Commit Graph

29000 Commits (9ed8c5945965b2a9aadf3d2f5130754a1134ea2c)

Author SHA1 Message Date
HD Moore 9ed8c59459 Bring options over from reverse_tcp (bind address, etc).
Also includes the SSLCert => HandlerSSLCert change
2014-11-22 14:22:54 -06:00
HD Moore ba9c763f7e Auto-generated SSL certs now match "snakeoil" defaults
This change emulates the auto-generated snakeoil certificate from Ubuntu 14.04. The main changes including moving to 2048-bit RSA, SHA256, a single name CN for subject/issuer, and the removal of most certificate extensions.
2014-11-21 18:25:04 -06:00
jvazquez-r7 3ac1f7d4fb
Land #4242, @Meatballs1 fix for sap_service_discovery report_note
* I cannot reproduce @Meatballs1 issue
* But I noticed report_note should :update with :unique_data
* Fixed the :update
2014-11-21 10:16:08 -06:00
jvazquez-r7 e30ee9fee2 Update with :unique_data 2014-11-21 10:14:39 -06:00
jvazquez-r7 90ae9a3ff8
Land #4173, @wchen-r7's fix for SMB find_first
* Fixes #4119, SMB find_first("\\*") does not return accurate results
* It missed initialization of sid
2014-11-21 09:51:57 -06:00
sinn3r f2add929d7
Land #4239 - Support SSL intermediate certs 2014-11-21 02:09:40 -06:00
HD Moore 85de75cd5d
Adds a smtp ntlm domain scanner, lands #4241 2014-11-20 22:18:26 -06:00
rwhitcroft 3ddf848abf Merge pull request #1 from hmoore-r7/smtp_ntlm_domain
Module cleanup, error handling, and reporting
2014-11-20 20:43:25 -05:00
HD Moore 99a23ada5c Module cleanup, error handling, and reporting 2014-11-20 16:18:20 -06:00
HD Moore 2f6c4a9ba4 Slight tweak to description/author email formatting 2014-11-20 14:53:52 -06:00
HD Moore 2f92a83092 Change to example.com as the default domain 2014-11-20 14:53:36 -06:00
Meatballs ee15179441
Fix service discovery errors 2014-11-20 18:22:33 +00:00
Meatballs f2b80f4ef1
Merge remote-tracking branch 'upstream/master' 2014-11-20 18:18:00 +00:00
Rich Whitcroft 8306d739e3 add scanner module to extract domain from NTLM challenge 2014-11-20 11:02:21 -05:00
HD Moore d530046164 Bugfix. Chrome is a liar (chain certs properly) 2014-11-19 16:08:03 -06:00
HD Moore 0d091f1c03 Support SSL intermediate certs, closes #4238
Note that this does not apply to reverse_tcp meterpreter clients yet, as
they do not allow certificates to be supplied. I abstracted out the SSL
certificate generation and parsing methods so that we can address this
next.
2014-11-19 15:56:49 -06:00
HD Moore abc0640b7b
Fix placeholder, lands #4237 2014-11-19 14:26:10 -06:00
Mark Schloesser 9e9954e831 fix placeholder to show the firmware version I used 2014-11-19 21:23:39 +01:00
Tod Beardsley 6daa8b48a3
Land #4235, Hikvision exploit 2014-11-19 14:18:54 -06:00
Mark Schloesser a718e6f83e add exploit for r7-2014-18 / CVE-2014-4880 2014-11-19 21:07:02 +01:00
Tod Beardsley 6a58774dd6
Land #4234, crediting @jduck 2014-11-19 12:43:04 -06:00
Jon Hart a91a5f3c4b
Land #4067, @fozavci's IN:SRV support for fakedns 2014-11-19 08:38:00 -08:00
Jon Hart 684975a315 Use correct target address for fake As 2014-11-19 08:28:56 -08:00
Jon Hart 3777e78a85 Sanitize creation of target host. Return minimal for SRV 2014-11-19 08:28:56 -08:00
Jon Hart 52e004d8ab Use less conflicting name for SRV record port 2014-11-19 08:28:56 -08:00
Jon Hart ee90e4353b Add more consistent logging for fakedns types that support fake vs bypass 2014-11-19 08:28:55 -08:00
Jon Hart 0910275fac Don't artificially insert additional records when BYPASS 2014-11-19 08:28:55 -08:00
Fatih Ozavci a38cb3ee53 @jhart-r7 commits are accepted and conflicts fixed. 2014-11-19 08:28:55 -08:00
Fatih Ozavci ab7f6866f5 FAKE and BYPASS actions are implemented for SRV queries 2014-11-19 08:28:55 -08:00
Fatih Ozavci f403d27fbd Author update for the fakedns module 2014-11-19 08:28:55 -08:00
Fatih Ozavci 47f7d8c4be IN:SRV expansion for Fake DNS server 2014-11-19 08:28:55 -08:00
Joe Vennix a9cb6e0d2f
Add jduck as an author on samsung_knox_smdm_url 2014-11-19 10:18:08 -06:00
Jon Hart 31b366dedb
Land #4061, @fozavci's CDP testing module 2014-11-19 08:17:41 -08:00
Jon Hart 895bdd9c6f Remove unused options 2014-11-19 08:09:52 -08:00
Jon Hart 134046975e Remove report mixin which was not used 2014-11-19 08:09:52 -08:00
Jon Hart 4c112e71c1 Remove errant whitespace, unnecessary to_s 2014-11-19 08:09:52 -08:00
Jon Hart f54fc3da87 More CDP cleanup. Loop, cleaner packet construction, style 2014-11-19 08:09:52 -08:00
Jon Hart 0dac2de3fd Use PacketFu::EthHeader.mac2str for MAC formatting 2014-11-19 08:09:52 -08:00
Jon Hart 2d484a3e1a Remove sniffing capabilities from cdp -- use wireshark/tcpdump instead 2014-11-19 08:09:52 -08:00
Jon Hart 39d691086e First round of basic Ruby style cleanup in cdp 2014-11-19 08:09:52 -08:00
Fatih Ozavci 7e93d890ab Viproy is removed from names
Author section is fixed
2014-11-19 08:09:52 -08:00
Fatih Ozavci d78d57eaf4 Viproy VoIP Pen-Test Kit - Cisco CDP Testing Module 2014-11-19 08:09:52 -08:00
William Vu e66c9be66d
Land #4232, rm CHANGELOG.md from orbit 2014-11-19 08:17:40 -06:00
jvazquez-r7 1f2313d87e
Land #4054, @jhart-r7's SunRPC lib and module cleanup 2014-11-18 17:01:01 -06:00
jvazquez-r7 fb4b6543e2 Handle other rex exceptions 2014-11-18 15:57:41 -06:00
jvazquez-r7 a0f92ce26e Update module with review 2014-11-18 15:43:53 -06:00
Tod Beardsley 5e54532dda
Drop the CHANGELOG.md
Just use `git shortlog` instead if you're really interested in the
changes from your arbitrary point in history.
2014-11-18 14:55:12 -06:00
jvazquez-r7 dff6af0747 Restore timeout 2014-11-18 12:17:10 -08:00
jvazquez-r7 542eb6e301 Handle exception in brute force exploits 2014-11-18 12:17:10 -08:00
jvazquez-r7 4844447d17 Use 20 seconds as default timeout
* Because it's the default timeout on Rex::Proto::SunRPC::Client
2014-11-18 12:17:10 -08:00