infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,459 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

377 Commits (a4bc17ef894c47a411ed65df4124d88e757b4506)

Author SHA1 Message Date
sinn3r 2776047553 Merge branch 'smb_cap' of github.com:Meatballs1/metasploit-framework into Meatballs1-smb_cap 2013-01-09 16:09:35 -06:00
Meatballs 4cadffc06a msftidy 2013-01-09 10:37:40 +00:00
Meatballs 46139849a9 Move to .empty? over length 2013-01-09 10:36:06 +00:00
Meatballs a8400030f8 Also correct outut of hash when length is 0 2013-01-09 10:26:57 +00:00
Meatballs d36fcd5441 Fix smb capture error 2013-01-09 09:50:21 +00:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
Tod Beardsley c2586d0907 Instead of raising, offer advice on BPF filtering 
Many people don't know how to disable ICMP echo responses off the top of
their head. However, the problem is solvable with a decent BPF filter.
 2012-12-27 15:18:18 -06:00
Tod Beardsley c6533621a0 Oops removing debug prints 2012-12-27 14:58:52 -06:00
Tod Beardsley c695f429d5 Mirror upstream PacketFu fix on ICMP size 2012-12-27 14:56:49 -06:00
Tod Beardsley 121353b360 Fixing EOLs to unix 
In vim:

:set fileformat=unix
:wq

ta-da
 2012-12-27 13:54:50 -06:00
Tod Beardsley 9fa6c9f4c4 Merge remote branch 'ChrisJohnRiley/icmp_exfil' into icmp_exfil 2012-12-27 13:52:19 -06:00
Rob Fuller 20ea56e4b9 fixed type @wchen-r7 found 
hopefully didn't miss any others
 2012-12-11 15:29:53 -05:00
Rob Fuller 717799cffd fix typos 
negotiate spelled wrong in a couple spots
and only 3 g's in loggging
 2012-12-11 15:00:21 -05:00
Chris John Riley 46f3b8f47d Minor changes to get Travis to rerun (The Travis build failed) 2012-11-22 16:00:38 +01:00
Chris John Riley 8c60035a2d Renamed functions to meet coding standards 
Added client-side tool suggestion in description and references
(newlines in the description might help readability, if this is possible?)
Added some minor logic change to stop empty filenames
 2012-11-20 18:48:18 +01:00
Chris John Riley 5667cffb77 Fixed typos 2012-11-20 09:06:15 +01:00
Chris John Riley 430227a460 msftidy cleanup 2012-11-19 16:04:35 +01:00
Chris John Riley 082bba3342 Rewrite 
Removed unrequired global vars
Added flexibility in start, continue, end responses
Added ability to set filename in BOF packet or not
Fixed BEGIN RESCUE blocks to not catch errors themselves
BEGIN ENSURE block still needed to trigger save to loot on CTRL+C
 2012-11-19 16:02:53 +01:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have 
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
 2012-11-08 17:42:48 +01:00
Michael Schierl e9f7873afc Version cleanup 
Remove all values that are neither 0 nor $Revision$.
 2012-10-22 20:57:02 +02:00
sinn3r 201518b66f msftidy corrections 2012-10-17 17:22:26 -05:00
jvazquez-r7 51e70c44e3 fix error message after cleanup 2012-10-03 18:44:33 +02:00
jvazquez-r7 0755cbe411 cleanup: clear strings, delete unused variables, author email foramt, use of unpack 2012-10-03 18:28:03 +02:00
Dhiru Kholia a0422fe500 Make failing username dynamic 2012-10-03 19:17:32 +05:30
Dhiru Kholia e33da009ea add PostgreSQL password capturing module 2012-10-02 15:16:37 +05:30
Tod Beardsley 2ca134a2c3 Merge branch 'printjob_capture' 
This lands #811, and also brings in my changes from
ChrisJohnRiley/metasploit-framework#2

Thanks Chris!
 2012-10-01 15:55:14 -05:00
Tod Beardsley 1e4f8591fd Sneaking in an author credit 2012-10-01 11:42:56 -05:00
Tod Beardsley c0bc764fd4 Retabbing for tabs, not spaces 
I'm not a fan of the tabs either, any more. But, until we switch over
for real, let's stick with the project's whitespace conventions?
 2012-10-01 11:26:58 -05:00
Tod Beardsley 802924d67a Getting rid of continuation slashes. Plz don't. 
Continuation slashes are the devil when it comes to reading Ruby,
especially if you're reading something like:

def hello

puts "Hello world!" \
  if true

end

This looks like a syntax error and hurts my eyeballs.

Please avoid this convention in the future.
 2012-10-01 11:23:06 -05:00
Tod Beardsley 489c9b701e Whitespace 2012-09-28 12:47:15 -05:00
Tod Beardsley 1b2240d9bd Commenting about IPP 2012-09-28 12:38:36 -05:00
Tod Beardsley a15a2b522c Removing IPP as a selectable mode 2012-09-28 12:38:17 -05:00
Tod Beardsley 6944aab46c Removing Id SVN splat 2012-09-28 12:37:00 -05:00
Tod Beardsley db4b19a2df Adding Juan's fix for peerhost 2012-09-28 10:26:35 -05:00
David Maloney aa8a713a30 Fix added datastore item in BAP 2012-09-26 11:55:12 -05:00
scriptjunkie 0158312615 Java meterpreter can run scripts too! 2012-09-22 16:49:16 -05:00
Chris John Riley ce441e95a6 Corrected typo, missing \ and minor regex match 2012-09-21 22:04:19 +03:00
Chris John Riley 9753494cba Corrected regex scan vs. match issues 
Altered PS and PCL to elsif to avoid
double detection of printjobs.
 2012-09-21 13:20:14 +02:00
Chris John Riley f7aaae614e Reduced instances of #{name} to client 
connections and disconnections. All other
output should be self explanatory and
doesn't need #{name}
 2012-09-21 11:08:47 +02:00
Chris John Riley 78f77a3df2 Replaced if @verbose with vprint_status 
Corrected bug in non-detected print types
 2012-09-21 10:59:39 +02:00
jvazquez-r7 0032713198 description modified 2012-09-21 10:09:42 +02:00
jvazquez-r7 f6baf7fe34 Merge branch 'MySQL-JtR' of https://github.com/halfie/metasploit-framework into halfie-MySQL-JtR 2012-09-21 10:08:34 +02:00
David Maloney 7fcc34766a Added datastore items to BAP handlers 
Added two datastore items to handlers created by BAP
 2012-09-20 15:21:08 -05:00
Chris John Riley 3d254b69fd Applied all requirements from pull/715 
Reworked PCL regex to match PCL 6/XL
msftidy is still complaining about
an indent. Can't find why however!

New PULL created as per request from
jvazquez-r7
 2012-09-20 18:04:36 +02:00
Dhiru Kholia 17f7e94f4d Add support for dumping MySQL challenge-response pairs in JtR format 2012-09-20 13:54:12 +05:30
Rob Fuller d0558218ee Add non-authed OPTION response to support WebDAV 2012-08-23 15:11:10 -04:00
Tod Beardsley 8d187b272d Some error handling on ntlm relayer 
Instead of a cryptic exception, let the user know if the HTTP target
isn't actually asking for WWW-Authenticate.

There are likely many more opportunities to catch errors, but this is
the most obvious.
 2012-08-21 16:13:00 -05:00
Tod Beardsley 635710402b Removing bullet points from module description 
Due to the vagaries of various Metasploit module description viewers, we
can't guarantee things like lists and bullet points render right.
Descriptions should avoid using these things.
 2012-08-21 16:00:04 -05:00
Tod Beardsley b457289e01 Merge remote branch 'webstersprodigy/module-http-ntlmrelay' 2012-08-21 15:28:50 -05:00
webstersprodigy 65b29d149f Update to use OptEnum for RTYPE 2012-08-20 22:45:20 -04:00
sinn3r 8d4b4fc7be Some more changes before pushing to master 2012-08-20 15:43:39 -05:00
saint patrick e6bda752ee cleaned up and using HttpServer for handling requests and sending 401 2012-08-20 15:23:49 -05:00
saint patrick 10698e2f99 Updating HTTP Basic capture mod with edits based on MSF team suggestions 2012-08-19 19:47:01 -05:00
saint patrick de380cfb46 Adding aux mod for HTTP Basic Auth capture 2012-08-19 01:51:01 -05:00
sinn3r b46fb260a6 Comply with msftidy 
*Knock, knock!*  Who's there? Me, the msftidy nazi!
 2012-08-07 15:59:01 -05:00
webstersprodigy 3c7ad96b45 Changing a string concat from + to << 2012-07-22 20:28:17 -04:00
webstersprodigy 6bb31280fb Took/tested all egypt's comments, other than the Actions one 2012-07-22 20:02:12 -04:00
sinn3r 33ee6ee699 Merge branch 'sip-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-sip-capture 2012-07-22 03:36:13 -05:00
Patrik Karlsson 08f0f693b0 change sname in report_auth_info from sip_challenge to sip_client 2012-07-20 19:48:15 +02:00
Patrik Karlsson 5dc985c911 fix msftidy WARNING 2012-07-20 17:15:06 +02:00
Patrik Karlsson 3fc1c1db73 fix problem with report_auth_info that was passed invalid host and port params. 2012-07-20 17:07:42 +02:00
Patrik Karlsson d494ed9bf7 add a function to sanitize source and dest ip's to avoid breaking JtR format. 2012-07-20 13:27:45 +02:00
Patrik Karlsson 7ec5c0d6e0 change module to use Rex::Socket::Udp instead of Ruby's ::UDPSocket. 2012-07-19 20:34:02 +02:00
sinn3r 1c6ce20ad8 Merge branch 'sip-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-sip-capture 2012-07-19 10:51:57 -05:00
sinn3r 9c510a738e Improve outputs 2012-07-19 10:50:58 -05:00
sinn3r 7cb12921d6 Don't print cli addr twice 2012-07-19 10:43:55 -05:00
sinn3r afd314701e Improve outputs 2012-07-19 10:41:25 -05:00
sinn3r 3253929555 Fix indent 2012-07-19 10:21:30 -05:00
Patrik Karlsson ad4a4b2ae3 add module for capturing SIP authentication challenge and response pairs. 
The module starts a fake SIP server listening for incoming REGISTER requests.
It then triggers an authentication request at the client and captures the
response for cracking in JtR or Cain.
 2012-07-18 20:45:08 +02:00
jvazquez-r7 6ac6e375a7 Changes according to hdm and sinn3r feedback 2012-07-17 12:02:24 +02:00
jvazquez-r7 7c2ea2ff23 Merge branch 'mysql-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-mysql-capture 2012-07-17 12:01:19 +02:00
sinn3r 3def2afb46 Correct e-mail format 2012-07-17 04:24:54 -05:00
Patrik Karlsson 88275620ab removed JtR support due to bugs in cracking module. 2012-07-16 15:59:43 +02:00
Patrik Karlsson 25a78e6ab0 change so that both Cain and JTR hashes can be stored at the same time and 
added username report_auth_info
 2012-07-16 14:13:35 +02:00
Patrik Karlsson 4859e0809e add missing username to john hash 2012-07-16 09:14:44 +02:00
HD Moore 10db74d480 Show the IP address in the output 2012-07-15 21:35:43 -05:00
Patrik Karlsson 8889d89eea msftidy cleanup 2012-07-16 02:07:45 +02:00
Patrik Karlsson 6331c33472 add MySQL password capturing module 
This module provides a fake MySQL service that is designed to
capture authentication credentials. It captures	challenge and
response pairs that can be supplied to Cain or JTR for
cracking.
 2012-07-16 01:55:22 +02:00
HD Moore 6cdd044e10 Remove a buggy payload that doesn't have NX support 2012-07-12 12:15:57 -05:00
webstersprodigy fd009fe3ff Improved smb_put reliability 
The .write function was having issues with large files, the
connection would close or sometimes there would be errors.
I changed thefunction to act more like smb_relay and it works better.
 2012-07-11 23:30:55 -04:00
jvazquez-r7 b12f13f837 Review of Pull request #594 2012-07-12 00:46:24 +02:00
jvazquez-r7 16cd847e5a Merge branch 'mssql_review' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-mssql_review 2012-07-12 00:36:54 +02:00
jvazquez-r7 a840ff8cf8 Review of pull request #598 2012-07-12 00:34:17 +02:00
jvazquez-r7 f933d98d38 Review of #595 2012-07-12 00:19:27 +02:00
webstersprodigy c593a3429d fixed a type bug with the default response 2012-07-11 02:23:37 -04:00
webstersprodigy f50843e0b7 Adding http_ntlmrelay module 2012-07-09 22:56:24 -04:00
sinn3r 87bac91d71 Apply additional changes from #549 
From pull request #549. Changes include:
* Use OptEnum to enforce the use of wpad.dat or proxy.pac
* Remove cli.peerhost:cli.peerport, the API does that already
* cleanup function to restore uripath datastore option
* More friendly error when the user doesn't have enough permission
  to bind to port 80, that way they don't blame it's a bug on msf.
* Remove unnecessary SVN stuff in modinfo
 2012-07-07 15:59:16 -05:00
sinn3r 4e90da002d Merge branch 'master' of https://github.com/efraintorres/wmap-metasploit into wpad 2012-07-07 15:44:05 -05:00
efraintorres 4c68cdd584 Actions removed. 2012-07-02 10:57:32 -05:00
efraintorres be666fde89 Full msftidy compliant 2012-06-30 22:08:10 -05:00
efraintorres cad749d495 More formatting. 2012-06-30 21:21:56 -05:00
efraintorres 22b47e32fe Fixed wrapping of module description 2012-06-30 21:12:01 -05:00
efraintorres f8aacc3482 All fixes applied to wpad module. 2012-06-30 20:57:59 -05:00
HD Moore 1989f0ab46 IE 10/Win8 detection support 2012-06-25 00:36:04 -05:00
Rob Fuller 77022d10da Added a bit of verbosity to SMB capture module to enhance logging and post exploitation 2012-06-18 15:55:40 -03:00
sinn3r 3f0431cf51 Massive whitespace destruction 
Remove whitespace found at the end of the line
 2012-06-06 00:36:17 -05:00
sinn3r c30af98b53 Massive whitespace destruction 
Remove all the lines that have nothing but whitespace
 2012-06-06 00:22:36 -05:00
Chris John Riley d48da6741a altered spaces to tabs 
added basic check to avoid saving empty files to loot
 2012-06-03 08:48:47 +02:00