Commit Graph

77 Commits (a5c39db6c3c33ab3eeb5edc281b4b4a4fda56cea)

Author SHA1 Message Date
jvazquez-r7 0372b08d83 Fix mixin usage on modules 2015-02-13 17:17:59 -06:00
Tod Beardsley 7e649a919c
This version will actually work. 2015-02-05 21:00:54 -06:00
Tod Beardsley 3e0ce4a955
Fix datastore mangling with instance variables
See rapid7/metasploit-framework #4709
2015-02-05 20:37:18 -06:00
William Vu 9c1487c944
Fix dns_fuzzer datastore 2015-02-05 02:53:14 -06:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Tod Beardsley ffafd4c01f
Add NTP fuzzer from @jhart-r7
Looks good to me!
2014-07-21 12:38:12 -05:00
Jon Hart 06fd1ead9d Address more style issues 2014-07-17 09:37:27 -07:00
Jon Hart 9e5c24a97e Address some Ruby style issues 2014-07-15 16:55:54 -07:00
Jon Hart 1500f33e1b Default to only fuzzing versions 2-4 2014-07-03 07:32:44 -07:00
Jon Hart 1830bdc7a5 Add rspec coverage for Rex::Proto::NTP 2014-07-01 12:29:47 -07:00
Jon Hart bc274b358f Move NTP message code to Rex::Proto::NTP, simplify option handling 2014-06-30 23:57:47 -07:00
HD Moore 3868348045 Fix incorrect use of sock.get that leads to indefinite hang 2014-06-28 15:48:58 -05:00
Jon Hart b9925bb24c Minor option cleanup 2014-06-23 18:38:47 -07:00
Jon Hart 050091d0dd Fuzz all 255 possible mode 7 request codes 2014-06-23 11:38:30 -07:00
Jon Hart 6f03f6657f Support only fuzzing specific mode 6 operations 2014-06-19 11:10:11 -07:00
Jon Hart 8fa81de3bb Fuzz mode 7 more correctly. Cleanup.
Provide empty 188-byte payload for mode 7 messages, otherwise nothing
seems to response.  Provide more useful defaults for versions/modes.
Allow control over what mode 7 stuff is fuzzed.
2014-06-16 11:56:27 -07:00
Jon Hart 0352a5305c When fuzzing mode 6 (control) and 7 (private) messages, print out each version tested since these tend to take a long time 2014-06-16 10:31:08 -07:00
Jon Hart 28bf9f8d50 Correct order of mixins so RHOSTS works properly 2014-06-16 10:02:27 -07:00
Jon Hart 9e5281d0c6 Mixin Msf::Auxiliary::Scanner, switch to run_host to fix DNS lookup issues 2014-06-16 09:58:20 -07:00
Jon Hart c7c0528e44 Fuzz NTP private messages too 2014-06-15 20:23:33 -07:00
Jon Hart 7ce9114a1e Initial commit of an NTP fuzzer 2014-06-11 13:46:08 -07:00
William Vu de49241195
Land #3185, regex option validation 2014-05-14 01:27:18 -05:00
Christian Mehlmauer 3f3283ba06
Resolved some msftidy warnings (Set-Cookie) 2014-05-12 21:23:30 +02:00
Tod Beardsley 17ddbccc34
Remove the broken lorcon module set
None of the lorcon / lorcon2 modules have been functional for a long
time, due to the lack of a "Lorcon" gem. It's unclear where it went.

I'm happy to include it and get these working again, but until someone
comes up with some functional code (hint: 'gem install' doesn't work) I
don't see any reason to keep shipping these.

Is there some trick people are doing to make these work? As far as I can
see, they are broken by default.

````
msf auxiliary(wifun) > show options

Module options (auxiliary/dos/wifi/wifun):

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   CHANNEL    11               yes       The initial channel
   DRIVER     autodetect       yes       The name of the wireless driver
for lorcon
   INTERFACE  wlan0            yes       The name of the wireless
interface

msf auxiliary(wifun) > run

[*] The Lorcon2 module is not available: cannot load such file --
Lorcon2
[-] Auxiliary failed: RuntimeError Lorcon2 not available
[-] Call stack:
[-]
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/exploit/lorcon2.rb:67:in
`open_wifi'
[-]
/home/todb/git/rapid7/metasploit-framework/modules/auxiliary/dos/wifi/wifun.rb:29:in
`run'
[*] Auxiliary module execution completed
````
2014-04-07 16:37:10 -05:00
Christian Mehlmauer 4bf6481242
Added regex option to validate options 2014-04-02 23:51:33 +02:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Christian Mehlmauer 8cada447b2 msftidy: remove $Id$ 2013-01-03 10:21:10 +01:00
Christian Mehlmauer 4d8a2a0885 msftidy: remove $Revision$ 2013-01-03 01:01:18 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
HD Moore 69177105ab Handle a null reply properly, small bug fix 2012-12-07 10:54:08 -08:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
sinn3r 67c5c24f67 Fix multiple bugs
Bug fixes including:
* Unnecessary headers being manually added. Sometimes may cause
  a 400 Bad Request against specific web servers.  See issue 7165
  on Redmine for details.
* Regex fix
* URI path fix
2012-09-24 22:32:59 -05:00
Daniel Miller ed43418156 Fix unused ADDR_DST option in fuzz_beacon
auxiliary/fuzzers/wifi/fuzz_beacon offers ADDR_DST option, probably
copy-pasted from some other wifi modules, but does not use it, likely
because beacons are meant to be sent to broadcast address only. Since
this is a fuzzer, changing the destination address may be desirable.
Used the option in building the frame to be sent.
2012-08-10 16:14:50 -05:00
sinn3r b46fb260a6 Comply with msftidy
*Knock, knock!*  Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r 7c77fe20cc Some variables don't need to be in a double-quote. 2012-03-17 20:37:42 -05:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
sinn3r 974aea3521 Validate 'METHOD' using OptEnum 2012-02-17 18:46:56 -06:00
sinn3r 36bc31d677 Damn, the indent level is nuts in this thing 2012-02-17 18:43:47 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r 8eee54d1d0 Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb) 2012-01-09 14:23:37 -06:00
Tod Beardsley f402b8598b Whitespace and File.open binary mode cleanups.
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
2011-12-12 17:31:28 -06:00
Tod Beardsley b4f58ef8fd Trailing commas kill 1.8. dangit.
Fixed dns_fuzzer to knock that off.
2011-12-12 10:26:53 -06:00
Tod Beardsley f1950c2fe1 Adding back bitstruct (current upstream) and dns_fuzzer module
Fixes #3289.

This commit adds back the bit-struct library because in the end,
it is useful for some modules, especially pello's. It's small
and it has a nice license, so why not. After all, it /is/
useful for quicky application headers. Eventually, should
be replaced by StructFu, but that requires some doc work
on my part to get that transition in place.

This also adds pello's DNS fuzzer module which makes use of
BitStruct to create sometimes malformed-on-purpose DNS headers.

Tested against 3 different DNS servers, caused one to reboot,
so I'd say it works.
2011-12-06 17:03:36 -06:00
HD Moore cf28713f9a Mark specific modules as incompatible due to use of quad-dot code 2011-12-05 13:07:36 -06:00