jvazquez-r7
157fb5a905
Make title more searchable
2014-04-09 12:08:35 -05:00
jvazquez-r7
58f4a1c085
Usee loop do instead or while true
2014-04-09 11:48:45 -05:00
jvazquez-r7
bc36b9ebd6
Delete server side PoCs as referecences because don\'t apply here
2014-04-09 10:58:59 -05:00
jvazquez-r7
fd90203120
Change some variable names to make code reading easier
2014-04-09 10:56:50 -05:00
jvazquez-r7
e154d175e8
Add @hmoore-r7's heartbeat client side module
2014-04-09 09:38:11 -05:00
HD Moore
749bcf2473
Report fingerprint.match notes, various cleanups
2014-04-02 07:08:23 -07:00
HD Moore
7e227581a7
Rework OS fingerprinting to match Recog changes
...
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.
This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
2014-04-01 08:14:58 -07:00
Tod Beardsley
151e2287b8
OptPath, not OptString.
2014-03-07 10:52:45 -06:00
Tod Beardsley
5cf1f0ce4d
Since dirs are required, server will send/recv
...
This does change some of the meaning of the required-ness of the
directories. Before, if you wanted to serve files, but not receive any,
you would just fail to set a OUTPUTPATH.
Now, since both are required, users are required to both send and
recieve. This seems okay, you can always just set two different
locations and point the one you don't want at /dev/null or something.
2014-03-07 10:49:11 -06:00
Tod Beardsley
37fa4a73a1
Make the path options required and use /tmp
...
Otherwise it's impossible to run this module without setting the options
which were not otherwise validated anyway.
2014-03-07 10:41:18 -06:00
Tod Beardsley
8a0531650c
Allow TFTP server to take a host/port argument
...
Otherwise you will tend to listen on your default ipv6 'any' address and
bound to udp6 port 69, assuming you haven't bothered to disable your
automatically-enabled ipv6 stack.
This is almost never correct.
2014-03-06 16:13:20 -06:00
William Vu
4cc91095de
Fix minor formatting issues
2014-02-25 13:48:37 -06:00
kn0
6783e31c67
Used the builtin send_redirect method in Msf::Exploit::Remote::HttpServer instead of creating a redirect inline
2014-02-24 15:59:49 -06:00
kn0
f1e71b709c
Added 301 Redirect option to Basic Auth module
2014-02-24 14:59:20 -06:00
Tod Beardsley
b8e17c2d8e
Don't use Pcap.lookupaddrs any more
2014-01-01 18:50:15 -06:00
William Vu
ff9cb481fb
Land #2464 , fixes for llmnr_response and friends
...
Fixed conflict in lib/msf/core/exploit/http/server.rb.
2013-12-10 13:41:45 -06:00
Joe Vennix
cd66cca8a1
Make browser autopwn datastore use OptRegexp.
2013-12-08 17:46:33 -06:00
Tod Beardsley
b5f26455a3
Land #2545 , javascript library overhaul
2013-10-23 16:12:49 -05:00
sinn3r
afcce8a511
Merge osdetect and addonsdetect
2013-10-22 01:11:11 -05:00
sinn3r
9a3e719233
Rework the naming style
2013-10-21 20:16:37 -05:00
sinn3r
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
Tod Beardsley
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
Tod Beardsley
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
Tod Beardsley
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
James Lee
541833e2cc
Convert llmnr_response to use Net::DNS
...
* Allows responding to AAAA requests in addition to the existing A
support
* Prevents problems when recvfrom returns a mapped address like
"::ffff:192.0.2.1"
Also:
* Fix a few typos
* capture: Don't shadow a method name (arp) with a local variable
* capture: Handle the case where our UDP send hits an ENETUNREACH
2013-10-04 12:35:30 -05:00
James Lee
8b8422172f
Clean up tabs, warnings, modified datastore
2013-10-04 12:20:18 -05:00
James Lee
c9cebfb3f0
Serve wpad.dat and proxy.pac in the same server
2013-10-04 12:00:53 -05:00
Meatballs
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
James Lee
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
sinn3r
cae30bec23
Clean up all the whitespace found
2013-04-23 18:27:11 -05:00
Tod Beardsley
011b6899b0
Merge 'neinwechter/browser_autopwn-updates'
...
Brings in neinwechter's BAP fixes. Seems to not only be a more sane
strategy, but in practice, ends up with tons more shells for at least
MSIE which is what most people are using it for anyway.
[Closes #1612 ]
2013-03-20 15:26:09 -05:00
James Lee
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
David Maloney
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
Tod Beardsley
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
James Lee
5b3b0a8b6d
Merge branch 'dmaloney-r7-http/auth_methods' into rapid7
2013-02-08 12:45:35 -06:00
HD Moore
77390a5935
Fix a bug reported by Tom Liston
2013-02-06 23:34:55 -06:00
David Maloney
2c3de43f4b
datastore opts cleanup
...
cleanuo digestauth datastore options in modules
2013-02-04 12:10:44 -06:00
sinn3r
2776047553
Merge branch 'smb_cap' of github.com:Meatballs1/metasploit-framework into Meatballs1-smb_cap
2013-01-09 16:09:35 -06:00
Meatballs
4cadffc06a
msftidy
2013-01-09 10:37:40 +00:00
Meatballs
46139849a9
Move to .empty? over length
2013-01-09 10:36:06 +00:00
Meatballs
a8400030f8
Also correct outut of hash when length is 0
2013-01-09 10:26:57 +00:00
Meatballs
d36fcd5441
Fix smb capture error
2013-01-09 09:50:21 +00:00
Tod Beardsley
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Christian Mehlmauer
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
Christian Mehlmauer
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
Tod Beardsley
c2586d0907
Instead of raising, offer advice on BPF filtering
...
Many people don't know how to disable ICMP echo responses off the top of
their head. However, the problem is solvable with a decent BPF filter.
2012-12-27 15:18:18 -06:00
Tod Beardsley
c6533621a0
Oops removing debug prints
2012-12-27 14:58:52 -06:00
Tod Beardsley
c695f429d5
Mirror upstream PacketFu fix on ICMP size
2012-12-27 14:56:49 -06:00
Tod Beardsley
121353b360
Fixing EOLs to unix
...
In vim:
:set fileformat=unix
:wq
ta-da
2012-12-27 13:54:50 -06:00
Tod Beardsley
9fa6c9f4c4
Merge remote branch 'ChrisJohnRiley/icmp_exfil' into icmp_exfil
2012-12-27 13:52:19 -06:00
Rob Fuller
20ea56e4b9
fixed type @wchen-r7 found
...
hopefully didn't miss any others
2012-12-11 15:29:53 -05:00
Rob Fuller
717799cffd
fix typos
...
negotiate spelled wrong in a couple spots
and only 3 g's in loggging
2012-12-11 15:00:21 -05:00
Chris John Riley
46f3b8f47d
Minor changes to get Travis to rerun (The Travis build failed)
2012-11-22 16:00:38 +01:00
Chris John Riley
8c60035a2d
Renamed functions to meet coding standards
...
Added client-side tool suggestion in description and references
(newlines in the description might help readability, if this is possible?)
Added some minor logic change to stop empty filenames
2012-11-20 18:48:18 +01:00
Chris John Riley
5667cffb77
Fixed typos
2012-11-20 09:06:15 +01:00
Chris John Riley
430227a460
msftidy cleanup
2012-11-19 16:04:35 +01:00
Chris John Riley
082bba3342
Rewrite
...
Removed unrequired global vars
Added flexibility in start, continue, end responses
Added ability to set filename in BOF packet or not
Fixed BEGIN RESCUE blocks to not catch errors themselves
BEGIN ENSURE block still needed to trigger save to loot on CTRL+C
2012-11-19 16:02:53 +01:00
Chris John Riley
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
Michael Schierl
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
sinn3r
201518b66f
msftidy corrections
2012-10-17 17:22:26 -05:00
jvazquez-r7
51e70c44e3
fix error message after cleanup
2012-10-03 18:44:33 +02:00
jvazquez-r7
0755cbe411
cleanup: clear strings, delete unused variables, author email foramt, use of unpack
2012-10-03 18:28:03 +02:00
Dhiru Kholia
a0422fe500
Make failing username dynamic
2012-10-03 19:17:32 +05:30
Dhiru Kholia
e33da009ea
add PostgreSQL password capturing module
2012-10-02 15:16:37 +05:30
Tod Beardsley
2ca134a2c3
Merge branch 'printjob_capture'
...
This lands #811 , and also brings in my changes from
ChrisJohnRiley/metasploit-framework#2
Thanks Chris!
2012-10-01 15:55:14 -05:00
Tod Beardsley
1e4f8591fd
Sneaking in an author credit
2012-10-01 11:42:56 -05:00
Tod Beardsley
c0bc764fd4
Retabbing for tabs, not spaces
...
I'm not a fan of the tabs either, any more. But, until we switch over
for real, let's stick with the project's whitespace conventions?
2012-10-01 11:26:58 -05:00
Tod Beardsley
802924d67a
Getting rid of continuation slashes. Plz don't.
...
Continuation slashes are the devil when it comes to reading Ruby,
especially if you're reading something like:
def hello
puts "Hello world!" \
if true
end
This looks like a syntax error and hurts my eyeballs.
Please avoid this convention in the future.
2012-10-01 11:23:06 -05:00
Tod Beardsley
489c9b701e
Whitespace
2012-09-28 12:47:15 -05:00
Tod Beardsley
1b2240d9bd
Commenting about IPP
2012-09-28 12:38:36 -05:00
Tod Beardsley
a15a2b522c
Removing IPP as a selectable mode
2012-09-28 12:38:17 -05:00
Tod Beardsley
6944aab46c
Removing Id SVN splat
2012-09-28 12:37:00 -05:00
Tod Beardsley
db4b19a2df
Adding Juan's fix for peerhost
2012-09-28 10:26:35 -05:00
David Maloney
aa8a713a30
Fix added datastore item in BAP
2012-09-26 11:55:12 -05:00
scriptjunkie
0158312615
Java meterpreter can run scripts too!
2012-09-22 16:49:16 -05:00
Chris John Riley
ce441e95a6
Corrected typo, missing \ and minor regex match
2012-09-21 22:04:19 +03:00
Chris John Riley
9753494cba
Corrected regex scan vs. match issues
...
Altered PS and PCL to elsif to avoid
double detection of printjobs.
2012-09-21 13:20:14 +02:00
Chris John Riley
f7aaae614e
Reduced instances of #{name} to client
...
connections and disconnections. All other
output should be self explanatory and
doesn't need #{name}
2012-09-21 11:08:47 +02:00
Chris John Riley
78f77a3df2
Replaced if @verbose with vprint_status
...
Corrected bug in non-detected print types
2012-09-21 10:59:39 +02:00
jvazquez-r7
0032713198
description modified
2012-09-21 10:09:42 +02:00
jvazquez-r7
f6baf7fe34
Merge branch 'MySQL-JtR' of https://github.com/halfie/metasploit-framework into halfie-MySQL-JtR
2012-09-21 10:08:34 +02:00
David Maloney
7fcc34766a
Added datastore items to BAP handlers
...
Added two datastore items to handlers created by BAP
2012-09-20 15:21:08 -05:00
Chris John Riley
3d254b69fd
Applied all requirements from pull/715
...
Reworked PCL regex to match PCL 6/XL
msftidy is still complaining about
an indent. Can't find why however!
New PULL created as per request from
jvazquez-r7
2012-09-20 18:04:36 +02:00
Dhiru Kholia
17f7e94f4d
Add support for dumping MySQL challenge-response pairs in JtR format
2012-09-20 13:54:12 +05:30
Rob Fuller
d0558218ee
Add non-authed OPTION response to support WebDAV
2012-08-23 15:11:10 -04:00
Tod Beardsley
8d187b272d
Some error handling on ntlm relayer
...
Instead of a cryptic exception, let the user know if the HTTP target
isn't actually asking for WWW-Authenticate.
There are likely many more opportunities to catch errors, but this is
the most obvious.
2012-08-21 16:13:00 -05:00
Tod Beardsley
635710402b
Removing bullet points from module description
...
Due to the vagaries of various Metasploit module description viewers, we
can't guarantee things like lists and bullet points render right.
Descriptions should avoid using these things.
2012-08-21 16:00:04 -05:00
Tod Beardsley
b457289e01
Merge remote branch 'webstersprodigy/module-http-ntlmrelay'
2012-08-21 15:28:50 -05:00
webstersprodigy
65b29d149f
Update to use OptEnum for RTYPE
2012-08-20 22:45:20 -04:00
sinn3r
8d4b4fc7be
Some more changes before pushing to master
2012-08-20 15:43:39 -05:00
saint patrick
e6bda752ee
cleaned up and using HttpServer for handling requests and sending 401
2012-08-20 15:23:49 -05:00
saint patrick
10698e2f99
Updating HTTP Basic capture mod with edits based on MSF team suggestions
2012-08-19 19:47:01 -05:00
saint patrick
de380cfb46
Adding aux mod for HTTP Basic Auth capture
2012-08-19 01:51:01 -05:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
webstersprodigy
3c7ad96b45
Changing a string concat from + to <<
2012-07-22 20:28:17 -04:00
webstersprodigy
6bb31280fb
Took/tested all egypt's comments, other than the Actions one
2012-07-22 20:02:12 -04:00
sinn3r
33ee6ee699
Merge branch 'sip-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-sip-capture
2012-07-22 03:36:13 -05:00
Patrik Karlsson
08f0f693b0
change sname in report_auth_info from sip_challenge to sip_client
2012-07-20 19:48:15 +02:00
Patrik Karlsson
5dc985c911
fix msftidy WARNING
2012-07-20 17:15:06 +02:00