoc heartbleed private key extraction
2014-04-18 06:59:10 +02:00
jvazquez-r7
b0e4648d66
Land #2895 , @dukebarman's exploit for Flash CVE-2013-0634
2014-04-17 23:35:05 -05:00
jvazquez-r7
acb12a8bef
Beautify and fix both ruby an AS
2014-04-17 23:32:29 -05:00
Jeff Jarmoc
94618455b7
Merge pull request #1 from todb-r7/land-3274-rsa-keydump
...
Deconflict after #3252
2014-04-17 18:53:42 -05:00
Tod Beardsley
845108acf6
Looks like an autocorrect ran wild on TLS_CALLBACK
...
Whoops.
2014-04-17 17:47:47 -05:00
Tod Beardsley
2aa2cb17f3
Reimplement a check.
2014-04-17 17:10:54 -05:00
Tod Beardsley
d40ab039e4
Clean up whitespace. Protip: use commit hooks
2014-04-17 16:28:07 -05:00
Tod Beardsley
c34d548e50
First, undo #3252 . Sorry about that.
...
undo #3252 completely. This means a reimplementation of @dchan's work,
but his intent was simply to implement a check_host() that doesn't
actually pull memory, so that should be pretty straight forward with the
new structure of the module.
2014-04-17 16:25:15 -05:00
Jeff Jarmoc
e3daf6daf7
Singular 'TLS_CALLBACK' option
2014-04-17 15:51:37 -05:00
Jeff Jarmoc
6c832e22d6
rename scan to loot_and_report
2014-04-17 15:47:57 -05:00