infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,265 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

3265 Commits (a70e982369dd96e3579ee49f39922e68f9db4866)

Author SHA1 Message Date
HD Moore 093e605d0d Import the Reflective DLL Injection skeleton project 
git-svn-id: file:///home/svn/framework3/trunk@5843 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-05 06:12:49 +00:00
kris 8014dd4dd4 Correct paths in README 
git-svn-id: file:///home/svn/framework3/trunk@5842 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-05 00:38:22 +00:00
HD Moore 0881649f14 The psexec and smb_relay module now automatically cleanup. The ms08-06 module now supports all languages of XP SP3. 
git-svn-id: file:///home/svn/framework3/trunk@5841 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 22:27:59 +00:00
HD Moore d573c31be9 Remove the output directory from svn 
git-svn-id: file:///home/svn/framework3/trunk@5840 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 20:10:11 +00:00
HD Moore 38980c079e Remove the output directory from svn 
git-svn-id: file:///home/svn/framework3/trunk@5839 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 20:09:38 +00:00
HD Moore 95f48966ed Add the msfcli exe 
git-svn-id: file:///home/svn/framework3/trunk@5838 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 20:09:16 +00:00
HD Moore 187f79eddf Switch the DLLs for vnc/meterp to Stephen Fewer's reflective versions, check in the reflectve_meterpreter source code project 
git-svn-id: file:///home/svn/framework3/trunk@5837 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 20:08:24 +00:00
HD Moore 68b9a2a421 Adds a new submitted fingerprint for Czech 
git-svn-id: file:///home/svn/framework3/trunk@5836 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 07:13:48 +00:00
James Lee c46eb3c628 remove useless reference to args[0] 
git-svn-id: file:///home/svn/framework3/trunk@5835 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 06:57:26 +00:00
James Lee 0193cd5219 fix session vs client variable problems with meterpreter AutoRunScript and make usage actually reflect what the code does 
git-svn-id: file:///home/svn/framework3/trunk@5834 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 06:40:12 +00:00
kris 8bb6ffe64a Update ruby-lorcon path in wifun description 
git-svn-id: file:///home/svn/framework3/trunk@5833 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 05:55:14 +00:00
HD Moore 8ee55fb53c Embed the revision of the smb mixin 
git-svn-id: file:///home/svn/framework3/trunk@5832 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 04:24:11 +00:00
kris 1026957da1 Remove eton() definitions from aux modules since it's in the Lorcon mixin 
git-svn-id: file:///home/svn/framework3/trunk@5831 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 03:03:22 +00:00
kris 55bb15d695 Adding file2air aux wireless module which lets you write frames from binary 
files to the air after optionally changing the addresses.

This module looks at ToDS and FromDS when replacing the addresses, which isn't
done in the original.



git-svn-id: file:///home/svn/framework3/trunk@5830 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-04 02:34:57 +00:00
HD Moore b53695f7db The psexec module now uses a service-compatible exe, shellcode is spawned in a subprocess and the service cleans up properly 
git-svn-id: file:///home/svn/framework3/trunk@5829 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-03 23:06:37 +00:00
HD Moore e02f740277 Handle multiple sessions by default 
git-svn-id: file:///home/svn/framework3/trunk@5828 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-03 21:08:46 +00:00
HD Moore 133d7ce658 Adds an automatic default target to ms08-067, autodetects OS, SP, and language now. 
git-svn-id: file:///home/svn/framework3/trunk@5827 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-03 20:37:51 +00:00
HD Moore be30436058 Better SP2/SP3 check method from Rhys Kidd, Danish fingerprint from MaXe <security[at]intern0t.net> 
git-svn-id: file:///home/svn/framework3/trunk@5826 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-03 17:24:49 +00:00
HD Moore 4b30f3ef1a Update the check() comments to reflect new information >:( 
git-svn-id: file:///home/svn/framework3/trunk@5825 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-03 15:29:51 +00:00
Mario Ceballos 97b2adcc46 added the connect()/smb_login() 
git-svn-id: file:///home/svn/framework3/trunk@5824 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-03 13:14:06 +00:00
HD Moore f1789fc1b2 Adds the check() method and scanner module to ms08-067, massively upgrades the smb/version scanner, with better SP detection and remote language pack detection. 
git-svn-id: file:///home/svn/framework3/trunk@5823 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-03 09:17:08 +00:00
HD Moore d9ffc23128 Adds 0x40 to the badchars list, fixes a weird issue, found by Ramon 
git-svn-id: file:///home/svn/framework3/trunk@5822 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-02 02:35:57 +00:00
et 107d3eef05 Added new directory list by Corey Lebleu 
git-svn-id: file:///home/svn/framework3/trunk@5821 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-01 02:40:46 +00:00
HD Moore 4f45818a0f The prefix change makes ms08-067 more reliable vs windows 2000 
git-svn-id: file:///home/svn/framework3/trunk@5820 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 21:10:45 +00:00
kris c52f889082 Report hosts as alive through db_tracker and the db Nmap and Nessus commands 
git-svn-id: file:///home/svn/framework3/trunk@5819 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 18:39:53 +00:00
HD Moore de6c726e0a New french targets from Antoine 
git-svn-id: file:///home/svn/framework3/trunk@5818 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 15:34:17 +00:00
HD Moore c5ad82fb68 Add SP2 German 
git-svn-id: file:///home/svn/framework3/trunk@5817 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 14:15:16 +00:00
HD Moore d366e8342a Spanish target is SP3 not SP2 
git-svn-id: file:///home/svn/framework3/trunk@5816 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 14:07:58 +00:00
Ramon de C Valle 7427d913c0 Added targets for Portuguese (Brazil) (NX) SP2/SP3 to ms08_067_netapi.rb 
git-svn-id: file:///home/svn/framework3/trunk@5815 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 11:45:52 +00:00
HD Moore 571d577bbd Adds Windows XP SP0/SP1 targets for English 
git-svn-id: file:///home/svn/framework3/trunk@5814 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 06:12:49 +00:00
HD Moore e784bcd515 Adds Windows 2003 SP1 (NO NX and NX(is this needed)). 
git-svn-id: file:///home/svn/framework3/trunk@5813 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 05:55:57 +00:00
HD Moore 7fcf5b3dc2 Lots of new targets merged in for MS08-067 including Brett Moore's 2003 SP2 DEP bypass 
git-svn-id: file:///home/svn/framework3/trunk@5812 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-31 05:16:02 +00:00
HD Moore 08d296240a Add the license to the actual .[ch] files and remove the inaccurate readme 
git-svn-id: file:///home/svn/framework3/trunk@5811 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 22:30:32 +00:00
HD Moore 675e03c272 Clarify the licensing between reflective and vnc 
git-svn-id: file:///home/svn/framework3/trunk@5810 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 22:22:58 +00:00
HD Moore ac70cc88eb Remove the giant program database 
git-svn-id: file:///home/svn/framework3/trunk@5809 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 22:21:46 +00:00
HD Moore 345837485f Remove the Release object directory 
git-svn-id: file:///home/svn/framework3/trunk@5808 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 22:21:01 +00:00
HD Moore 835ce24792 Add the modified VNC DLL from Stephen Fewer 
git-svn-id: file:///home/svn/framework3/trunk@5807 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 22:20:37 +00:00
HD Moore 56a413d803 Reflective DLL injection payloads from Stephen Fewer 
git-svn-id: file:///home/svn/framework3/trunk@5806 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 22:17:32 +00:00
HD Moore dfbc35da3c Patch for ms08-067 from antoine, fixes braindead bug on my part, should increase reliability 
git-svn-id: file:///home/svn/framework3/trunk@5805 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 17:21:07 +00:00
HD Moore a4d53893ac Improvements to opty2 from vlad902: 
1) Fixed a minor bug, sometimes Opty2 would generate C1 /6 instructions which most processors will execute but which are not technically valid (they would exist for SAL but SAL is an alias for SHL so it is defined as C1 /4).
 2) I changed the 0x90 nop instruction so that it is no longer considered that 0x90 changes the eax register.
3) Removed o16/0x66 prepend byte from 0x0f, this is currently unused anyways but might prevent some poor person from debugging it in the future.
 4) Previously short jumps would only make positive jumps, I added the capability for them to make a "-1" jump which would basically just start executing at the offset byte. For example it could generate something like EB FF XX YY ... where EB FF jumps to FF XX YY ...
 5) I added support for the instructions mov reg, segreg (8C), mov reg, imm8/imm32 (C6/C7), and lea reg, mem (8D). I implemented LEA so that it only allows memory references to be in ModR/M form and not be in SIB form (I don't think it's possible to allow SIB in the way Opty2 works at the moment).
 



git-svn-id: file:///home/svn/framework3/trunk@5804 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 07:30:52 +00:00
HD Moore e9d133e9aa Remove the while(true) which snuck into this module 
git-svn-id: file:///home/svn/framework3/trunk@5803 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 07:21:53 +00:00
kris 330bd2ef5b Update some of my aux modules that require a successful login to not continue 
running without it


git-svn-id: file:///home/svn/framework3/trunk@5802 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-30 00:52:38 +00:00
kris 4740e6e452 Adding DoS aux module for the Victory FTP Server v5.0 
git-svn-id: file:///home/svn/framework3/trunk@5801 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-29 21:57:31 +00:00
kris 3c4aec43d5 Adding DoS aux module for the PacketTrap TFTP server 
git-svn-id: file:///home/svn/framework3/trunk@5800 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-29 17:28:34 +00:00
kris 025b7410a0 Remove spurious ] from db_services output for consistency with other db output 
git-svn-id: file:///home/svn/framework3/trunk@5799 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-29 13:10:22 +00:00
HD Moore f9f6c8d3e6 Adds an initial exploit for MS08-067, support for XP SP2/SP3 DEP, 2003 SP0/SP2 no-DEP. 
git-svn-id: file:///home/svn/framework3/trunk@5798 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-28 07:35:17 +00:00
kris aec269616a Ignore EACCES from connect in TCP portscanner aux module. This can be caused 
by (at least) ICMPv6 Administratively Prohibited messages, on at least Linux.
I got these by scanning ports 21-23 on ipv6.google.com, for example.



git-svn-id: file:///home/svn/framework3/trunk@5797 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-28 02:55:10 +00:00
kris 71885912b8 Allow more flexible (Nmap-esque) port specifications in TCP portscan aux module, 
so things like "21-25,80,443", "1024-" and "-" behave like you expect.  This
replaces the PORTSTART and PORTSTOP options with a single PORTS option.



git-svn-id: file:///home/svn/framework3/trunk@5796 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-27 23:33:34 +00:00
kris 3e8c5ecebc Fix db_add_host (undefined variable) 
git-svn-id: file:///home/svn/framework3/trunk@5795 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-27 22:47:09 +00:00
kris 9d565f9a51 Fix CERT ref numbers in bailiwicked DNS aux modules 
git-svn-id: file:///home/svn/framework3/trunk@5794 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-27 22:26:48 +00:00